You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@usergrid.apache.org by sn...@apache.org on 2015/12/15 16:46:06 UTC
[1/5] usergrid git commit: Add additional functionality in REST layer
for checking permissions.
Repository: usergrid
Updated Branches:
refs/heads/USERGRID-872 2ed571334 -> 41a6cea24
Add additional functionality in REST layer for checking permissions.
Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo
Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/fdc0d808
Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/fdc0d808
Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/fdc0d808
Branch: refs/heads/USERGRID-872
Commit: fdc0d80814c7a69615964c5c85429ede003b6dbf
Parents: 29bba24
Author: Michael Russo <mi...@gmail.com>
Authored: Fri Dec 4 17:43:19 2015 -0800
Committer: Michael Russo <mi...@gmail.com>
Committed: Fri Dec 4 17:43:19 2015 -0800
----------------------------------------------------------------------
.../shard/impl/NodeShardAllocationImpl.java | 2 +-
.../rest/applications/ApplicationResource.java | 1 +
.../rest/applications/AuthResource.java | 10 +-
.../applications/assets/AssetsResource.java | 8 +-
.../rest/applications/queues/QueueResource.java | 10 ++
.../queues/QueueSubscriberResource.java | 5 +
.../queues/QueueSubscriptionResource.java | 5 +
.../queues/QueueTransactionsResource.java | 3 +
.../security/SecuredResourceFilterFactory.java | 75 ++++++++++--
.../annotations/CheckPermissionsForPath.java | 32 ++++++
.../usergrid/rest/applications/SecurityIT.java | 113 +++++++++++++++++++
11 files changed, 249 insertions(+), 15 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/usergrid/blob/fdc0d808/stack/corepersistence/graph/src/main/java/org/apache/usergrid/persistence/graph/serialization/impl/shard/impl/NodeShardAllocationImpl.java
----------------------------------------------------------------------
diff --git a/stack/corepersistence/graph/src/main/java/org/apache/usergrid/persistence/graph/serialization/impl/shard/impl/NodeShardAllocationImpl.java b/stack/corepersistence/graph/src/main/java/org/apache/usergrid/persistence/graph/serialization/impl/shard/impl/NodeShardAllocationImpl.java
index d52f807..62274ec 100644
--- a/stack/corepersistence/graph/src/main/java/org/apache/usergrid/persistence/graph/serialization/impl/shard/impl/NodeShardAllocationImpl.java
+++ b/stack/corepersistence/graph/src/main/java/org/apache/usergrid/persistence/graph/serialization/impl/shard/impl/NodeShardAllocationImpl.java
@@ -199,7 +199,7 @@ public class NodeShardAllocationImpl implements NodeShardAllocation {
if ( !edges.hasNext() ) {
- LOG.warn(
+ LOG.trace(
"Tried to allocate a new shard for edge meta data {}, " + "but no max value could be found in that row",
directedEdgeMeta );
return false;
http://git-wip-us.apache.org/repos/asf/usergrid/blob/fdc0d808/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ApplicationResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ApplicationResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ApplicationResource.java
index 162565f..cfcc9b6 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ApplicationResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ApplicationResource.java
@@ -113,6 +113,7 @@ public class ApplicationResource extends ServiceResource {
}
+ @RequireApplicationAccess
@Path("auth")
public AuthResource getAuthResource() throws Exception {
return getSubResource( AuthResource.class );
http://git-wip-us.apache.org/repos/asf/usergrid/blob/fdc0d808/stack/rest/src/main/java/org/apache/usergrid/rest/applications/AuthResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/AuthResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/AuthResource.java
index 46e97c7..d90a44c 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/AuthResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/AuthResource.java
@@ -30,6 +30,7 @@ import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
+import org.apache.usergrid.rest.security.annotations.CheckPermissionsForPath;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
@@ -84,9 +85,8 @@ public class AuthResource extends AbstractContextResource {
}
}
- // TODO add auth for Ping Identity
-
+ @CheckPermissionsForPath
@POST
@Path("facebook")
@Consumes(APPLICATION_FORM_URLENCODED)
@@ -100,6 +100,7 @@ public class AuthResource extends AbstractContextResource {
}
+ @CheckPermissionsForPath
@GET
@Path("pingident")
public Response authPingIdent( @Context UriInfo ui, @QueryParam("ping_access_token") String pingToken,
@@ -132,6 +133,7 @@ public class AuthResource extends AbstractContextResource {
}
+ @CheckPermissionsForPath
@POST
@Path("pingident")
public Response authPingIdentPost( @Context UriInfo ui, @QueryParam("ping_access_token") String pingToken,
@@ -169,7 +171,7 @@ public class AuthResource extends AbstractContextResource {
.entity( wrapJSONPResponse( callback, response.getBody() ) ).build();
}
-
+ @CheckPermissionsForPath
@GET
@Path("facebook")
public Response authFB( @Context UriInfo ui, @QueryParam("fb_access_token") String fb_access_token,
@@ -204,6 +206,7 @@ public class AuthResource extends AbstractContextResource {
}
+ @CheckPermissionsForPath
@POST
@Path("foursquare")
@Consumes(APPLICATION_FORM_URLENCODED)
@@ -217,6 +220,7 @@ public class AuthResource extends AbstractContextResource {
}
+ @CheckPermissionsForPath
@GET
@Path("foursquare")
public Response authFQ( @Context UriInfo ui, @QueryParam("fq_access_token") String fq_access_token,
http://git-wip-us.apache.org/repos/asf/usergrid/blob/fdc0d808/stack/rest/src/main/java/org/apache/usergrid/rest/applications/assets/AssetsResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/assets/AssetsResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/assets/AssetsResource.java
index fedffc4..f748ee9 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/assets/AssetsResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/assets/AssetsResource.java
@@ -24,6 +24,7 @@ import org.apache.usergrid.persistence.EntityManager;
import org.apache.usergrid.persistence.entities.Asset;
import org.apache.usergrid.rest.AbstractContextResource;
import org.apache.usergrid.rest.applications.ServiceResource;
+import org.apache.usergrid.rest.security.annotations.CheckPermissionsForPath;
import org.apache.usergrid.rest.security.annotations.RequireApplicationAccess;
import org.apache.usergrid.services.assets.data.AssetUtils;
import org.apache.usergrid.services.assets.data.AwsSdkS3BinaryStore;
@@ -103,8 +104,8 @@ public class AssetsResource extends ServiceResource {
}
+ @CheckPermissionsForPath
@POST
- @RequireApplicationAccess
@Consumes(MediaType.MULTIPART_FORM_DATA)
@Path("{entityId: [A-Fa-f0-9]{8}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{12}}/data")
public Response uploadData( @FormDataParam("file") InputStream uploadedInputStream,
@@ -133,8 +134,8 @@ public class AssetsResource extends ServiceResource {
}
+ @CheckPermissionsForPath
@PUT
- @RequireApplicationAccess
@Consumes(MediaType.APPLICATION_OCTET_STREAM)
@Path("{entityId: [A-Fa-f0-9]{8}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{12}}/data")
public Response uploadDataStreamPut( @PathParam("entityId") PathSegment entityId, InputStream uploadedInputStream )
@@ -143,8 +144,8 @@ public class AssetsResource extends ServiceResource {
}
+ @CheckPermissionsForPath
@POST
- @RequireApplicationAccess
@Consumes(MediaType.APPLICATION_OCTET_STREAM)
@Path("{entityId: [A-Fa-f0-9]{8}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{12}}/data")
public Response uploadDataStream( @PathParam("entityId") PathSegment entityId, InputStream uploadedInputStream )
@@ -169,6 +170,7 @@ public class AssetsResource extends ServiceResource {
}
+ @CheckPermissionsForPath
@GET
@Path("{entityId: [A-Fa-f0-9]{8}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{12}}/data")
public Response findAsset( @Context UriInfo ui, @QueryParam("callback") @DefaultValue("callback") String callback,
http://git-wip-us.apache.org/repos/asf/usergrid/blob/fdc0d808/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueResource.java
index 67498cd..de71073 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueResource.java
@@ -35,6 +35,7 @@ import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.UriInfo;
+import org.apache.usergrid.rest.security.annotations.CheckPermissionsForPath;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Scope;
@@ -86,6 +87,7 @@ public class QueueResource extends AbstractContextResource {
}
+ @CheckPermissionsForPath
@Path("subscribers")
public QueueSubscriberResource getSubscribers( @Context UriInfo ui ) throws Exception {
@@ -95,6 +97,7 @@ public class QueueResource extends AbstractContextResource {
}
+ @CheckPermissionsForPath
@Path("subscriptions")
public QueueSubscriptionResource getSubscriptions( @Context UriInfo ui ) throws Exception {
@@ -104,6 +107,7 @@ public class QueueResource extends AbstractContextResource {
}
+ @CheckPermissionsForPath
@Path("properties")
@GET
public JSONWithPadding getProperties( @Context UriInfo ui,
@@ -116,6 +120,7 @@ public class QueueResource extends AbstractContextResource {
}
+ @CheckPermissionsForPath
@Path("properties")
@PUT
@Consumes(MediaType.APPLICATION_JSON)
@@ -129,6 +134,7 @@ public class QueueResource extends AbstractContextResource {
}
+ @CheckPermissionsForPath
@GET
public JSONWithPadding executeGet( @Context UriInfo ui, @QueryParam("start") String firstQueuePath,
@QueryParam("limit") @DefaultValue("10") int limit,
@@ -149,6 +155,7 @@ public class QueueResource extends AbstractContextResource {
}
+ @CheckPermissionsForPath
@SuppressWarnings("unchecked")
@POST
@Consumes(MediaType.APPLICATION_JSON)
@@ -173,6 +180,7 @@ public class QueueResource extends AbstractContextResource {
}
+ @CheckPermissionsForPath
@PUT
@Consumes(MediaType.APPLICATION_JSON)
public JSONWithPadding executePut( @Context UriInfo ui, Map<String, Object> json,
@@ -187,6 +195,7 @@ public class QueueResource extends AbstractContextResource {
}
+ @CheckPermissionsForPath
@DELETE
public JSONWithPadding executeDelete( @Context UriInfo ui,
@QueryParam("callback") @DefaultValue("callback") String callback )
@@ -195,6 +204,7 @@ public class QueueResource extends AbstractContextResource {
}
+ @CheckPermissionsForPath
@Path("transactions")
public QueueTransactionsResource getTransactions( @Context UriInfo ui ) throws Exception {
http://git-wip-us.apache.org/repos/asf/usergrid/blob/fdc0d808/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueSubscriberResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueSubscriberResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueSubscriberResource.java
index 12db937..7f32be0 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueSubscriberResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueSubscriberResource.java
@@ -34,6 +34,7 @@ import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.UriInfo;
