Search in sources :

Example 6 with EEUserInfo

use of org.pentaho.di.repository.pur.model.EEUserInfo in project pentaho-kettle by pentaho.

the class PurRepositoryConnector method connect.

public synchronized RepositoryConnectResult connect(final String username, final String password) throws KettleException {
    if (serviceManager != null) {
        disconnect();
    }
    serviceManager = new WebServiceManager(repositoryMeta.getRepositoryLocation().getUrl(), username);
    RepositoryServiceRegistry purRepositoryServiceRegistry = new RepositoryServiceRegistry();
    IUser user1 = new EEUserInfo();
    final String decryptedPassword = Encr.decryptPasswordOptionallyEncrypted(password);
    final RepositoryConnectResult result = new RepositoryConnectResult(purRepositoryServiceRegistry);
    try {
        /*
       * Three scenarios: 1. Connect in process: username fetched using PentahoSessionHolder; no authentication occurs
       * 2. Connect externally with trust: username specified is assumed authenticated if IP of calling code is trusted
       * 3. Connect externally: authentication occurs normally (i.e. password is checked)
       */
        user1.setLogin(username);
        user1.setPassword(decryptedPassword);
        user1.setName(username);
        result.setUser(user1);
        // We need to have the application context and the session available in order for us to skip authentication
        if (PentahoSystem.getApplicationContext() != null && PentahoSessionHolder.getSession() != null && PentahoSessionHolder.getSession().isAuthenticated()) {
            if (inProcess()) {
                // connect to the IUnifiedRepository through PentahoSystem
                // this assumes we're running in a BI Platform
                result.setUnifiedRepository(PentahoSystem.get(IUnifiedRepository.class));
                if (result.getUnifiedRepository() != null) {
                    if (log.isDebug()) {
                        log.logDebug(BaseMessages.getString(PKG, "PurRepositoryConnector.ConnectInProgress.Begin"));
                    }
                    String name = PentahoSessionHolder.getSession().getName();
                    user1 = new EEUserInfo();
                    user1.setLogin(name);
                    user1.setName(name);
                    user1.setPassword(decryptedPassword);
                    result.setUser(user1);
                    result.setSuccess(true);
                    if (log.isDebug()) {
                        log.logDebug(BaseMessages.getString(PKG, "PurRepositoryConnector.ConnectInProgress", name, result.getUnifiedRepository()));
                    }
                    // what about security provider?
                    return result;
                }
            }
        }
        ExecutorService executor = getExecutor();
        Future<Boolean> authorizationWebserviceFuture = executor.submit(new Callable<Boolean>() {

            @Override
            public Boolean call() throws Exception {
                // IRoleSupportSecurityManager depends RepositorySecurityManager to be present
                if (log.isBasic()) {
                    log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateServiceProvider.Start"));
                }
                result.setSecurityProvider(new AbsSecurityProvider(purRepository, repositoryMeta, result.getUser(), serviceManager));
                if (log.isBasic()) {
                    // $NON-NLS-1$
                    log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateServiceProvider.End"));
                }
                // need to added them to the service list
                if (allowedActionsContains((AbsSecurityProvider) result.getSecurityProvider(), IAbsSecurityProvider.ADMINISTER_SECURITY_ACTION)) {
                    result.setSecurityManager(new AbsSecurityManager(purRepository, repositoryMeta, result.getUser(), serviceManager));
                    // Set the reference of the security manager to security provider for user role list change event
                    ((PurRepositorySecurityProvider) result.getSecurityProvider()).setUserRoleDelegate(((PurRepositorySecurityManager) result.getSecurityManager()).getUserRoleDelegate());
                    return true;
                }
                return false;
            }
        });
        Future<WebServiceException> repoWebServiceFuture = executor.submit(new Callable<WebServiceException>() {

            @Override
            public WebServiceException call() throws Exception {
                try {
                    IUnifiedRepositoryJaxwsWebService repoWebService = null;
                    if (log.isBasic()) {
                        // $NON-NLS-1$
                        log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateRepositoryWebService.Start"));
                    }
                    repoWebService = // $NON-NLS-1$
                    serviceManager.createService(username, decryptedPassword, IUnifiedRepositoryJaxwsWebService.class);
                    if (log.isBasic()) {
                        // $NON-NLS-1$
                        log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateRepositoryWebService.End"));
                    }
                    if (log.isBasic()) {
                        // $NON-NLS-1$
                        log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateUnifiedRepositoryToWebServiceAdapter.Start"));
                    }
                    result.setUnifiedRepository(new UnifiedRepositoryToWebServiceAdapter(repoWebService));
                } catch (WebServiceException wse) {
                    return wse;
                }
                return null;
            }
        });
        Future<Exception> syncWebserviceFuture = executor.submit(new Callable<Exception>() {

