Search in sources :

Example 11 with UserNotFoundException

use of org.craftercms.studio.api.v1.exception.security.UserNotFoundException in project studio by craftercms.

the class GitContentRepository method getPublishingHistory.

@Override
public List<PublishingHistoryItem> getPublishingHistory(String siteId, String environment, String pathRegex, String publisher, ZonedDateTime fromDate, ZonedDateTime toDate, int limit) {
    List<PublishingHistoryItem> toRet = new ArrayList<PublishingHistoryItem>();
    try {
        GitRepositoryHelper helper = GitRepositoryHelper.getHelper(studioConfiguration, securityService, userServiceInternal, encryptor, generalLockService, retryingRepositoryOperationFacade);
        Repository publishedRepo = helper.getRepository(siteId, PUBLISHED);
        if (publishedRepo != null) {
            int counter = 0;
            try (Git git = new Git(publishedRepo)) {
                // List all environments
                List<Ref> environments = git.branchList().call();
                for (int i = 0; i < environments.size() && counter < limit; i++) {
                    Ref env = environments.get(i);
                    String environmentGit = env.getName();
                    environmentGit = environmentGit.replace(R_HEADS, "");
                    if ((StringUtils.isBlank(environment) && !StringUtils.equals(MASTER, environmentGit)) || StringUtils.equals(environment, environmentGit)) {
                        List<RevFilter> filters = new ArrayList<RevFilter>();
                        if (fromDate != null) {
                            filters.add(CommitTimeRevFilter.after(fromDate.toInstant().toEpochMilli()));
                        }
                        if (toDate != null) {
                            filters.add(CommitTimeRevFilter.before(toDate.toInstant().toEpochMilli()));
                        } else {
                            filters.add(CommitTimeRevFilter.before(ZonedDateTime.now().toInstant().toEpochMilli()));
                        }
                        filters.add(NotRevFilter.create(MessageRevFilter.create("Initial commit.")));
                        if (StringUtils.isNotEmpty(publisher)) {
                            User user = userServiceInternal.getUserByIdOrUsername(-1, publisher);
                            filters.add(AuthorRevFilter.create(helper.getAuthorIdent(user).getName()));
                        }
                        Iterable<RevCommit> branchLog = git.log().add(env.getObjectId()).setRevFilter(AndRevFilter.create(filters)).call();
                        Iterator<RevCommit> iterator = branchLog.iterator();
                        while (iterator.hasNext() && counter < limit) {
                            RevCommit revCommit = iterator.next();
                            List<String> files = helper.getFilesInCommit(publishedRepo, revCommit);
                            for (int j = 0; j < files.size() && counter < limit; j++) {
                                String file = files.get(j);
                                Path path = Paths.get(file);
                                String fileName = path.getFileName().toString();
                                if (!ArrayUtils.contains(IGNORE_FILES, fileName)) {
                                    boolean addFile = false;
                                    if (StringUtils.isNotEmpty(pathRegex)) {
                                        Pattern pattern = Pattern.compile(pathRegex);
                                        Matcher matcher = pattern.matcher(file);
                                        addFile = matcher.matches();
                                    } else {
                                        addFile = true;
                                    }
                                    if (addFile) {
                                        PublishingHistoryItem phi = new PublishingHistoryItem();
                                        phi.setSiteId(siteId);
                                        phi.setPath(file);
                                        phi.setPublishedDate(Instant.ofEpochSecond(revCommit.getCommitTime()).atZone(UTC));
                                        phi.setPublisher(revCommit.getAuthorIdent().getName());
                                        phi.setEnvironment(environmentGit.replace(R_HEADS, ""));
                                        toRet.add(phi);
                                        counter++;
                                    }
                                }
                            }
                        }
                    }
                }
                git.close();
                toRet.sort((o1, o2) -> o2.getPublishedDate().compareTo(o1.getPublishedDate()));
            } catch (IOException | GitAPIException | UserNotFoundException | ServiceLayerException e1) {
                logger.error("Error while getting deployment history for site " + siteId, e1);
            }
        }
    } catch (CryptoException e) {
        e.printStackTrace();
    }
    return toRet;
}
Also used : UserNotFoundException(org.craftercms.studio.api.v1.exception.security.UserNotFoundException) User(org.craftercms.studio.api.v2.dal.User) Matcher(java.util.regex.Matcher) PublishingHistoryItem(org.craftercms.studio.api.v2.dal.PublishingHistoryItem) ArrayList(java.util.ArrayList) GitAPIException(org.eclipse.jgit.api.errors.GitAPIException) CommitTimeRevFilter(org.eclipse.jgit.revwalk.filter.CommitTimeRevFilter) MessageRevFilter(org.eclipse.jgit.revwalk.filter.MessageRevFilter) RevFilter(org.eclipse.jgit.revwalk.filter.RevFilter) AndRevFilter(org.eclipse.jgit.revwalk.filter.AndRevFilter) AuthorRevFilter(org.eclipse.jgit.revwalk.filter.AuthorRevFilter) NotRevFilter(org.eclipse.jgit.revwalk.filter.NotRevFilter) GitRepositoryHelper(org.craftercms.studio.api.v2.utils.GitRepositoryHelper) RevCommit(org.eclipse.jgit.revwalk.RevCommit) Path(java.nio.file.Path) Pattern(java.util.regex.Pattern) ServiceLayerException(org.craftercms.studio.api.v1.exception.ServiceLayerException) IOException(java.io.IOException) RemoteRepository(org.craftercms.studio.api.v2.dal.RemoteRepository) Repository(org.eclipse.jgit.lib.Repository) ContentRepository(org.craftercms.studio.api.v2.repository.ContentRepository) Ref(org.eclipse.jgit.lib.Ref) Git(org.eclipse.jgit.api.Git) CryptoException(org.craftercms.commons.crypto.CryptoException)

