@POST
@Path("/session-variable")
public Response setSessionVariable(
@QueryParam("key") String key, @QueryParam("value") String value) {
IPentahoSession session = getPentahoSession();
session.setAttribute(key, value);
return Response.ok(session.getAttribute(key)).build();
}
@Test
public void testGetUserSettingOnlyGlobalExist() throws Exception {
final String settingName = GLOBAL_SETTING_NAME_3;
final String defaultValue = "defaultValue";
when(session.getAttribute(eq("SPRING_SECURITY_CONTEXT"))).thenReturn(1);
final IUserSetting userSetting = userSettingService.getUserSetting(settingName, defaultValue);
assertEquals(settingName, userSetting.getSettingName());
assertEquals(GLOBAL_SETTING_VALUE_3, userSetting.getSettingValue());
}
@Test
public void testGetUserSettingUnset() throws Exception {
final String settingName = "settingName";
final String defaultValue = "defaultValue";
when(session.getAttribute(eq("SPRING_SECURITY_CONTEXT"))).thenReturn(1);
final IUserSetting userSetting = userSettingService.getUserSetting(settingName, defaultValue);
assertEquals(settingName, userSetting.getSettingName());
assertEquals(defaultValue, userSetting.getSettingValue());
}
/**
* Creates and/or returns an internal folder called {@code .trash} located just below the user's
* home folder.
*/
private Node getOrCreateTrashInternalFolderNode(
final Session session, final PentahoJcrConstants pentahoJcrConstants)
throws RepositoryException {
IPentahoSession pentahoSession = PentahoSessionHolder.getSession();
String tenantId = (String) pentahoSession.getAttribute(IPentahoSession.TENANT_ID_KEY);
Node userHomeFolderNode =
(Node)
session.getItem(
ServerRepositoryPaths.getUserHomeFolderPath(
new Tenant(tenantId, true),
JcrStringHelper.fileNameEncode(PentahoSessionHolder.getSession().getName())));
if (userHomeFolderNode.hasNode(FOLDER_NAME_TRASH)) {
return userHomeFolderNode.getNode(FOLDER_NAME_TRASH);
} else {
return userHomeFolderNode.addNode(
FOLDER_NAME_TRASH, pentahoJcrConstants.getPHO_NT_INTERNALFOLDER());
}
}
private JSONObject processSessionAttributes(Document config) {
JSONObject result = new JSONObject();
@SuppressWarnings("unchecked")
List<Node> attributes = config.selectNodes("//sessionattributes/attribute");
for (Node attribute : attributes) {
String name = attribute.getText();
String key = XmlDom4JHelper.getNodeText("@name", attribute);
if (key == null) key = name;
try {
result.put(key, userSession.getAttribute(name));
} catch (JSONException e) {
logger.error(e);
}
}
return result;
}
/** {@inheritDoc} */
public void permanentlyDeleteFile(
final Session session,
final PentahoJcrConstants pentahoJcrConstants,
final Serializable fileId)
throws RepositoryException {
Assert.notNull(fileId);
Node fileNode = session.getNodeByIdentifier(fileId.toString());
// guard against using a file retrieved from a more lenient session inside a more strict session
Assert.notNull(fileNode);
// see if anything is referencing this node; if yes, then we cannot delete it as a
// ReferentialIntegrityException
// will result
Set<RepositoryFile> referrers = new HashSet<RepositoryFile>();
PropertyIterator refIter = fileNode.getReferences();
if (refIter.hasNext()) {
while (refIter.hasNext()) {
// for each referrer property, march up the tree until we find the file node to which the
// property belongs
RepositoryFile referrer =
getReferrerFile(session, pentahoJcrConstants, refIter.nextProperty());
if (referrer != null) {
referrers.add(referrer);
}
}
if (!referrers.isEmpty()) {
RepositoryFile referee =
JcrRepositoryFileUtils.nodeToFile(
session, pentahoJcrConstants, pathConversionHelper, lockHelper, fileNode);
throw new RepositoryFileDaoReferentialIntegrityException(referee, referrers);
}
}
// technically, the node can be deleted while it is locked; however, we want to avoid an
// orphaned lock token;
// delete
// it first
if (fileNode.isLocked()) {
Lock lock = session.getWorkspace().getLockManager().getLock(fileNode.getPath());
// don't need lock token anymore
lockHelper.removeLockToken(session, pentahoJcrConstants, lock);
}
// if this file was non-permanently deleted, delete its containing folder too
IPentahoSession pentahoSession = PentahoSessionHolder.getSession();
String tenantId = (String) pentahoSession.getAttribute(IPentahoSession.TENANT_ID_KEY);
String trashFolder =
ServerRepositoryPaths.getUserHomeFolderPath(
new Tenant(tenantId, true), PentahoSessionHolder.getSession().getName())
+ RepositoryFile.SEPARATOR
+ FOLDER_NAME_TRASH;
Node parent = fileNode.getParent();
purgeHistory(fileNode, session, pentahoJcrConstants);
if (fileNode.getPath().startsWith(trashFolder)) {
// Remove the file and then the wrapper foler
fileNode.remove();
parent.remove();
} else {
fileNode.remove();
}
}
private ITenant getDefaultTenant() {
IPentahoSession session = PentahoSessionHolder.getSession();
String tenantId = (String) session.getAttribute(IPentahoSession.TENANT_ID_KEY);
return new Tenant(tenantId, true);
}
/**
* Looks in the provided session to get the Spring Security Authentication object out. Optionally
* returns an "anonymous" Authentication if desired.
