Example 1 with Parameter
use of org.graylog2.contentpacks.model.parameters.Parameter in project graylog2-server by Graylog2.
the class LdapConnector method findGroups.
public Set<String> findGroups(LdapNetworkConnection connection, String groupSearchBase, String groupSearchPattern, String groupIdAttribute, @Nullable LdapEntry ldapEntry) {
final Set<String> groups = Sets.newHashSet();
try (final EntryCursor groupSearch = connection.search(groupSearchBase, groupSearchPattern, SearchScope.SUBTREE, "objectClass", ATTRIBUTE_UNIQUE_MEMBER, ATTRIBUTE_MEMBER, ATTRIBUTE_MEMBER_UID, groupIdAttribute)) {
LOG.trace("LDAP search for groups: {} starting at {}", groupSearchPattern, groupSearchBase);
for (Entry e : groupSearch) {
if (LOG.isTraceEnabled()) {
LOG.trace("Group Entry: {}", e.toString(" "));
}
if (!e.containsAttribute(groupIdAttribute)) {
LOG.warn("Unknown group id attribute {}, skipping group entry {}", groupIdAttribute, e);
continue;
}
final String groupId = e.get(groupIdAttribute).getString();
if (ldapEntry == null) {
// no membership lookup possible (we have no user), simply collect the found group names
groups.add(groupId);
} else {
// test if the given dn parameter is actually member of any of the found groups
String memberAttribute;
if (e.hasObjectClass("groupOfUniqueNames")) {
memberAttribute = ATTRIBUTE_UNIQUE_MEMBER;
} else if (e.hasObjectClass("groupOfNames") || e.hasObjectClass("group")) {
memberAttribute = ATTRIBUTE_MEMBER;
} else if (e.hasObjectClass("posixGroup")) {
memberAttribute = ATTRIBUTE_MEMBER_UID;
} else {
// Trying auto detection of the member attribute. This should be configurable!
if (e.containsAttribute(ATTRIBUTE_UNIQUE_MEMBER)) {
memberAttribute = ATTRIBUTE_UNIQUE_MEMBER;
} else if (e.containsAttribute(ATTRIBUTE_MEMBER_UID)) {
memberAttribute = ATTRIBUTE_MEMBER_UID;
} else {
memberAttribute = ATTRIBUTE_MEMBER;
}
LOG.warn("Unable to auto-detect the LDAP group object class, assuming '{}' is the correct attribute.", memberAttribute);
}
final Attribute members = e.get(memberAttribute);
if (members != null) {
final String dn = normalizedDn(ldapEntry.getDn());
final String uid = ldapEntry.get("uid");
for (Value<?> member : members) {
LOG.trace("DN {} == {} member?", dn, member.getString());
if (dn != null && dn.equalsIgnoreCase(normalizedDn(member.getString()))) {
groups.add(groupId);
} else {
// check against the uid attribute of the user.
if (!isNullOrEmpty(uid) && uid.equalsIgnoreCase(member.getString())) {
LOG.trace("UID {} == {} member?", uid, member.getString());
groups.add(groupId);
}
}
}
}
}
}
} catch (Exception e) {
LOG.warn("Unable to iterate over user's groups, unable to perform group mapping. Graylog does not support " + "LDAP referrals at the moment. Please see " + DocsHelper.PAGE_LDAP_TROUBLESHOOTING.toString() + " for more information.", ExceptionUtils.getRootCause(e));
}
return groups;
}
Also used :
EntryCursor(org.apache.directory.api.ldap.model.cursor.EntryCursor)
Entry(org.apache.directory.api.ldap.model.entry.Entry)
LdapEntry(org.graylog2.shared.security.ldap.LdapEntry)
Attribute(org.apache.directory.api.ldap.model.entry.Attribute)
CursorException(org.apache.directory.api.ldap.model.cursor.CursorException)
UncheckedTimeoutException(com.google.common.util.concurrent.UncheckedTimeoutException)
IOException(java.io.IOException)
LdapInvalidDnException(org.apache.directory.api.ldap.model.exception.LdapInvalidDnException)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
Example 2 with Parameter
use of org.graylog2.contentpacks.model.parameters.Parameter in project graylog2-server by Graylog2.
the class JestUtilsTest method executeFailsWithCustomMessage.
@Test
public void executeFailsWithCustomMessage() throws Exception {
final Ping request = new Ping.Builder().build();
final JestResult resultMock = mock(JestResult.class);
when(resultMock.isSucceeded()).thenReturn(false);
final ObjectNode responseStub = objectMapper.createObjectNode();
final ObjectNode errorStub = objectMapper.createObjectNode();
responseStub.set("Message", new TextNode("Authorization header requires 'Credential' parameter."));
errorStub.set("error", responseStub);
when(resultMock.getJsonObject()).thenReturn(errorStub);
when(clientMock.execute(request)).thenReturn(resultMock);
try {
JestUtils.execute(clientMock, request, () -> "BOOM");
fail("Expected ElasticsearchException to be thrown");
} catch (ElasticsearchException e) {
assertThat(e).hasMessageStartingWith("BOOM").hasMessageEndingWith("{\"Message\":\"Authorization header requires 'Credential' parameter.\"}").hasNoSuppressedExceptions();
assertThat(e.getErrorDetails()).containsExactly("{\"Message\":\"Authorization header requires 'Credential' parameter.\"}");
}
}
Also used :
ObjectNode(com.fasterxml.jackson.databind.node.ObjectNode)
Ping(io.searchbox.core.Ping)
TextNode(com.fasterxml.jackson.databind.node.TextNode)
ElasticsearchException(org.graylog2.indexer.ElasticsearchException)
JestResult(io.searchbox.client.JestResult)
Test(org.junit.Test)
Example 3 with Parameter
use of org.graylog2.contentpacks.model.parameters.Parameter in project graylog2-server by Graylog2.
the class SearchMetadataResource method metadataForObject.
@POST
@ApiOperation(value = "Metadata for the posted Search object", notes = "Intended for search objects that aren't yet persisted (e.g. for validation or interactive purposes)")
@NoAuditEvent("Only returning metadata for given search, not changing any data")
public SearchMetadata metadataForObject(@ApiParam @NotNull(message = "Search body is mandatory") SearchDTO searchDTO) {
if (searchDTO == null) {
throw new IllegalArgumentException("Search must not be null.");
}
final Search search = searchDTO.toSearch();
final Map<String, QueryMetadata> queryMetadatas = StreamEx.of(search.queries()).toMap(Query::id, query -> queryEngine.parse(search, query));
return SearchMetadata.create(queryMetadatas, Maps.uniqueIndex(search.parameters(), Parameter::name));
}
Also used :
QueryMetadata(org.graylog.plugins.views.search.QueryMetadata)
Query(org.graylog.plugins.views.search.Query)
Search(org.graylog.plugins.views.search.Search)
POST(javax.ws.rs.POST)
ApiOperation(io.swagger.annotations.ApiOperation)
NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent)
Example 4 with Parameter
use of org.graylog2.contentpacks.model.parameters.Parameter in project graylog2-server by Graylog2.
the class QueryValidationServiceImpl method toExplanation.
private List<ValidationMessage> toExplanation(String query, SearchException searchException) {
if (searchException.error() instanceof UnboundParameterError) {
final UnboundParameterError error = (UnboundParameterError) searchException.error();
final List<SubstringMultilinePosition> positions = SubstringMultilinePosition.compute(query, "$" + error.parameterName() + "$");
if (!positions.isEmpty()) {
return positions.stream().map(p -> ValidationMessage.builder().errorType("Parameter error").errorMessage(error.description()).beginLine(p.getLine()).endLine(p.getLine()).beginColumn(p.getBeginColumn()).endColumn(p.getEndColumn()).build()).collect(Collectors.toList());
}
}
return Collections.singletonList(ValidationMessage.fromException(searchException));
}
Also used :
ParseException(org.apache.lucene.queryparser.classic.ParseException)
Query(org.graylog.plugins.views.search.Query)
Set(java.util.Set)
ParameterProvider(org.graylog.plugins.views.search.ParameterProvider)
MappedFieldTypesService(org.graylog2.indexer.fieldtypes.MappedFieldTypesService)
Streams(com.google.common.collect.Streams)
Singleton(javax.inject.Singleton)
StringUtils(org.apache.commons.lang3.StringUtils)
SearchException(org.graylog.plugins.views.search.errors.SearchException)
Collectors(java.util.stream.Collectors)
UnboundParameterError(org.graylog.plugins.views.search.errors.UnboundParameterError)
Inject(javax.inject.Inject)
Objects(java.util.Objects)
List(java.util.List)
QueryStringDecorators(org.graylog.plugins.views.search.elasticsearch.QueryStringDecorators)
Stream(java.util.stream.Stream)
MappedFieldTypeDTO(org.graylog.plugins.views.search.rest.MappedFieldTypeDTO)
Locale(java.util.Locale)
Collections(java.util.Collections)
UnboundParameterError(org.graylog.plugins.views.search.errors.UnboundParameterError)
Example 5 with Parameter
use of org.graylog2.contentpacks.model.parameters.Parameter in project graylog2-server by Graylog2.
the class GelfChunkAggregator method checkForCompletion.