Example 12 with UserNotFoundException

use of org.craftercms.studio.api.v1.exception.security.UserNotFoundException in project studio by craftercms.

the class StudioUserAPIAccessDecisionVoter method vote.

@Override
public int vote(Authentication authentication, Object o, Collection collection) {
    int toRet = ACCESS_ABSTAIN;
    String requestUri = "";
    if (o instanceof FilterInvocation) {
        FilterInvocation filterInvocation = (FilterInvocation) o;
        HttpServletRequest request = filterInvocation.getRequest();
        requestUri = request.getRequestURI().replace(request.getContextPath(), "");
        String userParam = request.getParameter("username");
        String siteParam = request.getParameter("site_id");
        if (StringUtils.isEmpty(userParam) && StringUtils.equalsIgnoreCase(request.getMethod(), HttpMethod.POST.name()) && !ServletFileUpload.isMultipartContent(request)) {
            try {
                InputStream is = request.getInputStream();
                is.mark(0);
                String jsonString = IOUtils.toString(is);
                if (StringUtils.isNoneEmpty(jsonString)) {
                    JSONObject jsonObject = JSONObject.fromObject(jsonString);
                    if (jsonObject.has("username")) {
                        userParam = jsonObject.getString("username");
                    }
                    if (jsonObject.has("site_id")) {
                        siteParam = jsonObject.getString("site_id");
                    }
                }
                is.reset();
            } catch (IOException | JSONException e) {
                // TODO: ??
                logger.debug("Failed to extract username from POST request");
            }
        }
        User currentUser = null;
        try {
            String username = authentication.getPrincipal().toString();
            currentUser = userServiceInternal.getUserByIdOrUsername(-1, username);
        } catch (ClassCastException | UserNotFoundException | ServiceLayerException e) {
            // anonymous user
            if (!authentication.getPrincipal().toString().equals("anonymousUser")) {
                logger.info("Error getting current user", e);
                return ACCESS_ABSTAIN;
            }
        }
        switch(requestUri) {
            case FORGOT_PASSWORD:
            case LOGIN:
            case LOGOUT:
            case SET_PASSWORD:
            case VALIDATE_TOKEN:
                toRet = ACCESS_GRANTED;
                break;
            case CHANGE_PASSWORD:
                if (currentUser != null && isSelf(currentUser, userParam)) {
                    toRet = ACCESS_GRANTED;
                } else {
                    toRet = ACCESS_DENIED;
                }
                break;
            case CREATE:
            case DELETE:
            case DISABLE:
            case ENABLE:
            case RESET_PASSWORD:
            case STATUS:
                if (currentUser != null && isAdmin(currentUser)) {
                    toRet = ACCESS_GRANTED;
                } else {
                    toRet = ACCESS_DENIED;
                }
                break;
            case GET_ALL:
                if (currentUser != null) {
                    toRet = ACCESS_GRANTED;
                } else {
                    toRet = ACCESS_DENIED;
                }
                break;
            case GET:
                if (currentUser != null && (isAdmin(currentUser) || isSelf(currentUser, userParam) || isSiteMember(currentUser, userParam))) {
                    toRet = ACCESS_GRANTED;
                } else {
                    toRet = ACCESS_DENIED;
                }
                break;
            case GET_PER_SITE:
                if (currentUser != null && (isAdmin(currentUser) || isSiteMember(currentUser, userParam))) {
                    toRet = ACCESS_GRANTED;
                } else {
                    toRet = ACCESS_DENIED;
                }
                break;
            case UPDATE:
                if (currentUser != null && (isAdmin(currentUser) || isSelf(currentUser, userParam))) {
                    toRet = ACCESS_GRANTED;
                } else {
                    toRet = ACCESS_DENIED;
                }
                break;
            default:
                toRet = ACCESS_ABSTAIN;
                break;
        }
    }
    logger.debug("Request: " + requestUri + " - Access: " + toRet);
    return toRet;
}
Also used : UserNotFoundException(org.craftercms.studio.api.v1.exception.security.UserNotFoundException) User(org.craftercms.studio.api.v2.dal.User) InputStream(java.io.InputStream) JSONException(net.sf.json.JSONException) ServiceLayerException(org.craftercms.studio.api.v1.exception.ServiceLayerException) IOException(java.io.IOException) HttpServletRequest(javax.servlet.http.HttpServletRequest) JSONObject(net.sf.json.JSONObject) FilterInvocation(org.springframework.security.web.FilterInvocation)

