Examples with UserImpl org.graylog2.users.UserImpl used on opensource projects

Example 1 with UserImpl

use of org.graylog2.users.UserImpl in project graylog2-server by Graylog2.

the class LdapUserAuthenticator method updateFromLdap.

private void updateFromLdap(User user, LdapEntry userEntry, LdapSettings ldapSettings, String username) {
    final String displayNameAttribute = ldapSettings.getDisplayNameAttribute();
    final String fullName = firstNonNull(userEntry.get(displayNameAttribute), username);
    user.setName(username);
    user.setFullName(fullName);
    user.setExternal(true);
    if (user.getTimeZone() == null) {
        user.setTimeZone(rootTimeZone);
    }
    final String email = userEntry.getEmail();
    if (isNullOrEmpty(email)) {
        LOG.debug("No email address found for user {} in LDAP. Using {}@localhost", username, username);
        user.setEmail(username + "@localhost");
    } else {
        user.setEmail(email);
    }
    // TODO This is a crude hack until we have a proper way to distinguish LDAP users from normal users
    if (isNullOrEmpty(user.getHashedPassword())) {
        ((UserImpl) user).setHashedPassword("User synced from LDAP.");
    }
    // map ldap groups to user roles, if the mapping is present
    final Set<String> translatedRoleIds = Sets.newHashSet(Sets.union(Sets.newHashSet(ldapSettings.getDefaultGroupId()), ldapSettings.getAdditionalDefaultGroupIds()));
    if (!userEntry.getGroups().isEmpty()) {
        // ldap search returned groups, these always override the ones set on the user
        try {
            final Map<String, Role> roleNameToRole = roleService.loadAllLowercaseNameMap();
            for (String ldapGroupName : userEntry.getGroups()) {
                final String roleName = ldapSettings.getGroupMapping().get(ldapGroupName);
                if (roleName == null) {
                    LOG.debug("User {}: No group mapping for ldap group <{}>", username, ldapGroupName);
                    continue;
                }
                final Role role = roleNameToRole.get(roleName.toLowerCase(Locale.ENGLISH));
                if (role != null) {
                    LOG.debug("User {}: Mapping ldap group <{}> to role <{}>", username, ldapGroupName, role.getName());
                    translatedRoleIds.add(role.getId());
                } else {
                    LOG.warn("User {}: No role found for ldap group <{}>", username, ldapGroupName);
                }
            }
        } catch (NotFoundException e) {
            LOG.error("Unable to load user roles", e);
        }
    } else if (ldapSettings.getGroupMapping().isEmpty() || ldapSettings.getGroupSearchBase().isEmpty() || ldapSettings.getGroupSearchPattern().isEmpty() || ldapSettings.getGroupIdAttribute().isEmpty()) {
        // no group mapping or configuration set, we'll leave the previously set groups alone on sync
        // when first creating the user these will be empty
        translatedRoleIds.addAll(user.getRoleIds());
    }
    user.setRoleIds(translatedRoleIds);
    // preserve the raw permissions (the ones without the synthetic self-edit permissions or the "*" admin one)
    user.setPermissions(user.getPermissions());
}

Example 2 with UserImpl

use of org.graylog2.users.UserImpl in project graylog2-server by Graylog2.

the class ProvisionerService method createUser.

private User createUser(UserDetails userDetails) {
    final User user = userService.create();
    // Set fields there that should not be overridden by the authentication service provisioning
    user.setRoleIds(userDetails.defaultRoles());
    user.setPermissions(Collections.emptyList());
    // TODO: Does the timezone need to be configurable per auth service backend?
    user.setTimeZone(rootTimeZone);
    // TODO: Does the session timeout need to be configurable per auth service backend?
    user.setSessionTimeoutMs(UserImpl.DEFAULT_SESSION_TIMEOUT_MS);
    if (user instanceof UserImpl) {
        // Set a placeholder password that doesn't work for authentication
        ((UserImpl) user).setHashedPassword("User initially synced from " + userDetails.authServiceType());
    } else {
        LOG.warn("Received unexpected User implementation, not setting hashed password");
    }
    return user;
}

Example 3 with UserImpl

use of org.graylog2.users.UserImpl in project graylog2-server by Graylog2.

the class EventDefinitionFacadeTest method createNativeEntity.

