Search in sources :

Example 1 with EEUserInfo

use of org.pentaho.di.repository.pur.model.EEUserInfo in project pentaho-kettle by pentaho.

the class PurRepositoryConnector method connect.

public synchronized RepositoryConnectResult connect(final String username, final String password) throws KettleException {
    if (serviceManager != null) {
        disconnect();
    }
    serviceManager = new WebServiceManager(repositoryMeta.getRepositoryLocation().getUrl(), username);
    RepositoryServiceRegistry purRepositoryServiceRegistry = new RepositoryServiceRegistry();
    IUser user1 = new EEUserInfo();
    final String decryptedPassword = Encr.decryptPasswordOptionallyEncrypted(password);
    final RepositoryConnectResult result = new RepositoryConnectResult(purRepositoryServiceRegistry);
    try {
        /*
       * Three scenarios: 1. Connect in process: username fetched using PentahoSessionHolder; no authentication occurs
       * 2. Connect externally with trust: username specified is assumed authenticated if IP of calling code is trusted
       * 3. Connect externally: authentication occurs normally (i.e. password is checked)
       */
        user1.setLogin(username);
        user1.setPassword(decryptedPassword);
        user1.setName(username);
        result.setUser(user1);
        // We need to have the application context and the session available in order for us to skip authentication
        if (PentahoSystem.getApplicationContext() != null && PentahoSessionHolder.getSession() != null && PentahoSessionHolder.getSession().isAuthenticated()) {
            if (inProcess()) {
                // connect to the IUnifiedRepository through PentahoSystem
                // this assumes we're running in a BI Platform
                result.setUnifiedRepository(PentahoSystem.get(IUnifiedRepository.class));
                if (result.getUnifiedRepository() != null) {
                    if (log.isDebug()) {
                        log.logDebug(BaseMessages.getString(PKG, "PurRepositoryConnector.ConnectInProgress.Begin"));
                    }
                    String name = PentahoSessionHolder.getSession().getName();
                    user1 = new EEUserInfo();
                    user1.setLogin(name);
                    user1.setName(name);
                    user1.setPassword(decryptedPassword);
                    result.setUser(user1);
                    result.setSuccess(true);
                    result.getUser().setAdmin(PentahoSystem.get(IAuthorizationPolicy.class).isAllowed(IAbsSecurityProvider.ADMINISTER_SECURITY_ACTION));
                    if (log.isDebug()) {
                        log.logDebug(BaseMessages.getString(PKG, "PurRepositoryConnector.ConnectInProgress", name, result.getUnifiedRepository()));
                    }
                    // what about security provider?
                    return result;
                }
            }
        }
        ExecutorService executor = getExecutor();
        Future<Boolean> authorizationWebserviceFuture = executor.submit(new Callable<Boolean>() {

            @Override
            public Boolean call() throws Exception {
                // IRoleSupportSecurityManager depends RepositorySecurityManager to be present
                if (log.isBasic()) {
                    log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateServiceProvider.Start"));
                }
                result.setSecurityProvider(new AbsSecurityProvider(purRepository, repositoryMeta, result.getUser(), serviceManager));
                if (log.isBasic()) {
                    // $NON-NLS-1$
                    log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateServiceProvider.End"));
                }
                // need to added them to the service list
                if (allowedActionsContains((AbsSecurityProvider) result.getSecurityProvider(), IAbsSecurityProvider.ADMINISTER_SECURITY_ACTION)) {
                    result.setSecurityManager(new AbsSecurityManager(purRepository, repositoryMeta, result.getUser(), serviceManager));
                    // Set the reference of the security manager to security provider for user role list change event
                    ((PurRepositorySecurityProvider) result.getSecurityProvider()).setUserRoleDelegate(((PurRepositorySecurityManager) result.getSecurityManager()).getUserRoleDelegate());
                    return true;
                }
                return false;
            }
        });
        Future<WebServiceException> repoWebServiceFuture = executor.submit(new Callable<WebServiceException>() {

            @Override
            public WebServiceException call() throws Exception {
                try {
                    IUnifiedRepositoryJaxwsWebService repoWebService = null;
                    if (log.isBasic()) {
                        // $NON-NLS-1$
                        log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateRepositoryWebService.Start"));
                    }
                    repoWebService = // $NON-NLS-1$
                    serviceManager.createService(username, decryptedPassword, IUnifiedRepositoryJaxwsWebService.class);
                    if (log.isBasic()) {
                        // $NON-NLS-1$
                        log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateRepositoryWebService.End"));
                    }
                    if (log.isBasic()) {
                        // $NON-NLS-1$
                        log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateUnifiedRepositoryToWebServiceAdapter.Start"));
                    }
                    result.setUnifiedRepository(new UnifiedRepositoryToWebServiceAdapter(repoWebService));
                } catch (WebServiceException wse) {
                    return wse;
                }
                return null;
            }
        });
        Future<Exception> syncWebserviceFuture = executor.submit(new Callable<Exception>() {

            @Override
            public Exception call() throws Exception {
                try {
                    if (log.isBasic()) {
                        log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateRepositorySyncWebService.Start"));
                    }
                    IRepositorySyncWebService syncWebService = // $NON-NLS-1$
                    serviceManager.createService(username, decryptedPassword, IRepositorySyncWebService.class);
                    if (log.isBasic()) {
                        // $NON-NLS-1$
                        log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateRepositorySyncWebService.Sync"));
                    }
                    syncWebService.sync(repositoryMeta.getName(), repositoryMeta.getRepositoryLocation().getUrl());
                } catch (RepositorySyncException e) {
                    log.logError(e.getMessage(), e);
                    // this message will be presented to the user in spoon
                    result.setConnectMessage(e.getMessage());
                    return null;
                } catch (WebServiceException e) {
                    // if we can speak to the repository okay but not the sync service, assume we're talking to a BA Server
                    log.logError(e.getMessage(), e);
                    return new Exception(BaseMessages.getString(PKG, "PurRepository.BAServerLogin.Message"), e);
                }
                return null;
            }
        });
        Future<String> sessionServiceFuture = executor.submit(new Callable<String>() {

