@GET @Path("/users/current") @Timed public Response getCurrentUser(@Context UriInfo uriInfo, @Context SecurityContext securityContext) throws Exception { return WSUtils.respondEntity(getCurrentUser(securityContext), OK); }
private Collection<AclEntry> filter(Collection<AclEntry> aclEntries, SecurityContext securityContext) { User currentUser = getCurrentUser(securityContext); Set<Role> currentUserRoles = catalogService.getAllUserRoles(currentUser); boolean isSecurityAdmin = SecurityUtil.hasRole(authorizer, securityContext, ROLE_SECURITY_ADMIN); return aclEntries.stream() .filter(aclEntry -> isSecurityAdmin || matches(aclEntry, currentUser, currentUserRoles)) .collect(Collectors.toSet()); }
@POST @Path("/users/current/logout") @Timed public Response logoutCurrentUser(@Context UriInfo uriInfo, @Context SecurityContext securityContext) throws Exception { User currentUser = getCurrentUser(securityContext); // Set-Cookie hadoop.auth=deleted;Version=1;Path=/;Max-Age=0;HttpOnly;Expires=Thu, 01 Jan 1970 00:00:00 GMT Cookie cookie = new Cookie(AuthenticatedURL.AUTH_COOKIE, "deleted", "/", null); NewCookie newCookie = new NewCookie(cookie, null, 0, new Date(0), securityContext.isSecure(), true); return Response.status(OK) .entity(currentUser) .cookie(newCookie) .build(); }
private boolean shouldAllowAclGet(AclEntry aclEntry, SecurityContext securityContext) { if (SecurityUtil.hasRole(authorizer, securityContext, ROLE_SECURITY_ADMIN)) { return true; } User currentUser = getCurrentUser(securityContext); Set<Role> currentUserRoles = catalogService.getAllUserRoles(currentUser); return matches(aclEntry, currentUser, currentUserRoles); }
return true; User currentUser = getCurrentUser(securityContext);