Examples with HomeDirectory org.dcache.auth.attributes.HomeDirectory used on opensource projects

Example 6 with HomeDirectory

use of org.dcache.auth.attributes.HomeDirectory in project dcache by dCache.

the class UserResource method getUserAttributes.

@GET
@ApiOperation(value = "Provide information about the current user.", notes = "An introspection endpoint to allow the client to discover " + "information about the current user.")
@Produces(MediaType.APPLICATION_JSON)
public UserAttributes getUserAttributes(@Context HttpServletRequest request) {
    UserAttributes user = new UserAttributes();
    Subject subject = RequestUser.getSubject();
    if (Subjects.isNobody(subject)) {
        user.setStatus(UserAttributes.AuthenticationStatus.ANONYMOUS);
        user.setUid(null);
        user.setGids(null);
        user.setRoles(null);
    } else {
        user.setStatus(UserAttributes.AuthenticationStatus.AUTHENTICATED);
        user.setUid(Subjects.getUid(subject));
        user.setUsername(Subjects.getUserName(subject));
        List<Long> gids = Arrays.stream(Subjects.getGids(subject)).boxed().collect(Collectors.toList());
        user.setGids(gids);
        List<String> emails = Subjects.getEmailAddresses(subject);
        user.setEmail(emails.isEmpty() ? null : emails);
        for (LoginAttribute attribute : getLoginAttributes(request)) {
            if (attribute instanceof HomeDirectory) {
                user.setHomeDirectory(((HomeDirectory) attribute).getHome());
            } else if (attribute instanceof RootDirectory) {
                user.setRootDirectory(((RootDirectory) attribute).getRoot());
            } else if (attribute instanceof Role) {
                if (user.getRoles() == null) {
                    user.setRoles(new ArrayList<>());
                }
                user.getRoles().add(((Role) attribute).getRole());
            } else if (attribute instanceof UnassertedRole) {
                if (user.getUnassertedRoles() == null) {
                    user.setUnassertedRoles(new ArrayList<>());
                }
                user.getUnassertedRoles().add(((UnassertedRole) attribute).getRole());
            }
        }
    }
    return user;
}

Example 7 with HomeDirectory

use of org.dcache.auth.attributes.HomeDirectory in project dcache by dCache.

the class AbstractFtpDoorV1 method acceptLogin.

protected void acceptLogin(Subject mappedSubject, Set<LoginAttribute> loginAttributes, Restriction restriction, FsPath doorRootPath) {
    FsPath userRootPath = FsPath.ROOT;
    String userHomePath = "/";
    for (LoginAttribute attribute : loginAttributes) {
        if (attribute instanceof RootDirectory) {
            userRootPath = FsPath.create(((RootDirectory) attribute).getRoot());
        } else if (attribute instanceof HomeDirectory) {
            userHomePath = ((HomeDirectory) attribute).getHome();
        } else if (attribute instanceof MaxUploadSize) {
            long max = ((MaxUploadSize) attribute).getMaximumSize();
            if (!_maximumUploadSize.isPresent() || max < _maximumUploadSize.getAsLong()) {
                _maximumUploadSize = OptionalLong.of(max);
            }
        }
    }
    _authz = Restrictions.concat(_doorRestriction, restriction);
    String cwd;
    if (doorRootPath == null) {
        doorRootPath = userRootPath;
        cwd = userHomePath;
    } else {
        if (userRootPath.hasPrefix(doorRootPath)) {
            cwd = userRootPath.chroot(userHomePath).stripPrefix(doorRootPath);
        } else {
            cwd = "/";
        }
    }
    _pnfs = _settings.createPnfsHandler(_cellEndpoint);
    _pnfs.setSubject(mappedSubject);
    _pnfs.setRestriction(_authz);
    _listSource = new ListDirectoryHandler(_pnfs);
    _subject = mappedSubject;
    _cwd = cwd;
    _doorRootPath = doorRootPath;
    _userRootPath = userRootPath;
    _userHomePath = FsPath.create(userHomePath);
    _identityResolver = _identityResolverFactory.withSubject(mappedSubject);
}

Example 8 with HomeDirectory

use of org.dcache.auth.attributes.HomeDirectory in project dcache by dCache.

the class CachingLoginStrategyTests method setUp.

@Before
public void setUp() {
    _backEnd = mock(LoginStrategy.class);
    _cache = new CachingLoginStrategy(_backEnd, 1, Long.MAX_VALUE, TimeUnit.MILLISECONDS);
    _subject = new Subject();
    _subject.getPrincipals().add(new UserNamePrincipal("andrew"));
    _reply = new LoginReply();
    _reply.getSubject().getPrincipals().add(new UidPrincipal(1000));
    _reply.getLoginAttributes().add(new HomeDirectory("/home/andrew"));
}

Example 9 with HomeDirectory

use of org.dcache.auth.attributes.HomeDirectory in project dcache by dCache.

the class CachingLoginStrategyTests method testWithTwoQueriesWithDiffSubjectsBothTriggerQuery.

@Test
public void testWithTwoQueriesWithDiffSubjectsBothTriggerQuery() throws CacheException {
    Subject newSubject = new Subject();
    newSubject.getPrincipals().add(new UserNamePrincipal("fred"));
    LoginReply newReply = new LoginReply();
    newReply.getSubject().getPrincipals().add(new UidPrincipal(1010));
    newReply.getLoginAttributes().add(new HomeDirectory("/home/fred"));
    // Prime the cache
    when(_backEnd.login(any(Subject.class))).thenReturn(_reply);
    _cache.login(_subject);
    // Check that a different subject doesn't return the cached reply
    reset(_backEnd);
    when(_backEnd.login(any(Subject.class))).thenReturn(newReply);
    LoginReply reply = _cache.login(newSubject);
    assertThat(reply, is(newReply));
}

Example 10 with HomeDirectory

use of org.dcache.auth.attributes.HomeDirectory in project dcache by dCache.

the class KauthFileLoginStrategy method toLoginAttributes.

private Set<LoginAttribute> toLoginAttributes(UserAuthBase record) {
    Set<LoginAttribute> attributes = new HashSet<>();
    attributes.add(new HomeDirectory(record.Home));
    attributes.add(new RootDirectory(record.Root));
    if (record.ReadOnly) {
        attributes.add(Restrictions.readOnly());
    }
    return attributes;
}