下面列出了怎么用javax.annotation.security.PermitAll的API类实例代码及写法,或者点击链接到github查看源代码。
@PUT @Path("{teststepId}")
@PermitAll
@JsonView(ResourceJsonViews.TeststepEdit.class)
public TeststepWrapper update(Teststep teststep) throws Exception {
// Restore otherProperties from system database for existing XMLValidAgainstXSD assertions, as they are not
// supposed to be updated through this API (currently used for UI only).
// Without this code, whenever a new XMLValidAgainstXSD assertion is added, or an existing XMLValidAgainstXSD
// assertion is deleted, all existing XMLValidAgainstXSD assertions in the same test step will see their
// otherProperties.fileBytes set to null in system database.
List<Assertion> assertions = teststep.getAssertions();
for (Assertion assertion: assertions) {
if (assertion.getId() != null && Assertion.TYPE_XML_VALID_AGAINST_XSD.endsWith(assertion.getType())) {
assertion.setOtherProperties(assertionDAO.findById(assertion.getId()).getOtherProperties());
}
}
teststepDAO.update(teststep);
TeststepWrapper wrapper = new TeststepWrapper();
Teststep newTeststep = teststep.getRequestType() == TeststepRequestType.FILE ?
teststepDAO.findById_NoRequest(teststep.getId()) : teststepDAO.findById_Complete(teststep.getId());
wrapper.setTeststep(newTeststep);
populateParametersInWrapper(wrapper);
return wrapper;
}
/**
* Clears any cached credentials for the calling user. The end result is that future calls to other methods on this application will require outside contact
* with the authentication provider.
*
* If the credentials are for a single user with no proxy involved, these are the only credentials flushed. Otherwise, if there is a proxy chain, this will
* flush the DN for the user in the proxy (assumes there is never more than one user in the proxy chain).
*/
@GET
@Path("/flushCachedCredentials")
@Produces({"application/xml", "text/xml", "application/json", "text/yaml", "text/x-yaml", "application/x-yaml", "application/x-protobuf",
"application/x-protostuff"})
@PermitAll
public GenericResponse<String> flushCachedCredentials() {
GenericResponse<String> response = new GenericResponse<>();
Principal callerPrincipal = context.getCallerPrincipal();
log.info("Flushing credentials for " + callerPrincipal + " from the cache.");
if (callerPrincipal instanceof DatawavePrincipal) {
DatawavePrincipal dp = (DatawavePrincipal) callerPrincipal;
response.setResult(credentialsCache.evict(dp.getUserDN().subjectDN()));
} else {
log.warn(callerPrincipal + " is not a DatawavePrincipal. Cannot flush credentials.");
response.addMessage("Unable to determine calling user name. Values were not flushed!");
throw new DatawaveWebApplicationException(new IllegalStateException("Unable to flush credentials. Unknown principal type."), response);
}
return response;
}
@PermitAll
@JmxManaged
public int getConnectionUsagePercent() {
double maxPercentage = 0.0;
for (Entry<String,Map<Priority,AccumuloConnectionPool>> entry : pools.entrySet()) {
for (Entry<Priority,AccumuloConnectionPool> poolEntry : entry.getValue().entrySet()) {
// Don't include ADMIN priority connections when computing a usage percentage
if (Priority.ADMIN.equals(poolEntry.getKey()))
continue;
MutableInt maxActive = new MutableInt();
MutableInt numActive = new MutableInt();
MutableInt numWaiting = new MutableInt();
MutableInt unused = new MutableInt();
poolEntry.getValue().getConnectionPoolStats(maxActive, numActive, unused, unused, numWaiting);
double percentage = (numActive.doubleValue() + numWaiting.doubleValue()) / maxActive.doubleValue();
if (percentage > maxPercentage) {
maxPercentage = percentage;
}
}
}
return (int) (maxPercentage * 100);
}
/**
* *********************************************************************************** Authenticate user by JWT
*
* @param token Token to be checked
*
* @return authenticated user
*/
@PermitAll
@Override
public User authenticateByToken( String token ) throws SystemSecurityException
{
String subject = TokenUtil.getSubject( token );
UserToken userToken = identityDataService.getValidUserToken( subject );
if ( userToken != null && TokenUtil.verifySignature( token, userToken.getSecret() ) )
{
return getUser( userToken.getUserId() );
}
else
{
throw new InvalidLoginException();
}
}
@PermitAll
@Override
public ContainerHost getContainerHostByIp( final String hostIp ) throws HostNotFoundException
{
Preconditions.checkNotNull( hostIp, "Invalid container host ip" );
for ( ResourceHost resourceHost : getResourceHosts() )
{
try
{
return resourceHost.getContainerHostByIp( hostIp );
}
catch ( HostNotFoundException e )
{
//ignore
}
}
throw new HostNotFoundException( String.format( "Container host not found by ip %s", hostIp ) );
}
@PermitAll
@Override
public void runAs( Session userSession, final Callable action )
{
if ( userSession != null )
{
Subject.doAs( userSession.getSubject(), new PrivilegedAction<Void>()
{
@Override
public Void run()
{
try
{
action.call();
}
catch ( Exception ex )
{
LOGGER.error( "**** Error!! Error running privileged action.", ex );
}
return null;
}
} );
}
}
@DELETE
@Path("{job-id}")
@Operation(
summary = "Delete a job from the system",
description = "Deletes a job from the system, removing **all** job data. Running jobs are aborted before deletion."
