public OUser getUser(final ORID iUserId) { return delegate.getUser(iUserId); }
public OUser getUser(final ORID iUserId) { return delegate.getUser(iUserId); }
public OUser getUser(final String iUserName) { return delegate.getUser(iUserName); }
public OUser getUser(final String iUserName) { return delegate.getUser(iUserName); }
private void updateDefaultOrienteerUsers(ODatabaseDocument db) { OSecurity security = db.getMetadata().getSecurity(); final ODocument admin = security.getUser("admin").getDocument(); admin.field(OrienteerUser.PROP_ID, UUID.randomUUID().toString()); admin.field(OrienteerUser.PROP_EMAIL, "admin@gmail.com"); admin.save(); final ODocument reader = security.getUser("reader").getDocument(); reader.field(OrienteerUser.PROP_ID, UUID.randomUUID().toString()); reader.field(OrienteerUser.PROP_EMAIL, "reader@gmail.com"); reader.save(); final ODocument writer = security.getUser("writer").getDocument(); writer.field(OrienteerUser.PROP_ID, UUID.randomUUID().toString()); writer.field(OrienteerUser.PROP_EMAIL, "writer@gmail.com"); writer.save(); }
private void onDbCreated(ODatabaseDocumentTx db, IOrientDbSettings settings) { if(OrientDbSettings.ADMIN_DEFAULT_USERNAME.equals(settings.getAdminUserName()) && !OrientDbSettings.ADMIN_DEFAULT_PASSWORD.equals(settings.getAdminPassword())) { OUser admin = db.getMetadata().getSecurity().getUser(OrientDbSettings.ADMIN_DEFAULT_USERNAME); admin.setPassword(settings.getAdminPassword()); admin.save(); } if(OrientDbSettings.READER_DEFAULT_USERNAME.equals(settings.getGuestUserName()) && !OrientDbSettings.READER_DEFAULT_PASSWORD.equals(settings.getGuestPassword())) { OUser reader = db.getMetadata().getSecurity().getUser(OrientDbSettings.READER_DEFAULT_USERNAME); reader.setPassword(settings.getGuestPassword()); reader.save(); } }
@Override public boolean checkPassword(String userId, String password) { OPersistenceSession session = (OPersistenceSession)getSession(PersistenceSession.class); OUser oUser = session.getDatabase().getMetadata().getSecurity().getUser(userId); return oUser!=null?oUser.checkPassword(password):false; }
/** * Changes current connection user. See {@link #executeWithTxUser( *com.orientechnologies.orient.core.metadata.security.OSecurityUser, SpecificUserAction)}. * <p> * LIMITATION: current user must have read right on users table. * * @param user user login * @param userAction logic to execute with specific user * @param <T> type of returned result (may be Void) * @return action result (may be null) */ public <T> T executeWithTxUser(final String user, final SpecificUserAction<T> userAction) { final boolean userChanged = checkSpecificUserConditions(user); final ODatabaseDocument db = connectionProvider.get(); final T res; if (userChanged) { // this may cause security exception if current user has no access rights to users table final OUser specificUser = db.getMetadata().getSecurity().getUser(user); Preconditions.checkState(specificUser != null, "User '%s' not found", user); res = executeWithTxUser(specificUser, userAction); } else { res = executeWithTxUser(db.getUser(), userAction); } return res; }
restrictedRole.reload(); admin = sm.getUser("admin"); user2 = sm.createUser("user2", "user2", "foobar");
public OUser authenticate(final String username, final String password) { if (delegate == null) throw new OSecurityAccessException("OSymmetricKeySecurity.authenticate() Delegate is null for username: " + username); if (database == null) throw new OSecurityAccessException("OSymmetricKeySecurity.authenticate() Database is null for username: " + username); final String dbName = database.getName(); OUser user = delegate.getUser(username); if (user == null) throw new OSecurityAccessException(dbName, "OSymmetricKeySecurity.authenticate() Username or Key is invalid for username: " + username); if (user.getAccountStatus() != OSecurityUser.STATUSES.ACTIVE) throw new OSecurityAccessException(dbName, "OSymmetricKeySecurity.authenticate() User '" + username + "' is not active"); try { OUserSymmetricKeyConfig userConfig = new OUserSymmetricKeyConfig(user); OSymmetricKey sk = OSymmetricKey.fromConfig(userConfig); String decryptedUsername = sk.decryptAsString(password); if (OSecurityManager.instance().checkPassword(username, decryptedUsername)) return user; } catch (Exception ex) { throw OException.wrapException(new OSecurityAccessException(dbName, "OSymmetricKeySecurity.authenticate() Exception for database: " + dbName + ", username: " + username + " " + ex .getMessage()), ex); } throw new OSecurityAccessException(dbName, "OSymmetricKeySecurity.authenticate() Username or Key is invalid for database: " + dbName + ", username: " + username); }