/**
* Checks whether the presented gelf message chunk completes the incoming raw message and returns it if it does.
* If the message isn't complete, it adds the chunk to the internal buffer and waits for more incoming messages.
* Outdated chunks are being purged regularly.
*
* @param gelfMessage the gelf message chunk
* @return null or a {@link org.graylog2.plugin.journal.RawMessage raw message} object
*/
@Nullable
private ByteBuf checkForCompletion(GELFMessage gelfMessage) {
if (!chunks.isEmpty() && log.isDebugEnabled()) {
log.debug("Dumping GELF chunk map [chunks for {} messages]:\n{}", chunks.size(), humanReadableChunkMap());
}
// TODO second parameter
final GELFMessageChunk chunk = new GELFMessageChunk(gelfMessage, null);
final int sequenceCount = chunk.getSequenceCount();
final String messageId = chunk.getId();
ChunkEntry entry = new ChunkEntry(sequenceCount, chunk.getArrival(), messageId);
final ChunkEntry existing = chunks.putIfAbsent(messageId, entry);
if (existing == null) {
// add this chunk entry to the eviction set
waitingMessages.inc();
sortedEvictionSet.add(entry);
} else {
// the entry is already in the eviction set and chunk map
entry = existing;
}
final int sequenceNumber = chunk.getSequenceNumber();
if (!entry.payloadArray.compareAndSet(sequenceNumber, null, chunk)) {
log.error("Received duplicate chunk {} for message {} from {}", sequenceNumber, messageId, gelfMessage.getSourceAddress());
duplicateChunks.inc();
return null;
}
final int chunkWatermark = entry.chunkSlotsWritten.incrementAndGet();
if (chunkWatermark > MAX_CHUNKS) {
getAndCleanupEntry(messageId);
throw new IllegalStateException("Maximum number of chunks reached, discarding message");
}
if (chunkWatermark == sequenceCount) {
// message is complete by chunk count, assemble and return it.
// it might still be corrupt etc, but we've seen enough chunks
// remove before operating on it, to avoid racing too much with the clean up job, some race is inevitable, though.
entry = getAndCleanupEntry(messageId);
final byte[][] allChunks = new byte[sequenceCount][];
for (int i = 0; i < entry.payloadArray.length(); i++) {
final GELFMessageChunk messageChunk = entry.payloadArray.get(i);
if (messageChunk == null) {
log.debug("Couldn't read chunk {} of message {}, skipping this chunk.", i, messageId);
} else {
allChunks[i] = messageChunk.getData();
}
}
completeMessages.inc();
return Unpooled.wrappedBuffer(allChunks);
}
// message isn't complete yet, check if we should remove the other parts as well
if (isOutdated(entry)) {
// chunks are outdated, the oldest came in over 5 seconds ago, clean them all up
log.debug("Not all chunks of <{}> arrived within {}ms. Dropping chunks.", messageId, VALIDITY_PERIOD);
expireEntry(messageId);
}
return null;
}
Also used :
GELFMessageChunk(org.graylog2.inputs.codecs.gelf.GELFMessageChunk)
Nullable(javax.annotation.Nullable)
Aggregations
Test (org.junit.Test)4
ApiOperation (io.swagger.annotations.ApiOperation)3
Timed (com.codahale.metrics.annotation.Timed)2
ImmutableMap (com.google.common.collect.ImmutableMap)2
ApiResponses (io.swagger.annotations.ApiResponses)2
Collections (java.util.Collections)2
Map (java.util.Map)2
Set (java.util.Set)2
Collectors (java.util.stream.Collectors)2
Nullable (javax.annotation.Nullable)2
GET (javax.ws.rs.GET)2
CursorException (org.apache.directory.api.ldap.model.cursor.CursorException)2
LdapException (org.apache.directory.api.ldap.model.exception.LdapException)2
Query (org.graylog.plugins.views.search.Query)2
ValueReference (org.graylog2.contentpacks.model.entities.references.ValueReference)2
AlertSummary (org.graylog2.rest.models.streams.alerts.AlertSummary)2
DateTime (org.joda.time.DateTime)2
JsonAutoDetect (com.fasterxml.jackson.annotation.JsonAutoDetect)1
JsonCreator (com.fasterxml.jackson.annotation.JsonCreator)1
JsonIgnore (com.fasterxml.jackson.annotation.JsonIgnore)1
