Search in sources :

Example 11 with GraphDatabaseFacade

use of org.neo4j.kernel.impl.factory.GraphDatabaseFacade in project neo4j by neo4j.

the class ConfiguredAuthScenariosInteractionTestBase method shouldWarnWhenUsingNativeAndOtherProvider.

@Test
public void shouldWarnWhenUsingNativeAndOtherProvider() throws Throwable {
    configuredSetup(stringMap(SecuritySettings.auth_providers.name(), "native ,LDAP"));
    assertSuccess(adminSubject, "CALL dbms.security.listUsers", r -> assertKeyIsMap(r, "username", "roles", userList));
    GraphDatabaseFacade localGraph = neo.getLocalGraph();
    InternalTransaction transaction = localGraph.beginTransaction(KernelTransaction.Type.explicit, StandardEnterpriseSecurityContext.AUTH_DISABLED);
    Result result = localGraph.execute(transaction, "EXPLAIN CALL dbms.security.listUsers", Collections.emptyMap());
    String description = String.format("%s (%s)", Status.Procedure.ProcedureWarning.code().description(), "dbms.security.listUsers only applies to native users.");
    assertThat(containsNotification(result, description), equalTo(true));
    transaction.success();
    transaction.close();
}
Also used : GraphDatabaseFacade(org.neo4j.kernel.impl.factory.GraphDatabaseFacade) InternalTransaction(org.neo4j.kernel.impl.coreapi.InternalTransaction) Result(org.neo4j.graphdb.Result) Test(org.junit.Test)

Example 12 with GraphDatabaseFacade

use of org.neo4j.kernel.impl.factory.GraphDatabaseFacade in project neo4j by neo4j.

the class ConfiguredAuthScenariosInteractionTestBase method shouldNotWarnWhenOnlyUsingNativeProvider.

@Test
public void shouldNotWarnWhenOnlyUsingNativeProvider() throws Throwable {
    configuredSetup(stringMap(SecuritySettings.auth_provider.name(), "native"));
    assertSuccess(adminSubject, "CALL dbms.security.listUsers", r -> assertKeyIsMap(r, "username", "roles", userList));
    GraphDatabaseFacade localGraph = neo.getLocalGraph();
    InternalTransaction transaction = localGraph.beginTransaction(KernelTransaction.Type.explicit, StandardEnterpriseSecurityContext.AUTH_DISABLED);
    Result result = localGraph.execute(transaction, "EXPLAIN CALL dbms.security.listUsers", Collections.emptyMap());
    String description = String.format("%s (%s)", Status.Procedure.ProcedureWarning.code().description(), "dbms.security.listUsers only applies to native users.");
    assertThat(containsNotification(result, description), equalTo(false));
    transaction.success();
    transaction.close();
}
Also used : GraphDatabaseFacade(org.neo4j.kernel.impl.factory.GraphDatabaseFacade) InternalTransaction(org.neo4j.kernel.impl.coreapi.InternalTransaction) Result(org.neo4j.graphdb.Result) Test(org.junit.Test)

Example 13 with GraphDatabaseFacade

use of org.neo4j.kernel.impl.factory.GraphDatabaseFacade in project neo4j by neo4j.

the class EmbeddedBuiltInProceduresInteractionTest method shouldNotKillQueryIfNotAuthenticated.

@Test
public void shouldNotKillQueryIfNotAuthenticated() throws Throwable {
    EnterpriseSecurityContext authy = createFakeAnonymousEnterpriseSecurityContext();
    GraphDatabaseFacade graph = neo.getLocalGraph();
    DoubleLatch latch = new DoubleLatch(2);
    ThreadedTransaction<EnterpriseSecurityContext> read = new ThreadedTransaction<>(neo, latch);
    String query = read.execute(threading, authy, "UNWIND [1,2,3] AS x RETURN x");
    latch.startAndWaitForAllToStart();
    String id = extractQueryId(query);
    try (InternalTransaction tx = graph.beginTransaction(KernelTransaction.Type.explicit, AnonymousContext.none())) {
        graph.execute(tx, "CALL dbms.killQuery('" + id + "')", Collections.emptyMap());
        throw new AssertionError("Expected exception to be thrown");
    } catch (QueryExecutionException e) {
        assertThat(e.getMessage(), containsString(PERMISSION_DENIED));
    }
    latch.finishAndWaitForAllToFinish();
    read.closeAndAssertSuccess();
}
Also used : EnterpriseSecurityContext(org.neo4j.kernel.enterprise.api.security.EnterpriseSecurityContext) QueryExecutionException(org.neo4j.graphdb.QueryExecutionException) DoubleLatch(org.neo4j.test.DoubleLatch) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) GraphDatabaseFacade(org.neo4j.kernel.impl.factory.GraphDatabaseFacade) InternalTransaction(org.neo4j.kernel.impl.coreapi.InternalTransaction) Test(org.junit.Test)