            @Override
            public Exception call() throws Exception {
                try {
                    if (log.isBasic()) {
                        log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateRepositorySyncWebService.Start"));
                    }
                    IRepositorySyncWebService syncWebService = // $NON-NLS-1$
                    serviceManager.createService(username, decryptedPassword, IRepositorySyncWebService.class);
                    if (log.isBasic()) {
                        // $NON-NLS-1$
                        log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.CreateRepositorySyncWebService.Sync"));
                    }
                    syncWebService.sync(repositoryMeta.getName(), repositoryMeta.getRepositoryLocation().getUrl());
                } catch (RepositorySyncException e) {
                    log.logError(e.getMessage(), e);
                    // this message will be presented to the user in spoon
                    result.setConnectMessage(e.getMessage());
                    return null;
                } catch (ClientTransportException e) {
                    // caused by authentication errors, etc
                    return e;
                } catch (WebServiceException e) {
                    // if we can speak to the repository okay but not the sync service, assume we're talking to a BA Server
                    log.logError(e.getMessage(), e);
                    return new Exception(BaseMessages.getString(PKG, "PurRepository.BAServerLogin.Message"), e);
                }
                return null;
            }
        });
        Future<String> sessionServiceFuture = executor.submit(new Callable<String>() {

            @Override
            public String call() throws Exception {
                try {
                    if (log.isBasic()) {
                        log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.SessionService.Start"));
                    }
                    CredentialsProvider provider = new BasicCredentialsProvider();
                    UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(username, password);
                    provider.setCredentials(AuthScope.ANY, credentials);
                    HttpClient client = HttpClientBuilder.create().setDefaultCredentialsProvider(provider).build();
                    HttpResponse response = client.execute(new HttpGet(repositoryMeta.getRepositoryLocation().getUrl() + "/api/session/userName"));
                    if (log.isBasic()) {
                        // $NON-NLS-1$
                        log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.SessionService.Sync"));
                    }
                    return EntityUtils.toString(response.getEntity());
                } catch (Exception e) {
                    if (log.isError()) {
                        log.logError(BaseMessages.getString(PKG, "PurRepositoryConnector.Error.EnableToGetUser"), e);
                    }
                    return null;
                }
            }
        });
        WebServiceException repoException = repoWebServiceFuture.get();
        if (repoException != null) {
            log.logError(repoException.getMessage());
            throw new Exception(BaseMessages.getString(PKG, "PurRepository.FailedLogin.Message"), repoException);
        }
        Exception syncException = syncWebserviceFuture.get();
        if (syncException != null) {
            throw syncException;
        }
        Boolean isAdmin = authorizationWebserviceFuture.get();
        result.getUser().setAdmin(isAdmin);
        String userName = sessionServiceFuture.get();
        if (userName != null) {
            result.getUser().setLogin(userName);
        }
        if (log.isBasic()) {
            log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.RegisterSecurityProvider.Start"));
        }
        purRepositoryServiceRegistry.registerService(RepositorySecurityProvider.class, result.getSecurityProvider());
        purRepositoryServiceRegistry.registerService(IAbsSecurityProvider.class, result.getSecurityProvider());
        if (isAdmin) {
            purRepositoryServiceRegistry.registerService(RepositorySecurityManager.class, result.getSecurityManager());
            purRepositoryServiceRegistry.registerService(IRoleSupportSecurityManager.class, result.getSecurityManager());
            purRepositoryServiceRegistry.registerService(IAbsSecurityManager.class, result.getSecurityManager());
        }
