You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ma...@apache.org on 2014/12/12 02:30:09 UTC
[26/51] [partial] incubator-ranger git commit: RANGER-194: Rename
packages from xasecure to apache ranger
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/com/xasecure/biz/AssetMgrBase.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/com/xasecure/biz/AssetMgrBase.java b/security-admin/src/main/java/com/xasecure/biz/AssetMgrBase.java
deleted file mode 100644
index a5953be..0000000
--- a/security-admin/src/main/java/com/xasecure/biz/AssetMgrBase.java
+++ /dev/null
@@ -1,174 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
- package com.xasecure.biz;
-
-import com.xasecure.common.*;
-import com.xasecure.service.*;
-import com.xasecure.view.*;
-import org.springframework.beans.factory.annotation.Autowired;
-public class AssetMgrBase {
-
- @Autowired
- RESTErrorUtil restErrorUtil;
-
- @Autowired
- XAssetService xAssetService;
-
- @Autowired
- XResourceService xResourceService;
-
- @Autowired
- XCredentialStoreService xCredentialStoreService;
-
- @Autowired
- XPolicyExportAuditService xPolicyExportAuditService;
- public VXAsset getXAsset(Long id){
- return (VXAsset)xAssetService.readResource(id);
- }
-
- public VXAsset createXAsset(VXAsset vXAsset){
- vXAsset = (VXAsset)xAssetService.createResource(vXAsset);
- return vXAsset;
- }
-
- public VXAsset updateXAsset(VXAsset vXAsset) {
- vXAsset = (VXAsset)xAssetService.updateResource(vXAsset);
- return vXAsset;
- }
-
- public void deleteXAsset(Long id, boolean force) {
- if (force) {
- xAssetService.deleteResource(id);
- } else {
- throw restErrorUtil.createRESTException(
- "serverMsg.modelMgrBaseDeleteModel",
- MessageEnums.OPER_NOT_ALLOWED_FOR_ENTITY);
- }
- }
-
- public VXAssetList searchXAssets(SearchCriteria searchCriteria) {
- return xAssetService.searchXAssets(searchCriteria);
- }
-
- public VXLong getXAssetSearchCount(SearchCriteria searchCriteria) {
- return xAssetService.getSearchCount(searchCriteria,
- xAssetService.searchFields);
- }
-
- public VXResource getXResource(Long id){
- return (VXResource)xResourceService.readResource(id);
- }
-
- public VXResource createXResource(VXResource vXResource){
- vXResource = (VXResource)xResourceService.createResource(vXResource);
- return vXResource;
- }
-
- public VXResource updateXResource(VXResource vXResource) {
- vXResource = (VXResource)xResourceService.updateResource(vXResource);
- return vXResource;
- }
-
- public void deleteXResource(Long id, boolean force) {
- if (force) {
- xResourceService.deleteResource(id);
- } else {
- throw restErrorUtil.createRESTException(
- "serverMsg.modelMgrBaseDeleteModel",
- MessageEnums.OPER_NOT_ALLOWED_FOR_ENTITY);
- }
- }
-
- public VXResourceList searchXResources(SearchCriteria searchCriteria) {
- return xResourceService.searchXResources(searchCriteria);
- }
-
- public VXLong getXResourceSearchCount(SearchCriteria searchCriteria) {
- return xResourceService.getSearchCount(searchCriteria,
- xResourceService.searchFields);
- }
-
- public VXCredentialStore getXCredentialStore(Long id){
- return (VXCredentialStore)xCredentialStoreService.readResource(id);
- }
-
- public VXCredentialStore createXCredentialStore(VXCredentialStore vXCredentialStore){
- vXCredentialStore = (VXCredentialStore)xCredentialStoreService.createResource(vXCredentialStore);
- return vXCredentialStore;
- }
-
- public VXCredentialStore updateXCredentialStore(VXCredentialStore vXCredentialStore) {
- vXCredentialStore = (VXCredentialStore)xCredentialStoreService.updateResource(vXCredentialStore);
- return vXCredentialStore;
- }
-
- public void deleteXCredentialStore(Long id, boolean force) {
- if (force) {
- xCredentialStoreService.deleteResource(id);
- } else {
- throw restErrorUtil.createRESTException(
- "serverMsg.modelMgrBaseDeleteModel",
- MessageEnums.OPER_NOT_ALLOWED_FOR_ENTITY);
- }
- }
-
- public VXCredentialStoreList searchXCredentialStores(SearchCriteria searchCriteria) {
- return xCredentialStoreService.searchXCredentialStores(searchCriteria);
- }
-
- public VXLong getXCredentialStoreSearchCount(SearchCriteria searchCriteria) {
- return xCredentialStoreService.getSearchCount(searchCriteria,
- xCredentialStoreService.searchFields);
- }
-
- public VXPolicyExportAudit getXPolicyExportAudit(Long id){
- return (VXPolicyExportAudit)xPolicyExportAuditService.readResource(id);
- }
-
- public VXPolicyExportAudit createXPolicyExportAudit(VXPolicyExportAudit vXPolicyExportAudit){
- vXPolicyExportAudit = (VXPolicyExportAudit)xPolicyExportAuditService.createResource(vXPolicyExportAudit);
- return vXPolicyExportAudit;
- }
-
- public VXPolicyExportAudit updateXPolicyExportAudit(VXPolicyExportAudit vXPolicyExportAudit) {
- vXPolicyExportAudit = (VXPolicyExportAudit)xPolicyExportAuditService.updateResource(vXPolicyExportAudit);
- return vXPolicyExportAudit;
- }
-
- public void deleteXPolicyExportAudit(Long id, boolean force) {
- if (force) {
- xPolicyExportAuditService.deleteResource(id);
- } else {
- throw restErrorUtil.createRESTException(
- "serverMsg.modelMgrBaseDeleteModel",
- MessageEnums.OPER_NOT_ALLOWED_FOR_ENTITY);
- }
- }
-
- public VXPolicyExportAuditList searchXPolicyExportAudits(SearchCriteria searchCriteria) {
- return xPolicyExportAuditService.searchXPolicyExportAudits(searchCriteria);
- }
-
- public VXLong getXPolicyExportAuditSearchCount(SearchCriteria searchCriteria) {
- return xPolicyExportAuditService.getSearchCount(searchCriteria,
- xPolicyExportAuditService.searchFields);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/com/xasecure/biz/BaseMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/com/xasecure/biz/BaseMgr.java b/security-admin/src/main/java/com/xasecure/biz/BaseMgr.java
deleted file mode 100644
index 53bb733..0000000
--- a/security-admin/src/main/java/com/xasecure/biz/BaseMgr.java
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
- /**
- *
- */
-package com.xasecure.biz;
-
-import org.apache.log4j.Logger;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Component;
-
-import com.xasecure.common.XAConstants;
-import com.xasecure.common.MessageEnums;
-import com.xasecure.common.RESTErrorUtil;
-import com.xasecure.common.db.BaseDao;
-import com.xasecure.db.XADaoManager;
-import com.xasecure.entity.XXDBBase;
-
-@Component
-public abstract class BaseMgr {
- static final Logger logger = Logger.getLogger(BaseMgr.class);
-
- @Autowired
- XADaoManager daoManager;
-
- @Autowired
- RESTErrorUtil restErrorUtil;
-
- public XADaoManager getDaoManager() {
- return daoManager;
- }
-
- public void deleteEntity(BaseDao<? extends XXDBBase> baseDao, Long id,
- String entityName) {
- XXDBBase entity = baseDao.getById(id);
- if (entity != null) {
- try {
- baseDao.remove(id);
- } catch (Exception e) {
- logger.error("Error deleting " + entityName + ". Id=" + id, e);
- throw restErrorUtil.createRESTException("This " + entityName
- + " can't be deleted",
- MessageEnums.OPER_NOT_ALLOWED_FOR_STATE, id, null, ""
- + id + ", error=" + e.getMessage());
