use of org.craftercms.studio.api.v1.exception.security.UserNotFoundException in project studio by craftercms.
the class GitContentRepository method getPublishingHistory.
@Override
public List<PublishingHistoryItem> getPublishingHistory(String siteId, String environment, String pathRegex, String publisher, ZonedDateTime fromDate, ZonedDateTime toDate, int limit) {
List<PublishingHistoryItem> toRet = new ArrayList<PublishingHistoryItem>();
try {
GitRepositoryHelper helper = GitRepositoryHelper.getHelper(studioConfiguration, securityService, userServiceInternal, encryptor, generalLockService, retryingRepositoryOperationFacade);
Repository publishedRepo = helper.getRepository(siteId, PUBLISHED);
if (publishedRepo != null) {
int counter = 0;
try (Git git = new Git(publishedRepo)) {
// List all environments
List<Ref> environments = git.branchList().call();
for (int i = 0; i < environments.size() && counter < limit; i++) {
Ref env = environments.get(i);
String environmentGit = env.getName();
environmentGit = environmentGit.replace(R_HEADS, "");
if ((StringUtils.isBlank(environment) && !StringUtils.equals(MASTER, environmentGit)) || StringUtils.equals(environment, environmentGit)) {
List<RevFilter> filters = new ArrayList<RevFilter>();
if (fromDate != null) {
filters.add(CommitTimeRevFilter.after(fromDate.toInstant().toEpochMilli()));
}
if (toDate != null) {
filters.add(CommitTimeRevFilter.before(toDate.toInstant().toEpochMilli()));
} else {
filters.add(CommitTimeRevFilter.before(ZonedDateTime.now().toInstant().toEpochMilli()));
}
filters.add(NotRevFilter.create(MessageRevFilter.create("Initial commit.")));
if (StringUtils.isNotEmpty(publisher)) {
User user = userServiceInternal.getUserByIdOrUsername(-1, publisher);
filters.add(AuthorRevFilter.create(helper.getAuthorIdent(user).getName()));
}
Iterable<RevCommit> branchLog = git.log().add(env.getObjectId()).setRevFilter(AndRevFilter.create(filters)).call();
Iterator<RevCommit> iterator = branchLog.iterator();
while (iterator.hasNext() && counter < limit) {
RevCommit revCommit = iterator.next();
List<String> files = helper.getFilesInCommit(publishedRepo, revCommit);
for (int j = 0; j < files.size() && counter < limit; j++) {
String file = files.get(j);
Path path = Paths.get(file);
String fileName = path.getFileName().toString();
if (!ArrayUtils.contains(IGNORE_FILES, fileName)) {
boolean addFile = false;
if (StringUtils.isNotEmpty(pathRegex)) {
Pattern pattern = Pattern.compile(pathRegex);
Matcher matcher = pattern.matcher(file);
addFile = matcher.matches();
} else {
addFile = true;
}
if (addFile) {
PublishingHistoryItem phi = new PublishingHistoryItem();
phi.setSiteId(siteId);
phi.setPath(file);
phi.setPublishedDate(Instant.ofEpochSecond(revCommit.getCommitTime()).atZone(UTC));
phi.setPublisher(revCommit.getAuthorIdent().getName());
phi.setEnvironment(environmentGit.replace(R_HEADS, ""));
toRet.add(phi);
counter++;
}
}
}
}
}
}
git.close();
toRet.sort((o1, o2) -> o2.getPublishedDate().compareTo(o1.getPublishedDate()));
} catch (IOException | GitAPIException | UserNotFoundException | ServiceLayerException e1) {
logger.error("Error while getting deployment history for site " + siteId, e1);
}
}
} catch (CryptoException e) {
e.printStackTrace();
}
return toRet;
}
use of org.craftercms.studio.api.v1.exception.security.UserNotFoundException in project studio by craftercms.
the class StudioUserAPIAccessDecisionVoter method vote.
@Override
public int vote(Authentication authentication, Object o, Collection collection) {
int toRet = ACCESS_ABSTAIN;
String requestUri = "";
if (o instanceof FilterInvocation) {
FilterInvocation filterInvocation = (FilterInvocation) o;
HttpServletRequest request = filterInvocation.getRequest();
requestUri = request.getRequestURI().replace(request.getContextPath(), "");
String userParam = request.getParameter("username");
String siteParam = request.getParameter("site_id");
if (StringUtils.isEmpty(userParam) && StringUtils.equalsIgnoreCase(request.getMethod(), HttpMethod.POST.name()) && !ServletFileUpload.isMultipartContent(request)) {
try {
InputStream is = request.getInputStream();
is.mark(0);
String jsonString = IOUtils.toString(is);
if (StringUtils.isNoneEmpty(jsonString)) {
JSONObject jsonObject = JSONObject.fromObject(jsonString);
if (jsonObject.has("username")) {
userParam = jsonObject.getString("username");
}
if (jsonObject.has("site_id")) {
siteParam = jsonObject.getString("site_id");
}
}
is.reset();
} catch (IOException | JSONException e) {
// TODO: ??