            @Override
            public String call() throws Exception {
                try {
                    if (log.isBasic()) {
                        log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.SessionService.Start"));
                    }
                    CredentialsProvider provider = new BasicCredentialsProvider();
                    UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(username, decryptedPassword);
                    provider.setCredentials(AuthScope.ANY, credentials);
                    HttpClient client = HttpClientBuilder.create().setDefaultCredentialsProvider(provider).build();
                    HttpGet method = new HttpGet(repositoryMeta.getRepositoryLocation().getUrl() + "/api/session/userName");
                    if (StringUtils.isNotBlank(System.getProperty("pentaho.repository.client.attemptTrust"))) {
                        method.addHeader(TRUST_USER, username);
                    }
                    HttpResponse response = client.execute(method);
                    if (log.isBasic()) {
                        log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.SessionService.Sync"));
                    }
                    return EntityUtils.toString(response.getEntity());
                } catch (Exception e) {
                    if (log.isError()) {
                        log.logError(BaseMessages.getString(PKG, "PurRepositoryConnector.Error.EnableToGetUser"), e);
                    }
                    return null;
                }
            }
        });
        WebServiceException repoException = repoWebServiceFuture.get();
        if (repoException != null) {
            log.logError(repoException.getMessage());
            throw new Exception(BaseMessages.getString(PKG, "PurRepository.FailedLogin.Message"), repoException);
        }
        Exception syncException = syncWebserviceFuture.get();
        if (syncException != null) {
            throw syncException;
        }
        Boolean isAdmin = authorizationWebserviceFuture.get();
        result.getUser().setAdmin(isAdmin);
        String userName = sessionServiceFuture.get();
        if (userName != null) {
            result.getUser().setLogin(userName);
        }
        if (log.isBasic()) {
            log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.RegisterSecurityProvider.Start"));
        }
        purRepositoryServiceRegistry.registerService(RepositorySecurityProvider.class, result.getSecurityProvider());
        purRepositoryServiceRegistry.registerService(IAbsSecurityProvider.class, result.getSecurityProvider());
        if (isAdmin) {
            purRepositoryServiceRegistry.registerService(RepositorySecurityManager.class, result.getSecurityManager());
            purRepositoryServiceRegistry.registerService(IRoleSupportSecurityManager.class, result.getSecurityManager());
            purRepositoryServiceRegistry.registerService(IAbsSecurityManager.class, result.getSecurityManager());
        }
        purRepositoryServiceRegistry.registerService(PurRepositoryRestService.PurRepositoryPluginApiRevision.class, serviceManager.createService(username, decryptedPassword, PurRepositoryRestService.PurRepositoryPluginApiRevision.class));
        purRepositoryServiceRegistry.registerService(IRevisionService.class, new UnifiedRepositoryRevisionService(result.getUnifiedRepository(), rootRef));
        purRepositoryServiceRegistry.registerService(IAclService.class, new UnifiedRepositoryConnectionAclService(result.getUnifiedRepository()));
        purRepositoryServiceRegistry.registerService(IConnectionAclService.class, new UnifiedRepositoryConnectionAclService(result.getUnifiedRepository()));
        purRepositoryServiceRegistry.registerService(ITrashService.class, new UnifiedRepositoryTrashService(result.getUnifiedRepository(), rootRef));
        purRepositoryServiceRegistry.registerService(ILockService.class, new UnifiedRepositoryLockService(result.getUnifiedRepository()));
        if (log.isBasic()) {
            log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.RepositoryServicesRegistered.End"));
        }
        result.setSuccess(true);
    } catch (NullPointerException npe) {
        result.setSuccess(false);
        throw new KettleException(BaseMessages.getString(PKG, "PurRepository.LoginException.Message"));
    } catch (Throwable e) {
        result.setSuccess(false);
        serviceManager.close();
        throw new KettleException(e);
    }
    return result;
}
Also used : KettleException(org.pentaho.di.core.exception.KettleException) BasicCredentialsProvider(org.apache.http.impl.client.BasicCredentialsProvider) HttpGet(org.apache.http.client.methods.HttpGet) RepositorySyncException(com.pentaho.pdi.ws.RepositorySyncException) IUser(org.pentaho.di.repository.IUser) IAbsSecurityManager(org.pentaho.di.ui.repository.pur.services.IAbsSecurityManager) IRepositorySyncWebService(com.pentaho.pdi.ws.IRepositorySyncWebService) WebServiceException(javax.xml.ws.WebServiceException) EEUserInfo(org.pentaho.di.repository.pur.model.EEUserInfo) HttpResponse(org.apache.http.HttpResponse) BasicCredentialsProvider(org.apache.http.impl.client.BasicCredentialsProvider) CredentialsProvider(org.apache.http.client.CredentialsProvider) UnifiedRepositoryToWebServiceAdapter(org.pentaho.platform.repository2.unified.webservices.jaxws.UnifiedRepositoryToWebServiceAdapter) KettleException(org.pentaho.di.core.exception.KettleException) RepositorySyncException(com.pentaho.pdi.ws.RepositorySyncException) WebServiceException(javax.xml.ws.WebServiceException) UsernamePasswordCredentials(org.apache.http.auth.UsernamePasswordCredentials) IAbsSecurityProvider(org.pentaho.di.ui.repository.pur.services.IAbsSecurityProvider) HttpClient(org.apache.http.client.HttpClient) ExecutorService(java.util.concurrent.ExecutorService) IUnifiedRepositoryJaxwsWebService(org.pentaho.platform.repository2.unified.webservices.jaxws.IUnifiedRepositoryJaxwsWebService) IUnifiedRepository(org.pentaho.platform.api.repository2.unified.IUnifiedRepository)

Example 2 with EEUserInfo

use of org.pentaho.di.repository.pur.model.EEUserInfo in project pentaho-kettle by pentaho.

the class UserRoleHelperTest method convertFromProxyPentahoUser_CopiesRolesForEeUser.