Example 13 with UserNotFoundException

use of org.craftercms.studio.api.v1.exception.security.UserNotFoundException in project studio by craftercms.

the class StudioWorkflowAPIAccessDecisionVoter method vote.

@Override
public int vote(Authentication authentication, Object o, Collection collection) {
    int toRet = ACCESS_ABSTAIN;
    String requestUri = "";
    if (o instanceof FilterInvocation) {
        FilterInvocation filterInvocation = (FilterInvocation) o;
        HttpServletRequest request = filterInvocation.getRequest();
        requestUri = request.getRequestURI().replace(request.getContextPath(), "");
        if (URIS_TO_VOTE.contains(requestUri)) {
            String userParam = request.getParameter("username");
            String siteParam = request.getParameter("site_id");
            List<String> paths = new ArrayList<String>();
            if (StringUtils.isEmpty(siteParam)) {
                siteParam = request.getParameter("site");
            }
            if (StringUtils.isEmpty(userParam) && StringUtils.equalsIgnoreCase(request.getMethod(), HttpMethod.POST.name()) && !ServletFileUpload.isMultipartContent(request)) {
                try {
                    InputStream is = request.getInputStream();
                    is.mark(0);
                    String jsonString = IOUtils.toString(is);
                    if (StringUtils.isNoneEmpty(jsonString)) {
                        JSONObject jsonObject = JSONObject.fromObject(jsonString);
                        if (jsonObject.has("username")) {
                            userParam = jsonObject.getString("username");
                        }
                        if (jsonObject.has("site")) {
                            siteParam = jsonObject.getString("site");
                        }
                        if (jsonObject.has("site_id")) {
                            siteParam = jsonObject.getString("site_id");
                        }
                        if (jsonObject.has("items")) {
                            JSONArray jsonArray = jsonObject.getJSONArray("items");
                            for (int i = 0; i < jsonArray.size(); i++) {
                                paths.add(jsonArray.optString(i));
                            }
                        }
                    }
                    is.reset();
                } catch (IOException | JSONException e) {
                    logger.debug("Failed to extract username from POST request");
                }
            }
            User currentUser = null;
            try {
                String username = authentication.getPrincipal().toString();
                currentUser = userServiceInternal.getUserByIdOrUsername(-1, username);
            } catch (ClassCastException | UserNotFoundException | ServiceLayerException e) {
                // anonymous user
                if (!authentication.getPrincipal().toString().equals("anonymousUser")) {
                    logger.info("Error getting current user", e);
                    return ACCESS_DENIED;
                }
            }
            switch(requestUri) {
                case GO_LIVE:
                    if (siteService.exists(siteParam)) {
                        for (String path : paths) {
                            if (currentUser != null && isSiteMember(siteParam, currentUser) && hasPermission(siteParam, path, currentUser.getUsername(), PUBLISH_PERMISSION)) {
                                toRet = ACCESS_GRANTED;
                            } else {
                                toRet = ACCESS_DENIED;
                                break;
                            }
                        }
                    }
                    break;
                case REJECT:
                    if (siteService.exists(siteParam)) {
                        for (String path : paths) {
                            if (currentUser != null && isSiteMember(siteParam, currentUser) && hasAnyPermission(siteParam, path, currentUser.getUsername(), REJECT_PERMISSIONS)) {
                                toRet = ACCESS_GRANTED;
                            } else {
                                toRet = ACCESS_DENIED;
                                break;
                            }
                        }
                    } else {
                        toRet = ACCESS_ABSTAIN;
                    }
                    break;
                case GO_DELETE:
                    if (siteService.exists(siteParam)) {
                        for (String path : paths) {
                            if (currentUser != null && isSiteMember(siteParam, currentUser) && hasAnyPermission(siteParam, path, currentUser.getUsername(), DELETE_PERMISSIONS)) {
                                toRet = ACCESS_GRANTED;
                            } else {
                                toRet = ACCESS_DENIED;
                                break;
                            }
                        }
                    } else {
                        toRet = ACCESS_ABSTAIN;
                    }
                    break;
                default:
                    toRet = ACCESS_ABSTAIN;
                    break;
            }
        }
    }
    logger.debug("Request: " + requestUri + " - Access: " + toRet);
    return toRet;
}
Also used : UserNotFoundException(org.craftercms.studio.api.v1.exception.security.UserNotFoundException) User(org.craftercms.studio.api.v2.dal.User) InputStream(java.io.InputStream) ArrayList(java.util.ArrayList) JSONArray(net.sf.json.JSONArray) JSONException(net.sf.json.JSONException) ServiceLayerException(org.craftercms.studio.api.v1.exception.ServiceLayerException) IOException(java.io.IOException) HttpServletRequest(javax.servlet.http.HttpServletRequest) JSONObject(net.sf.json.JSONObject) FilterInvocation(org.springframework.security.web.FilterInvocation)

Example 14 with UserNotFoundException

use of org.craftercms.studio.api.v1.exception.security.UserNotFoundException in project studio by craftercms.

the class StudioCmisDSAPIAccessDecisionVoter method vote.

@Override
public int vote(Authentication authentication, Object o, Collection collection) {
    int toRet = ACCESS_ABSTAIN;
    String requestUri = "";
    if (o instanceof FilterInvocation) {
        FilterInvocation filterInvocation = (FilterInvocation) o;
        HttpServletRequest request = filterInvocation.getRequest();
        requestUri = request.getRequestURI().replace(request.getContextPath(), "");
        String siteParam = request.getParameter("site_id");
        User currentUser = null;
        try {
            String username = authentication.getPrincipal().toString();
            currentUser = userServiceInternal.getUserByIdOrUsername(-1, username);
        } catch (ClassCastException | UserNotFoundException | ServiceLayerException e) {
            // anonymous user
            if (!authentication.getPrincipal().toString().equals("anonymousUser")) {
                logger.info("Error getting current user", e);
                return ACCESS_ABSTAIN;
            }
        }
        switch(requestUri) {
            case UPLOAD:
                if (currentUser != null) {
                    toRet = ACCESS_GRANTED;
                } else {
                    toRet = ACCESS_DENIED;
                }
                break;
            case SEARCH:
            case LIST:
                if (currentUser != null && isSiteMember(siteParam, currentUser)) {
                    toRet = ACCESS_GRANTED;
                } else {
                    toRet = ACCESS_DENIED;
                }
                break;
            default:
                toRet = ACCESS_ABSTAIN;
                break;
        }
    }
    logger.debug("Request: " + requestUri + " - Access: " + toRet);
    return toRet;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) UserNotFoundException(org.craftercms.studio.api.v1.exception.security.UserNotFoundException) User(org.craftercms.studio.api.v2.dal.User) ServiceLayerException(org.craftercms.studio.api.v1.exception.ServiceLayerException) FilterInvocation(org.springframework.security.web.FilterInvocation)

Example 15 with UserNotFoundException

use of org.craftercms.studio.api.v1.exception.security.UserNotFoundException in project studio by craftercms.

the class StudioContentAPIAccessDecisionVoter method vote.