+import org.apache.usergrid.rest.security.annotations.CheckPermissionsForPath;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Scope;
@@ -92,6 +93,7 @@ public class QueueSubscriberResource extends AbstractContextResource {
}
+ @CheckPermissionsForPath
@GET
public JSONWithPadding executeGet( @Context UriInfo ui, @QueryParam("start") String firstSubscriberQueuePath,
@QueryParam("limit") @DefaultValue("10") int limit,
@@ -106,6 +108,7 @@ public class QueueSubscriberResource extends AbstractContextResource {
}
+ @CheckPermissionsForPath
@POST
@Consumes(MediaType.APPLICATION_JSON)
public JSONWithPadding executePost( @Context UriInfo ui, EntityHolder<Map<String, Object>> body,
@@ -118,6 +121,7 @@ public class QueueSubscriberResource extends AbstractContextResource {
}
+ @CheckPermissionsForPath
@PUT
@Consumes(MediaType.APPLICATION_JSON)
public JSONWithPadding executePut( @Context UriInfo ui, EntityHolder<Map<String, Object>> body,
@@ -143,6 +147,7 @@ public class QueueSubscriberResource extends AbstractContextResource {
}
+ @CheckPermissionsForPath
@DELETE
public JSONWithPadding executeDelete( @Context UriInfo ui,
@QueryParam("callback") @DefaultValue("callback") String callback )
http://git-wip-us.apache.org/repos/asf/usergrid/blob/fdc0d808/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueSubscriptionResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueSubscriptionResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueSubscriptionResource.java
index a822b1e..c488095 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueSubscriptionResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueSubscriptionResource.java
@@ -34,6 +34,7 @@ import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.UriInfo;
+import org.apache.usergrid.rest.security.annotations.CheckPermissionsForPath;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Scope;
@@ -94,6 +95,7 @@ public class QueueSubscriptionResource extends AbstractContextResource {
}
+ @CheckPermissionsForPath
@GET
public JSONWithPadding executeGet( @Context UriInfo ui, @QueryParam("start") String firstSubscriptionQueuePath,
@QueryParam("limit") @DefaultValue("10") int limit,
@@ -108,6 +110,7 @@ public class QueueSubscriptionResource extends AbstractContextResource {
}
+ @CheckPermissionsForPath
@POST
@Consumes(MediaType.APPLICATION_JSON)
public JSONWithPadding executePost( @Context UriInfo ui, EntityHolder<Map<String, Object>> body,
@@ -120,6 +123,7 @@ public class QueueSubscriptionResource extends AbstractContextResource {
}
+ @CheckPermissionsForPath
@PUT
@Consumes(MediaType.APPLICATION_JSON)
public JSONWithPadding executePut( @Context UriInfo ui, EntityHolder<Map<String, Object>> body,
@@ -145,6 +149,7 @@ public class QueueSubscriptionResource extends AbstractContextResource {
}
+ @CheckPermissionsForPath
@DELETE
public JSONWithPadding executeDelete( @Context UriInfo ui,
@QueryParam("callback") @DefaultValue("callback") String callback )
http://git-wip-us.apache.org/repos/asf/usergrid/blob/fdc0d808/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueTransactionsResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueTransactionsResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueTransactionsResource.java
index 2f9819d..56cca2c 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueTransactionsResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueTransactionsResource.java
@@ -30,6 +30,7 @@ import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.UriInfo;
+import org.apache.usergrid.rest.security.annotations.CheckPermissionsForPath;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Scope;
@@ -70,6 +71,7 @@ public class QueueTransactionsResource extends AbstractContextResource {
}
+ @CheckPermissionsForPath
@Path("{id}")
@PUT
public JSONWithPadding updateTransaction( @Context UriInfo ui, @PathParam("id") UUID transactionId,
@@ -84,6 +86,7 @@ public class QueueTransactionsResource extends AbstractContextResource {
}
+ @CheckPermissionsForPath
@Path("{id}")
@DELETE
public JSONWithPadding removeTransaction( @Context UriInfo ui, @PathParam("id") UUID transactionId,
http://git-wip-us.apache.org/repos/asf/usergrid/blob/fdc0d808/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java b/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java
index 6f7d698..d867e1b 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java
@@ -26,6 +26,8 @@ import javax.ws.rs.core.Context;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.UriInfo;
+import org.apache.shiro.subject.Subject;
+import org.apache.usergrid.rest.security.annotations.*;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
@@ -37,10 +39,6 @@ import org.apache.usergrid.persistence.EntityManager;
import org.apache.usergrid.persistence.EntityManagerFactory;
import org.apache.usergrid.persistence.index.query.Identifier;
import org.apache.usergrid.rest.exceptions.SecurityException;
-import org.apache.usergrid.rest.security.annotations.RequireAdminUserAccess;
-import org.apache.usergrid.rest.security.annotations.RequireApplicationAccess;
-import org.apache.usergrid.rest.security.annotations.RequireOrganizationAccess;
-import org.apache.usergrid.rest.security.annotations.RequireSystemAccess;
import org.apache.usergrid.rest.utils.PathingUtils;
import org.apache.usergrid.security.shiro.utils.SubjectUtils;
import org.apache.usergrid.services.ServiceManagerFactory;
@@ -54,11 +52,8 @@ import com.sun.jersey.spi.container.ResourceFilterFactory;
import static org.apache.commons.lang.StringUtils.isNotEmpty;
import static org.apache.usergrid.rest.exceptions.SecurityException.mappableSecurityException;
-import static org.apache.usergrid.security.shiro.utils.SubjectUtils.isPermittedAccessToApplication;
-import static org.apache.usergrid.security.shiro.utils.SubjectUtils.isPermittedAccessToOrganization;
-import static org.apache.usergrid.security.shiro.utils.SubjectUtils.isUser;
-import static org.apache.usergrid.security.shiro.utils.SubjectUtils.loginApplicationGuest;
import static org.apache.usergrid.security.shiro.Realm.ROLE_SERVICE_ADMIN;
+import static org.apache.usergrid.security.shiro.utils.SubjectUtils.*;
@Component
@@ -132,6 +127,9 @@ public class SecuredResourceFilterFactory implements ResourceFilterFactory {
else if ( am.isAnnotationPresent( RequireAdminUserAccess.class ) ) {
return Collections.<ResourceFilter>singletonList( new AdminUserFilter() );
}
+ else if ( am.isAnnotationPresent( CheckPermissionsForPath.class ) ) {
+ return Collections.<ResourceFilter>singletonList( new PathPermissionsFilter() );
+ }
return null;
}
@@ -331,4 +329,65 @@ public class SecuredResourceFilterFactory implements ResourceFilterFactory {
}
}
}
+
+ // This filter is created in REST from logic in org.apache.usergrid.services.AbstractService.checkPermissionsForPath
+ public class PathPermissionsFilter extends AbstractFilter {
+
+ public PathPermissionsFilter() {}
+
+
+ @Override
+ public void authorize( ContainerRequest request ) {
+ if(logger.isDebugEnabled()){
+ logger.debug( "PathPermissionsFilter.authorize" );
+ }
+
+ final String PATH_MSG =
+ "---- Checked permissions for path --------------------------------------------\n" + "Requested path: {} \n"
+ + "Requested action: {} \n" + "Requested permission: {} \n" + "Permitted: {} \n";
+
+ ApplicationInfo application;
+
+ try {
+
+ application = management.getApplicationInfo( getApplicationIdentifier() );
+ EntityManager em = emf.getEntityManager( application.getId() );
+ Subject currentUser = SubjectUtils.getSubject();
+
+ if ( currentUser == null ) {
+ return;
+ }
+ String applicationName = application.getName().toLowerCase();
+ String operation = request.getMethod().toLowerCase();
+ String path = request.getPath().toLowerCase().replace(applicationName, "");
+ String perm = getPermissionFromPath( em.getApplicationRef().getUuid(), operation, path );
+
+ boolean permitted = currentUser.isPermitted( perm );
+ if ( logger.isDebugEnabled() ) {
+ logger.debug( PATH_MSG, new Object[] { path, operation, perm, permitted } );
+ }
+
+ if(!permitted){
+ // throwing this so we can raise a proper mapped REST exception
+ throw new Exception("Subject not permitted");
+ }
+
+
+ SubjectUtils.checkPermission( perm );
+ Subject subject = SubjectUtils.getSubject();
+
+ if ( logger.isDebugEnabled() ) {
+ logger.debug("Checked subject {} for perm {}", subject != null ? subject.toString() : "", perm);
+ logger.debug("------------------------------------------------------------------------------");
+ }
+
+
+ } catch (Exception e){
+ throw mappableSecurityException( "unauthorized",
+ "Subject does not have permission to access this resource" );
+ }
+
+ }
+ }
+
}
http://git-wip-us.apache.org/repos/asf/usergrid/blob/fdc0d808/stack/rest/src/main/java/org/apache/usergrid/rest/security/annotations/CheckPermissionsForPath.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/security/annotations/CheckPermissionsForPath.java b/stack/rest/src/main/java/org/apache/usergrid/rest/security/annotations/CheckPermissionsForPath.java
new file mode 100644
index 0000000..5f0e00d
--- /dev/null
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/security/annotations/CheckPermissionsForPath.java
@@ -0,0 +1,32 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.usergrid.rest.security.annotations;
+
+
+import java.lang.annotation.Retention;
+import java.lang.annotation.Target;
+
+import static java.lang.annotation.ElementType.METHOD;
+import static java.lang.annotation.RetentionPolicy.RUNTIME;
+
+
+/** Requires that the current Shiro security subject be the user specified in the current REST request path. */
+@Retention(value = RUNTIME)
+@Target(value = { METHOD })
+public @interface CheckPermissionsForPath {
+
+}
http://git-wip-us.apache.org/repos/asf/usergrid/blob/fdc0d808/stack/rest/src/test/java/org/apache/usergrid/rest/applications/SecurityIT.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/test/java/org/apache/usergrid/rest/applications/SecurityIT.java b/stack/rest/src/test/java/org/apache/usergrid/rest/applications/SecurityIT.java
new file mode 100644
index 0000000..c5b06b5
--- /dev/null
+++ b/stack/rest/src/test/java/org/apache/usergrid/rest/applications/SecurityIT.java
@@ -0,0 +1,113 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.usergrid.rest.applications;
+
+
+import com.sun.jersey.api.client.UniformInterfaceException;
+import org.apache.usergrid.rest.test.resource.AbstractRestIT;
+import org.apache.usergrid.rest.test.resource.model.ApiResponse;
+import org.apache.usergrid.utils.UUIDUtils;
+import org.junit.Test;
+
+import java.util.UUID;
+
+import static org.junit.Assert.assertEquals;
+
+/**
+ * These tests will execute requests against certain paths (with or without credentials) to ensure access is being
+ * allowed according to the REST and Services permissions defined for the resource.
