Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2026-05-07 01:46:56 +02:00
Code Issues Packages Projects Releases Activity

added restful endpoint for jwt authentication

Browse Source
This commit is contained in:
Sebastian Sdorra
2015-03-15 11:40:29 +01:00
parent be385e4f2e
commit 325ca0c795
10 changed files with 352 additions and 347 deletions
Download Patch File Download Diff File Expand all files Collapse all files

172
scm-core/src/main/java/sonia/scm/ScmState.java
View File

@@ -55,7 +55,7 @@ import javax.xml.bind.annotation.XmlRootElement;
*/
@XmlRootElement(name = "state")
@XmlAccessorType(XmlAccessType.FIELD)
public class ScmState
public final class ScmState
{
/**
@@ -63,53 +63,33 @@ public class ScmState
* This constructor is required by JAXB.
*
*/
public ScmState() {}
ScmState() {}
/**
* Constructs {@link ScmState} object.
*
*
* @param provider context provider
* @param version scm-manager version
* @param user current user
* @param groups groups of the current user
* @param token authentication token
* @param repositoryTypes available repository types
* @param defaultUserType default user type
* @param clientConfig client configuration
*
* @since 1.21
*/
public ScmState(SCMContextProvider provider, User user,
Collection<String> groups, Collection<Type> repositoryTypes,
String defaultUserType, ScmClientConfig clientConfig)
{
this(provider, user, groups, repositoryTypes, defaultUserType,
clientConfig, null, null);
}
/**
* Constructs {@link ScmState} object.
*
*
* @param provider context provider
* @param user current user
* @param groups groups of the current user
* @param repositoryTypes available repository types
* @param defaultUserType default user type
* @param clientConfig client configuration
* @param assignedPermission
* @param assignedPermission assigned permissions
* @param availablePermissions list of available permissions
*
* @since 1.31
* @since 2.0.0
*/
public ScmState(SCMContextProvider provider, User user,
Collection<String> groups, Collection<Type> repositoryTypes,
String defaultUserType, ScmClientConfig clientConfig,
List<String> assignedPermission,
public ScmState(String version, User user, Collection<String> groups,
String token, Collection<Type> repositoryTypes, String defaultUserType,
ScmClientConfig clientConfig, List<String> assignedPermission,
List<PermissionDescriptor> availablePermissions)
{
this.version = provider.getVersion();
this.version = version;
this.user = user;
this.groups = groups;
this.token = token;
this.repositoryTypes = repositoryTypes;
this.clientConfig = clientConfig;
this.defaultUserType = defaultUserType;
@@ -190,6 +170,19 @@ public class ScmState
return repositoryTypes;
}
/**
* Returns authentication token or {@code null}.
*
*
* @return authentication token or {@code null}
*
* @since 2.0.0
*/
public String getToken()
{
return token;
}
/**
* Returns the current logged in user.
*
@@ -223,116 +216,14 @@ public class ScmState
return success;
}
//~--- set methods ----------------------------------------------------------
/**
* Sets a list of assigned permissions.
*
*
* @param assignedPermissions list of assigned permissions
* @since 1.31
*/
public void setAssignedPermissions(List<String> assignedPermissions)
{
this.assignedPermissions = assignedPermissions;
}
/**
* Sets a list of available global permissions.
*
*
* @param permissions list of available global permisisons
* @since 1.31
*/
public void setAvailablePermissions(List<PermissionDescriptor> permissions)
{
this.availablePermissions = permissions;
}
/**
* Setter for the client configuration
*
*
*
* @param clientConfig - client configuration
*/
public void setClientConfig(ScmClientConfig clientConfig)
{
this.clientConfig = clientConfig;
}
/**
* Sets the default user type
*
*
* @param defaultUserType default user type
* @since 1.14
*/
public void setDefaultUserType(String defaultUserType)
{
this.defaultUserType = defaultUserType;
}
/**
* Setter for the groups.
*
*
*
* @param groups - collection of group names
*/
public void setGroups(Collection<String> groups)
{
this.groups = groups;
}
/**
* Setter for the available repository types.
*
*
*
* @param repositoryTypes - collection of available repository types
*/
public void setRepositoryTypes(Collection<Type> repositoryTypes)
{
this.repositoryTypes = repositoryTypes;
}
/**
* Setter for the success switch.
*
*
* @param success switch
*/
public void setSuccess(boolean success)
{
this.success = success;
}
/**
* Setter for the User
*
*
*
* @param user - the current user
*/
public void setUser(User user)
{
this.user = user;
}
/**
* Setter for the SCM-Manager version.
*
*
* @param version - SCM-Manager version
*/
public void setVersion(String version)
{
this.version = version;
}
//~--- fields ---------------------------------------------------------------
/** marker for extjs */
private final boolean success = true;
/** authentication token */
private String token;
/** Field description */
private List<String> assignedPermissions;
@@ -355,9 +246,6 @@ public class ScmState
@XmlElement(name = "repositoryTypes")
private Collection<Type> repositoryTypes;
/** Field description */
private boolean success = true;
/** Field description */
private User user;

