org.elasticsearch.action.support.ActionFilterChain Java Examples
The following examples show how to use
org.elasticsearch.action.support.ActionFilterChain.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: RangerSecurityActionFilter.java From ranger with Apache License 2.0 | 6 votes |
|
@Override
public <Request extends ActionRequest, Response extends ActionResponse> void apply(Task task, String action,
Request request, ActionListener<Response> listener, ActionFilterChain<Request, Response> chain) {
String user = threadContext.getTransient(UsernamePasswordToken.USERNAME);
// If user is not null, then should check permission of the outside caller.
if (StringUtils.isNotEmpty(user)) {
List<String> indexs = RequestUtils.getIndexFromRequest(request);
String clientIPAddress = threadContext.getTransient(RequestUtils.CLIENT_IP_ADDRESS);
for (String index : indexs) {
boolean result = rangerElasticsearchAuthorizer.checkPermission(user, null, index, action,
clientIPAddress);
if (!result) {
String errorMsg = "Error: User[{}] could not do action[{}] on index[{}]";
throw new ElasticsearchStatusException(errorMsg, RestStatus.FORBIDDEN, user, action, index);
}
}
} else {
if (LOG.isDebugEnabled()) {
LOG.debug("User is null, no check permission for elasticsearch do action[{}] with request[{}]", action,
request);
}
}
chain.proceed(task, action, request, listener);
}
Example #2
| Source File: AuthActionFilter.java From Elasticsearch with Apache License 2.0 | 5 votes |
|
public void apply(Task task, String action, ActionRequest request,
ActionListener listener, ActionFilterChain chain) {
try {
// authentication
ActionSourceType sourceType = ActionSourceType.getActionSourceType(action);
LoginUserContext userInfoContext = request.getHeader(LoginUserContext.USER_INFO_KEY);
// authentication and authorization only happened on the proxy node(the node user connected to)
// for sql, the authorized value will be set to true
// for rest,
if (sourceType == ActionSourceType.OTHERS
&& userInfoContext != null
&& !userInfoContext.authorized()
&& userInfoContext.getUserProperty() != null) {
AuthResult authResult = authService.authenticate(request, action);
if (authResult.getStatus() != RestStatus.OK) {
throw new NoPermissionException(authResult.getStatus().getStatus(), authResult.getMessage());
}
userInfoContext.setAuthorized(true);
}
// filter other tenants in clusterState if necessary
AuthService.setStateFilter(request, action);
chain.proceed(task, action, request, listener);
} catch (Throwable t) {
logger.error("errors while check auth", t);
throw t;
}
}
Example #3
| Source File: SearchActionFilter.java From elasticsearch-dynarank with Apache License 2.0 | 5 votes |
|
@Override
public <Request extends ActionRequest, Response extends ActionResponse> void apply(final Task task, final String action,
final Request request, final ActionListener<Response> listener, final ActionFilterChain<Request, Response> chain) {
if (!SearchAction.INSTANCE.name().equals(action)) {
chain.proceed(task, action, request, listener);
return;
}
final SearchRequest searchRequest = (SearchRequest) request;
final ActionListener<Response> wrappedListener = DynamicRanker.getInstance().wrapActionListener(action, searchRequest, listener);
chain.proceed(task, action, request, wrappedListener == null ? listener : wrappedListener);
}
Example #4
| Source File: AuthActionFilter.java From Elasticsearch with Apache License 2.0 | 4 votes |
|
public void apply(String action, ActionResponse response, ActionListener listener, ActionFilterChain chain)
{
chain.proceed(action, response, listener);
}