+ */
+public class SecurityIT extends AbstractRestIT {
+
+ public SecurityIT() throws Exception {}
+
+ @Test
+ public void testAssetsNoCredentials(){
+
+ final UUID uuid = UUIDUtils.newTimeUUID();
+ try {
+ //use false in get() for no token
+ this.pathResource(getOrgAppPath("assets/" + uuid + "/data")).get(ApiResponse.class, false);
+
+ } catch (UniformInterfaceException ui){
+ assertEquals(401, ui.getResponse().getStatus());
+ }
+ }
+
+
+ @Test
+ public void testFacebookAuthNoCredentials(){
+
+ int responseStatus = 0;
+ try {
+ //use false in get() for no token
+ this.pathResource(getOrgAppPath("auth/facebook")).get(ApiResponse.class, false);
+
+ } catch (UniformInterfaceException ui){
+ responseStatus = ui.getResponse().getStatus();
+
+ }
+ assertEquals(401, responseStatus);
+ }
+
+ @Test
+ public void testPingIdentityAuthNoCredentials(){
+
+ int responseStatus = 0;
+ try {
+ //use false in get() for no token
+ this.pathResource(getOrgAppPath("auth/pingident")).get(ApiResponse.class, false);
+
+ } catch (UniformInterfaceException ui){
+ responseStatus = ui.getResponse().getStatus();
+ }
+ assertEquals(401, responseStatus);
+
+ }
+
+ @Test
+ public void testFoursquareAuthNoCredentials(){
+
+ int responseStatus = 0;
+ try {
+ //use false in get() for no token
+ this.pathResource(getOrgAppPath("auth/foursquare")).get(ApiResponse.class, false);
+
+ } catch (UniformInterfaceException ui){
+ responseStatus = ui.getResponse().getStatus();
+ }
+ assertEquals(401, responseStatus);
+
+ }
+
+ @Test
+ public void testQueuesNoCredentials(){
+
+ int responseStatus = 0;
+ try {
+ //use false in get() for no token
+ this.pathResource(getOrgAppPath("queues")).get(ApiResponse.class, false);
+
+ } catch (UniformInterfaceException ui){
+ responseStatus = ui.getResponse().getStatus();
+ }
+ assertEquals(401, responseStatus);
+
+ }
+
+
+}
[5/5] usergrid git commit: Changes to get ExportAdmins and
ImportAdmins test working.
Posted by sn...@apache.org.
Changes to get ExportAdmins and ImportAdmins test working.
Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo
Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/41a6cea2
Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/41a6cea2
Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/41a6cea2
Branch: refs/heads/USERGRID-872
Commit: 41a6cea24a1d7ed8787dbec3da160ce5576c673d
Parents: 652f64b
Author: Dave Johnson <sn...@apache.org>
Authored: Tue Dec 8 13:24:02 2015 -0500
Committer: Dave Johnson <sn...@apache.org>
Committed: Tue Dec 8 13:24:02 2015 -0500
----------------------------------------------------------------------
.../org/apache/usergrid/tools/ExportDataCreator.java | 12 ++++++++++++
.../apache/usergrid/tools/ExportImportAdminsTest.java | 12 +++++++++++-
.../tools/src/test/resources/usergrid-test-context.xml | 2 +-
3 files changed, 24 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/usergrid/blob/41a6cea2/stack/tools/src/main/java/org/apache/usergrid/tools/ExportDataCreator.java
----------------------------------------------------------------------
diff --git a/stack/tools/src/main/java/org/apache/usergrid/tools/ExportDataCreator.java b/stack/tools/src/main/java/org/apache/usergrid/tools/ExportDataCreator.java
index 5ad29d2..9c057ee 100644
--- a/stack/tools/src/main/java/org/apache/usergrid/tools/ExportDataCreator.java
+++ b/stack/tools/src/main/java/org/apache/usergrid/tools/ExportDataCreator.java
@@ -192,6 +192,8 @@ public class ExportDataCreator extends ToolBase {
continue;
}
+ em.refreshIndex();
+
final Company company = person.getCompany();
try {
EntityRef ref = em.getAlias( "company", company.name() );
@@ -222,6 +224,8 @@ public class ExportDataCreator extends ToolBase {
continue;
}
+ em.refreshIndex();
+
try {
for (int j = 0; j < 5; j++) {
Activity activity = new Activity();
@@ -250,6 +254,14 @@ public class ExportDataCreator extends ToolBase {
}
}
+ em.refreshIndex();
+
+
+ Set<String> connectionTypes = em.getConnectionTypes( userEntity );
+
+ logger.debug("User {} now has {} connection types: {}",
+ new Object[] { userEntity.getName(), connectionTypes.size(), connectionTypes});
+
} catch (Exception e) {
logger.error("Error creating activities", e);
continue;
http://git-wip-us.apache.org/repos/asf/usergrid/blob/41a6cea2/stack/tools/src/test/java/org/apache/usergrid/tools/ExportImportAdminsTest.java
----------------------------------------------------------------------
diff --git a/stack/tools/src/test/java/org/apache/usergrid/tools/ExportImportAdminsTest.java b/stack/tools/src/test/java/org/apache/usergrid/tools/ExportImportAdminsTest.java
index 72fad45..745ec9a 100644
--- a/stack/tools/src/test/java/org/apache/usergrid/tools/ExportImportAdminsTest.java
+++ b/stack/tools/src/test/java/org/apache/usergrid/tools/ExportImportAdminsTest.java
@@ -54,9 +54,15 @@ public class ExportImportAdminsTest {
@ClassRule
public static ServiceITSetup setup = new ServiceITSetupImpl();
+ public ExportImportAdminsTest() {
+ //logger.info("\n\n\nCREATING TEST -------------------------------------------\n\n\n");
+ }
+
@org.junit.Test
public void testExportUserAndOrg() throws Exception {
+ //logger.info("\n\n\nSTARTING TEST testExportUserAndOrg -----------------------\n\n\n");
+
// create two orgs each with owning user
final String random1 = RandomStringUtils.randomAlphanumeric( 10 );
@@ -84,6 +90,8 @@ public class ExportImportAdminsTest {
ExportAdmins exportAdmins = new ExportAdmins();
exportAdmins.startTool( new String[] {
"-host", "localhost:9160",
+ "-eshost", "localhost:9200",
+ "-escluster", "elasticsearch",
"-outputDir", directoryName
}, false );
@@ -149,6 +157,8 @@ public class ExportImportAdminsTest {
@org.junit.Test
public void testImportAdminUsersAndOrgs() throws Exception {
+ //logger.info("\n\n\nSTARTING TEST testImportAdminUsersAndOrgs ------------------------------\n\n\n");
+
// first: generate the data file with unique user and org IDs and names
// data contains three users each with a unique org, one user has a duplicate email
@@ -218,7 +228,7 @@ public class ExportImportAdminsTest {
importAdmins.startTool( new String[]{
"-host", "localhost:9160",
"-eshost", "localhost:9200",
- "-escuster", "usergrid",
+ "-escuster", "elasticsearch",
"-inputDir", tempDir.getAbsolutePath()
}, false );
http://git-wip-us.apache.org/repos/asf/usergrid/blob/41a6cea2/stack/tools/src/test/resources/usergrid-test-context.xml
----------------------------------------------------------------------
diff --git a/stack/tools/src/test/resources/usergrid-test-context.xml b/stack/tools/src/test/resources/usergrid-test-context.xml
index da82bd0..137c050 100644
--- a/stack/tools/src/test/resources/usergrid-test-context.xml
+++ b/stack/tools/src/test/resources/usergrid-test-context.xml
@@ -39,7 +39,7 @@
</property>
</bean>
- <import resource="classpath:/toolsApplicationContext.xml"/>
+ <import resource="classpath:toolsApplicationContext.xml"/>
<bean id="traceTagManager" class="org.apache.usergrid.persistence.cassandra.util.TraceTagManager">
<property name="reportUnattached" value="false"/>
[4/5] usergrid git commit: Merge branch 'master' into USERGRID-872
Posted by sn...@apache.org.
Merge branch 'master' into USERGRID-872
Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo
Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/652f64b3
Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/652f64b3
Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/652f64b3
Branch: refs/heads/USERGRID-872
Commit: 652f64b334aa36a011df2bc37f2edbf0bad3ac09
Parents: bdf518b c6945e3
Author: Dave Johnson <sn...@apache.org>
Authored: Tue Dec 8 07:36:53 2015 -0500
Committer: Dave Johnson <sn...@apache.org>
Committed: Tue Dec 8 07:36:53 2015 -0500
----------------------------------------------------------------------
.../shard/impl/NodeShardAllocationImpl.java | 2 +-
.../rest/applications/ApplicationResource.java | 1 +
.../rest/applications/AuthResource.java | 10 +-
.../applications/assets/AssetsResource.java | 8 +-
.../rest/applications/queues/QueueResource.java | 10 ++
.../queues/QueueSubscriberResource.java | 5 +
.../queues/QueueSubscriptionResource.java | 5 +
.../queues/QueueTransactionsResource.java | 4 +
.../security/SecuredResourceFilterFactory.java | 93 ++++++++++++++-
.../annotations/CheckPermissionsForPath.java | 32 ++++++
.../usergrid/rest/applications/SecurityIT.java | 115 +++++++++++++++++++
11 files changed, 274 insertions(+), 11 deletions(-)
----------------------------------------------------------------------
[2/5] usergrid git commit: Merge branch 'release' of
https://git-wip-us.apache.org/repos/asf/usergrid
Posted by sn...@apache.org.
