Search in sources :

Example 11 with IPentahoSession

use of org.pentaho.platform.api.engine.IPentahoSession in project pentaho-platform by pentaho.

the class PentahoSystem method runAsSystem.

/**
 * Runs code as system with full privileges.
 * <p/>
 * <p>
 * Unfortunate copy and paste from SecurityHelper due to dependencies.
 * </p>
 */
private static <T> T runAsSystem(final Callable<T> callable) throws Exception {
    final String name = StringUtils.defaultIfEmpty(PentahoSystem.get(String.class, "singleTenantAdminUserName", null), "admin");
    IPentahoSession origSession = PentahoSessionHolder.getSession();
    SecurityContext originalContext = SecurityContextHolder.getContext();
    try {
        // create pentaho session
        StandaloneSession session = new StandaloneSession(name);
        session.setAuthenticated(name);
        // create authentication
        List<GrantedAuthority> roles;
        ISystemSettings settings = PentahoSystem.getSystemSettings();
        String roleName = (settings != null) ? settings.getSystemSetting("acl-voter/admin-role", "Admin") : "Admin";
        roles = new ArrayList<GrantedAuthority>();
        roles.add(new SimpleGrantedAuthority(roleName));
        User user = new User(name, "", true, true, true, true, roles);
        // $NON-NLS-1$
        UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(user, "", roles);
        // set holders
        PentahoSessionHolder.setSession(session);
        // Clearing the SecurityContext to force the subsequent call to getContext() to generate a new SecurityContext.
        // This prevents us from modifying the Authentication on a SecurityContext isntance which may be shared between
        // threads.
        SecurityContextHolder.clearContext();
        SecurityContextHolder.getContext().setAuthentication(auth);
        return callable.call();
    } finally {
        IPentahoSession sessionToDestroy = PentahoSessionHolder.getSession();
        if (sessionToDestroy != null && sessionToDestroy != origSession) {
            try {
                sessionToDestroy.destroy();
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
        PentahoSessionHolder.setSession(origSession);
        SecurityContextHolder.setContext(originalContext);
    }
}
Also used : SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) User(org.springframework.security.core.userdetails.User) IPentahoSession(org.pentaho.platform.api.engine.IPentahoSession) GrantedAuthority(org.springframework.security.core.GrantedAuthority) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) SecurityContext(org.springframework.security.core.context.SecurityContext) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) ISystemSettings(org.pentaho.platform.api.engine.ISystemSettings) ObjectFactoryException(org.pentaho.platform.api.engine.ObjectFactoryException) PentahoSystemException(org.pentaho.platform.api.engine.PentahoSystemException) MalformedURLException(java.net.MalformedURLException) IOException(java.io.IOException)

Example 12 with IPentahoSession

use of org.pentaho.platform.api.engine.IPentahoSession in project pentaho-platform by pentaho.

the class SecurityHelper method runAsUser.

@Override
public <T> T runAsUser(final String principalName, final IParameterProvider paramProvider, final Callable<T> callable) throws Exception {
    IPentahoSession origSession = PentahoSessionHolder.getSession();
    Authentication origAuth = SecurityContextHolder.getContext().getAuthentication();
    try {
        becomeUser(principalName);
        return callable.call();
    } finally {
        IPentahoSession sessionToDestroy = PentahoSessionHolder.getSession();
        if (sessionToDestroy != null && sessionToDestroy != origSession) {
            try {
                sessionToDestroy.destroy();
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
        PentahoSessionHolder.setSession(origSession);
        SecurityContextHolder.getContext().setAuthentication(origAuth);
    }
}
Also used : IPentahoSession(org.pentaho.platform.api.engine.IPentahoSession) Authentication(org.springframework.security.core.Authentication)

Example 13 with IPentahoSession

use of org.pentaho.platform.api.engine.IPentahoSession in project pentaho-platform by pentaho.

the class SecurityHelper method runAsSystem.

/**
 * Runs code as system with full privileges.
 */
public <T> T runAsSystem(final Callable<T> callable) throws Exception {
    String singleTenantAdmin = PentahoSystem.get(String.class, "singleTenantAdminUserName", null);
    IPentahoSession origSession = PentahoSessionHolder.getSession();
    Authentication origAuth = SecurityContextHolder.getContext().getAuthentication();
    StandaloneSession session = null;
    try {
        session = new StandaloneSession(singleTenantAdmin);
        session.setAuthenticated(singleTenantAdmin);
        // Set the session first or else the call to
        // createAuthentication will fail
        PentahoSessionHolder.setSession(session);
        // Clearing the SecurityContext to force the subsequent call to getContext() to generate a new SecurityContext.
        // This prevents us from modifying the Authentication on a SecurityContext isntance which may be shared between
        // threads.
        SecurityContextHolder.clearContext();
        // Now create the authentication
        // $NON-NLS-1$
        Authentication auth = createAuthentication(singleTenantAdmin);
        SecurityContextHolder.getContext().setAuthentication(auth);
        // Invoke the delta.
        return callable.call();
    } finally {
        // Make sure to destroy the system session so we don't leak anything.
        if (session != null) {
            try {
                session.destroy();
            } catch (Exception e) {
                // We can safely ignore this.
                e.printStackTrace();
            }
        }
        // Reset the original session.
        PentahoSessionHolder.setSession(origSession);
        SecurityContextHolder.getContext().setAuthentication(origAuth);
    }
}
Also used : StandaloneSession(org.pentaho.platform.engine.core.system.StandaloneSession) IPentahoSession(org.pentaho.platform.api.engine.IPentahoSession) Authentication(org.springframework.security.core.Authentication)

Example 14 with IPentahoSession

use of org.pentaho.platform.api.engine.IPentahoSession in project pentaho-platform by pentaho.

the class SecurityHelper method runAsAnonymous.

