PageRenderTime 67ms CodeModel.GetById 33ms RepoModel.GetById 1ms app.codeStats 0ms

/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/security/action/user/PutUserRequestBuilder.java

https://github.com/dadoonet/elasticsearch
Java | 201 lines | 173 code | 16 blank | 12 comment | 62 complexity | 1febd74ee88ff60da7bab0eb5314dedd MD5 | raw file
  1. /*
  2. * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
  3. * or more contributor license agreements. Licensed under the Elastic License;
  4. * you may not use this file except in compliance with the Elastic License.
  5. */
  6. package org.elasticsearch.xpack.core.security.action.user;
  7. import org.elasticsearch.ElasticsearchParseException;
  8. import org.elasticsearch.action.ActionRequestBuilder;
  9. import org.elasticsearch.action.support.WriteRequestBuilder;
  10. import org.elasticsearch.client.ElasticsearchClient;
  11. import org.elasticsearch.common.Strings;
  12. import org.elasticsearch.common.ValidationException;
  13. import org.elasticsearch.common.bytes.BytesReference;
  14. import org.elasticsearch.common.settings.SecureString;
  15. import org.elasticsearch.common.xcontent.LoggingDeprecationHandler;
  16. import org.elasticsearch.common.xcontent.NamedXContentRegistry;
  17. import org.elasticsearch.common.xcontent.XContentParser;
  18. import org.elasticsearch.common.xcontent.XContentParser.Token;
  19. import org.elasticsearch.common.xcontent.XContentType;
  20. import org.elasticsearch.xpack.core.security.authc.support.Hasher;
  21. import org.elasticsearch.xpack.core.security.support.Validation;
  22. import org.elasticsearch.xpack.core.security.user.User;
  23. import org.elasticsearch.xpack.core.security.xcontent.XContentUtils;
  24. import java.io.IOException;
  25. import java.io.InputStream;
  26. import java.util.Map;
  27. import java.util.Objects;
  28. public class PutUserRequestBuilder extends ActionRequestBuilder<PutUserRequest, PutUserResponse>
  29. implements WriteRequestBuilder<PutUserRequestBuilder> {
  30. public PutUserRequestBuilder(ElasticsearchClient client) {
  31. this(client, PutUserAction.INSTANCE);
  32. }
  33. public PutUserRequestBuilder(ElasticsearchClient client, PutUserAction action) {
  34. super(client, action, new PutUserRequest());
  35. }
  36. public PutUserRequestBuilder username(String username) {
  37. request.username(username);
  38. return this;
  39. }
  40. public PutUserRequestBuilder roles(String... roles) {
  41. request.roles(roles);
  42. return this;
  43. }
  44. /**
  45. * @deprecated Use {@link #password(SecureString, Hasher)} instead.
  46. */
  47. @Deprecated
  48. public PutUserRequestBuilder password(char[] password, Hasher hasher) {
  49. return password(new SecureString(password), hasher);
  50. }
  51. public PutUserRequestBuilder password(SecureString password, Hasher hasher) {
  52. if (password != null) {
  53. Validation.Error error = Validation.Users.validatePassword(password);
  54. if (error != null) {
  55. throw validationException(error.toString());
  56. }
  57. if (request.passwordHash() != null) {
  58. throw validationException("password_hash has already been set");
  59. }
  60. request.passwordHash(hasher.hash(password));
  61. } else {
  62. request.passwordHash(null);
  63. }
  64. return this;
  65. }
  66. public PutUserRequestBuilder metadata(Map<String, Object> metadata) {
  67. request.metadata(metadata);
  68. return this;
  69. }
  70. public PutUserRequestBuilder fullName(String fullName) {
  71. request.fullName(fullName);
  72. return this;
  73. }
  74. public PutUserRequestBuilder email(String email) {
  75. request.email(email);
  76. return this;
  77. }
  78. public PutUserRequestBuilder passwordHash(char[] passwordHash, Hasher configuredHasher) {
  79. final Hasher resolvedHasher = Hasher.resolveFromHash(passwordHash);
  80. if (resolvedHasher.equals(configuredHasher) == false) {
  81. throw new IllegalArgumentException("Provided password hash uses [" + resolvedHasher
  82. + "] but the configured hashing algorithm is [" + configuredHasher + "]");
  83. }
  84. if (request.passwordHash() != null) {
  85. throw validationException("password_hash has already been set");
  86. }
  87. request.passwordHash(passwordHash);
  88. return this;
  89. }
  90. public PutUserRequestBuilder enabled(boolean enabled) {
  91. request.enabled(enabled);
  92. return this;
  93. }
  94. /**
  95. * Populate the put user request using the given source and username
  96. */