- }
- } else {
- // Return without error
- logger.info("Delete ignored for non-existent " + entityName
- + " id=" + id);
- }
- }
-
- /**
- * @param objectClassType
- */
- protected void validateClassType(int objectClassType) {
- // objectClassType
- restErrorUtil.validateMinMax(objectClassType, 1,
- XAConstants.ClassTypes_MAX, "Invalid classType", null,
- "objectClassType");
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/com/xasecure/biz/HadoopFSMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/com/xasecure/biz/HadoopFSMgr.java b/security-admin/src/main/java/com/xasecure/biz/HadoopFSMgr.java
deleted file mode 100644
index e77a4f1..0000000
--- a/security-admin/src/main/java/com/xasecure/biz/HadoopFSMgr.java
+++ /dev/null
@@ -1,84 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
- /**
- *
- */
-package com.xasecure.biz;
-
-import org.apache.log4j.Logger;
-import org.springframework.context.annotation.Scope;
-import org.springframework.stereotype.Component;
-
-import com.xasecure.hadoop.client.HadoopFS;
-
-/**
- *
- *
- */
-
-@Component
-@Scope("singleton")
-public class HadoopFSMgr {
-
- private HadoopFS fs;
- private String dataSource;
- private static Logger logger = Logger.getLogger(HadoopFSMgr.class);
-
- public HadoopFSMgr() {
- init();
- }
-
- public HadoopFSMgr(String dataSource) {
- this.dataSource = dataSource;
- init();
- }
-
- private void init() {
- try {
-// if (dataSource != null) {
-// fs = new HadoopFS(dataSource);
-// } else {
-// fs = new HadoopFS("hadoopdev");
-// }
- } catch (Exception e) {
- logger.error("Error connecting hive client", e);
- }
- }
-
- protected HadoopFS getInstance(String dataSourceName) {
- if (dataSourceName == null) {
- logger.info("Hadoop client name not provided.");
- return fs;
- } else {
- if (fs.getDataSource() != null) {
- if (fs.getDataSource().equalsIgnoreCase(dataSourceName)) {
- return fs;
- } else {
- fs = new HadoopFS(dataSourceName);
- return fs;
- }
- } else {
- fs = new HadoopFS(dataSourceName);
- return fs;
- }
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/com/xasecure/biz/HiveFSMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/com/xasecure/biz/HiveFSMgr.java b/security-admin/src/main/java/com/xasecure/biz/HiveFSMgr.java
deleted file mode 100644
index e0cbcf1..0000000
--- a/security-admin/src/main/java/com/xasecure/biz/HiveFSMgr.java
+++ /dev/null
@@ -1,83 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
- /**
- *
- */
-package com.xasecure.biz;
-
-import org.apache.log4j.Logger;
-import org.springframework.context.annotation.Scope;
-import org.springframework.stereotype.Component;
-import com.xasecure.hive.client.HiveClient;
-
-/**
- *
- */
-
-// @Component
-// @Scope("singleton")
-
-public class HiveFSMgr {
-
- private HiveClient fs;
- private String dataSource;
- private static Logger logger = Logger.getLogger(HiveFSMgr.class);
-
- public HiveFSMgr() {
- init();
- }
-
- public HiveFSMgr(String dataSource) {
- this.dataSource = dataSource;
- init();
- }
-
- private void init() {
- try {
- if (dataSource != null) {
- fs = new HiveClient(dataSource);
- } else {
- fs = new HiveClient("dev-hive");
- }
- } catch (Exception e) {
- logger.error("Error connecting hive client", e);
- }
- }
-
- protected HiveClient getInstance(String dataSourceName) {
- if (dataSourceName == null) {
- logger.info("Hive client name not provided.");
- return fs;
- } else {
- if (fs.getDataSource() != null) {
- if (fs.getDataSource().equalsIgnoreCase(dataSourceName)) {
- return fs;
- } else {
- fs = new HiveClient(dataSourceName);
- return fs;
- }
- } else {
- fs = new HiveClient(dataSourceName);
- return fs;
- }
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/com/xasecure/biz/SessionMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/com/xasecure/biz/SessionMgr.java b/security-admin/src/main/java/com/xasecure/biz/SessionMgr.java
deleted file mode 100644
index ee6e29b..0000000
--- a/security-admin/src/main/java/com/xasecure/biz/SessionMgr.java
+++ /dev/null
@@ -1,342 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
- package com.xasecure.biz;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import javax.servlet.http.HttpServletRequest;
-
-import com.xasecure.common.XACommonEnums;
-import com.xasecure.common.XAConstants;
-import com.xasecure.common.DateUtil;
-import com.xasecure.common.HTTPUtil;
-import com.xasecure.common.MessageEnums;
-import com.xasecure.common.RESTErrorUtil;
-import com.xasecure.common.SearchCriteria;
-import com.xasecure.common.StringUtil;
-import com.xasecure.common.UserSessionBase;
-import com.xasecure.db.XADaoManager;
-import com.xasecure.entity.XXAuthSession;
-import com.xasecure.entity.XXPortalUser;
-import com.xasecure.entity.XXPortalUserRole;
-import com.xasecure.service.AuthSessionService;
-import com.xasecure.util.RestUtil;
-import com.xasecure.view.VXAuthSession;
-import com.xasecure.view.VXAuthSessionList;
-import com.xasecure.view.VXLong;
-
-import org.apache.log4j.Logger;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.web.authentication.WebAuthenticationDetails;
-import org.springframework.stereotype.Component;
-import org.springframework.transaction.annotation.Propagation;
-import org.springframework.transaction.annotation.Transactional;
-
-import com.xasecure.security.context.XAContextHolder;
-import com.xasecure.security.context.XASecurityContext;
-
-@Component
-@Transactional
-public class SessionMgr {
-
- static final Logger logger = Logger.getLogger(SessionMgr.class);
-
- @Autowired
- RESTErrorUtil restErrorUtil;
-
- @Autowired
- XADaoManager daoManager;
-
- @Autowired
- AuthSessionService authSessionService;
-
- @Autowired
- HTTPUtil httpUtil;
-
- @Autowired
- StringUtil stringUtil;
-
- public SessionMgr() {
- logger.debug("SessionManager created");
- }
-
- public UserSessionBase processSuccessLogin(int authType, String userAgent) {
- return processSuccessLogin(authType, userAgent, null);
- }
-
- public UserSessionBase processSuccessLogin(int authType, String userAgent,
- HttpServletRequest httpRequest) {
- boolean newSessionCreation = true;
- UserSessionBase userSession = null;
-
- XASecurityContext context = XAContextHolder.getSecurityContext();
- if (context != null) {
- userSession = context.getUserSession();
- }
-
- Authentication authentication = SecurityContextHolder.getContext()
- .getAuthentication();
- WebAuthenticationDetails details = (WebAuthenticationDetails) authentication
- .getDetails();
-
- String currentLoginId = authentication.getName();
- if (userSession != null) {
- if (validateUserSession(userSession, currentLoginId)) {
- newSessionCreation = false;
- }
- }
-
- if (newSessionCreation) {
- // Need to build the UserSession
- XXPortalUser gjUser = daoManager.getXXPortalUser().findByLoginId(currentLoginId);
- if (gjUser == null) {
- logger.error(
- "Error getting user for loginId=" + currentLoginId,
- new Exception());
- return null;
- }
-
- XXAuthSession gjAuthSession = new XXAuthSession();
