use of org.pentaho.di.repository.pur.model.EEUserInfo in project pentaho-kettle by pentaho.
the class PurRepositoryConnector method connect.
public synchronized RepositoryConnectResult connect(final String username, final String password) throws KettleException {
if (serviceManager != null) {
disconnect();
}
serviceManager = new WebServiceManager(repositoryMeta.getRepositoryLocation().getUrl(), username);
RepositoryServiceRegistry purRepositoryServiceRegistry = new RepositoryServiceRegistry();
IUser user1 = new EEUserInfo();
final String decryptedPassword = Encr.decryptPasswordOptionallyEncrypted(password);
final RepositoryConnectResult result = new RepositoryConnectResult(purRepositoryServiceRegistry);
try {
/*
* Three scenarios: 1. Connect in process: username fetched using PentahoSessionHolder; no authentication occurs
* 2. Connect externally with trust: username specified is assumed authenticated if IP of calling code is trusted
* 3. Connect externally: authentication occurs normally (i.e. password is checked)
*/
user1.setLogin(username);
user1.setPassword(decryptedPassword);
user1.setName(username);
result.setUser(user1);
// We need to have the application context and the session available in order for us to skip authentication
if (PentahoSystem.getApplicationContext() != null && PentahoSessionHolder.getSession() != null && PentahoSessionHolder.getSession().isAuthenticated()) {
if (inProcess()) {
// connect to the IUnifiedRepository through PentahoSystem
// this assumes we're running in a BI Platform
result.setUnifiedRepository(PentahoSystem.get(IUnifiedRepository.class));
if (result.getUnifiedRepository() != null) {
if (log.isDebug()) {
log.logDebug(BaseMessages.getString(PKG, "PurRepositoryConnector.ConnectInProgress.Begin"));
}
String name = PentahoSessionHolder.getSession().getName();
user1 = new EEUserInfo();
user1.setLogin(name);
user1.setName(name);
user1.setPassword(decryptedPassword);
result.setUser(user1);
result.setSuccess(true);
result.getUser().setAdmin(PentahoSystem.get(IAuthorizationPolicy.class).isAllowed(IAbsSecurityProvider.ADMINISTER_SECURITY_ACTION));
if (log.isDebug()) {
log.logDebug(BaseMessages.getString(PKG, "PurRepositoryConnector.ConnectInProgress", name, result.getUnifiedRepository()));
}
// what about security provider?
return result;
}
}
}
ExecutorService executor = getExecutor();
Future<Boolean> authorizationWebserviceFuture = executor.submit(new Callable<Boolean>() {
@Override
public Boolean call() throws Exception {
// IRoleSupportSecurityManager depends RepositorySecurityManager to be present
if (log.isBasic()) {
log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateServiceProvider.Start"));
}
result.setSecurityProvider(new AbsSecurityProvider(purRepository, repositoryMeta, result.getUser(), serviceManager));
if (log.isBasic()) {
// $NON-NLS-1$
log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateServiceProvider.End"));
}
// need to added them to the service list
if (allowedActionsContains((AbsSecurityProvider) result.getSecurityProvider(), IAbsSecurityProvider.ADMINISTER_SECURITY_ACTION)) {
result.setSecurityManager(new AbsSecurityManager(purRepository, repositoryMeta, result.getUser(), serviceManager));
// Set the reference of the security manager to security provider for user role list change event
((PurRepositorySecurityProvider) result.getSecurityProvider()).setUserRoleDelegate(((PurRepositorySecurityManager) result.getSecurityManager()).getUserRoleDelegate());
return true;
}
return false;
}
});
Future<WebServiceException> repoWebServiceFuture = executor.submit(new Callable<WebServiceException>() {
@Override
public WebServiceException call() throws Exception {
try {
IUnifiedRepositoryJaxwsWebService repoWebService = null;
if (log.isBasic()) {
// $NON-NLS-1$
log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateRepositoryWebService.Start"));
}
repoWebService = // $NON-NLS-1$
serviceManager.createService(username, decryptedPassword, IUnifiedRepositoryJaxwsWebService.class);
if (log.isBasic()) {
// $NON-NLS-1$
log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateRepositoryWebService.End"));
}
if (log.isBasic()) {
// $NON-NLS-1$
log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateUnifiedRepositoryToWebServiceAdapter.Start"));
}
result.setUnifiedRepository(new UnifiedRepositoryToWebServiceAdapter(repoWebService));
} catch (WebServiceException wse) {
return wse;
}
return null;
}
});
Future<Exception> syncWebserviceFuture = executor.submit(new Callable<Exception>() {
@Override
public Exception call() throws Exception {
try {
if (log.isBasic()) {
log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateRepositorySyncWebService.Start"));
}
