javax.annotation.security.PermitAll Java Examples

@DELETE
@Path("{job-id}")
@Operation(
        summary = "Delete a job from the system",
        description = "Deletes a job from the system, removing **all** job data. Running jobs are aborted before deletion."
)
@PermitAll
public int deleteJob(
        @Context
                SecurityContext context,
        @Parameter(description = "The job's ID")
        @PathParam("job-id")
        @NotNull
                JobId jobId) {

    if (jobId == null)
        throw new WebApplicationException("Job ID is null", 400);

    // ensure the job is aborted before deleting it: stops dangling IO writes
    jobManagerActions.tryAbort(jobId);
    jobDAO.remove(jobId);

    return 200;
}
 

@PermitAll
@Override
public ContainerHost getContainerHostById( final String hostId ) throws HostNotFoundException
{
    Preconditions.checkNotNull( hostId, "Invalid container host id" );

    for ( ResourceHost resourceHost : getResourceHosts() )
    {
        try
        {
            return resourceHost.getContainerHostById( hostId );
        }
        catch ( HostNotFoundException e )
        {
            //ignore
        }
    }

    throw new HostNotFoundException( String.format( "Container host not found by id %s", hostId ) );
}
 

@PermitAll
@Override
public ContainerHost getContainerHostByHostName( String hostname ) throws HostNotFoundException
{
    Preconditions.checkArgument( !StringUtils.isBlank( hostname ), "Container hostname shouldn't be null" );

    for ( ResourceHost resourceHost : getResourceHosts() )
    {
        try
        {
            return resourceHost.getContainerHostByHostName( hostname );
        }
        catch ( HostNotFoundException ignore )
        {
            //ignore
        }
    }

    throw new HostNotFoundException( String.format( "No container host found for hostname %s", hostname ) );
}
 

@PUT @Path("{teststepId}")
@PermitAll
@JsonView(ResourceJsonViews.TeststepEdit.class)
public TeststepWrapper update(Teststep teststep) throws Exception {
    //  Restore otherProperties from system database for existing XMLValidAgainstXSD assertions, as they are not
    //  supposed to be updated through this API (currently used for UI only).
    //  Without this code, whenever a new XMLValidAgainstXSD assertion is added, or an existing XMLValidAgainstXSD
    //  assertion is deleted, all existing XMLValidAgainstXSD assertions in the same test step will see their
    //  otherProperties.fileBytes set to null in system database.
    List<Assertion> assertions = teststep.getAssertions();
    for (Assertion assertion: assertions) {
        if (assertion.getId() != null && Assertion.TYPE_XML_VALID_AGAINST_XSD.endsWith(assertion.getType())) {
            assertion.setOtherProperties(assertionDAO.findById(assertion.getId()).getOtherProperties());
        }
    }

    teststepDAO.update(teststep);

    TeststepWrapper wrapper = new TeststepWrapper();
    Teststep newTeststep = teststep.getRequestType() == TeststepRequestType.FILE ?
            teststepDAO.findById_NoRequest(teststep.getId()) : teststepDAO.findById_Complete(teststep.getId());
    wrapper.setTeststep(newTeststep);
    populateParametersInWrapper(wrapper);

    return wrapper;
}
 

/**
 * Clears any cached credentials for the calling user. The end result is that future calls to other methods on this application will require outside contact
 * with the authentication provider.
 *
 * If the credentials are for a single user with no proxy involved, these are the only credentials flushed. Otherwise, if there is a proxy chain, this will
 * flush the DN for the user in the proxy (assumes there is never more than one user in the proxy chain).
 */
@GET
@Path("/flushCachedCredentials")
@Produces({"application/xml", "text/xml", "application/json", "text/yaml", "text/x-yaml", "application/x-yaml", "application/x-protobuf",
        "application/x-protostuff"})
@PermitAll
public GenericResponse<String> flushCachedCredentials() {
    GenericResponse<String> response = new GenericResponse<>();
    Principal callerPrincipal = context.getCallerPrincipal();
    log.info("Flushing credentials for " + callerPrincipal + " from the cache.");
    if (callerPrincipal instanceof DatawavePrincipal) {
        DatawavePrincipal dp = (DatawavePrincipal) callerPrincipal;
        response.setResult(credentialsCache.evict(dp.getUserDN().subjectDN()));
    } else {
        log.warn(callerPrincipal + " is not a DatawavePrincipal.  Cannot flush credentials.");
        response.addMessage("Unable to determine calling user name.  Values were not flushed!");
        throw new DatawaveWebApplicationException(new IllegalStateException("Unable to flush credentials.  Unknown principal type."), response);
    }
    
    return response;
}
 

@PermitAll
@Override
public void runAs( Session userSession, final Runnable action )
{
    if ( userSession != null )
    {
        Subject.doAs( userSession.getSubject(), new PrivilegedAction<Void>()
        {
            @Override
            public Void run()
            {
                try
                {
                    action.run();
                }
                catch ( Exception ex )
                {
                    LOGGER.error( "**** Error!! Error running privileged action.", ex );
                }
                return null;
            }
        } );
    }
}
 

