public String toLocal(String principalName); }
private Set<String> getUserNamesFromSubject(Subject who) { Set<String> user = new HashSet<String>(); if (who != null) { for (Principal p : who.getPrincipals()) { user.add(_ptol.toLocal(p)); } } return user; } }
private Set<String> constructUserFromPrincipals(Subject who) { Set<String> user = new HashSet<String>(); if (who != null) { for (Principal p : who.getPrincipals()) { user.add(_ptol.toLocal(p)); } } return user; }
private String getLocalUserFromContext(ReqContext context) { if (context != null) { return _ptol.toLocal(context.principal()); } return null; }
/** * Checks whether user is authorized to access file. Checks regardless of UI filter. * * @param user username * @param fileName file name to access */ public boolean isAuthorizedLogUser(String user, String fileName) { if (StringUtils.isEmpty(user) || StringUtils.isEmpty(fileName) || getLogUserGroupWhitelist(fileName) == null) { return false; } else { LogUserGroupWhitelist whitelist = getLogUserGroupWhitelist(fileName); List<String> logsUsers = new ArrayList<>(); logsUsers.addAll(ObjectReader.getStrings(stormConf.get(DaemonConfig.LOGS_USERS))); logsUsers.addAll(ObjectReader.getStrings(stormConf.get(Config.NIMBUS_ADMINS))); logsUsers.addAll(whitelist.getUserWhitelist()); List<String> logsGroups = new ArrayList<>(); logsGroups.addAll(ObjectReader.getStrings(stormConf.get(DaemonConfig.LOGS_GROUPS))); logsGroups.addAll(ObjectReader.getStrings(stormConf.get(Config.NIMBUS_ADMINS_GROUPS))); logsGroups.addAll(whitelist.getGroupWhitelist()); String userName = principalToLocal.toLocal(user); Set<String> groups = getUserGroups(userName); return logsUsers.stream().anyMatch(u -> u.equals(userName)) || Sets.intersection(groups, new HashSet<>(logsGroups)).size() > 0; } }
public boolean permit(ReqContext context, String operation, Map<String, Object> topoConf) { String principal = context.principal().getName(); String user = ptol.toLocal(context.principal()); Set<String> userGroups = new HashSet<>();
public boolean permit(ReqContext context, String operation, Map<String, Object> topoConf) { String principal = context.principal().getName(); String user = ptol.toLocal(context.principal()); Set<String> userGroups = new HashSet<>();
Principal principal = req.principal(); String submitterPrincipal = principal == null ? null : principal.toString(); String submitterUser = principalToLocal.toLocal(principal); String systemUser = System.getProperty("user.name"); @SuppressWarnings("unchecked")
private Set<String> constructUserFromPrincipals(Subject who) { Set<String> user = new HashSet<String>(); if (who != null) { for (Principal p : who.getPrincipals()) { user.add(_ptol.toLocal(p)); } } return user; }
private Set<String> getUserNamesFromSubject(Subject who) { Set<String> user = new HashSet<String>(); if (who != null) { for(Principal p: who.getPrincipals()) { user.add(_ptol.toLocal(p)); } } return user; } }
private String getLocalUserFromContext(ReqContext context) { if (context != null) { return _ptol.toLocal(context.principal()); } return null; }
public boolean permit(ReqContext context, String operation, Map topology_conf) { String principal = context.principal().getName(); String user = _ptol.toLocal(context.principal()); Set<String> userGroups = new HashSet<>();