use of org.graylog.security.UserContext in project graylog2-server by Graylog2.
the class StreamResource method create.
@POST
@Timed
@ApiOperation(value = "Create a stream")
@RequiresPermissions(RestPermissions.STREAMS_CREATE)
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@AuditEvent(type = AuditEventTypes.STREAM_CREATE)
public Response create(@ApiParam(name = "JSON body", required = true) final CreateStreamRequest cr, @Context UserContext userContext) throws ValidationException {
// Create stream.
final Stream stream = streamService.create(cr, getCurrentUser().getName());
stream.setDisabled(true);
final IndexSet indexSet = stream.getIndexSet();
if (!indexSet.getConfig().isWritable()) {
throw new BadRequestException("Assigned index set must be writable!");
} else if (!indexSet.getConfig().isRegularIndex()) {
throw new BadRequestException("Assigned index set is not usable");
}
final Set<StreamRule> streamRules = cr.rules().stream().map(streamRule -> streamRuleService.create(null, streamRule)).collect(Collectors.toSet());
final String id = streamService.saveWithRulesAndOwnership(stream, streamRules, userContext.getUser());
final Map<String, String> result = ImmutableMap.of("stream_id", id);
final URI streamUri = getUriBuilderToSelf().path(StreamResource.class).path("{streamId}").build(id);
return Response.created(streamUri).entity(result).build();
}
use of org.graylog.security.UserContext in project graylog2-server by Graylog2.
the class SearchUserFactory method provide.
@Override
public SearchUser provide() {
final UserContext userContext = serviceLocator.getService(UserContext.class);
final SecurityContext securityContext = serviceLocator.getService(SecurityContext.class);
return new SearchUser(userContext.getUser(), (permission) -> this.isPermitted(securityContext, permission), (permission, instanceId) -> this.isPermitted(securityContext, permission, instanceId), permittedStreams);
}
use of org.graylog.security.UserContext in project graylog2-server by Graylog2.
the class ViewsResourceTest method creatingViewAddsCurrentUserAsOwner.
@Test
public void creatingViewAddsCurrentUserAsOwner() throws Exception {
final ViewDTO.Builder builder = mock(ViewDTO.Builder.class);
when(view.toBuilder()).thenReturn(builder);
when(view.type()).thenReturn(ViewDTO.Type.DASHBOARD);
when(view.searchId()).thenReturn("6141d457d3a6b9d73c8ac55a");
when(builder.owner(any())).thenReturn(builder);
when(builder.build()).thenReturn(view);
final UserImpl testUser = new UserImpl(mock(PasswordAlgorithmFactory.class), new Permissions(ImmutableSet.of()), ImmutableMap.of("username", "testuser"));
final UserContext userContext = mock(UserContext.class);
when(userContext.getUser()).thenReturn(testUser);
when(userContext.getUserId()).thenReturn("testuser");
when(currentUser.isLocalAdmin()).thenReturn(true);
when(searchUser.username()).thenReturn("testuser");
this.viewsResource.create(view, userContext, searchUser);
final ArgumentCaptor<String> ownerCaptor = ArgumentCaptor.forClass(String.class);
verify(builder, times(1)).owner(ownerCaptor.capture());
assertThat(ownerCaptor.getValue()).isEqualTo("testuser");
}
Aggregations