Search in sources :

Example 61 with ValidationException

use of org.graylog2.plugin.database.ValidationException in project graylog2-server by Graylog2.

the class BundleImporter method createStream.

private org.graylog2.plugin.streams.Stream createStream(final String bundleId, final Stream streamDescription, final String userName) throws ValidationException {
    // We cannot create streams without having a default index set.
    final IndexSet indexSet = indexSetRegistry.getDefault();
    final Map<String, Object> streamData = ImmutableMap.<String, Object>builder().put(StreamImpl.FIELD_TITLE, streamDescription.getTitle()).put(StreamImpl.FIELD_DESCRIPTION, streamDescription.getDescription()).put(StreamImpl.FIELD_DISABLED, streamDescription.isDisabled()).put(StreamImpl.FIELD_MATCHING_TYPE, streamDescription.getMatchingType().name()).put(StreamImpl.FIELD_CREATOR_USER_ID, userName).put(StreamImpl.FIELD_CREATED_AT, Tools.nowUTC()).put(StreamImpl.FIELD_CONTENT_PACK, bundleId).put(StreamImpl.FIELD_DEFAULT_STREAM, streamDescription.isDefaultStream()).put(StreamImpl.FIELD_INDEX_SET_ID, indexSet.getConfig().id()).build();
    final String defaultStreamId = org.graylog2.plugin.streams.Stream.DEFAULT_STREAM_ID;
    final ObjectId id = streamDescription.isDefaultStream() ? new ObjectId(defaultStreamId) : new ObjectId(streamDescription.getId());
    final org.graylog2.plugin.streams.Stream stream = new StreamImpl(id, streamData, Collections.emptyList(), Collections.emptySet(), indexSet);
    final String streamId = streamService.save(stream);
    if (streamDescription.getStreamRules() != null) {
        for (StreamRule streamRule : streamDescription.getStreamRules()) {
            final Map<String, Object> streamRuleData = ImmutableMap.<String, Object>builder().put(StreamRuleImpl.FIELD_TYPE, streamRule.getType().toInteger()).put(StreamRuleImpl.FIELD_VALUE, streamRule.getValue()).put(StreamRuleImpl.FIELD_FIELD, streamRule.getField()).put(StreamRuleImpl.FIELD_INVERTED, streamRule.isInverted()).put(StreamRuleImpl.FIELD_STREAM_ID, new ObjectId(streamId)).put(StreamRuleImpl.FIELD_CONTENT_PACK, bundleId).put(StreamRuleImpl.FIELD_DESCRIPTION, streamRule.getDescription()).build();
            streamRuleService.save(new StreamRuleImpl(streamRuleData));
        }
    }
    for (final String outputId : streamDescription.getOutputs()) {
        if (isNullOrEmpty(outputId)) {
            LOG.warn("Couldn't find referenced output <{}> for stream <{}>", outputId, streamDescription.getTitle());
        } else {
            streamService.addOutput(stream, outputsByReferenceId.get(outputId));
        }
    }
    return stream;
}
Also used : ObjectId(org.bson.types.ObjectId) StreamImpl(org.graylog2.streams.StreamImpl) StreamRuleImpl(org.graylog2.streams.StreamRuleImpl) IndexSet(org.graylog2.indexer.IndexSet)

Example 62 with ValidationException

use of org.graylog2.plugin.database.ValidationException in project graylog2-server by Graylog2.

the class ExtractorsResource method update.

