/** ********************************************************************************* */
  private SourceMetricsImpl configureSourceMetrics(String sourceId) throws Exception {

    catalogProvider = mock(CatalogProvider.class);
    when(catalogProvider.getId()).thenReturn(sourceId);

    fedSource = mock(FederatedSource.class);
    when(fedSource.getId()).thenReturn("fs-1");

    sourceMetrics = new SourceMetricsImpl();
    sourceMetrics.setCatalogProviders(Collections.singletonList(catalogProvider));
    sourceMetrics.setFederatedSources(Collections.singletonList(fedSource));

    assertThat(sourceMetrics, not(nullValue()));

    return sourceMetrics;
  }
Exemplo n.º 2
0
  boolean canAccessSource(FederatedSource source, QueryRequest request) {
    Map<String, Set<String>> securityAttributes = source.getSecurityAttributes();
    if (securityAttributes.isEmpty()) {
      return true;
    }

    Object requestSubject = request.getProperties().get(SecurityConstants.SECURITY_SUBJECT);
    if (requestSubject instanceof ddf.security.Subject) {
      Subject subject = (Subject) requestSubject;

      KeyValueCollectionPermission kvCollection =
          new KeyValueCollectionPermission(CollectionPermission.READ_ACTION, securityAttributes);
      return subject.isPermitted(kvCollection);
    }
    return false;
  }
Exemplo n.º 3
0
    QuerySources initializeSources(
        QueryOperations queryOps, QueryRequest queryRequest, Set<String> sourceIds) {
      if (queryRequest.isEnterprise()) { // Check if it's an enterprise query
        addConnectedSources = true;
        addCatalogProvider = queryOps.hasCatalogProvider();

        if (sourceIds != null && !sourceIds.isEmpty()) {
          LOGGER.debug("Enterprise Query also included specific sites which will now be ignored");
          sourceIds.clear();
        }

        // add all the federated sources
        Set<String> notPermittedSources = new HashSet<>();
        for (FederatedSource source : frameworkProperties.getFederatedSources().values()) {
          boolean canAccessSource = queryOps.canAccessSource(source, queryRequest);
          if (!canAccessSource) {
            notPermittedSources.add(source.getId());
          }
          if (queryOps.sourceOperations.isSourceAvailable(source) && canAccessSource) {
            sourcesToQuery.add(source);
          } else {
            exceptions.add(queryOps.createUnavailableProcessingDetails(source));
          }
        }
        if (!notPermittedSources.isEmpty()) {
          SecurityLogger.audit(
              "Subject is not permitted to access sources {}", notPermittedSources);
        }

      } else if (CollectionUtils.isNotEmpty(sourceIds)) {
        // it's a targeted federated query
        if (queryOps.includesLocalSources(sourceIds)) {
          LOGGER.debug("Local source is included in sourceIds");
          addConnectedSources =
              CollectionUtils.isNotEmpty(frameworkProperties.getConnectedSources());
          addCatalogProvider = queryOps.hasCatalogProvider();
          sourceIds.remove(queryOps.getId());
          sourceIds.remove(null);
          sourceIds.remove("");
        }

        // See if we still have sources to look up by name
        if (!sourceIds.isEmpty()) {
          Set<String> notPermittedSources = new HashSet<>();
          for (String id : sourceIds) {
            LOGGER.debug("Looking up source ID = {}", id);
            boolean sourceFound = false;
            if (frameworkProperties.getFederatedSources().containsKey(id)) {
              sourceFound = true;
              boolean canAccessSource =
                  queryOps.canAccessSource(
                      frameworkProperties.getFederatedSources().get(id), queryRequest);
              if (!canAccessSource) {
                notPermittedSources.add(frameworkProperties.getFederatedSources().get(id).getId());
              }
              if (frameworkProperties.getFederatedSources().get(id).isAvailable()
                  && canAccessSource) {
                sourcesToQuery.add(frameworkProperties.getFederatedSources().get(id));
              } else {
                exceptions.add(
                    queryOps.createUnavailableProcessingDetails(
                        frameworkProperties.getFederatedSources().get(id)));
              }
            }

            if (!sourceFound) {
              exceptions.add(
                  new ProcessingDetailsImpl(
                      id, new SourceUnavailableException("Source id is not found")));
            }
          }
          if (!notPermittedSources.isEmpty()) {
            SecurityLogger.audit(
                "Subject is not permitted to access sources {}", notPermittedSources);
          }
        }
      } else {
        // default to local sources
        addConnectedSources = CollectionUtils.isNotEmpty(frameworkProperties.getConnectedSources());
        addCatalogProvider = queryOps.hasCatalogProvider();
      }

      return this;
    }