public void internalOpen(final String iUserName, final String iUserPassword, boolean checkPassword) { try { OSecurity security = metadata.getSecurity(); if (user == null || user.getVersion() != security.getVersion() || !user.getName().equalsIgnoreCase(iUserName)) { final OUser usr; if (checkPassword) { usr = security.authenticate(iUserName, iUserPassword); } else { usr = security.getUser(iUserName); } if (usr != null) user = new OImmutableUser(security.getVersion(), usr); else user = null; checkSecurity(ORule.ResourceGeneric.DATABASE, ORole.PERMISSION_READ); } } catch (OException e) { ODatabaseRecordThreadLocal.instance().remove(); throw e; } catch (Exception e) { ODatabaseRecordThreadLocal.instance().remove(); throw OException.wrapException(new ODatabaseException("Cannot open database url=" + getURL()), e); } }
public void reloadUser() { if (user != null) { activateOnCurrentThread(); if (user.checkIfAllowed(ORule.ResourceGeneric.CLASS, OUser.CLASS_NAME, ORole.PERMISSION_READ) != null) { OMetadata metadata = getMetadata(); if (metadata != null) { final OSecurity security = metadata.getSecurity(); OUser secGetUser = security.getUser(user.getName()); if (secGetUser != null) user = new OImmutableUser(security.getVersion(), secGetUser); else user = new OImmutableUser(-1, new OUser()); } else user = new OImmutableUser(-1, new OUser()); } } }
@Test public void testDocumentWrapper() throws Exception { ORID orid = new ORecordId("#5:0"); //Admin ORID ODocument adminDocument = orid.getRecord(); OUser admin = wicket.getTester().getMetadata().getSecurity().getUser("admin"); DocumentWrapperTransformer<OUser> transformer = new DocumentWrapperTransformer<OUser>(OUser.class); assertEquals(admin, transformer.apply(adminDocument)); }
@Override public void start(RequestCycle cycle) { OrientDbWebSession session = OrientDbWebSession.get(); ODatabaseDocumentInternal db = session.getDatabase(); //It's required to have ability to check security rights locally OSecurityUser oUser = session.getUser(); OSecurityUser dbUser = db.getUser(); if(oUser!=null && oUser.getDocument()!=null && oUser.getDocument().getIdentity()!=null && (!oUser.getDocument().getIdentity().isValid() || dbUser==null || !Objects.equal(dbUser.getName(), oUser.getName()))) { db.setUser(db.getMetadata().getSecurity().getUser(oUser.getName())); } db.begin(); }
@Override public void start(RequestCycle cycle) { OrientDbWebSession session = OrientDbWebSession.get(); ODatabaseDocumentInternal db = session.getDatabase(); //It's required to have ability to check security rights locally OSecurityUser oUser = session.getUser(); OSecurityUser dbUser = db.getUser(); if(oUser!=null && oUser.getDocument()!=null && oUser.getDocument().getIdentity()!=null && (!oUser.getDocument().getIdentity().isValid() || dbUser==null || !Objects.equal(dbUser.getName(), oUser.getName()))) { db.setUser(db.getMetadata().getSecurity().getUser(oUser.getName())); } db.begin(); }
@Test public void testDBClosure() throws Exception { DBClosure<OSecurityUser> adminClosure = new DBClosure<OSecurityUser>() { private static final long serialVersionUID = 1L; @Override protected OSecurityUser execute(ODatabaseDocument db) { assertEquals(db, ODatabaseRecordThreadLocal.instance().get()); return db.getUser(); } }; assertEquals(wicket.getTester().getMetadata().getSecurity().getUser("admin").getIdentity(), adminClosure.execute().getIdentity()); DBClosure<OSecurityUser> readerClosure = new DBClosure<OSecurityUser>("reader", "reader") { private static final long serialVersionUID = 1L; @Override protected OSecurityUser execute(ODatabaseDocument db) { assertEquals(db, ODatabaseRecordThreadLocal.instance().get()); return db.getUser(); } }; assertEquals(wicket.getTester().getMetadata().getSecurity().getUser("reader").getIdentity(), readerClosure.execute().getIdentity()); }