  97. public PutUserRequestBuilder source(String username, BytesReference source, XContentType xContentType, Hasher hasher) throws
  98. IOException {
  99. Objects.requireNonNull(xContentType);
  100. username(username);
  101. // EMPTY is ok here because we never call namedObject
  102. try (InputStream stream = source.streamInput();
  103. XContentParser parser = xContentType.xContent()
  104. .createParser(NamedXContentRegistry.EMPTY, LoggingDeprecationHandler.INSTANCE, stream)) {
  105. XContentUtils.verifyObject(parser);
  106. XContentParser.Token token;
  107. String currentFieldName = null;
  108. while ((token = parser.nextToken()) != XContentParser.Token.END_OBJECT) {
  109. if (token == XContentParser.Token.FIELD_NAME) {
  110. currentFieldName = parser.currentName();
  111. } else if (User.Fields.PASSWORD.match(currentFieldName, parser.getDeprecationHandler())) {
  112. if (token == XContentParser.Token.VALUE_STRING) {
  113. String password = parser.text();
  114. try(SecureString securePassword = new SecureString(password.toCharArray())) {
  115. password(securePassword, hasher);
  116. }
  117. } else {
  118. throw new ElasticsearchParseException(
  119. "expected field [{}] to be of type string, but found [{}] instead", currentFieldName, token);
  120. }
  121. } else if (User.Fields.PASSWORD_HASH.match(currentFieldName, parser.getDeprecationHandler())) {
  122. if (token == XContentParser.Token.VALUE_STRING) {
  123. char[] passwordChars = parser.text().toCharArray();
  124. passwordHash(passwordChars, hasher);
  125. } else {
  126. throw new ElasticsearchParseException(
  127. "expected field [{}] to be of type string, but found [{}] instead", currentFieldName, token);
  128. }
  129. } else if (User.Fields.ROLES.match(currentFieldName, parser.getDeprecationHandler())) {
  130. if (token == XContentParser.Token.VALUE_STRING) {
  131. roles(Strings.commaDelimitedListToStringArray(parser.text()));
  132. } else {
  133. roles(XContentUtils.readStringArray(parser, false));
  134. }
  135. } else if (User.Fields.FULL_NAME.match(currentFieldName, parser.getDeprecationHandler())) {
  136. if (token == XContentParser.Token.VALUE_STRING) {
  137. fullName(parser.text());
  138. } else if (token != XContentParser.Token.VALUE_NULL) {
  139. throw new ElasticsearchParseException(
  140. "expected field [{}] to be of type string, but found [{}] instead", currentFieldName, token);
  141. }
  142. } else if (User.Fields.EMAIL.match(currentFieldName, parser.getDeprecationHandler())) {
  143. if (token == XContentParser.Token.VALUE_STRING) {
  144. email(parser.text());
  145. } else if (token != XContentParser.Token.VALUE_NULL) {
  146. throw new ElasticsearchParseException(
  147. "expected field [{}] to be of type string, but found [{}] instead", currentFieldName, token);
  148. }
  149. } else if (User.Fields.METADATA.match(currentFieldName, parser.getDeprecationHandler())) {
  150. if (token == XContentParser.Token.START_OBJECT) {
  151. metadata(parser.map());
  152. } else {
  153. throw new ElasticsearchParseException(
  154. "expected field [{}] to be of type object, but found [{}] instead", currentFieldName, token);
  155. }
  156. } else if (User.Fields.ENABLED.match(currentFieldName, parser.getDeprecationHandler())) {
  157. if (token == XContentParser.Token.VALUE_BOOLEAN) {
  158. enabled(parser.booleanValue());
  159. } else {
  160. throw new ElasticsearchParseException(
  161. "expected field [{}] to be of type boolean, but found [{}] instead", currentFieldName, token);
  162. }
  163. } else if (User.Fields.USERNAME.match(currentFieldName, parser.getDeprecationHandler())) {
  164. if (token == Token.VALUE_STRING) {
  165. if (username.equals(parser.text()) == false) {
  166. throw new IllegalArgumentException("[username] in source does not match the username provided [" +
  167. username + "]");
  168. }
  169. } else {
  170. throw new ElasticsearchParseException(
  171. "expected field [{}] to be of type string, but found [{}] instead", currentFieldName, token);
  172. }
  173. } else {
  174. throw new ElasticsearchParseException("failed to parse add user request. unexpected field [{}]", currentFieldName);
  175. }
  176. }
  177. return this;
  178. }
  179. }
  180. private ValidationException validationException(String abc) {
  181. ValidationException validationException = new ValidationException();
  182. validationException.addValidationError(abc);
  183. return validationException;
  184. }
  185. }