194
scm-core/src/main/java/sonia/scm/ScmStateFactory.java Normal file
View File

@@ -0,0 +1,194 @@
/**
* Copyright (c) 2014, Sebastian Sdorra All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer. 2. Redistributions in
* binary form must reproduce the above copyright notice, this list of
* conditions and the following disclaimer in the documentation and/or other
* materials provided with the distribution. 3. Neither the name of SCM-Manager;
* nor the names of its contributors may be used to endorse or promote products
* derived from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR
* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
* CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* http://bitbucket.org/sdorra/scm-manager
*
*/
package sonia.scm;
//~--- non-JDK imports --------------------------------------------------------
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableList.Builder;
import org.apache.shiro.authz.Permission;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import sonia.scm.config.ScmConfiguration;
import sonia.scm.group.GroupNames;
import sonia.scm.repository.RepositoryManager;
import sonia.scm.security.AuthorizationCollector;
import sonia.scm.security.PermissionDescriptor;
import sonia.scm.security.Role;
import sonia.scm.security.SecuritySystem;
import sonia.scm.security.StringablePermission;
import sonia.scm.user.User;
import sonia.scm.user.UserManager;
//~--- JDK imports ------------------------------------------------------------
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import javax.inject.Inject;
/**
* Factory to create {@link ScmState}.
*
* @author Sebastian Sdorra
* @since 2.0.0
*/
public final class ScmStateFactory
{
/**
* Constructs a new {@link ScmStateFactory}.
*
*
* @param contextProvider context provider
* @param configuration configuration
* @param repositoryManger repository manager
* @param userManager user manager
* @param securitySystem security system
* @param authorizationCollector authorization collector
*/
@Inject
public ScmStateFactory(SCMContextProvider contextProvider,
ScmConfiguration configuration, RepositoryManager repositoryManger,
UserManager userManager, SecuritySystem securitySystem,
AuthorizationCollector authorizationCollector)
{
this.contextProvider = contextProvider;
this.configuration = configuration;
this.repositoryManger = repositoryManger;
this.userManager = userManager;
this.securitySystem = securitySystem;
this.authorizationCollector = authorizationCollector;
}
//~--- methods --------------------------------------------------------------
/**
* Returns anonymous state.
*
*
* @return anonymous state
*/
@SuppressWarnings("unchecked")
public ScmState createAnonymousState()
{
return createState(SCMContext.ANONYMOUS, Collections.EMPTY_LIST, null,
Collections.EMPTY_LIST, Collections.EMPTY_LIST);
}
/**
* Creates an state from the given subject.
*
*
* @param subject subject
*
* @return state from subject
*/
public ScmState createState(Subject subject)
{
return createState(subject, null);
}
/**
* Creates an state from the given subject and authentication token.
*
*
* @param subject subject
* @param token authentication token
*
* @return state from subject and authentication token
*/
@SuppressWarnings("unchecked")
public ScmState createState(Subject subject, String token)
{
PrincipalCollection collection = subject.getPrincipals();
User user = collection.oneByType(User.class);
GroupNames groups = collection.oneByType(GroupNames.class);
List<PermissionDescriptor> ap = Collections.EMPTY_LIST;
if (subject.hasRole(Role.ADMIN))
{
ap = securitySystem.getAvailablePermissions();
}
Builder<String> builder = ImmutableList.builder();
for (Permission p : authorizationCollector.collect().getObjectPermissions())
{
if (p instanceof StringablePermission)
{
builder.add(((StringablePermission) p).getAsString());
}
}
return createState(user, groups.getCollection(), token, builder.build(),
ap);
}
private ScmState createState(User user, Collection<String> groups,
String token, List<String> assignedPermissions,
List<PermissionDescriptor> availablePermissions)
{
User u = user.clone();
// do not return password on authentication
u.setPassword(null);
return new ScmState(contextProvider.getVersion(), u, groups, token,
repositoryManger.getConfiguredTypes(), userManager.getDefaultType(),
new ScmClientConfig(configuration), assignedPermissions,
availablePermissions);
}
//~--- fields ---------------------------------------------------------------
/** authorization collector */
private final AuthorizationCollector authorizationCollector;
/** configuration */
private final ScmConfiguration configuration;
/** context provider */
private final SCMContextProvider contextProvider;
/** repository manager */
private final RepositoryManager repositoryManger;
/** security system */
private final SecuritySystem securitySystem;
/** user manager */
private final UserManager userManager;
}