        purRepositoryServiceRegistry.registerService(PurRepositoryRestService.PurRepositoryPluginApiRevision.class, serviceManager.createService(username, decryptedPassword, PurRepositoryRestService.PurRepositoryPluginApiRevision.class));
        purRepositoryServiceRegistry.registerService(IRevisionService.class, new UnifiedRepositoryRevisionService(result.getUnifiedRepository(), rootRef));
        purRepositoryServiceRegistry.registerService(IAclService.class, new UnifiedRepositoryConnectionAclService(result.getUnifiedRepository()));
        purRepositoryServiceRegistry.registerService(IConnectionAclService.class, new UnifiedRepositoryConnectionAclService(result.getUnifiedRepository()));
        purRepositoryServiceRegistry.registerService(ITrashService.class, new UnifiedRepositoryTrashService(result.getUnifiedRepository(), rootRef));
        purRepositoryServiceRegistry.registerService(ILockService.class, new UnifiedRepositoryLockService(result.getUnifiedRepository()));
        if (log.isBasic()) {
            log.logBasic(BaseMessages.getString(PKG, "PurRepositoryConnector.RepositoryServicesRegistered.End"));
        }
        result.setSuccess(true);
    } catch (NullPointerException npe) {
        result.setSuccess(false);
        throw new KettleException(BaseMessages.getString(PKG, "PurRepository.LoginException.Message"));
    } catch (Throwable e) {
        result.setSuccess(false);
        serviceManager.close();
        throw new KettleException(e);
    }
    return result;
}
Also used : ClientTransportException(com.sun.xml.ws.client.ClientTransportException) KettleException(org.pentaho.di.core.exception.KettleException) BasicCredentialsProvider(org.apache.http.impl.client.BasicCredentialsProvider) HttpGet(org.apache.http.client.methods.HttpGet) RepositorySyncException(com.pentaho.pdi.ws.RepositorySyncException) IUser(org.pentaho.di.repository.IUser) IAbsSecurityManager(org.pentaho.di.ui.repository.pur.services.IAbsSecurityManager) IRepositorySyncWebService(com.pentaho.pdi.ws.IRepositorySyncWebService) WebServiceException(javax.xml.ws.WebServiceException) EEUserInfo(org.pentaho.di.repository.pur.model.EEUserInfo) HttpResponse(org.apache.http.HttpResponse) BasicCredentialsProvider(org.apache.http.impl.client.BasicCredentialsProvider) CredentialsProvider(org.apache.http.client.CredentialsProvider) UnifiedRepositoryToWebServiceAdapter(org.pentaho.platform.repository2.unified.webservices.jaxws.UnifiedRepositoryToWebServiceAdapter) KettleException(org.pentaho.di.core.exception.KettleException) RepositorySyncException(com.pentaho.pdi.ws.RepositorySyncException) WebServiceException(javax.xml.ws.WebServiceException) ClientTransportException(com.sun.xml.ws.client.ClientTransportException) UsernamePasswordCredentials(org.apache.http.auth.UsernamePasswordCredentials) IAbsSecurityProvider(org.pentaho.di.ui.repository.pur.services.IAbsSecurityProvider) HttpClient(org.apache.http.client.HttpClient) ExecutorService(java.util.concurrent.ExecutorService) IUnifiedRepositoryJaxwsWebService(org.pentaho.platform.repository2.unified.webservices.jaxws.IUnifiedRepositoryJaxwsWebService) IUnifiedRepository(org.pentaho.platform.api.repository2.unified.IUnifiedRepository)

Example 7 with EEUserInfo

use of org.pentaho.di.repository.pur.model.EEUserInfo in project pentaho-kettle by pentaho.

the class UserRoleHelperTest method mockSecurityManager.

private static IRoleSupportSecurityManager mockSecurityManager(final boolean eeUsers) throws KettleException {
    IRoleSupportSecurityManager manager = mock(IRoleSupportSecurityManager.class);
    when(manager.constructUser()).thenAnswer(new Answer<IUser>() {

        @Override
        public IUser answer(InvocationOnMock invocation) throws Throwable {
            return eeUsers ? new EEUserInfo() : new UserInfo();
        }
    });
    when(manager.constructRole()).thenAnswer(new Answer<IRole>() {

        @Override
        public IRole answer(InvocationOnMock invocation) throws Throwable {
            return new EERoleInfo();
        }
    });
    return manager;
}
Also used : IRoleSupportSecurityManager(org.pentaho.di.ui.repository.pur.services.IRoleSupportSecurityManager) IRole(org.pentaho.di.repository.pur.model.IRole) InvocationOnMock(org.mockito.invocation.InvocationOnMock) IUser(org.pentaho.di.repository.IUser) EEUserInfo(org.pentaho.di.repository.pur.model.EEUserInfo) EEUserInfo(org.pentaho.di.repository.pur.model.EEUserInfo) UserInfo(org.pentaho.di.repository.UserInfo) EERoleInfo(org.pentaho.di.repository.pur.model.EERoleInfo)

Example 8 with EEUserInfo

use of org.pentaho.di.repository.pur.model.EEUserInfo in project pentaho-kettle by pentaho.

the class UIEESecurityTest method testAddUser.