Merge branch 'release' of https://git-wip-us.apache.org/repos/asf/usergrid
Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo
Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/c6945e3d
Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/c6945e3d
Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/c6945e3d
Branch: refs/heads/USERGRID-872
Commit: c6945e3d6f608d1333c269657eb47064866d3e0b
Parents: 3c8a308 fdc0d80
Author: Michael Russo <mi...@gmail.com>
Authored: Sat Dec 5 00:13:37 2015 -0800
Committer: Michael Russo <mi...@gmail.com>
Committed: Sat Dec 5 00:13:37 2015 -0800
----------------------------------------------------------------------
.../shard/impl/NodeShardAllocationImpl.java | 2 +-
.../rest/applications/ApplicationResource.java | 1 +
.../rest/applications/AuthResource.java | 10 +-
.../applications/assets/AssetsResource.java | 8 +-
.../rest/applications/queues/QueueResource.java | 10 ++
.../queues/QueueSubscriberResource.java | 5 +
.../queues/QueueSubscriptionResource.java | 5 +
.../queues/QueueTransactionsResource.java | 4 +
.../security/SecuredResourceFilterFactory.java | 93 ++++++++++++++-
.../annotations/CheckPermissionsForPath.java | 32 ++++++
.../usergrid/rest/applications/SecurityIT.java | 115 +++++++++++++++++++
11 files changed, 274 insertions(+), 11 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/usergrid/blob/c6945e3d/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ApplicationResource.java
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/usergrid/blob/c6945e3d/stack/rest/src/main/java/org/apache/usergrid/rest/applications/assets/AssetsResource.java
----------------------------------------------------------------------
diff --cc stack/rest/src/main/java/org/apache/usergrid/rest/applications/assets/AssetsResource.java
index a8a106e,f748ee9..f1647b1
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/assets/AssetsResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/assets/AssetsResource.java
@@@ -22,8 -23,8 +22,9 @@@ import com.fasterxml.jackson.jaxrs.json
import org.apache.usergrid.persistence.EntityManager;
import org.apache.usergrid.persistence.entities.Asset;
import org.apache.usergrid.rest.AbstractContextResource;
+import org.apache.usergrid.rest.ApiResponse;
import org.apache.usergrid.rest.applications.ServiceResource;
+ import org.apache.usergrid.rest.security.annotations.CheckPermissionsForPath;
import org.apache.usergrid.rest.security.annotations.RequireApplicationAccess;
import org.apache.usergrid.services.assets.data.AssetUtils;
import org.apache.usergrid.services.assets.data.AwsSdkS3BinaryStore;
http://git-wip-us.apache.org/repos/asf/usergrid/blob/c6945e3d/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueResource.java
----------------------------------------------------------------------
diff --cc stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueResource.java
index 98edf1c,de71073..609b860
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueResource.java
@@@ -17,11 -17,25 +17,12 @@@
package org.apache.usergrid.rest.applications.queues;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import javax.ws.rs.Consumes;
-import javax.ws.rs.DELETE;
-import javax.ws.rs.DefaultValue;
-import javax.ws.rs.GET;
-import javax.ws.rs.POST;
-import javax.ws.rs.PUT;
-import javax.ws.rs.Path;
-import javax.ws.rs.PathParam;
-import javax.ws.rs.Produces;
-import javax.ws.rs.QueryParam;
-import javax.ws.rs.core.Context;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.UriInfo;
-
+import com.fasterxml.jackson.jaxrs.json.annotation.JSONP;
+import org.apache.commons.lang.StringUtils;
+import org.apache.usergrid.exception.NotImplementedException;
+import org.apache.usergrid.mq.*;
+import org.apache.usergrid.rest.AbstractContextResource;
+ import org.apache.usergrid.rest.security.annotations.CheckPermissionsForPath;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Scope;
@@@ -88,11 -107,10 +91,12 @@@ public class QueueResource extends Abst
}
+ @CheckPermissionsForPath
@Path("properties")
@GET
- public JSONWithPadding getProperties( @Context UriInfo ui,
+ @JSONP
+ @Produces({MediaType.APPLICATION_JSON, "application/javascript"})
+ public Queue getProperties( @Context UriInfo ui,
@QueryParam("callback") @DefaultValue("callback") String callback )
throws Exception {
@@@ -117,10 -134,9 +122,11 @@@
}
+ @CheckPermissionsForPath
@GET
- public JSONWithPadding executeGet( @Context UriInfo ui, @QueryParam("start") String firstQueuePath,
+ @JSONP
+ @Produces({MediaType.APPLICATION_JSON, "application/javascript"})
+ public Object executeGet( @Context UriInfo ui, @QueryParam("start") String firstQueuePath,
@QueryParam("limit") @DefaultValue("10") int limit,
@QueryParam("callback") @DefaultValue("callback") String callback )
throws Exception {
@@@ -162,11 -180,10 +169,12 @@@
}
+ @CheckPermissionsForPath
@PUT
@Consumes(MediaType.APPLICATION_JSON)
- public JSONWithPadding executePut( @Context UriInfo ui, Map<String, Object> json,
+ @JSONP
+ @Produces({MediaType.APPLICATION_JSON, "application/javascript"})
+ public Map<String, Object> executePut( @Context UriInfo ui, Map<String, Object> json,
@QueryParam("callback") @DefaultValue("callback") String callback )
throws Exception {
@@@ -178,11 -195,11 +186,12 @@@
}
+ @CheckPermissionsForPath
@DELETE
- public JSONWithPadding executeDelete( @Context UriInfo ui,
- @QueryParam("callback") @DefaultValue("callback") String callback )
- throws Exception {
+ @JSONP
+ @Produces({MediaType.APPLICATION_JSON, "application/javascript"})
+ public Queue executeDelete(
+ @Context UriInfo ui, @QueryParam("callback") @DefaultValue("callback") String callback ) throws Exception {
throw new NotImplementedException( "Queue delete is not implemented yet" );
}
http://git-wip-us.apache.org/repos/asf/usergrid/blob/c6945e3d/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueSubscriberResource.java
----------------------------------------------------------------------
diff --cc stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueSubscriberResource.java
index baa9535,7f32be0..b264e8f
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueSubscriberResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueSubscriberResource.java
@@@ -17,11 -17,24 +17,12 @@@
package org.apache.usergrid.rest.applications.queues;
-import java.util.List;
-import java.util.Map;
-
-import javax.ws.rs.Consumes;
-import javax.ws.rs.DELETE;
-import javax.ws.rs.DefaultValue;
-import javax.ws.rs.GET;
-import javax.ws.rs.POST;
-import javax.ws.rs.PUT;
-import javax.ws.rs.Path;
-import javax.ws.rs.PathParam;
-import javax.ws.rs.Produces;
-import javax.ws.rs.QueryParam;
-import javax.ws.rs.core.Context;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.UriInfo;
-
+import com.fasterxml.jackson.jaxrs.json.annotation.JSONP;
+import org.apache.commons.lang.StringUtils;
+import org.apache.usergrid.mq.QueueManager;
+import org.apache.usergrid.mq.QueueSet;
+import org.apache.usergrid.rest.AbstractContextResource;
+ import org.apache.usergrid.rest.security.annotations.CheckPermissionsForPath;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Scope;
@@@ -79,10 -93,9 +80,11 @@@ public class QueueSubscriberResource ex
}
+ @CheckPermissionsForPath
@GET
- public JSONWithPadding executeGet( @Context UriInfo ui, @QueryParam("start") String firstSubscriberQueuePath,
+ @JSONP
+ @Produces({MediaType.APPLICATION_JSON, "application/javascript"})
+ public QueueSet executeGet( @Context UriInfo ui, @QueryParam("start") String firstSubscriberQueuePath,
@QueryParam("limit") @DefaultValue("10") int limit,
@QueryParam("callback") @DefaultValue("callback") String callback )
throws Exception {
@@@ -95,11 -108,10 +97,12 @@@
}
+ @CheckPermissionsForPath
@POST
@Consumes(MediaType.APPLICATION_JSON)
- public JSONWithPadding executePost( @Context UriInfo ui, EntityHolder<Map<String, Object>> body,
+ @JSONP
+ @Produces({MediaType.APPLICATION_JSON, "application/javascript"})
+ public QueueSet executePost( @Context UriInfo ui, Map<String, Object> body,
@QueryParam("callback") @DefaultValue("callback") String callback )
throws Exception {
@@@ -109,11 -121,10 +112,12 @@@
}
+ @CheckPermissionsForPath
@PUT
@Consumes(MediaType.APPLICATION_JSON)
- public JSONWithPadding executePut( @Context UriInfo ui, EntityHolder<Map<String, Object>> body,
+ @JSONP
+ @Produces({MediaType.APPLICATION_JSON, "application/javascript"})
+ public QueueSet executePut( @Context UriInfo ui, Map<String, Object> body,
@QueryParam("callback") @DefaultValue("callback") String callback )
throws Exception {
@@@ -136,10 -147,9 +140,11 @@@
}
+ @CheckPermissionsForPath
@DELETE
- public JSONWithPadding executeDelete( @Context UriInfo ui,
+ @JSONP
+ @Produces({MediaType.APPLICATION_JSON, "application/javascript"})