Example 14 with GraphDatabaseFacade

use of org.neo4j.kernel.impl.factory.GraphDatabaseFacade in project neo4j by neo4j.

the class ShortestPath method resolveMonitor.

private void resolveMonitor(Node node) {
    if (dataMonitor == null) {
        GraphDatabaseService service = node.getGraphDatabase();
        if (service instanceof GraphDatabaseFacade) {
            Monitors monitors = ((GraphDatabaseFacade) service).getDependencyResolver().resolveDependency(Monitors.class);
            dataMonitor = monitors.newMonitor(DataMonitor.class);
        }
    }
}
Also used : GraphDatabaseService(org.neo4j.graphdb.GraphDatabaseService) Monitors(org.neo4j.kernel.monitoring.Monitors) GraphDatabaseFacade(org.neo4j.kernel.impl.factory.GraphDatabaseFacade)

Example 15 with GraphDatabaseFacade

use of org.neo4j.kernel.impl.factory.GraphDatabaseFacade in project neo4j by neo4j.

the class LdapAuthIT method shouldBeAbleToLoginNativelyAndAuthorizeWithLdap.

@Test
public void shouldBeAbleToLoginNativelyAndAuthorizeWithLdap() throws Throwable {
    // Given
    restartNeo4jServerWithOverriddenSettings(settings -> {
        settings.put(SecuritySettings.auth_providers, SecuritySettings.NATIVE_REALM_NAME + "," + SecuritySettings.LDAP_REALM_NAME);
        settings.put(SecuritySettings.native_authentication_enabled, "true");
        settings.put(SecuritySettings.native_authorization_enabled, "false");
        settings.put(SecuritySettings.ldap_authentication_enabled, "false");
        settings.put(SecuritySettings.ldap_authorization_enabled, "true");
    });
    // When
    String ldapReaderUser = "neo";
    String nativePassword = "nativePassword";
    // this is ugly, but cannot be resolved until embedded gets security
    GraphDatabaseFacade gds = (GraphDatabaseFacade) server.graphDatabaseService();
    EnterpriseAuthAndUserManager authManager = gds.getDependencyResolver().resolveDependency(EnterpriseAuthAndUserManager.class);
    authManager.getUserManager(EnterpriseSecurityContext.AUTH_DISABLED).newUser(ldapReaderUser, nativePassword, false);
    // Then
    // login user 'neo' with native auth provider and test that LDAP authorization gives correct permission
    testAuthWithReaderUser(ldapReaderUser, nativePassword, null);
}
Also used : EnterpriseAuthAndUserManager(org.neo4j.server.security.enterprise.auth.EnterpriseAuthAndUserManager) GraphDatabaseFacade(org.neo4j.kernel.impl.factory.GraphDatabaseFacade) Test(org.junit.Test)

Aggregations

GraphDatabaseFacade (org.neo4j.kernel.impl.factory.GraphDatabaseFacade)16 Test (org.junit.Test)11 InternalTransaction (org.neo4j.kernel.impl.coreapi.InternalTransaction)6 Config (org.neo4j.kernel.configuration.Config)5 GraphDatabaseFacadeFactory (org.neo4j.kernel.impl.factory.GraphDatabaseFacadeFactory)5 File (java.io.File)4 Result (org.neo4j.graphdb.Result)4 PlatformModule (org.neo4j.kernel.impl.factory.PlatformModule)4 EnterpriseSecurityContext (org.neo4j.kernel.enterprise.api.security.EnterpriseSecurityContext)3 Map (java.util.Map)2 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)2 Matchers.containsString (org.hamcrest.Matchers.containsString)2 Assert.assertTrue (org.junit.Assert.assertTrue)2 Transaction (org.neo4j.graphdb.Transaction)2 FileSystemAbstraction (org.neo4j.io.fs.FileSystemAbstraction)2 SecurityContext (org.neo4j.kernel.api.security.SecurityContext)2 EditionModule (org.neo4j.kernel.impl.factory.EditionModule)2 TestGraphDatabaseFactory (org.neo4j.test.TestGraphDatabaseFactory)2 ArrayList (java.util.ArrayList)1 HashSet (java.util.HashSet)1