Search in sources :

Example 11 with SearchUser

use of org.graylog.plugins.views.search.permissions.SearchUser in project graylog2-server by Graylog2.

the class SearchDomainTest method loadsSearchIfSearchIsPermittedViaViews.

@Test
public void loadsSearchIfSearchIsPermittedViaViews() {
    final Search search = mockSearchWithOwner("someone else");
    final SearchUser searchUser = mock(SearchUser.class);
    final ViewDTO viewDTO = mock(ViewDTO.class);
    when(viewService.forSearch(anyString())).thenReturn(ImmutableList.of(viewDTO));
    when(searchUser.canReadView(viewDTO)).thenReturn(true);
    final Optional<Search> result = sut.getForUser(search.id(), searchUser);
    assertThat(result).isEqualTo(Optional.of(search));
}
Also used : ViewDTO(org.graylog.plugins.views.search.views.ViewDTO) SearchUser(org.graylog.plugins.views.search.permissions.SearchUser) Test(org.junit.Test)

Example 12 with SearchUser

use of org.graylog.plugins.views.search.permissions.SearchUser in project graylog2-server by Graylog2.

the class SearchExecutorTest method throwsExceptionIfSearchIsNotFound.

@Test
public void throwsExceptionIfSearchIsNotFound() {
    final SearchUser searchUser = mock(SearchUser.class);
    when(searchUser.canReadView(any())).thenReturn(true);
    when(searchUser.canReadStream(any())).thenReturn(true);
    when(searchDomain.getForUser(eq("search1"), eq(searchUser))).thenReturn(Optional.empty());
    assertThatExceptionOfType(NotFoundException.class).isThrownBy(() -> this.searchExecutor.execute("search1", searchUser, ExecutionState.empty())).withMessage("No search found with id <search1>.");
}
Also used : SearchUser(org.graylog.plugins.views.search.permissions.SearchUser) RestResourceBaseTest(org.graylog2.rest.resources.RestResourceBaseTest) Test(org.junit.Test)

Example 13 with SearchUser

use of org.graylog.plugins.views.search.permissions.SearchUser in project graylog2-server by Graylog2.

the class SearchExecutorTest method appliesSearchExecutionState.

@Test
public void appliesSearchExecutionState() {
    final Search search = mockSearch();
    final SearchUser searchUser = mock(SearchUser.class);
    when(searchUser.canReadView(any())).thenReturn(true);
    when(searchUser.canReadStream(any())).thenReturn(true);
    when(searchUser.username()).thenReturn("frank-drebin");
    final SearchJob searchJob = mock(SearchJob.class);
    when(searchJobService.create(search, "frank-drebin")).thenReturn(searchJob);
    when(searchJob.getResultFuture()).thenReturn(CompletableFuture.completedFuture(null));
    when(queryEngine.execute(searchJob)).thenReturn(searchJob);
    when(searchDomain.getForUser(eq("search1"), eq(searchUser))).thenReturn(Optional.of(search));
    final ExecutionState executionState = ExecutionState.builder().addAdditionalParameter("foo", 42).build();
    this.searchExecutor.execute("search1", searchUser, executionState);
    verify(search, times(1)).applyExecutionState(any(), executionStateCaptor.capture());
    assertThat(executionStateCaptor.getValue()).isEqualTo(executionState);
}
Also used : Search(org.graylog.plugins.views.search.Search) SearchUser(org.graylog.plugins.views.search.permissions.SearchUser) SearchJob(org.graylog.plugins.views.search.SearchJob) RestResourceBaseTest(org.graylog2.rest.resources.RestResourceBaseTest) Test(org.junit.Test)

Example 14 with SearchUser

use of org.graylog.plugins.views.search.permissions.SearchUser in project graylog2-server by Graylog2.

the class ViewsResource method create.

@POST
@ApiOperation("Create a new view")
@AuditEvent(type = ViewsAuditEventTypes.VIEW_CREATE)
public ViewDTO create(@ApiParam @Valid @NotNull(message = "View is mandatory") ViewDTO dto, @Context UserContext userContext, @Context SearchUser searchUser) throws ValidationException {
    if (dto.type().equals(ViewDTO.Type.DASHBOARD) && !searchUser.canCreateDashboards()) {
        throw new ForbiddenException("User is not allowed to create new dashboards.");
    }
    validateIntegrity(dto, searchUser);
    final User user = userContext.getUser();
    return dbService.saveWithOwner(dto.toBuilder().owner(searchUser.username()).build(), user);
}
Also used : ForbiddenException(javax.ws.rs.ForbiddenException) SearchUser(org.graylog.plugins.views.search.permissions.SearchUser) User(org.graylog2.plugin.database.users.User) POST(javax.ws.rs.POST) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent)

Example 15 with SearchUser

use of org.graylog.plugins.views.search.permissions.SearchUser in project graylog2-server by Graylog2.

the class ViewsResource method validateIntegrity.

