use of org.pentaho.platform.api.engine.IPentahoSession in project pentaho-platform by pentaho.
the class PentahoSystem method runAsSystem.
/**
* Runs code as system with full privileges.
* <p/>
* <p>
* Unfortunate copy and paste from SecurityHelper due to dependencies.
* </p>
*/
private static <T> T runAsSystem(final Callable<T> callable) throws Exception {
final String name = StringUtils.defaultIfEmpty(PentahoSystem.get(String.class, "singleTenantAdminUserName", null), "admin");
IPentahoSession origSession = PentahoSessionHolder.getSession();
SecurityContext originalContext = SecurityContextHolder.getContext();
try {
// create pentaho session
StandaloneSession session = new StandaloneSession(name);
session.setAuthenticated(name);
// create authentication
List<GrantedAuthority> roles;
ISystemSettings settings = PentahoSystem.getSystemSettings();
String roleName = (settings != null) ? settings.getSystemSetting("acl-voter/admin-role", "Admin") : "Admin";
roles = new ArrayList<GrantedAuthority>();
roles.add(new SimpleGrantedAuthority(roleName));
User user = new User(name, "", true, true, true, true, roles);
// $NON-NLS-1$
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(user, "", roles);
// set holders
PentahoSessionHolder.setSession(session);
// Clearing the SecurityContext to force the subsequent call to getContext() to generate a new SecurityContext.
// This prevents us from modifying the Authentication on a SecurityContext isntance which may be shared between
// threads.
SecurityContextHolder.clearContext();
SecurityContextHolder.getContext().setAuthentication(auth);
return callable.call();
} finally {
IPentahoSession sessionToDestroy = PentahoSessionHolder.getSession();
if (sessionToDestroy != null && sessionToDestroy != origSession) {
try {
sessionToDestroy.destroy();
} catch (Exception e) {
e.printStackTrace();
}
}
PentahoSessionHolder.setSession(origSession);
SecurityContextHolder.setContext(originalContext);
}
}
use of org.pentaho.platform.api.engine.IPentahoSession in project pentaho-platform by pentaho.
the class SecurityHelper method runAsUser.
@Override
public <T> T runAsUser(final String principalName, final IParameterProvider paramProvider, final Callable<T> callable) throws Exception {
IPentahoSession origSession = PentahoSessionHolder.getSession();
Authentication origAuth = SecurityContextHolder.getContext().getAuthentication();
try {
becomeUser(principalName);
return callable.call();
} finally {
IPentahoSession sessionToDestroy = PentahoSessionHolder.getSession();
if (sessionToDestroy != null && sessionToDestroy != origSession) {
try {
sessionToDestroy.destroy();
} catch (Exception e) {
e.printStackTrace();
}
}
PentahoSessionHolder.setSession(origSession);
SecurityContextHolder.getContext().setAuthentication(origAuth);
}
}
use of org.pentaho.platform.api.engine.IPentahoSession in project pentaho-platform by pentaho.
the class SecurityHelper method runAsSystem.
/**
* Runs code as system with full privileges.
*/
public <T> T runAsSystem(final Callable<T> callable) throws Exception {
String singleTenantAdmin = PentahoSystem.get(String.class, "singleTenantAdminUserName", null);
IPentahoSession origSession = PentahoSessionHolder.getSession();
Authentication origAuth = SecurityContextHolder.getContext().getAuthentication();
StandaloneSession session = null;
try {
session = new StandaloneSession(singleTenantAdmin);
session.setAuthenticated(singleTenantAdmin);
// Set the session first or else the call to
// createAuthentication will fail
PentahoSessionHolder.setSession(session);
// Clearing the SecurityContext to force the subsequent call to getContext() to generate a new SecurityContext.
// This prevents us from modifying the Authentication on a SecurityContext isntance which may be shared between
// threads.
SecurityContextHolder.clearContext();
// Now create the authentication
// $NON-NLS-1$
Authentication auth = createAuthentication(singleTenantAdmin);
SecurityContextHolder.getContext().setAuthentication(auth);
// Invoke the delta.
return callable.call();
} finally {
// Make sure to destroy the system session so we don't leak anything.
if (session != null) {
try {
session.destroy();
} catch (Exception e) {
// We can safely ignore this.
e.printStackTrace();
}
}
// Reset the original session.
PentahoSessionHolder.setSession(origSession);
SecurityContextHolder.getContext().setAuthentication(origAuth);
}
}
use of org.pentaho.platform.api.engine.IPentahoSession in project pentaho-platform by pentaho.
the class SecurityHelper method runAsAnonymous.
/**
* Utility method that allows you to run a block of code as the given user. Regardless of success or exception
* situation, the original session and authentication will be restored once your block of code is finished executing,
* i.e. the given user will apply only to your {@link Callable}, then the system environment will return to the user
* present prior to you calling this method.
*
* @param <T> the return type of your operation, specify this type as <code>T</code>
* @param callable {@link Callable#call()} contains the code you wish to run as the given user
* @return the value returned by your implementation of {@link Callable#call()}
* @throws Exception
* @see {@link Callable}
*/
@Override
public <T> T runAsAnonymous(final Callable<T> callable) throws Exception {
IPentahoSession origSession = PentahoSessionHolder.getSession();
Authentication origAuth = SecurityContextHolder.getContext().getAuthentication();
try {
PentahoSessionHolder.setSession(new StandaloneSession());
// get anonymous username/role defined in pentaho.xml
String user = PentahoSystem.getSystemSetting("anonymous-authentication/anonymous-user", // $NON-NLS-1$//$NON-NLS-2$
"anonymousUser");
String role = PentahoSystem.getSystemSetting("anonymous-authentication/anonymous-role", // $NON-NLS-1$//$NON-NLS-2$
"Anonymous");
List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
authorities.add(new SimpleGrantedAuthority(role));
Authentication auth = new AnonymousAuthenticationToken("anonymousUser", new User(user, "ignored", true, true, true, true, authorities), authorities);
// Clearing the SecurityContext to force the subsequent call to getContext() to generate a new SecurityContext.
// This prevents us from modifying the Authentication on a SecurityContext isntance which may be shared between
// threads.
SecurityContextHolder.clearContext();
SecurityContextHolder.getContext().setAuthentication(auth);
return callable.call();
} finally {
PentahoSessionHolder.setSession(origSession);
SecurityContextHolder.getContext().setAuthentication(origAuth);
}
}
use of org.pentaho.platform.api.engine.IPentahoSession in project pentaho-platform by pentaho.
the class SessionBoundPentahoObjectReference method createObject.
@SuppressWarnings("unchecked")
@Override
protected T createObject() throws ObjectFactoryException {
final IPentahoSession session = PentahoSessionHolder.getSession();
Map<Class<?>, Object> classObjectMap = cache.get(session);
if (classObjectMap == null) {
classObjectMap = new WeakHashMap<Class<?>, Object>();
cache.put(session, classObjectMap);
}
if (classObjectMap.containsKey(this.getObjectClass())) {
return (T) classObjectMap.get(this.getObjectClass());
}
T newObject = creator.create(session);
classObjectMap.put(this.getObjectClass(), newObject);
return newObject;
}
Aggregations