use of org.pentaho.di.repository.pur.model.EEUserInfo in project pentaho-kettle by pentaho.
the class PurRepositoryConnector method connect.
public synchronized RepositoryConnectResult connect(final String username, final String password) throws KettleException {
if (serviceManager != null) {
disconnect();
}
serviceManager = new WebServiceManager(repositoryMeta.getRepositoryLocation().getUrl(), username);
RepositoryServiceRegistry purRepositoryServiceRegistry = new RepositoryServiceRegistry();
IUser user1 = new EEUserInfo();
final String decryptedPassword = Encr.decryptPasswordOptionallyEncrypted(password);
final RepositoryConnectResult result = new RepositoryConnectResult(purRepositoryServiceRegistry);
try {
/*
* Three scenarios: 1. Connect in process: username fetched using PentahoSessionHolder; no authentication occurs
* 2. Connect externally with trust: username specified is assumed authenticated if IP of calling code is trusted
* 3. Connect externally: authentication occurs normally (i.e. password is checked)
*/
user1.setLogin(username);
user1.setPassword(decryptedPassword);
user1.setName(username);
result.setUser(user1);
// We need to have the application context and the session available in order for us to skip authentication
if (PentahoSystem.getApplicationContext() != null && PentahoSessionHolder.getSession() != null && PentahoSessionHolder.getSession().isAuthenticated()) {
if (inProcess()) {
// connect to the IUnifiedRepository through PentahoSystem
// this assumes we're running in a BI Platform
result.setUnifiedRepository(PentahoSystem.get(IUnifiedRepository.class));
if (result.getUnifiedRepository() != null) {
if (log.isDebug()) {
log.logDebug(BaseMessages.getString(PKG, "PurRepositoryConnector.ConnectInProgress.Begin"));
}
String name = PentahoSessionHolder.getSession().getName();
user1 = new EEUserInfo();
user1.setLogin(name);
user1.setName(name);
user1.setPassword(decryptedPassword);
result.setUser(user1);
result.setSuccess(true);
if (log.isDebug()) {
log.logDebug(BaseMessages.getString(PKG, "PurRepositoryConnector.ConnectInProgress", name, result.getUnifiedRepository()));
}
// what about security provider?
return result;
}
}
}
ExecutorService executor = getExecutor();
Future<Boolean> authorizationWebserviceFuture = executor.submit(new Callable<Boolean>() {
@Override
public Boolean call() throws Exception {
// IRoleSupportSecurityManager depends RepositorySecurityManager to be present
if (log.isBasic()) {
log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateServiceProvider.Start"));
}
result.setSecurityProvider(new AbsSecurityProvider(purRepository, repositoryMeta, result.getUser(), serviceManager));
if (log.isBasic()) {
// $NON-NLS-1$
log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateServiceProvider.End"));
}
// need to added them to the service list
if (allowedActionsContains((AbsSecurityProvider) result.getSecurityProvider(), IAbsSecurityProvider.ADMINISTER_SECURITY_ACTION)) {
result.setSecurityManager(new AbsSecurityManager(purRepository, repositoryMeta, result.getUser(), serviceManager));
// Set the reference of the security manager to security provider for user role list change event
((PurRepositorySecurityProvider) result.getSecurityProvider()).setUserRoleDelegate(((PurRepositorySecurityManager) result.getSecurityManager()).getUserRoleDelegate());
return true;
}
return false;
}
});
Future<WebServiceException> repoWebServiceFuture = executor.submit(new Callable<WebServiceException>() {
@Override
public WebServiceException call() throws Exception {
try {
IUnifiedRepositoryJaxwsWebService repoWebService = null;
if (log.isBasic()) {
// $NON-NLS-1$
log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateRepositoryWebService.Start"));
}
repoWebService = // $NON-NLS-1$
serviceManager.createService(username, decryptedPassword, IUnifiedRepositoryJaxwsWebService.class);
if (log.isBasic()) {
// $NON-NLS-1$
log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateRepositoryWebService.End"));
}
if (log.isBasic()) {
// $NON-NLS-1$
log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateUnifiedRepositoryToWebServiceAdapter.Start"));
}
result.setUnifiedRepository(new UnifiedRepositoryToWebServiceAdapter(repoWebService));
} catch (WebServiceException wse) {
return wse;
}
return null;
}
});
Future<Exception> syncWebserviceFuture = executor.submit(new Callable<Exception>() {
@Override
public Exception call() throws Exception {
try {
if (log.isBasic()) {
log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateRepositorySyncWebService.Start"));
}
IRepositorySyncWebService syncWebService = // $NON-NLS-1$
serviceManager.createService(username, decryptedPassword, IRepositorySyncWebService.class);
if (log.isBasic()) {
// $NON-NLS-1$
log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateRepositorySyncWebService.Sync"));
}
syncWebService.sync(repositoryMeta.getName(), repositoryMeta.getRepositoryLocation().getUrl());
} catch (RepositorySyncException e) {
