@Path("/") @DELETE public void delete(HttpRequest request, HttpResponder responder) throws Exception { String userId = Objects.firstNonNull(SecurityRequestContext.getUserId(), ""); try { store.delete(userId); } catch (ConfigNotFoundException e) { // no-op if configuration does not exist - possible if nothing was 'put' } responder.sendStatus(HttpResponseStatus.OK); }
@Path("/") @DELETE public void delete(HttpRequest request, HttpResponder responder) throws Exception { String userId = Objects.firstNonNull(SecurityRequestContext.getUserId(), ""); try { store.delete(userId); } catch (ConfigNotFoundException e) { // no-op if configuration does not exist - possible if nothing was 'put' } responder.sendStatus(HttpResponseStatus.OK); }
@Override public Principal getPrincipal() { // When requests come in via rest endpoints, the userId is updated inside SecurityRequestContext, so give that // precedence. String userId = SecurityRequestContext.getUserId(); // This userId can be null, when the master itself is asynchoronously updating the policy cache, since // during that process the router will not set the SecurityRequestContext. In that case, obtain the userId from // the UserGroupInformation, which will be the user that the master is running as. if (userId == null) { try { userId = UserGroupInformation.getCurrentUser().getShortUserName(); } catch (IOException e) { throw Throwables.propagate(e); } } return new Principal(userId, Principal.PrincipalType.USER); } }
/** * Helper function, to run the callable as the principal provided and reset back when the call is done */ public static <T> T authorizeAs(String userName, Callable<T> callable) throws Exception { String oldUserName = SecurityRequestContext.getUserId(); SecurityRequestContext.setUserId(userName); try { return callable.call(); } finally { SecurityRequestContext.setUserId(oldUserName); } }
private void logWithTrace(HttpRequest request, Throwable t) { LOG.trace("Error in handling request={} {} for user={}:", request.method().name(), request.uri(), Objects.firstNonNull(SecurityRequestContext.getUserId(), "<null>"), t); } })
private void logWithTrace(HttpRequest request, Throwable t) { LOG.trace("Error in handling request={} {} for user={}:", request.method().name(), request.getUri(), Objects.firstNonNull(SecurityRequestContext.getUserId(), "<null>"), t); } }
private void logWithTrace(HttpRequest request, Throwable t) { LOG.trace("Error in handling request={} {} for user={}:", request.method().name(), request.getUri(), Objects.firstNonNull(SecurityRequestContext.getUserId(), "<null>"), t); } }
private void logWithTrace(HttpRequest request, Throwable t) { LOG.trace("Error in handling request={} {} for user={}:", request.method().name(), request.uri(), Objects.firstNonNull(SecurityRequestContext.getUserId(), "<null>"), t); } })
@Path("/") @GET public void get(HttpRequest request, HttpResponder responder) throws Exception { String userId = Objects.firstNonNull(SecurityRequestContext.getUserId(), ""); Config userConfig; try { userConfig = store.get(userId); } catch (ConfigNotFoundException e) { Map<String, String> propMap = ImmutableMap.of(CONFIG_PROPERTY, "{}"); userConfig = new Config(userId, propMap); } JsonObject jsonObject = new JsonObject(); jsonObject.addProperty(ID, userConfig.getId()); //We store the serialized JSON string of the properties in ConfigStore and we return a JsonObject back jsonObject.add(CONFIG_PROPERTY, JSON_PARSER.parse(userConfig.getProperties().get(CONFIG_PROPERTY))); responder.sendJson(HttpResponseStatus.OK, jsonObject.toString()); }
@Path("/") @GET public void get(HttpRequest request, HttpResponder responder) throws Exception { String userId = Objects.firstNonNull(SecurityRequestContext.getUserId(), ""); Config userConfig; try { userConfig = store.get(userId); } catch (ConfigNotFoundException e) { Map<String, String> propMap = ImmutableMap.of(CONFIG_PROPERTY, "{}"); userConfig = new Config(userId, propMap); } JsonObject jsonObject = new JsonObject(); jsonObject.addProperty(ID, userConfig.getId()); //We store the serialized JSON string of the properties in ConfigStore and we return a JsonObject back jsonObject.add(CONFIG_PROPERTY, JSON_PARSER.parse(userConfig.getProperties().get(CONFIG_PROPERTY))); responder.sendJson(HttpResponseStatus.OK, jsonObject.toString()); }
@Override public ListenableFuture<MetaDataInfo> info(final MetaDataInfo.InfoType infoType) { final String userId = SecurityRequestContext.getUserId(); final String userIp = SecurityRequestContext.getUserIP(); // this is not an async call so we do not need to wait for the future return executor.submit(new Callable<MetaDataInfo>() { @Override public MetaDataInfo call() throws Exception { SecurityRequestContext.setUserId(userId); SecurityRequestContext.setUserIP(userIp); return getInfo(infoType); } }); }
@Override public ListenableFuture<MetaDataInfo> info(final MetaDataInfo.InfoType infoType) { final String userId = SecurityRequestContext.getUserId(); final String userIp = SecurityRequestContext.getUserIP(); // this is not an async call so we do not need to wait for the future return executor.submit(new Callable<MetaDataInfo>() { @Override public MetaDataInfo call() throws Exception { SecurityRequestContext.setUserId(userId); SecurityRequestContext.setUserIP(userIp); return getInfo(infoType); } }); }