- gjAuthSession.setLoginId(currentLoginId);
- gjAuthSession.setUserId(gjUser.getId());
- gjAuthSession.setAuthTime(DateUtil.getUTCDate());
- gjAuthSession.setAuthStatus(XXAuthSession.AUTH_STATUS_SUCCESS);
- gjAuthSession.setAuthType(authType);
- if (details != null) {
- gjAuthSession.setExtSessionId(details.getSessionId());
- gjAuthSession.setRequestIP(details.getRemoteAddress());
- }
-
- if (userAgent != null) {
- gjAuthSession.setRequestUserAgent(userAgent);
- }
- gjAuthSession.setDeviceType(httpUtil.getDeviceType(userAgent));
- gjAuthSession = storeAuthSession(gjAuthSession);
-
- userSession = new UserSessionBase();
- userSession.setXXPortalUser(gjUser);
- userSession.setXXAuthSession(gjAuthSession);
- resetUserSessionForProfiles(userSession);
-
- if (details != null) {
- logger.info("Login Success: loginId=" + currentLoginId
- + ", sessionId=" + gjAuthSession.getId()
- + ", sessionId=" + details.getSessionId()
- + ", requestId=" + details.getRemoteAddress());
- } else {
- logger.info("Login Success: loginId=" + currentLoginId
- + ", sessionId=" + gjAuthSession.getId()
- + ", details is null");
- }
-
- }
-
- return userSession;
- }
-
- public void resetUserSessionForProfiles(UserSessionBase userSession) {
- if (userSession == null) {
- // Nothing to reset
- return;
- }
-
- // Let's get the Current User Again
- String currentLoginId = userSession.getLoginId();
-
- XXPortalUser gjUser = daoManager.getXXPortalUser().findByLoginId(currentLoginId);
- userSession.setXXPortalUser(gjUser);
-
- setUserRoles(userSession);
-
- }
-
- private void setUserRoles(UserSessionBase userSession) {
-
- List<String> strRoleList = new ArrayList<String>();
- List<XXPortalUserRole> roleList = daoManager.getXXPortalUserRole().findByUserId(
- userSession.getUserId());
- for (XXPortalUserRole gjUserRole : roleList) {
- String userRole = gjUserRole.getUserRole();
-
- strRoleList.add(userRole);
- if (userRole.equals(XAConstants.ROLE_SYS_ADMIN)) {
- userSession.setUserAdmin(true);
- }
- }
- userSession.setUserRoleList(strRoleList);
- }
-
- public XXAuthSession processFailureLogin(int authStatus, int authType,
- String loginId, String remoteAddr, String sessionId) {
- XXAuthSession gjAuthSession = new XXAuthSession();
- gjAuthSession.setLoginId(loginId);
- gjAuthSession.setUserId(null);
- gjAuthSession.setAuthTime(DateUtil.getUTCDate());
- gjAuthSession.setAuthStatus(authStatus);
- gjAuthSession.setAuthType(authType);
- gjAuthSession.setDeviceType(XACommonEnums.DEVICE_UNKNOWN);
- gjAuthSession.setExtSessionId(sessionId);
- gjAuthSession.setRequestIP(remoteAddr);
- gjAuthSession.setRequestUserAgent(null);
-
- gjAuthSession = storeAuthSession(gjAuthSession);
- return gjAuthSession;
- }
-
- protected boolean validateUserSession(UserSessionBase userSession,
- String currentLoginId) {
- if (currentLoginId
- .equalsIgnoreCase(userSession.getXXPortalUser().getLoginId())) {
- return true;
- } else {
- logger.info(
- "loginId doesn't match loginId from HTTPSession. Will create new session. loginId="
- + currentLoginId + ", userSession=" + userSession,
- new Exception());
- return false;
- }
- }
-
- @Transactional(readOnly = false, propagation = Propagation.REQUIRES_NEW)
- protected XXAuthSession storeAuthSession(XXAuthSession gjAuthSession) {
- // daoManager.getEntityManager().getTransaction().begin();
- XXAuthSession dbMAuthSession = daoManager.getXXAuthSession().create(
- gjAuthSession);
- // daoManager.getEntityManager().getTransaction().commit();
- return dbMAuthSession;
- }
-
- // non-WEB processing
- public UserSessionBase processStandaloneSuccessLogin(int authType,
- String ipAddress) {
- Authentication authentication = SecurityContextHolder.getContext()
- .getAuthentication();
-
- String currentLoginId = authentication.getName();
-
- // Need to build the UserSession
- XXPortalUser gjUser = daoManager.getXXPortalUser().findByLoginId(currentLoginId);
- if (gjUser == null) {
- logger.error("Error getting user for loginId=" + currentLoginId,
- new Exception());
- return null;
- }
-
- XXAuthSession gjAuthSession = new XXAuthSession();
- gjAuthSession.setLoginId(currentLoginId);
- gjAuthSession.setUserId(gjUser.getId());
- gjAuthSession.setAuthTime(DateUtil.getUTCDate());
- gjAuthSession.setAuthStatus(XXAuthSession.AUTH_STATUS_SUCCESS);
- gjAuthSession.setAuthType(authType);
- gjAuthSession.setDeviceType(XACommonEnums.DEVICE_UNKNOWN);
- gjAuthSession.setExtSessionId(null);
- gjAuthSession.setRequestIP(ipAddress);
- gjAuthSession.setRequestUserAgent(null);
-
- gjAuthSession = storeAuthSession(gjAuthSession);
-
- UserSessionBase userSession = new UserSessionBase();
- userSession.setXXPortalUser(gjUser);
- userSession.setXXAuthSession(gjAuthSession);
-
- // create context with user-session and set in thread-local
- XASecurityContext context = new XASecurityContext();
- context.setUserSession(userSession);
- XAContextHolder.setSecurityContext(context);
-
- resetUserSessionForProfiles(userSession);
-
- return userSession;
- }
-
- /**
- * @param searchCriteria
- * @return
- */
- public VXAuthSessionList searchAuthSessions(SearchCriteria searchCriteria) {
-
- if (searchCriteria != null && searchCriteria.getParamList() != null
- && searchCriteria.getParamList().size() > 0) {
-
- int clientTimeOffsetInMinute=RestUtil.getClientTimeOffset();
- java.util.Date temp = null;
- DateUtil dateUtil = new DateUtil();
- if (searchCriteria.getParamList().containsKey("startDate")) {
- temp = (java.util.Date) searchCriteria.getParamList().get(
- "startDate");
- temp = dateUtil.getDateFromGivenDate(temp, 0, 0, 0, 0);
- temp = dateUtil.addTimeOffset(temp, clientTimeOffsetInMinute);
- searchCriteria.getParamList().put("startDate", temp);
- }
- if (searchCriteria.getParamList().containsKey("endDate")) {
- temp = (java.util.Date) searchCriteria.getParamList().get(
- "endDate");
- temp = dateUtil.getDateFromGivenDate(temp, 0, 23, 59, 59);
- temp = dateUtil.addTimeOffset(temp, clientTimeOffsetInMinute);
- searchCriteria.getParamList().put("endDate", temp);
- }
- }
-
- return authSessionService.search(searchCriteria);
- }
-
- public VXLong countAuthSessions(SearchCriteria searchCriteria) {
- return authSessionService.getSearchCount(searchCriteria,
- AuthSessionService.AUTH_SESSION_SEARCH_FLDS);
- }
-
- public VXAuthSession getAuthSession(Long id) {
- return authSessionService.readResource(id);
- }
-
- public VXAuthSession getAuthSessionBySessionId(String authSessionId) {
- if(stringUtil.isEmpty(authSessionId)){
- throw restErrorUtil.createRESTException("Please provide the auth session id.",
- MessageEnums.INVALID_INPUT_DATA);
- }
-
- XXAuthSession xXAuthSession = daoManager.getXXAuthSession()
- .getAuthSessionBySessionId(authSessionId);
-
- if(xXAuthSession==null){
- throw restErrorUtil.createRESTException("Please provide a valid "
- + "session id.", MessageEnums.INVALID_INPUT_DATA);
- }
-
- VXAuthSession vXAuthSession = authSessionService.populateViewBean(xXAuthSession);
- return vXAuthSession;
- }
-
- public boolean isValidXAUser(String loginId) {
