Commit ad4e8b89 authored by Alessandro Portosa's avatar Alessandro Portosa
Browse files

Fixed association between business view field and profile attribute

Removed dependecy with Jackson 2.9.2
Fixed issue for Big Data dataset where not parameters substitution was performed
parent fe1cda84
......@@ -105,7 +105,7 @@
<dependency>
<groupId>com.fasterxml.jackson.jaxrs</groupId>
<artifactId>jackson-jaxrs-json-provider</artifactId>
<version>2.9.2</version>
<version>2.0.2</version>
<scope>runtime</scope>
</dependency>
......
......@@ -41,6 +41,7 @@ ${jpaView.uniqueName}.type = generic
#foreach ($jpaColumn in $jpaView.getColumns())
${jpaColumn.uniqueName}.visible = $jpaColumn.getAttribute("structural.visible")
${jpaColumn.uniqueName}.type = $jpaColumn.getAttribute("structural.columntype")
${jpaColumn.uniqueName}.attribute = $jpaColumn.getAttribute("structural.attribute")
${jpaColumn.uniqueName}.datatype = $jpaColumn.getAttribute("structural.datatype")
${jpaColumn.uniqueName}.format = $jpaColumn.getAttribute("structural.format")
${jpaColumn.uniqueName}.excludedRoles = $jpaColumn.getAttribute("behavioural.notEnabledRoles")
......@@ -58,6 +59,7 @@ ${jpaTable.uniqueName}.type = dimension
#foreach ($jpaColumn in $jpaTable.columns)
${jpaView.uniqueName}/${jpaColumn.uniqueName}.visible = $jpaColumn.getAttribute("structural.visible")
${jpaView.uniqueName}/${jpaColumn.uniqueName}.type = $jpaColumn.getAttribute("structural.columntype")
${jpaView.uniqueName}/${jpaColumn.uniqueName}.attribute = $jpaColumn.getAttribute("structural.attribute")
${jpaView.uniqueName}/${jpaColumn.uniqueName}.datatype = $jpaColumn.getAttribute("structural.datatype")
${jpaView.uniqueName}/${jpaColumn.uniqueName}.excludedRoles = $jpaColumn.getAttribute("behavioural.notEnabledRoles")
${jpaView.uniqueName}/${jpaColumn.uniqueName}.format = $jpaColumn.getAttribute("structural.format")
......
......@@ -583,12 +583,6 @@
<version>4.3.1</version>
</dependency>
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>3.3.0</version>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
......
/*
* Knowage, Open Source Business Intelligence suite
* Copyright (C) 2016 Engineering Ingegneria Informatica S.p.A.
*
* Knowage is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Knowage is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package it.eng.spagobi.services.common;
import java.io.IOException;
import java.util.Calendar;
import java.util.Date;
import javax.portlet.PortletSession;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTVerificationException;
import it.eng.spagobi.commons.SingletonConfig;
import it.eng.spagobi.commons.utilities.SpagoBIUtilities;
import it.eng.spagobi.security.hmacfilter.HMACUtils;
import it.eng.spagobi.services.security.exceptions.SecurityException;
import it.eng.spagobi.utilities.exceptions.SpagoBIRuntimeException;
/**
* This class implements SSO interface with JWT standard
*/
public class JWTTokenAsUserUniqueIdentifierSsoService implements SsoServiceInterface {
static private Logger logger = Logger.getLogger(JWTTokenAsUserUniqueIdentifierSsoService.class);
static private Algorithm algorithm;
static {
try {
String key = getHMACKey();
algorithm = Algorithm.HMAC256(key);
} catch (Exception e) {
logger.error("Cannot initialize JWT algorithm", e);
throw new SpagoBIRuntimeException("Cannot initialize JWT algorithm", e);
}
}
/**
* Gets the HMAC key from configuration
* @return the HMAC key
*/
protected static String getHMACKey() {
try {
String key = EnginConf.getInstance().getHmacKey();
if (key == null || key.isEmpty()) {
key = SpagoBIUtilities.readJndiResource(SingletonConfig.getInstance().getConfigValue(HMACUtils.HMAC_JNDI_LOOKUP));
}
return key;
} catch (Exception e) {
throw new SpagoBIRuntimeException("Cannot retrieve the HMAC key", e);