@Override
public int vote(Authentication authentication, Object o, Collection collection) {
    int toRet = ACCESS_ABSTAIN;
    String requestUri = "";
    if (o instanceof FilterInvocation) {
        FilterInvocation filterInvocation = (FilterInvocation) o;
        HttpServletRequest request = filterInvocation.getRequest();
        requestUri = request.getRequestURI().replace(request.getContextPath(), "");
        if (StringUtils.equals(requestUri, WRITE_CONTENT)) {
            String userParam = request.getParameter("username");
            String siteParam = request.getParameter("site_id");
            if (StringUtils.isEmpty(siteParam)) {
                siteParam = request.getParameter("site");
            }
            String pathParam = request.getParameter("path");
            if (StringUtils.isEmpty(userParam) && StringUtils.equalsIgnoreCase(request.getMethod(), HttpMethod.POST.name()) && !ServletFileUpload.isMultipartContent(request)) {
                try {
                    InputStream is = request.getInputStream();
                    is.mark(0);
                    String jsonString = IOUtils.toString(is);
                    if (StringUtils.isNoneEmpty(jsonString)) {
                        JSONObject jsonObject = JSONObject.fromObject(jsonString);
                        if (jsonObject.has("username")) {
                            userParam = jsonObject.getString("username");
                        }
                        if (jsonObject.has("site")) {
                            siteParam = jsonObject.getString("site");
                        }
                        if (jsonObject.has("site_id")) {
                            siteParam = jsonObject.getString("site_id");
                        }
                        if (jsonObject.has("path")) {
                            pathParam = jsonObject.getString("path");
                        }
                    }
                    is.reset();
                } catch (IOException | JSONException e) {
                    logger.debug("Failed to extract username from POST request");
                }
            }
            User currentUser = null;
            try {
                String username = authentication.getPrincipal().toString();
                currentUser = userServiceInternal.getUserByIdOrUsername(-1, username);
            } catch (ClassCastException | UserNotFoundException | ServiceLayerException e) {
                // anonymous user
                if (!authentication.getPrincipal().toString().equals("anonymousUser")) {
                    logger.info("Error getting current user", e);
                    return ACCESS_DENIED;
                }
            }
            switch(requestUri) {
                case WRITE_CONTENT:
                    if (siteService.exists(siteParam)) {
                        if (currentUser != null && isSiteMember(siteParam, currentUser) && hasPermission(siteParam, pathParam, currentUser.getUsername(), WRITE_PERMISSION)) {
                            toRet = ACCESS_GRANTED;
                        } else {
                            toRet = ACCESS_DENIED;
                        }
                    } else {
                        toRet = ACCESS_ABSTAIN;
                    }
                    break;
                default:
                    toRet = ACCESS_ABSTAIN;
                    break;
            }
        }
    }
    logger.debug("Request: " + requestUri + " - Access: " + toRet);
    return toRet;
}
Also used : UserNotFoundException(org.craftercms.studio.api.v1.exception.security.UserNotFoundException) User(org.craftercms.studio.api.v2.dal.User) InputStream(java.io.InputStream) JSONException(net.sf.json.JSONException) ServiceLayerException(org.craftercms.studio.api.v1.exception.ServiceLayerException) IOException(java.io.IOException) HttpServletRequest(javax.servlet.http.HttpServletRequest) JSONObject(net.sf.json.JSONObject) FilterInvocation(org.springframework.security.web.FilterInvocation)

Aggregations

UserNotFoundException (org.craftercms.studio.api.v1.exception.security.UserNotFoundException)43 ServiceLayerException (org.craftercms.studio.api.v1.exception.ServiceLayerException)40 User (org.craftercms.studio.api.v2.dal.User)32 IOException (java.io.IOException)15 HashMap (java.util.HashMap)15 ArrayList (java.util.ArrayList)11 SiteFeed (org.craftercms.studio.api.v1.dal.SiteFeed)11 UserExternallyManagedException (org.craftercms.studio.api.v1.exception.security.UserExternallyManagedException)11 Group (org.craftercms.studio.api.v2.dal.Group)11 RemoteRepository (org.craftercms.studio.api.v2.dal.RemoteRepository)11 Repository (org.eclipse.jgit.lib.Repository)11 HttpServletRequest (javax.servlet.http.HttpServletRequest)10 UserAlreadyExistsException (org.craftercms.studio.api.v1.exception.security.UserAlreadyExistsException)10 Git (org.eclipse.jgit.api.Git)10 GitAPIException (org.eclipse.jgit.api.errors.GitAPIException)10 AuditLog (org.craftercms.studio.api.v2.dal.AuditLog)9 GitRepositoryHelper (org.craftercms.studio.api.v2.utils.GitRepositoryHelper)9 CryptoException (org.craftercms.commons.crypto.CryptoException)8 ContentRepository (org.craftercms.studio.api.v1.repository.ContentRepository)8 PasswordDoesNotMatchException (org.craftercms.studio.api.v1.exception.security.PasswordDoesNotMatchException)7