- XXPortalUser pUser = daoManager.getXXPortalUser().findByLoginId(loginId);
- if (pUser == null) {
- logger.error("Error getting user for loginId=" + loginId);
- return false;
- } else {
- logger.info(loginId+" is a valid user");
- return true;
- }
-
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/com/xasecure/biz/UserMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/com/xasecure/biz/UserMgr.java b/security-admin/src/main/java/com/xasecure/biz/UserMgr.java
deleted file mode 100644
index 58b1c8c..0000000
--- a/security-admin/src/main/java/com/xasecure/biz/UserMgr.java
+++ /dev/null
@@ -1,1150 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
- package com.xasecure.biz;
-
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.HashMap;
-import java.util.List;
-
-import javax.persistence.Query;
-
-import com.xasecure.common.AppConstants;
-import com.xasecure.common.XACommonEnums;
-import com.xasecure.common.XAConstants;
-import com.xasecure.common.ContextUtil;
-import com.xasecure.common.GUIDUtil;
-import com.xasecure.common.MessageEnums;
-import com.xasecure.common.RESTErrorUtil;
-import com.xasecure.common.SearchCriteria;
-import com.xasecure.common.SearchUtil;
-import com.xasecure.common.StringUtil;
-import com.xasecure.common.UserSessionBase;
-import com.xasecure.common.DateUtil;
-import com.xasecure.common.XAConfigUtil;
-import com.xasecure.db.XADaoManager;
-import com.xasecure.entity.XXPortalUser;
-import com.xasecure.entity.XXPortalUserRole;
-import com.xasecure.entity.XXTrxLog;
-import com.xasecure.service.XPortalUserService;
-import com.xasecure.view.VXPasswordChange;
-import com.xasecure.view.VXResponse;
-import com.xasecure.view.VXString;
-import com.xasecure.view.VXPortalUser;
-import com.xasecure.view.VXPortalUserList;
-
-import org.apache.log4j.Logger;
-import org.apache.velocity.Template;
-import org.apache.velocity.app.VelocityEngine;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.authentication.encoding.Md5PasswordEncoder;
-import org.springframework.stereotype.Component;
-import org.springframework.transaction.annotation.Propagation;
-import org.springframework.transaction.annotation.Transactional;
-
-@Component
-public class UserMgr {
-
- static final Logger logger = Logger.getLogger(UserMgr.class);
- private static final Md5PasswordEncoder md5Encoder = new Md5PasswordEncoder();
-
- @Autowired
- XADaoManager daoManager;
-
- @Autowired
- RESTErrorUtil restErrorUtil;
-
- @Autowired
- StringUtil stringUtil;
-
- @Autowired
- SearchUtil searchUtil;
-
- @Autowired
- XABizUtil msBizUtil;
-
- @Autowired
- SessionMgr sessionMgr;
-
- @Autowired
- VelocityEngine velocityEngine;
- Template t;
-
- @Autowired
- DateUtil dateUtil;
-
- @Autowired
- XAConfigUtil configUtil;
-
- @Autowired
- XPortalUserService xPortalUserService;
-
- String publicRoles[] = new String[] { XAConstants.ROLE_USER,
- XAConstants.ROLE_OTHER };
-
- private static final List<String> DEFAULT_ROLE_LIST = new ArrayList<String>(
- 1);
-
- private static final List<String> VALID_ROLE_LIST = new ArrayList<String>(2);
-
- static {
- DEFAULT_ROLE_LIST.add(XAConstants.ROLE_USER);
- VALID_ROLE_LIST.add(XAConstants.ROLE_SYS_ADMIN);
- VALID_ROLE_LIST.add(XAConstants.ROLE_USER);
- }
-
- public UserMgr() {
- if (logger.isDebugEnabled()) {
- logger.debug("UserMgr()");
- }
- }
-
- public XXPortalUser createUser(VXPortalUser userProfile, int userStatus,
- Collection<String> userRoleList) {
- XXPortalUser user = mapVXPortalUserToXXPortalUser(userProfile);
- user = createUser(user, userStatus, userRoleList);
-
- return user;
- }
-
- public XXPortalUser createUser(XXPortalUser user, int userStatus,
- Collection<String> userRoleList) {
- user.setStatus(userStatus);
- String saltEncodedpasswd = encrypt(user.getLoginId(),
- user.getPassword());
- user.setPassword(saltEncodedpasswd);
- user = daoManager.getXXPortalUser().create(user);
-
- // Create the UserRole for this user
- List<XXPortalUserRole> gjUserRoleList = new ArrayList<XXPortalUserRole>();
- if (userRoleList != null) {
- for (String userRole : userRoleList) {
- XXPortalUserRole gjUserRole = addUserRole(user.getId(), userRole);
- if (gjUserRole != null) {
- gjUserRoleList.add(gjUserRole);
- }
- }
- }
-
- return user;
- }
-
- public XXPortalUser createUser(VXPortalUser userProfile, int userStatus) {
- ArrayList<String> roleList = new ArrayList<String>();
- Collection<String> reqRoleList = userProfile.getUserRoleList();
- if (reqRoleList != null && reqRoleList.size()>0) {
- for (String role : reqRoleList) {
- roleList.add(role);
- }
- }else{
- roleList.add(XAConstants.ROLE_USER);
- }
-
- return createUser(userProfile, userStatus, roleList);
- }
-
- /**
- * @param userProfile
- * @return
- */
- public XXPortalUser updateUser(VXPortalUser userProfile) {
- XXPortalUser gjUser = daoManager.getXXPortalUser().getById(
- userProfile.getId());
-
- if (gjUser == null) {
- logger.error("updateUser(). User not found. userProfile="
- + userProfile);
- return null;
- }
-
- checkAccess(gjUser);
-
- boolean updateUser = false;
- // Selectively update fields
-
- // status
- if (userProfile.getStatus() != gjUser.getStatus()) {
- updateUser = true;
- }
-
- // Allowing email address update even when its set to empty.
- // emailAddress
- String emailAddress = userProfile.getEmailAddress();
- if (stringUtil.isEmpty(emailAddress)) {
- String randomString = GUIDUtil.genGUI();
- userProfile.setEmailAddress(randomString);
- updateUser = true;
- } else {
- if (stringUtil.validateEmail(emailAddress)) {
- XXPortalUser checkUser = daoManager.getXXPortalUser()
- .findByEmailAddress(emailAddress);
- if (checkUser != null) {
- String loginId = userProfile.getLoginId();
- if (loginId == null) {
- throw restErrorUtil.createRESTException(
- "Invalid user, please provide valid "
- + "username.",
- MessageEnums.INVALID_INPUT_DATA);
- } else if (!loginId.equals(checkUser.getLoginId())) {
- throw restErrorUtil
- .createRESTException(
- "The email address "
- + "you've provided already exists in system.",
- MessageEnums.INVALID_INPUT_DATA);
- } else {
- userProfile.setEmailAddress(emailAddress);
- updateUser = true;
- }
- } else {
- userProfile.setEmailAddress(emailAddress);
- updateUser = true;
- }
- } else {
- throw restErrorUtil.createRESTException(
- "Please provide valid email address.",
- MessageEnums.INVALID_INPUT_DATA);
- }
- }
-
- // loginId
- // if (!stringUtil.isEmpty(userProfile.getLoginId())
- // && !userProfile.getLoginId().equals(gjUser.getLoginId())) {
- // gjUser.setLoginId(userProfile.getLoginId());
- // updateUser = true;
- // }
-
- // firstName
- if (!stringUtil.isEmpty(userProfile.getFirstName())
- && !userProfile.getFirstName().equals(gjUser.getFirstName())) {
- userProfile.setFirstName(stringUtil.toCamelCaseAllWords(userProfile
- .getFirstName()));
- updateUser = true;
- }
-
- // lastName allowed to be empty
- if (userProfile.getLastName() != null
- && !userProfile.getLastName().equals(gjUser.getLastName())) {
- userProfile.setLastName(stringUtil.toCamelCaseAllWords(userProfile
