Java Code Examples for org.elasticsearch.action.support.ActionFilterChain#proceed()

The following examples show how to use org.elasticsearch.action.support.ActionFilterChain#proceed() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: RangerSecurityActionFilter.java    From ranger with Apache License 2.0 6 votes vote down vote up
@Override
public <Request extends ActionRequest, Response extends ActionResponse> void apply(Task task, String action,
		Request request, ActionListener<Response> listener, ActionFilterChain<Request, Response> chain) {
	String user = threadContext.getTransient(UsernamePasswordToken.USERNAME);
	// If user is not null, then should check permission of the outside caller.
	if (StringUtils.isNotEmpty(user)) {
		List<String> indexs = RequestUtils.getIndexFromRequest(request);
		String clientIPAddress = threadContext.getTransient(RequestUtils.CLIENT_IP_ADDRESS);
		for (String index : indexs) {
			boolean result = rangerElasticsearchAuthorizer.checkPermission(user, null, index, action,
					clientIPAddress);
			if (!result) {
				String errorMsg = "Error: User[{}] could not do action[{}] on index[{}]";
				throw new ElasticsearchStatusException(errorMsg, RestStatus.FORBIDDEN, user, action, index);
			}
		}
	} else {
		if (LOG.isDebugEnabled()) {
			LOG.debug("User is null, no check permission for elasticsearch do action[{}] with request[{}]", action,
					request);
		}
	}
	chain.proceed(task, action, request, listener);
}
 
Example 2
Source File: AuthActionFilter.java    From Elasticsearch with Apache License 2.0 5 votes vote down vote up
public void apply(Task task, String action, ActionRequest request,
                  ActionListener listener, ActionFilterChain chain) {
    try {
        // authentication
        ActionSourceType sourceType = ActionSourceType.getActionSourceType(action);
        LoginUserContext userInfoContext = request.getHeader(LoginUserContext.USER_INFO_KEY);
        // authentication and authorization only happened on the proxy node(the node user connected to)
        // for sql, the authorized value will be set to true
        // for rest,
        if (sourceType == ActionSourceType.OTHERS
                && userInfoContext != null
                && !userInfoContext.authorized()
                && userInfoContext.getUserProperty() != null) {
            AuthResult authResult = authService.authenticate(request, action);
            if (authResult.getStatus() != RestStatus.OK) {
                throw new NoPermissionException(authResult.getStatus().getStatus(), authResult.getMessage());
            }
            userInfoContext.setAuthorized(true);
        }
        // filter other tenants in clusterState if necessary
        AuthService.setStateFilter(request, action);
        chain.proceed(task, action, request, listener);
    } catch (Throwable t) {
        logger.error("errors while check auth", t);
        throw t;
    }
}
 
Example 3
Source File: SearchActionFilter.java    From elasticsearch-dynarank with Apache License 2.0 5 votes vote down vote up
@Override
public <Request extends ActionRequest, Response extends ActionResponse> void apply(final Task task, final String action,
        final Request request, final ActionListener<Response> listener, final ActionFilterChain<Request, Response> chain) {
    if (!SearchAction.INSTANCE.name().equals(action)) {
        chain.proceed(task, action, request, listener);
        return;
    }

    final SearchRequest searchRequest = (SearchRequest) request;
    final ActionListener<Response> wrappedListener = DynamicRanker.getInstance().wrapActionListener(action, searchRequest, listener);
    chain.proceed(task, action, request, wrappedListener == null ? listener : wrappedListener);
}
 
Example 4
Source File: AuthActionFilter.java    From Elasticsearch with Apache License 2.0 4 votes vote down vote up
public void apply(String action, ActionResponse response, ActionListener listener, ActionFilterChain chain)
{
    chain.proceed(action, response, listener);
}