@Test
public void convertFromProxyPentahoUser_CopiesRolesForEeUser() throws Exception {
    IRoleSupportSecurityManager manager = mockSecurityManager(true);
    ProxyPentahoUser pentahoUser = pentahoUser("name");
    List<UserToRoleAssignment> assignments = Collections.singletonList(new UserToRoleAssignment("name", "role"));
    EEUserInfo user = (EEUserInfo) convertFromProxyPentahoUser(pentahoUser, assignments, manager);
    assertNotNull(user);
    assertEquals(pentahoUser.getName(), user.getName());
    assertEquals(1, user.getRoles().size());
    assertEquals("role", user.getRoles().iterator().next().getName());
}
Also used : IRoleSupportSecurityManager(org.pentaho.di.ui.repository.pur.services.IRoleSupportSecurityManager) UserToRoleAssignment(org.pentaho.platform.security.userroledao.ws.UserToRoleAssignment) EEUserInfo(org.pentaho.di.repository.pur.model.EEUserInfo) ProxyPentahoUser(org.pentaho.platform.security.userroledao.ws.ProxyPentahoUser) UserRoleHelper.convertFromProxyPentahoUser(org.pentaho.di.repository.pur.UserRoleHelper.convertFromProxyPentahoUser) Test(org.junit.Test)

Example 3 with EEUserInfo

use of org.pentaho.di.repository.pur.model.EEUserInfo in project pentaho-kettle by pentaho.

the class UIEESecurityUserTest method init.

@Before
public void init() {
    roles.add(adminRole);
    roles.add(anonymousRole);
    roles.add(authenticatedRole);
    roles.add(ceoRole);
    roles.add(ctoRole);
    roles.add(devRole);
    roles.add(devmgrRole);
    roles.add(isRole);
    joeUser = new EEUserInfo("joe", "password", "joe", "joe", true);
    patUser = new EEUserInfo("pat", "password", "pat", "pat", true);
    suzyUser = new EEUserInfo("suzy", "password", "suzy", "suzy", true);
    tiffanyUser = new EEUserInfo("tiffany", "password", "tiffany", "tiffany", true);
    joeUser.addRole(roles.get(0));
    joeUser.addRole(roles.get(2));
    joeUser.addRole(roles.get(3));
    suzyUser.addRole(roles.get(2));
    suzyUser.addRole(roles.get(4));
    suzyUser.addRole(roles.get(7));
    patUser.addRole(roles.get(2));
    patUser.addRole(roles.get(5));
    tiffanyUser.addRole(roles.get(2));
    tiffanyUser.addRole(roles.get(5));
    tiffanyUser.addRole(roles.get(6));
    users.add(joeUser);
    users.add(patUser);
    users.add(suzyUser);
    users.add(tiffanyUser);
    sm = new RepsitoryUserTestImpl();
}
Also used : EEUserInfo(org.pentaho.di.repository.pur.model.EEUserInfo) RepsitoryUserTestImpl(org.pentaho.di.ui.repository.repositoryexplorer.abs.model.RepsitoryUserTestImpl) Before(org.junit.Before)

Example 4 with EEUserInfo

use of org.pentaho.di.repository.pur.model.EEUserInfo in project pentaho-kettle by pentaho.

the class UIEESecurityTest method testAddRole.

@Test
public void testAddRole() throws Exception {
    try {
        security.setSelectedDeck(ObjectRecipient.Type.ROLE);
        UIRepositoryRole roleToAdd = new UIRepositoryRole(new EERoleInfo());
        roleToAdd.setName("newrole");
        roleToAdd.setDescription("new description");
        Set<EEUserInfo> usersToAssign = new HashSet<EEUserInfo>();
        usersToAssign.add(suzyUser);
        usersToAssign.add(tiffanyUser);
        usersToAssign.add(joeUser);
        security.addRole(roleToAdd);
        assertEquals(security.getSelectedRole(), roleToAdd);
        assertEquals(security.getSelectedDeck(), ObjectRecipient.Type.ROLE);
        assertEquals(security.getRoleList().size(), 9);
    } catch (Exception e) {
        Assert.fail();
    }
}
Also used : UIRepositoryRole(org.pentaho.di.ui.repository.pur.repositoryexplorer.model.UIRepositoryRole) EEUserInfo(org.pentaho.di.repository.pur.model.EEUserInfo) EERoleInfo(org.pentaho.di.repository.pur.model.EERoleInfo) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 5 with EEUserInfo

use of org.pentaho.di.repository.pur.model.EEUserInfo in project pentaho-kettle by pentaho.

the class UIEESecurityTest method testUpdateUser.