@Test
public void testAddUser() throws Exception {
    try {
        security.setSelectedDeck(ObjectRecipient.Type.USER);
        UIEERepositoryUser userToAdd = new UIEERepositoryUser(new EEUserInfo());
        userToAdd.setName("newuser");
        userToAdd.setPassword("newpassword");
        userToAdd.setDescription("new description");
        Set<IUIRole> rolesToAssign = new HashSet<IUIRole>();
        rolesToAssign.add(new UIRepositoryRole(ctoRole));
        rolesToAssign.add(new UIRepositoryRole(isRole));
        rolesToAssign.add(new UIRepositoryRole(adminRole));
        rolesToAssign.add(new UIRepositoryRole(authenticatedRole));
        userToAdd.setRoles(rolesToAssign);
        security.addUser(userToAdd);
        assertEquals(security.getSelectedUser(), userToAdd);
        assertEquals(security.getSelectedDeck(), ObjectRecipient.Type.USER);
        assertEquals(security.getUserList().size(), 5);
    } catch (Exception e) {
        Assert.fail();
    }
}
Also used : UIEERepositoryUser(org.pentaho.di.ui.repository.pur.repositoryexplorer.model.UIEERepositoryUser) UIRepositoryRole(org.pentaho.di.ui.repository.pur.repositoryexplorer.model.UIRepositoryRole) EEUserInfo(org.pentaho.di.repository.pur.model.EEUserInfo) IUIRole(org.pentaho.di.ui.repository.pur.repositoryexplorer.IUIRole) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 9 with EEUserInfo

use of org.pentaho.di.repository.pur.model.EEUserInfo in project pentaho-kettle by pentaho.

the class UIEESecurityTest method testRemoveUser.

@Test
public void testRemoveUser() throws Exception {
    try {
        UIEERepositoryUser userToAdd = new UIEERepositoryUser(new EEUserInfo());
        userToAdd.setName("newuser");
        userToAdd.setPassword("newpassword");
        userToAdd.setDescription("new description");
        Set<IUIRole> rolesToAssign = new HashSet<IUIRole>();
        rolesToAssign.add(new UIRepositoryRole(ctoRole));
        rolesToAssign.add(new UIRepositoryRole(isRole));
        rolesToAssign.add(new UIRepositoryRole(adminRole));
        rolesToAssign.add(new UIRepositoryRole(authenticatedRole));
        userToAdd.setRoles(rolesToAssign);
        security.addUser(userToAdd);
        // IUIUser selectedUser = security.getSelectedUser();
        int removeUserIndex = security.getSelectedUserIndex();
        security.removeUser("newuser");
        assertEquals(security.getSelectedUserIndex(), removeUserIndex - 1);
        assertEquals(security.getUserList().size(), 4);
    } catch (Exception e) {
        Assert.fail();
    }
}
Also used : UIEERepositoryUser(org.pentaho.di.ui.repository.pur.repositoryexplorer.model.UIEERepositoryUser) UIRepositoryRole(org.pentaho.di.ui.repository.pur.repositoryexplorer.model.UIRepositoryRole) EEUserInfo(org.pentaho.di.repository.pur.model.EEUserInfo) IUIRole(org.pentaho.di.ui.repository.pur.repositoryexplorer.IUIRole) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 10 with EEUserInfo

use of org.pentaho.di.repository.pur.model.EEUserInfo in project pentaho-kettle by pentaho.

the class UIEESecurityTest method init.