}
}
public String readUserIdentifier(HttpServletRequest request) {
try {
String jwtToken = request.getParameter(SsoServiceInterface.USER_ID);
if (jwtToken == null) {
logger.debug("JWT token not found in request");
return null;
}
logger.debug("JWT token retrieved : [" + jwtToken + "]");
JWTVerifier verifier = JWT.require(algorithm).build();
verifier.verify(jwtToken);
logger.debug("JWT token verified properly");
return jwtToken; // we consider the JWT token as user unique identifier
} catch (JWTVerificationException e) {
throw new SpagoBIRuntimeException("Invalid JWT token!", e);
}
}
public String readUserIdentifier(PortletSession session) {
logger.debug("NOT Implemented");
return "";
}
public String readTicket(HttpSession session) throws IOException {
Calendar date = Calendar.getInstance();
long t = date.getTimeInMillis();
Date expireDate = new Date(t + 5 * 60 * 1000); // 5 minutes
String token = JWT.create()
.withIssuer("knowage")
.withExpiresAt(expireDate)
.sign(algorithm);
return token;
}
public void validateTicket(String ticket, String userId) throws SecurityException {
try {
String jwtToken = ticket;
logger.debug("JWT token in input : [" + jwtToken + "]");
JWTVerifier verifier = JWT.require(algorithm).withIssuer("knowage").build();
verifier.verify(jwtToken);
logger.debug("JWT token verified properly");
} catch (JWTVerificationException e) {
throw new SecurityException("Invalid JWT token!", e);
}
}
}
/*
* Knowage, Open Source Business Intelligence suite
* Copyright (C) 2016 Engineering Ingegneria Informatica S.p.A.
*
*
* Knowage is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
......@@ -11,12 +11,23 @@
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package it.eng.spagobi.tools.dataset.common.behaviour;
import java.io.File;
import java.net.URL;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Vector;
import org.apache.log4j.Logger;
import it.eng.spago.base.SourceBeanException;
import it.eng.spagobi.commons.utilities.StringUtilities;
import it.eng.spagobi.tools.dataset.bo.ConfigurableDataSet;
......@@ -24,6 +35,7 @@ import it.eng.spagobi.tools.dataset.bo.DataSetParameterItem;
import it.eng.spagobi.tools.dataset.bo.DataSetParametersList;
import it.eng.spagobi.tools.dataset.bo.IDataSet;
import it.eng.spagobi.tools.dataset.bo.JDBCDataSet;
import it.eng.spagobi.tools.dataset.bo.JDBCHiveDataSet;
import it.eng.spagobi.tools.dataset.bo.ScriptDataSet;
import it.eng.spagobi.tools.dataset.common.query.IQueryTransformer;
import it.eng.spagobi.tools.dataset.exceptions.ParametersNotValorizedException;
......@@ -32,20 +44,9 @@ import it.eng.spagobi.utilities.assertion.Assert;
import it.eng.spagobi.utilities.exceptions.SpagoBIRuntimeException;
import it.eng.spagobi.utilities.scripting.SpagoBIScriptManager;
import java.io.File;
import java.net.URL;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Vector;
import org.apache.log4j.Logger;
/**
* @author Andrea Gioia (andrea.gioia@eng.it)
*
*
*/
public class QuerableBehaviour extends AbstractDataSetBehaviour {
......@@ -162,7 +163,7 @@ public class QuerableBehaviour extends AbstractDataSetBehaviour {
} catch (Throwable e) {
throw new ProfileAttributeDsException("An error occurred while excuting query [" + newStatement + "]", e);
}
} else if (getTargetDataSet() instanceof JDBCDataSet) {
} else if (getTargetDataSet() instanceof JDBCDataSet || getTargetDataSet() instanceof JDBCHiveDataSet) {
try {
newStatement = StringUtilities.substituteParametersInString(newStatement, userProfileAttributes);
} catch (Exception e) {
......@@ -301,7 +302,7 @@ public class QuerableBehaviour extends AbstractDataSetBehaviour {
/**
* search if there are parameters unfilled and return their names
*
*
* @param statement
* @return
*/
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment