/** * @return the {@link ISecurityHelper} used by this instance. If none has been specified, it will default to * using the {@link SecurityHelper} singleton. */ public ISecurityHelper getSecurityHelper() { return ( null != securityHelper ? securityHelper : SecurityHelper.getInstance() ); }
private String runAsUser( Callable<String> callable ) { try { if ( callable != null ) { return SecurityHelper.getInstance().runAsUser( this.actionUser, callable ); } } catch ( Exception e ) { logger.error( e.getMessage(), e ); } return null; }
@Override public Authentication getAuthentication( final IPentahoSession session ) { return SecurityHelper.getInstance().getAuthentication(); }
@Override public Authentication getAuthentication( final IPentahoSession session ) { return SecurityHelper.getInstance().getAuthentication(); }
protected String getPrincipalIsAdministrator() { return SecurityHelper.getInstance().isPentahoAdministrator( this.session ) ? "true" : "false"; //$NON-NLS-1$ // //$NON-NLS-2$ }
@Override public Authentication getAuthentication( final IPentahoSession session ) { return SecurityHelper.getInstance().getAuthentication( session, true ); }
private Authentication getAuthentication() { return SecurityHelper.getInstance().getAuthentication(); }
protected List<String> getRuntimeRoleNames() { IPentahoSession pentahoSession = PentahoSessionHolder.getSession(); List<String> runtimeRoles = new ArrayList<String>(); Assert.state( pentahoSession != null ); Authentication authentication = SecurityHelper.getInstance().getAuthentication(); if ( authentication != null ) { Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities(); for ( GrantedAuthority auth : authorities ) { runtimeRoles.add( auth.getAuthority() ); } } return runtimeRoles; }
/** * @return */ protected String getCurrentUser() { IPentahoSession session = PentahoSessionHolder.getSession(); if ( session == null ) { return null; } Principal p = SecurityHelper.getInstance().getAuthentication(); return ( p == null ) ? null : p.getName(); }
protected RepositoryFile getAclNode( final RepositoryFile file ) { try { return SecurityHelper.getInstance().runAsSystem( new Callable<RepositoryFile>() { @Override public RepositoryFile call() throws Exception { List<RepositoryFile> referrers = unifiedRepository.getReferrers( file.getId() ); // Loop through nodes referring to the target file, return the first one designated as an ACL node int i = referrers.size(); while ( i-- > 0 ) { RepositoryFile referrer = referrers.get( i ); NodeRepositoryFileData dataForRead = unifiedRepository.getDataForRead( referrer.getId(), NodeRepositoryFileData.class ); if ( dataForRead != null && dataForRead.getNode().hasProperty( IS_ACL_NODE ) ) { return referrer; } } // No ACL node found return null; } } ); } catch ( Exception e ) { logger.error( "Error retrieving ACL Node", e ); return null; } }
public List<String> getPermittedRoleList( IPentahoSession session ) { List<String> roleList = new ArrayList<String>(); Authentication auth = SecurityHelper.getInstance().getAuthentication( session, true ); IPluginResourceLoader resLoader = PentahoSystem.get( IPluginResourceLoader.class, null ); String roles = null; try { roles = resLoader.getPluginSetting( getClass(), "settings/data-access-view-roles" ); //$NON-NLS-1$ } catch ( Exception e ) { logger.debug( "Error getting plugin setting", e ); } if ( roles != null && roles.length() > 0 ) { String[] roleArr = roles.split( "," ); //$NON-NLS-1$ for ( String role : roleArr ) { if ( role != null && role.trim().length() > 0 ) { roleList.add( role ); } } } return roleList; }
public static void globalStartup() { List<ISessionStartupAction> globalStartupActions = PentahoSystem.getGlobalStartupActions(); if ( globalStartupActions == null || globalStartupActions.size() == 0 ) { // nothing to do... return; } if ( debug ) { Logger.debug( PentahoSystem.class, "Process global startup actions" ); //$NON-NLS-1$ } try { SecurityHelper.getInstance().runAsSystem( new Callable<Void>() { @Override public Void call() throws Exception { PentahoSystem.globalStartup( PentahoSessionHolder.getSession() ); return null; } } ); } catch ( Exception e ) { throw new RuntimeException( e ); } }
public void testRunAsAnonymousWithAnonymousAuthenticationToken() throws Exception { Callable<Object> callableObject = new Callable<Object>() { public Object call() throws Exception { Authentication auth = SecurityContextHolder.getContext().getAuthentication(); // Assert.assertTrue( auth != null && auth instanceof AnonymousAuthenticationToken ); return null; } }; SecurityHelper.getInstance().runAsAnonymous( callableObject ); }