)
@PermitAll
public int deleteJob(
@Context
SecurityContext context,
@Parameter(description = "The job's ID")
@PathParam("job-id")
@NotNull
JobId jobId) {
if (jobId == null)
throw new WebApplicationException("Job ID is null", 400);
// ensure the job is aborted before deleting it: stops dangling IO writes
jobManagerActions.tryAbort(jobId);
jobDAO.remove(jobId);
return 200;
}
@PermitAll
@Override
public void runAs( Session userSession, final Runnable action )
{
if ( userSession != null )
{
Subject.doAs( userSession.getSubject(), new PrivilegedAction<Void>()
{
@Override
public Void run()
{
try
{
action.run();
}
catch ( Exception ex )
{
LOGGER.error( "**** Error!! Error running privileged action.", ex );
}
return null;
}
} );
}
}
@PermitAll
@Override
public ContainerHost getContainerHostByHostName( String hostname ) throws HostNotFoundException
{
Preconditions.checkArgument( !StringUtils.isBlank( hostname ), "Container hostname shouldn't be null" );
for ( ResourceHost resourceHost : getResourceHosts() )
{
try
{
return resourceHost.getContainerHostByHostName( hostname );
}
catch ( HostNotFoundException ignore )
{
//ignore
}
}
throw new HostNotFoundException( String.format( "No container host found for hostname %s", hostname ) );
}
@PermitAll
@Override
public ContainerHost getContainerHostById( final String hostId ) throws HostNotFoundException
{
Preconditions.checkNotNull( hostId, "Invalid container host id" );
for ( ResourceHost resourceHost : getResourceHosts() )
{
try
{
return resourceHost.getContainerHostById( hostId );
}
catch ( HostNotFoundException e )
{
//ignore
}
}
throw new HostNotFoundException( String.format( "Container host not found by id %s", hostId ) );
}
@PermitAll
@Override
public boolean changeUserPassword( String userName, String oldPassword, String newPassword )
throws SystemSecurityException
{
User user = identityDataService.getUserByUsername( userName );
return changeUserPassword( user, oldPassword, newPassword );
}
@GET
@Path("/openHello")
@Produces(MediaType.TEXT_PLAIN)
@PermitAll
public String openHello() {
String user = jwt == null ? "anonymous" : jwt.getName();
String upnClaim = upn == null ? "no-upn" : upn;
return String.format("Hello[open] user=%s, upn=%s", user, upnClaim);
}
@GET
@Path("/permitAll")
@PermitAll
public String echoPermitAll(@Context SecurityContext sec, @QueryParam("input") String input) {
Principal user = sec.getUserPrincipal();
return input + ", user="+user.getName();
}
@PATCH @Path("testcases/{testcaseId}/moveStep")
@PermitAll
public Testcase moveStep(Testcase testcase) {
List<Teststep> teststeps = testcase.getTeststeps();
teststepDAO.moveInTestcase(testcase.getId(), teststeps.get(0).getSequence(), teststeps.get(1).getSequence());
return testcaseDAO.findById_TestcaseEditView(testcase.getId());
}
@POST @Path("{teststepId}/useEndpointProperty")
@PermitAll
public Teststep useEndpointProperty(Teststep teststep) {
teststepDAO.useEndpointProperty(teststep);
return teststepDAO.findById_NoRequest(teststep.getId());
}
@PermitAll
@Override
public void extendTokenTime( UserToken token, int minutes )
{
if ( minutes == 0 )
{
minutes = sessionManager.getSessionTimeout();
}
token.setValidDate( DateUtils.addMinutes( new Date( System.currentTimeMillis() ), minutes ) );
identityDataService.updateUserToken( token );
}
@PermitAll
// permit anyone to get the report
@JmxManaged
public String report() {
StringBuilder buf = new StringBuilder();
for (Entry<String,Map<Priority,AccumuloConnectionPool>> entry : this.pools.entrySet()) {
buf.append("**** ").append(entry.getKey()).append(" ****\n");
buf.append("ADMIN: ").append(entry.getValue().get(Priority.ADMIN)).append("\n");
buf.append("HIGH: ").append(entry.getValue().get(Priority.HIGH)).append("\n");
buf.append("NORMAL: ").append(entry.getValue().get(Priority.NORMAL)).append("\n");
buf.append("LOW: ").append(entry.getValue().get(Priority.LOW)).append("\n");
}
return buf.toString();
}
@PermitAll
@JmxManaged
public String listRunningQueries() {
StringBuilder buf = new StringBuilder();
// Iterate over the cache contents
for (CachedRunningQuery crq : cachedRunningQueryCache) {
buf.append("Identifier: ").append(crq.getQueryId()).append(" Query: ").append(crq).append("\n");
}
return buf.toString();
}
@POST @Path("testcases/{testcaseId}/udps/move")
@PermitAll
public List<UserDefinedProperty> move(@PathParam("testcaseId") long testcaseId,