@Test
public void testUpdateUser() throws Exception {
    try {
        UIEERepositoryUser userToAdd = new UIEERepositoryUser(new EEUserInfo());
        userToAdd.setName("newuser");
        userToAdd.setPassword("newpassword");
        userToAdd.setDescription("new description");
        Set<IUIRole> rolesToAssign = new HashSet<IUIRole>();
        rolesToAssign.add(new UIRepositoryRole(ctoRole));
        rolesToAssign.add(new UIRepositoryRole(isRole));
        rolesToAssign.add(new UIRepositoryRole(adminRole));
        rolesToAssign.add(new UIRepositoryRole(authenticatedRole));
        userToAdd.setRoles(rolesToAssign);
        security.addUser(userToAdd);
        IUIUser selectedUser = security.getSelectedUser();
        selectedUser.setPassword("newpassword123");
        selectedUser.setDescription("new description 123");
        ((IUIEEUser) selectedUser).addRole(new UIRepositoryRole(ctoRole));
        ((IUIEEUser) selectedUser).addRole(new UIRepositoryRole(isRole));
        ((IUIEEUser) selectedUser).removeRole(new UIRepositoryRole(adminRole));
        ((IUIEEUser) selectedUser).removeRole(new UIRepositoryRole(authenticatedRole));
        security.updateUser(selectedUser, rolesToAssign);
        // $NON-NLS-1$
        assertEquals(selectedUser.getPassword(), "newpassword123");
        // $NON-NLS-1$
        assertEquals(selectedUser.getDescription(), "new description 123");
        assertEquals(security.getSelectedUser(), selectedUser);
        assertEquals(security.getUserList().size(), 5);
    } catch (Exception e) {
        Assert.fail();
    }
}
Also used : UIEERepositoryUser(org.pentaho.di.ui.repository.pur.repositoryexplorer.model.UIEERepositoryUser) UIRepositoryRole(org.pentaho.di.ui.repository.pur.repositoryexplorer.model.UIRepositoryRole) IUIUser(org.pentaho.di.ui.repository.repositoryexplorer.model.IUIUser) EEUserInfo(org.pentaho.di.repository.pur.model.EEUserInfo) IUIEEUser(org.pentaho.di.ui.repository.pur.repositoryexplorer.IUIEEUser) IUIRole(org.pentaho.di.ui.repository.pur.repositoryexplorer.IUIRole) HashSet(java.util.HashSet) Test(org.junit.Test)

Aggregations

EEUserInfo (org.pentaho.di.repository.pur.model.EEUserInfo)11 Test (org.junit.Test)6 UIRepositoryRole (org.pentaho.di.ui.repository.pur.repositoryexplorer.model.UIRepositoryRole)6 HashSet (java.util.HashSet)5 IUIRole (org.pentaho.di.ui.repository.pur.repositoryexplorer.IUIRole)4 IUser (org.pentaho.di.repository.IUser)3 EERoleInfo (org.pentaho.di.repository.pur.model.EERoleInfo)3 UIEERepositoryUser (org.pentaho.di.ui.repository.pur.repositoryexplorer.model.UIEERepositoryUser)3 Before (org.junit.Before)2 IRole (org.pentaho.di.repository.pur.model.IRole)2 IRoleSupportSecurityManager (org.pentaho.di.ui.repository.pur.services.IRoleSupportSecurityManager)2 IUIUser (org.pentaho.di.ui.repository.repositoryexplorer.model.IUIUser)2 IUnifiedRepository (org.pentaho.platform.api.repository2.unified.IUnifiedRepository)2 IRepositorySyncWebService (com.pentaho.pdi.ws.IRepositorySyncWebService)1 RepositorySyncException (com.pentaho.pdi.ws.RepositorySyncException)1 ExecutorService (java.util.concurrent.ExecutorService)1 WebServiceException (javax.xml.ws.WebServiceException)1 HttpResponse (org.apache.http.HttpResponse)1 UsernamePasswordCredentials (org.apache.http.auth.UsernamePasswordCredentials)1 CredentialsProvider (org.apache.http.client.CredentialsProvider)1