- .getLastName()));
- updateUser = true;
- }
-
- // publicScreenName
- if (!stringUtil.isEmpty(userProfile.getPublicScreenName())
- && !userProfile.getPublicScreenName().equals(
- gjUser.getPublicScreenName())) {
- userProfile.setPublicScreenName(userProfile.getFirstName() + " "
- + userProfile.getLastName());
- updateUser = true;
- }
-
- // notes
- /*if (!stringUtil.isEmpty(userProfile.getNotes())
- && !userProfile.getNotes().equalsIgnoreCase(gjUser.getNotes())) {
- updateUser = true;
- }*/
-
- // userRoleList
- updateRoles(userProfile.getId(), userProfile.getUserRoleList());
-
- if (updateUser) {
-
- List<XXTrxLog> trxLogList = xPortalUserService.getTransactionLog(
- userProfile, gjUser, "update");
-
- userProfile.setPassword(gjUser.getPassword());
- userProfile = xPortalUserService.updateResource(userProfile);
- sessionMgr.resetUserSessionForProfiles(ContextUtil
- .getCurrentUserSession());
-
- msBizUtil.createTrxLog(trxLogList);
- }
-
- return gjUser;
- }
-
- private boolean updateRoles(Long userId, Collection<String> rolesList) {
- boolean rolesUpdated = false;
- if (rolesList == null || rolesList.size() == 0) {
- return false;
- }
-
- // Let's first delete old roles
- List<XXPortalUserRole> gjUserRoles = daoManager.getXXPortalUserRole().findByUserId(
- userId);
-
- for (XXPortalUserRole gjUserRole : gjUserRoles) {
- boolean found = false;
- for (String userRole : rolesList) {
- if (gjUserRole.getUserRole().equalsIgnoreCase(userRole)) {
- found = true;
- break;
- }
- }
- if (!found) {
- if (deleteUserRole(userId, gjUserRole)) {
- rolesUpdated = true;
- }
- }
- }
-
- // Let's add new roles
- for (String userRole : rolesList) {
- boolean found = false;
- for (XXPortalUserRole gjUserRole : gjUserRoles) {
- if (gjUserRole.getUserRole().equalsIgnoreCase(userRole)) {
- found = true;
- break;
- }
- }
- if (!found) {
- if (addUserRole(userId, userRole) != null) {
- rolesUpdated = true;
- }
- }
- }
- return rolesUpdated;
- }
-
- /**
- * @param userId
- * @param vStrings
- */
- public void setUserRoles(Long userId, List<VXString> vStringRolesList) {
- List<String> stringRolesList = new ArrayList<String>();
- for (VXString vXString : vStringRolesList) {
- stringRolesList.add(vXString.getValue());
- }
- updateRoles(userId, stringRolesList);
- }
-
- /**
- * @param pwdChange
- * @return
- */
- public VXResponse changePassword(VXPasswordChange pwdChange) {
- // First let's get the XXPortalUser for the current logged in user
- String currentUserLoginId = ContextUtil.getCurrentUserLoginId();
- XXPortalUser gjUserCurrent = daoManager.getXXPortalUser()
- .findByLoginId(currentUserLoginId);
-
- String encryptedOldPwd = encrypt(gjUserCurrent.getLoginId(),
- pwdChange.getOldPassword());
-
- VXResponse ret = new VXResponse();
-
- if (!stringUtil.equals(encryptedOldPwd, gjUserCurrent.getPassword())) {
- logger.info("changePassword(). Invalid old password. userId="
- + pwdChange.getId());
-
- throw restErrorUtil.createRESTException(
- "serverMsg.userMgrPassword",
- MessageEnums.OPER_NO_PERMISSION, null, null,
- "" + pwdChange.getId());
- }
-
- // Get the user for whom we want to change the password
- XXPortalUser gjUser = daoManager.getXXPortalUser().getById(
- pwdChange.getId());
- if (gjUser == null) {
- logger.warn("SECURITY:changePassword(). User not found. userId="
- + pwdChange.getId());
- throw restErrorUtil.createRESTException(
- "serverMsg.userMgrInvalidUser",
- MessageEnums.DATA_NOT_FOUND, null, null,
- "" + pwdChange.getId());
- }
-
- if (!stringUtil
- .validatePassword(
- pwdChange.getUpdPassword(),
- new String[] { gjUser.getFirstName(),
- gjUser.getLastName(), gjUser.getLoginId(),
- gjUserCurrent.getFirstName(),
- gjUserCurrent.getLastName(),
- gjUserCurrent.getLoginId() })) {
- logger.warn("SECURITY:changePassword(). Invalid new password. userId="
- + pwdChange.getId());
-
- throw restErrorUtil.createRESTException(
- "serverMsg.userMgrNewPassword",
- MessageEnums.INVALID_PASSWORD, null, null,
- "" + pwdChange.getId());
- }
-
- String encryptedNewPwd = encrypt(gjUser.getLoginId(),
- pwdChange.getUpdPassword());
-
- String currentPassword = gjUser.getPassword();
-
- if (!encryptedNewPwd.equals(currentPassword)) {
-
- List<XXTrxLog> trxLogList = new ArrayList<XXTrxLog>();
- XXTrxLog xTrxLog = new XXTrxLog();
-
- xTrxLog.setAttributeName("Password");
- xTrxLog.setPreviousValue(currentPassword);
- xTrxLog.setNewValue(encryptedNewPwd);
- xTrxLog.setAction("password change");
- xTrxLog.setObjectClassType(AppConstants.CLASS_TYPE_PASSWORD_CHANGE);
- xTrxLog.setObjectId(pwdChange.getId());
- xTrxLog.setObjectName(pwdChange.getLoginId());
- trxLogList.add(xTrxLog);
-
- msBizUtil.createTrxLog(trxLogList);
-
- gjUser.setPassword(encryptedNewPwd);
- gjUser = daoManager.getXXPortalUser().update(gjUser);
-
- ret.setMsgDesc("Password successfully updated");
- ret.setStatusCode(VXResponse.STATUS_SUCCESS);
- } else {
- ret.setMsgDesc("Password update failed");
- ret.setStatusCode(VXResponse.STATUS_ERROR);
- throw restErrorUtil.createRESTException(
- "serverMsg.userMgrOldPassword",
- MessageEnums.INVALID_INPUT_DATA, gjUser.getId(),
- "password", gjUser.toString());
- }
- return ret;
- }
-
- /**
- * @param gjUser
- * @param changeEmail
- * @return
- */
- public VXPortalUser changeEmailAddress(XXPortalUser gjUser,
- VXPasswordChange changeEmail) {
-
- if (gjUser.getEmailAddress() != null) {
- throw restErrorUtil.createRESTException(
- "serverMsg.userMgrEmailChange",
- MessageEnums.OPER_NO_PERMISSION, null, null, ""
- + changeEmail);
- }
-
- String encryptedOldPwd = encrypt(gjUser.getLoginId(),
- changeEmail.getOldPassword());
-
- if (!stringUtil.validateEmail(changeEmail.getEmailAddress())) {
- logger.info("Invalid email address." + changeEmail);
- throw restErrorUtil.createRESTException(
- "serverMsg.userMgrInvalidEmail",
- MessageEnums.INVALID_INPUT_DATA, changeEmail.getId(),
- "emailAddress", changeEmail.toString());
-
- }
-
- if (!stringUtil.equals(encryptedOldPwd, gjUser.getPassword())) {
- logger.info("changeEmailAddress(). Invalid password. changeEmail="
- + changeEmail);
-
- throw restErrorUtil.createRESTException(
- "serverMsg.userMgrWrongPassword",
- MessageEnums.OPER_NO_PERMISSION, null, null, ""
- + changeEmail);
- }
-
- // Normalize email. Make it lower case
- gjUser.setEmailAddress(stringUtil.normalizeEmail(changeEmail
- .getEmailAddress()));
-
- // loginId
- gjUser.setLoginId(gjUser.getEmailAddress());
-
- String saltEncodedpasswd = encrypt(gjUser.getLoginId(),
- changeEmail.getOldPassword());
-
- gjUser.setPassword(saltEncodedpasswd);
-
- daoManager.getXXPortalUser().update(gjUser);
- return mapXXPortalUserVXPortalUser(gjUser);
- }
-
- /**
- * @param userId
- */
- public VXPortalUser deactivateUser(XXPortalUser gjUser) {
- if (gjUser != null
- && gjUser.getStatus() != XAConstants.ACT_STATUS_DEACTIVATED) {
- logger.info("Marking user " + gjUser.getLoginId() + " as deleted");
- gjUser.setStatus(XAConstants.ACT_STATUS_DEACTIVATED);