IRepositorySyncWebService syncWebService = // $NON-NLS-1$
serviceManager.createService(username, decryptedPassword, IRepositorySyncWebService.class);
if (log.isBasic()) {
// $NON-NLS-1$
log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateRepositorySyncWebService.Sync"));
}
syncWebService.sync(repositoryMeta.getName(), repositoryMeta.getRepositoryLocation().getUrl());
} catch (RepositorySyncException e) {
log.logError(e.getMessage(), e);
// this message will be presented to the user in spoon
result.setConnectMessage(e.getMessage());
return null;
} catch (WebServiceException e) {
// if we can speak to the repository okay but not the sync service, assume we're talking to a BA Server
log.logError(e.getMessage(), e);
return new Exception(BaseMessages.getString(PKG, "PurRepository.BAServerLogin.Message"), e);
}
return null;
}
});
Future<String> sessionServiceFuture = executor.submit(new Callable<String>() {
@Override
public String call() throws Exception {
try {
if (log.isBasic()) {
log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.SessionService.Start"));
}
CredentialsProvider provider = new BasicCredentialsProvider();
UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(username, decryptedPassword);
provider.setCredentials(AuthScope.ANY, credentials);
HttpClient client = HttpClientBuilder.create().setDefaultCredentialsProvider(provider).build();
HttpGet method = new HttpGet(repositoryMeta.getRepositoryLocation().getUrl() + "/api/session/userName");
if (StringUtils.isNotBlank(System.getProperty("pentaho.repository.client.attemptTrust"))) {
method.addHeader(TRUST_USER, username);
}
HttpResponse response = client.execute(method);
if (log.isBasic()) {
log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.SessionService.Sync"));
}
return EntityUtils.toString(response.getEntity());
} catch (Exception e) {
if (log.isError()) {
log.logError(BaseMessages.getString(PKG, "PurRepositoryConnector.Error.EnableToGetUser"), e);
}
return null;
}
}
});
WebServiceException repoException = repoWebServiceFuture.get();
if (repoException != null) {
log.logError(repoException.getMessage());
throw new Exception(BaseMessages.getString(PKG, "PurRepository.FailedLogin.Message"), repoException);
}
Exception syncException = syncWebserviceFuture.get();
if (syncException != null) {
throw syncException;
}
Boolean isAdmin = authorizationWebserviceFuture.get();
result.getUser().setAdmin(isAdmin);
String userName = sessionServiceFuture.get();
if (userName != null) {
result.getUser().setLogin(userName);
}
if (log.isBasic()) {
log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.RegisterSecurityProvider.Start"));
}
purRepositoryServiceRegistry.registerService(RepositorySecurityProvider.class, result.getSecurityProvider());
purRepositoryServiceRegistry.registerService(IAbsSecurityProvider.class, result.getSecurityProvider());
if (isAdmin) {
purRepositoryServiceRegistry.registerService(RepositorySecurityManager.class, result.getSecurityManager());
purRepositoryServiceRegistry.registerService(IRoleSupportSecurityManager.class, result.getSecurityManager());
purRepositoryServiceRegistry.registerService(IAbsSecurityManager.class, result.getSecurityManager());
}
purRepositoryServiceRegistry.registerService(PurRepositoryRestService.PurRepositoryPluginApiRevision.class, serviceManager.createService(username, decryptedPassword, PurRepositoryRestService.PurRepositoryPluginApiRevision.class));
purRepositoryServiceRegistry.registerService(IRevisionService.class, new UnifiedRepositoryRevisionService(result.getUnifiedRepository(), rootRef));
purRepositoryServiceRegistry.registerService(IAclService.class, new UnifiedRepositoryConnectionAclService(result.getUnifiedRepository()));
purRepositoryServiceRegistry.registerService(IConnectionAclService.class, new UnifiedRepositoryConnectionAclService(result.getUnifiedRepository()));
purRepositoryServiceRegistry.registerService(ITrashService.class, new UnifiedRepositoryTrashService(result.getUnifiedRepository(), rootRef));
purRepositoryServiceRegistry.registerService(ILockService.class, new UnifiedRepositoryLockService(result.getUnifiedRepository()));
if (log.isBasic()) {
log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.RepositoryServicesRegistered.End"));
}
result.setSuccess(true);
} catch (NullPointerException npe) {
result.setSuccess(false);
throw new KettleException(BaseMessages.getString(PKG, "PurRepository.LoginException.Message"));
} catch (Throwable e) {
result.setSuccess(false);
serviceManager.close();
throw new KettleException(e);
}
return result;
}
use of org.pentaho.di.repository.pur.model.EEUserInfo in project pentaho-kettle by pentaho.
the class UserRoleHelperTest method convertFromProxyPentahoUser_CopiesRolesForEeUser.
