org.secnod.shiro.jaxrs.Auth Java Examples
The following examples show how to use
org.secnod.shiro.jaxrs.Auth.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: LoginResource.java From cassandra-reaper with Apache License 2.0 | 6 votes |
|
@Path("/login")
@POST
public void login(
@FormParam("username") String username,
@FormParam("password") String password,
@FormParam("rememberMe") boolean rememberMe,
@Auth Subject subject) throws IOException {
ensurePresent(username, "Invalid credentials: missing username.");
ensurePresent(password, "Invalid credentials: missing password.");
try {
subject.login(new UsernamePasswordToken(username, password, rememberMe));
} catch (AuthenticationException e) {
throw new IncorrectCredentialsException("Invalid credentials combination for user: " + username);
}
}
Example #2
| Source File: TablesResource.java From airpal with Apache License 2.0 | 6 votes |
|
@GET
@Produces(MediaType.APPLICATION_JSON)
@Path("{schema}/{tableName}/columns")
public Response getTableColumns(
@Auth AirpalUser user,
@PathParam("schema") String schema,
@PathParam("tableName") String tableName)
throws ExecutionException
{
if (isAuthorizedRead(user, defaultCatalog, schema, tableName)) {
return Response.ok(columnCache.getColumns(schema, tableName)).build();
}
else {
return Response.status(Response.Status.FORBIDDEN).build();
}
}
Example #3
| Source File: TablesResource.java From airpal with Apache License 2.0 | 6 votes |
|
@GET
@Produces(MediaType.APPLICATION_JSON)
public Response getTableUpdates(
@Auth AirpalUser user,
@QueryParam("catalog") Optional<String> catalogOptional)
{
final String catalog = catalogOptional.or(defaultCatalog);
final Map<String, List<String>> schemaMap = schemaCache.getSchemaMap(catalog);
final ImmutableList.Builder<Table> builder = ImmutableList.builder();
for (Map.Entry<String, List<String>> entry : schemaMap.entrySet()) {
String schema = entry.getKey();
for (String table : entry.getValue()) {
if (isAuthorizedRead(user, catalog, schema, table)) {
builder.add(new Table(catalog, schema, table));
}
}
}
final List<Table> tables = builder.build();
final Map<Table, Long> allUsages = usageStore.getUsages(tables);
final Map<PartitionedTable, DateTime> updateMap = Collections.emptyMap();
return Response.ok(createTablesWithMetaData(tables, allUsages, updateMap)).build();
}
Example #4
| Source File: UserResource.java From airpal with Apache License 2.0 | 6 votes |
|
@GET
public Response getUserInfo(@Auth AirpalUser user)
{
if (user == null) {
return Response.status(Response.Status.FORBIDDEN).build();
} else {
return Response.ok(
new UserInfo(
user.getUserName(),
new ExecutionPermissions(
AuthorizationUtil.isAuthorizedWrite(user, "hive", "airpal", "any"),
true,
user.getAccessLevel())
)).build();
}
}
Example #5
| Source File: TablesResource.java From airpal with Apache License 2.0 | 6 votes |
|
@GET
@Produces(MediaType.APPLICATION_JSON)
@Path("{schema}/{tableName}/partitions")
public Response getTablePartitions(
@Auth AirpalUser user,
@PathParam("schema") String schema,
@PathParam("tableName") String tableName)
throws ExecutionException
{
if (isAuthorizedRead(user, defaultCatalog, schema, tableName)) {
return Response.ok(getPartitionsWithMetaData(new PartitionedTable("hive", schema, tableName))).build();
}
else {
return Response.status(Response.Status.FORBIDDEN).build();
}
}
Example #6
| Source File: QueryResource.java From airpal with Apache License 2.0 | 6 votes |
|
@DELETE
@Path("saved/{uuid}")
@Produces(MediaType.APPLICATION_JSON)
public Response deleteQuery(
@Auth AirpalUser user,
@PathParam("uuid") UUID uuid)
{
if (user != null) {
if (queryStore.deleteSavedQuery(user, uuid)) {
return Response.status(Response.Status.NO_CONTENT).build();
}
else {
return Response.status(Response.Status.NOT_FOUND).build();
}
}
return Response.status(Response.Status.UNAUTHORIZED).build();
}
Example #7
| Source File: UsersResource.java From airpal with Apache License 2.0 | 6 votes |
|
@GET