@PUT
@Timed
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Update an extractor")
@Path("/{extractorId}")
@ApiResponses(value = { @ApiResponse(code = 404, message = "No such input on this node."), @ApiResponse(code = 404, message = "No such extractor on this input."), @ApiResponse(code = 400, message = "No such extractor type."), @ApiResponse(code = 400, message = "Field the extractor should write on is reserved."), @ApiResponse(code = 400, message = "Missing or invalid configuration.") })
@AuditEvent(type = AuditEventTypes.EXTRACTOR_UPDATE)
public ExtractorSummary update(@ApiParam(name = "inputId", required = true) @PathParam("inputId") String inputId, @ApiParam(name = "extractorId", required = true) @PathParam("extractorId") String extractorId, @ApiParam(name = "JSON body", required = true) @Valid @NotNull CreateExtractorRequest cer) throws NotFoundException {
    checkPermission(RestPermissions.INPUTS_EDIT, inputId);
    final Input mongoInput = inputService.find(inputId);
    final Extractor originalExtractor = inputService.getExtractor(mongoInput, extractorId);
    final Extractor extractor = buildExtractorFromRequest(cer, originalExtractor.getId());
    inputService.removeExtractor(mongoInput, originalExtractor.getId());
    try {
        inputService.addExtractor(mongoInput, extractor);
    } catch (ValidationException e) {
        LOG.error("Extractor persist validation failed.", e);
        throw new BadRequestException(e);
    }
    final String msg = "Updated extractor <" + originalExtractor.getId() + "> of type [" + cer.extractorType() + "] in input <" + inputId + ">.";
    LOG.info(msg);
    activityWriter.write(new Activity(msg, ExtractorsResource.class));
    return toSummary(extractor);
}
Also used : Input(org.graylog2.inputs.Input) MessageInput(org.graylog2.plugin.inputs.MessageInput) ValidationException(org.graylog2.plugin.database.ValidationException) BadRequestException(javax.ws.rs.BadRequestException) Activity(org.graylog2.shared.system.activities.Activity) Extractor(org.graylog2.plugin.inputs.Extractor) Path(javax.ws.rs.Path) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent) PUT(javax.ws.rs.PUT) ApiResponses(io.swagger.annotations.ApiResponses)

Example 63 with ValidationException

use of org.graylog2.plugin.database.ValidationException in project graylog2-server by Graylog2.

the class UsersResource method create.

@POST
@RequiresPermissions(RestPermissions.USERS_CREATE)
@ApiOperation("Create a new user account.")
@ApiResponses({ @ApiResponse(code = 400, message = "Missing or invalid user details.") })
@AuditEvent(type = AuditEventTypes.USER_CREATE)
public Response create(@ApiParam(name = "JSON body", value = "Must contain username, full_name, email, password and a list of permissions.", required = true) @Valid @NotNull CreateUserRequest cr) throws ValidationException {
    if (userService.load(cr.username()) != null) {
        final String msg = "Cannot create user " + cr.username() + ". Username is already taken.";
        LOG.error(msg);
        throw new BadRequestException(msg);
    }
    // Create user.
    User user = userService.create();
    user.setName(cr.username());
    user.setPassword(cr.password());
    user.setFullName(cr.fullName());
    user.setEmail(cr.email());
    user.setPermissions(cr.permissions());
    setUserRoles(cr.roles(), user);
    if (cr.timezone() != null) {
        user.setTimeZone(cr.timezone());
    }
    final Long sessionTimeoutMs = cr.sessionTimeoutMs();
    if (sessionTimeoutMs != null) {
        user.setSessionTimeoutMs(sessionTimeoutMs);
    }
    final Startpage startpage = cr.startpage();
    if (startpage != null) {
        user.setStartpage(startpage.type(), startpage.id());
    }
    final String id = userService.save(user);
    LOG.debug("Saved user {} with id {}", user.getName(), id);
    final URI userUri = getUriBuilderToSelf().path(UsersResource.class).path("{username}").build(user.getName());
    return Response.created(userUri).build();
}
Also used : User(org.graylog2.plugin.database.users.User) Startpage(org.graylog2.rest.models.users.requests.Startpage) BadRequestException(javax.ws.rs.BadRequestException) URI(java.net.URI) RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions) POST(javax.ws.rs.POST) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent) ApiResponses(io.swagger.annotations.ApiResponses)

Example 64 with ValidationException

use of org.graylog2.plugin.database.ValidationException in project graylog2-server by Graylog2.

the class UsersResource method editPermissions.

@PUT
@Path("{username}/permissions")
@RequiresPermissions(RestPermissions.USERS_PERMISSIONSEDIT)
@ApiOperation("Update a user's permission set.")
@ApiResponses({ @ApiResponse(code = 400, message = "Missing or invalid permission data.") })
@AuditEvent(type = AuditEventTypes.USER_PERMISSIONS_UPDATE)
public void editPermissions(@ApiParam(name = "username", value = "The name of the user to modify.", required = true) @PathParam("username") String username, @ApiParam(name = "JSON body", value = "The list of permissions to assign to the user.", required = true) @Valid @NotNull PermissionEditRequest permissionRequest) throws ValidationException {
    final User user = userService.load(username);
    if (user == null) {
        throw new NotFoundException("Couldn't find user " + username);
    }
    user.setPermissions(getEffectiveUserPermissions(user, permissionRequest.permissions()));
    userService.save(user);
}
Also used : User(org.graylog2.plugin.database.users.User) NotFoundException(javax.ws.rs.NotFoundException) Path(javax.ws.rs.Path) RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent) PUT(javax.ws.rs.PUT) ApiResponses(io.swagger.annotations.ApiResponses)

Example 65 with ValidationException

use of org.graylog2.plugin.database.ValidationException in project graylog2-server by Graylog2.

the class UsersResource method changeUser.