+ public QueueSet executeDelete( @Context UriInfo ui,
@QueryParam("callback") @DefaultValue("callback") String callback )
throws Exception {
http://git-wip-us.apache.org/repos/asf/usergrid/blob/c6945e3d/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueSubscriptionResource.java
----------------------------------------------------------------------
diff --cc stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueSubscriptionResource.java
index a21cd66,c488095..778b57d
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueSubscriptionResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueSubscriptionResource.java
@@@ -17,11 -17,24 +17,12 @@@
package org.apache.usergrid.rest.applications.queues;
-import java.util.List;
-import java.util.Map;
-
-import javax.ws.rs.Consumes;
-import javax.ws.rs.DELETE;
-import javax.ws.rs.DefaultValue;
-import javax.ws.rs.GET;
-import javax.ws.rs.POST;
-import javax.ws.rs.PUT;
-import javax.ws.rs.Path;
-import javax.ws.rs.PathParam;
-import javax.ws.rs.Produces;
-import javax.ws.rs.QueryParam;
-import javax.ws.rs.core.Context;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.UriInfo;
-
+import com.fasterxml.jackson.jaxrs.json.annotation.JSONP;
+import org.apache.commons.lang.StringUtils;
+import org.apache.usergrid.mq.QueueManager;
+import org.apache.usergrid.mq.QueueSet;
+import org.apache.usergrid.rest.AbstractContextResource;
+ import org.apache.usergrid.rest.security.annotations.CheckPermissionsForPath;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Scope;
@@@ -81,10 -95,9 +82,11 @@@ public class QueueSubscriptionResource
}
+ @CheckPermissionsForPath
@GET
- public JSONWithPadding executeGet( @Context UriInfo ui, @QueryParam("start") String firstSubscriptionQueuePath,
+ @JSONP
+ @Produces({MediaType.APPLICATION_JSON, "application/javascript"})
+ public QueueSet executeGet( @Context UriInfo ui, @QueryParam("start") String firstSubscriptionQueuePath,
@QueryParam("limit") @DefaultValue("10") int limit,
@QueryParam("callback") @DefaultValue("callback") String callback )
throws Exception {
@@@ -97,11 -110,10 +99,12 @@@
}
+ @CheckPermissionsForPath
@POST
@Consumes(MediaType.APPLICATION_JSON)
- public JSONWithPadding executePost( @Context UriInfo ui, EntityHolder<Map<String, Object>> body,
+ @JSONP
+ @Produces({MediaType.APPLICATION_JSON, "application/javascript"})
+ public QueueSet executePost( @Context UriInfo ui, Map<String, Object> body,
@QueryParam("callback") @DefaultValue("callback") String callback )
throws Exception {
@@@ -111,11 -123,10 +114,12 @@@
}
+ @CheckPermissionsForPath
@PUT
@Consumes(MediaType.APPLICATION_JSON)
- public JSONWithPadding executePut( @Context UriInfo ui, EntityHolder<Map<String, Object>> body,
+ @JSONP
+ @Produces({MediaType.APPLICATION_JSON, "application/javascript"})
+ public QueueSet executePut( @Context UriInfo ui, Map<String, Object> body,
@QueryParam("callback") @DefaultValue("callback") String callback )
throws Exception {
@@@ -138,10 -149,9 +142,11 @@@
}
+ @CheckPermissionsForPath
@DELETE
- public JSONWithPadding executeDelete( @Context UriInfo ui,
+ @JSONP
+ @Produces({MediaType.APPLICATION_JSON, "application/javascript"})
+ public QueueSet executeDelete( @Context UriInfo ui,
@QueryParam("callback") @DefaultValue("callback") String callback )
throws Exception {
http://git-wip-us.apache.org/repos/asf/usergrid/blob/c6945e3d/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueTransactionsResource.java
----------------------------------------------------------------------
diff --cc stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueTransactionsResource.java
index 199e7f8,56cca2c..678daae
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueTransactionsResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/queues/QueueTransactionsResource.java
@@@ -17,21 -17,30 +17,23 @@@
package org.apache.usergrid.rest.applications.queues;
-import java.util.UUID;
-
-import javax.ws.rs.DELETE;
-import javax.ws.rs.DefaultValue;
-import javax.ws.rs.PUT;
-import javax.ws.rs.Path;
-import javax.ws.rs.PathParam;
-import javax.ws.rs.Produces;
-import javax.ws.rs.QueryParam;
-import javax.ws.rs.core.Context;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.UriInfo;
-
+import com.fasterxml.jackson.jaxrs.json.annotation.JSONP;
+import org.apache.usergrid.mq.QueueManager;
+import org.apache.usergrid.mq.QueueQuery;
+import org.apache.usergrid.persistence.Results;
+import org.apache.usergrid.rest.AbstractContextResource;
+ import org.apache.usergrid.rest.security.annotations.CheckPermissionsForPath;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component;
-import org.apache.usergrid.mq.QueueManager;
-import org.apache.usergrid.mq.QueueQuery;
-import org.apache.usergrid.persistence.Results;
-import org.apache.usergrid.rest.AbstractContextResource;
-import com.sun.jersey.api.json.JSONWithPadding;
++
+import javax.ws.rs.*;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.UriInfo;
+import java.util.UUID;
import static org.apache.usergrid.utils.MapUtils.hashMap;
@@@ -62,11 -71,10 +64,12 @@@ public class QueueTransactionsResource
}
+ @CheckPermissionsForPath
@Path("{id}")
@PUT
- public JSONWithPadding updateTransaction( @Context UriInfo ui, @PathParam("id") UUID transactionId,
+ @JSONP
+ @Produces({MediaType.APPLICATION_JSON, "application/javascript"})
+ public Results updateTransaction( @Context UriInfo ui, @PathParam("id") UUID transactionId,
@QueryParam("callback") @DefaultValue("callback") String callback )
throws Exception {
@@@ -78,11 -86,10 +81,12 @@@
}
+ @CheckPermissionsForPath
@Path("{id}")
@DELETE
- public JSONWithPadding removeTransaction( @Context UriInfo ui, @PathParam("id") UUID transactionId,
+ @JSONP
+ @Produces({MediaType.APPLICATION_JSON, "application/javascript"})
+ public Results removeTransaction( @Context UriInfo ui, @PathParam("id") UUID transactionId,
@QueryParam("callback") @DefaultValue("callback") String callback )
throws Exception {
http://git-wip-us.apache.org/repos/asf/usergrid/blob/c6945e3d/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java
----------------------------------------------------------------------
diff --cc stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java
index 04f0fc4,d867e1b..d57e84c
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/security/SecuredResourceFilterFactory.java
@@@ -17,16 -17,28 +17,14 @@@
package org.apache.usergrid.rest.security;
-import java.util.Collections;
-import java.util.List;
-import java.util.Map;
-import java.util.Properties;
-
-import javax.ws.rs.core.Context;
-import javax.ws.rs.core.MultivaluedMap;
-import javax.ws.rs.core.UriInfo;
-
+ import org.apache.shiro.subject.Subject;
-import org.apache.usergrid.rest.security.annotations.*;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Qualifier;
-import org.springframework.stereotype.Component;
import org.apache.usergrid.management.ApplicationInfo;
import org.apache.usergrid.management.ManagementService;
import org.apache.usergrid.persistence.EntityManager;
import org.apache.usergrid.persistence.EntityManagerFactory;
import org.apache.usergrid.persistence.index.query.Identifier;
import org.apache.usergrid.rest.exceptions.SecurityException;
- import org.apache.usergrid.rest.security.annotations.RequireAdminUserAccess;
- import org.apache.usergrid.rest.security.annotations.RequireApplicationAccess;
- import org.apache.usergrid.rest.security.annotations.RequireOrganizationAccess;
- import org.apache.usergrid.rest.security.annotations.RequireSystemAccess;
++import org.apache.usergrid.rest.security.annotations.*;
import org.apache.usergrid.rest.utils.PathingUtils;
import org.apache.usergrid.security.shiro.utils.SubjectUtils;
import org.apache.usergrid.services.ServiceManagerFactory;
@@@ -113,40 -114,46 +111,43 @@@ public class SecuredResourceFilterFacto
@Override
- public List<ResourceFilter> create( AbstractMethod am ) {
+ public void configure(ResourceInfo resourceInfo, FeatureContext featureContext) {
+ Method am = resourceInfo.getResourceMethod();
+
+ logger.debug( "configure {} method {}",
+ resourceInfo.getResourceClass().getSimpleName(), resourceInfo.getResourceMethod().getName() );
+
if ( am.isAnnotationPresent( RequireApplicationAccess.class ) ) {
- return Collections.<ResourceFilter>singletonList( new ApplicationFilter() );
+ featureContext.register( ApplicationFilter.class );
}
else if ( am.isAnnotationPresent( RequireOrganizationAccess.class ) ) {
- return Collections.<ResourceFilter>singletonList( new OrganizationFilter() );
+
+ featureContext.register( OrganizationFilter.class );
}
else if ( am.isAnnotationPresent( RequireSystemAccess.class ) ) {
- return Collections.<ResourceFilter>singletonList( new SystemFilter() );
