protected UserSessionEntity createUserSessionEntity(UserSession session, long since, long lastUsedTs) { UserSessionEntity use = metadata.create(UserSessionEntity.class); use.setId(session.getId()); use.setLogin(session.getUser().getLoginLowerCase()); use.setUserName(session.getUser().getName()); use.setAddress(session.getAddress()); use.setClientInfo(session.getClientInfo()); use.setSince(new Date(since)); use.setLastUsedTs(new Date(lastUsedTs)); use.setSystem(session.isSystem()); return use; }
private User getCurrentUser() { return getUserSessionSource().getUserSession().getCurrentOrSubstitutedUser(); }
@Override public RemoteInvocation createRemoteInvocation(MethodInvocation methodInvocation) { SecurityContext securityContext = AppContext.getSecurityContext(); CubaRemoteInvocation remoteInvocation = new CubaRemoteInvocation(methodInvocation, securityContext == null ? null : securityContext.getSessionId()); if (securityContext != null) { UserSession session = securityContext.getSession(); if (session instanceof ClientBasedSession && ((ClientBasedSession) session).hasRequestScopedInfo()) { remoteInvocation.setLocale(session.getLocale() != null ? session.getLocale().toLanguageTag() : null); remoteInvocation.setTimeZone(session.getTimeZone()); remoteInvocation.setAddress(session.getAddress()); remoteInvocation.setClientInfo(session.getClientInfo()); } } return remoteInvocation; } }
protected void incrementQueryKey() { queryKey = userSession.getAttribute("_queryKey"); if (queryKey == null) queryKey = 1; else queryKey++; userSession.setAttribute("_queryKey", queryKey); }
sessionLogEntry.setSessionId(userSession.getId()); if (substitutedSession != null) { sessionLogEntry.setUser(userSession.getUser()); sessionLogEntry.setSubstitutedUser(userSession.getSubstitutedUser()); } else { sessionLogEntry.setUser(userSession.getUser()); sessionLogEntry.setAddress(userSession.getAddress()); sessionLogEntry.setClientInfo(userSession.getClientInfo()); sessionLogEntry.setStartedTs(timeSource.currentTimestamp()); sessionLogEntry.setServer(serverInfoAPI.getServerId()); sessionLogEntry.setClientType(ClientType.valueOf((String) params.get(SessionParams.CLIENT_TYPE.getId()))); sessionLogEntry.setClientInfo(userSession.getClientInfo()); sessionLogEntry.setAddress(userSession.getAddress());
try { Map<String, String> messages = new TreeMap<>(); for (String name : userSession.getAttributeNames()) { if (name.startsWith(MESSAGE_ATTR_PREFIX)) { Object message = userSession.getAttribute(name); if (message instanceof String) messages.put(name, (String) message); Date dateTime = new Date(Long.parseLong(dateTimeMillis)); sb.append(datatype.format(dateTime, userSession.getLocale())).append("\n"); sb.append(entry.getValue()); userSession.removeAttribute(name); userSessions.propagate(userSession.getId()); return sb.toString();
protected void initializeAnonymousSession() { log.debug("Initialize anonymous session"); try { this.session = loginAnonymous(); log.debug("Anonymous session initialized with id {}", session.getId()); } catch (LoginException e) { // Server should not start in this case throw new RuntimeException("Unable to create anonymous session. It is required for system to start", e); } }
@SuppressWarnings("RedundantThrows") @Nullable @Override public AuthenticationDetails login(Credentials credentials) throws LoginException { if (!(credentials instanceof AnonymousUserCredentials)) { throw new ClassCastException("Credentials cannot be cast to AnonymousUserCredentials"); } AnonymousUserCredentials anonymousCredentials = (AnonymousUserCredentials) credentials; UserSession anonymousSession = anonymousSessionHolder.getAnonymousSession(); Locale credentialsLocale = anonymousCredentials.getLocale(); if (credentialsLocale != null) { anonymousSession.setLocale(credentialsLocale); } if (anonymousCredentials.getTimeZone() != null && Boolean.TRUE.equals(anonymousSession.getUser().getTimeZoneAuto())) { anonymousSession.setTimeZone(anonymousCredentials.getTimeZone()); } anonymousSession.setAddress(anonymousCredentials.getIpAddress()); anonymousSession.setClientInfo(anonymousCredentials.getClientInfo()); if (anonymousCredentials.getSessionAttributes() != null) { for (Map.Entry<String, Serializable> attribute : anonymousCredentials.getSessionAttributes().entrySet()) { anonymousSession.setAttribute(attribute.getKey(), attribute.getValue()); } } return new SimpleAuthenticationDetails(anonymousSession); }
