improve scm-pam-plugin

2026-01-19 14:02:13 +01:00 · 2011-01-01 22:02:37 +01:00
parent 6d1a123eae
commit 2baf53d697
3 changed files with 154 additions and 4 deletions
--- a/plugins/scm-pam-plugin/src/main/java/sonia/scm/pam/PAMAuthenticationHandler.java
+++ b/plugins/scm-pam-plugin/src/main/java/sonia/scm/pam/PAMAuthenticationHandler.java
@@ -131,12 +131,14 @@ public class PAMAuthenticationHandler implements AuthenticationHandler
      {
        try
        {
-          UnixUser user = pam.authenticate(username, password);
+          UnixUser unixUser = pam.authenticate(username, password);

-          if (user != null)
+          if (unixUser != null)
          {
-            result = new AuthenticationResult(new User(username, username,
-                    null));
+            User user = new User(username, username, null);
+
+            user.setAdmin(isAdmin(unixUser));
+            result = new AuthenticationResult(user);
          }
        }
        catch (PAMException ex)
@@ -227,6 +229,40 @@ public class PAMAuthenticationHandler implements AuthenticationHandler
    this.config = config;
  }

+  //~--- get methods ----------------------------------------------------------
+
+  /**
+   * Method description
+   *
+   *
+   * @param unixUser
+   *
+   * @return
+   */
+  private boolean isAdmin(UnixUser unixUser)
+  {
+    boolean admin = false;
+
+    if (config.getAdminUserSet().contains(unixUser.getUserName()))
+    {
+      admin = true;
+    }
+    else
+    {
+      for (String group : unixUser.getGroups())
+      {
+        if (config.getAdminGroupSet().contains(group))
+        {
+          admin = true;
+
+          break;
+        }
+      }
+    }
+
+    return admin;
+  }
+
  //~--- fields ---------------------------------------------------------------

  /** Field description */
--- a/plugins/scm-pam-plugin/src/main/java/sonia/scm/pam/PAMConfig.java
+++ b/plugins/scm-pam-plugin/src/main/java/sonia/scm/pam/PAMConfig.java
@@ -35,6 +35,9 @@ package sonia.scm.pam;

 //~--- JDK imports ------------------------------------------------------------

+import java.util.HashSet;
+import java.util.Set;
+
 import javax.xml.bind.annotation.XmlAccessType;
 import javax.xml.bind.annotation.XmlAccessorType;
 import javax.xml.bind.annotation.XmlElement;
@@ -49,6 +52,28 @@ import javax.xml.bind.annotation.XmlRootElement;
 public class PAMConfig
 {

+  /**
+   * Method description
+   *
+   *
+   * @return
+   */
+  public String getAdminGroups()
+  {
+    return adminGroups;
+  }
+
+  /**
+   * Method description
+   *
+   *
+   * @return
+   */
+  public String getAdminUsers()
+  {
+    return adminUsers;
+  }
+
  /**
   * Method description
   *
@@ -62,6 +87,28 @@ public class PAMConfig

  //~--- set methods ----------------------------------------------------------

+  /**
+   * Method description
+   *
+   *
+   * @param adminGroups
+   */
+  public void setAdminGroups(String adminGroups)
+  {
+    this.adminGroups = adminGroups;
+  }
+
+  /**
+   * Method description
+   *
+   *
+   * @param adminUsers
+   */
+  public void setAdminUsers(String adminUsers)
+  {
+    this.adminUsers = adminUsers;
+  }
+
  /**
   * Method description
   *
@@ -73,8 +120,65 @@ public class PAMConfig
    this.serviceName = serviceName;
  }

+  //~--- get methods ----------------------------------------------------------
+
+  /**
+   * Method description
+   *
+   *
+   * @return
+   */
+  Set<String> getAdminGroupSet()
+  {
+    return split(adminGroups);
+  }
+
+  /**
+   * Method description
+   *
+   *
+   * @return
+   */
+  Set<String> getAdminUserSet()
+  {
+    return split(adminUsers);
+  }
+
+  //~--- methods --------------------------------------------------------------
+
+  /**
+   * Method description
+   *
+   *
+   * @param rawString
+   *
+   * @return
+   */
+  private Set<String> split(String rawString)
+  {
+    Set<String> tokens = new HashSet<String>();
+
+    for (String token : rawString.split(","))
+    {
+      if (token.trim().length() > 0)
+      {
+        tokens.add(token);
+      }
+    }
+
+    return tokens;
+  }
+
  //~--- fields ---------------------------------------------------------------

+  /** Field description */
+  @XmlElement(name = "admin-groups")
+  private String adminGroups = "";
+
+  /** Field description */
+  @XmlElement(name = "admin-users")
+  private String adminUsers = "";
+
  /** Field description */
  @XmlElement(name = "service-name")
  private String serviceName = "sshd";
--- a/plugins/scm-pam-plugin/src/main/resources/sonia/scm/pam/sonia.pam.js
+++ b/plugins/scm-pam-plugin/src/main/resources/sonia/scm/pam/sonia.pam.js
@@ -38,6 +38,16 @@ registerGeneralConfigPanel({
    fieldLabel : 'Service name',
    name : 'service-name',
    allowBlank : false
+  },{
+    xtype : 'textfield',
+    fieldLabel : 'Admin Groups',
+    name : 'admin-groups',
+    allowBlank : true
+  },{
+    xtype : 'textfield',
+    fieldLabel : 'Admin Users',
+    name : 'admin-users',
+    allowBlank : true
  }],

  onSubmit: function(values){