private void validateIntegrity(ViewDTO dto, SearchUser searchUser) {
    final Search search = searchDomain.getForUser(dto.searchId(), searchUser).orElseThrow(() -> new BadRequestException("Search " + dto.searchId() + " not available"));
    final Set<String> searchQueries = search.queries().stream().map(Query::id).collect(Collectors.toSet());
    final Set<String> stateQueries = dto.state().keySet();
    if (!searchQueries.containsAll(stateQueries)) {
        final Sets.SetView<String> diff = Sets.difference(searchQueries, stateQueries);
        throw new BadRequestException("Search queries do not correspond to view/state queries, missing query IDs: " + diff);
    }
    final Set<String> searchTypes = search.queries().stream().flatMap(q -> q.searchTypes().stream()).map(SearchType::id).collect(Collectors.toSet());
    final Set<String> stateTypes = dto.state().values().stream().flatMap(v -> v.widgetMapping().values().stream()).flatMap(Collection::stream).collect(Collectors.toSet());
    if (!searchTypes.containsAll(stateTypes)) {
        final Sets.SetView<String> diff = Sets.difference(searchTypes, stateTypes);
        throw new BadRequestException("Search types do not correspond to view/search types, missing searches: " + diff);
    }
    final Set<String> widgetIds = dto.state().values().stream().flatMap(v -> v.widgets().stream()).map(WidgetDTO::id).collect(Collectors.toSet());
    final Set<String> widgetPositions = dto.state().values().stream().flatMap(v -> v.widgetPositions().keySet().stream()).collect(Collectors.toSet());
    if (!widgetPositions.containsAll(widgetIds)) {
        final Sets.SetView<String> diff = Sets.difference(widgetPositions, widgetIds);
        throw new BadRequestException("Widget positions don't correspond to widgets, missing widget possitions: " + diff);
    }
}
Also used : Produces(javax.ws.rs.Produces) ViewsAuditEventTypes(org.graylog.plugins.views.audit.ViewsAuditEventTypes) UserContext(org.graylog.security.UserContext) LoggerFactory(org.slf4j.LoggerFactory) Path(javax.ws.rs.Path) ApiParam(io.swagger.annotations.ApiParam) WidgetDTO(org.graylog.plugins.views.search.views.WidgetDTO) ViewDTO(org.graylog.plugins.views.search.views.ViewDTO) NotEmpty(javax.validation.constraints.NotEmpty) Valid(javax.validation.Valid) ApiOperation(io.swagger.annotations.ApiOperation) PaginatedList(org.graylog2.database.PaginatedList) MediaType(javax.ws.rs.core.MediaType) QueryParam(javax.ws.rs.QueryParam) SearchQueryField(org.graylog2.search.SearchQueryField) Locale(java.util.Locale) Map(java.util.Map) PluginRestResource(org.graylog2.plugin.rest.PluginRestResource) DefaultValue(javax.ws.rs.DefaultValue) BadRequestException(javax.ws.rs.BadRequestException) ENGLISH(java.util.Locale.ENGLISH) DELETE(javax.ws.rs.DELETE) Context(javax.ws.rs.core.Context) ImmutableMap(com.google.common.collect.ImmutableMap) Collection(java.util.Collection) Set(java.util.Set) NotNull(javax.validation.constraints.NotNull) Collectors(java.util.stream.Collectors) Sets(com.google.common.collect.Sets) NotFoundException(javax.ws.rs.NotFoundException) ClusterEventBus(org.graylog2.events.ClusterEventBus) SearchUser(org.graylog.plugins.views.search.permissions.SearchUser) RequiresAuthentication(org.apache.shiro.authz.annotation.RequiresAuthentication) PathParam(javax.ws.rs.PathParam) Query(org.graylog.plugins.views.search.Query) SearchQueryParser(org.graylog2.search.SearchQueryParser) GET(javax.ws.rs.GET) ViewResolver(org.graylog.plugins.views.search.views.ViewResolver) SearchDomain(org.graylog.plugins.views.search.SearchDomain) Inject(javax.inject.Inject) ViewResolverDecoder(org.graylog.plugins.views.search.views.ViewResolverDecoder) SearchType(org.graylog.plugins.views.search.SearchType) AuditEvent(org.graylog2.audit.jersey.AuditEvent) Api(io.swagger.annotations.Api) Search(org.graylog.plugins.views.search.Search) SearchQuery(org.graylog2.search.SearchQuery) DashboardDeletedEvent(org.graylog2.dashboards.events.DashboardDeletedEvent) Logger(org.slf4j.Logger) POST(javax.ws.rs.POST) ForbiddenException(javax.ws.rs.ForbiddenException) RestResource(org.graylog2.shared.rest.resources.RestResource) ValidationException(org.graylog2.plugin.database.ValidationException) ViewService(org.graylog.plugins.views.search.views.ViewService) PUT(javax.ws.rs.PUT) PaginatedResponse(org.graylog2.rest.models.PaginatedResponse) User(org.graylog2.plugin.database.users.User) Sets(com.google.common.collect.Sets) Search(org.graylog.plugins.views.search.Search) BadRequestException(javax.ws.rs.BadRequestException)

Aggregations

SearchUser (org.graylog.plugins.views.search.permissions.SearchUser)26 Test (org.junit.Test)19 Set (java.util.Set)4 Collectors (java.util.stream.Collectors)4 ForbiddenException (javax.ws.rs.ForbiddenException)4 Search (org.graylog.plugins.views.search.Search)4 RestResourceBaseTest (org.graylog2.rest.resources.RestResourceBaseTest)4 ImmutableSet (com.google.common.collect.ImmutableSet)3 ApiOperation (io.swagger.annotations.ApiOperation)3 Collection (java.util.Collection)3 POST (javax.ws.rs.POST)3 ViewDTO (org.graylog.plugins.views.search.views.ViewDTO)3 RelativeRange (org.graylog2.plugin.indexer.searches.timeranges.RelativeRange)3 Test (org.junit.jupiter.api.Test)3 Api (io.swagger.annotations.Api)2 ApiParam (io.swagger.annotations.ApiParam)2 Collections (java.util.Collections)2 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)2 Assertions.assertThatExceptionOfType (org.assertj.core.api.Assertions.assertThatExceptionOfType)2 AuditEvent (org.graylog2.audit.jersey.AuditEvent)2