Example 1 with UserAuthConfig
use of org.nzbhydra.config.UserAuthConfig in project nzbhydra2 by theotherp.
the class LogAnonymizer method getAnonymizedLog.
/**
* Anonymizes the log by removing sensitive data that was not already filtered out, e.g. the external URL, which should be displayed in the log but not visible to anybody but the user.
*
* @return The current log file with sensitive data removed
* @throws IOException Unable to read log file
*/
public String getAnonymizedLog() throws IOException {
// LATER chunk up so it can handle big files
String log = logContentProvider.getLog();
for (UserAuthConfig userAuthConfig : configProvider.getBaseConfig().getAuth().getUsers()) {
logger.debug("Removing username from log");
log = log.replaceAll("(?i)(user|username)([=:])" + userAuthConfig.getUsername(), "$1$2<USERNAME>");
}
logger.debug("Removing IPs from log");
log = log.replaceAll("\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\b", "<IP>");
log = log.replaceAll("(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))", "<IP>");
logger.debug("Removing URL username/password from log");
log = log.replaceAll("(https?):\\/\\/((.+?)(:(.+?)|)@)", "$1://<USERNAME>:<PASSWORD>@");
logger.debug("Removing base path from log");
log = log.replace(new File("").getAbsolutePath(), "<BASEPATH>");
return log;
}
Also used :
UserAuthConfig(org.nzbhydra.config.UserAuthConfig)
File(java.io.File)
Example 2 with UserAuthConfig
use of org.nzbhydra.config.UserAuthConfig in project nzbhydra2 by theotherp.
the class HydraUserDetailsManager method updateUsers.
private void updateUsers(AuthConfig authConfig) {
users.clear();
for (UserAuthConfig userAuthConfig : authConfig.getUsers()) {
// Add a role either if it's actively assigned to him or if the right isn't restricted at all
List<GrantedAuthority> userRoles = new ArrayList<>();
if (userAuthConfig.isMaySeeAdmin() || !authConfig.isRestrictAdmin()) {
userRoles.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
}
if (userAuthConfig.isMaySeeStats() || !authConfig.isRestrictStats()) {
userRoles.add(new SimpleGrantedAuthority("ROLE_STATS"));
}
if (userAuthConfig.isMaySeeDetailsDl() || !authConfig.isRestrictDetailsDl()) {
userRoles.add(new SimpleGrantedAuthority("ROLE_DETAILS"));
}
if (userAuthConfig.isShowIndexerSelection() || !authConfig.isRestrictIndexerSelection()) {
userRoles.add(new SimpleGrantedAuthority("ROLE_SHOW_INDEXERS"));
}
userRoles.add(new SimpleGrantedAuthority("ROLE_USER"));
User user = new User(userAuthConfig.getUsername(), userAuthConfig.getPassword(), userRoles);
users.put(userAuthConfig.getUsername().toLowerCase(), user);
}
}
Also used :
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
User(org.springframework.security.core.userdetails.User)
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
ArrayList(java.util.ArrayList)
UserAuthConfig(org.nzbhydra.config.UserAuthConfig)
Example 3 with UserAuthConfig
use of org.nzbhydra.config.UserAuthConfig in project nzbhydra2 by theotherp.
the class UserInfosProvider method getUserInfos.
public BootstrappedDataTO getUserInfos(Principal principal) {
BootstrappedDataTO bootstrappedData = new BootstrappedDataTO();
AuthConfig auth = configProvider.getBaseConfig().getAuth();
boolean authConfigured = auth.getAuthType() != AuthType.NONE && !auth.getUsers().isEmpty();
boolean adminRestricted = auth.isRestrictAdmin() && authConfigured;
boolean statsRestricted = auth.isRestrictStats() && authConfigured;
boolean searchRestricted = auth.isRestrictSearch() && authConfigured;
boolean detailsDlRestricted = auth.isRestrictIndexerSelection() && authConfigured;
boolean indexerSelectionRestricted = auth.isRestrictIndexerSelection() && authConfigured;
boolean showIndexerSelection;
String username;
boolean maySeeAdmin;
boolean maySeeStats;
boolean maySeeDetailsDl;
Optional<UserAuthConfig> user = principal == null ? Optional.empty() : auth.getUsers().stream().filter(x -> Objects.equals(x.getUsername(), principal.getName())).findFirst();
if (user.isPresent()) {
maySeeAdmin = user.get().isMaySeeAdmin();
maySeeStats = user.get().isMaySeeStats() || user.get().isMaySeeAdmin();
maySeeDetailsDl = user.get().isMaySeeDetailsDl() || !detailsDlRestricted;
showIndexerSelection = user.get().isShowIndexerSelection() || !indexerSelectionRestricted;
username = user.get().getUsername();
} else if (!authConfigured) {
maySeeAdmin = true;
maySeeStats = true;
maySeeDetailsDl = true;
showIndexerSelection = true;
username = null;
} else {
maySeeAdmin = false;
maySeeStats = false;
maySeeDetailsDl = !detailsDlRestricted;
showIndexerSelection = !indexerSelectionRestricted;
username = null;
}
bootstrappedData.setAuthType(auth.getAuthType().name());
bootstrappedData.setAuthConfigured(authConfigured);
bootstrappedData.setAdminRestricted(adminRestricted);
bootstrappedData.setSearchRestricted(searchRestricted);
bootstrappedData.setStatsRestricted(statsRestricted);
bootstrappedData.setShowIndexerSelection(showIndexerSelection);
bootstrappedData.setMaySeeDetailsDl(maySeeDetailsDl);
bootstrappedData.setMaySeeAdmin(maySeeAdmin);
bootstrappedData.setMaySeeStats(maySeeStats);
bootstrappedData.setMaySeeDetailsDl(maySeeDetailsDl);
bootstrappedData.setMaySeeSearch(!auth.isRestrictSearch() || !authConfigured || user.isPresent());
bootstrappedData.setUsername(username);
return bootstrappedData;
}
Also used :
BootstrappedDataTO(org.nzbhydra.web.BootstrappedDataTO)
UserAuthConfig(org.nzbhydra.config.UserAuthConfig)
UserAuthConfig(org.nzbhydra.config.UserAuthConfig)
AuthConfig(org.nzbhydra.config.AuthConfig)
Example 4 with UserAuthConfig
use of org.nzbhydra.config.UserAuthConfig in project nzbhydra2 by theotherp.
the class LogAnonymizerTest method setUp.
@Before
public void setUp() throws Exception {
MockitoAnnotations.initMocks(this);
BaseConfig baseConfig = new BaseConfig();
when(configProviderMock.getBaseConfig()).thenReturn(baseConfig);
UserAuthConfig user = new UserAuthConfig();
user.setUsername("someusername");
baseConfig.getAuth().getUsers().add(user);
}
Also used :
UserAuthConfig(org.nzbhydra.config.UserAuthConfig)
BaseConfig(org.nzbhydra.config.BaseConfig)
Before(org.junit.Before)
Aggregations
UserAuthConfig (org.nzbhydra.config.UserAuthConfig)4
File (java.io.File)1
ArrayList (java.util.ArrayList)1
Before (org.junit.Before)1
AuthConfig (org.nzbhydra.config.AuthConfig)1
BaseConfig (org.nzbhydra.config.BaseConfig)1
BootstrappedDataTO (org.nzbhydra.web.BootstrappedDataTO)1
GrantedAuthority (org.springframework.security.core.GrantedAuthority)1
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)1
User (org.springframework.security.core.userdetails.User)1