@Override public EntitySnapshot createSnapshot(Entity entity, View view, Date snapshotDate) { User user = userSessionSource.getUserSession().getUser(); return createSnapshot(entity, view, snapshotDate, user); }
public UserInfo getUserInfo() { User user = userSessionSource.getUserSession().getCurrentOrSubstitutedUser(); UserInfo userInfo = new UserInfo(user); userInfo.setLocale(userSessionSource.getUserSession().getLocale().toString()); return userInfo; } }
@Override public Locale getLocale() { return getUserSession().getLocale(); } }
@Override public void setQueryParam(Query query, String paramName) { if (paramName.startsWith(CONSTRAINT_PARAM_SESSION_ATTR)) { UserSession userSession = userSessionSource.getUserSession(); String attrName = paramName.substring(CONSTRAINT_PARAM_SESSION_ATTR.length()); if (CONSTRAINT_PARAM_USER_LOGIN.equals(attrName)) { String userLogin = userSession.getSubstitutedUser() != null ? userSession.getSubstitutedUser().getLogin() : userSession.getUser().getLogin(); query.setParameter(paramName, userLogin); } else if (CONSTRAINT_PARAM_USER_ID.equals(attrName)) { UUID userId = userSession.getSubstitutedUser() != null ? userSession.getSubstitutedUser().getId() : userSession.getUser().getId(); query.setParameter(paramName, userId); } else if (CONSTRAINT_PARAM_USER_GROUP_ID.equals(attrName)) { Object groupId = userSession.getSubstitutedUser() == null ? userSession.getUser().getGroup().getId() : userSession.getSubstitutedUser().getGroup().getId(); query.setParameter(paramName, groupId); } else { Serializable value = userSession.getAttribute(attrName); query.setParameter(paramName, value); } } }
@Override @Nullable public SessionLogEntry updateSessionLogRecord(UserSession userSession, @Nullable SessionAction action) { Preconditions.checkNotNullArgument(userSession); if (!shouldLogSession(userSession)) { return null; } return authentication.withSystemUser(() -> { SessionLogEntry sessionLogEntry = getLastSessionLogRecord(userSession.getId()); if (sessionLogEntry != null) { if (userSession.getClientInfo() != null) { sessionLogEntry.setClientInfo(userSession.getClientInfo()); } if (userSession.getAddress() != null) { sessionLogEntry.setAddress(userSession.getAddress()); } if (action != null) { sessionLogEntry.setLastAction(action); if (action != SessionAction.LOGIN) { sessionLogEntry.setFinishedTs(timeSource.currentTimestamp()); } } return dataManager.commit(sessionLogEntry); } return null; }); }
@Override public boolean isSpecificPermitted(String name) { return userSessionSource.getUserSession().isSpecificPermitted(name); }
@Override public List<UUID> findUserSessionsByAttribute(String attributeName, Object attributeValue) { Preconditions.checkNotNullArgument(attributeName); //noinspection UnnecessaryLocalVariable List<UUID> sessionIds = getSessionInfoStream() .filter(usInfo -> Objects.equals(usInfo.session.getAttribute(attributeName), attributeValue)) .map(userSessionInfo -> userSessionInfo.session.getId()) .collect(Collectors.toList()); return sessionIds; }
templateParams.put(sessionPrefix + "userId", userSession.getCurrentOrSubstitutedUser().getId()); templateParams.put(sessionPrefix + "userLogin", userSession.getCurrentOrSubstitutedUser().getLoginLowerCase()); for (String name : userSession.getAttributeNames()) { templateParams.put(sessionPrefix + name, userSession.getAttribute(name));
@Override public UUID currentOrSubstitutedUserId() { UserSession us = getUserSession(); return us.getSubstitutedUser() != null ? us.getSubstitutedUser().getId() : us.getUser().getId(); }
UserSession userSession = authenticationService.login(credentials).getSession(); if (!userSession.isSpecificPermitted(Authentication.PERMISSION_NAME)) { log.info(String.format("User %s is not allowed to use REST-API", username)); AppContext.setSecurityContext(new SecurityContext(userSession)); writer.write(userSession.getId().toString()); writer.close(); log.debug(String.format("User %s logged in with REST-API, session id: %s", username, userSession.getId())); } catch (LoginException e) { response.sendError(HttpServletResponse.SC_UNAUTHORIZED);