@Override public AuthSubject subjectOrAnonymous() { SecurityContext context = this.securityContext; return context == null ? AuthSubject.ANONYMOUS : context.subject(); }
protected String defaultString( String name ) { return String.format( "%s{ username=%s, accessMode=%s }", name, subject().username(), mode() ); }
@Override public String username() { return transaction.securityContext().subject().username(); }
final String username() { return transaction.securityContext().subject().username(); }
public String description() { return String.format( "user '%s' with %s", subject().username(), mode().name() ); }
@Description( "Change the current user's password." ) @Procedure( name = "dbms.security.changePassword", mode = DBMS ) public void changePassword( @Name( "password" ) String password ) throws InvalidArgumentsException, IOException { // TODO: Deprecate this and create a new procedure that takes password as a byte[] if ( securityContext.subject() == AuthSubject.ANONYMOUS ) { throw new AuthorizationViolationException( "Anonymous cannot change password" ); } userManager.setUserPassword( securityContext.subject().username(), UTF8.encode( password ), false ); securityContext.subject().setPasswordChangeNoLongerRequired(); }
@Description( "Show the current user." ) @Procedure( name = "dbms.showCurrentUser", mode = DBMS ) public Stream<UserResult> showCurrentUser() { return Stream.of( userResultForName( securityContext.subject().username() ) ); }
public void assertCredentialsNotExpired() { if ( subject().getAuthenticationResult().equals( AuthenticationResult.PASSWORD_CHANGE_REQUIRED ) ) { throw mode().onViolation( PERMISSION_DENIED ); } }
@Override public final Neo4jTransactionalContext newContext( ClientConnectionInfo clientConnection, InternalTransaction tx, String queryText, MapValue queryParameters ) { Statement initialStatement = statementSupplier.get(); ClientConnectionInfo connectionWithUserName = clientConnection.withUsername( tx.securityContext().subject().username() ); ExecutingQuery executingQuery = initialStatement.queryRegistration().startQueryExecution( connectionWithUserName, queryText, queryParameters ); return contextCreator.create( tx, initialStatement, executingQuery ); } }
@Description( "Delete the specified user." ) @Procedure( name = "dbms.security.deleteUser", mode = DBMS ) public void deleteUser( @Name( "username" ) String username ) throws InvalidArgumentsException, IOException { securityContext.assertCredentialsNotExpired(); if ( securityContext.subject().hasUsername( username ) ) { throw new InvalidArgumentsException( "Deleting yourself (user '" + username + "') is not allowed." ); } userManager.deleteUser( username ); }
@Override public AuthSubject subjectOrAnonymous() { SecurityContext context = this.securityContext; return context == null ? AuthSubject.ANONYMOUS : context.subject(); }
protected String defaultString( String name ) { return String.format( "%s{ username=%s, accessMode=%s }", name, subject().username(), mode() ); }
final String username() { return transaction.securityContext().subject().username(); }
@Override public String username() { return transaction.securityContext().subject().username(); }
private boolean isAdminOrSelf( String username ) { return isAdmin() || securityContext.subject().hasUsername( username ); }
public String description() { return String.format( "user '%s' with %s", subject().username(), mode().name() ); }
@Description( "Change the current user's password." ) @Procedure( name = "dbms.security.changePassword", mode = DBMS ) public void changePassword( @Name( "password" ) String password ) throws InvalidArgumentsException, IOException { // TODO: Deprecate this and create a new procedure that takes password as a byte[] if ( securityContext.subject() == AuthSubject.ANONYMOUS ) { throw new AuthorizationViolationException( "Anonymous cannot change password" ); } userManager.setUserPassword( securityContext.subject().username(), UTF8.encode( password ), false ); securityContext.subject().setPasswordChangeNoLongerRequired(); }
@Description( "Show the current user." ) @Procedure( name = "dbms.showCurrentUser", mode = DBMS ) public Stream<UserResult> showCurrentUser() { return Stream.of( userResultForName( securityContext.subject().username() ) ); }
public void assertCredentialsNotExpired() { if ( subject().getAuthenticationResult().equals( AuthenticationResult.PASSWORD_CHANGE_REQUIRED ) ) { throw mode().onViolation( PERMISSION_DENIED ); } }
@Description( "Delete the specified user." ) @Procedure( name = "dbms.security.deleteUser", mode = DBMS ) public void deleteUser( @Name( "username" ) String username ) throws InvalidArgumentsException, IOException { securityContext.assertCredentialsNotExpired(); if ( securityContext.subject().hasUsername( username ) ) { throw new InvalidArgumentsException( "Deleting yourself (user '" + username + "') is not allowed." ); } userManager.deleteUser( username ); }