Example 76 with User
use of org.opencastproject.security.api.User in project opencast by opencast.
the class RemoteUserAndOrganizationFilterTest method setUp.
/**
* @throws java.lang.Exception
*/
@Before
public void setUp() throws Exception {
defaultUser = new JaxbUser("admin", "test", new DefaultOrganization(), new JaxbRole(SecurityConstants.GLOBAL_ADMIN_ROLE, new DefaultOrganization()));
switchingUser = new JaxbUser("switch", "test", new DefaultOrganization(), new JaxbRole("ROLE_USER", new DefaultOrganization()));
userResponder = new Responder<User>(defaultUser);
chain = EasyMock.createNiceMock(FilterChain.class);
EasyMock.replay(chain);
UserDirectoryService userDirectoryService = EasyMock.createNiceMock(UserDirectoryService.class);
switchingUserResponder = new Responder<User>(switchingUser);
EasyMock.expect(userDirectoryService.loadUser(EasyMock.anyObject(String.class))).andAnswer(switchingUserResponder).anyTimes();
EasyMock.replay(userDirectoryService);
OrganizationDirectoryService organizationDirectoryService = EasyMock.createNiceMock(OrganizationDirectoryService.class);
EasyMock.expect(organizationDirectoryService.getOrganization(EasyMock.anyObject(String.class))).andReturn(new DefaultOrganization()).anyTimes();
EasyMock.replay(organizationDirectoryService);
filter = new RemoteUserAndOrganizationFilter();
filter.setOrganizationDirectoryService(organizationDirectoryService);
filter.setUserDirectoryService(userDirectoryService);
}
Also used :
JaxbRole(org.opencastproject.security.api.JaxbRole)
User(org.opencastproject.security.api.User)
JaxbUser(org.opencastproject.security.api.JaxbUser)
FilterChain(javax.servlet.FilterChain)
JaxbUser(org.opencastproject.security.api.JaxbUser)
DefaultOrganization(org.opencastproject.security.api.DefaultOrganization)
UserDirectoryService(org.opencastproject.security.api.UserDirectoryService)
OrganizationDirectoryService(org.opencastproject.security.api.OrganizationDirectoryService)
Before(org.junit.Before)
Example 77 with User
use of org.opencastproject.security.api.User in project opencast by opencast.
the class RemoteUserAndOrganizationFilterTest method testRolesSwitchingForbiddenAdmin.
@Test
public void testRolesSwitchingForbiddenAdmin() throws IOException {
SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
filter.setSecurityService(securityService);
EasyMock.expect(securityService.getOrganization()).andReturn(new DefaultOrganization()).anyTimes();
EasyMock.expect(securityService.getUser()).andAnswer(userResponder).anyTimes();
EasyMock.replay(securityService);
User defaultUser = new JaxbUser("admin", "test", new DefaultOrganization(), new JaxbRole(SecurityConstants.GLOBAL_SUDO_ROLE, new DefaultOrganization()));
userResponder.setResponse(defaultUser);
HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
EasyMock.expect(request.getHeader(SecurityConstants.ROLES_HEADER)).andReturn("ROLE_TEST,ROLE_ADMIN").anyTimes();
EasyMock.replay(request);
HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
response.sendError(EasyMock.anyInt());
EasyMock.expectLastCall().times(1);
EasyMock.replay(response);
try {
filter.doFilter(request, response, chain);
} catch (Exception e) {
Assert.fail(e.getMessage());
}
EasyMock.verify(response);
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
User(org.opencastproject.security.api.User)
JaxbUser(org.opencastproject.security.api.JaxbUser)
JaxbRole(org.opencastproject.security.api.JaxbRole)
SecurityService(org.opencastproject.security.api.SecurityService)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
JaxbUser(org.opencastproject.security.api.JaxbUser)
IOException(java.io.IOException)
DefaultOrganization(org.opencastproject.security.api.DefaultOrganization)
Test(org.junit.Test)
Example 78 with User
use of org.opencastproject.security.api.User in project opencast by opencast.
the class TrustedHttpClientImpl method execute.