@QueryParam("fromSequence") short fromSequence, @QueryParam("toSequence") short toSequence) {
udpDAO.moveInTestcase(testcaseId, fromSequence, toSequence);
return udpDAO.findByTestcaseId(testcaseId);
}
@PermitAll
@Override
public Set<ContainerHost> findContainersByEnvironmentId( final String environmentId )
{
Preconditions.checkNotNull( environmentId, "Invalid environment id" );
Set<ContainerHost> result = new HashSet<>();
for ( ResourceHost resourceHost : getResourceHosts() )
{
result.addAll( resourceHost.getContainerHostsByEnvironmentId( environmentId ) );
}
return result;
}
@GET()
@Path("permit-all")
@PermitAll
@Produces(MediaType.TEXT_PLAIN)
public String hello(@Context SecurityContext ctx) {
Principal caller = ctx.getUserPrincipal();
String name = caller == null ? "anonymous" : caller.getName();
String helloReply = String.format("hello + %s, isSecure: %s, authScheme: %s", name, ctx.isSecure(),
ctx.getAuthenticationScheme());
return helloReply;
}
@GET()
@Path("permit-all")
@PermitAll
@Produces(MediaType.TEXT_PLAIN)
public String hello(@Context SecurityContext ctx) {
Principal caller = ctx.getUserPrincipal();
String name = caller == null ? "anonymous" : caller.getName();
String helloReply = String.format("hello + %s, isSecure: %s, authScheme: %s", name, ctx.isSecure(),
ctx.getAuthenticationScheme());
return helloReply;
}
@GET()
@Path("permit-all")
@PermitAll
@Produces(MediaType.TEXT_PLAIN)
public String hello(@Context SecurityContext ctx) {
Principal caller = ctx.getUserPrincipal();
String name = caller == null ? "anonymous" : caller.getName();
boolean hasJWT = jwt.getClaimNames() != null;
String helloReply = String.format("hello + %s, isSecure: %s, authScheme: %s, hasJWT: %s", name, ctx.isSecure(),
ctx.getAuthenticationScheme(), hasJWT);
return helloReply;
}
@GET
@Path("permit-all")
@Produces(MediaType.TEXT_PLAIN)
@PermitAll
public String hello(@Context SecurityContext ctx) {
Principal caller = ctx.getUserPrincipal();
String name = caller == null ? "anonymous" : caller.getName();
String helloReply = String.format("hello + %s, isSecure: %s, authScheme: %s", name, ctx.isSecure(),
ctx.getAuthenticationScheme());
return helloReply;
}
@PermitAll
@Override
public ResourceHost getResourceHostByContainerId( final String hostId ) throws HostNotFoundException
{
Preconditions.checkNotNull( hostId, "Container host id is invalid" );
ContainerHost c = getContainerHostById( hostId );
ContainerHostEntity containerHostEntity = ( ContainerHostEntity ) c;
return containerHostEntity.getParent();
}
@GET
@Timed
@Produces(APPLICATION_JSON_WITH_CHARSET)
@PermitAll
public Object list() {
Map<String, String> versions = ImmutableMap.of("version", "v1",
"core", CoreVersion.VERSION.toString(),
"gremlin", CoreVersion.GREMLIN_VERSION,
"api", ApiVersion.VERSION.toString());
return ImmutableMap.of("versions", versions);
}
@GET
@Path("open")
@Produces("application/json")
@PermitAll
public Response getOpenData(int id) {
return null;
}
@GET
@Path("unsecured")
@PermitAll
public String getSubjectUnsecured(@Context SecurityContext sec) {
Principal user = sec.getUserPrincipal();
String name = user != null ? user.getName() : "anonymous";
return name;
}
/**
* *********************************************************************************** Update (renew) Authorization
* ID of the User (Which is used by RSA keys to authenticate)
*
* @param user User
* @param authId Authorization ID
*
* @return Newly assigned Authorization ID (random string, if authId param is NULL)
*/
@PermitAll
@Override
public String updateUserAuthId( User user, String authId ) throws SystemSecurityException
{
if ( user != null )
{
if ( StringUtils.isBlank( authId ) )
{
authId = UUID.randomUUID().toString();
}
if ( authId.length() < 4 )
{
throw new IllegalArgumentException( "Password cannot be shorter than 4 characters" );
}
if ( user.getAuthId().equals( authId ) )
{
throw new IllegalArgumentException( "NewPassword cannot be the same as old one." );
}
user.setAuthId( authId );
user.setValidDate( DateUtils.addDays( new Date( System.currentTimeMillis() ), IDENTITY_LIFETIME ) );
identityDataService.updateUser( user );
return authId;
}
return "";
}
@GET
@Path("unsecured")
@PermitAll
public String getSubjectUnsecured(@Context SecurityContext sec) {
Principal user = sec.getUserPrincipal();
String name = user != null ? user.getName() : "anonymous";
return name;
}