diff --git a/scm-core/src/main/java/sonia/scm/ScmState.java b/scm-core/src/main/java/sonia/scm/ScmState.java index a12cef40b4..5610a40c08 100644 --- a/scm-core/src/main/java/sonia/scm/ScmState.java +++ b/scm-core/src/main/java/sonia/scm/ScmState.java @@ -55,7 +55,7 @@ import javax.xml.bind.annotation.XmlRootElement; */ @XmlRootElement(name = "state") @XmlAccessorType(XmlAccessType.FIELD) -public class ScmState +public final class ScmState { /** @@ -63,53 +63,33 @@ public class ScmState * This constructor is required by JAXB. * */ - public ScmState() {} + ScmState() {} /** * Constructs {@link ScmState} object. * * - * @param provider context provider + * @param version scm-manager version * @param user current user * @param groups groups of the current user + * @param token authentication token * @param repositoryTypes available repository types * @param defaultUserType default user type * @param clientConfig client configuration - * - * @since 1.21 - */ - public ScmState(SCMContextProvider provider, User user, - Collection groups, Collection repositoryTypes, - String defaultUserType, ScmClientConfig clientConfig) - { - this(provider, user, groups, repositoryTypes, defaultUserType, - clientConfig, null, null); - } - - /** - * Constructs {@link ScmState} object. - * - * - * @param provider context provider - * @param user current user - * @param groups groups of the current user - * @param repositoryTypes available repository types - * @param defaultUserType default user type - * @param clientConfig client configuration - * @param assignedPermission + * @param assignedPermission assigned permissions * @param availablePermissions list of available permissions * - * @since 1.31 + * @since 2.0.0 */ - public ScmState(SCMContextProvider provider, User user, - Collection groups, Collection repositoryTypes, - String defaultUserType, ScmClientConfig clientConfig, - List assignedPermission, + public ScmState(String version, User user, Collection groups, + String token, Collection repositoryTypes, String defaultUserType, + ScmClientConfig clientConfig, List assignedPermission, List availablePermissions) { - this.version = provider.getVersion(); + this.version = version; this.user = user; this.groups = groups; + this.token = token; this.repositoryTypes = repositoryTypes; this.clientConfig = clientConfig; this.defaultUserType = defaultUserType; @@ -190,6 +170,19 @@ public class ScmState return repositoryTypes; } + /** + * Returns authentication token or {@code null}. + * + * + * @return authentication token or {@code null} + * + * @since 2.0.0 + */ + public String getToken() + { + return token; + } + /** * Returns the current logged in user. * @@ -223,116 +216,14 @@ public class ScmState return success; } - //~--- set methods ---------------------------------------------------------- - - /** - * Sets a list of assigned permissions. - * - * - * @param assignedPermissions list of assigned permissions - * @since 1.31 - */ - public void setAssignedPermissions(List assignedPermissions) - { - this.assignedPermissions = assignedPermissions; - } - - /** - * Sets a list of available global permissions. - * - * - * @param permissions list of available global permisisons - * @since 1.31 - */ - public void setAvailablePermissions(List permissions) - { - this.availablePermissions = permissions; - } - - /** - * Setter for the client configuration - * - * - * - * @param clientConfig - client configuration - */ - public void setClientConfig(ScmClientConfig clientConfig) - { - this.clientConfig = clientConfig; - } - - /** - * Sets the default user type - * - * - * @param defaultUserType default user type - * @since 1.14 - */ - public void setDefaultUserType(String defaultUserType) - { - this.defaultUserType = defaultUserType; - } - - /** - * Setter for the groups. - * - * - * - * @param groups - collection of group names - */ - public void setGroups(Collection groups) - { - this.groups = groups; - } - - /** - * Setter for the available repository types. - * - * - * - * @param repositoryTypes - collection of available repository types - */ - public void setRepositoryTypes(Collection repositoryTypes) - { - this.repositoryTypes = repositoryTypes; - } - - /** - * Setter for the success switch. - * - * - * @param success switch - */ - public void setSuccess(boolean success) - { - this.success = success; - } - - /** - * Setter for the User - * - * - * - * @param user - the current user - */ - public void setUser(User user) - { - this.user = user; - } - - /** - * Setter for the SCM-Manager version. - * - * - * @param version - SCM-Manager version - */ - public void setVersion(String version) - { - this.version = version; - } - //~--- fields --------------------------------------------------------------- + /** marker for extjs */ + private final boolean success = true; + + /** authentication token */ + private String token; + /** Field description */ private List assignedPermissions; @@ -355,9 +246,6 @@ public class ScmState @XmlElement(name = "repositoryTypes") private Collection repositoryTypes; - /** Field description */ - private boolean success = true; - /** Field description */ private User user; diff --git a/scm-core/src/main/java/sonia/scm/ScmStateFactory.java b/scm-core/src/main/java/sonia/scm/ScmStateFactory.java new file mode 100644 index 0000000000..58f22b887b --- /dev/null +++ b/scm-core/src/main/java/sonia/scm/ScmStateFactory.java @@ -0,0 +1,194 @@ +/** + * Copyright (c) 2014, Sebastian Sdorra All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. 2. Redistributions in + * binary form must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. 3. Neither the name of SCM-Manager; + * nor the names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR + * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + * http://bitbucket.org/sdorra/scm-manager + * + */ + + + +package sonia.scm; + +//~--- non-JDK imports -------------------------------------------------------- + +import com.google.common.collect.ImmutableList; +import com.google.common.collect.ImmutableList.Builder; + +import org.apache.shiro.authz.Permission; +import org.apache.shiro.subject.PrincipalCollection; +import org.apache.shiro.subject.Subject; + +import sonia.scm.config.ScmConfiguration; +import sonia.scm.group.GroupNames; +import sonia.scm.repository.RepositoryManager; +import sonia.scm.security.AuthorizationCollector; +import sonia.scm.security.PermissionDescriptor; +import sonia.scm.security.Role; +import sonia.scm.security.SecuritySystem; +import sonia.scm.security.StringablePermission; +import sonia.scm.user.User; +import sonia.scm.user.UserManager; + +//~--- JDK imports ------------------------------------------------------------ + +import java.util.Collection; +import java.util.Collections; +import java.util.List; + +import javax.inject.Inject; + +/** + * Factory to create {@link ScmState}. + * + * @author Sebastian Sdorra + * @since 2.0.0 + */ +public final class ScmStateFactory +{ + + /** + * Constructs a new {@link ScmStateFactory}. + * + * + * @param contextProvider context provider + * @param configuration configuration + * @param repositoryManger repository manager + * @param userManager user manager + * @param securitySystem security system + * @param authorizationCollector authorization collector + */ + @Inject + public ScmStateFactory(SCMContextProvider contextProvider, + ScmConfiguration configuration, RepositoryManager repositoryManger, + UserManager userManager, SecuritySystem securitySystem, + AuthorizationCollector authorizationCollector) + { + this.contextProvider = contextProvider; + this.configuration = configuration; + this.repositoryManger = repositoryManger; + this.userManager = userManager; + this.securitySystem = securitySystem; + this.authorizationCollector = authorizationCollector; + } + + //~--- methods -------------------------------------------------------------- + + /** + * Returns anonymous state. + * + * + * @return anonymous state + */ + @SuppressWarnings("unchecked") + public ScmState createAnonymousState() + { + return createState(SCMContext.ANONYMOUS, Collections.EMPTY_LIST, null, + Collections.EMPTY_LIST, Collections.EMPTY_LIST); + } + + /** + * Creates an state from the given subject. + * + * + * @param subject subject + * + * @return state from subject + */ + public ScmState createState(Subject subject) + { + return createState(subject, null); + } + + /** + * Creates an state from the given subject and authentication token. + * + * + * @param subject subject + * @param token authentication token + * + * @return state from subject and authentication token + */ + @SuppressWarnings("unchecked") + public ScmState createState(Subject subject, String token) + { + PrincipalCollection collection = subject.getPrincipals(); + User user = collection.oneByType(User.class); + GroupNames groups = collection.oneByType(GroupNames.class); + + List