@Override public void publish(MetadataEntity metadataEntity, AuditType auditType, AuditPayload auditPayload) { String userId = Objects.firstNonNull(SecurityRequestContext.getUserId(), ""); AuditMessage auditMessage = new AuditMessage(System.currentTimeMillis(), metadataEntity, userId, auditType, auditPayload); LOG.trace("Publishing audit message {}", auditMessage); StoreRequest storeRequest = StoreRequestBuilder.of(auditTopic).addPayload(GSON.toJson(auditMessage)).build(); try { Retries.callWithRetries(() -> messagingService.publish(storeRequest), retryStrategy, Retries.ALWAYS_TRUE); } catch (TopicNotFoundException e) { LOG.error("Missing topic for audit publish: {}", auditTopic); } catch (Exception e) { LOG.error("Got exception publishing audit message {}. Exception:", auditMessage, e); } } }
@Override public void publish(MetadataEntity metadataEntity, AuditType auditType, AuditPayload auditPayload) { String userId = Objects.firstNonNull(SecurityRequestContext.getUserId(), ""); AuditMessage auditMessage = new AuditMessage(System.currentTimeMillis(), metadataEntity, userId, auditType, auditPayload); LOG.trace("Publishing audit message {}", auditMessage); StoreRequest storeRequest = StoreRequestBuilder.of(auditTopic).addPayload(GSON.toJson(auditMessage)).build(); try { Retries.callWithRetries(() -> messagingService.publish(storeRequest), retryStrategy, Retries.ALWAYS_TRUE); } catch (TopicNotFoundException e) { LOG.error("Missing topic for audit publish: {}", auditTopic); } catch (Exception e) { LOG.error("Got exception publishing audit message {}. Exception:", auditMessage, e); } } }
@BeforeClass public static void setup() { oldUser = SecurityRequestContext.getUserId(); }
@Path("/") @PUT @AuditPolicy(AuditDetail.REQUEST_BODY) public void set(FullHttpRequest request, HttpResponder responder) throws Exception { String data = request.content().toString(StandardCharsets.UTF_8); if (!isValidJSON(data)) { responder.sendJson(HttpResponseStatus.BAD_REQUEST, "Invalid JSON in body"); return; } //Configuration Layout for UserSettings: //Config ID : userId //Config Properties : Map (Key = CONFIG_PROPERTY, Value = Serialized JSON string of properties) //User Settings configurations are stored under empty NAMESPACE. Map<String, String> propMap = ImmutableMap.of(CONFIG_PROPERTY, data); String userId = Objects.firstNonNull(SecurityRequestContext.getUserId(), ""); Config userConfig = new Config(userId, propMap); store.put(userConfig); responder.sendStatus(HttpResponseStatus.OK); }
private ListenableFuture<ExploreExecutionResult> getResultsFuture(final HandleProducer handleProducer) { // NOTE: here we have two levels of Future because we want to return the future that actually // finishes the execution of the operation - it is not enough that the future handle // be available final String userId = SecurityRequestContext.getUserId(); final String userIp = SecurityRequestContext.getUserIP(); ListenableFuture<QueryHandle> futureHandle = executor.submit(new Callable<QueryHandle>() { @Override public QueryHandle call() throws Exception { SecurityRequestContext.setUserId(userId); SecurityRequestContext.setUserIP(userIp); return handleProducer.getHandle(); } }); return getFutureResultsFromHandle(futureHandle); }
private ListenableFuture<ExploreExecutionResult> getResultsFuture(final HandleProducer handleProducer) { // NOTE: here we have two levels of Future because we want to return the future that actually // finishes the execution of the operation - it is not enough that the future handle // be available final String userId = SecurityRequestContext.getUserId(); final String userIp = SecurityRequestContext.getUserIP(); ListenableFuture<QueryHandle> futureHandle = executor.submit(new Callable<QueryHandle>() { @Override public QueryHandle call() throws Exception { SecurityRequestContext.setUserId(userId); SecurityRequestContext.setUserIP(userIp); return handleProducer.getHandle(); } }); return getFutureResultsFromHandle(futureHandle); }
/** * Executes the given {@link ThrowingRunnable} by setting the {@link SecurityRequestContext} based on the given * {@link Principal}. */ private void runWithPrincipal(Principal principal, ThrowingRunnable runnable) throws Exception { String oldUserId = SecurityRequestContext.getUserId(); try { SecurityRequestContext.setUserId(principal.getName()); runnable.run(); } finally { SecurityRequestContext.setUserId(oldUserId); } } }
/** * Executes the given {@link ThrowingRunnable} by setting the {@link SecurityRequestContext} based on the given * {@link Principal}. */ private void runWithPrincipal(Principal principal, ThrowingRunnable runnable) throws Exception { String oldUserId = SecurityRequestContext.getUserId(); try { SecurityRequestContext.setUserId(principal.getName()); runnable.run(); } finally { SecurityRequestContext.setUserId(oldUserId); } } }