@Test
public void convertFromProxyPentahoUser_CopiesRolesForEeUser() throws Exception {
IRoleSupportSecurityManager manager = mockSecurityManager(true);
ProxyPentahoUser pentahoUser = pentahoUser("name");
List<UserToRoleAssignment> assignments = Collections.singletonList(new UserToRoleAssignment("name", "role"));
EEUserInfo user = (EEUserInfo) convertFromProxyPentahoUser(pentahoUser, assignments, manager);
assertNotNull(user);
assertEquals(pentahoUser.getName(), user.getName());
assertEquals(1, user.getRoles().size());
assertEquals("role", user.getRoles().iterator().next().getName());
}
use of org.pentaho.di.repository.pur.model.EEUserInfo in project pentaho-kettle by pentaho.
the class UIEESecurityUserTest method init.
@Before
public void init() {
roles.add(adminRole);
roles.add(anonymousRole);
roles.add(authenticatedRole);
roles.add(ceoRole);
roles.add(ctoRole);
roles.add(devRole);
roles.add(devmgrRole);
roles.add(isRole);
joeUser = new EEUserInfo("joe", "password", "joe", "joe", true);
patUser = new EEUserInfo("pat", "password", "pat", "pat", true);
suzyUser = new EEUserInfo("suzy", "password", "suzy", "suzy", true);
tiffanyUser = new EEUserInfo("tiffany", "password", "tiffany", "tiffany", true);
joeUser.addRole(roles.get(0));
joeUser.addRole(roles.get(2));
joeUser.addRole(roles.get(3));
suzyUser.addRole(roles.get(2));
suzyUser.addRole(roles.get(4));
suzyUser.addRole(roles.get(7));
patUser.addRole(roles.get(2));
patUser.addRole(roles.get(5));
tiffanyUser.addRole(roles.get(2));
tiffanyUser.addRole(roles.get(5));
tiffanyUser.addRole(roles.get(6));
users.add(joeUser);
users.add(patUser);
users.add(suzyUser);
users.add(tiffanyUser);
sm = new RepsitoryUserTestImpl();
}
use of org.pentaho.di.repository.pur.model.EEUserInfo in project pentaho-kettle by pentaho.
the class UIEESecurityTest method testAddRole.
@Test
public void testAddRole() throws Exception {
try {
security.setSelectedDeck(ObjectRecipient.Type.ROLE);
UIRepositoryRole roleToAdd = new UIRepositoryRole(new EERoleInfo());
roleToAdd.setName("newrole");
roleToAdd.setDescription("new description");
Set<EEUserInfo> usersToAssign = new HashSet<EEUserInfo>();
usersToAssign.add(suzyUser);
usersToAssign.add(tiffanyUser);
usersToAssign.add(joeUser);
security.addRole(roleToAdd);
assertEquals(security.getSelectedRole(), roleToAdd);
assertEquals(security.getSelectedDeck(), ObjectRecipient.Type.ROLE);
assertEquals(security.getRoleList().size(), 9);
} catch (Exception e) {
Assert.fail();
}
}
use of org.pentaho.di.repository.pur.model.EEUserInfo in project pentaho-kettle by pentaho.
the class UIEESecurityTest method testUpdateUser.
@Test
public void testUpdateUser() throws Exception {
try {
UIEERepositoryUser userToAdd = new UIEERepositoryUser(new EEUserInfo());
userToAdd.setName("newuser");
userToAdd.setPassword("newpassword");
userToAdd.setDescription("new description");
Set<IUIRole> rolesToAssign = new HashSet<IUIRole>();
rolesToAssign.add(new UIRepositoryRole(ctoRole));
rolesToAssign.add(new UIRepositoryRole(isRole));
rolesToAssign.add(new UIRepositoryRole(adminRole));
rolesToAssign.add(new UIRepositoryRole(authenticatedRole));
userToAdd.setRoles(rolesToAssign);
security.addUser(userToAdd);
IUIUser selectedUser = security.getSelectedUser();
selectedUser.setPassword("newpassword123");
selectedUser.setDescription("new description 123");
((IUIEEUser) selectedUser).addRole(new UIRepositoryRole(ctoRole));
((IUIEEUser) selectedUser).addRole(new UIRepositoryRole(isRole));
((IUIEEUser) selectedUser).removeRole(new UIRepositoryRole(adminRole));
((IUIEEUser) selectedUser).removeRole(new UIRepositoryRole(authenticatedRole));
security.updateUser(selectedUser, rolesToAssign);
// $NON-NLS-1$
assertEquals(selectedUser.getPassword(), "newpassword123");
// $NON-NLS-1$
assertEquals(selectedUser.getDescription(), "new description 123");
assertEquals(security.getSelectedUser(), selectedUser);
assertEquals(security.getUserList().size(), 5);
} catch (Exception e) {
Assert.fail();
}
}
Aggregations