logger.debug("Failed to extract username from POST request");
}
}
User currentUser = null;
try {
String username = authentication.getPrincipal().toString();
currentUser = userServiceInternal.getUserByIdOrUsername(-1, username);
} catch (ClassCastException | UserNotFoundException | ServiceLayerException e) {
// anonymous user
if (!authentication.getPrincipal().toString().equals("anonymousUser")) {
logger.info("Error getting current user", e);
return ACCESS_ABSTAIN;
}
}
switch(requestUri) {
case FORGOT_PASSWORD:
case LOGIN:
case LOGOUT:
case SET_PASSWORD:
case VALIDATE_TOKEN:
toRet = ACCESS_GRANTED;
break;
case CHANGE_PASSWORD:
if (currentUser != null && isSelf(currentUser, userParam)) {
toRet = ACCESS_GRANTED;
} else {
toRet = ACCESS_DENIED;
}
break;
case CREATE:
case DELETE:
case DISABLE:
case ENABLE:
case RESET_PASSWORD:
case STATUS:
if (currentUser != null && isAdmin(currentUser)) {
toRet = ACCESS_GRANTED;
} else {
toRet = ACCESS_DENIED;
}
break;
case GET_ALL:
if (currentUser != null) {
toRet = ACCESS_GRANTED;
} else {
toRet = ACCESS_DENIED;
}
break;
case GET:
if (currentUser != null && (isAdmin(currentUser) || isSelf(currentUser, userParam) || isSiteMember(currentUser, userParam))) {
toRet = ACCESS_GRANTED;
} else {
toRet = ACCESS_DENIED;
}
break;
case GET_PER_SITE:
if (currentUser != null && (isAdmin(currentUser) || isSiteMember(currentUser, userParam))) {
toRet = ACCESS_GRANTED;
} else {
toRet = ACCESS_DENIED;
}
break;
case UPDATE:
if (currentUser != null && (isAdmin(currentUser) || isSelf(currentUser, userParam))) {
toRet = ACCESS_GRANTED;
} else {
toRet = ACCESS_DENIED;
}
break;
default:
toRet = ACCESS_ABSTAIN;
break;
}
}
logger.debug("Request: " + requestUri + " - Access: " + toRet);
return toRet;
}
use of org.craftercms.studio.api.v1.exception.security.UserNotFoundException in project studio by craftercms.
the class StudioWorkflowAPIAccessDecisionVoter method vote.
@Override
public int vote(Authentication authentication, Object o, Collection collection) {
int toRet = ACCESS_ABSTAIN;
String requestUri = "";
if (o instanceof FilterInvocation) {
FilterInvocation filterInvocation = (FilterInvocation) o;
HttpServletRequest request = filterInvocation.getRequest();
requestUri = request.getRequestURI().replace(request.getContextPath(), "");
if (URIS_TO_VOTE.contains(requestUri)) {
String userParam = request.getParameter("username");
String siteParam = request.getParameter("site_id");
List<String> paths = new ArrayList<String>();
if (StringUtils.isEmpty(siteParam)) {
siteParam = request.getParameter("site");
}
if (StringUtils.isEmpty(userParam) && StringUtils.equalsIgnoreCase(request.getMethod(), HttpMethod.POST.name()) && !ServletFileUpload.isMultipartContent(request)) {
try {
InputStream is = request.getInputStream();
is.mark(0);
String jsonString = IOUtils.toString(is);
if (StringUtils.isNoneEmpty(jsonString)) {
JSONObject jsonObject = JSONObject.fromObject(jsonString);
if (jsonObject.has("username")) {
userParam = jsonObject.getString("username");
}
if (jsonObject.has("site")) {
siteParam = jsonObject.getString("site");
}
if (jsonObject.has("site_id")) {
siteParam = jsonObject.getString("site_id");
}
if (jsonObject.has("items")) {
JSONArray jsonArray = jsonObject.getJSONArray("items");
for (int i = 0; i < jsonArray.size(); i++) {
paths.add(jsonArray.optString(i));
}
}
}
is.reset();
} catch (IOException | JSONException e) {
logger.debug("Failed to extract username from POST request");
}
}
User currentUser = null;
try {
String username = authentication.getPrincipal().toString();
currentUser = userServiceInternal.getUserByIdOrUsername(-1, username);
} catch (ClassCastException | UserNotFoundException | ServiceLayerException e) {
// anonymous user
if (!authentication.getPrincipal().toString().equals("anonymousUser")) {
logger.info("Error getting current user", e);
return ACCESS_DENIED;
}
}
switch(requestUri) {
case GO_LIVE:
if (siteService.exists(siteParam)) {
for (String path : paths) {
if (currentUser != null && isSiteMember(siteParam, currentUser) && hasPermission(siteParam, path, currentUser.getUsername(), PUBLISH_PERMISSION)) {
toRet = ACCESS_GRANTED;
} else {
toRet = ACCESS_DENIED;
break;
}
}
}
break;
case REJECT:
if (siteService.exists(siteParam)) {
for (String path : paths) {
if (currentUser != null && isSiteMember(siteParam, currentUser) && hasAnyPermission(siteParam, path, currentUser.getUsername(), REJECT_PERMISSIONS)) {
toRet = ACCESS_GRANTED;
} else {
toRet = ACCESS_DENIED;
break;
}
}
} else {
toRet = ACCESS_ABSTAIN;
}
break;
case GO_DELETE:
if (siteService.exists(siteParam)) {
for (String path : paths) {
if (currentUser != null && isSiteMember(siteParam, currentUser) && hasAnyPermission(siteParam, path, currentUser.getUsername(), DELETE_PERMISSIONS)) {
toRet = ACCESS_GRANTED;
} else {
toRet = ACCESS_DENIED;
break;
}
}
} else {
toRet = ACCESS_ABSTAIN;
}
break;
default:
toRet = ACCESS_ABSTAIN;
break;
}
}
}
logger.debug("Request: " + requestUri + " - Access: " + toRet);
return toRet;
}
use of org.craftercms.studio.api.v1.exception.security.UserNotFoundException in project studio by craftercms.
