Added system right for external integration tools; Added external integration authent...
authorEriks Jenkevics <eriks@netxms.org>
Thu, 13 Apr 2017 12:36:54 +0000 (15:36 +0300)
committerEriks Jenkevics <eriks@netxms.org>
Tue, 2 May 2017 14:50:02 +0000 (17:50 +0300)
src/java/client/netxms-client/src/main/java/org/netxms/client/constants/UserAccessRights.java
src/java/netxms-eclipse/UserManager/src/org/netxms/ui/eclipse/usermanager/propertypages/SystemRights.java
src/server/nxapisrv/java/src/main/java/org/netxms/websvc/WebSvcApplication.java
src/server/nxapisrv/java/src/main/java/org/netxms/websvc/WebSvcStatusService.java
src/server/nxapisrv/java/src/main/java/org/netxms/websvc/handlers/AbstractHandler.java
src/server/nxapisrv/java/src/main/java/org/netxms/websvc/handlers/AccessIntegrationTools.java [new file with mode: 0644]
webui/webapp/UserManager/src/org/netxms/ui/eclipse/usermanager/propertypages/SystemRights.java

index d87371d..b640dab 100644 (file)
@@ -49,6 +49,7 @@ public class UserAccessRights
    public static final long SYSTEM_ACCESS_MANAGE_REPOSITORIES     = 0x1000000000L;
    public static final long SYSTEM_ACCESS_VIEW_REPOSITORIES       = 0x2000000000L;
    public static final long SYSTEM_ACCESS_VIEW_ALL_ALARMS         = 0x4000000000L;
+   public static final long SYSTEM_ACCESS_EXTERNAL_INTEGRATION    = 0x8000000000L;
 
        // Object access rights
        public static final int OBJECT_ACCESS_READ          = 0x00000001;
index f86693d..11e124a 100644 (file)
@@ -97,7 +97,8 @@ public class SystemRights extends PropertyPage
       addCheckbox(dialogArea, UserAccessRights.SYSTEM_ACCESS_ALL_SCHEDULED_TASKS, Messages.get().SystemRights_ManageAllScheduledTasks);
       addCheckbox(dialogArea, UserAccessRights.SYSTEM_ACCESS_SCHEDULE_SCRIPT, Messages.get().SystemRights_ScheduleScriptTask);
       addCheckbox(dialogArea, UserAccessRights.SYSTEM_ACCESS_SCHEDULE_FILE_UPLOAD, Messages.get().SystemRights_ScheduleFileUploadTask); 
-      addCheckbox(dialogArea, UserAccessRights.SYSTEM_ACCESS_SCHEDULE_MAINTENANCE, Messages.get().SystemRights_ScheduleObjectMaint); 
+      addCheckbox(dialogArea, UserAccessRights.SYSTEM_ACCESS_SCHEDULE_MAINTENANCE, Messages.get().SystemRights_ScheduleObjectMaint);
+      addCheckbox(dialogArea, UserAccessRights.SYSTEM_ACCESS_EXTERNAL_INTEGRATION, "External tool integration account"); 
                
                return dialogArea;
        }
index 54bd84e..ff1f965 100644 (file)
@@ -20,6 +20,7 @@ package org.netxms.websvc;
 
