Search in sources :

Example 16 with SearchUser

use of org.graylog.plugins.views.search.permissions.SearchUser in project graylog2-server by Graylog2.

the class FieldTypesResourceTest method passesRequestedTimeRangeToMappedFieldTypesService.

@Test
public void passesRequestedTimeRangeToMappedFieldTypesService() throws Exception {
    final SearchUser searchUser = TestSearchUser.builder().allowStream("2323").allowStream("4242").build();
    final FieldTypesForStreamsRequest request = FieldTypesForStreamsRequest.Builder.builder().streams(ImmutableSet.of("2323", "4242")).timerange(RelativeRange.create(300)).build();
    this.fieldTypesResource.byStreams(request, searchUser);
    verify(this.mappedFieldTypesService, times(1)).fieldTypesByStreamIds(streamIdCaptor.capture(), timeRangeArgumentCaptor.capture());
    assertThat(timeRangeArgumentCaptor.getValue()).isEqualTo(RelativeRange.create(300));
}
Also used : SearchUser(org.graylog.plugins.views.search.permissions.SearchUser) Test(org.junit.Test)

Example 17 with SearchUser

use of org.graylog.plugins.views.search.permissions.SearchUser in project graylog2-server by Graylog2.

the class MessagesResourceTest method checksStreamPermissionsForPlainRequest.

@Test
void checksStreamPermissionsForPlainRequest() {
    final SearchUser searchUser = TestSearchUser.builder().denyStream("stream-1").build();
    MessagesRequest request = validRequest().toBuilder().streams(ImmutableSet.of("stream-1")).build();
    PermissionException exception = new PermissionException("The wurst is yet to come");
    doThrow(exception).when(executionGuard).checkUserIsPermittedToSeeStreams(eq(ImmutableSet.of("stream-1")), any());
    assertThatExceptionOfType(PermissionException.class).isThrownBy(() -> sut.retrieve(request, searchUser)).withMessageContaining(exception.getMessage());
}
Also used : PermissionException(org.graylog.plugins.views.search.errors.PermissionException) MessagesRequest(org.graylog.plugins.views.search.export.MessagesRequest) SearchUser(org.graylog.plugins.views.search.permissions.SearchUser) Test(org.junit.jupiter.api.Test)

Example 18 with SearchUser

use of org.graylog.plugins.views.search.permissions.SearchUser in project graylog2-server by Graylog2.

the class SuggestionsResource method suggestFieldValue.

@POST
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation("Suggest field value")
@NoAuditEvent("Only suggesting field value for query, not changing any data")
public SuggestionsDTO suggestFieldValue(@ApiParam(name = "validationRequest") SuggestionsRequestDTO suggestionsRequest, @Context SearchUser searchUser) {
    final SuggestionRequest req = SuggestionRequest.builder().field(suggestionsRequest.field()).input(suggestionsRequest.input()).streams(adaptStreams(suggestionsRequest.streams(), searchUser)).size(Math.min(suggestionsRequest.size(), SUGGESTIONS_COUNT_MAX)).timerange(Optional.ofNullable(suggestionsRequest.timerange()).orElse(defaultTimeRange())).build();
    SuggestionResponse res = querySuggestionsService.suggest(req);
    final List<SuggestionEntryDTO> suggestions = res.suggestions().stream().map(s -> SuggestionEntryDTO.create(s.getValue(), s.getOccurrence())).collect(Collectors.toList());
    final SuggestionsDTO.Builder suggestionsBuilder = SuggestionsDTO.builder(res.field(), res.input()).suggestions(suggestions).sumOtherDocsCount(res.sumOtherDocsCount());
    res.suggestionError().map(e -> SuggestionsErrorDTO.create(e.type(), e.reason())).ifPresent(suggestionsBuilder::error);
    return suggestionsBuilder.build();
}
Also used : InvalidRangeParametersException(org.graylog2.plugin.indexer.searches.timeranges.InvalidRangeParametersException) Produces(javax.ws.rs.Produces) SuggestionEntryDTO(org.graylog.plugins.views.search.rest.suggestions.SuggestionEntryDTO) SuggestionsDTO(org.graylog.plugins.views.search.rest.suggestions.SuggestionsDTO) Path(javax.ws.rs.Path) ApiParam(io.swagger.annotations.ApiParam) RelativeRange(org.graylog2.plugin.indexer.searches.timeranges.RelativeRange) Inject(javax.inject.Inject) ApiOperation(io.swagger.annotations.ApiOperation) MediaType(javax.ws.rs.core.MediaType) SuggestionsErrorDTO(org.graylog.plugins.views.search.rest.suggestions.SuggestionsErrorDTO) SuggestionsRequestDTO(org.graylog.plugins.views.search.rest.suggestions.SuggestionsRequestDTO) PluginRestResource(org.graylog2.plugin.rest.PluginRestResource) Api(io.swagger.annotations.Api) SuggestionResponse(org.graylog.plugins.views.search.engine.suggestions.SuggestionResponse) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent) ImmutableSet(com.google.common.collect.ImmutableSet) POST(javax.ws.rs.POST) Context(javax.ws.rs.core.Context) Set(java.util.Set) RestResource(org.graylog2.shared.rest.resources.RestResource) SuggestionRequest(org.graylog.plugins.views.search.engine.suggestions.SuggestionRequest) Collectors(java.util.stream.Collectors) List(java.util.List) QuerySuggestionsService(org.graylog.plugins.views.search.engine.QuerySuggestionsService) Optional(java.util.Optional) SearchUser(org.graylog.plugins.views.search.permissions.SearchUser) RequiresAuthentication(org.apache.shiro.authz.annotation.RequiresAuthentication) SuggestionsDTO(org.graylog.plugins.views.search.rest.suggestions.SuggestionsDTO) SuggestionResponse(org.graylog.plugins.views.search.engine.suggestions.SuggestionResponse) SuggestionRequest(org.graylog.plugins.views.search.engine.suggestions.SuggestionRequest) SuggestionEntryDTO(org.graylog.plugins.views.search.rest.suggestions.SuggestionEntryDTO) POST(javax.ws.rs.POST) Produces(javax.ws.rs.Produces) ApiOperation(io.swagger.annotations.ApiOperation) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent)