@Override
public HttpResponse execute(HttpUriRequest httpUriRequest, int connectionTimeout, int socketTimeout) throws TrustedHttpClientException {
final HttpClient httpClient = makeHttpClient(connectionTimeout, socketTimeout);
// Add the request header to elicit a digest auth response
httpUriRequest.setHeader(REQUESTED_AUTH_HEADER, DIGEST_AUTH);
httpUriRequest.setHeader(SecurityConstants.AUTHORIZATION_HEADER, "true");
if (serviceRegistry != null && serviceRegistry.getCurrentJob() != null) {
httpUriRequest.setHeader(CURRENT_JOB_HEADER, Long.toString(serviceRegistry.getCurrentJob().getId()));
}
// If a security service has been set, use it to pass the current security context on
logger.debug("Adding security context to request");
final Organization organization = securityService.getOrganization();
if (organization != null) {
httpUriRequest.setHeader(SecurityConstants.ORGANIZATION_HEADER, organization.getId());
final User currentUser = securityService.getUser();
if (currentUser != null) {
httpUriRequest.setHeader(SecurityConstants.USER_HEADER, currentUser.getUsername());
}
}
if ("GET".equalsIgnoreCase(httpUriRequest.getMethod()) || "HEAD".equalsIgnoreCase(httpUriRequest.getMethod())) {
// Set the user/pass
final UsernamePasswordCredentials creds = new UsernamePasswordCredentials(user, pass);
httpClient.getCredentialsProvider().setCredentials(AuthScope.ANY, creds);
// Run the request (the http client handles the multiple back-and-forth requests)
try {
Opt<HttpUriRequest> optSignedHttpUriRequest = getSignedUrl(httpUriRequest);
HttpResponse response;
if (optSignedHttpUriRequest.isSome()) {
logger.debug("Adding url signing to request {} so that it is {}", httpUriRequest.getURI().toString(), optSignedHttpUriRequest.get().getURI().toString());
response = new HttpResponseWrapper(httpClient.execute(optSignedHttpUriRequest.get()));
} else {
logger.debug("Not adding url signing to request {}", httpUriRequest.getURI().toString());
response = new HttpResponseWrapper(httpClient.execute(httpUriRequest));
}
responseMap.put(response, httpClient);
return response;
} catch (IOException e) {
// close the http connection(s)
httpClient.getConnectionManager().shutdown();
throw new TrustedHttpClientException(e);
}
} else {
// HttpClient doesn't handle the request dynamics for other verbs (especially when sending a streamed multipart
// request), so we need to handle the details of the digest auth back-and-forth manually
manuallyHandleDigestAuthentication(httpUriRequest, httpClient);
HttpResponse response = null;
try {
response = new HttpResponseWrapper(httpClient.execute(httpUriRequest));
if (nonceTimeoutRetries > 0 && hadNonceTimeoutResponse(response)) {
httpClient.getConnectionManager().shutdown();
response = retryAuthAndRequestAfterNonceTimeout(httpUriRequest, response);
}
responseMap.put(response, httpClient);
return response;
} catch (Exception e) {
// if we have a response, remove it from the map
if (response != null) {
responseMap.remove(response);
}
// close the http connection(s)
httpClient.getConnectionManager().shutdown();
throw new TrustedHttpClientException(e);
}
}
}
Also used :
HttpUriRequest(org.apache.http.client.methods.HttpUriRequest)
HttpResponseWrapper(org.opencastproject.security.util.HttpResponseWrapper)
Organization(org.opencastproject.security.api.Organization)
User(org.opencastproject.security.api.User)
TrustedHttpClient(org.opencastproject.security.api.TrustedHttpClient)
HttpClient(org.opencastproject.kernel.http.api.HttpClient)
HttpResponse(org.apache.http.HttpResponse)
IOException(java.io.IOException)
TrustedHttpClientException(org.opencastproject.security.api.TrustedHttpClientException)
ClientProtocolException(org.apache.http.client.ClientProtocolException)
UrlSigningException(org.opencastproject.security.urlsigning.exception.UrlSigningException)
IOException(java.io.IOException)
TrustedHttpClientException(org.opencastproject.security.api.TrustedHttpClientException)
UsernamePasswordCredentials(org.apache.http.auth.UsernamePasswordCredentials)
Example 79 with User
use of org.opencastproject.security.api.User in project opencast by opencast.