@Path("permissions")
public Response getUserPermissions(
@Auth AirpalUser user,
@PathParam("id") String userId)
{
if (user == null) {
return Response.status(Response.Status.FORBIDDEN).build();
} else {
return Response.ok(
new ExecutionPermissions(
AuthorizationUtil.isAuthorizedWrite(user, "hive", "airpal", "any"),
true,
user.getAccessLevel())
).build();
}
}
Example #8
| Source File: ExecuteResource.java From airpal with Apache License 2.0 | 6 votes |
|
@GET
@Path("permissions")
@Produces(MediaType.APPLICATION_JSON)
public Response getPermissions(@Auth AirpalUser user)
{
if (user == null) {
return Response.status(Response.Status.FORBIDDEN).build();
} else {
return Response.ok(new ExecutionPermissions(
AuthorizationUtil.isAuthorizedWrite(user, "hive", "airpal", "any"),
true,
user.getUserName(),
user.getAccessLevel()
)).build();
}
}
Example #9
| Source File: ExecuteResource.java From airpal with Apache License 2.0 | 6 votes |
|
@PUT
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
public Response executeQuery(@Auth AirpalUser user, ExecutionRequest request) throws IOException
{
if (user != null) {
final UUID queryUuid = executionClient.runQuery(
request,
user,
user.getDefaultSchema(),
user.getQueryTimeout());
return Response.ok(new ExecutionSuccess(queryUuid)).build();
}
return Response.status(Response.Status.NOT_FOUND)
.entity(new ExecutionError("No Airpal user found"))
.build();
}
Example #10
| Source File: InjectionResource.java From shiro-jersey with Apache License 2.0 | 5 votes |
|
@Path("usersubject")
@GET
public String sessionUser(@Auth Subject subject, @Auth User user) {
if (subject != user.unwrap(Subject.class)) {
throw new WebApplicationException(Status.INTERNAL_SERVER_ERROR);
}
return "User and Subject method param injection works.\n";
}
Example #11
| Source File: TypeFactory.java From shiro-jersey with Apache License 2.0 | 5 votes |
|
@Override
public Factory<?> getValueFactory(Parameter parameter) {
if (type.equals(parameter.getRawType()) && parameter.isAnnotationPresent(Auth.class)) {
return this;
}
return null;
}
Example #12
| Source File: UsersResource.java From airpal with Apache License 2.0 | 5 votes |
|
@GET
@Path("active-queries")
public Response getUserActiveQueries(@Auth AirpalUser user)
{
List<Job> sortedResult = Ordering
.natural()
.nullsLast()
.onResultOf(JOB_ORDERING)
.reverse()
.immutableSortedCopy(activeJobsStore.getJobsForUser(user));
return Response.ok(sortedResult).build();
}
Example #13
| Source File: TablesResource.java From airpal with Apache License 2.0 | 5 votes |
|
@GET
@Produces(MediaType.APPLICATION_JSON)
@Path("{schema}/{tableName}/preview")
public Response getTablePreview(
@Auth AirpalUser user,
@PathParam("schema") String schema,
@PathParam("tableName") String tableName,
@QueryParam("connectorId") String connectorId,
@QueryParam("partitionName") final String partitionName,
@QueryParam("partitionValue") String partitionValue)
throws ExecutionException
{
List<HivePartition> partitions = columnCache.getPartitions(schema, tableName);
Optional<HivePartition> partition = FluentIterable.from(partitions).firstMatch(
new Predicate<HivePartition>()
{
@Override
public boolean apply(HivePartition input)
{
return Objects.equals(input.getName(), partitionName);
}
});
if (isAuthorizedRead(user, defaultCatalog, schema, tableName)) {
return Response.ok(previewTableCache.getPreview(
Optional.fromNullable(connectorId).or(defaultCatalog),
schema,
tableName,
partition,
partitionValue)).build();
}
else {
return Response.status(Response.Status.FORBIDDEN).build();
}
}
Example #14
| Source File: QueriesResource.java From airpal with Apache License 2.0 | 5 votes |
|
@DELETE
@Path("/{uuid}")
public Response cancelQuery(
@Auth AirpalUser user,
@PathParam("uuid") UUID uuid)
{
boolean success = executionClient.cancelQuery(user, uuid);
if (success) {
return Response.ok().build();
} else {
return Response.status(Response.Status.NOT_FOUND).build();
}
}
Example #15
| Source File: QueryResource.java From airpal with Apache License 2.0 | 5 votes |
|
@GET
@Path("saved")
@Produces(MediaType.APPLICATION_JSON)
public Response getSaved(
@Auth AirpalUser user,
@QueryParam("table") List<PartitionedTable> tables)
{
if (user != null) {
return Response.ok(queryStore.getSavedQueries(user)).build();
}
return Response.ok(Collections.<SavedQuery>emptyList()).build();
}
Example #16
| Source File: QueryResource.java From airpal with Apache License 2.0 | 5 votes |
|
@POST
@Path("saved")
@Produces(MediaType.APPLICATION_JSON)
public Response saveQuery(
@Auth AirpalUser user,
@FormParam("description") String description,
@FormParam("name") String name,
@FormParam("query") String query)
{
CreateSavedQueryBuilder createFeaturedQueryRequest = CreateSavedQueryBuilder.featured()
.description(description)
.name(name)
.query(query);
if (user != null) {
SavedQuery savedQuery = createFeaturedQueryRequest.user(user.getUserName())
.build();
if (queryStore.saveQuery((UserSavedQuery) savedQuery)) {
return Response.ok(savedQuery.getUuid()).build();
}
else {
return Response.status(Response.Status.NOT_FOUND).build();
}
}
return Response.status(Response.Status.UNAUTHORIZED).build();
}
Example #17
| Source File: InjectionResource.java From shiro-jersey with Apache License 2.0 | 5 votes |
|
@Path("usersubject")
@GET
public String sessionUser(@Auth Subject subject, @Auth User user) {
if (subject != user.unwrap(Subject.class)) {
throw new WebApplicationException(Status.INTERNAL_SERVER_ERROR);
}
return "User and Subject method param injection works.\n";
}
Example #18
| Source File: TypeFactory.java From shiro-jersey with Apache License 2.0 | 5 votes |
|
@Override
public Factory<?> getValueFactory(Parameter parameter) {
if (type.equals(parameter.getRawType()) && parameter.isAnnotationPresent(Auth.class)) {
return this;
}
return null;
}
Example #19
| Source File: AuthInjectionBinder.java From shiro-jersey with Apache License 2.0 | 4 votes |
|
@Override
protected void configure() {
bind(AuthParamInjectionResolver.class).in(Singleton.class)
.to(new TypeLiteral<InjectionResolver<Auth>>() {});
}
Example #20
| Source File: SessionResource.java From shiro-jersey with Apache License 2.0 | 4 votes |
|
@GET
public String sessionUser(@Auth User user) {
return "Current user: " + user + "\n";
}
Example #21
| Source File: UserAuthResource.java From shiro-jersey with Apache License 2.0 | 4 votes |
|
@GET
public String get(@Auth User user) {
user.checkPermissionBySomeRule();
return Double.toString(Math.random());
}
Example #22
| Source File: SubjectAuthResource.java From shiro-jersey with Apache License 2.0 | 4 votes |
|
@GET
public String get(@Auth Subject subject) {
if (!subject.isAuthenticated()) throw new UnauthenticatedException();
return Double.toString(Math.random());
}
Example #23
| Source File: QueryResource.java From airpal with Apache License 2.0 | 4 votes |
|
@GET
@Path("history")
@Produces(MediaType.APPLICATION_JSON)
public Response getHistory(
@Auth AirpalUser user,
@QueryParam("table") List<Table> tables)
{
Iterable<Job> recentlyRun;
if (tables.size() < 1) {
recentlyRun = jobHistoryStore.getRecentlyRun(200);
}
else {
Table[] tablesArray = tables.toArray(new Table[tables.size()]);
Table[] restTables = Arrays.copyOfRange(tablesArray, 1, tablesArray.length);
recentlyRun = jobHistoryStore.getRecentlyRun(200, tablesArray[0], restTables);
}
ImmutableList.Builder<Job> filtered = ImmutableList.builder();
for (Job job : recentlyRun) {
if (job.getTablesUsed().isEmpty() && (job.getState() == JobState.FAILED)) {
filtered.add(job);
continue;
}
for (Table table : job.getTablesUsed()) {
if (AuthorizationUtil.isAuthorizedRead(user, table)) {
filtered.add(new Job(
job.getUser(),
job.getQuery(),
job.getUuid(),
job.getOutput(),
job.getQueryStats(),
job.getState(),
Collections.<Column>emptyList(),
Collections.<Table>emptySet(),
job.getQueryStartedDateTime(),
job.getError(),
job.getQueryFinishedDateTime()));
}
}
}
List<Job> sortedResult = Ordering
.natural()
.nullsLast()
.onResultOf(JOB_ORDERING)
.reverse()
.immutableSortedCopy(filtered.build());
return Response.ok(sortedResult).build();
}
Example #24
| Source File: QueriesResource.java From airpal with Apache License 2.0 | 4 votes |
|
@GET
public Response getQueries(
@Auth AirpalUser user,
@QueryParam("results") int numResults,
@QueryParam("table") List<PartitionedTable> tables)
{
Iterable<Job> recentlyRun;
int results = Optional.of(numResults).or(200);
if (tables.size() < 1) {
recentlyRun = jobHistoryStore.getRecentlyRun(results);
} else {
recentlyRun = jobHistoryStore.getRecentlyRun(
results,
Iterables.transform(tables, new PartitionedTable.PartitionedTableToTable()));
}
ImmutableList.Builder<Job> filtered = ImmutableList.builder();
for (Job job : recentlyRun) {
if (job.getTablesUsed().isEmpty() && (job.getState() == JobState.FAILED)) {
filtered.add(job);
continue;
}
for (Table table : job.getTablesUsed()) {
if (AuthorizationUtil.isAuthorizedRead(user, table)) {
filtered.add(new Job(
job.getUser(),
job.getQuery(),
job.getUuid(),
job.getOutput(),
job.getQueryStats(),
job.getState(),
Collections.<Column>emptyList(),
Collections.<Table>emptySet(),
job.getQueryStartedDateTime(),
job.getError(),
job.getQueryFinishedDateTime()));
}
}
}
List<Job> sortedResult = Ordering
.natural()
.nullsLast()
.onResultOf(JOB_ORDERING)
.reverse()
.immutableSortedCopy(filtered.build());
return Response.ok(sortedResult).build();
}
Example #25
| Source File: UsersResource.java From airpal with Apache License 2.0 | 4 votes |
|
@GET
@Path("queries")
public Response getUserQueries(
@Auth AirpalUser user,
@PathParam("id") String userId,
@QueryParam("results") int numResults,
@QueryParam("table") List<PartitionedTable> tables)
{
Iterable<Job> recentlyRun;
int results = Optional.of(numResults).or(0);
if (results <= 0) {
results = 100;
}
if (tables.size() < 1) {
recentlyRun = jobHistoryStore.getRecentlyRunForUser(userId, results);
} else {
recentlyRun = jobHistoryStore.getRecentlyRunForUser(
userId,
results,
Iterables.transform(tables, new PartitionedTableToTable()));
}
ImmutableList.Builder<Job> filtered = ImmutableList.builder();
for (Job job : recentlyRun) {
if (job.getTablesUsed().isEmpty() && (job.getState() == JobState.FAILED)) {
filtered.add(job);
continue;
}
for (Table table : job.getTablesUsed()) {
if (AuthorizationUtil.isAuthorizedRead(user, table)) {
filtered.add(new Job(
job.getUser(),
job.getQuery(),
job.getUuid(),
job.getOutput(),
job.getQueryStats(),
job.getState(),
Collections.<Column>emptyList(),
Collections.<Table>emptySet(),
job.getQueryStartedDateTime(),
job.getError(),
job.getQueryFinishedDateTime()));
}
}
}
List<Job> sortedResult = Ordering
.natural()
.nullsLast()
.onResultOf(JOB_ORDERING)
.reverse()
.immutableSortedCopy(filtered.build());
return Response.ok(sortedResult).build();
}
Example #26
| Source File: SubjectAuthResource.java From shiro-jersey with Apache License 2.0 | 4 votes |
|
@GET
public String get(@Auth Subject subject) {
if (!subject.isAuthenticated()) throw new UnauthenticatedException();
return Double.toString(Math.random());
}
Example #27
| Source File: UserAuthResource.java From shiro-jersey with Apache License 2.0 | 4 votes |
|
@GET
public String get(@Auth User user) {
user.checkPermissionBySomeRule();
return Double.toString(Math.random());
}
Example #28
| Source File: SessionResource.java From shiro-jersey with Apache License 2.0 | 4 votes |
|
@GET
public String sessionUser(@Auth User user) {
return "Current user: " + user + "\n";
}
Example #29
| Source File: AuthInjectionBinder.java From shiro-jersey with Apache License 2.0 | 4 votes |
|
@Override
protected void configure() {
bind(AuthParamInjectionResolver.class).in(Singleton.class)
.to(new TypeLiteral<InjectionResolver<Auth>>() {});
}
Example #30
| Source File: LoginResource.java From cassandra-reaper with Apache License 2.0 | 4 votes |
|
@Path("/logout")
@POST
public void logout(@Auth Subject subject) throws IOException {
subject.logout();
}