 import java.util.Arrays;
 import java.util.HashSet;
+import org.netxms.websvc.handlers.AccessIntegrationTools;
 import org.netxms.websvc.handlers.Alarms;
 import org.netxms.websvc.handlers.GrafanaAlarms;
 import org.netxms.websvc.handlers.GrafanaDataCollection;
@@ -70,6 +71,7 @@ public class WebSvcApplication extends Application
       router.attach("/objects/{id}", Objects.class);
       router.attach("/sessions", Sessions.class);
       router.attach("/sessions/{id}", Sessions.class);
+      router.attach("/authenticate", AccessIntegrationTools.class);
       return router;
    }
 }
index 1f84594..1bf4528 100644 (file)
@@ -78,6 +78,8 @@ public class WebSvcStatusService extends StatusService
             return Status.CLIENT_ERROR_METHOD_NOT_ALLOWED;
          case RCC.INTERNAL_ERROR:
             return Status.SERVER_ERROR_INTERNAL;
+         case RCC.SUCCESS:
+            return Status.SUCCESS_OK;
          case RCC.INVALID_ACTION_ID:
          case RCC.INVALID_ALARM_ID:
          case RCC.INVALID_ALARM_NOTE_ID:
index aa97084..edd9936 100644 (file)
@@ -49,6 +49,7 @@ import com.google.gson.JsonObject;
  */
 public abstract class AbstractHandler extends ServerResource
 {
+   public static String serverAddress = "127.0.0.1";
    private Logger log = LoggerFactory.getLogger(AbstractHandler.class);
    private SessionToken sessionToken = null;
    private NXCSession session = null;
@@ -335,7 +336,7 @@ public abstract class AbstractHandler extends ServerResource
     */
    protected SessionToken login(String login, String password) throws Exception
    {
-      session = new NXCSession("127.0.0.1");
+      session = new NXCSession(serverAddress);
       session.connect();
       session.login(login, (password == null) ? "" : password);
       return SessionStore.getInstance(getServletContext()).registerSession(session);
diff --git a/src/server/nxapisrv/java/src/main/java/org/netxms/websvc/handlers/AccessIntegrationTools.java b/src/server/nxapisrv/java/src/main/java/org/netxms/websvc/handlers/AccessIntegrationTools.java
new file mode 100644 (file)
index 0000000..97c7328
--- /dev/null
@@ -0,0 +1,78 @@
+/**
+ * NetXMS - open source network management system
+ * Copyright (C) 2003-2017 Raden Solutions
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ */
+package org.netxms.websvc.handlers;
+
+import org.json.JSONObject;
+import org.netxms.client.NXCSession;
+import org.netxms.client.constants.RCC;
+import org.netxms.client.constants.UserAccessRights;
+import org.restlet.data.MediaType;
+import org.restlet.ext.json.JsonRepresentation;
+import org.restlet.representation.Representation;
+import org.restlet.representation.StringRepresentation;
+import org.restlet.resource.Post;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * External integration tool authentication handler
+ */
+public class AccessIntegrationTools extends AbstractHandler
+{
+   private Logger log = LoggerFactory.getLogger(AccessIntegrationTools.class);
+   
+   /* (non-Javadoc)
+    * @see org.netxms.websvc.handlers.AbstractHandler#onPost(org.restlet.representation.Representation)
+    */
+   @Override
+   @Post
+   public Representation onPost(Representation entity) throws Exception
+   {
+      int rc = RCC.ACCESS_DENIED;
+      if (entity != null)
+      {
+         JSONObject request = new JsonRepresentation(entity).getJsonObject();
+         String login = request.getString("login");
+         String password = request.getString("password");
+         if ((login != null) || (password != null))
+         {
+            NXCSession session = new NXCSession(serverAddress);
+            session.connect();
+            session.login(login, (password == null) ? "" : password);
+            
+            if ((session.getUserSystemRights() & UserAccessRights.SYSTEM_ACCESS_EXTERNAL_INTEGRATION) != 0)
+               rc = RCC.SUCCESS;
+            
+            session.disconnect();
+         }
+         else
+         {
+            log.debug("Login or password not specified in login call");
+            rc = RCC.INVALID_REQUEST;
+         }
+      }
+      else
+      {
+         log.debug("No POST data in login call");
+         rc = RCC.INVALID_REQUEST;
+      }
+
+      return new StringRepresentation(createErrorResponse(rc).toString(), MediaType.APPLICATION_JSON);
+   }
+}
index f86693d..11e124a 100644 (file)
@@ -97,7 +97,8 @@ public class SystemRights extends PropertyPage
       addCheckbox(dialogArea, UserAccessRights.SYSTEM_ACCESS_ALL_SCHEDULED_TASKS, Messages.get().SystemRights_ManageAllScheduledTasks);
       addCheckbox(dialogArea, UserAccessRights.SYSTEM_ACCESS_SCHEDULE_SCRIPT, Messages.get().SystemRights_ScheduleScriptTask);
       addCheckbox(dialogArea, UserAccessRights.SYSTEM_ACCESS_SCHEDULE_FILE_UPLOAD, Messages.get().SystemRights_ScheduleFileUploadTask); 
-      addCheckbox(dialogArea, UserAccessRights.SYSTEM_ACCESS_SCHEDULE_MAINTENANCE, Messages.get().SystemRights_ScheduleObjectMaint); 
+      addCheckbox(dialogArea, UserAccessRights.SYSTEM_ACCESS_SCHEDULE_MAINTENANCE, Messages.get().SystemRights_ScheduleObjectMaint);
+      addCheckbox(dialogArea, UserAccessRights.SYSTEM_ACCESS_EXTERNAL_INTEGRATION, "External tool integration account"); 
                
                return dialogArea;
        }