Examples with UserSegment org.neo4j.internal.kernel.api.security.UserSegment used on opensource projects

Search in sources :

Example 1 with UserSegment

use of org.neo4j.internal.kernel.api.security.UserSegment in project neo4j by neo4j.

the class BuiltInDbmsProcedures method killQueryTransaction.

private QueryTerminationResult killQueryTransaction(QueryId queryId, KernelTransactionHandle handle, NamedDatabaseId databaseId) {
    Optional<ExecutingQuery> query = handle.executingQuery();
    ExecutingQuery executingQuery = query.orElseThrow(() -> new IllegalStateException("Query should exist since we filtered based on query ids"));
    String username = executingQuery.username();
    var action = new AdminActionOnResource(TERMINATE_TRANSACTION, new DatabaseScope(databaseId.name()), new UserSegment(username));
    if (isSelfOrAllows(username, action)) {
        if (handle.isClosing()) {
            return new QueryFailedTerminationResult(queryId, username, "Unable to kill queries when underlying transaction is closing.");
        }
        handle.markForTermination(Status.Transaction.Terminated);
        return new QueryTerminationResult(queryId, username, "Query found");
    } else {
        throw kernelTransaction.securityAuthorizationHandler().logAndGetAuthorizationException(securityContext, format("Not allowed to terminate %s run by user %s.", queryId, username));
    }
}
Also used : ExecutingQuery(org.neo4j.kernel.api.query.ExecutingQuery) AdminActionOnResource(org.neo4j.internal.kernel.api.security.AdminActionOnResource) DatabaseScope(org.neo4j.internal.kernel.api.security.AdminActionOnResource.DatabaseScope) UserSegment(org.neo4j.internal.kernel.api.security.UserSegment)

Example 2 with UserSegment

use of org.neo4j.internal.kernel.api.security.UserSegment in project neo4j by neo4j.

the class BuiltInDbmsProcedures method listTransactions.

@SystemProcedure
@Description("List all transactions currently executing at this instance that are visible to the user.")
@Procedure(name = "dbms.listTransactions", mode = DBMS)
public Stream<TransactionStatusResult> listTransactions() throws InvalidArgumentsException {
    ZoneId zoneId = getConfiguredTimeZone();
    List<TransactionStatusResult> result = new ArrayList<>();
    for (DatabaseContext databaseContext : getDatabaseManager().registeredDatabases().values()) {
        if (databaseContext.database().isStarted()) {
            DatabaseScope dbScope = new DatabaseScope(databaseContext.database().getNamedDatabaseId().name());
            Map<KernelTransactionHandle, Optional<QuerySnapshot>> handleQuerySnapshotsMap = new HashMap<>();
            for (KernelTransactionHandle tx : getExecutingTransactions(databaseContext)) {
                String username = tx.subject().username();
                var action = new AdminActionOnResource(SHOW_TRANSACTION, dbScope, new UserSegment(username));
                if (isSelfOrAllows(username, action)) {
                    handleQuerySnapshotsMap.put(tx, tx.executingQuery().map(ExecutingQuery::snapshot));
                }
            }
            TransactionDependenciesResolver transactionBlockerResolvers = new TransactionDependenciesResolver(handleQuerySnapshotsMap);
            for (KernelTransactionHandle tx : handleQuerySnapshotsMap.keySet()) {
                result.add(new TransactionStatusResult(databaseContext.databaseFacade().databaseName(), tx, transactionBlockerResolvers, handleQuerySnapshotsMap, zoneId));
            }
        }
    }
    return result.stream();
}
Also used : AdminActionOnResource(org.neo4j.internal.kernel.api.security.AdminActionOnResource) ZoneId(java.time.ZoneId) DatabaseScope(org.neo4j.internal.kernel.api.security.AdminActionOnResource.DatabaseScope) Optional(java.util.Optional) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) KernelTransactionHandle(org.neo4j.kernel.api.KernelTransactionHandle) DatabaseContext(org.neo4j.dbms.database.DatabaseContext) UserSegment(org.neo4j.internal.kernel.api.security.UserSegment) Description(org.neo4j.procedure.Description) SystemProcedure(org.neo4j.kernel.api.procedure.SystemProcedure) SystemProcedure(org.neo4j.kernel.api.procedure.SystemProcedure) Procedure(org.neo4j.procedure.Procedure)

Example 3 with UserSegment

use of org.neo4j.internal.kernel.api.security.UserSegment in project neo4j by neo4j.

the class BuiltInDbmsProcedures method listQueries.