56
scm-core/src/main/java/sonia/scm/security/AuthorizationCollector.java Normal file
View File

@@ -0,0 +1,56 @@
/**
* Copyright (c) 2014, Sebastian Sdorra All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer. 2. Redistributions in
* binary form must reproduce the above copyright notice, this list of
* conditions and the following disclaimer in the documentation and/or other
* materials provided with the distribution. 3. Neither the name of SCM-Manager;
* nor the names of its contributors may be used to endorse or promote products
* derived from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR
* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
* CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* http://bitbucket.org/sdorra/scm-manager
*
*/
package sonia.scm.security;
//~--- non-JDK imports --------------------------------------------------------
import org.apache.shiro.authz.AuthorizationInfo;
import sonia.scm.plugin.ExtensionPoint;
/**
* Collect {@link AuthorizationInfo} for the authenticated user.
*
* @author Sebastian Sdorra
* @since 2.0.0
*/
@ExtensionPoint(multi = false)
public interface AuthorizationCollector
{
/**
* Returns {@link AuthorizationInfo} for the authenticated user.
*
*
* @return {@link AuthorizationInfo} for authenticated user
*/
public AuthorizationInfo collect();
}

3
scm-webapp/src/main/java/sonia/scm/ScmSecurityModule.java
View File

@@ -114,6 +114,9 @@ public class ScmSecurityModule extends ShiroWebModule
// disable access to mustache resources
addFilterChain("/**.mustache", config(ROLES, "nobody"));
// disable session
// addFilterChain("/**", NO_SESSION_CREATION);
}
/**

179
scm-webapp/src/main/java/sonia/scm/api/rest/resources/AuthenticationResource.java
View File