+ featureContext.register( SystemFilter.class );
}
else if ( am.isAnnotationPresent( RequireAdminUserAccess.class ) ) {
- return Collections.<ResourceFilter>singletonList( new AdminUserFilter() );
+ featureContext.register( SystemFilter.AdminUserFilter.class );
}
+ else if ( am.isAnnotationPresent( CheckPermissionsForPath.class ) ) {
- return Collections.<ResourceFilter>singletonList( new PathPermissionsFilter() );
++ featureContext.register( PathPermissionsFilter.class );
+ }
- return null;
- }
+ }
- public abstract class AbstractFilter implements ResourceFilter, ContainerRequestFilter {
- public AbstractFilter() {
- }
+ public static abstract class AbstractFilter implements ContainerRequestFilter {
+ private UriInfo uriInfo;
- @Override
- public ContainerRequestFilter getRequestFilter() {
- return this;
+ public AbstractFilter( UriInfo uriInfo ) {
+ this.uriInfo = uriInfo;
}
-
@Override
- public ContainerResponseFilter getResponseFilter() {
- return null;
- }
+ public void filter(ContainerRequestContext request) throws IOException {
-
- @Override
- public ContainerRequest filter( ContainerRequest request ) {
- logger.debug( "Filtering {}", request.getRequestUri().toString() );
+ logger.debug( "Filtering {}", request.getUriInfo().getRequestUri().toString() );
if ( request.getMethod().equalsIgnoreCase( "OPTIONS" ) ) {
logger.debug( "Skipping option request" );
@@@ -328,23 -313,81 +329,107 @@@
}
}
}
- }
+ @Resource
+ public static class AdminUserFilter extends AbstractFilter {
- public class AdminUserFilter extends AbstractFilter {
- public AdminUserFilter() {
- }
-
+ @Inject
+ public AdminUserFilter(UriInfo uriInfo) {
+ super( uriInfo );
+ }
- @Override
- public void authorize( ContainerRequest request ) {
- logger.debug( "AdminUserFilter.authorize" );
- if ( !isUser( getUserIdentifier() ) ) {
- throw mappableSecurityException( "unauthorized", "No admin user access authorized" );
+ @Override
+ public void authorize(ContainerRequestContext request) {
+ logger.debug( "AdminUserFilter.authorize" );
+ if (!isUser( getUserIdentifier() )) {
+ throw mappableSecurityException( "unauthorized", "No admin user access authorized" );
+ }
}
}
+
}
+
+ // This filter is created in REST from logic in org.apache.usergrid.services.AbstractService.checkPermissionsForPath
- public class PathPermissionsFilter extends AbstractFilter {
++ @Resource
++ public static class PathPermissionsFilter extends AbstractFilter {
++
++ EntityManagerFactory emf;
++ ManagementService management;
+
- public PathPermissionsFilter() {}
++ @Autowired
++ public void setEntityManagerFactory( EntityManagerFactory emf ) {
++ this.emf = emf;
++ }
++
++
++ public EntityManagerFactory getEntityManagerFactory() {
++ return emf;
++ }
++
++ @Autowired
++ public void setManagementService( ManagementService management ) {
++ this.management = management;
++ }
++
++ @Inject
++ public PathPermissionsFilter(UriInfo uriInfo) {
++ super( uriInfo );
++ }
+
+
+ @Override
- public void authorize( ContainerRequest request ) {
++ public void authorize( ContainerRequestContext request ) {
+ if(logger.isDebugEnabled()){
+ logger.debug( "PathPermissionsFilter.authorize" );
+ }
+
+ final String PATH_MSG =
+ "---- Checked permissions for path --------------------------------------------\n" + "Requested path: {} \n"
+ + "Requested action: {} \n" + "Requested permission: {} \n" + "Permitted: {} \n";
+
+ ApplicationInfo application;
+
+ try {
+
+ application = management.getApplicationInfo( getApplicationIdentifier() );
+ EntityManager em = emf.getEntityManager( application.getId() );
+ Subject currentUser = SubjectUtils.getSubject();
+
+ if ( currentUser == null ) {
+ return;
+ }
+ String applicationName = application.getName().toLowerCase();
+ String operation = request.getMethod().toLowerCase();
- String path = request.getPath().toLowerCase().replace(applicationName, "");
++ String path = request.getUriInfo().getPath().toLowerCase().replace(applicationName, "");
+ String perm = getPermissionFromPath( em.getApplicationRef().getUuid(), operation, path );
+
+ boolean permitted = currentUser.isPermitted( perm );
+ if ( logger.isDebugEnabled() ) {
+ logger.debug( PATH_MSG, new Object[] { path, operation, perm, permitted } );
+ }
+
+ if(!permitted){
+ // throwing this so we can raise a proper mapped REST exception
+ throw new Exception("Subject not permitted");
+ }
+
+
+ SubjectUtils.checkPermission( perm );
+ Subject subject = SubjectUtils.getSubject();
+
+ if ( logger.isDebugEnabled() ) {
+ logger.debug("Checked subject {} for perm {}", subject != null ? subject.toString() : "", perm);
+ logger.debug("------------------------------------------------------------------------------");
+ }
+
+
+ } catch (Exception e){
+ throw mappableSecurityException( "unauthorized",
+ "Subject does not have permission to access this resource" );
+ }
+
+ }
+ }
+
++
}
http://git-wip-us.apache.org/repos/asf/usergrid/blob/c6945e3d/stack/rest/src/test/java/org/apache/usergrid/rest/applications/SecurityIT.java
----------------------------------------------------------------------
diff --cc stack/rest/src/test/java/org/apache/usergrid/rest/applications/SecurityIT.java
index 0000000,c5b06b5..f64afe8
mode 000000,100644..100644
--- a/stack/rest/src/test/java/org/apache/usergrid/rest/applications/SecurityIT.java
+++ b/stack/rest/src/test/java/org/apache/usergrid/rest/applications/SecurityIT.java
@@@ -1,0 -1,113 +1,115 @@@
+ /*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ package org.apache.usergrid.rest.applications;
+
+
+ import com.sun.jersey.api.client.UniformInterfaceException;
+ import org.apache.usergrid.rest.test.resource.AbstractRestIT;
+ import org.apache.usergrid.rest.test.resource.model.ApiResponse;
+ import org.apache.usergrid.utils.UUIDUtils;
+ import org.junit.Test;
+
++import javax.ws.rs.WebApplicationException;
+ import java.util.UUID;
+
+ import static org.junit.Assert.assertEquals;
+
+ /**
+ * These tests will execute requests against certain paths (with or without credentials) to ensure access is being
+ * allowed according to the REST and Services permissions defined for the resource.
+ */
+ public class SecurityIT extends AbstractRestIT {
+
+ public SecurityIT() throws Exception {}
+
+ @Test
+ public void testAssetsNoCredentials(){
+
+ final UUID uuid = UUIDUtils.newTimeUUID();
++ int responseStatus = 0;
+ try {
+ //use false in get() for no token
+ this.pathResource(getOrgAppPath("assets/" + uuid + "/data")).get(ApiResponse.class, false);
+
- } catch (UniformInterfaceException ui){
- assertEquals(401, ui.getResponse().getStatus());
++ } catch (WebApplicationException ex) {
++ responseStatus = ex.getResponse().getStatus();
+ }
++ assertEquals(401, responseStatus);
+ }
+
+
+ @Test
+ public void testFacebookAuthNoCredentials(){
+
+ int responseStatus = 0;
+ try {
+ //use false in get() for no token
+ this.pathResource(getOrgAppPath("auth/facebook")).get(ApiResponse.class, false);
+
- } catch (UniformInterfaceException ui){
- responseStatus = ui.getResponse().getStatus();
-
++ } catch (WebApplicationException ex) {
++ responseStatus = ex.getResponse().getStatus();
+ }
+ assertEquals(401, responseStatus);
+ }
+
+ @Test
+ public void testPingIdentityAuthNoCredentials(){
+
+ int responseStatus = 0;
+ try {
+ //use false in get() for no token
+ this.pathResource(getOrgAppPath("auth/pingident")).get(ApiResponse.class, false);
+
- } catch (UniformInterfaceException ui){
- responseStatus = ui.getResponse().getStatus();
++ } catch (WebApplicationException ex) {
++ responseStatus = ex.getResponse().getStatus();
+ }
+ assertEquals(401, responseStatus);
+
+ }
+
+ @Test
+ public void testFoursquareAuthNoCredentials(){
+
+ int responseStatus = 0;
+ try {
+ //use false in get() for no token
+ this.pathResource(getOrgAppPath("auth/foursquare")).get(ApiResponse.class, false);
+
- } catch (UniformInterfaceException ui){
- responseStatus = ui.getResponse().getStatus();
++ } catch (WebApplicationException ex) {
++ responseStatus = ex.getResponse().getStatus();
+ }
+ assertEquals(401, responseStatus);
+
+ }
+
+ @Test
+ public void testQueuesNoCredentials(){
+
+ int responseStatus = 0;
+ try {
+ //use false in get() for no token
+ this.pathResource(getOrgAppPath("queues")).get(ApiResponse.class, false);
+
- } catch (UniformInterfaceException ui){
- responseStatus = ui.getResponse().getStatus();
++ } catch (WebApplicationException ex) {
++ responseStatus = ex.getResponse().getStatus();
+ }
+ assertEquals(401, responseStatus);
+
+ }
+
+
+ }
[3/5] usergrid git commit: changes to get ExportAdmins working under
2.0, ExportApp is still failing.
Posted by sn...@apache.org.
changes to get ExportAdmins working under 2.0, ExportApp is still failing.
Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo
Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/bdf518b4
Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/bdf518b4
Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/bdf518b4
Branch: refs/heads/USERGRID-872
Commit: bdf518b430f95fa10ddc7bd6456fec800e1aa1ef
Parents: 2ed5713
Author: Dave Johnson <sn...@apache.org>
Authored: Tue Dec 8 07:36:28 2015 -0500
Committer: Dave Johnson <sn...@apache.org>
Committed: Tue Dec 8 07:36:28 2015 -0500
----------------------------------------------------------------------
stack/tools/pom.xml | 4 +-
.../org/apache/usergrid/tools/ExportApp.java | 38 +++---
.../usergrid/tools/ExportDataCreator.java | 22 +++-
.../org/apache/usergrid/tools/ToolBase.java | 8 ++
stack/tools/src/main/resources/log4j.properties | 3 +-
.../main/resources/toolsApplicationContext.xml | 124 +++++++++----------
.../apache/usergrid/tools/ExportAppTest.java | 12 +-
.../usergrid/tools/ExportImportAdminsTest.java | 4 +-
.../test/resources/usergrid-test-context.xml | 63 ++++++++++
9 files changed, 187 insertions(+), 91 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/usergrid/blob/bdf518b4/stack/tools/pom.xml
----------------------------------------------------------------------
diff --git a/stack/tools/pom.xml b/stack/tools/pom.xml
index 6b65268..01766eb 100644
--- a/stack/tools/pom.xml
+++ b/stack/tools/pom.xml
@@ -60,16 +60,16 @@
</resources>
<plugins>
+
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<configuration>
- <!-- <groups>fast,${groups}</groups> -->
<systemPropertyVariables>
<storage-config>${basedir}/src/test/conf</storage-config>
</systemPropertyVariables>
<forkMode>always</forkMode>
- <argLine>-Xmx${ug.heapmax} -Xms${ug.heapmin} -Dfile.encoding=UTF-8 -Dsun.jnu.encoding=UTF-8 -javaagent:${settings.localRepository}/org/jacoco/org.jacoco.agent/${jacoco.version}/org.jacoco.agent-${jacoco.version}-runtime.jar=destfile=${project.build.directory}/jacoco.exec -javaagent:${settings.localRepository}/com/github/stephenc/jamm/0.2.5/jamm-0.2.5.jar ${ug.argline}</argLine>
+ <argLine>-Xmx${ug.heapmax} -Xms${ug.heapmin} -Dfile.encoding=UTF-8 -Dsun.jnu.encoding=UTF-8 -javaagent:${settings.localRepository}/com/github/stephenc/jamm/0.2.5/jamm-0.2.5.jar ${ug.argline}</argLine>
</configuration>
</plugin>
http://git-wip-us.apache.org/repos/asf/usergrid/blob/bdf518b4/stack/tools/src/main/java/org/apache/usergrid/tools/ExportApp.java
----------------------------------------------------------------------
diff --git a/stack/tools/src/main/java/org/apache/usergrid/tools/ExportApp.java b/stack/tools/src/main/java/org/apache/usergrid/tools/ExportApp.java
index f5e5d34..9e522d2 100644
--- a/stack/tools/src/main/java/org/apache/usergrid/tools/ExportApp.java
+++ b/stack/tools/src/main/java/org/apache/usergrid/tools/ExportApp.java
@@ -135,25 +135,20 @@ public class ExportApp extends ExportingToolBase {
Observable<String> collectionsObservable = Observable.create( new CollectionsObservable( em ) );
- collectionsObservable.flatMap( new Func1<String, Observable<ExportEntity>>() {
+ logger.debug( "Starting export" );
- public Observable<ExportEntity> call(String collection) {
+ collectionsObservable.flatMap( collection -> {
- return Observable.create( new EntityObservable( em, collection ) )
- .doOnNext( new EntityWriteAction() ).subscribeOn( writeScheduler );
- }
-
- }, writeThreadCount ).flatMap( new Func1<ExportEntity, Observable<ExportConnection>>() {
+ return Observable.create( new EntityObservable( em, collection ) )
+ .doOnNext( new EntityWriteAction() ).subscribeOn( writeScheduler );
- public Observable<ExportConnection> call(ExportEntity exportEntity) {
+ }, writeThreadCount ).flatMap( exportEntity -> {
- return Observable.create( new ConnectionsObservable( em, exportEntity ) )
- .doOnNext( new ConnectionWriteAction() ).subscribeOn( writeScheduler );
- }
+ return Observable.create( new ConnectionsObservable( em, exportEntity ) )
+ .doOnNext( new ConnectionWriteAction() ).subscribeOn( writeScheduler );
}, writeThreadCount )
- .doOnCompleted( new FileWrapUpAction() )
- .toBlocking().last();
+ .doOnCompleted( new FileWrapUpAction() ).toBlocking().lastOrDefault(null);
}
@@ -176,6 +171,10 @@ public class ExportApp extends ExportingToolBase {
int count = 0;
try {
Map<String, Object> collectionMetadata = em.getApplicationCollectionMetadata();
+
+ logger.debug( "Emitting {} collection names for application {}",
+ collectionMetadata.size(), em.getApplication().getName() );
+
for ( String collection : collectionMetadata.keySet() ) {
subscriber.onNext( collection );
count++;
@@ -274,8 +273,8 @@ public class ExportApp extends ExportingToolBase {
public void call(Subscriber<? super ExportConnection> subscriber) {
- logger.info( "Starting to read connections for entity {} type {}",
- exportEntity.getEntity().getName(), exportEntity.getEntity().getType() );
+// logger.debug( "Starting to read connections for entity {} type {}",
+// exportEntity.getEntity().getName(), exportEntity.getEntity().getType() );
int count = 0;
@@ -311,8 +310,13 @@ public class ExportApp extends ExportingToolBase {
}
subscriber.onCompleted();
- logger.info("Completed entity {} type {} connections count {}",
- new Object[] { exportEntity.getEntity().getName(), exportEntity.getEntity().getType(), count });
+
+ if ( count == 0 ) {
+ logger.debug("Completed entity {} type {} no connections",
+ new Object[] { exportEntity.getEntity().getUuid(), exportEntity.getEntity().getType() });
+ }
+// logger.debug("Completed entity {} type {} connections count {}",
+// new Object[] { exportEntity.getEntity().getUuid(), exportEntity.getEntity().getType(), count });
}
}
http://git-wip-us.apache.org/repos/asf/usergrid/blob/bdf518b4/stack/tools/src/main/java/org/apache/usergrid/tools/ExportDataCreator.java
----------------------------------------------------------------------
diff --git a/stack/tools/src/main/java/org/apache/usergrid/tools/ExportDataCreator.java b/stack/tools/src/main/java/org/apache/usergrid/tools/ExportDataCreator.java
index 4b9e5a0..5ad29d2 100644
--- a/stack/tools/src/main/java/org/apache/usergrid/tools/ExportDataCreator.java
+++ b/stack/tools/src/main/java/org/apache/usergrid/tools/ExportDataCreator.java
@@ -160,22 +160,30 @@ public class ExportDataCreator extends ToolBase {
Entity userEntity = null;
try {
final Map<String, Object> userMap = new HashMap<String, Object>() {{
+ put( "name", person.username() );
put( "username", person.username() );
put( "password", person.password() );
put( "email", person.email() );
put( "companyEmail", person.companyEmail() );
- put( "dateOfBirth", person.dateOfBirth() );
+ put( "dateOfBirth", person.dateOfBirth().toDate().toString());
put( "firstName", person.firstName() );
put( "lastName", person.lastName() );
put( "nationalIdentificationNumber", person.nationalIdentificationNumber() );
put( "telephoneNumber", person.telephoneNumber() );
put( "passportNumber", person.passportNumber() );
- put( "address", person.getAddress() );
+ put( "address", new HashMap<String, Object>() {{
+ put("streetNumber", person.getAddress().streetNumber());
+ put("street", person.getAddress().street());
+ put("city", person.getAddress().getCity());
+ put("postalCode", person.getAddress().getPostalCode());
+ }});
}};
userEntity = em.create( "user", userMap );
users.add( userEntity );
+ logger.debug("Created user {}", userEntity.getName());
+
} catch (DuplicateUniquePropertyExistsException e) {
logger.error( "Dup user generated: " + person.username() );
continue;
@@ -204,6 +212,7 @@ public class ExportDataCreator extends ToolBase {
}
em.createConnection( userEntity, "employer", companyEntity );
+ logger.debug("User {} now employed by {}", userEntity.getName(), companyEntity.getName());
} catch (DuplicateUniquePropertyExistsException e) {
logger.error( "Dup company generated {} property={}", company.name(), e.getPropertyName() );
@@ -224,12 +233,17 @@ public class ExportDataCreator extends ToolBase {
activity.setContent( "User " + person.username() + " generated a random string "
+ RandomStringUtils.randomAlphanumeric( 5 ) );
em.createItemInCollection( userEntity, "activities", "activity", activity.getProperties() );
+
+ logger.debug("Created activity {}", activity.getContent());
}
if (users.size() > 10) {
for (int j = 0; j < 5; j++) {
try {
- em.createConnection( userEntity, "associate", users.get( (int) (Math.random() * users.size()) ) );
+ Entity otherUser = users.get( (int) (Math.random() * users.size()) );
+ em.createConnection( userEntity, "associate", otherUser );
+ logger.debug("User {} now associated with user {}",
+ userEntity.getName(), otherUser.getName());
} catch (Exception e) {
logger.error( "Error connecting user to user: " + e.getMessage() );
}
@@ -242,6 +256,8 @@ public class ExportDataCreator extends ToolBase {
}
}
+
+ em.refreshIndex();
}
}
http://git-wip-us.apache.org/repos/asf/usergrid/blob/bdf518b4/stack/tools/src/main/java/org/apache/usergrid/tools/ToolBase.java
----------------------------------------------------------------------
diff --git a/stack/tools/src/main/java/org/apache/usergrid/tools/ToolBase.java b/stack/tools/src/main/java/org/apache/usergrid/tools/ToolBase.java
index c9fee00..7fb7015 100644
--- a/stack/tools/src/main/java/org/apache/usergrid/tools/ToolBase.java
+++ b/stack/tools/src/main/java/org/apache/usergrid/tools/ToolBase.java
@@ -135,6 +135,12 @@ public abstract class ToolBase {
Option hostOption = OptionBuilder.withArgName( "host" ).hasArg()
.withDescription( "Cassandra host" ).create( "host" );
+ Option esHostOption = OptionBuilder.withArgName( "eshost" ).hasArg()
+ .withDescription( "ElasticSearch host" ).create( "eshost" );
+
+ Option esClusterOption = OptionBuilder.withArgName( "escluster" ).hasArg()
+ .withDescription( "ElasticSearch cluster name" ).create( "escluster" );
+
Option remoteOption = OptionBuilder
.withDescription( "Use remote Cassandra instance" ).create( "remote" );
@@ -144,6 +150,8 @@ public abstract class ToolBase {
Options options = new Options();
options.addOption( hostOption );
+ options.addOption( esHostOption );
+ options.addOption( esClusterOption );
options.addOption( remoteOption );
options.addOption( verbose );
http://git-wip-us.apache.org/repos/asf/usergrid/blob/bdf518b4/stack/tools/src/main/resources/log4j.properties
----------------------------------------------------------------------
diff --git a/stack/tools/src/main/resources/log4j.properties b/stack/tools/src/main/resources/log4j.properties
index cebf385..1b60906 100644
--- a/stack/tools/src/main/resources/log4j.properties
+++ b/stack/tools/src/main/resources/log4j.properties
@@ -27,7 +27,7 @@ log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=%d %p (%t) [%c] - %m%n
log4j.category.org.apache.usergrid.tools=DEBUG
-log4j.category.org.apache.usergrid=WARN
+
#log4j.logger.org.apache.usergrid.management.cassandra=DEBUG
#log4j.logger.org.apache.usergrid.tools=INFO
#log4j.logger.org.apache.usergrid=INFO
@@ -56,4 +56,3 @@ log4j.logger.me.prettyprint.hector.api.beans.AbstractComposite=ERROR
#log4j.logger.org.apache.usergrid.persistence.collection=INFO
#log4j.logger.org.apache.usergrid.persistence.index=DEBUG
-#log4j.logger.org.apache.usergrid.persistence.index.impl=DEBUG
http://git-wip-us.apache.org/repos/asf/usergrid/blob/bdf518b4/stack/tools/src/main/resources/toolsApplicationContext.xml
----------------------------------------------------------------------
diff --git a/stack/tools/src/main/resources/toolsApplicationContext.xml b/stack/tools/src/main/resources/toolsApplicationContext.xml
index 048fc58..7e55893 100644
--- a/stack/tools/src/main/resources/toolsApplicationContext.xml
+++ b/stack/tools/src/main/resources/toolsApplicationContext.xml
@@ -1,62 +1,62 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed to the Apache Software Foundation (ASF) under one or more
- contributor license agreements. See the NOTICE file distributed with
- this work for additional information regarding copyright ownership.
