Examples of org.pentaho.platform.api.engine.IConnectionUserRoleMapper

• org.pentaho.platform.api.engine.IConnectionUserRoleMapper
  This interface provides for mapping a Platform user to a connection user, or a users' roles to known/valid roles for a connection.

    }
  }

  @Test
  public void testMondrianOneToOneUserRoleListMapper() throws Exception {
    final IConnectionUserRoleMapper mapper = new MondrianOneToOneUserRoleListMapper();
    try {
      String[] roles = SecurityHelper.getInstance().runAsUser( "simplebob", new Callable<String[]>() {
        @Override
        public String[] call() throws Exception {
          return mapper.mapConnectionRoles( PentahoSessionHolder.getSession(), "SteelWheelsRoles" );
        }
      } );

      Assert.assertNotNull( roles );
      Assert.assertEquals( 2, roles.length );

      // We must use a custom role implementation.
      // Register the instance with the mondrian server.
      roleMonikor = getServer().getLockBox().register( this.role );
      roleName.append( roleMonikor.getMoniker() );
    } else {
      final IConnectionUserRoleMapper mapper =
          PentahoSystem.get(
              IConnectionUserRoleMapper.class,
              MDXConnection.MDX_CONNECTION_MAPPER_KEY,
              null ); // Don't use the user session here yet.

      String[] effectiveRoles = new String[0];

      /*
       * If Catalog/Schema are null (this happens with high level metadata requests,
       * like DISCOVER_DATASOURCES) we can't use the role mapper, even if it
       * is present and configured.
       */
      if ( session != null
        && mapper != null ) {
        // Use the role mapper.
        try {
          effectiveRoles =
              mapper
              .mapConnectionRoles(
                  session,
                  catalogName );
          if ( effectiveRoles == null ) {
            effectiveRoles = new String[0];

        // What we do here is to filter the role names with the mapper.
        // First, get a user role mapper, if one is configured.
        final IPentahoSession session =
            PentahoSessionHolder.getSession();

        final IConnectionUserRoleMapper mondrianUserRoleMapper =
            PentahoSystem.get(
                IConnectionUserRoleMapper.class,
                MDXConnection.MDX_CONNECTION_MAPPER_KEY,
                null ); // Don't use the user session here yet.

        String[] effectiveRoles = new String[0];

        /*
         * If Catalog/Schema are null (this happens with high level metadata requests,
         * like DISCOVER_DATASOURCES) we can't use the role mapper, even if it
         * is present and configured.
         */
        if ( mondrianUserRoleMapper != null
            && catalogName != null ) {
          // Use the role mapper.
          try {
            effectiveRoles =
                mondrianUserRoleMapper
                    .mapConnectionRoles(
                        session,
                        catalogName );
            if ( effectiveRoles == null ) {
              effectiveRoles = new String[0];

    if (con == null) {
      throw new IllegalArgumentException("Cannot apply Security to NULL connection object");
    }

    if (PentahoSystem.getObjectFactory().objectDefined(MDXConnection.MDX_CONNECTION_MAPPER_KEY)) {
      IConnectionUserRoleMapper mondrianUserRoleMapper = PentahoSystem.get(IConnectionUserRoleMapper.class, MDXConnection.MDX_CONNECTION_MAPPER_KEY, null);
      if (mondrianUserRoleMapper != null) {
        OlapConnection c = (OlapConnection) con.getConnection();
        String[] validMondrianRolesForUser = mondrianUserRoleMapper.mapConnectionRoles(PentahoSessionHolder.getSession(), c.getCatalog());
        if (setRole(con, validMondrianRolesForUser, datasource)) {
          return con;
        }
      }
    }

    if (con == null) {
      throw new IllegalArgumentException("Cannot apply Security to NULL connection object");
    }

    if (PentahoSystem.getObjectFactory().objectDefined(MDXConnection.MDX_CONNECTION_MAPPER_KEY)) {
      IConnectionUserRoleMapper mondrianUserRoleMapper = PentahoSystem.get(IConnectionUserRoleMapper.class, MDXConnection.MDX_CONNECTION_MAPPER_KEY, null);
      if (mondrianUserRoleMapper != null) {
        OlapConnection c = (OlapConnection) con.getConnection();
        String[] validMondrianRolesForUser = mondrianUserRoleMapper.mapConnectionRoles(PentahoSessionHolder.getSession(), c.getCatalog());
        if (setRole(con, validMondrianRolesForUser, datasource)) {
          return con;
        }
      }
    }

    throws PentahoAccessControlException {
    if ( properties.get( RolapConnectionProperties.Role.name(), null ) == null ) {
      // Only if the action sequence/requester hasn't already injected a role in here do this.

      if ( PentahoSystem.getObjectFactory().objectDefined( MDXConnection.MDX_CONNECTION_MAPPER_KEY ) ) {
        IConnectionUserRoleMapper mondrianUserRoleMapper =
          PentahoSystem.get( IConnectionUserRoleMapper.class, MDXConnection.MDX_CONNECTION_MAPPER_KEY, null );
        if ( mondrianUserRoleMapper != null ) {
          // Do role mapping
          String[] validMondrianRolesForUser =
            mondrianUserRoleMapper.mapConnectionRoles( PentahoSessionHolder.getSession(), properties
              .get( RolapConnectionProperties.Catalog.name() ) );
          if ( ( validMondrianRolesForUser != null ) && ( validMondrianRolesForUser.length > 0 ) ) {
            StringBuffer buff = new StringBuffer();
            String aRole = null;
            for ( int i = 0; i < validMondrianRolesForUser.length; i++ ) {