@@ -37,8 +37,6 @@ package sonia.scm.api.rest.resources;
import com.google.common.base.Preconditions;
import com.google.common.base.Strings;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableList.Builder;
import com.google.inject.Inject;
import com.google.inject.Singleton;
@@ -46,8 +44,6 @@ import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.DisabledAccountException;
import org.apache.shiro.authc.ExcessiveAttemptsException;
import org.apache.shiro.authz.Permission;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.codehaus.enunciate.jaxrs.TypeHint;
@@ -56,30 +52,18 @@ import org.codehaus.enunciate.modules.jersey.ExternallyManagedLifecycle;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import sonia.scm.SCMContext;
import sonia.scm.SCMContextProvider;
import sonia.scm.ScmClientConfig;
import sonia.scm.ScmState;
import sonia.scm.ScmStateFactory;
import sonia.scm.api.rest.RestActionResult;
import sonia.scm.config.ScmConfiguration;
import sonia.scm.group.GroupNames;
import sonia.scm.repository.RepositoryManager;
import sonia.scm.security.AuthorizationCollector;
import sonia.scm.security.PermissionDescriptor;
import sonia.scm.security.Role;
import sonia.scm.security.SecuritySystem;
import sonia.scm.security.StringablePermission;
import sonia.scm.security.BearerTokenGenerator;
import sonia.scm.security.Tokens;
import sonia.scm.user.User;
import sonia.scm.user.UserManager;
import sonia.scm.util.HttpUtil;
//~--- JDK imports ------------------------------------------------------------
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@@ -89,6 +73,7 @@ import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
@@ -127,25 +112,17 @@ public class AuthenticationResource
* Constructs ...
*
*
* @param contextProvider
* @param configuration
* @param repositoryManger
* @param userManager
* @param securitySystem
* @param collector
* @param stateFactory
* @param tokenGenerator
*/
@Inject
public AuthenticationResource(SCMContextProvider contextProvider,
ScmConfiguration configuration, RepositoryManager repositoryManger,
UserManager userManager, SecuritySystem securitySystem,
AuthorizationCollector collector)
public AuthenticationResource(ScmConfiguration configuration,
ScmStateFactory stateFactory, BearerTokenGenerator tokenGenerator)
{
this.contextProvider = contextProvider;
this.configuration = configuration;
this.repositoryManger = repositoryManger;
this.userManager = userManager;
this.securitySystem = securitySystem;
this.permissionCollector = collector;
this.stateFactory = stateFactory;
this.tokenGenerator = tokenGenerator;
}
//~--- methods --------------------------------------------------------------
@@ -160,10 +137,12 @@ public class AuthenticationResource
* <li>500 internal server error</li>
* </ul>
*
* @param request the current http request
* @param request current http request
* @param response current http response
* @param username the username for the authentication
* @param password the password for the authentication
* @param rememberMe true to remember the user across sessions
* @param cookie create authentication token
*
* @return
*/
@@ -171,23 +150,46 @@ public class AuthenticationResource
@Path("login")
@TypeHint(ScmState.class)
public Response authenticate(@Context HttpServletRequest request,
@Context HttpServletResponse response,
@FormParam("username") String username,
@FormParam("password") String password, @FormParam("rememberMe")
@DefaultValue("false") boolean rememberMe)
@DefaultValue("false") boolean rememberMe, @QueryParam(
"cookie") boolean cookie)
{
Preconditions.checkArgument(!Strings.isNullOrEmpty(username),
"username parameter is required");
Preconditions.checkArgument(!Strings.isNullOrEmpty(password),
"password parameter is required");
Response response;
Response res;
Subject subject = SecurityUtils.getSubject();
try
{
subject.login(Tokens.createAuthenticationToken(request, username,
password, rememberMe));
response = Response.ok(createState(subject)).build();
User user = subject.getPrincipals().oneByType(User.class);
String token = tokenGenerator.createBearerToken(user);
ScmState state;
if (cookie)
{
Cookie c = new Cookie("X-Bearer-Token", token);
