List of usage examples for org.apache.shiro SecurityUtils getSubject
public static Subject getSubject()
From source file:annis.service.internal.AdminServiceImpl.java
License:Apache License
@GET @Path("users") @Produces("application/xml") public List<User> listUsers() { Subject requestingUser = SecurityUtils.getSubject(); requestingUser.checkPermission("admin:read:user"); if (SecurityUtils.getSecurityManager() instanceof ANNISSecurityManager) { ANNISUserConfigurationManager confManager = getConfManager(); if (confManager != null) { return confManager.listAllUsers(); }//from w w w .j av a2 s . c o m } return new LinkedList<>(); }
From source file:annis.service.internal.AdminServiceImpl.java
License:Apache License
@PUT @Path("users/{userName}") @Consumes("application/xml") @Override/*from w w w .j av a2 s. c o m*/ public Response updateOrCreateUser(User user, @PathParam("userName") String userName) { Subject requestingUser = SecurityUtils.getSubject(); requestingUser.checkPermission("admin:write:user"); if (!userName.equals(user.getName())) { return Response.status(Response.Status.BAD_REQUEST) .entity("Username in object is not the same as in path").build(); } // if any permission is an adminstrative one the // requesting user needs more than just a "admin:write:user" permission" for (String permission : user.getPermissions()) { if (permission.startsWith("admin:")) { requestingUser.checkPermission("admin:write:adminuser"); break; } } ANNISUserRealm userRealm = getUserRealm(); if (userRealm != null) { if (userRealm.updateUser(user)) { return Response.ok().build(); } } return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("Could not update/create user") .build(); }
From source file:annis.service.internal.AdminServiceImpl.java
License:Apache License
@GET @Path("users/{userName}") @Produces("application/xml") @Override/* w w w . j a va 2 s . c o m*/ public User getUser(@PathParam("userName") String userName) { Subject requestingUser = SecurityUtils.getSubject(); requestingUser.checkPermission("admin:read:user"); ANNISUserConfigurationManager conf = getConfManager(); if (conf != null) { User u = conf.getUser(userName); if (u == null) { throw new WebApplicationException(Response.Status.NOT_FOUND); } // remove the password hash from the result, we don't want someone with // lower adminstration rights to crack it u.setPasswordHash(""); return u; } throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR); }
From source file:annis.service.internal.AdminServiceImpl.java
License:Apache License
@DELETE @Path("users/{userName}") public Response deleteUser(@PathParam("userName") String userName) { Subject requestingUser = SecurityUtils.getSubject(); requestingUser.checkPermission("admin:write:user"); if (SecurityUtils.getSecurityManager() instanceof ANNISSecurityManager) { ANNISUserConfigurationManager confManager = getConfManager(); if (confManager != null) { if (confManager.deleteUser(userName)) { // also delete any possible user configs adminDao.deleteUserConfig(userName); // if no error until here everything went well return Response.ok().build(); }//from w w w . j a v a 2 s. c o m } } return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("Could not delete user").build(); }
From source file:annis.service.internal.AdminServiceImpl.java
License:Apache License
@POST @Path("users/{userName}/password") @Consumes("text/plain") @Produces("application/xml") public Response changePassword(String newPassword, @PathParam("userName") String userName) { Subject requestingUser = SecurityUtils.getSubject(); requestingUser.checkPermission("admin:write:user"); ANNISUserConfigurationManager confManager = getConfManager(); ANNISUserRealm userRealm = getUserRealm(); if (confManager != null && userRealm != null) { User user = confManager.getUser(userName); if (user == null) { return Response.status(Response.Status.NOT_FOUND).build(); }/*from w w w . j a va 2 s .c om*/ Shiro1CryptFormat format = new Shiro1CryptFormat(); SecureRandomNumberGenerator generator = new SecureRandomNumberGenerator(); ByteSource salt = generator.nextBytes(128 / 8); // 128 bit Sha256Hash hash = new Sha256Hash(newPassword, salt, 1); user.setPasswordHash(format.format(hash)); if (userRealm.updateUser(user)) { return Response.ok().entity(user).build(); } } return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("Could not change password").build(); }
From source file:annis.service.internal.AdminServiceImpl.java
License:Apache License
@GET @Path("groups") @Produces("application/xml") public List<Group> listGroups() { Subject requestingUser = SecurityUtils.getSubject(); requestingUser.checkPermission("admin:read:group"); if (SecurityUtils.getSecurityManager() instanceof ANNISSecurityManager) { ANNISUserConfigurationManager confManager = getConfManager(); if (confManager != null) { return new LinkedList<>(confManager.getGroups().values()); }/*from ww w . ja v a2 s. c o m*/ } return new LinkedList<>(); }
From source file:annis.service.internal.AdminServiceImpl.java
License:Apache License
@PUT @Path("groups/{groupName}") @Consumes("application/xml") public Response updateOrCreateGroup(Group group, @PathParam("groupName") String groupName) { Subject requestingUser = SecurityUtils.getSubject(); requestingUser.checkPermission("admin:write:group"); if (!groupName.equals(group.getName())) { return Response.status(Response.Status.BAD_REQUEST) .entity("Group name in object is not the same as in path").build(); }//from www.java 2 s .c o m if (SecurityUtils.getSecurityManager() instanceof ANNISSecurityManager) { ANNISUserConfigurationManager confManager = getConfManager(); if (confManager != null) { if (confManager.writeGroup(group)) { return Response.ok().build(); } } } return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("Could not update/create group") .build(); }
From source file:annis.service.internal.AdminServiceImpl.java
License:Apache License
@DELETE @Path("groups/{groupName}") public Response deleteGroup(@PathParam("groupName") String groupName) { Subject requestingUser = SecurityUtils.getSubject(); requestingUser.checkPermission("admin:write:group"); if (SecurityUtils.getSecurityManager() instanceof ANNISSecurityManager) { ANNISUserConfigurationManager confManager = getConfManager(); if (confManager != null) { if (confManager.deleteGroup(groupName)) { return Response.ok().build(); }//from w w w . j av a2 s.c o m } } return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("Could not delete group").build(); }
From source file:annis.service.internal.AdminServiceImpl.java
License:Apache License
@DELETE @Path("corpora/{corpusName}") public Response deleteCorpus(@PathParam("corpusName") String corpusName) { Subject requestingUser = SecurityUtils.getSubject(); requestingUser.checkPermission("admin:write:corpus"); try {/*from w ww.ja v a 2 s . c o m*/ // get ID of corpus long id = queryDao.mapCorpusNameToId(corpusName); deleteCorpusDao.deleteCorpora(Arrays.asList(id), true); return Response.status(Response.Status.OK).build(); } catch (IllegalArgumentException ex) { return Response.status(Response.Status.NOT_FOUND).build(); } }
From source file:annis.service.internal.AdminServiceImpl.java
License:Apache License
@GET @Path("import/status") @Override/*from www. j ava 2s . co m*/ public List<ImportJob> currentImports() { Subject user = SecurityUtils.getSubject(); user.checkPermission("admin:query-import:running"); List<ImportJob> result = new LinkedList<>(); ImportJob current = importWorker.getCurrentJob(); if (current != null && current.getStatus() != ImportJob.Status.SUCCESS && current.getStatus() != ImportJob.Status.ERROR) { result.add(current); } result.addAll(importWorker.getImportQueue()); return result; }