log.logError(e.getMessage(), e);
// this message will be presented to the user in spoon
result.setConnectMessage(e.getMessage());
return null;
} catch (ClientTransportException e) {
// caused by authentication errors, etc
return e;
} catch (WebServiceException e) {
// if we can speak to the repository okay but not the sync service, assume we're talking to a BA Server
log.logError(e.getMessage(), e);
return new Exception(BaseMessages.getString(PKG, "PurRepository.BAServerLogin.Message"), e);
}
return null;
}
});
Future<String> sessionServiceFuture = executor.submit(new Callable<String>() {
@Override
public String call() throws Exception {
try {
if (log.isBasic()) {
log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.SessionService.Start"));
}
CredentialsProvider provider = new BasicCredentialsProvider();
UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(username, password);
provider.setCredentials(AuthScope.ANY, credentials);
HttpClient client = HttpClientBuilder.create().setDefaultCredentialsProvider(provider).build();
HttpResponse response = client.execute(new HttpGet(repositoryMeta.getRepositoryLocation().getUrl() + "/api/session/userName"));
if (log.isBasic()) {
// $NON-NLS-1$
log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.SessionService.Sync"));
}
return EntityUtils.toString(response.getEntity());
} catch (Exception e) {
if (log.isError()) {
log.logError(BaseMessages.getString(PKG, "PurRepositoryConnector.Error.EnableToGetUser"), e);
}
return null;
}
}
});
WebServiceException repoException = repoWebServiceFuture.get();
if (repoException != null) {
log.logError(repoException.getMessage());
throw new Exception(BaseMessages.getString(PKG, "PurRepository.FailedLogin.Message"), repoException);
}
Exception syncException = syncWebserviceFuture.get();
if (syncException != null) {
throw syncException;
}
Boolean isAdmin = authorizationWebserviceFuture.get();
result.getUser().setAdmin(isAdmin);
String userName = sessionServiceFuture.get();
if (userName != null) {
result.getUser().setLogin(userName);
}
if (log.isBasic()) {
log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.RegisterSecurityProvider.Start"));
}
purRepositoryServiceRegistry.registerService(RepositorySecurityProvider.class, result.getSecurityProvider());
purRepositoryServiceRegistry.registerService(IAbsSecurityProvider.class, result.getSecurityProvider());
if (isAdmin) {
purRepositoryServiceRegistry.registerService(RepositorySecurityManager.class, result.getSecurityManager());
purRepositoryServiceRegistry.registerService(IRoleSupportSecurityManager.class, result.getSecurityManager());
purRepositoryServiceRegistry.registerService(IAbsSecurityManager.class, result.getSecurityManager());
}
purRepositoryServiceRegistry.registerService(PurRepositoryRestService.PurRepositoryPluginApiRevision.class, serviceManager.createService(username, decryptedPassword, PurRepositoryRestService.PurRepositoryPluginApiRevision.class));
purRepositoryServiceRegistry.registerService(IRevisionService.class, new UnifiedRepositoryRevisionService(result.getUnifiedRepository(), rootRef));
purRepositoryServiceRegistry.registerService(IAclService.class, new UnifiedRepositoryConnectionAclService(result.getUnifiedRepository()));
purRepositoryServiceRegistry.registerService(IConnectionAclService.class, new UnifiedRepositoryConnectionAclService(result.getUnifiedRepository()));
purRepositoryServiceRegistry.registerService(ITrashService.class, new UnifiedRepositoryTrashService(result.getUnifiedRepository(), rootRef));
purRepositoryServiceRegistry.registerService(ILockService.class, new UnifiedRepositoryLockService(result.getUnifiedRepository()));
if (log.isBasic()) {
log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.RepositoryServicesRegistered.End"));
}
result.setSuccess(true);
} catch (NullPointerException npe) {
result.setSuccess(false);
throw new KettleException(BaseMessages.getString(PKG, "PurRepository.LoginException.Message"));
} catch (Throwable e) {
result.setSuccess(false);
serviceManager.close();
throw new KettleException(e);
}
return result;
}
use of org.pentaho.di.repository.pur.model.EEUserInfo in project pentaho-kettle by pentaho.
the class UserRoleHelperTest method mockSecurityManager.
private static IRoleSupportSecurityManager mockSecurityManager(final boolean eeUsers) throws KettleException {
IRoleSupportSecurityManager manager = mock(IRoleSupportSecurityManager.class);
when(manager.constructUser()).thenAnswer(new Answer<IUser>() {
@Override
public IUser answer(InvocationOnMock invocation) throws Throwable {
return eeUsers ? new EEUserInfo() : new UserInfo();
}
});
when(manager.constructRole()).thenAnswer(new Answer<IRole>() {
@Override
public IRole answer(InvocationOnMock invocation) throws Throwable {
return new EERoleInfo();
}
});
return manager;
}
use of org.pentaho.di.repository.pur.model.EEUserInfo in project pentaho-kettle by pentaho.
the class UIEESecurityTest method testAddUser.