- gjUser = daoManager.getXXPortalUser().update(gjUser);
- return mapXXPortalUserVXPortalUser(gjUser);
- }
- return null;
- }
-
- public VXPortalUser getUserProfile(Long id) {
- XXPortalUser user = daoManager.getXXPortalUser().getById(id);
- if (user != null) {
- checkAccessForRead(user);
- return mapXXPortalUserVXPortalUser(user);
- } else {
- if (logger.isDebugEnabled()) {
- logger.debug("User not found. userId=" + id);
- }
- return null;
- }
- }
-
- public VXPortalUser getUserProfileByLoginId() {
- String loginId = ContextUtil.getCurrentUserLoginId();
- return getUserProfileByLoginId(loginId);
- }
-
- public VXPortalUser getUserProfileByLoginId(String loginId) {
- XXPortalUser user = daoManager.getXXPortalUser().findByLoginId(loginId);
- if (user != null) {
- return mapXXPortalUserVXPortalUser(user);
- } else {
- if (logger.isDebugEnabled()) {
- logger.debug("User not found. loginId=" + loginId);
- }
- return null;
- }
- }
-
- public XXPortalUser mapVXPortalUserToXXPortalUser(VXPortalUser userProfile) {
- XXPortalUser gjUser = new XXPortalUser();
- gjUser.setEmailAddress(userProfile.getEmailAddress());
- gjUser.setFirstName(userProfile.getFirstName());
- gjUser.setLastName(userProfile.getLastName());
- gjUser.setLoginId(userProfile.getLoginId());
- gjUser.setPassword(userProfile.getPassword());
- gjUser.setUserSource(userProfile.getUserSource());
- gjUser.setPublicScreenName(userProfile.getPublicScreenName());
- return gjUser;
- }
-
- /**
- * @param user
- * @return
- */
- public VXPortalUser mapXXPortalUserToVXPortalUser(XXPortalUser user,
- Collection<String> userRoleList) {
- if (user == null) {
- return null;
- }
- UserSessionBase sess = ContextUtil.getCurrentUserSession();
- if (sess == null) {
- return null;
- }
-
- VXPortalUser userProfile = new VXPortalUser();
- gjUserToUserProfile(user, userProfile);
- if (sess.isUserAdmin() || sess.getXXPortalUser().getId().equals(user.getId())) {
- if (userRoleList == null) {
- userRoleList = new ArrayList<String>();
- List<XXPortalUserRole> gjUserRoleList = daoManager.getXXPortalUserRole()
- .findByParentId(user.getId());
-
- for (XXPortalUserRole userRole : gjUserRoleList) {
- userRoleList.add(userRole.getUserRole());
- }
- }
-
- userProfile.setUserRoleList(userRoleList);
- }
- userProfile.setUserSource(user.getUserSource());
- return userProfile;
- }
-
- private void gjUserToUserProfile(XXPortalUser user, VXPortalUser userProfile) {
- UserSessionBase sess = ContextUtil.getCurrentUserSession();
- if (sess == null) {
- return;
- }
-
- // Is accessed by peer from the same account
- boolean isPeer = false;
- boolean isAccountAdmin = false;
-
- // Admin
- if (sess.isUserAdmin() || sess.getXXPortalUser().getId().equals(user.getId())) {
- userProfile.setLoginId(user.getLoginId());
- userProfile.setStatus(user.getStatus());
- userProfile.setUserRoleList(new ArrayList<String>());
- String emailAddress = user.getEmailAddress();
-
- if (emailAddress != null && stringUtil.validateEmail(emailAddress)) {
- userProfile.setEmailAddress(user.getEmailAddress());
- }
-
- if (sess != null) {
- userProfile.setUserSource(sess.getAuthProvider());
- }
-
- List<XXPortalUserRole> gjUserRoleList = daoManager.getXXPortalUserRole()
- .findByParentId(user.getId());
-
- for (XXPortalUserRole gjUserRole : gjUserRoleList) {
- userProfile.getUserRoleList().add(gjUserRole.getUserRole());
- }
- }
-
- if (sess.isUserAdmin() || sess.getXXPortalUser().getId().equals(user.getId())
- || isPeer) {
- userProfile.setId(user.getId());
- userProfile.setFirstName(user.getFirstName());
- userProfile.setLastName(user.getLastName());
- userProfile.setPublicScreenName(user.getPublicScreenName());
- if (isAccountAdmin) {
- userProfile.setEmailAddress(user.getEmailAddress());
- }
- }
-
- }
-
- /**
- * Translates XXPortalUser to VUserProfile. This method should be called in the
- * same transaction in which the XXPortalUser was retrieved from the database
- *
- * @param user
- * @return
- */
- public VXPortalUser mapXXPortalUserVXPortalUser(XXPortalUser user) {
- return mapXXPortalUserToVXPortalUser(user, null);
- }
-
- /**
- * @param emailId
- * @return
- */
- public XXPortalUser findByEmailAddress(String emailId) {
- return daoManager.getXXPortalUser().findByEmailAddress(emailId);
- }
-
- public XXPortalUser findByLoginId(String loginId) {
- return daoManager.getXXPortalUser().findByLoginId(loginId);
- }
-
- @Transactional(readOnly = true, propagation = Propagation.REQUIRED)
- public Collection<String> getRolesForUser(XXPortalUser user) {
- Collection<String> roleList = new ArrayList<String>();
-
- Collection<XXPortalUserRole> roleCollection = daoManager.getXXPortalUserRole()
- .findByUserId(user.getId());
- for (XXPortalUserRole role : roleCollection) {
- roleList.add(role.getUserRole());
- }
- return roleList;
- }
-
- /**
- * @param searchCriteria
- * @return
- */
- public VXPortalUserList searchUsers(SearchCriteria searchCriteria) {
-
- VXPortalUserList returnList = new VXPortalUserList();
- ArrayList<VXPortalUser> objectList = new ArrayList<VXPortalUser>();
- String queryStr = "SELECT u FROM XXPortalUser u ";
- String countQueryStr = "SELECT COUNT(u) FROM XXPortalUser u ";
-
- // Get total count first
- Query query = createUserSearchQuery(countQueryStr, null, searchCriteria);
- Long count = (Long) query.getSingleResult();
- if (count == null || count.longValue() == 0) {
- return returnList;
- }
-
- // Get actual data
-
- // Add sort by
- String sortBy = searchCriteria.getSortBy();
- String querySortBy = "u.loginId";
- if (!stringUtil.isEmpty(sortBy)) {
- sortBy = sortBy.trim();
- if (sortBy.equalsIgnoreCase("userId")) {
- querySortBy = "u.id";
- } else if (sortBy.equalsIgnoreCase("loginId")) {
- querySortBy = "ua.loginId";
- } else if (sortBy.equalsIgnoreCase("emailAddress")) {
- querySortBy = "u.emailAddress";
- } else if (sortBy.equalsIgnoreCase("firstName")) {
- querySortBy = "u.firstName";
- } else if (sortBy.equalsIgnoreCase("lastName")) {
- querySortBy = "u.lastName";
- } else {
- sortBy = "loginId";
- logger.error("Invalid sortBy provided. sortBy=" + sortBy);
- }
- } else {
- sortBy = "loginId";
- }
-
- // Default sort field
- String sortClause = " order by " + querySortBy + " ";
-
- // Add sort type
- String sortType = searchCriteria.getSortType();
- String querySortType = "asc";
- if (sortType != null) {
- if (sortType.equalsIgnoreCase("asc")
- || sortType.equalsIgnoreCase("desc")) {
- querySortType = sortType;
- } else {
- logger.error("Invalid sortType. sortType=" + sortType);
- }
- }
- sortClause += querySortType;
-
- query = createUserSearchQuery(queryStr, sortClause, searchCriteria);
-
- // Set start index
- query.setFirstResult(searchCriteria.getStartIndex());
-
- searchUtil.updateQueryPageSize(query, searchCriteria);
-
- @SuppressWarnings("rawtypes")
- List resultList = query.getResultList();
- // Iterate over the result list and create the return list
- for (Object object : resultList) {
- XXPortalUser gjUser = (XXPortalUser) object;