the class StudioCmisDSAPIAccessDecisionVoter method vote.
@Override
public int vote(Authentication authentication, Object o, Collection collection) {
int toRet = ACCESS_ABSTAIN;
String requestUri = "";
if (o instanceof FilterInvocation) {
FilterInvocation filterInvocation = (FilterInvocation) o;
HttpServletRequest request = filterInvocation.getRequest();
requestUri = request.getRequestURI().replace(request.getContextPath(), "");
String siteParam = request.getParameter("site_id");
User currentUser = null;
try {
String username = authentication.getPrincipal().toString();
currentUser = userServiceInternal.getUserByIdOrUsername(-1, username);
} catch (ClassCastException | UserNotFoundException | ServiceLayerException e) {
// anonymous user
if (!authentication.getPrincipal().toString().equals("anonymousUser")) {
logger.info("Error getting current user", e);
return ACCESS_ABSTAIN;
}
}
switch(requestUri) {
case UPLOAD:
if (currentUser != null) {
toRet = ACCESS_GRANTED;
} else {
toRet = ACCESS_DENIED;
}
break;
case SEARCH:
case LIST:
if (currentUser != null && isSiteMember(siteParam, currentUser)) {
toRet = ACCESS_GRANTED;
} else {
toRet = ACCESS_DENIED;
}
break;
default:
toRet = ACCESS_ABSTAIN;
break;
}
}
logger.debug("Request: " + requestUri + " - Access: " + toRet);
return toRet;
}
use of org.craftercms.studio.api.v1.exception.security.UserNotFoundException in project studio by craftercms.
the class StudioContentAPIAccessDecisionVoter method vote.
@Override
public int vote(Authentication authentication, Object o, Collection collection) {
int toRet = ACCESS_ABSTAIN;
String requestUri = "";
if (o instanceof FilterInvocation) {
FilterInvocation filterInvocation = (FilterInvocation) o;
HttpServletRequest request = filterInvocation.getRequest();
requestUri = request.getRequestURI().replace(request.getContextPath(), "");
if (StringUtils.equals(requestUri, WRITE_CONTENT)) {
String userParam = request.getParameter("username");
String siteParam = request.getParameter("site_id");
if (StringUtils.isEmpty(siteParam)) {
siteParam = request.getParameter("site");
}
String pathParam = request.getParameter("path");
if (StringUtils.isEmpty(userParam) && StringUtils.equalsIgnoreCase(request.getMethod(), HttpMethod.POST.name()) && !ServletFileUpload.isMultipartContent(request)) {
try {
InputStream is = request.getInputStream();
is.mark(0);
String jsonString = IOUtils.toString(is);
if (StringUtils.isNoneEmpty(jsonString)) {
JSONObject jsonObject = JSONObject.fromObject(jsonString);
if (jsonObject.has("username")) {
userParam = jsonObject.getString("username");
}
if (jsonObject.has("site")) {
siteParam = jsonObject.getString("site");
}
if (jsonObject.has("site_id")) {
siteParam = jsonObject.getString("site_id");
}
if (jsonObject.has("path")) {
pathParam = jsonObject.getString("path");
}
}
is.reset();
} catch (IOException | JSONException e) {
logger.debug("Failed to extract username from POST request");
}
}
User currentUser = null;
try {
String username = authentication.getPrincipal().toString();
currentUser = userServiceInternal.getUserByIdOrUsername(-1, username);
} catch (ClassCastException | UserNotFoundException | ServiceLayerException e) {
// anonymous user
if (!authentication.getPrincipal().toString().equals("anonymousUser")) {
logger.info("Error getting current user", e);
return ACCESS_DENIED;
}
}
switch(requestUri) {
case WRITE_CONTENT:
if (siteService.exists(siteParam)) {
if (currentUser != null && isSiteMember(siteParam, currentUser) && hasPermission(siteParam, pathParam, currentUser.getUsername(), WRITE_PERMISSION)) {
toRet = ACCESS_GRANTED;
} else {
toRet = ACCESS_DENIED;
}
} else {
toRet = ACCESS_ABSTAIN;
}
break;
default:
toRet = ACCESS_ABSTAIN;
break;
}
}
}
logger.debug("Request: " + requestUri + " - Access: " + toRet);
return toRet;
}
Aggregations