@Test
public void testAddUser() throws Exception {
try {
security.setSelectedDeck(ObjectRecipient.Type.USER);
UIEERepositoryUser userToAdd = new UIEERepositoryUser(new EEUserInfo());
userToAdd.setName("newuser");
userToAdd.setPassword("newpassword");
userToAdd.setDescription("new description");
Set<IUIRole> rolesToAssign = new HashSet<IUIRole>();
rolesToAssign.add(new UIRepositoryRole(ctoRole));
rolesToAssign.add(new UIRepositoryRole(isRole));
rolesToAssign.add(new UIRepositoryRole(adminRole));
rolesToAssign.add(new UIRepositoryRole(authenticatedRole));
userToAdd.setRoles(rolesToAssign);
security.addUser(userToAdd);
assertEquals(security.getSelectedUser(), userToAdd);
assertEquals(security.getSelectedDeck(), ObjectRecipient.Type.USER);
assertEquals(security.getUserList().size(), 5);
} catch (Exception e) {
Assert.fail();
}
}
use of org.pentaho.di.repository.pur.model.EEUserInfo in project pentaho-kettle by pentaho.
the class UIEESecurityTest method testRemoveUser.
@Test
public void testRemoveUser() throws Exception {
try {
UIEERepositoryUser userToAdd = new UIEERepositoryUser(new EEUserInfo());
userToAdd.setName("newuser");
userToAdd.setPassword("newpassword");
userToAdd.setDescription("new description");
Set<IUIRole> rolesToAssign = new HashSet<IUIRole>();
rolesToAssign.add(new UIRepositoryRole(ctoRole));
rolesToAssign.add(new UIRepositoryRole(isRole));
rolesToAssign.add(new UIRepositoryRole(adminRole));
rolesToAssign.add(new UIRepositoryRole(authenticatedRole));
userToAdd.setRoles(rolesToAssign);
security.addUser(userToAdd);
// IUIUser selectedUser = security.getSelectedUser();
int removeUserIndex = security.getSelectedUserIndex();
security.removeUser("newuser");
assertEquals(security.getSelectedUserIndex(), removeUserIndex - 1);
assertEquals(security.getUserList().size(), 4);
} catch (Exception e) {
Assert.fail();
}
}
use of org.pentaho.di.repository.pur.model.EEUserInfo in project pentaho-kettle by pentaho.
the class UIEESecurityTest method init.
@Before
public void init() {
roles.add(adminRole);
roles.add(anonymousRole);
roles.add(authenticatedRole);
roles.add(ceoRole);
roles.add(ctoRole);
roles.add(devRole);
roles.add(devmgrRole);
roles.add(isRole);
joeUser = new EEUserInfo("joe", "password", "joe", "joe", true);
patUser = new EEUserInfo("pat", "password", "pat", "pat", true);
suzyUser = new EEUserInfo("suzy", "password", "suzy", "suzy", true);
tiffanyUser = new EEUserInfo("tiffany", "password", "tiffany", "tiffany", true);
joeUser.addRole(roles.get(0));
joeUser.addRole(roles.get(2));
joeUser.addRole(roles.get(3));
suzyUser.addRole(roles.get(2));
suzyUser.addRole(roles.get(4));
suzyUser.addRole(roles.get(7));
patUser.addRole(roles.get(2));
patUser.addRole(roles.get(5));
tiffanyUser.addRole(roles.get(2));
tiffanyUser.addRole(roles.get(5));
tiffanyUser.addRole(roles.get(6));
adminRole.addUser(joeUser);
adminRole.addUser(patUser);
anonymousRole.addUser(tiffanyUser);
authenticatedRole.addUser(joeUser);
authenticatedRole.addUser(patUser);
authenticatedRole.addUser(suzyUser);
authenticatedRole.addUser(tiffanyUser);
ceoRole.addUser(joeUser);
ctoRole.addUser(patUser);
devmgrRole.addUser(joeUser);
devmgrRole.addUser(patUser);
isRole.addUser(joeUser);
isRole.addUser(suzyUser);
users.add(joeUser);
users.add(patUser);
users.add(suzyUser);
users.add(tiffanyUser);
rroles = new ArrayList<IUIRole>();
for (IRole EERoleInfo : roles) {
IUIRole role = new UIRepositoryRole(EERoleInfo);
rroles.add(role);
}
rusers = new ArrayList<IUIUser>();
for (IUser eEUserInfo : users) {
rusers.add(new UIRepositoryUser(eEUserInfo));
}
security.setUserList(rusers);
security.setRoleList(rroles);
}
Aggregations