From 18ee133859e057349785cdb58f7e75469696aa46 Mon Sep 17 00:00:00 2001 From: Sebastian Sdorra Date: Tue, 12 Jun 2012 14:55:12 +0200 Subject: [PATCH] check read permissions in the repository service factory --- .../api/RepositoryServiceFactory.java | 27 ++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-) diff --git a/scm-core/src/main/java/sonia/scm/repository/api/RepositoryServiceFactory.java b/scm-core/src/main/java/sonia/scm/repository/api/RepositoryServiceFactory.java index 55097b5433..e55bcfce8c 100644 --- a/scm-core/src/main/java/sonia/scm/repository/api/RepositoryServiceFactory.java +++ b/scm-core/src/main/java/sonia/scm/repository/api/RepositoryServiceFactory.java @@ -38,14 +38,19 @@ package sonia.scm.repository.api; import com.google.common.base.Preconditions; import com.google.common.base.Strings; import com.google.inject.Inject; +import com.google.inject.Provider; import com.google.inject.Singleton; import sonia.scm.cache.CacheManager; +import sonia.scm.repository.PermissionType; +import sonia.scm.repository.PermissionUtil; import sonia.scm.repository.Repository; import sonia.scm.repository.RepositoryManager; import sonia.scm.repository.RepositoryNotFoundException; import sonia.scm.repository.spi.RepositoryServiceProvider; import sonia.scm.repository.spi.RepositoryServiceResolver; +import sonia.scm.security.ScmSecurityException; +import sonia.scm.web.security.WebSecurityContext; //~--- JDK imports ------------------------------------------------------------ @@ -91,15 +96,18 @@ public final class RepositoryServiceFactory * * @param cacheManager cache manager * @param repositoryManager manager for repositories + * @param securityContextProvider provider for the current security context * @param resolvers a set of {@link RepositoryServiceResolver} */ @Inject - public RepositoryServiceFactory(CacheManager cacheManager, - RepositoryManager repositoryManager, - Set resolvers) + public RepositoryServiceFactory( + CacheManager cacheManager, RepositoryManager repositoryManager, + Provider securityContextProvider, + Set resolvers) { this.cacheManager = cacheManager; this.repositoryManager = repositoryManager; + this.securityContextProvider = securityContextProvider; this.resolvers = resolvers; } @@ -119,6 +127,8 @@ public final class RepositoryServiceFactory * @throws RepositoryServiceNotFoundException if no repository service * implementation for this kind of repository is available * @throws IllegalArgumentException if the repository id is null or empty + * @throws ScmSecurityException if current user has not read permissions + * for that repository */ public RepositoryService create(String repositoryId) throws RepositoryNotFoundException @@ -152,6 +162,8 @@ public final class RepositoryServiceFactory * @throws RepositoryServiceNotFoundException if no repository service * implementation for this kind of repository is available * @throws IllegalArgumentException if one of the parameters is null or empty + * @throws ScmSecurityException if current user has not read permissions + * for that repository */ public RepositoryService create(String type, String name) throws RepositoryNotFoundException @@ -188,11 +200,17 @@ public final class RepositoryServiceFactory * @throws RepositoryServiceNotFoundException if no repository service * implementation for this kind of repository is available * @throws NullPointerException if the repository is null + * @throws ScmSecurityException if current user has not read permissions + * for that repository */ public RepositoryService create(Repository repository) { Preconditions.checkNotNull(repository, "repository is required"); + // check for read permissions of current user + PermissionUtil.assertPermission(repository, securityContextProvider, + PermissionType.READ); + RepositoryService service = null; for (RepositoryServiceResolver resolver : resolvers) @@ -225,4 +243,7 @@ public final class RepositoryServiceFactory /** Field description */ private Set resolvers; + + /** Field description */ + private Provider securityContextProvider; }