From 19975f3f4bb74e08164ef14fcfe3e32b0b1f5469 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20Pfeuffer?= Date: Fri, 18 Jan 2019 11:25:24 +0100 Subject: [PATCH] Remove POC status --- .../GlobalPermissionPocResource.java | 103 ------------------ .../resources/GlobalPermissionResource.java | 37 +++++++ .../scm/api/v2/resources/ResourceLinks.java | 2 +- 3 files changed, 38 insertions(+), 104 deletions(-) delete mode 100644 scm-webapp/src/main/java/sonia/scm/api/v2/resources/GlobalPermissionPocResource.java create mode 100644 scm-webapp/src/main/java/sonia/scm/api/v2/resources/GlobalPermissionResource.java diff --git a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/GlobalPermissionPocResource.java b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/GlobalPermissionPocResource.java deleted file mode 100644 index 845aaddd07..0000000000 --- a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/GlobalPermissionPocResource.java +++ /dev/null @@ -1,103 +0,0 @@ -package sonia.scm.api.v2.resources; - -import lombok.extern.slf4j.Slf4j; -import sonia.scm.security.AssignedPermission; -import sonia.scm.security.PermissionDescriptor; -import sonia.scm.security.SecuritySystem; - -import javax.inject.Inject; -import javax.ws.rs.Consumes; -import javax.ws.rs.GET; -import javax.ws.rs.POST; -import javax.ws.rs.Path; -import javax.ws.rs.Produces; -import javax.ws.rs.core.MediaType; -import javax.ws.rs.core.Response; - -/** - * Global Permission Proof of Concept (POC). - * TODO Extend or delete this during implementation! - */ -@Path("v2/permissions") -@Slf4j -public class GlobalPermissionPocResource { - - private SecuritySystem securitySystem; - - @Inject - public GlobalPermissionPocResource(SecuritySystem securitySystem) { - this.securitySystem = securitySystem; - } - - - /** - - How to use this proof of concept? - - curl -vu scmadmin:scmadmin --data '{ - "active": true, - "admin": false, - "displayName": "arthur", - "mail": "x@abcde.cd", - "name": "arthur", - "password": "scmadmin", - "type": "xml" - }' \ - --header "Content-Type: application/vnd.scmm-user+json;v=2" http://localhost:8081/scm/api/v2/users/ - - curl -vu scmadmin:scmadmin --data '{ - "description": "descr", - "name": "configurers", - "members": [ "arthur" ] - }' \ - --header "Content-Type: application/vnd.scmm-group+json" http://localhost:8081/scm/api/v2/groups/ - - # not allowed - curl -vu arthur:scmadmin http://localhost:8081/scm/api/v2/config - # not allowed (empty) - curl -vu arthur:scmadmin "http://localhost:8081/scm/api/v2/groups/?sortBy=name&desc=true" | jq - - # Assign permissions (call this resource) - curl -X POST -vu scmadmin:scmadmin http://localhost:8081/scm/api/v2/permissions - - # Now allowed via individual permission - curl -vu arthur:scmadmin "http://localhost:8081/scm/api/v2/groups/?sortBy=name&desc=true" | jq - # allowed via group permission - curl -vu arthur:scmadmin http://localhost:8081/scm/api/v2/config | jq - */ - @POST - @Consumes(MediaType.APPLICATION_JSON) - @Path("") - public Response create() { - - // Should contain all permissions defined in permissions.xmls on the classpath. - // Core: scm-webapp/src/main/resources/META-INF/scm/permissions.xml - // Plugins, e.g. scm-plugins/scm-git-plugin/src/main/resources/META-INF/scm/permissions.xml - log.info("{} Available permissions: {}", securitySystem.getAvailablePermissions().size(), securitySystem.getAvailablePermissions()); - - assignExemplaryPermissions(); - - // TODO use created() - return Response.noContent().build(); - } - - @GET - @Produces(MediaType.APPLICATION_JSON) - @Path("") - public Response getAll() { - String[] permissions = securitySystem.getAvailablePermissions().stream().map(PermissionDescriptor::getValue).toArray(String[]::new); - return Response.ok(new PermissionListDto(permissions)).build(); - } - - protected void assignExemplaryPermissions() { - AssignedPermission groupPermission = new AssignedPermission("configurers", true, new PermissionDescriptor("configuration:*")); - log.info("try to add new permission: {}", groupPermission); - securitySystem.addPermission(groupPermission); - - AssignedPermission userPermission = new AssignedPermission("rene", new PermissionDescriptor("group:*")); - log.info("try to add new permission: {}", userPermission); - securitySystem.addPermission(userPermission); - } -} - - diff --git a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/GlobalPermissionResource.java b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/GlobalPermissionResource.java new file mode 100644 index 0000000000..6ef0015e8f --- /dev/null +++ b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/GlobalPermissionResource.java @@ -0,0 +1,37 @@ +package sonia.scm.api.v2.resources; + +import lombok.extern.slf4j.Slf4j; +import sonia.scm.security.AssignedPermission; +import sonia.scm.security.PermissionDescriptor; +import sonia.scm.security.SecuritySystem; +import sonia.scm.web.VndMediaType; + +import javax.inject.Inject; +import javax.ws.rs.Consumes; +import javax.ws.rs.GET; +import javax.ws.rs.POST; +import javax.ws.rs.Path; +import javax.ws.rs.Produces; +import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.Response; + +@Path("v2/permissions") +public class GlobalPermissionResource { + + private SecuritySystem securitySystem; + + @Inject + public GlobalPermissionResource(SecuritySystem securitySystem) { + this.securitySystem = securitySystem; + } + + @GET + @Produces(VndMediaType.PERMISSION_COLLECTION) + @Path("") + public Response getAll() { + String[] permissions = securitySystem.getAvailablePermissions().stream().map(PermissionDescriptor::getValue).toArray(String[]::new); + return Response.ok(new PermissionListDto(permissions)).build(); + } +} + + diff --git a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/ResourceLinks.java b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/ResourceLinks.java index 7126ff5b94..1bc5f584a9 100644 --- a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/ResourceLinks.java +++ b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/ResourceLinks.java @@ -616,7 +616,7 @@ class ResourceLinks { private final LinkBuilder permissionsLlinkBuilder; PermissionsLinks(ScmPathInfo scmPathInfo) { - this.permissionsLlinkBuilder = new LinkBuilder(scmPathInfo, GlobalPermissionPocResource.class); + this.permissionsLlinkBuilder = new LinkBuilder(scmPathInfo, GlobalPermissionResource.class); } String self() {