- The ASF licenses this file to You under the Apache License, Version 2.0
- (the "License"); you may not use this file except in compliance with
- the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
--->
-<beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
- xmlns:aop="http://www.springframework.org/schema/aop" xmlns:beans="http://www.springframework.org/schema/beans"
- xmlns:context="http://www.springframework.org/schema/context"
- xmlns:jee="http://www.springframework.org/schema/jee" xmlns:lang="http://www.springframework.org/schema/lang"
- xmlns:task="http://www.springframework.org/schema/task" xmlns:util="http://www.springframework.org/schema/util"
- xsi:schemaLocation="http://www.springframework.org/schema/aop
- http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
- http://www.springframework.org/schema/beans
- http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
- http://www.springframework.org/schema/context
- http://www.springframework.org/schema/context/spring-context-3.1.xsd
- http://www.springframework.org/schema/jee
- http://www.springframework.org/schema/jee/spring-jee-3.1.xsd
- http://www.springframework.org/schema/lang
- http://www.springframework.org/schema/lang/spring-lang-3.1.xsd
- http://www.springframework.org/schema/task
- http://www.springframework.org/schema/task/spring-task-3.1.xsd
- http://www.springframework.org/schema/util
- http://www.springframework.org/schema/util/spring-util-3.1.xsd">
-
-
- <bean id="properties"
- class="org.springframework.beans.factory.config.PropertiesFactoryBean">
- <property name="singleton" value="true" />
- <property name="ignoreResourceNotFound" value="true" />
- <property name="locations">
- <list>
- <value>classpath:/usergrid-default.properties</value>
- <value>classpath:/usergrid.properties</value>
- <value>file:./usergrid-custom-tools.properties</value>
- </list>
- </property>
- </bean>
-
- <bean id="propertyPlaceholderConfigurer"
- class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
- <property name="properties" ref="properties" />
- <property name="systemPropertiesModeName">
- <value>SYSTEM_PROPERTIES_MODE_OVERRIDE</value>
- </property>
- </bean>
-
- <import resource="classpath:/usergrid-rest-context.xml"/>
-</beans>
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
+ xmlns:aop="http://www.springframework.org/schema/aop" xmlns:beans="http://www.springframework.org/schema/beans"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:jee="http://www.springframework.org/schema/jee" xmlns:lang="http://www.springframework.org/schema/lang"
+ xmlns:task="http://www.springframework.org/schema/task" xmlns:util="http://www.springframework.org/schema/util"
+ xsi:schemaLocation="http://www.springframework.org/schema/aop
+ http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
+ http://www.springframework.org/schema/context
+ http://www.springframework.org/schema/context/spring-context-3.1.xsd
+ http://www.springframework.org/schema/jee
+ http://www.springframework.org/schema/jee/spring-jee-3.1.xsd
+ http://www.springframework.org/schema/lang
+ http://www.springframework.org/schema/lang/spring-lang-3.1.xsd
+ http://www.springframework.org/schema/task
+ http://www.springframework.org/schema/task/spring-task-3.1.xsd
+ http://www.springframework.org/schema/util
+ http://www.springframework.org/schema/util/spring-util-3.1.xsd">
+
+
+ <bean id="properties"
+ class="org.springframework.beans.factory.config.PropertiesFactoryBean">
+ <property name="singleton" value="true" />
+ <property name="ignoreResourceNotFound" value="true" />
+ <property name="locations">
+ <list>
+ <value>classpath:/usergrid-default.properties</value>
+ <value>classpath:/usergrid.properties</value>
+ <value>file:./usergrid-custom-tools.properties</value>
+ </list>
+ </property>
+ </bean>
+
+ <bean id="propertyPlaceholderConfigurer"
+ class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
+ <property name="properties" ref="properties" />
+ <property name="systemPropertiesModeName">
+ <value>SYSTEM_PROPERTIES_MODE_OVERRIDE</value>
+ </property>
+ </bean>
+
+ <import resource="classpath:/usergrid-rest-context.xml"/>
+</beans>
http://git-wip-us.apache.org/repos/asf/usergrid/blob/bdf518b4/stack/tools/src/test/java/org/apache/usergrid/tools/ExportAppTest.java
----------------------------------------------------------------------
diff --git a/stack/tools/src/test/java/org/apache/usergrid/tools/ExportAppTest.java b/stack/tools/src/test/java/org/apache/usergrid/tools/ExportAppTest.java
index 62d7676..429e700 100644
--- a/stack/tools/src/test/java/org/apache/usergrid/tools/ExportAppTest.java
+++ b/stack/tools/src/test/java/org/apache/usergrid/tools/ExportAppTest.java
@@ -53,25 +53,29 @@ public class ExportAppTest {
String orgName = "org_" + rand;
String appName = "app_" + rand;
+ String userName = "user_" + rand;
ExportDataCreator creator = new ExportDataCreator();
creator.startTool( new String[] {
"-organization", orgName,
"-application", appName,
- "-host", "localhost:9120",
+ "-username", userName,
+ "-host", "localhost:9160",
"-eshost", "localhost:9200",
"-escluster", "elasticsearch"
}, false);
long start = System.currentTimeMillis();
+ // export app to a directory
+
String directoryName = "target/export" + rand;
ExportApp exportApp = new ExportApp();
exportApp.startTool( new String[] {
"-application", orgName + "/" + appName,
"-writeThreads", "100",
- "-host", "localhost:9120",
+ "-host", "localhost:9160",
"-eshost", "localhost:9200",
"-escluster", "elasticsearch",
"-outputDir", directoryName
@@ -79,6 +83,8 @@ public class ExportAppTest {
logger.info( "100 read and 100 write threads = " + (System.currentTimeMillis() - start) / 1000 + "s" );
+ // check that we got the expected number of export files
+
File exportDir = new File(directoryName);
assertTrue( getFileCount( exportDir, "entities" ) > 0 );
assertTrue( getFileCount( exportDir, "connections" ) > 0 );
@@ -89,7 +95,7 @@ public class ExportAppTest {
exportApp.startTool( new String[] {
"-application", orgName + "/" + appName,
"-writeThreads", "1",
- "-host", "localhost:9120",
+ "-host", "localhost:9160",
"-eshost", "localhost:9200",
"-escluster", "elasticsearch",
"-outputDir", directoryName + "1"
http://git-wip-us.apache.org/repos/asf/usergrid/blob/bdf518b4/stack/tools/src/test/java/org/apache/usergrid/tools/ExportImportAdminsTest.java
----------------------------------------------------------------------
diff --git a/stack/tools/src/test/java/org/apache/usergrid/tools/ExportImportAdminsTest.java b/stack/tools/src/test/java/org/apache/usergrid/tools/ExportImportAdminsTest.java
index 5573279..72fad45 100644
--- a/stack/tools/src/test/java/org/apache/usergrid/tools/ExportImportAdminsTest.java
+++ b/stack/tools/src/test/java/org/apache/usergrid/tools/ExportImportAdminsTest.java
@@ -83,7 +83,7 @@ public class ExportImportAdminsTest {
ExportAdmins exportAdmins = new ExportAdmins();
exportAdmins.startTool( new String[] {
- "-host", "localhost:9120",
+ "-host", "localhost:9160",
"-outputDir", directoryName
}, false );
@@ -216,7 +216,7 @@ public class ExportImportAdminsTest {
ImportAdmins importAdmins = new ImportAdmins();
importAdmins.startTool( new String[]{
- "-host", "localhost:9120",
+ "-host", "localhost:9160",
"-eshost", "localhost:9200",
"-escuster", "usergrid",
"-inputDir", tempDir.getAbsolutePath()
http://git-wip-us.apache.org/repos/asf/usergrid/blob/bdf518b4/stack/tools/src/test/resources/usergrid-test-context.xml
----------------------------------------------------------------------
diff --git a/stack/tools/src/test/resources/usergrid-test-context.xml b/stack/tools/src/test/resources/usergrid-test-context.xml
new file mode 100644
index 0000000..da82bd0
--- /dev/null
+++ b/stack/tools/src/test/resources/usergrid-test-context.xml
@@ -0,0 +1,63 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:util="http://www.springframework.org/schema/util"
+ xmlns:context="http://www.springframework.org/schema/context" xmlns:p="http://www.springframework.org/schema/p"
+ xmlns:hz="http://www.hazelcast.com/schema/config" xmlns:aop="http://www.springframework.org/schema/aop"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
+ http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.1.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd">
+
+ <bean id="properties"
+ class="org.springframework.beans.factory.config.PropertiesFactoryBean">
+ <property name="singleton" value="true" />
+ <property name="ignoreResourceNotFound" value="true" />
+ <property name="locations">
+ <list>
+ <value>classpath:/usergrid-default.properties</value>
+ <value>classpath:/usergrid-test.properties</value>
+ <value>classpath:/usergrid-custom-test.properties</value>
+ </list>
+ </property>
+ </bean>
+
+ <import resource="classpath:/toolsApplicationContext.xml"/>
+
+ <bean id="traceTagManager" class="org.apache.usergrid.persistence.cassandra.util.TraceTagManager">
+ <property name="reportUnattached" value="false"/>
+ <property name="traceEnabled" value="false"/>
+ </bean>
+
+ <bean id="setup" class="org.apache.usergrid.corepersistence.CpSetup">
+
+ <constructor-arg ref="entityManagerFactory"/>
+ <constructor-arg ref="cassandraService"/>
+ <constructor-arg ref="injector"/>
+ </bean>
+
+ <!-- refer to a named schemaManager from the DataControl annotation thusly -->
+ <bean id="coreManager" class="org.apache.usergrid.persistence.CoreSchemaManager">
+ <constructor-arg ref="setup"/>
+ <constructor-arg ref="cassandraCluster"/>
+ </bean>
+
+
+</beans>