@Before
public void init() {
    roles.add(adminRole);
    roles.add(anonymousRole);
    roles.add(authenticatedRole);
    roles.add(ceoRole);
    roles.add(ctoRole);
    roles.add(devRole);
    roles.add(devmgrRole);
    roles.add(isRole);
    joeUser = new EEUserInfo("joe", "password", "joe", "joe", true);
    patUser = new EEUserInfo("pat", "password", "pat", "pat", true);
    suzyUser = new EEUserInfo("suzy", "password", "suzy", "suzy", true);
    tiffanyUser = new EEUserInfo("tiffany", "password", "tiffany", "tiffany", true);
    joeUser.addRole(roles.get(0));
    joeUser.addRole(roles.get(2));
    joeUser.addRole(roles.get(3));
    suzyUser.addRole(roles.get(2));
    suzyUser.addRole(roles.get(4));
    suzyUser.addRole(roles.get(7));
    patUser.addRole(roles.get(2));
    patUser.addRole(roles.get(5));
    tiffanyUser.addRole(roles.get(2));
    tiffanyUser.addRole(roles.get(5));
    tiffanyUser.addRole(roles.get(6));
    adminRole.addUser(joeUser);
    adminRole.addUser(patUser);
    anonymousRole.addUser(tiffanyUser);
    authenticatedRole.addUser(joeUser);
    authenticatedRole.addUser(patUser);
    authenticatedRole.addUser(suzyUser);
    authenticatedRole.addUser(tiffanyUser);
    ceoRole.addUser(joeUser);
    ctoRole.addUser(patUser);
    devmgrRole.addUser(joeUser);
    devmgrRole.addUser(patUser);
    isRole.addUser(joeUser);
    isRole.addUser(suzyUser);
    users.add(joeUser);
    users.add(patUser);
    users.add(suzyUser);
    users.add(tiffanyUser);
    rroles = new ArrayList<IUIRole>();
    for (IRole EERoleInfo : roles) {
        IUIRole role = new UIRepositoryRole(EERoleInfo);
        rroles.add(role);
    }
    rusers = new ArrayList<IUIUser>();
    for (IUser eEUserInfo : users) {
        rusers.add(new UIRepositoryUser(eEUserInfo));
    }
    security.setUserList(rusers);
    security.setRoleList(rroles);
}
Also used : IUIRole(org.pentaho.di.ui.repository.pur.repositoryexplorer.IUIRole) IRole(org.pentaho.di.repository.pur.model.IRole) UIRepositoryRole(org.pentaho.di.ui.repository.pur.repositoryexplorer.model.UIRepositoryRole) IUIUser(org.pentaho.di.ui.repository.repositoryexplorer.model.IUIUser) EEUserInfo(org.pentaho.di.repository.pur.model.EEUserInfo) IUIUser(org.pentaho.di.ui.repository.repositoryexplorer.model.IUIUser) IUser(org.pentaho.di.repository.IUser) UIRepositoryUser(org.pentaho.di.ui.repository.repositoryexplorer.model.UIRepositoryUser) IUIRole(org.pentaho.di.ui.repository.pur.repositoryexplorer.IUIRole) Before(org.junit.Before)

Aggregations

EEUserInfo (org.pentaho.di.repository.pur.model.EEUserInfo)11 Test (org.junit.Test)6 UIRepositoryRole (org.pentaho.di.ui.repository.pur.repositoryexplorer.model.UIRepositoryRole)6 HashSet (java.util.HashSet)5 IUIRole (org.pentaho.di.ui.repository.pur.repositoryexplorer.IUIRole)4 IUser (org.pentaho.di.repository.IUser)3 EERoleInfo (org.pentaho.di.repository.pur.model.EERoleInfo)3 UIEERepositoryUser (org.pentaho.di.ui.repository.pur.repositoryexplorer.model.UIEERepositoryUser)3 Before (org.junit.Before)2 IRole (org.pentaho.di.repository.pur.model.IRole)2 IRoleSupportSecurityManager (org.pentaho.di.ui.repository.pur.services.IRoleSupportSecurityManager)2 IUIUser (org.pentaho.di.ui.repository.repositoryexplorer.model.IUIUser)2 IUnifiedRepository (org.pentaho.platform.api.repository2.unified.IUnifiedRepository)2 IRepositorySyncWebService (com.pentaho.pdi.ws.IRepositorySyncWebService)1 RepositorySyncException (com.pentaho.pdi.ws.RepositorySyncException)1 ClientTransportException (com.sun.xml.ws.client.ClientTransportException)1 ExecutorService (java.util.concurrent.ExecutorService)1 WebServiceException (javax.xml.ws.WebServiceException)1 HttpResponse (org.apache.http.HttpResponse)1 UsernamePasswordCredentials (org.apache.http.auth.UsernamePasswordCredentials)1