/**
 * Utility method that allows you to run a block of code as the given user. Regardless of success or exception
 * situation, the original session and authentication will be restored once your block of code is finished executing,
 * i.e. the given user will apply only to your {@link Callable}, then the system environment will return to the user
 * present prior to you calling this method.
 *
 * @param <T>      the return type of your operation, specify this type as <code>T</code>
 * @param callable {@link Callable#call()} contains the code you wish to run as the given user
 * @return the value returned by your implementation of {@link Callable#call()}
 * @throws Exception
 * @see {@link Callable}
 */
@Override
public <T> T runAsAnonymous(final Callable<T> callable) throws Exception {
    IPentahoSession origSession = PentahoSessionHolder.getSession();
    Authentication origAuth = SecurityContextHolder.getContext().getAuthentication();
    try {
        PentahoSessionHolder.setSession(new StandaloneSession());
        // get anonymous username/role defined in pentaho.xml
        String user = PentahoSystem.getSystemSetting("anonymous-authentication/anonymous-user", // $NON-NLS-1$//$NON-NLS-2$
        "anonymousUser");
        String role = PentahoSystem.getSystemSetting("anonymous-authentication/anonymous-role", // $NON-NLS-1$//$NON-NLS-2$
        "Anonymous");
        List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
        authorities.add(new SimpleGrantedAuthority(role));
        Authentication auth = new AnonymousAuthenticationToken("anonymousUser", new User(user, "ignored", true, true, true, true, authorities), authorities);
        // Clearing the SecurityContext to force the subsequent call to getContext() to generate a new SecurityContext.
        // This prevents us from modifying the Authentication on a SecurityContext isntance which may be shared between
        // threads.
        SecurityContextHolder.clearContext();
        SecurityContextHolder.getContext().setAuthentication(auth);
        return callable.call();
    } finally {
        PentahoSessionHolder.setSession(origSession);
        SecurityContextHolder.getContext().setAuthentication(origAuth);
    }
}
Also used : SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) User(org.springframework.security.core.userdetails.User) StandaloneSession(org.pentaho.platform.engine.core.system.StandaloneSession) IPentahoSession(org.pentaho.platform.api.engine.IPentahoSession) Authentication(org.springframework.security.core.Authentication) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) ArrayList(java.util.ArrayList) AnonymousAuthenticationToken(org.springframework.security.authentication.AnonymousAuthenticationToken)

Example 15 with IPentahoSession

use of org.pentaho.platform.api.engine.IPentahoSession in project pentaho-platform by pentaho.

the class SessionBoundPentahoObjectReference method createObject.

@SuppressWarnings("unchecked")
@Override
protected T createObject() throws ObjectFactoryException {
    final IPentahoSession session = PentahoSessionHolder.getSession();
    Map<Class<?>, Object> classObjectMap = cache.get(session);
    if (classObjectMap == null) {
        classObjectMap = new WeakHashMap<Class<?>, Object>();
        cache.put(session, classObjectMap);
    }
    if (classObjectMap.containsKey(this.getObjectClass())) {
        return (T) classObjectMap.get(this.getObjectClass());
    }
    T newObject = creator.create(session);
    classObjectMap.put(this.getObjectClass(), newObject);
    return newObject;
}
Also used : IPentahoSession(org.pentaho.platform.api.engine.IPentahoSession)

Aggregations

IPentahoSession (org.pentaho.platform.api.engine.IPentahoSession)231 StandaloneSession (org.pentaho.platform.engine.core.system.StandaloneSession)76 Test (org.junit.Test)70 Matchers.anyString (org.mockito.Matchers.anyString)40 ArrayList (java.util.ArrayList)32 ITenant (org.pentaho.platform.api.mt.ITenant)22 IOException (java.io.IOException)20 StandaloneObjectFactory (org.pentaho.platform.engine.core.system.objfac.StandaloneObjectFactory)18 File (java.io.File)17 RepositoryFile (org.pentaho.platform.api.repository2.unified.RepositoryFile)16 Before (org.junit.Before)14 OutputStream (java.io.OutputStream)13 HashMap (java.util.HashMap)13 InputStream (java.io.InputStream)12 IRuntimeContext (org.pentaho.platform.api.engine.IRuntimeContext)12 ModelInfo (org.pentaho.platform.dataaccess.datasource.wizard.models.ModelInfo)12 Domain (org.pentaho.metadata.model.Domain)11 ObjectFactoryException (org.pentaho.platform.api.engine.ObjectFactoryException)11 List (java.util.List)10 IPentahoResultSet (org.pentaho.commons.connection.IPentahoResultSet)10