@Test
public void createNativeEntity() {
    final EntityV1 entityV1 = createTestEntity();
    final NotificationDto notificationDto = NotificationDto.builder().config(HTTPEventNotificationConfig.builder().url("https://hulud.net").build()).title("Notify me Senpai").description("A notification for senpai").id("dead-beef").build();
    final EntityDescriptor entityDescriptor = EntityDescriptor.create("123123", ModelTypes.NOTIFICATION_V1);
    final ImmutableMap<EntityDescriptor, Object> nativeEntities = ImmutableMap.of(entityDescriptor, notificationDto);
    final JobDefinitionDto jobDefinitionDto = mock(JobDefinitionDto.class);
    final JobTriggerDto jobTriggerDto = mock(JobTriggerDto.class);
    when(jobDefinitionDto.id()).thenReturn("job-123123");
    when(jobSchedulerClock.nowUTC()).thenReturn(DateTime.now(DateTimeZone.UTC));
    when(jobDefinitionService.save(any(JobDefinitionDto.class))).thenReturn(jobDefinitionDto);
    when(jobTriggerService.create(any(JobTriggerDto.class))).thenReturn(jobTriggerDto);
    final UserImpl kmerzUser = new UserImpl(mock(PasswordAlgorithmFactory.class), new Permissions(ImmutableSet.of()), ImmutableMap.of("username", "kmerz"));
    when(userService.load("kmerz")).thenReturn(kmerzUser);
    final NativeEntity<EventDefinitionDto> nativeEntity = facade.createNativeEntity(entityV1, ImmutableMap.of(), nativeEntities, "kmerz");
    assertThat(nativeEntity).isNotNull();
    final EventDefinitionDto eventDefinitionDto = nativeEntity.entity();
    assertThat(eventDefinitionDto.title()).isEqualTo("title");
    assertThat(eventDefinitionDto.description()).isEqualTo("description");
    assertThat(eventDefinitionDto.config().type()).isEqualTo("aggregation-v1");
    // verify that ownership was registered for this entity
    verify(entityOwnershipService, times(1)).registerNewEventDefinition(nativeEntity.entity().id(), kmerzUser);
}

Example 4 with UserImpl

use of org.graylog2.users.UserImpl in project graylog2-server by Graylog2.

the class ViewFacadeTest method itShouldCreateADTOFromAnEntity.

@Test
@MongoDBFixtures("ViewFacadeTest.json")
public void itShouldCreateADTOFromAnEntity() throws Exception {
    final StreamImpl stream = new StreamImpl(Collections.emptyMap());
    final Entity viewEntity = createViewEntity();
    final Map<EntityDescriptor, Object> nativeEntities = new HashMap<>(1);
    nativeEntities.put(EntityDescriptor.create(newStreamId, ModelTypes.STREAM_V1), stream);
    final UserImpl fakeUser = new UserImpl(mock(PasswordAlgorithmFactory.class), new Permissions(ImmutableSet.of()), ImmutableMap.of("username", "testuser"));
    when(userService.load("testuser")).thenReturn(fakeUser);
    final NativeEntity<ViewDTO> nativeEntity = facade.createNativeEntity(viewEntity, Collections.emptyMap(), nativeEntities, "testuser");
    assertThat(nativeEntity.descriptor().title()).isEqualTo("title");
    assertThat(nativeEntity.descriptor().type()).isEqualTo(ModelTypes.SEARCH_V1);
    Optional<ViewDTO> resultedView = viewService.get(nativeEntity.descriptor().id().id());
    assertThat(resultedView).isPresent();
    Optional<Search> search = searchDbService.get(resultedView.get().searchId());
    assertThat(search).isPresent();
    final Query query = search.get().queries().iterator().next();
    assertThat(query.filter()).isNotNull();
    assertThat(query.filter().filters()).isNotEmpty();
    final StreamFilter streamFilter = (StreamFilter) query.filter().filters().iterator().next();
    assertThat(streamFilter.streamId()).doesNotMatch(newStreamId);
}

Example 5 with UserImpl

use of org.graylog2.users.UserImpl in project graylog2-server by Graylog2.

the class MigrationHelpersTest method newUser.

private User newUser(Permissions permissions) {
    final BCryptPasswordAlgorithm passwordAlgorithm = new BCryptPasswordAlgorithm(10);
    final PasswordAlgorithmFactory passwordAlgorithmFactory = new PasswordAlgorithmFactory(Collections.emptyMap(), passwordAlgorithm);
    return new UserImpl(passwordAlgorithmFactory, permissions, ImmutableMap.of());
}