- VXPortalUser userProfile = new VXPortalUser();
- gjUserToUserProfile(gjUser, userProfile);
- objectList.add(userProfile);
- }
-
- returnList.setPageSize(query.getMaxResults());
- returnList.setSortBy(sortBy);
- returnList.setSortType(querySortType);
- returnList.setStartIndex(query.getFirstResult());
- returnList.setTotalCount(count.longValue());
- returnList.setVXPortalUsers(objectList);
- return returnList;
- }
-
- /**
- * @param queryStr
- * @param sortClause
- * @param searchCriteria
- * @return
- */
- private Query createUserSearchQuery(String queryStr, String sortClause,
- SearchCriteria searchCriteria) {
- HashMap<String, Object> paramList = searchCriteria.getParamList();
-
- String whereClause = "WHERE 1 = 1 ";
-
- // roles
- @SuppressWarnings("unchecked")
- List<String> roleList = (List<String>) paramList.get("roleList");
- if (roleList != null && roleList.size() > 0) {
- whereClause = ", XXPortalUserRole ur WHERE u.id = ur.userId";
- if (roleList.size() == 1) {
- // For only one role, let's do an equal to
- whereClause += " and ur.userRole = :role";
- } else {
- whereClause += " and ur.userRole in (:roleList)";
- }
- }
-
- // userId
- Long userId = (Long) paramList.get("userId");
- if (userId != null) {
- whereClause += " and u.id = :userId ";
- }
-
- // loginId
- String loginId = (String) paramList.get("loginId");
- if (loginId != null) {
- whereClause += " and LOWER(u.loginId) = :loginId ";
- }
-
- // emailAddress
- String emailAddress = (String) paramList.get("emailAddress");
- if (emailAddress != null) {
- whereClause += " and LOWER(u.emailAddress) = :emailAddress ";
- }
-
- // firstName
- String firstName = (String) paramList.get("firstName");
- if (firstName != null) {
- whereClause += " and LOWER(u.firstName) = :firstName ";
- }
-
- // lastName
- String lastName = (String) paramList.get("lastName");
- if (lastName != null) {
- whereClause += " and LOWER(u.lastName) = :lastName ";
- }
-
- // status
- Integer status = null;
- @SuppressWarnings("unchecked")
- List<Integer> statusList = (List<Integer>) paramList.get("statusList");
- if (statusList != null && statusList.size() == 1) {
- // use == condition
- whereClause += " and u.status = :status";
- status = statusList.get(0);
- } else if (statusList != null && statusList.size() > 1) {
- // use in operator
- whereClause += " and u.status in (:statusList) ";
- }
-
- // publicScreenName
- String publicScreenName = (String) paramList.get("publicScreenName");
- if (publicScreenName != null) {
- whereClause += " and LOWER(u.publicScreenName) = :publicScreenName ";
- }
-
- // familyScreenName
- String familyScreenName = (String) paramList.get("familyScreenName");
- if (familyScreenName != null) {
- whereClause += " and LOWER(u.familyScreenName) = :familyScreenName ";
- }
-
- if (sortClause != null) {
- whereClause += sortClause;
- }
-
- Query query = daoManager.getEntityManager().createQuery(
- queryStr + whereClause);
-
- if (roleList != null && roleList.size() > 0) {
- if (roleList.size() == 1) {
- query.setParameter("role", roleList.get(0));
- } else {
- query.setParameter("roleList", roleList);
- }
- }
-
- if (status != null) {
- query.setParameter("status", status);
- }
- if (statusList != null && statusList.size() > 1) {
- query.setParameter("statusList", statusList);
- }
- if (emailAddress != null) {
- query.setParameter("emailAddress", emailAddress.toLowerCase());
- }
-
- // userId
- if (userId != null) {
- query.setParameter("userId", userId);
- }
- // firstName
- if (firstName != null) {
- query.setParameter("firstName", firstName.toLowerCase());
- }
- // lastName
- if (lastName != null) {
- query.setParameter("lastName", lastName.toLowerCase());
- }
-
- // loginId
- if (loginId != null) {
- query.setParameter("loginId", loginId.toLowerCase());
- }
-
- // publicScreenName
- if (publicScreenName != null) {
- query.setParameter("publicScreenName",
- publicScreenName.toLowerCase());
- }
-
- // familyScreenName
- if (familyScreenName != null) {
- query.setParameter("familyScreenName",
- familyScreenName.toLowerCase());
- }
-
- return query;
- }
-
- public boolean deleteUserRole(Long userId, String userRole) {
- List<XXPortalUserRole> roleList = daoManager.getXXPortalUserRole().findByUserId(
- userId);
- for (XXPortalUserRole gjUserRole : roleList) {
- if (gjUserRole.getUserRole().equalsIgnoreCase(userRole)) {
- return deleteUserRole(userId, gjUserRole);
- }
- }
- return false;
- }
-
- public boolean deleteUserRole(Long userId, XXPortalUserRole gjUserRole) {
- /*if (XAConstants.ROLE_USER.equals(gjUserRole.getUserRole())) {
- return false;
- }*/
- boolean publicRole = false;
- for (int i = 0; i < publicRoles.length; i++) {
- if (publicRoles[i].equalsIgnoreCase(gjUserRole.getUserRole())) {
- publicRole = true;
- break;
- }
- }
- if (!publicRole) {
- UserSessionBase sess = ContextUtil.getCurrentUserSession();
- if (sess == null || !sess.isUserAdmin()) {
- return false;
- }
- }
-
- daoManager.getXXPortalUserRole().remove(gjUserRole.getId());
- return true;
- }
-
- public XXPortalUserRole addUserRole(Long userId, String userRole) {
- List<XXPortalUserRole> roleList = daoManager.getXXPortalUserRole().findByUserId(
- userId);
- boolean publicRole = false;
- for (int i = 0; i < publicRoles.length; i++) {
- if (publicRoles[i].equalsIgnoreCase(userRole)) {
- publicRole = true;
- break;
- }
- }
- if (!publicRole) {
- UserSessionBase sess = ContextUtil.getCurrentUserSession();
- if (sess == null) {
- return null;
- }
- // Admin
- if (!sess.isUserAdmin()) {
- logger.error(
- "SECURITY WARNING: User trying to add non public role. userId="
- + userId + ", role=" + userRole + ", session="
- + sess.toString(), new Throwable());
- return null;
- }
- }
-
- for (XXPortalUserRole gjUserRole : roleList) {
- if (userRole.equalsIgnoreCase(gjUserRole.getUserRole())) {
- return gjUserRole;
- }
- }
- XXPortalUserRole userRoleObj = new XXPortalUserRole();
- userRoleObj.setUserRole(userRole.toUpperCase());
- userRoleObj.setUserId(userId);
- userRoleObj.setStatus(XAConstants.STATUS_ENABLED);
- daoManager.getXXPortalUserRole().create(userRoleObj);
-
- // If role is not OTHER, then remove OTHER
- if (!XAConstants.ROLE_OTHER.equalsIgnoreCase(userRole)) {
- deleteUserRole(userId, XAConstants.ROLE_OTHER);
- }
-
- sessionMgr.resetUserSessionForProfiles(ContextUtil
- .getCurrentUserSession());
- return null;
- }
-
- public void checkAccess(Long userId) {
- XXPortalUser gjUser = daoManager.getXXPortalUser().getById(userId);
- if (gjUser == null) {
- throw restErrorUtil
- .create403RESTException("serverMsg.userMgrWrongUser"
- + userId);
- }
-
- checkAccess(gjUser);
- }
-
- /**
- * @param gjUser
- * @return
- */
- public void checkAccess(XXPortalUser gjUser) {
- if (gjUser == null) {
- throw restErrorUtil
- .create403RESTException("serverMsg.userMgrWrongUser");
- }
- UserSessionBase sess = ContextUtil.getCurrentUserSession();
- if (sess != null) {
-
- // Admin
- if (sess != null && sess.isUserAdmin()) {
- return;
- }
-
- // Self
