Nemcio/GitBucket
1
0
Fork 0
mirror of https://github.com/gitbucket/gitbucket.git synced 2025-11-09 06:55:54 +01:00
Code Issues Packages Projects Releases Wiki Activity

(refs #464)Add Security sealed trait which is used by plugin

Browse Source
This commit is contained in:
Naoki Takezoe
2014-08-12 00:02:48 +09:00
parent 4e652b5ccd
commit ea5d898b27
3 changed files with 27 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/main/scala/plugin/PluginSystem.scala
View File

@@ -7,11 +7,8 @@ import java.util.concurrent.atomic.AtomicBoolean
import util.Directory._ import util.Directory._
import util.ControlUtil._ import util.ControlUtil._
import org.apache.commons.io.FileUtils import org.apache.commons.io.FileUtils
import util.JGitUtil
import org.eclipse.jgit.api.Git
import service.RepositoryService.RepositoryInfo import service.RepositoryService.RepositoryInfo
import scala.reflect.runtime.currentMirror import Security._
import scala.tools.reflect.ToolBox
/** /**
@@ -91,8 +88,8 @@ object PluginSystem {
case class PluginRepository(id: String, url: String) case class PluginRepository(id: String, url: String)
case class GlobalMenu(label: String, url: String, icon: String, condition: Context => Boolean) case class GlobalMenu(label: String, url: String, icon: String, condition: Context => Boolean)
case class RepositoryMenu(label: String, name: String, url: String, icon: String, condition: Context => Boolean) case class RepositoryMenu(label: String, name: String, url: String, icon: String, condition: Context => Boolean)
case class Action(path: String, security: String, function: (HttpServletRequest, HttpServletResponse) => Any) case class Action(path: String, security: Security, function: (HttpServletRequest, HttpServletResponse) => Any)
case class RepositoryAction(path: String, security: String, function: (HttpServletRequest, HttpServletResponse, RepositoryInfo) => Any) case class RepositoryAction(path: String, security: Security, function: (HttpServletRequest, HttpServletResponse, RepositoryInfo) => Any)
case class Button(label: String, href: String) case class Button(label: String, href: String)
case class JavaScript(filter: String => Boolean, script: String) case class JavaScript(filter: String => Boolean, script: String)
@@ -118,4 +115,3 @@ object PluginSystem {
} }

11
src/main/scala/plugin/Security.scala Normal file
View File

@@ -0,0 +1,11 @@
package plugin
object Security {
sealed trait Security
case class All() extends Security
case class Login() extends Security
case class Member() extends Security
case class Owner() extends Security
case class Admin() extends Security
}

25
src/main/scala/servlet/PluginActionInvokeFilter.scala
View File

@@ -11,6 +11,7 @@ import plugin.PluginConnectionHolder
import service.RepositoryService.RepositoryInfo import service.RepositoryService.RepositoryInfo
import service.SystemSettingsService.SystemSettings import service.SystemSettingsService.SystemSettings
import org.json4s.jackson.Json import org.json4s.jackson.Json
import plugin.Security._
class PluginActionInvokeFilter extends Filter with SystemSettingsService with RepositoryService with AccountService { class PluginActionInvokeFilter extends Filter with SystemSettingsService with RepositoryService with AccountService {
@@ -84,28 +85,28 @@ class PluginActionInvokeFilter extends Filter with SystemSettingsService with Re
} else false } else false
} }
private def filterAction(security: String, context: app.Context, repository: Option[RepositoryInfo] = None): Boolean = { private def filterAction(security: Security, context: app.Context, repository: Option[RepositoryInfo] = None): Boolean = {
if(repository.isDefined){ if(repository.isDefined){
if(repository.get.repository.isPrivate){ if(repository.get.repository.isPrivate){
security match { security match {
case "owner" => context.loginAccount.isDefined && context.loginAccount.get.userName == repository.get.owner // TODO for group repository case Owner() => context.loginAccount.isDefined && context.loginAccount.get.userName == repository.get.owner // TODO for group repository
case "member" => false // TODO owner or collaborator case Member() => false // TODO owner or collaborator
case "admin" => context.loginAccount.isDefined && context.loginAccount.get.isAdmin case Admin() => context.loginAccount.isDefined && context.loginAccount.get.isAdmin
} }
} else { } else {
security match { security match {
case "all" => true case All() => true
case "login" => context.loginAccount.isDefined case Login() => context.loginAccount.isDefined
case "owner" => context.loginAccount.isDefined && context.loginAccount.get.userName == repository.get.owner // TODO for group repository case Owner() => context.loginAccount.isDefined && context.loginAccount.get.userName == repository.get.owner // TODO for group repository
case "member" => false // TODO owner or collaborator case Member() => false // TODO owner or collaborator
case "admin" => context.loginAccount.isDefined && context.loginAccount.get.isAdmin case Admin() => context.loginAccount.isDefined && context.loginAccount.get.isAdmin
} }
} }
} else { } else {
security match { security match {
case "all" => true case All() => true
case "login" => context.loginAccount.isDefined case Login() => context.loginAccount.isDefined
case "admin" => context.loginAccount.isDefined && context.loginAccount.get.isAdmin case Admin() => context.loginAccount.isDefined && context.loginAccount.get.isAdmin
} }
} }
} }