c.setPath(request.getContextPath());
c.setHttpOnly(true);
response.addCookie(c);
state = stateFactory.createState(subject);
}
else
{
state = stateFactory.createState(subject, token);
}
res = Response.ok(state).build();
}
catch (DisabledAccountException ex)
{
@@ -202,8 +204,8 @@ public class AuthenticationResource
logger.warn("authentication failed, account {} is locked", username);
}
response = handleFailedAuthentication(request, ex,
Response.Status.FORBIDDEN, WUIAuthenticationFailure.LOCKED);
res = handleFailedAuthentication(request, ex, Response.Status.FORBIDDEN,
WUIAuthenticationFailure.LOCKED);
}
catch (ExcessiveAttemptsException ex)
{
@@ -219,8 +221,8 @@ public class AuthenticationResource
username);
}
response = handleFailedAuthentication(request, ex,
Response.Status.FORBIDDEN, WUIAuthenticationFailure.TEMPORARY_LOCKED);
res = handleFailedAuthentication(request, ex, Response.Status.FORBIDDEN,
WUIAuthenticationFailure.TEMPORARY_LOCKED);
}
catch (AuthenticationException ex)
{
@@ -233,12 +235,12 @@ public class AuthenticationResource
logger.warn("authentication failed for user {}", username);
}
response = handleFailedAuthentication(request, ex,
res = handleFailedAuthentication(request, ex,
Response.Status.UNAUTHORIZED,
WUIAuthenticationFailure.WRONG_CREDENTIALS);
}
return response;
return res;
}
/**
@@ -270,7 +272,7 @@ public class AuthenticationResource
if (configuration.isAnonymousAccessEnabled())
{
resp = Response.ok(createAnonymousState()).build();
resp = Response.ok(stateFactory.createAnonymousState()).build();
}
else
{
@@ -338,14 +340,14 @@ public class AuthenticationResource
subject.getPrincipal());
}
ScmState state = createState(subject);
ScmState state = stateFactory.createState(subject);
response = Response.ok(state).build();
}
else if (configuration.isAnonymousAccessEnabled())
{
response = Response.ok(createAnonymousState()).build();
response = Response.ok(stateFactory.createAnonymousState()).build();
}
else
{
@@ -357,78 +359,6 @@ public class AuthenticationResource
//~--- methods --------------------------------------------------------------
/**
* Method description
*
*
* @return
*/
@SuppressWarnings("unchecked")
private ScmState createAnonymousState()
{
return createState(SCMContext.ANONYMOUS, Collections.EMPTY_LIST,
Collections.EMPTY_LIST, Collections.EMPTY_LIST);
}
/**
* Method description
*
*
* @param securityContext
*
* @param subject
*
* @return
*/
@SuppressWarnings("unchecked")
private ScmState createState(Subject subject)
{
PrincipalCollection collection = subject.getPrincipals();
User user = collection.oneByType(User.class);
GroupNames groups = collection.oneByType(GroupNames.class);
List<PermissionDescriptor> ap = Collections.EMPTY_LIST;
if (subject.hasRole(Role.ADMIN))
{
ap = securitySystem.getAvailablePermissions();
}
Builder<String> builder = ImmutableList.builder();
for (Permission p : permissionCollector.collect().getObjectPermissions())
{
if (p instanceof StringablePermission)
{
builder.add(((StringablePermission) p).getAsString());
}
}
return createState(user, groups.getCollection(), builder.build(), ap);
}
/**
* Method description
*
*
* @param user
* @param groups
* @param assignedPermissions
* @param availablePermissions
*
* @return
*/
private ScmState createState(User user, Collection<String> groups,
List<String> assignedPermissions,
List<PermissionDescriptor> availablePermissions)
{
return new ScmState(contextProvider, user, groups,
repositoryManger.getConfiguredTypes(), userManager.getDefaultType(),
new ScmClientConfig(configuration), assignedPermissions,
availablePermissions);
}
/**
* Method description
*
@@ -529,17 +459,8 @@ public class AuthenticationResource
private final ScmConfiguration configuration;
/** Field description */
private final SCMContextProvider contextProvider;
private final ScmStateFactory stateFactory;
/** Field description */
private final AuthorizationCollector permissionCollector;
/** Field description */
private final RepositoryManager repositoryManger;
/** Field description */
private final SecuritySystem securitySystem;
/** Field description */
private final UserManager userManager;
private final BearerTokenGenerator tokenGenerator;
}