- if (sess.getXXPortalUser().getId().equals(gjUser.getId())) {
- return;
- }
-
- }
- throw restErrorUtil.create403RESTException("User "
- + " access denied. loggedInUser="
- + (sess != null ? sess.getXXPortalUser().getId() : "Not Logged In")
- + ", accessing user=" + gjUser.getId());
-
- }
-
- public void checkAccessForRead(XXPortalUser gjUser) {
- if (gjUser == null) {
- throw restErrorUtil
- .create403RESTException("serverMsg.userMgrWrongUser");
- }
- UserSessionBase sess = ContextUtil.getCurrentUserSession();
- if (sess != null) {
-
- // Admin
- if (sess != null && sess.isUserAdmin()) {
- return;
- }
-
- // Self
- if (sess.getXXPortalUser().getId().equals(gjUser.getId())) {
- return;
- }
-
- }
- throw restErrorUtil.create403RESTException("User "
- + " access denied. loggedInUser="
- + (sess != null ? sess.getXXPortalUser().getId() : "Not Logged In")
- + ", accessing user=" + gjUser.getId());
-
- }
-
- public String encrypt(String loginId, String password) {
- String saltEncodedpasswd = md5Encoder.encodePassword(password, loginId);
- return saltEncodedpasswd;
- }
-
- public VXPortalUser createUser(VXPortalUser userProfile) {
- XXPortalUser xXPortalUser = this
- .createUser(userProfile, XACommonEnums.STATUS_ENABLED);
- return mapXXPortalUserVXPortalUser(xXPortalUser);
- }
-
- public VXPortalUser createDefaultAccountUser(VXPortalUser userProfile) {
- if(userProfile.getPassword()==null||userProfile.getPassword().trim().isEmpty()){
- userProfile.setUserSource(XACommonEnums.USER_EXTERNAL);
- }
- // access control
- UserSessionBase session = ContextUtil.getCurrentUserSession();
- if (session != null) {
- if (!session.isUserAdmin()) {
- throw restErrorUtil.create403RESTException("User "
- + "creation denied. LoggedInUser="
- + (session != null ? session.getXXPortalUser().getId()
- : "Not Logged In")
- + " ,isn't permitted to perform the action.");
-
- }
- }
-
- XXPortalUser xXPortalUser = null;
- String loginId = userProfile.getLoginId();
- String emailAddress = userProfile.getEmailAddress();
-
- if (loginId != null && !loginId.isEmpty()) {
- xXPortalUser = this.findByLoginId(loginId);
- if (xXPortalUser == null) {
- if (emailAddress != null && !emailAddress.isEmpty()) {
- xXPortalUser = this.findByEmailAddress(emailAddress);
- if (xXPortalUser == null) {
- xXPortalUser = this.createUser(userProfile,
- XACommonEnums.STATUS_ENABLED);
- } else {
- throw restErrorUtil
- .createRESTException(
- "The email address "
- + emailAddress
- + " you've provided already exists. Please try again with different "
- + "email address.",
- MessageEnums.OPER_NOT_ALLOWED_FOR_STATE);
- }
- } else {
- String randomEmail = GUIDUtil.genGUI();
- userProfile.setEmailAddress(randomEmail);
- xXPortalUser = this.createUser(userProfile,
- XACommonEnums.STATUS_ENABLED);
- }
- } else {
- /*throw restErrorUtil
- .createRESTException(
- "The login id "
- + loginId
- + " you've provided already exists. Please try again with different "
- + "login id.",
- MessageEnums.OPER_NOT_ALLOWED_FOR_STATE);*/
- }
- }
-
- return mapXXPortalUserToVXPortalUserForDefaultAccount(xXPortalUser);
- }
-
- private VXPortalUser mapXXPortalUserToVXPortalUserForDefaultAccount(XXPortalUser user) {
-
- VXPortalUser userProfile = new VXPortalUser();
-
- userProfile.setLoginId(user.getLoginId());
- userProfile.setEmailAddress(user.getEmailAddress());
- userProfile.setStatus(user.getStatus());
- userProfile.setUserRoleList(new ArrayList<String>());
- userProfile.setId(user.getId());
- userProfile.setFirstName(user.getFirstName());
- userProfile.setLastName(user.getLastName());
- userProfile.setPublicScreenName(user.getPublicScreenName());
- userProfile.setEmailAddress(user.getEmailAddress());
-
- List<XXPortalUserRole> gjUserRoleList = daoManager.getXXPortalUserRole()
- .findByParentId(user.getId());
-
- for (XXPortalUserRole gjUserRole : gjUserRoleList) {
- userProfile.getUserRoleList().add(gjUserRole.getUserRole());
- }
-
- return userProfile;
- }
-
- public boolean isUserInRole(Long userId, String role) {
- XXPortalUserRole xXPortalUserRole = daoManager.getXXPortalUserRole().findByRoleUserId(
- userId, role);
- if (xXPortalUserRole != null) {
- String userRole = xXPortalUserRole.getUserRole();
- if (userRole.equalsIgnoreCase(role)) {
- return true;
- }
- }
- return false;
- }
-
- public XXPortalUser updateUserWithPass(VXPortalUser userProfile) {
- String updatedPassword = userProfile.getPassword();
- XXPortalUser xXPortalUser = this.updateUser(userProfile);
-
- if (updatedPassword != null && !updatedPassword.isEmpty()) {
- if (!stringUtil.validatePassword(updatedPassword,
- new String[] { xXPortalUser.getFirstName(), xXPortalUser.getLastName(),
- xXPortalUser.getLoginId() })) {
- logger.warn("SECURITY:changePassword(). Invalid new password. userId="
- + xXPortalUser.getId());
-
- throw restErrorUtil.createRESTException(
- "serverMsg.userMgrNewPassword",
- MessageEnums.INVALID_PASSWORD, null, null,
- "" + xXPortalUser.getId());
- }
-
- String encryptedNewPwd = encrypt(xXPortalUser.getLoginId(),
- updatedPassword);
- xXPortalUser.setPassword(encryptedNewPwd);
- xXPortalUser = daoManager.getXXPortalUser().update(xXPortalUser);
- }
- return xXPortalUser;
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/413fcb68/security-admin/src/main/java/com/xasecure/biz/UserMgrBase.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/com/xasecure/biz/UserMgrBase.java b/security-admin/src/main/java/com/xasecure/biz/UserMgrBase.java
deleted file mode 100644
index efdf4bc..0000000
--- a/security-admin/src/main/java/com/xasecure/biz/UserMgrBase.java
+++ /dev/null
@@ -1,66 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
- package com.xasecure.biz;
-
-import com.xasecure.common.*;
-import com.xasecure.service.*;
-import com.xasecure.view.*;
-import org.springframework.beans.factory.annotation.Autowired;
-public class UserMgrBase {
-
- @Autowired
- RESTErrorUtil restErrorUtil;
-
- @Autowired
- XPortalUserService xPortalUserService;
- public VXPortalUser getXPortalUser(Long id){
- return (VXPortalUser)xPortalUserService.readResource(id);
- }
-
- public VXPortalUser createXPortalUser(VXPortalUser vXPortalUser){
- vXPortalUser = (VXPortalUser)xPortalUserService.createResource(vXPortalUser);
- return vXPortalUser;
- }
-
- public VXPortalUser updateXPortalUser(VXPortalUser vXPortalUser) {
- vXPortalUser = (VXPortalUser)xPortalUserService.updateResource(vXPortalUser);
- return vXPortalUser;
- }
-
- public void deleteXPortalUser(Long id, boolean force) {
- if (force) {
- xPortalUserService.deleteResource(id);
- } else {
- throw restErrorUtil.createRESTException(
- "serverMsg.modelMgrBaseDeleteModel",
- MessageEnums.OPER_NOT_ALLOWED_FOR_ENTITY);
- }
- }
-
- public VXPortalUserList searchXPortalUsers(SearchCriteria searchCriteria) {
- return xPortalUserService.searchXPortalUsers(searchCriteria);
- }
-
- public VXLong getXPortalUserSearchCount(SearchCriteria searchCriteria) {
- return xPortalUserService.getSearchCount(searchCriteria,
- xPortalUserService.searchFields);
- }
-
-}