@PermitAll
@JmxManaged
public int getConnectionUsagePercent() {
    double maxPercentage = 0.0;
    for (Entry<String,Map<Priority,AccumuloConnectionPool>> entry : pools.entrySet()) {
        for (Entry<Priority,AccumuloConnectionPool> poolEntry : entry.getValue().entrySet()) {
            // Don't include ADMIN priority connections when computing a usage percentage
            if (Priority.ADMIN.equals(poolEntry.getKey()))
                continue;
            
            MutableInt maxActive = new MutableInt();
            MutableInt numActive = new MutableInt();
            MutableInt numWaiting = new MutableInt();
            MutableInt unused = new MutableInt();
            poolEntry.getValue().getConnectionPoolStats(maxActive, numActive, unused, unused, numWaiting);
            
            double percentage = (numActive.doubleValue() + numWaiting.doubleValue()) / maxActive.doubleValue();
            if (percentage > maxPercentage) {
                maxPercentage = percentage;
            }
        }
    }
    return (int) (maxPercentage * 100);
}
 

@GET
@Path("unsecured")
@PermitAll
public String getSubjectUnsecured(@Context SecurityContext sec) {
    Principal user = sec.getUserPrincipal();
    String name = user != null ? user.getName() : "anonymous";
    return name;
}
 

/**
 * *********************************************************************************** Authenticate user by JWT
 *
 * @param token Token to be checked
 *
 * @return authenticated user
 */
@PermitAll
@Override
public User authenticateByToken( String token ) throws SystemSecurityException
{
    String subject = TokenUtil.getSubject( token );

    UserToken userToken = identityDataService.getValidUserToken( subject );

    if ( userToken != null && TokenUtil.verifySignature( token, userToken.getSecret() ) )
    {
        return getUser( userToken.getUserId() );
    }
    else
    {
        throw new InvalidLoginException();
    }
}
 

@PermitAll
@Override
public ContainerHost getContainerHostByIp( final String hostIp ) throws HostNotFoundException
{
    Preconditions.checkNotNull( hostIp, "Invalid container host ip" );

    for ( ResourceHost resourceHost : getResourceHosts() )
    {
        try
        {
            return resourceHost.getContainerHostByIp( hostIp );
        }
        catch ( HostNotFoundException e )
        {
            //ignore
        }
    }

    throw new HostNotFoundException( String.format( "Container host not found by ip %s", hostIp ) );
}
 

@PermitAll
@Override
public void runAs( Session userSession, final Callable action )
{
    if ( userSession != null )
    {
        Subject.doAs( userSession.getSubject(), new PrivilegedAction<Void>()
        {
            @Override
            public Void run()
            {
                try
                {
                    action.call();
                }
                catch ( Exception ex )
                {
                    LOGGER.error( "**** Error!! Error running privileged action.", ex );
                }
                return null;
            }
        } );
    }
}
 

/**
 * *********************************************************************************** Update (renew) Authorization
 * ID of the User (Which is used by RSA keys to authenticate)
 *
 * @param user User
 * @param authId Authorization ID
 *
 * @return Newly assigned Authorization ID (random string, if authId param is NULL)
 */
@PermitAll
@Override
public String updateUserAuthId( User user, String authId ) throws SystemSecurityException
{
    if ( user != null )
    {
        if ( StringUtils.isBlank( authId ) )
        {
            authId = UUID.randomUUID().toString();
        }

        if ( authId.length() < 4 )
        {
            throw new IllegalArgumentException( "Password cannot be shorter than 4 characters" );
        }

        if ( user.getAuthId().equals( authId ) )
        {
            throw new IllegalArgumentException( "NewPassword cannot be the same as old one." );
        }


        user.setAuthId( authId );
        user.setValidDate( DateUtils.addDays( new Date( System.currentTimeMillis() ), IDENTITY_LIFETIME ) );
        identityDataService.updateUser( user );

        return authId;
    }

    return "";
}
 

@PermitAll
@Override
public ResourceHost getResourceHostById( final String hostId ) throws HostNotFoundException
{
    Preconditions.checkNotNull( hostId, "Resource host id is null" );

    for ( ResourceHost resourceHost : getResourceHosts() )
    {
        if ( resourceHost.getId().equals( hostId ) )
        {
            return resourceHost;
        }
    }
    throw new HostNotFoundException( String.format( "Resource host not found by id %s", hostId ) );
}
 