Example 19 with SearchUser

use of org.graylog.plugins.views.search.permissions.SearchUser in project graylog2-server by Graylog2.

the class SearchUserFactory method provide.

@Override
public SearchUser provide() {
    final UserContext userContext = serviceLocator.getService(UserContext.class);
    final SecurityContext securityContext = serviceLocator.getService(SecurityContext.class);
    return new SearchUser(userContext.getUser(), (permission) -> this.isPermitted(securityContext, permission), (permission, instanceId) -> this.isPermitted(securityContext, permission, instanceId), permittedStreams);
}
Also used : UserContext(org.graylog.security.UserContext) SecurityContext(javax.ws.rs.core.SecurityContext) SearchUser(org.graylog.plugins.views.search.permissions.SearchUser)

Example 20 with SearchUser

use of org.graylog.plugins.views.search.permissions.SearchUser in project graylog2-server by Graylog2.

the class SearchExecutorTest method addsStreamsToSearchWithoutStreams.

@Test
public void addsStreamsToSearchWithoutStreams() {
    final Search search = mockSearch();
    final SearchUser searchUser = mock(SearchUser.class);
    when(searchUser.canReadView(any())).thenReturn(true);
    when(searchUser.canReadStream(any())).thenReturn(true);
    when(searchUser.username()).thenReturn("frank-drebin");
    final SearchJob searchJob = mock(SearchJob.class);
    when(searchJobService.create(search, "frank-drebin")).thenReturn(searchJob);
    when(searchJob.getResultFuture()).thenReturn(CompletableFuture.completedFuture(null));
    when(queryEngine.execute(searchJob)).thenReturn(searchJob);
    when(searchDomain.getForUser(eq("search1"), eq(searchUser))).thenReturn(Optional.of(search));
    this.searchExecutor.execute("search1", searchUser, ExecutionState.empty());
    verify(search, times(1)).addStreamsToQueriesWithoutStreams(any());
}
Also used : Search(org.graylog.plugins.views.search.Search) SearchUser(org.graylog.plugins.views.search.permissions.SearchUser) SearchJob(org.graylog.plugins.views.search.SearchJob) RestResourceBaseTest(org.graylog2.rest.resources.RestResourceBaseTest) Test(org.junit.Test)

Aggregations

SearchUser (org.graylog.plugins.views.search.permissions.SearchUser)26 Test (org.junit.Test)19 Set (java.util.Set)4 Collectors (java.util.stream.Collectors)4 ForbiddenException (javax.ws.rs.ForbiddenException)4 Search (org.graylog.plugins.views.search.Search)4 RestResourceBaseTest (org.graylog2.rest.resources.RestResourceBaseTest)4 ImmutableSet (com.google.common.collect.ImmutableSet)3 ApiOperation (io.swagger.annotations.ApiOperation)3 Collection (java.util.Collection)3 POST (javax.ws.rs.POST)3 ViewDTO (org.graylog.plugins.views.search.views.ViewDTO)3 RelativeRange (org.graylog2.plugin.indexer.searches.timeranges.RelativeRange)3 Test (org.junit.jupiter.api.Test)3 Api (io.swagger.annotations.Api)2 ApiParam (io.swagger.annotations.ApiParam)2 Collections (java.util.Collections)2 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)2 Assertions.assertThatExceptionOfType (org.assertj.core.api.Assertions.assertThatExceptionOfType)2 AuditEvent (org.graylog2.audit.jersey.AuditEvent)2