79
scm-webapp/src/main/java/sonia/scm/security/AuthorizationCollector.java → scm-webapp/src/main/java/sonia/scm/security/DefaultAuthorizationCollector.java
View File

@@ -36,6 +36,7 @@ package sonia.scm.security;
//~--- non-JDK imports --------------------------------------------------------
import com.github.legman.Subscribe;
import com.google.common.base.Objects;
import com.google.common.base.Preconditions;
import com.google.common.base.Predicate;
@@ -59,6 +60,7 @@ import sonia.scm.cache.Cache;
import sonia.scm.cache.CacheManager;
import sonia.scm.group.GroupEvent;
import sonia.scm.group.GroupNames;
import sonia.scm.plugin.Extension;
import sonia.scm.repository.PermissionType;
import sonia.scm.repository.Repository;
import sonia.scm.repository.RepositoryDAO;
@@ -77,17 +79,18 @@ import java.util.Set;
* @author Sebastian Sdorra
*/
@Singleton
public class AuthorizationCollector
@Extension
public class DefaultAuthorizationCollector implements AuthorizationCollector
{
/** Field description */
private static final String CACHE_NAME = "sonia.cache.authorizing";
/**
* the logger for AuthorizationCollector
* the logger for DefaultAuthorizationCollector
*/
private static final Logger logger =
LoggerFactory.getLogger(AuthorizationCollector.class);
LoggerFactory.getLogger(DefaultAuthorizationCollector.class);
//~--- constructors ---------------------------------------------------------
@@ -102,7 +105,7 @@ public class AuthorizationCollector
* @param resolver
*/
@Inject
public AuthorizationCollector(CacheManager cacheManager,
public DefaultAuthorizationCollector(CacheManager cacheManager,
RepositoryDAO repositoryDAO, SecuritySystem securitySystem,
PermissionResolver resolver)
{
@@ -120,6 +123,7 @@ public class AuthorizationCollector
*
* @return
*/
@Override
public AuthorizationInfo collect()
{
AuthorizationInfo authorizationInfo;
@@ -267,16 +271,6 @@ public class AuthorizationCollector
return info;
}
/**
* Method description
*
*
*
* @param builder
* @param user
* @param groups
*
*/
private void collectGlobalPermissions(Builder<Permission> builder,
final User user, final GroupNames groups)
{
@@ -313,16 +307,6 @@ public class AuthorizationCollector
}
}
/**
* Method description
*
*
*
* @param builder
* @param user
* @param groups
*
*/
private void collectRepositoryPermissions(Builder<Permission> builder,
User user, GroupNames groups)
{
@@ -338,16 +322,6 @@ public class AuthorizationCollector
}
}
/**
* Method description
*
*
*
* @param builder
* @param repository
* @param user
* @param groups
*/
private void collectRepositoryPermissions(Builder<Permission> builder,
Repository repository, User user, GroupNames groups)
{
@@ -381,15 +355,6 @@ public class AuthorizationCollector
}
}
/**
* Method description
*
*
* @param user
* @param groups
*
* @return
*/
private AuthorizationInfo createAuthorizationInfo(User user,
GroupNames groups)
{
@@ -434,16 +399,6 @@ public class AuthorizationCollector
//~--- get methods ----------------------------------------------------------
/**
* Method description
*
*
* @param user
* @param groups
* @param perm
*
* @return
*/
private boolean isUserPermission(User user, GroupNames groups,
PermissionObject perm)
{
@@ -456,22 +411,10 @@ public class AuthorizationCollector
//~--- inner classes --------------------------------------------------------
/**
* Class description
*
*
* @version Enter version here..., 13/08/28
* @author Enter your name here...
* Cache key.
*/
private static class CacheKey
{
/**
* Constructs ...
*
*
* @param username
* @param groupnames
*/
private CacheKey(String username, GroupNames groupnames)
{
this.username = username;
@@ -513,10 +456,10 @@ public class AuthorizationCollector
//~--- fields -------------------------------------------------------------
/** Field description */
/** group names */
private final GroupNames groupnames;
/** Field description */
/** username */
private final String username;
}

10
scm-webapp/src/main/java/sonia/scm/security/DefaultRealm.java
View File

@@ -55,9 +55,9 @@ import javax.inject.Inject;
import javax.inject.Singleton;
/**
* Default authorizing realm.
*
* @author Sebastian Sdorra
*
* @since 2.0.0
*/
@Extension
@@ -82,7 +82,7 @@ public class DefaultRealm extends AuthorizingRealm
*/
@Inject
public DefaultRealm(PasswordService service,
AuthorizationCollector collector, UserDAO userDAO, GroupDAO groupDAO)
DefaultAuthorizationCollector collector, UserDAO userDAO, GroupDAO groupDAO)
{
this.collector = collector;
this.helper = new DAORealmHelper(REALM, userDAO, groupDAO);
@@ -131,9 +131,9 @@ public class DefaultRealm extends AuthorizingRealm
//~--- fields ---------------------------------------------------------------
/** Field description */
private final AuthorizationCollector collector;
/** default authorization collector */
private final DefaultAuthorizationCollector collector;
/** Field description */
/** realm helper */
private final DAORealmHelper helper;
}

2
scm-webapp/src/main/webapp/resources/js/login/sonia.login.form.js
View File

@@ -62,7 +62,7 @@ Sonia.login.Form = Ext.extend(Ext.FormPanel,{
var config = {
labelWidth: 120,
url: restUrl + "authentication/login.json",
url: restUrl + "authentication/login.json?cookie=true",
frame: true,
title: this.titleText,
defaultType: 'textfield',

2
scm-webapp/src/test/java/sonia/scm/it/IntegrationTestUtil.java
View File

@@ -108,7 +108,7 @@ public final class IntegrationTestUtil
public static ClientResponse authenticate(Client client, String username,
String password)
{
WebResource wr = createResource(client, "authentication/login");
WebResource wr = client.resource(createResourceUrl("authentication/login").concat("?cookie=true"));
MultivaluedMap<String, String> formData = new MultivaluedMapImpl();
formData.add("username", username);

2
scm-webapp/src/test/java/sonia/scm/security/DefaultRealmTest.java
View File

@@ -290,7 +290,7 @@ public class DefaultRealmTest
/** Field description */
@Mock
private AuthorizationCollector collector;
private DefaultAuthorizationCollector collector;
/** Field description */
@Mock