@POST @Path("{teststepId}/useDirectEndpoint")
@PermitAll
public Teststep useDirectEndpoint(Teststep teststep) throws JsonProcessingException {
    teststepDAO.useDirectEndpoint(teststep, appInfo.getAppMode());

    return teststepDAO.findById_NoRequest(teststep.getId());
}
 

@POST @PermitAll
@Path("testcases/{testcaseId}/datatable/deleteRow")
@JsonView(ResourceJsonViews.DataTableUIGrid.class)
public DataTable deleteRow(@PathParam("testcaseId") long testcaseId, @QueryParam("rowSequence") short rowSequence) {
    dataTableCellDAO.deleteRow(testcaseId, rowSequence);
    return dataTableDAO.getTestcaseDataTable(testcaseId, false);
}
 

@POST @Path("testcases/{testcaseId}/udps/move")
@PermitAll
public List<UserDefinedProperty> move(@PathParam("testcaseId") long testcaseId,
                 @QueryParam("fromSequence") short fromSequence, @QueryParam("toSequence") short toSequence) {
    udpDAO.moveInTestcase(testcaseId, fromSequence, toSequence);
    return udpDAO.findByTestcaseId(testcaseId);
}
 

@GET
@Path("unsecured")
@PermitAll
public String getSubjectUnsecured(@Context SecurityContext sec) {
    Principal user = sec.getUserPrincipal();
    String name = user != null ? user.getName() : "anonymous";
    return name;
}
 

@GET
@Path("open")
@Produces("application/json")
@PermitAll
public Response getOpenData(int id) {
    return null;
}
 

@PermitAll
@Override
public Session login( String userName, String password )
{
    try
    {
        Session userSession = null;

        CallbackHandler ch = getCallbackHandler( userName, password );
        Subject subject = new Subject();
        LoginContext loginContext = new LoginContext( "karaf", subject, ch );
        loginContext.login();

        while ( subject.getPrivateCredentials().iterator().hasNext() )
        {
            Object obj = subject.getPrivateCredentials().iterator().next();

            if ( obj instanceof SessionEntity )
            {
                userSession = ( Session ) obj;
                userSession.setSubject( subject );
                break;
            }
        }

        return userSession;
    }
    catch ( Exception ex )
    {
        return null;
    }
}
 

/**
 * *********************************************************************************** Checks username and password
 * (authenticates), on success returns full token
 *
 * @param userName Login name
 * @param password Password
 *
 * @return Full JWT
 */
@PermitAll
@Override
public String getUserToken( String userName, String password )
{
    String token = "";

    User user = authenticateUser( userName, password );

    if ( user != null )
    {
        UserToken userToken = getUserToken( user.getId() );

        if ( userToken == null )
        {
            userToken = createUserToken( user, "", "", "", TokenType.SESSION.getId(), null );
        }
        else
        {
            if ( userToken.getType() == TokenType.SESSION.getId() )
            {
                removeUserToken( userToken.getTokenId() );

                userToken = createUserToken( user, "", "", "", TokenType.SESSION.getId(), null );
            }
        }

        token = userToken.getFullToken();
    }

    return token;
}
 

@GET
@Path("{job-id}")
@Operation(
        summary = "Get details of a job managed by the system.",
        description = "")
@ApiResponses(value = {
        @ApiResponse(
                 responseCode = "200",
                 description = "Job details found",
                 content = @Content(
                         schema = @Schema(implementation = APIJobDetails.class)
                 )),
        @ApiResponse(
                 responseCode = "404",
                 description = "The job could not be found",
                 content = @Content(
                         schema = @Schema(implementation = APIErrorMessage.class)
                 )),
        @ApiResponse(
                 responseCode = "401",
                 description = "Client not authorized to request job details",
                 content = @Content(
                         schema = @Schema(implementation = APIErrorMessage.class)
                 ))
})
@PermitAll
public Optional<APIJobDetails> getJobDetailsById(
        @Context
                SecurityContext context,
        @Parameter(description = "The job's ID")
        @PathParam("job-id")
        @NotNull
                JobId jobId) {

    if (jobId == null)
        throw new WebApplicationException("Job ID is null", 400);

    return jobDAO.getJobDetailsById(jobId).map(this::toJobResponse);
}
 

@POST @PermitAll
@Path("testcases/{testcaseId}/datatable/renameColumn")
public DataTable renameColumn(@PathParam("testcaseId") long testcaseId, @QueryParam("columnId") long columnId,
                              @QueryParam("newName") String newName) {
    dataTableColumnDAO.rename(columnId, newName);
    return dataTableDAO.getTestcaseDataTable(testcaseId, false);
}
 

@POST @PermitAll
@Path("testcases/{testcaseId}/datatable/addColumn")
@JsonView(ResourceJsonViews.DataTableUIGrid.class)
public DataTable addColumn(@PathParam("testcaseId") long testcaseId, @QueryParam("columnType") String columnType) {
    dataTableColumnDAO.insert(testcaseId, columnType);
    return dataTableDAO.getTestcaseDataTable(testcaseId, false);
}
 

@PermitAll
@Override
public List<User> getAllUsers()
{
    List<User> result = new ArrayList<>();
    result.addAll( identityDataService.getAllUsers() );
    return result;
}
 

/**
 * This is a stateless operation, i.e. not persisting anything in database.
 * @param propertyExtractionRequest
 * @return
 */
@POST @Path("propertyExtractors/{propertyExtractorId}/extract")
@PermitAll
public PropertyExtractionResult extract(PropertyExtractionRequest propertyExtractionRequest) throws IOException {
    PropertyExtractor propertyExtractor = propertyExtractionRequest.getPropertyExtractor();

    //  gather referenceable string properties
    long testcaseId = propertyExtractorDAO.findTestcaseIdById(propertyExtractor.getId());
    List<UserDefinedProperty> testcaseUDPs = udpDAO.findByTestcaseId(testcaseId);
    Map<String, String> referenceableStringProperties = IronTestUtils.udpListToMap(testcaseUDPs);
    Set<String> udpNames = referenceableStringProperties.keySet();
    DataTable dataTable = dataTableDAO.getTestcaseDataTable(testcaseId, true);
    if (dataTable.getRows().size() > 0) {
        IronTestUtils.checkDuplicatePropertyNameBetweenDataTableAndUPDs(udpNames, dataTable);
        referenceableStringProperties.putAll(dataTable.getStringPropertiesInRow(0));
    }

    PropertyExtractorRunner propertyExtractorRunner = PropertyExtractorRunnerFactory.getInstance().create(
            propertyExtractor, referenceableStringProperties);
    String propertyExtractionInput = propertyExtractionRequest.getInput();
    PropertyExtractionResult result = new PropertyExtractionResult();
    try {
        result.setPropertyValue(propertyExtractorRunner.extract(propertyExtractionInput));
    } catch (Exception e) {
        LOGGER.error("Failed to extract property", e);
        result.setError(e.getMessage());
    }
    return result;
}
 

@POST @PermitAll
@Path("testcases/{testcaseId}/datatable/moveColumn")
public DataTable moveColumn(@PathParam("testcaseId") long testcaseId,
                            @QueryParam("fromSequence") short fromSequence, @QueryParam("toSequence") short toSequence) {
    dataTableColumnDAO.moveInTestcase(testcaseId, fromSequence, toSequence);
    return dataTableDAO.getTestcaseDataTable(testcaseId, false);
}
 

@GET
@PermitAll
public APIRootResponse get(@Context SecurityContext context) {
    final Map<String, APIRestLink> links = new HashMap<>();
    links.put("v1", new APIRestLink(URI.create(Constants.HTTP_V1_ROOT)));
    return new APIRootResponse(links);
}
 

@POST
@Path("teststeps/{teststepId}/propertyExtractors")
@PermitAll
public PropertyExtractor create(@PathParam("teststepId") long teststepId, PropertyExtractor propertyExtractor) {
    long id = propertyExtractorDAO.insert(teststepId, propertyExtractor);
    return propertyExtractorDAO.findById(id);
}
 

@PermitAll
@Override
public Session login( HttpServletRequest request, Message message )
{
    try
    {

        final String bearerToken = getBearerToken( request );
        if ( bearerToken == null )
        {
            return null;
        }

        final TokenHelperImpl token = new TokenHelperImpl( bearerToken );
        String subject = token.getSubject();
        if ( subject == null )
        {
            return null;
        }

        Map<String, List<String>> headers = ( Map<String, List<String>> ) message.get( Message.PROTOCOL_HEADERS );
        headers.put( SUBUTAI_ORIGIN_HEADER_KEY, Arrays.asList( token.getSubject() ) );

        message.put( Message.PROTOCOL_HEADERS, headers );

        return verifyJWTToken( bearerToken ) ? loginSystemUser() : null;
    }
    catch ( TokenParseException e )
    {
        return null;
    }
}
 

@PermitAll
@Override
public boolean changeUserPassword( String userName, String oldPassword, String newPassword )
        throws SystemSecurityException
{
    User user = identityDataService.getUserByUsername( userName );
    return changeUserPassword( user, oldPassword, newPassword );
}