@PUT
@Path("{username}")
@ApiOperation("Modify user details.")
@ApiResponses({ @ApiResponse(code = 400, message = "Attempted to modify a read only user account (e.g. built-in or LDAP users)."), @ApiResponse(code = 400, message = "Missing or invalid user details.") })
@AuditEvent(type = AuditEventTypes.USER_UPDATE)
public void changeUser(@ApiParam(name = "username", value = "The name of the user to modify.", required = true) @PathParam("username") String username, @ApiParam(name = "JSON body", value = "Updated user information.", required = true) @Valid @NotNull ChangeUserRequest cr) throws ValidationException {
    checkPermission(USERS_EDIT, username);
    final User user = userService.load(username);
    if (user == null) {
        throw new NotFoundException("Couldn't find user " + username);
    }
    if (user.isReadOnly()) {
        throw new BadRequestException("Cannot modify readonly user " + username);
    }
    // we only allow setting a subset of the fields in CreateStreamRuleRequest
    if (cr.email() != null) {
        user.setEmail(cr.email());
    }
    if (cr.fullName() != null) {
        user.setFullName(cr.fullName());
    }
    final boolean permitted = isPermitted(USERS_PERMISSIONSEDIT, user.getName());
    if (permitted && cr.permissions() != null) {
        user.setPermissions(getEffectiveUserPermissions(user, cr.permissions()));
    }
    if (isPermitted(USERS_ROLESEDIT, user.getName())) {
        setUserRoles(cr.roles(), user);
    }
    final String timezone = cr.timezone();
    if (timezone == null) {
        user.setTimeZone((String) null);
    } else {
        try {
            if (timezone.isEmpty()) {
                user.setTimeZone((String) null);
            } else {
                final DateTimeZone tz = DateTimeZone.forID(timezone);
                user.setTimeZone(tz);
            }
        } catch (IllegalArgumentException e) {
            LOG.error("Invalid timezone '{}', ignoring it for user {}.", timezone, username);
        }
    }
    final Startpage startpage = cr.startpage();
    if (startpage != null) {
        user.setStartpage(startpage.type(), startpage.id());
    }
    if (isPermitted("*")) {
        final Long sessionTimeoutMs = cr.sessionTimeoutMs();
        if (sessionTimeoutMs != null && sessionTimeoutMs != 0) {
            user.setSessionTimeoutMs(sessionTimeoutMs);
        }
    }
    userService.save(user);
}
Also used : User(org.graylog2.plugin.database.users.User) Startpage(org.graylog2.rest.models.users.requests.Startpage) NotFoundException(javax.ws.rs.NotFoundException) BadRequestException(javax.ws.rs.BadRequestException) DateTimeZone(org.joda.time.DateTimeZone) Path(javax.ws.rs.Path) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent) PUT(javax.ws.rs.PUT) ApiResponses(io.swagger.annotations.ApiResponses)

Aggregations

ApiOperation (io.swagger.annotations.ApiOperation)47 AuditEvent (org.graylog2.audit.jersey.AuditEvent)47 Timed (com.codahale.metrics.annotation.Timed)36 ValidationException (org.graylog2.plugin.database.ValidationException)32 ApiResponses (io.swagger.annotations.ApiResponses)29 Path (javax.ws.rs.Path)29 BadRequestException (javax.ws.rs.BadRequestException)25 PUT (javax.ws.rs.PUT)24 Produces (javax.ws.rs.Produces)23 Consumes (javax.ws.rs.Consumes)22 POST (javax.ws.rs.POST)21 URI (java.net.URI)18 RequiresPermissions (org.apache.shiro.authz.annotation.RequiresPermissions)13 Stream (org.graylog2.plugin.streams.Stream)12 User (org.graylog2.plugin.database.users.User)11 MessageInput (org.graylog2.plugin.inputs.MessageInput)11 NotFoundException (org.graylog2.database.NotFoundException)10 List (java.util.List)7 NoAuditEvent (org.graylog2.audit.jersey.NoAuditEvent)7 Dashboard (org.graylog2.dashboards.Dashboard)7