the class OrganizationPersistenceTest method setUp.
/**
* @throws java.lang.Exception
*/
@Before
public void setUp() throws Exception {
securityService = EasyMock.createNiceMock(SecurityService.class);
User user = new JaxbUser("admin", "test", new DefaultOrganization(), new JaxbRole(SecurityConstants.GLOBAL_ADMIN_ROLE, new DefaultOrganization()));
EasyMock.expect(securityService.getOrganization()).andReturn(new DefaultOrganization()).anyTimes();
EasyMock.expect(securityService.getUser()).andReturn(user).anyTimes();
EasyMock.replay(securityService);
organizationDatabase = new OrganizationDatabaseImpl();
organizationDatabase.setEntityManagerFactory(newTestEntityManagerFactory(PERSISTENCE_UNIT));
organizationDatabase.setSecurityService(securityService);
organizationDatabase.activate(null);
}
Also used :
User(org.opencastproject.security.api.User)
JaxbUser(org.opencastproject.security.api.JaxbUser)
JaxbRole(org.opencastproject.security.api.JaxbRole)
SecurityService(org.opencastproject.security.api.SecurityService)
JaxbUser(org.opencastproject.security.api.JaxbUser)
DefaultOrganization(org.opencastproject.security.api.DefaultOrganization)
Before(org.junit.Before)
Example 80 with User
use of org.opencastproject.security.api.User in project opencast by opencast.
the class MessageTemplateDto method toMessageTemplate.
/**
* Returns the business object of the message template
*
* @return the business object model of this message template
*/
public MessageTemplate toMessageTemplate(UserDirectoryService userDirectoryService) {
User user = userDirectoryService.loadUser(creator);
MessageTemplate msgTmpl = new MessageTemplate(name, user, subject, body, type.getType(), creationDate);
msgTmpl.setHidden(hidden);
msgTmpl.setId(id);
return msgTmpl;
}
Also used :
MessageTemplate(org.opencastproject.messages.MessageTemplate)
User(org.opencastproject.security.api.User)
Aggregations
User (org.opencastproject.security.api.User)156
Organization (org.opencastproject.security.api.Organization)61
JaxbUser (org.opencastproject.security.api.JaxbUser)60
JaxbRole (org.opencastproject.security.api.JaxbRole)49
DefaultOrganization (org.opencastproject.security.api.DefaultOrganization)44
SecurityService (org.opencastproject.security.api.SecurityService)43
NotFoundException (org.opencastproject.util.NotFoundException)32
Before (org.junit.Before)31
Test (org.junit.Test)27
ArrayList (java.util.ArrayList)26
UnauthorizedException (org.opencastproject.security.api.UnauthorizedException)24
JaxbOrganization (org.opencastproject.security.api.JaxbOrganization)23
AccessControlList (org.opencastproject.security.api.AccessControlList)21
Role (org.opencastproject.security.api.Role)21
UserDirectoryService (org.opencastproject.security.api.UserDirectoryService)21
HashSet (java.util.HashSet)20
OrganizationDirectoryService (org.opencastproject.security.api.OrganizationDirectoryService)18
JpaUser (org.opencastproject.security.impl.jpa.JpaUser)17
IOException (java.io.IOException)16
MediaPackage (org.opencastproject.mediapackage.MediaPackage)16