ap = Collections.EMPTY_LIST; + + if (subject.hasRole(Role.ADMIN)) + { + ap = securitySystem.getAvailablePermissions(); + } + + Builder builder = ImmutableList.builder(); + + for (Permission p : authorizationCollector.collect().getObjectPermissions()) + { + if (p instanceof StringablePermission) + { + builder.add(((StringablePermission) p).getAsString()); + } + + } + + return createState(user, groups.getCollection(), token, builder.build(), + ap); + } + + private ScmState createState(User user, Collection groups, + String token, List assignedPermissions, + List availablePermissions) + { + User u = user.clone(); + // do not return password on authentication + u.setPassword(null); + return new ScmState(contextProvider.getVersion(), u, groups, token, + repositoryManger.getConfiguredTypes(), userManager.getDefaultType(), + new ScmClientConfig(configuration), assignedPermissions, + availablePermissions); + } + + //~--- fields --------------------------------------------------------------- + + /** authorization collector */ + private final AuthorizationCollector authorizationCollector; + + /** configuration */ + private final ScmConfiguration configuration; + + /** context provider */ + private final SCMContextProvider contextProvider; + + /** repository manager */ + private final RepositoryManager repositoryManger; + + /** security system */ + private final SecuritySystem securitySystem; + + /** user manager */ + private final UserManager userManager; +} diff --git a/scm-core/src/main/java/sonia/scm/security/AuthorizationCollector.java b/scm-core/src/main/java/sonia/scm/security/AuthorizationCollector.java new file mode 100644 index 0000000000..d1151c3b35 --- /dev/null +++ b/scm-core/src/main/java/sonia/scm/security/AuthorizationCollector.java @@ -0,0 +1,56 @@ +/** + * Copyright (c) 2014, Sebastian Sdorra All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. 2. Redistributions in + * binary form must reproduce the above copyright notice, this list of + * conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. 3. Neither the name of SCM-Manager; + * nor the names of its contributors may be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR + * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + * http://bitbucket.org/sdorra/scm-manager + * + */ + + + +package sonia.scm.security; + +//~--- non-JDK imports -------------------------------------------------------- + +import org.apache.shiro.authz.AuthorizationInfo; +import sonia.scm.plugin.ExtensionPoint; + +/** + * Collect {@link AuthorizationInfo} for the authenticated user. + * + * @author Sebastian Sdorra + * @since 2.0.0 + */ +@ExtensionPoint(multi = false) +public interface AuthorizationCollector +{ + + /** + * Returns {@link AuthorizationInfo} for the authenticated user. + * + * + * @return {@link AuthorizationInfo} for authenticated user + */ + public AuthorizationInfo collect(); +} diff --git a/scm-webapp/src/main/java/sonia/scm/ScmSecurityModule.java b/scm-webapp/src/main/java/sonia/scm/ScmSecurityModule.java index 1d323cc777..37ed0c6665 100644 --- a/scm-webapp/src/main/java/sonia/scm/ScmSecurityModule.java +++ b/scm-webapp/src/main/java/sonia/scm/ScmSecurityModule.java @@ -114,6 +114,9 @@ public class ScmSecurityModule extends ShiroWebModule // disable access to mustache resources addFilterChain("/**.mustache", config(ROLES, "nobody")); + + // disable session + // addFilterChain("/**", NO_SESSION_CREATION); } /** diff --git a/scm-webapp/src/main/java/sonia/scm/api/rest/resources/AuthenticationResource.java b/scm-webapp/src/main/java/sonia/scm/api/rest/resources/AuthenticationResource.java index 29e47ef737..b722586a40 100644 --- a/scm-webapp/src/main/java/sonia/scm/api/rest/resources/AuthenticationResource.java +++ b/scm-webapp/src/main/java/sonia/scm/api/rest/resources/AuthenticationResource.java @@ -37,8 +37,6 @@ package sonia.scm.api.rest.resources; import com.google.common.base.Preconditions; import com.google.common.base.Strings; -import com.google.common.collect.ImmutableList; -import com.google.common.collect.ImmutableList.Builder; import com.google.inject.Inject; import com.google.inject.Singleton; @@ -46,8 +44,6 @@ import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.DisabledAccountException; import org.apache.shiro.authc.ExcessiveAttemptsException; -import org.apache.shiro.authz.Permission; -import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.subject.Subject; import