Example 6 with InvalidArgumentsException
use of org.neo4j.kernel.api.exceptions.InvalidArgumentsException in project neo4j by neo4j.
the class InternalFlatFileRealmTest method shouldAssignAdminRoleAfterBadSetting.
@Test
public void shouldAssignAdminRoleAfterBadSetting() throws Throwable {
UserRepository userRepository = new InMemoryUserRepository();
UserRepository initialUserRepository = new InMemoryUserRepository();
UserRepository adminUserRepository = new InMemoryUserRepository();
RoleRepository roleRepository = new InMemoryRoleRepository();
userRepository.create(newUser("morpheus", "123", false));
userRepository.create(newUser("trinity", "123", false));
InternalFlatFileRealm realm = new InternalFlatFileRealm(userRepository, roleRepository, new BasicPasswordPolicy(), new RateLimitedAuthenticationStrategy(Clocks.systemClock(), 3), new InternalFlatFileRealmIT.TestJobScheduler(), initialUserRepository, adminUserRepository);
try {
realm.initialize();
realm.start();
fail("Multiple users, no default admin provided");
} catch (InvalidArgumentsException e) {
realm.stop();
realm.shutdown();
}
adminUserRepository.create(new User.Builder("trinity", Credential.INACCESSIBLE).build());
realm.initialize();
realm.start();
assertThat(realm.getUsernamesForRole(PredefinedRoles.ADMIN).size(), equalTo(1));
assertThat(realm.getUsernamesForRole(PredefinedRoles.ADMIN), contains("trinity"));
}
Also used :
RateLimitedAuthenticationStrategy(org.neo4j.server.security.auth.RateLimitedAuthenticationStrategy)
UserRepository(org.neo4j.server.security.auth.UserRepository)
InMemoryUserRepository(org.neo4j.server.security.auth.InMemoryUserRepository)
InMemoryUserRepository(org.neo4j.server.security.auth.InMemoryUserRepository)
BasicPasswordPolicy(org.neo4j.server.security.auth.BasicPasswordPolicy)
InvalidArgumentsException(org.neo4j.kernel.api.exceptions.InvalidArgumentsException)
Test(org.junit.Test)
Example 7 with InvalidArgumentsException
use of org.neo4j.kernel.api.exceptions.InvalidArgumentsException in project neo4j by neo4j.
the class UserService method setPassword.
@POST
@Path("/{username}/password")
public Response setPassword(@PathParam("username") String username, @Context HttpServletRequest req, String payload) {
Principal principal = req.getUserPrincipal();
if (principal == null || !principal.getName().equals(username)) {
return output.notFound();
}
final Map<String, Object> deserialized;
try {
deserialized = input.readMap(payload);
} catch (BadInputException e) {
return output.response(BAD_REQUEST, new ExceptionRepresentation(new Neo4jError(Status.Request.InvalidFormat, e.getMessage())));
}
Object o = deserialized.get(PASSWORD);
if (o == null) {
return output.response(UNPROCESSABLE, new ExceptionRepresentation(new Neo4jError(Status.Request.InvalidFormat, String.format("Required parameter '%s' is missing.", PASSWORD))));
}
if (!(o instanceof String)) {
return output.response(UNPROCESSABLE, new ExceptionRepresentation(new Neo4jError(Status.Request.InvalidFormat, String.format("Expected '%s' to be a string.", PASSWORD))));
}
String newPassword = (String) o;
try {
SecurityContext securityContext = getSecurityContextFromUserPrincipal(principal);
if (securityContext == null) {
return output.notFound();
} else {
UserManager userManager = userManagerSupplier.getUserManager(securityContext);
userManager.setUserPassword(username, newPassword, false);
}
} catch (IOException e) {
return output.serverErrorWithoutLegacyStacktrace(e);
} catch (InvalidArgumentsException e) {
return output.response(UNPROCESSABLE, new ExceptionRepresentation(new Neo4jError(e.status(), e.getMessage())));
}
return output.ok();
}
Also used :
Neo4jError(org.neo4j.server.rest.transactional.error.Neo4jError)
ExceptionRepresentation(org.neo4j.server.rest.repr.ExceptionRepresentation)
BadInputException(org.neo4j.server.rest.repr.BadInputException)
UserManager(org.neo4j.kernel.api.security.UserManager)
SecurityContext(org.neo4j.kernel.api.security.SecurityContext)
IOException(java.io.IOException)
InvalidArgumentsException(org.neo4j.kernel.api.exceptions.InvalidArgumentsException)
AuthorizedRequestWrapper.getSecurityContextFromUserPrincipal(org.neo4j.server.rest.dbms.AuthorizedRequestWrapper.getSecurityContextFromUserPrincipal)
Principal(java.security.Principal)
Path(javax.ws.rs.Path)
POST(javax.ws.rs.POST)
Example 8 with InvalidArgumentsException
use of org.neo4j.kernel.api.exceptions.InvalidArgumentsException in project neo4j by neo4j.
the class AbstractUserRepository method create.
@Override
public void create(User user) throws InvalidArgumentsException, IOException {
assertValidUsername(user.name());
synchronized (this) {
// Check for existing user
for (User other : users) {
if (other.name().equals(user.name())) {
throw new InvalidArgumentsException("The specified user '" + user.name() + "' already exists.");
}
}
users.add(user);
usersByName.put(user.name(), user);
persistUsers();
}
}
Also used :
User(org.neo4j.kernel.impl.security.User)
InvalidArgumentsException(org.neo4j.kernel.api.exceptions.InvalidArgumentsException)
Aggregations
InvalidArgumentsException (org.neo4j.kernel.api.exceptions.InvalidArgumentsException)8
User (org.neo4j.kernel.impl.security.User)5
IOException (java.io.IOException)3
SecurityContext (org.neo4j.kernel.api.security.SecurityContext)3
Principal (java.security.Principal)2
Path (javax.ws.rs.Path)2
AuthorizationViolationException (org.neo4j.graphdb.security.AuthorizationViolationException)2
UserManager (org.neo4j.kernel.api.security.UserManager)2
AuthorizedRequestWrapper.getSecurityContextFromUserPrincipal (org.neo4j.server.rest.dbms.AuthorizedRequestWrapper.getSecurityContextFromUserPrincipal)2
ConcurrentModificationException (org.neo4j.server.security.auth.exception.ConcurrentModificationException)2
GET (javax.ws.rs.GET)1
POST (javax.ws.rs.POST)1
Test (org.junit.Test)1
InvalidAuthTokenException (org.neo4j.kernel.api.security.exception.InvalidAuthTokenException)1
AuthorizationRepresentation (org.neo4j.server.rest.repr.AuthorizationRepresentation)1
BadInputException (org.neo4j.server.rest.repr.BadInputException)1
ExceptionRepresentation (org.neo4j.server.rest.repr.ExceptionRepresentation)1
Neo4jError (org.neo4j.server.rest.transactional.error.Neo4jError)1
BasicPasswordPolicy (org.neo4j.server.security.auth.BasicPasswordPolicy)1
InMemoryUserRepository (org.neo4j.server.security.auth.InMemoryUserRepository)1
