use of org.graylog.plugins.views.search.permissions.SearchUser in project graylog2-server by Graylog2.
the class FieldTypesResourceTest method passesRequestedTimeRangeToMappedFieldTypesService.
@Test
public void passesRequestedTimeRangeToMappedFieldTypesService() throws Exception {
final SearchUser searchUser = TestSearchUser.builder().allowStream("2323").allowStream("4242").build();
final FieldTypesForStreamsRequest request = FieldTypesForStreamsRequest.Builder.builder().streams(ImmutableSet.of("2323", "4242")).timerange(RelativeRange.create(300)).build();
this.fieldTypesResource.byStreams(request, searchUser);
verify(this.mappedFieldTypesService, times(1)).fieldTypesByStreamIds(streamIdCaptor.capture(), timeRangeArgumentCaptor.capture());
assertThat(timeRangeArgumentCaptor.getValue()).isEqualTo(RelativeRange.create(300));
}
use of org.graylog.plugins.views.search.permissions.SearchUser in project graylog2-server by Graylog2.
the class MessagesResourceTest method checksStreamPermissionsForPlainRequest.
@Test
void checksStreamPermissionsForPlainRequest() {
final SearchUser searchUser = TestSearchUser.builder().denyStream("stream-1").build();
MessagesRequest request = validRequest().toBuilder().streams(ImmutableSet.of("stream-1")).build();
PermissionException exception = new PermissionException("The wurst is yet to come");
doThrow(exception).when(executionGuard).checkUserIsPermittedToSeeStreams(eq(ImmutableSet.of("stream-1")), any());
assertThatExceptionOfType(PermissionException.class).isThrownBy(() -> sut.retrieve(request, searchUser)).withMessageContaining(exception.getMessage());
}
use of org.graylog.plugins.views.search.permissions.SearchUser in project graylog2-server by Graylog2.
the class SuggestionsResource method suggestFieldValue.
@POST
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation("Suggest field value")
@NoAuditEvent("Only suggesting field value for query, not changing any data")
public SuggestionsDTO suggestFieldValue(@ApiParam(name = "validationRequest") SuggestionsRequestDTO suggestionsRequest, @Context SearchUser searchUser) {
final SuggestionRequest req = SuggestionRequest.builder().field(suggestionsRequest.field()).input(suggestionsRequest.input()).streams(adaptStreams(suggestionsRequest.streams(), searchUser)).size(Math.min(suggestionsRequest.size(), SUGGESTIONS_COUNT_MAX)).timerange(Optional.ofNullable(suggestionsRequest.timerange()).orElse(defaultTimeRange())).build();
SuggestionResponse res = querySuggestionsService.suggest(req);
final List<SuggestionEntryDTO> suggestions = res.suggestions().stream().map(s -> SuggestionEntryDTO.create(s.getValue(), s.getOccurrence())).collect(Collectors.toList());
final SuggestionsDTO.Builder suggestionsBuilder = SuggestionsDTO.builder(res.field(), res.input()).suggestions(suggestions).sumOtherDocsCount(res.sumOtherDocsCount());
res.suggestionError().map(e -> SuggestionsErrorDTO.create(e.type(), e.reason())).ifPresent(suggestionsBuilder::error);
return suggestionsBuilder.build();
}
use of org.graylog.plugins.views.search.permissions.SearchUser in project graylog2-server by Graylog2.
the class SearchUserFactory method provide.
@Override
public SearchUser provide() {
final UserContext userContext = serviceLocator.getService(UserContext.class);
final SecurityContext securityContext = serviceLocator.getService(SecurityContext.class);
return new SearchUser(userContext.getUser(), (permission) -> this.isPermitted(securityContext, permission), (permission, instanceId) -> this.isPermitted(securityContext, permission, instanceId), permittedStreams);
}
use of org.graylog.plugins.views.search.permissions.SearchUser in project graylog2-server by Graylog2.
the class SearchExecutorTest method addsStreamsToSearchWithoutStreams.
@Test
public void addsStreamsToSearchWithoutStreams() {
final Search search = mockSearch();
final SearchUser searchUser = mock(SearchUser.class);
when(searchUser.canReadView(any())).thenReturn(true);
when(searchUser.canReadStream(any())).thenReturn(true);
when(searchUser.username()).thenReturn("frank-drebin");
final SearchJob searchJob = mock(SearchJob.class);
when(searchJobService.create(search, "frank-drebin")).thenReturn(searchJob);
when(searchJob.getResultFuture()).thenReturn(CompletableFuture.completedFuture(null));
when(queryEngine.execute(searchJob)).thenReturn(searchJob);
when(searchDomain.getForUser(eq("search1"), eq(searchUser))).thenReturn(Optional.of(search));
this.searchExecutor.execute("search1", searchUser, ExecutionState.empty());
verify(search, times(1)).addStreamsToQueriesWithoutStreams(any());
}
Aggregations