@SystemProcedure
@Description("List all queries currently executing at this instance that are visible to the user.")
@Procedure(name = "dbms.listQueries", mode = DBMS)
public Stream<QueryStatusResult> listQueries() throws InvalidArgumentsException {
    ZoneId zoneId = getConfiguredTimeZone();
    List<QueryStatusResult> result = new ArrayList<>();
    for (FabricTransaction tx : getFabricTransactions()) {
        for (ExecutingQuery query : getActiveFabricQueries(tx)) {
            String username = query.username();
            var action = new AdminActionOnResource(SHOW_TRANSACTION, ALL, new UserSegment(username));
            if (isSelfOrAllows(username, action)) {
                result.add(new QueryStatusResult(query, (InternalTransaction) transaction, zoneId, "none"));
            }
        }
    }
    for (DatabaseContext databaseContext : getDatabaseManager().registeredDatabases().values()) {
        if (databaseContext.database().isStarted()) {
            DatabaseScope dbScope = new DatabaseScope(databaseContext.database().getNamedDatabaseId().name());
            for (KernelTransactionHandle tx : getExecutingTransactions(databaseContext)) {
                if (tx.executingQuery().isPresent()) {
                    ExecutingQuery query = tx.executingQuery().get();
                    // Include both the executing query and any previous queries (parent queries of nested query) in the result.
                    while (query != null) {
                        String username = query.username();
                        var action = new AdminActionOnResource(SHOW_TRANSACTION, dbScope, new UserSegment(username));
                        if (isSelfOrAllows(username, action)) {
                            result.add(new QueryStatusResult(query, (InternalTransaction) transaction, zoneId, databaseContext.databaseFacade().databaseName()));
                        }
                        query = query.getPreviousQuery();
                    }
                }
            }
        }
    }
    return result.stream();
}
Also used : AdminActionOnResource(org.neo4j.internal.kernel.api.security.AdminActionOnResource) ZoneId(java.time.ZoneId) DatabaseScope(org.neo4j.internal.kernel.api.security.AdminActionOnResource.DatabaseScope) ArrayList(java.util.ArrayList) FabricTransaction(org.neo4j.fabric.transaction.FabricTransaction) InternalTransaction(org.neo4j.kernel.impl.coreapi.InternalTransaction) KernelTransactionHandle(org.neo4j.kernel.api.KernelTransactionHandle) DatabaseContext(org.neo4j.dbms.database.DatabaseContext) ExecutingQuery(org.neo4j.kernel.api.query.ExecutingQuery) UserSegment(org.neo4j.internal.kernel.api.security.UserSegment) Description(org.neo4j.procedure.Description) SystemProcedure(org.neo4j.kernel.api.procedure.SystemProcedure) SystemProcedure(org.neo4j.kernel.api.procedure.SystemProcedure) Procedure(org.neo4j.procedure.Procedure)

Example 4 with UserSegment

use of org.neo4j.internal.kernel.api.security.UserSegment in project neo4j by neo4j.

the class BuiltInDbmsProcedures method killTransactions.