public void testVoter() throws Exception { SecurityHelper.getInstance().runAsUser( "suzy", new Callable<Void>() { @Override public Void call() throws Exception { RepositoryFile testFile = new RepositoryFile( "Test Folder", null, null ); //$NON-NLS-1$ Map<IPermissionRecipient, IPermissionMask> perms = new LinkedHashMap<IPermissionRecipient, IPermissionMask>(); perms.put( new SimpleUser( "suzy" ), new SimplePermissionMask( IPentahoAclEntry.PERM_NOTHING ) ); perms.put( new SimpleRole( "ROLE_POWER_USER" ), new SimplePermissionMask( IPentahoAclEntry.PERM_FULL_CONTROL ) ); SpringSecurityPermissionMgr.instance().getPermissions( testFile ); // Now, the stage is set. We should be able to double-check that suzy // has no access to the testFile. PentahoUserOverridesVoter voter = new PentahoUserOverridesVoter(); assertNotNull( voter ); assertFalse( voter.hasAccess( PentahoSessionHolder.getSession(), testFile, IPentahoAclEntry.PERM_EXECUTE ) ); return null; } } ); } }
@SuppressWarnings( "deprecation" ) public void testVoter() throws Exception { SecurityHelper.getInstance().runAsUser( "suzy", new Callable<Void>() { @Override public Void call() throws Exception { RepositoryFile testFile = new RepositoryFile( "Test Folder", null, null ); //$NON-NLS-1$ // RepositoryFile has no acls on it. Nobody should be able to access it. // But, we're using an allowAll voter. PentahoAllowAllAclVoter voter = new PentahoAllowAllAclVoter(); assertTrue( voter.hasAccess( PentahoSessionHolder.getSession(), testFile, IPentahoAclEntry.PERM_EXECUTE ) ); IPentahoAclEntry entry = voter.getEffectiveAcl( PentahoSessionHolder.getSession(), testFile ); assertEquals( ( (PentahoAclEntry) entry ).getMask(), IPentahoAclEntry.PERM_FULL_CONTROL ); assertTrue( voter.isPentahoAdministrator( PentahoSessionHolder.getSession() ) ); assertTrue( voter.isGranted( PentahoSessionHolder.getSession(), new SimpleGrantedAuthority( "ROLE_ANYTHING" ) ) ); //$NON-NLS-1$ return null; } } ); } }
public void setUserSetting( String settingName, String settingValue ) { String name = PentahoSessionHolder.getSession().getName(); String homePath = ClientRepositoryPaths.getUserHomeFolderPath( name ); synchronized ( lock ) { final Serializable id = repository.getFile( homePath ).getId(); final Map<String, Serializable> fileMetadata = repository.getFileMetadata( id ); fileMetadata.put( SETTING_PREFIX + settingName, settingValue ); try { SecurityHelper.getInstance().runAsSystem( new Callable<Void>() { @Override public Void call() throws Exception { repository.setFileMetadata( id, fileMetadata ); return null; } } ); } catch ( Exception e ) { if ( log.isDebugEnabled() ) { log.debug( "Error storing user setting for user: " + name + ", setting: " + settingName + ", value: " + settingValue, e ); } log.error( "Error storing user setting", e ); } } }
@Override protected String getCurrentUser() { SecurityHelper.getInstance().becomeUser( TEST_USER ); return super.getCurrentUser(); } }
@Override public Void call() throws Exception { try { SecurityHelper.getInstance().runAsUser( "suzy", new Callable<Void>() { @Override public Void call() throws Exception { assertEquals( ( (User) SecurityContextHolder.getContext().getAuthentication().getPrincipal() ).getUsername(), "suzy" ); throw new NullPointerException(); } } ); } catch ( Exception e ) { /* No-op */ } assertEquals( ( (User) SecurityContextHolder.getContext().getAuthentication().getPrincipal() ).getUsername(), "admin" ); return null; } } );
@Override public void run() { try { SecurityContextHolder.setContext( context ); SecurityHelper.getInstance().runAsSystem( new Callable<Void>() { @Override public Void call() throws Exception { System.out.println( "Starting Thread 1" ); startSignal.await(); System.out.println( "Finishing Thread 1" ); return null; } } ); } catch ( Exception e ) { e.printStackTrace(); fail( e.getMessage() ); } } } );
@Override public void run() { try { SecurityContextHolder.setContext( context ); SecurityHelper.getInstance().runAsSystem( new Callable<Void>() { @Override public Void call() throws Exception { System.out.println( "Starting Thread 2" ); startSignal.await(); // waiting for t1 to finish doneSignal.await(); System.out.println( "Finishing Thread 2" ); return null; } } ); } catch ( Exception e ) { e.printStackTrace(); fail( e.getMessage() ); } } } );