*
* @param session Users' IPentahoSession object
* @param allowAnonymous If true, will return an anonymous Authentication object.
* @return the Authentication object from the session
*/
public static Authentication getAuthentication(
final IPentahoSession session, final boolean allowAnonymous) {
Principal principal = (Principal) session.getAttribute(SecurityHelper.SESSION_PRINCIPAL);
if (SecurityHelper.logger.isDebugEnabled()) {
SecurityHelper.logger.debug("principal from IPentahoSession: " + principal); // $NON-NLS-1$
if (null != principal) {
SecurityHelper.logger.debug(
"principal class: " + principal.getClass().getName()); // $NON-NLS-1$
}
}
if (principal instanceof Authentication) {
if (SecurityHelper.logger.isDebugEnabled()) {
SecurityHelper.logger.debug("principal is an instance of Authentication"); // $NON-NLS-1$
}
return (Authentication) principal;
} else if (principal != null) {
if (SecurityHelper.logger.isDebugEnabled()) {
SecurityHelper.logger.debug(
"principal is not an instance of Authentication"); //$NON-NLS-1$
SecurityHelper.logger.debug("attempting role fetch with username"); // $NON-NLS-1$
}
// OK - Not Spring Security somehow.
// However, since the principal interface doesn't specify the
// roles a user is in, we need to dispatch a call to the
// UserRoleListProvider to get that information from there.
IUserDetailsRoleListService roleListService = PentahoSystem.getUserDetailsRoleListService();
List roles = roleListService.getRolesForUser(principal.getName());
if (SecurityHelper.logger.isDebugEnabled()) {
SecurityHelper.logger.debug("rolesForUser from roleListService:" + roles); // $NON-NLS-1$
}
if (!roles.isEmpty()) {
GrantedAuthority[] grantedAuthorities = new GrantedAuthority[roles.size()];
for (int i = 0; i < roles.size(); i++) {
grantedAuthorities[i] = new GrantedAuthorityImpl((String) roles.get(i));
}
Authentication auth =
new UsernamePasswordAuthenticationToken(principal.getName(), null, grantedAuthorities);
return auth;
}
}
if (SecurityHelper.logger.isDebugEnabled()) {
SecurityHelper.logger.debug("either principal is null or user has no roles"); // $NON-NLS-1$
}
if (allowAnonymous) {
if (SecurityHelper.logger.isDebugEnabled()) {
SecurityHelper.logger.debug("there is no principal in IPentahoSession"); // $NON-NLS-1$
SecurityHelper.logger.debug(
"creating token with username anonymous and role Anonymous"); //$NON-NLS-1$
}
// Hmmm - at this point, we're being asked for an authentication on
// an un-authenticated user. For now, we'll default to returning
// an authentication that has the user as anonymous.
Authentication auth =
new UsernamePasswordAuthenticationToken(
SecurityHelper.DefaultAnonymousUser,
null,
new GrantedAuthorityImpl[] {
new GrantedAuthorityImpl(SecurityHelper.DefaultAnonymousRole)
});
return auth;
} else {
if (SecurityHelper.logger.isDebugEnabled()) {
SecurityHelper.logger.debug("there is no principal in IPentahoSession"); // $NON-NLS-1$
SecurityHelper.logger.debug("and allowAnonymous is false"); // $NON-NLS-1$
}
// If we're here - we require a properly authenticated user and
// there's nothing
// else we can do aside from returning null.
return null;
}
}
/**
* Gets the java.security.principal object from the IPentahoSession object
*
* @param session The users' session
* @return The bound Principal
*/
public static Principal getPrincipal(final IPentahoSession session) {
Principal principal = (Principal) session.getAttribute(SecurityHelper.SESSION_PRINCIPAL);
return principal;
}