@Override public String toString() { return getName(); }
@Override public void fromStream(final ODocument iSource) { if (document != null) return; document = iSource; roles = new HashSet<ORole>(); final Collection<ODocument> loadedRoles = iSource.field("roles"); if (loadedRoles != null) for (final ODocument d : loadedRoles) { if (d != null) { ORole role = createRole(d); if (role != null) roles.add(role); } else OLogManager.instance() .warn(this, "User '%s' is declared to have a role that does not exist in the database. Ignoring it.", getName()); } }
public STATUSES getAccountStatus() { final String status = (String) document.field("status"); if (status == null) throw new OSecurityException("User '" + getName() + "' has no status"); return STATUSES.valueOf(status); }
/** * Checks if a rule was defined for the user. * * @return True is a rule is defined, otherwise false */ public boolean isRuleDefined(final ORule.ResourceGeneric resourceGeneric, String resourceSpecific) { for (ORole r : roles) if (r == null) OLogManager.instance() .warn(this, "User '%s' has a null role, bypass it. Consider to fix this user roles before to continue", getName()); else if (r.hasRule(resourceGeneric, resourceSpecific)) return true; return false; }
/** * Checks if the user has the permission to access to the requested resource for the requested operation. * * @param iOperation Requested operation * * @return The role that has granted the permission if any, otherwise null */ public ORole checkIfAllowed(final ORule.ResourceGeneric resourceGeneric, String resourceSpecific, final int iOperation) { for (ORole r : roles) { if (r == null) OLogManager.instance() .warn(this, "User '%s' has a null role, ignoring it. Consider fixing this user's roles before continuing", getName()); else if (r.allow(resourceGeneric, resourceSpecific, iOperation)) return r; } return null; }
public OImmutableUser(long version, OUser user) { this.version = version; this.name = user.getName(); this.password = user.getPassword(); this.status = user.getAccountStatus(); this.rid = user.getIdentity().getIdentity(); this.user = user; for (ORole role : user.getRoles()) { roles.add(new OImmutableRole(role)); } }
/** * Reuses the underlying database avoiding to create and open it every time. * * @param iDatabase * Underlying OGraphDatabase object */ public OrientBaseGraph reuse(final ODatabaseDocumentTx iDatabase) { this.url = iDatabase.getURL(); this.username = iDatabase.getUser() != null ? iDatabase.getUser() .getName() : null; synchronized (this) { OrientGraphContext context = threadContext.get(); if (context == null || !context.rawGraph.getName().equals(iDatabase.getName())) { removeContext(); context = new OrientGraphContext(); context.rawGraph = iDatabase; checkForGraphSchema(iDatabase); threadContext.set(context); } } return this; }
@Test public void testOQueryProviderContextVariables() { OQueryDataProvider<OUser> provider = new OQueryDataProvider<OUser>("select from OUser where name = $name", OUser.class); provider.setSort("name", SortOrder.ASCENDING); provider.setContextVariable("name", Model.of("admin")); Iterator<OUser> it = provider.iterator(0, -1); assertEquals(1, provider.size()); assertEquals("admin", it.next().getName()); }
public OUser authenticate(final OToken authToken) { final String dbName = getDatabase().getName(); if (authToken.getIsValid() != true) { throw new OSecurityAccessException(dbName, "Token not valid"); } OUser user = authToken.getUser(getDatabase()); if (user == null && authToken.getUserName() != null) { // Token handler may not support returning an OUser so let's get username (subject) and query: user = getUser(authToken.getUserName()); } if (user == null) { throw new OSecurityAccessException(dbName, "Authentication failed, could not load user from token"); } if (user.getAccountStatus() != STATUSES.ACTIVE) throw new OSecurityAccessException(dbName, "User '" + user.getName() + "' is not active"); return user; }