@SystemProcedure
@Description("Kill transactions with provided ids.")
@Procedure(name = "dbms.killTransactions", mode = DBMS)
public Stream<TransactionMarkForTerminationResult> killTransactions(@Name("ids") List<String> transactionIds) throws InvalidArgumentsException {
    requireNonNull(transactionIds);
    log.warn("User %s trying to kill transactions: %s.", securityContext.subject().username(), transactionIds.toString());
    DatabaseManager<DatabaseContext> databaseManager = getDatabaseManager();
    DatabaseIdRepository databaseIdRepository = databaseManager.databaseIdRepository();
    Map<NamedDatabaseId, Set<TransactionId>> byDatabase = new HashMap<>();
    for (String idText : transactionIds) {
        TransactionId id = TransactionId.parse(idText);
        Optional<NamedDatabaseId> namedDatabaseId = databaseIdRepository.getByName(id.database());
        namedDatabaseId.ifPresent(databaseId -> byDatabase.computeIfAbsent(databaseId, ignore -> new HashSet<>()).add(id));
    }
    Map<String, KernelTransactionHandle> handles = new HashMap<>(transactionIds.size());
    for (Map.Entry<NamedDatabaseId, Set<TransactionId>> entry : byDatabase.entrySet()) {
        NamedDatabaseId databaseId = entry.getKey();
        var dbScope = new DatabaseScope(databaseId.name());
        Optional<DatabaseContext> maybeDatabaseContext = databaseManager.getDatabaseContext(databaseId);
        if (maybeDatabaseContext.isPresent()) {
            Set<TransactionId> txIds = entry.getValue();
            DatabaseContext databaseContext = maybeDatabaseContext.get();
            for (KernelTransactionHandle tx : getExecutingTransactions(databaseContext)) {
                String username = tx.subject().username();
                var action = new AdminActionOnResource(TERMINATE_TRANSACTION, dbScope, new UserSegment(username));
                if (!isSelfOrAllows(username, action)) {
                    continue;
                }
                TransactionId txIdRepresentation = new TransactionId(databaseId.name(), tx.getUserTransactionId());
                if (txIds.contains(txIdRepresentation)) {
                    handles.put(txIdRepresentation.toString(), tx);
                }
            }
        }
    }
    return transactionIds.stream().map(id -> terminateTransaction(handles, id));
}
Also used : AdminActionOnResource(org.neo4j.internal.kernel.api.security.AdminActionOnResource) Set(java.util.Set) HashSet(java.util.HashSet) DatabaseScope(org.neo4j.internal.kernel.api.security.AdminActionOnResource.DatabaseScope) HashMap(java.util.HashMap) DatabaseIdRepository(org.neo4j.kernel.database.DatabaseIdRepository) KernelTransactionHandle(org.neo4j.kernel.api.KernelTransactionHandle) DatabaseContext(org.neo4j.dbms.database.DatabaseContext) UserSegment(org.neo4j.internal.kernel.api.security.UserSegment) NamedDatabaseId(org.neo4j.kernel.database.NamedDatabaseId) Map(java.util.Map) HashMap(java.util.HashMap) Description(org.neo4j.procedure.Description) SystemProcedure(org.neo4j.kernel.api.procedure.SystemProcedure) SystemProcedure(org.neo4j.kernel.api.procedure.SystemProcedure) Procedure(org.neo4j.procedure.Procedure)

Example 5 with UserSegment

use of org.neo4j.internal.kernel.api.security.UserSegment in project neo4j by neo4j.

the class BuiltInDbmsProcedures method killFabricQueryTransaction.

private QueryTerminationResult killFabricQueryTransaction(QueryId queryId, FabricTransaction tx, ExecutingQuery query) {
    String username = query.username();
    var action = new AdminActionOnResource(TERMINATE_TRANSACTION, ALL, new UserSegment(username));
    if (isSelfOrAllows(username, action)) {
        tx.markForTermination(Status.Transaction.Terminated);
        return new QueryTerminationResult(queryId, username, "Query found");
    } else {
        throw kernelTransaction.securityAuthorizationHandler().logAndGetAuthorizationException(securityContext, format("Not allowed to terminate %s run by user %s.", queryId, username));
    }
}
Also used : AdminActionOnResource(org.neo4j.internal.kernel.api.security.AdminActionOnResource) UserSegment(org.neo4j.internal.kernel.api.security.UserSegment)

Aggregations

AdminActionOnResource (org.neo4j.internal.kernel.api.security.AdminActionOnResource)5 UserSegment (org.neo4j.internal.kernel.api.security.UserSegment)5 DatabaseScope (org.neo4j.internal.kernel.api.security.AdminActionOnResource.DatabaseScope)4 DatabaseContext (org.neo4j.dbms.database.DatabaseContext)3 KernelTransactionHandle (org.neo4j.kernel.api.KernelTransactionHandle)3 SystemProcedure (org.neo4j.kernel.api.procedure.SystemProcedure)3 Description (org.neo4j.procedure.Description)3 Procedure (org.neo4j.procedure.Procedure)3 ZoneId (java.time.ZoneId)2 ArrayList (java.util.ArrayList)2 HashMap (java.util.HashMap)2 ExecutingQuery (org.neo4j.kernel.api.query.ExecutingQuery)2 HashSet (java.util.HashSet)1 Map (java.util.Map)1 Optional (java.util.Optional)1 Set (java.util.Set)1 FabricTransaction (org.neo4j.fabric.transaction.FabricTransaction)1 DatabaseIdRepository (org.neo4j.kernel.database.DatabaseIdRepository)1 NamedDatabaseId (org.neo4j.kernel.database.NamedDatabaseId)1 InternalTransaction (org.neo4j.kernel.impl.coreapi.InternalTransaction)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial