/** * Create new user. * * @return Created user. */ public static User defaultUser() { return create(DFAULT_USER_NAME, DFLT_USER_PASSWORD); }
/** */ private void addDefaultUser() { assert users != null && users.isEmpty(); User dfltUser = User.defaultUser(); // Put to local map to be ready for authentication. users.put(dfltUser.name(), dfltUser); // Put to MetaStore when it will be ready. exec.execute(new RefreshUsersStorageWorker(new ArrayList<>(Collections.singleton(dfltUser)))); }
/** * @return Authorized user. */ public String userName() { return user.name(); }
/** * @param passwd Plain text password. * @return Hashed password. */ @Nullable public static String password(String passwd) { return password_bcrypt(passwd); }
/** * Create empty user by login name. * @param name User name. * @return User. */ public static User create(String name) { return new User(name, null); }
/** * Authenticate user. * * @param login User's login. * @param passwd Plain text password. * @return User object on successful authenticate. Otherwise returns {@code null}. * @throws IgniteCheckedException On authentication error. */ private User authenticateOnServer(String login, String passwd) throws IgniteCheckedException { assert !ctx.clientNode() : "Must be used on server node"; readyForAuthFut.get(); User usr; usr = users.get(login); if (usr == null) throw new IgniteAccessControlException("The user name or password is incorrect [userName=" + login + ']'); if (usr.authorize(passwd)) return usr; else throw new IgniteAccessControlException("The user name or password is incorrect [userName=" + login + ']'); }
/** * Remove user from MetaStorage. * * @param op Operation. * @throws IgniteCheckedException On error. */ private void removeUserLocal(UserManagementOperation op) throws IgniteCheckedException { User usr = op.user(); if (!users.containsKey(usr.name())) throw new UserManagementException("User doesn't exist [userName=" + usr.name() + ']'); metastorage.remove(STORE_USER_PREFIX + usr.name()); synchronized (mux) { activeOps.remove(op.id()); users.remove(usr.name()); } }
/** * @param passwd Plain text password. * @return Hashed password. */ @Nullable public static String password(String passwd) { return password_bcrypt(passwd); }
/** * Create empty user by login name. * @param name User name. * @return User. */ public static User create(String name) { return new User(name, null); }
/** * Authenticate user. * * @param login User's login. * @param passwd Plain text password. * @return User object on successful authenticate. Otherwise returns {@code null}. * @throws IgniteCheckedException On authentication error. */ private User authenticateOnServer(String login, String passwd) throws IgniteCheckedException { assert !ctx.clientNode() : "Must be used on server node"; readyForAuthFut.get(); User usr; usr = users.get(login); if (usr == null) throw new IgniteAccessControlException("The user name or password is incorrect [userName=" + login + ']'); if (usr.authorize(passwd)) return usr; else throw new IgniteAccessControlException("The user name or password is incorrect [userName=" + login + ']'); }
/** * Remove user from MetaStorage. * * @param op Operation. * @throws IgniteCheckedException On error. */ private void updateUserLocal(UserManagementOperation op) throws IgniteCheckedException { User usr = op.user(); if (!users.containsKey(usr.name())) throw new UserManagementException("User doesn't exist [userName=" + usr.name() + ']'); metastorage.write(STORE_USER_PREFIX + usr.name(), usr); synchronized (mux) { activeOps.remove(op.id()); users.put(usr.name(), usr); } }
/** * @param login User name. * @param passwd User password. * @throws IgniteCheckedException On error. */ public void updateUser(String login, String passwd) throws IgniteCheckedException { UserManagementOperation op = new UserManagementOperation(User.create(login, passwd), UserManagementOperation.OperationType.UPDATE); execUserOperation(op).get(); }
/** */ private void addDefaultUser() { assert users != null && users.isEmpty(); User dfltUser = User.defaultUser(); // Put to local map to be ready for authentication. users.put(dfltUser.name(), dfltUser); // Put to MetaStore when it will be ready. exec.execute(new RefreshUsersStorageWorker(new ArrayList<>(Collections.singleton(dfltUser)))); }
/** {@inheritDoc} */ @Override public void onReadyForRead(ReadOnlyMetastorage metastorage) throws IgniteCheckedException { if (!ctx.clientNode()) { users = new ConcurrentHashMap<>(); metastorage.iterate(STORE_USER_PREFIX, (key, val) -> { User u = (User)val; users.put(u.name(), u); }, true); } else users = null; }
/** * @param login User name. * @throws IgniteCheckedException On error. */ public void removeUser(String login) throws IgniteCheckedException { UserManagementOperation op = new UserManagementOperation(User.create(login), UserManagementOperation.OperationType.REMOVE); execUserOperation(op).get(); }
/** * @param op User operation to check. * @throws IgniteAccessControlException If operation check fails: user hasn't permissions for user management * or try to remove default user. */ public void checkUserOperation(UserManagementOperation op) throws IgniteAccessControlException { assert op != null; if (user == null) throw new IgniteAccessControlException("Operation not allowed: authorized context is empty."); if (!User.DFAULT_USER_NAME.equals(user.name()) && !(UserManagementOperation.OperationType.UPDATE == op.type() && user.name().equals(op.user().name()))) throw new IgniteAccessControlException("User management operations are not allowed for user. " + "[curUser=" + user.name() + ']'); if (op.type() == UserManagementOperation.OperationType.REMOVE && User.DFAULT_USER_NAME.equals(op.user().name())) throw new IgniteAccessControlException("Default user cannot be removed."); }
/** * Adds new user. * * @param login User's login. * @param passwd Plain text password. * @throws IgniteCheckedException On error. */ public void addUser(String login, String passwd) throws IgniteCheckedException { validate(login, passwd); UserManagementOperation op = new UserManagementOperation(User.create(login, passwd), UserManagementOperation.OperationType.ADD); execUserOperation(op).get(); }
/** * Adds new user locally. * * @param op User operation. * @throws IgniteCheckedException On error. */ private void addUserLocal(final UserManagementOperation op) throws IgniteCheckedException { User usr = op.user(); String userName = usr.name(); if (users.containsKey(userName)) throw new UserManagementException("User already exists [login=" + userName + ']'); metastorage.write(STORE_USER_PREFIX + userName, usr); synchronized (mux) { activeOps.remove(op.id()); users.put(userName, usr); } }