From 07b4ee971163f3e79a3309b7b6bb5c875909f618 Mon Sep 17 00:00:00 2001 From: pavels Date: Wed, 30 Mar 2016 14:16:23 +0200 Subject: [PATCH] Fix #316 --- .../database/impl/res/current.db.version | 2 +- .../incad/kramerius/processes/LRProcess.java | 14 +++++- .../ProcessDatabaseInitializator.java | 35 +++++++++++++++ .../database/ProcessDatabaseUtils.java | 12 +++-- .../processes/impl/AbstractLRProcessImpl.java | 28 +++++++++--- .../impl/DatabaseProcessManager.java | 4 ++ .../processes/impl/ProcessStarter.java | 6 +-- .../impl/http/IsActionAllowedFromRequest.java | 44 ++---------------- .../service/impl/IndexerProcessStarter.java | 5 +++ .../incad/kramerius/utils/DatabaseUtils.java | 2 - .../incad/kramerius/utils/IPAddressUtils.java | 45 +++++++++++++++++++ .../http/IsActionAllowedFromRequestTest.java | 7 +-- .../api/client/v50/admin/RightsClient.java | 4 +- .../api/k5/admin/users/UsersResource.java | 8 +++- .../rest/api/processes/LRResource.java | 6 ++- .../Kramerius/LongRunningProcessServlet.java | 3 +- 16 files changed, 158 insertions(+), 67 deletions(-) create mode 100644 common/src/main/java/cz/incad/kramerius/utils/IPAddressUtils.java diff --git a/common/src/main/java/cz/incad/kramerius/database/impl/res/current.db.version b/common/src/main/java/cz/incad/kramerius/database/impl/res/current.db.version index ba92e72f57..3eae443131 100644 --- a/common/src/main/java/cz/incad/kramerius/database/impl/res/current.db.version +++ b/common/src/main/java/cz/incad/kramerius/database/impl/res/current.db.version @@ -1 +1 @@ -6.6.1 \ No newline at end of file +6.6.2 \ No newline at end of file diff --git a/common/src/main/java/cz/incad/kramerius/processes/LRProcess.java b/common/src/main/java/cz/incad/kramerius/processes/LRProcess.java index 929d4788b7..fa4ad2265a 100644 --- a/common/src/main/java/cz/incad/kramerius/processes/LRProcess.java +++ b/common/src/main/java/cz/incad/kramerius/processes/LRProcess.java @@ -80,7 +80,7 @@ public interface LRProcess { * Plan process to start * @param paramsMapping Parameters mapping */ - public void planMe(Properties paramsMapping); + public void planMe(Properties paramsMapping, String ipAddress); @@ -336,4 +336,16 @@ public interface LRProcess { */ public void setParametersMapping(Properties parametersMapping); + /** + * Returns IP address associated with HTTP request + * @return + */ + public String getPlannedIPAddress(); + + /** + * Sets IP address + * @param ipAddr + */ + public void setPlannedIPAddress(String ipAddr); + } diff --git a/common/src/main/java/cz/incad/kramerius/processes/database/ProcessDatabaseInitializator.java b/common/src/main/java/cz/incad/kramerius/processes/database/ProcessDatabaseInitializator.java index fc7d087108..6ad0227205 100644 --- a/common/src/main/java/cz/incad/kramerius/processes/database/ProcessDatabaseInitializator.java +++ b/common/src/main/java/cz/incad/kramerius/processes/database/ProcessDatabaseInitializator.java @@ -16,6 +16,8 @@ */ package cz.incad.kramerius.processes.database; +import static cz.incad.kramerius.database.cond.ConditionsInterpretHelper.versionCondition; + import java.io.IOException; import java.io.InputStream; import java.nio.charset.Charset; @@ -61,6 +63,9 @@ public static void initDatabase(Connection connection, VersionService versionSer alterProcessTableAuthToken(connection); alterProcessTableProcess2TokenAuthToken(connection); } + if (!DatabaseUtils.columnExists(connection, "PROCESSES","IP_ADDR")) { + alterProcessTableIPADDR(connection); + } } else if ((v.equals("5.0.0")) || (v.equals("5.1.0"))) { if (!DatabaseUtils.columnExists(connection, "PROCESSES","BATCH_STATUS")) { alterProcessTableBatchState(connection); @@ -76,6 +81,9 @@ public static void initDatabase(Connection connection, VersionService versionSer alterProcessTableAuthToken(connection); alterProcessTableProcess2TokenAuthToken(connection); } + if (!DatabaseUtils.columnExists(connection, "PROCESSES","IP_ADDR")) { + alterProcessTableIPADDR(connection); + } } else if (v.equals("5.1.0")) { if (!DatabaseUtils.columnExists(connection, "PROCESSES","FINISHED")) { alterProcessTableFinished(connection); @@ -87,6 +95,9 @@ public static void initDatabase(Connection connection, VersionService versionSer alterProcessTableAuthToken(connection); alterProcessTableProcess2TokenAuthToken(connection); } + if (!DatabaseUtils.columnExists(connection, "PROCESSES","IP_ADDR")) { + alterProcessTableIPADDR(connection); + } } else if (v.equals("5.2.0")) { if (!DatabaseUtils.columnExists(connection, "PROCESSES","TOKEN_ACTIVE")) { alterProcessTableTokenActive(connection); @@ -95,11 +106,21 @@ public static void initDatabase(Connection connection, VersionService versionSer alterProcessTableAuthToken(connection); alterProcessTableProcess2TokenAuthToken(connection); } + if (!DatabaseUtils.columnExists(connection, "PROCESSES","IP_ADDR")) { + alterProcessTableIPADDR(connection); + } } else if (v.equals("5.3.0")) { if (!DatabaseUtils.columnExists(connection, "PROCESSES","AUTH_TOKEN")) { alterProcessTableAuthToken(connection); alterProcessTableProcess2TokenAuthToken(connection); } + if (!DatabaseUtils.columnExists(connection, "PROCESSES","IP_ADDR")) { + alterProcessTableIPADDR(connection); + } + } else if (versionCondition(v, ">", "5.3.0")) { + if (!DatabaseUtils.columnExists(connection, "PROCESSES","IP_ADDR")) { + alterProcessTableIPADDR(connection); + } } } catch (SQLException e) { LOGGER.log(Level.SEVERE,e.getMessage(),e); @@ -108,6 +129,17 @@ public static void initDatabase(Connection connection, VersionService versionSer } } + private static void alterProcessTableIPADDR(Connection con) throws SQLException { + PreparedStatement prepareStatement = con.prepareStatement( + "ALTER TABLE PROCESSES ADD COLUMN IP_ADDR VARCHAR(255);"); + try { + int r = prepareStatement.executeUpdate(); + LOGGER.log(Level.FINEST, "ALTER TABLE: updated rows {0}", r); + } finally { + DatabaseUtils.tryClose(prepareStatement); + } + } + /** No version defined in db */ public static void nullVersionInitialization(Connection connection) throws SQLException, IOException { if (!DatabaseUtils.tableExists(connection,"PROCESSES")) { @@ -148,6 +180,9 @@ public static void nullVersionInitialization(Connection connection) throws SQLEx alterProcessTableAuthToken(connection); alterProcessTableProcess2TokenAuthToken(connection); } + if (!DatabaseUtils.columnExists(connection, "PROCESSES","IP_ADDR")) { + alterProcessTableIPADDR(connection); + } } public static void createToken2SessionkeysMapping(Connection connection) throws SQLException, IOException { diff --git a/common/src/main/java/cz/incad/kramerius/processes/database/ProcessDatabaseUtils.java b/common/src/main/java/cz/incad/kramerius/processes/database/ProcessDatabaseUtils.java index e64fae60c9..917179c126 100644 --- a/common/src/main/java/cz/incad/kramerius/processes/database/ProcessDatabaseUtils.java +++ b/common/src/main/java/cz/incad/kramerius/processes/database/ProcessDatabaseUtils.java @@ -109,8 +109,10 @@ public static void registerProcess(Connection con, LRProcess lp, User user, Stri " PARAMS_MAPPING , " + //11 " BATCH_STATUS ," + //12 " TOKEN_ACTIVE, " + // - " AUTH_TOKEN) " + // 13 - " values " + + " AUTH_TOKEN,"+ //13 + " IP_ADDR"+ // 14 + " ) " + + " values " + " (" + " ?," + //1 - DEFID " ?," + //2 - UUID @@ -126,7 +128,8 @@ public static void registerProcess(Connection con, LRProcess lp, User user, Stri " ?," + //11 PARAMS_MAPPING " ?," + //12 BATCH_STATUS " TRUE," + // - " ?" + //13 AUTH_TOKEN + " ?," + //13 AUTH_TOKEN + " ?" + //14 IP_ADDR " )"); try { prepareStatement.setString(1, lp.getDefinitionId()); @@ -156,6 +159,7 @@ public static void registerProcess(Connection con, LRProcess lp, User user, Stri prepareStatement.setString(11, storedParams); prepareStatement.setInt(12, lp.getBatchState().getVal()); prepareStatement.setString(13, lp.getAuthToken()); + prepareStatement.setString(14, lp.getPlannedIPAddress()); prepareStatement.executeUpdate(); } finally { @@ -297,7 +301,7 @@ public static void deleteTokenMappings(LRProcess lrProcess, Connection con) thro public static String [] QUERY_PROCESS_COLUMNS= { "p.DEFID,PID", "p.UUID", "p.STATUS", "p.PLANNED", "p.STARTED", "p.NAME AS PNAME", "p.PARAMS", "p.STARTEDBY", "p.TOKEN", "p.FINISHED", - "p.loginname","p.surname","p.firstname","p.user_key","p.params_mapping", "p.batch_status","p.AUTH_TOKEN" + "p.loginname","p.surname","p.firstname","p.user_key","p.params_mapping", "p.batch_status","p.AUTH_TOKEN","p.IP_ADDR" }; diff --git a/common/src/main/java/cz/incad/kramerius/processes/impl/AbstractLRProcessImpl.java b/common/src/main/java/cz/incad/kramerius/processes/impl/AbstractLRProcessImpl.java index b709207132..6f49f630f2 100644 --- a/common/src/main/java/cz/incad/kramerius/processes/impl/AbstractLRProcessImpl.java +++ b/common/src/main/java/cz/incad/kramerius/processes/impl/AbstractLRProcessImpl.java @@ -36,6 +36,7 @@ import cz.incad.kramerius.processes.LRProcessManager; import cz.incad.kramerius.processes.States; import cz.incad.kramerius.security.User; +import cz.incad.kramerius.utils.IPAddressUtils; import cz.incad.kramerius.utils.conf.KConfiguration; public abstract class AbstractLRProcessImpl implements LRProcess { @@ -62,7 +63,7 @@ public abstract class AbstractLRProcessImpl implements LRProcess { private String loginname; private String firstname; private String surname; - + private User user; private String loggedUserKey; @@ -71,9 +72,12 @@ public abstract class AbstractLRProcessImpl implements LRProcess { private boolean masterProcess; private List parameters = new ArrayList(); - private Properties parametersMapping = new Properties(); + private String ipAddress; + + + public AbstractLRProcessImpl(LRProcessDefinition definition, LRProcessManager manager, KConfiguration configuration) { super(); @@ -113,10 +117,11 @@ public long getStartTime() { return this.startTime; } - public void planMe(Properties paramsMapping) { + public void planMe(Properties paramsMapping, String ipAddress) { this.state = States.PLANNED; + this.ipAddress = ipAddress; this.setPlannedTime(System.currentTimeMillis()); - + manager.registerLongRunningProcess(this, getLoggedUserKey(), paramsMapping); } @@ -141,8 +146,8 @@ public void startMe(boolean wait, String krameriusAppLib, command.add("-D" + ProcessStarter.MAIN_CLASS_KEY + "=" + this.definition.getMainClass()); -// command.add("-D" + IsActionAllowedFromRequest.X_IP_FORWARD + "=" -// + remoteAddr); + command.add("-D" + IPAddressUtils.X_IP_FORWARD + "=" + + this.ipAddress); command.add("-D" + ProcessStarter.UUID_KEY + "=" + this.uuid); command.add("-D" + ProcessStarter.TOKEN_KEY + "=" @@ -473,4 +478,15 @@ public long getFinishedTime() { public void setFinishedTime(long finishedtime) { this.finishedTime = finishedtime; } + + @Override + public String getPlannedIPAddress() { + return this.ipAddress; + } + + @Override + public void setPlannedIPAddress(String ipAddr) { + this.ipAddress = ipAddr; + } + } diff --git a/common/src/main/java/cz/incad/kramerius/processes/impl/DatabaseProcessManager.java b/common/src/main/java/cz/incad/kramerius/processes/impl/DatabaseProcessManager.java index 2dfecf2fc0..8e27589c05 100644 --- a/common/src/main/java/cz/incad/kramerius/processes/impl/DatabaseProcessManager.java +++ b/common/src/main/java/cz/incad/kramerius/processes/impl/DatabaseProcessManager.java @@ -453,6 +453,7 @@ private LRProcess processFromResultSet(ResultSet rs) throws SQLException { String userKey = rs.getString("USER_KEY"); String paramsMapping = rs.getString("params_mapping"); int batchStatus = rs.getInt("BATCH_STATUS"); + String ipAddr = rs.getString("IP_ADDR"); LRProcessDefinition definition = this.lrpdm.getLongRunningProcessDefinition(definitionId); @@ -485,6 +486,9 @@ private LRProcess processFromResultSet(ResultSet rs) throws SQLException { if (finished != null) { process.setFinishedTime(finished.getTime()); } + if (ipAddr != null) { + process.setPlannedIPAddress(ipAddr); + } return process; } diff --git a/common/src/main/java/cz/incad/kramerius/processes/impl/ProcessStarter.java b/common/src/main/java/cz/incad/kramerius/processes/impl/ProcessStarter.java index b2bfb10857..8c556623bc 100644 --- a/common/src/main/java/cz/incad/kramerius/processes/impl/ProcessStarter.java +++ b/common/src/main/java/cz/incad/kramerius/processes/impl/ProcessStarter.java @@ -44,7 +44,7 @@ import cz.incad.kramerius.processes.annotations.Process; import cz.incad.kramerius.processes.logging.LoggingLoader; import cz.incad.kramerius.processes.utils.ProcessUtils; -import cz.incad.kramerius.security.impl.http.IsActionAllowedFromRequest; +import cz.incad.kramerius.utils.IPAddressUtils; /** * Process starting point @@ -81,7 +81,7 @@ public static void main(String[] args) { try { String mainClass = System.getProperty(MAIN_CLASS_KEY); - String forwardIP = System.getProperty(IsActionAllowedFromRequest.X_IP_FORWARD); + //String forwardIP = System.getProperty(IPAddressUtils.X_IP_FORWARD); outStream = createPrintStream(System.getProperty(SOUT_FILE)); errStream = createPrintStream(System.getProperty(SERR_FILE)); @@ -233,7 +233,7 @@ public static byte[] httpGet(String restURL) throws MalformedURLException, IOExc URLConnection connection = url.openConnection(); // authentication token -> identify user connection.addRequestProperty("auth-token",System.getProperty(AUTH_TOKEN_KEY)); - + connection.addRequestProperty(IPAddressUtils.X_IP_FORWARD, System.getProperty(IPAddressUtils.X_IP_FORWARD)); InputStream inputStream = connection.getInputStream(); byte[] buffer = new byte[1 << 12]; int read = -1; diff --git a/common/src/main/java/cz/incad/kramerius/security/impl/http/IsActionAllowedFromRequest.java b/common/src/main/java/cz/incad/kramerius/security/impl/http/IsActionAllowedFromRequest.java index d367c9a7b6..f8b15ae70a 100644 --- a/common/src/main/java/cz/incad/kramerius/security/impl/http/IsActionAllowedFromRequest.java +++ b/common/src/main/java/cz/incad/kramerius/security/impl/http/IsActionAllowedFromRequest.java @@ -19,15 +19,11 @@ import java.net.InetAddress; import java.net.UnknownHostException; import java.security.Principal; -import java.util.Arrays; -import java.util.List; import java.util.logging.Level; import java.util.logging.Logger; import javax.servlet.http.HttpServletRequest; -import org.apache.commons.configuration.Configuration; - import com.google.inject.Inject; import com.google.inject.Provider; @@ -42,26 +38,14 @@ import cz.incad.kramerius.security.User; import cz.incad.kramerius.security.UserManager; import cz.incad.kramerius.security.impl.UserImpl; +import cz.incad.kramerius.utils.IPAddressUtils; import cz.incad.kramerius.utils.NetworkUtils; -import cz.incad.kramerius.utils.StringUtils; import cz.incad.kramerius.utils.conf.KConfiguration; public class IsActionAllowedFromRequest implements IsActionAllowed { public static final Logger LOGGER = Logger.getLogger(IsActionAllowedFromRequest.class.getName()); - public static final String X_IP_FORWARD = "X_IP_FORWARD"; - static String[] LOCALHOSTS = {"127.0.0.1","localhost","0:0:0:0:0:0:0:1","::1"}; - static { - try { - LOCALHOSTS = NetworkUtils.getLocalhostsAddress(); - } catch (Exception e) { - LOGGER.log(Level.SEVERE, e.getMessage(), e); - LOCALHOSTS = new String[] {"127.0.0.1","localhost","0:0:0:0:0:0:0:1","::1"}; - } - } - - private Logger logger; private Provider provider; @@ -105,7 +89,7 @@ public boolean isActionAllowed(User user, String actionName, String pid,String s public boolean[] isActionAllowedForAllPath(String actionName, String pid, String stream, ObjectPidsPath path) { try { User user = this.currentLoggedUser.get(); - RightCriteriumContext ctx = this.ctxFactory.create(pid,stream, user, getRemoteHost(), getRemoteAddress(KConfiguration.getInstance().getConfiguration())); + RightCriteriumContext ctx = this.ctxFactory.create(pid,stream, user, getRemoteHost(), IPAddressUtils.getRemoteAddress(this.provider.get(), KConfiguration.getInstance().getConfiguration())); EvaluatingResult[] evalResults = this.rightsManager.resolveAllPath(ctx, pid, path, actionName, user); boolean[] results = new boolean[evalResults.length]; for (int i = 0; i < results.length; i++) { @@ -118,35 +102,13 @@ public boolean[] isActionAllowedForAllPath(String actionName, String pid, String } } - String getRemoteAddress(Configuration conf) { - HttpServletRequest httpReq = this.provider.get(); - String headerFowraded = httpReq.getHeader(X_IP_FORWARD); - if (StringUtils.isAnyString(headerFowraded) && matchConfigurationAddress(httpReq, conf)) { - return headerFowraded; - } else { - return httpReq.getRemoteAddr(); - } - } - - - boolean matchConfigurationAddress(HttpServletRequest httpReq, Configuration conf) { - String remoteAddr = httpReq.getRemoteAddr(); - List forwaredEnabled = conf.getList("x_ip_forwared_enabled_for",Arrays.asList(LOCALHOSTS)); - if (!forwaredEnabled.isEmpty()) { - for (String pattern : forwaredEnabled) { - if (remoteAddr.matches(pattern)) return true; - } - } - return false; - } - private String getRemoteHost() { HttpServletRequest httpReq = this.provider.get(); return httpReq.getRemoteHost(); } public boolean isAllowedInternalForFedoraDocuments(String actionName, String pid, String stream, ObjectPidsPath path, User user) throws RightCriteriumException { - RightCriteriumContext ctx = this.ctxFactory.create(pid, stream, user, getRemoteHost(), getRemoteAddress(KConfiguration.getInstance().getConfiguration())); + RightCriteriumContext ctx = this.ctxFactory.create(pid, stream, user, getRemoteHost(), IPAddressUtils.getRemoteAddress(this.provider.get(),KConfiguration.getInstance().getConfiguration())); EvaluatingResult result = this.rightsManager.resolve(ctx, pid, path, actionName, user); return result != null ? resultOfResult(result) : false; } diff --git a/common/src/main/java/cz/incad/kramerius/service/impl/IndexerProcessStarter.java b/common/src/main/java/cz/incad/kramerius/service/impl/IndexerProcessStarter.java index 5dfbe75833..deb57c5664 100644 --- a/common/src/main/java/cz/incad/kramerius/service/impl/IndexerProcessStarter.java +++ b/common/src/main/java/cz/incad/kramerius/service/impl/IndexerProcessStarter.java @@ -4,6 +4,7 @@ import cz.incad.kramerius.processes.impl.ProcessStarter; import cz.incad.kramerius.processes.utils.ProcessUtils; import cz.incad.kramerius.utils.BasicAuthenticationFilter; +import cz.incad.kramerius.utils.IPAddressUtils; import cz.incad.kramerius.utils.conf.KConfiguration; import java.io.UnsupportedEncodingException; @@ -57,6 +58,10 @@ public ClientResponse handle(ClientRequest clientRequest) throws ClientHandlerEx String pwd = System.getProperties().getProperty(PSWD_TOKEN); BasicAuthenticationFilter.encodeUserAndPass(clientRequest, uname, pwd); } + if (System.getProperties().containsKey(IPAddressUtils.X_IP_FORWARD)) { + clientRequest.getHeaders().add(IPAddressUtils.X_IP_FORWARD, System.getProperty(IPAddressUtils.X_IP_FORWARD)); + } + return getNext().handle(clientRequest); } } diff --git a/common/src/main/java/cz/incad/kramerius/utils/DatabaseUtils.java b/common/src/main/java/cz/incad/kramerius/utils/DatabaseUtils.java index 6b014600f0..4343405a6d 100644 --- a/common/src/main/java/cz/incad/kramerius/utils/DatabaseUtils.java +++ b/common/src/main/java/cz/incad/kramerius/utils/DatabaseUtils.java @@ -46,8 +46,6 @@ public static boolean columnExists(Connection con, String tableName, String colu } } - - public static void tryClose(Connection c) { try { c.close(); diff --git a/common/src/main/java/cz/incad/kramerius/utils/IPAddressUtils.java b/common/src/main/java/cz/incad/kramerius/utils/IPAddressUtils.java new file mode 100644 index 0000000000..9c6821d316 --- /dev/null +++ b/common/src/main/java/cz/incad/kramerius/utils/IPAddressUtils.java @@ -0,0 +1,45 @@ +package cz.incad.kramerius.utils; + +import java.util.Arrays; +import java.util.List; +import java.util.logging.Level; +import java.util.logging.Logger; + +import javax.servlet.http.HttpServletRequest; + +import org.apache.commons.configuration.Configuration; + +public class IPAddressUtils { + + public static Logger LOGGER = Logger.getLogger(IPAddressUtils.class.getName()); + + public static final String X_IP_FORWARD = "X_IP_FORWARD"; + public static String[] LOCALHOSTS = {"127.0.0.1","localhost","0:0:0:0:0:0:0:1","::1"}; + static { + try { + IPAddressUtils.LOCALHOSTS = NetworkUtils.getLocalhostsAddress(); + } catch (Exception e) { + LOGGER.log(Level.SEVERE, e.getMessage(), e); + IPAddressUtils.LOCALHOSTS = new String[] {"127.0.0.1","localhost","0:0:0:0:0:0:0:1","::1"}; + } + } + public static String getRemoteAddress(HttpServletRequest httpReq, Configuration conf) { + String headerFowraded = httpReq.getHeader(X_IP_FORWARD); + if (StringUtils.isAnyString(headerFowraded) && IPAddressUtils.matchConfigurationAddress(httpReq, conf)) { + return headerFowraded; + } else { + return httpReq.getRemoteAddr(); + } + } + public static boolean matchConfigurationAddress(HttpServletRequest httpReq, Configuration conf) { + String remoteAddr = httpReq.getRemoteAddr(); + List forwaredEnabled = conf.getList("x_ip_forwared_enabled_for",Arrays.asList(LOCALHOSTS)); + if (!forwaredEnabled.isEmpty()) { + for (String pattern : forwaredEnabled) { + if (remoteAddr.matches(pattern)) return true; + } + } + return false; + } + +} diff --git a/common/src/test/java/cz/incad/kramerius/security/impl/http/IsActionAllowedFromRequestTest.java b/common/src/test/java/cz/incad/kramerius/security/impl/http/IsActionAllowedFromRequestTest.java index cebe186ba9..b20c34ac76 100644 --- a/common/src/test/java/cz/incad/kramerius/security/impl/http/IsActionAllowedFromRequestTest.java +++ b/common/src/test/java/cz/incad/kramerius/security/impl/http/IsActionAllowedFromRequestTest.java @@ -11,6 +11,7 @@ import com.google.inject.Provider; +import cz.incad.kramerius.utils.IPAddressUtils; import cz.incad.kramerius.utils.conf.KConfiguration; public class IsActionAllowedFromRequestTest { @@ -30,10 +31,10 @@ public HttpServletRequest get() { EasyMock.replay(req); Configuration conf = KConfiguration.getInstance().getConfiguration(); - conf.setProperty("x_ip_forwared_enabled_for", Arrays.asList(IsActionAllowedFromRequest.LOCALHOSTS)); + conf.setProperty("x_ip_forwared_enabled_for", Arrays.asList(IPAddressUtils.LOCALHOSTS)); IsActionAllowedFromRequest isActionAllowed = new IsActionAllowedFromRequest(null, reqProvider, null, null, null); - String rAddres = isActionAllowed.getRemoteAddress(conf); + String rAddres = IPAddressUtils.getRemoteAddress(req, conf); Assert.assertTrue("192.167.1.2".equals(rAddres)); Assert.assertFalse("127.0.0.1".equals(rAddres)); } @@ -56,7 +57,7 @@ public HttpServletRequest get() { conf.setProperty("x_ip_forwared_enabled_for", Arrays.asList()); IsActionAllowedFromRequest isActionAllowed = new IsActionAllowedFromRequest(null, reqProvider, null, null, null); - String rAddres = isActionAllowed.getRemoteAddress(conf); + String rAddres = IPAddressUtils.getRemoteAddress(req, conf); Assert.assertTrue("192.167.1.2".equals(rAddres)); Assert.assertFalse("127.0.0.1".equals(rAddres)); } diff --git a/rest/src/main/java/cz/incad/kramerius/rest/api/client/v50/admin/RightsClient.java b/rest/src/main/java/cz/incad/kramerius/rest/api/client/v50/admin/RightsClient.java index c3c151abea..af7a3a3fe7 100644 --- a/rest/src/main/java/cz/incad/kramerius/rest/api/client/v50/admin/RightsClient.java +++ b/rest/src/main/java/cz/incad/kramerius/rest/api/client/v50/admin/RightsClient.java @@ -147,7 +147,7 @@ private static String createSampleRight() throws JSONException { JSONObject jsonObj = new JSONObject(); jsonObj.put("action", "read"); jsonObj.put("pid", "uuid:1"); - jsonObj.put("role", new JSONObject(UsersAndRolesClient.role("3"))); + jsonObj.put("role", new JSONObject(UsersAndRolesClient.role(3))); System.out.println(jsonObj); @@ -170,7 +170,7 @@ private static String createSampleRight2(String critqname,JSONObject param) thro JSONObject jsonObj = new JSONObject(); jsonObj.put("action", "read"); jsonObj.put("pid", "uuid:1"); - jsonObj.put("role", new JSONObject(UsersAndRolesClient.role("3"))); + jsonObj.put("role", new JSONObject(UsersAndRolesClient.role(3))); JSONObject critJSON = new JSONObject(); critJSON.put("qname", critqname); diff --git a/rest/src/main/java/cz/incad/kramerius/rest/api/k5/admin/users/UsersResource.java b/rest/src/main/java/cz/incad/kramerius/rest/api/k5/admin/users/UsersResource.java index 97daaf957c..4718f45956 100644 --- a/rest/src/main/java/cz/incad/kramerius/rest/api/k5/admin/users/UsersResource.java +++ b/rest/src/main/java/cz/incad/kramerius/rest/api/k5/admin/users/UsersResource.java @@ -234,7 +234,13 @@ public Response put(@PathParam("id") String id, JSONObject uOptions) { JSONArray roles = uOptions.getJSONArray("roles"); ListrList = new ArrayList(); for (int i = 0,ll=roles.length(); i < ll; i++) { - rList.add(roles.getString(i)); + Object object = roles.get(i); + if (object instanceof String) { + rList.add(roles.getString(i)); + } else if (object instanceof JSONObject) { + JSONObject jsonObj = (JSONObject) object; + rList.add(jsonObj.getString("name")); + } } this.userManager.changeRoles(u, rList); diff --git a/rest/src/main/java/cz/incad/kramerius/rest/api/processes/LRResource.java b/rest/src/main/java/cz/incad/kramerius/rest/api/processes/LRResource.java index 2eff1059fa..6685d9cff2 100644 --- a/rest/src/main/java/cz/incad/kramerius/rest/api/processes/LRResource.java +++ b/rest/src/main/java/cz/incad/kramerius/rest/api/processes/LRResource.java @@ -85,7 +85,9 @@ import cz.incad.kramerius.security.utils.UserUtils; import cz.incad.kramerius.users.LoggedUsersSingleton; import cz.incad.kramerius.utils.IOUtils; +import cz.incad.kramerius.utils.IPAddressUtils; import cz.incad.kramerius.utils.StringUtils; +import cz.incad.kramerius.utils.conf.KConfiguration; import cz.incad.kramerius.utils.database.Offset; import cz.incad.kramerius.utils.database.SQLFilter; import cz.incad.kramerius.utils.database.SQLFilter.TypesMapping; @@ -220,7 +222,7 @@ Response plainProcessStart(String def, JSONArray array) { } newProcess.setParameters(params); newProcess.setUser(user); - newProcess.planMe(new Properties()); + newProcess.planMe(new Properties(),IPAddressUtils.getRemoteAddress(this.requestProvider.get(), KConfiguration.getInstance().getConfiguration())); lrProcessManager.updateAuthTokenMapping(newProcess, loggedUserKey); URI uri = UriBuilder.fromResource(LRResource.class).path("{uuid}").build(newProcess.getUUID()); return Response.created(uri).entity(lrPRocessToJSONObject(newProcess).toString()).build(); @@ -287,7 +289,7 @@ Response parametrizedProcessStart(@PathParam("def")String def, JSONObject mappi newProcess.setParameters(Arrays.asList(new String[0])); newProcess.setUser(user); - newProcess.planMe(props); + newProcess.planMe(props, IPAddressUtils.getRemoteAddress(this.requestProvider.get(), KConfiguration.getInstance().getConfiguration())); lrProcessManager.updateAuthTokenMapping(newProcess, loggedUserKey); URI uri = UriBuilder.fromResource(LRResource.class).path("{uuid}").build(newProcess.getUUID()); return Response.created(uri).entity(lrPRocessToJSONObject(newProcess).toString()).build(); diff --git a/search/src/java/cz/incad/Kramerius/LongRunningProcessServlet.java b/search/src/java/cz/incad/Kramerius/LongRunningProcessServlet.java index 21ab4ef9d6..965fd61ba9 100644 --- a/search/src/java/cz/incad/Kramerius/LongRunningProcessServlet.java +++ b/search/src/java/cz/incad/Kramerius/LongRunningProcessServlet.java @@ -18,6 +18,7 @@ import cz.incad.kramerius.security.utils.UserUtils; import cz.incad.kramerius.users.LoggedUsersSingleton; import cz.incad.kramerius.utils.ApplicationURL; +import cz.incad.kramerius.utils.IPAddressUtils; import cz.incad.kramerius.utils.conf.KConfiguration; import cz.incad.kramerius.utils.database.JDBCQueryTemplate; import cz.incad.kramerius.utils.params.ParamsLexer; @@ -150,7 +151,7 @@ public static LRProcess planNewProcess(HttpServletRequest request, ServletContex newProcess.setUser(user); newProcess.setLoggedUserKey(loggedUserKey); newProcess.setParameters(Arrays.asList(params)); - newProcess.planMe(paramsMapping); + newProcess.planMe(paramsMapping, IPAddressUtils.getRemoteAddress(request, KConfiguration.getInstance().getConfiguration())); return newProcess; }