org.codehaus.enunciate.jaxrs.TypeHint; @@ -56,30 +52,18 @@ import org.codehaus.enunciate.modules.jersey.ExternallyManagedLifecycle; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import sonia.scm.SCMContext; -import sonia.scm.SCMContextProvider; -import sonia.scm.ScmClientConfig; import sonia.scm.ScmState; +import sonia.scm.ScmStateFactory; import sonia.scm.api.rest.RestActionResult; import sonia.scm.config.ScmConfiguration; -import sonia.scm.group.GroupNames; -import sonia.scm.repository.RepositoryManager; -import sonia.scm.security.AuthorizationCollector; -import sonia.scm.security.PermissionDescriptor; -import sonia.scm.security.Role; -import sonia.scm.security.SecuritySystem; -import sonia.scm.security.StringablePermission; +import sonia.scm.security.BearerTokenGenerator; import sonia.scm.security.Tokens; import sonia.scm.user.User; -import sonia.scm.user.UserManager; import sonia.scm.util.HttpUtil; //~--- JDK imports ------------------------------------------------------------ -import java.util.Collection; -import java.util.Collections; -import java.util.List; - +import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -89,6 +73,7 @@ import javax.ws.rs.GET; import javax.ws.rs.POST; import javax.ws.rs.Path; import javax.ws.rs.Produces; +import javax.ws.rs.QueryParam; import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; @@ -127,25 +112,17 @@ public class AuthenticationResource * Constructs ... * * - * @param contextProvider * @param configuration - * @param repositoryManger - * @param userManager - * @param securitySystem - * @param collector + * @param stateFactory + * @param tokenGenerator */ @Inject - public AuthenticationResource(SCMContextProvider contextProvider, - ScmConfiguration configuration, RepositoryManager repositoryManger, - UserManager userManager, SecuritySystem securitySystem, - AuthorizationCollector collector) + public AuthenticationResource(ScmConfiguration configuration, + ScmStateFactory stateFactory, BearerTokenGenerator tokenGenerator) { - this.contextProvider = contextProvider; this.configuration = configuration; - this.repositoryManger = repositoryManger; - this.userManager = userManager; - this.securitySystem = securitySystem; - this.permissionCollector = collector; + this.stateFactory = stateFactory; + this.tokenGenerator = tokenGenerator; } //~--- methods -------------------------------------------------------------- @@ -160,10 +137,12 @@ public class AuthenticationResource *
  • 500 internal server error
    • * * - * @param request the current http request + * @param request current http request + * @param response current http response * @param username the username for the authentication * @param password the password for the authentication * @param rememberMe true to remember the user across sessions + * @param cookie create authentication token * * @return */ @@ -171,23 +150,46 @@ public class AuthenticationResource @Path("login") @TypeHint(ScmState.class) public Response authenticate(@Context HttpServletRequest request, + @Context HttpServletResponse response, @FormParam("username") String username, @FormParam("password") String password, @FormParam("rememberMe") - @DefaultValue("false") boolean rememberMe) + @DefaultValue("false") boolean rememberMe, @QueryParam( + "cookie") boolean cookie) { Preconditions.checkArgument(!Strings.isNullOrEmpty(username), "username parameter is required"); Preconditions.checkArgument(!Strings.isNullOrEmpty(password), "password parameter is required"); - Response response; + Response res; Subject subject = SecurityUtils.getSubject(); try { subject.login(Tokens.createAuthenticationToken(request, username, password, rememberMe)); - response = Response.ok(createState(subject)).build(); + + User user = subject.getPrincipals().oneByType(User.class); + + String token = tokenGenerator.createBearerToken(user); + + ScmState state; + + if (cookie) + { + Cookie c = new Cookie("X-Bearer-Token", token); + + c.setPath(request.getContextPath()); + c.setHttpOnly(true); + response.addCookie(c); + state = stateFactory.createState(subject); + } + else + { + state = stateFactory.createState(subject, token); + } + + res = Response.ok(state).build(); } catch (DisabledAccountException ex) { @@ -202,8 +204,8 @@ public class AuthenticationResource logger.warn("authentication failed, account {} is locked", username); } - response = handleFailedAuthentication(request, ex, - Response.Status.FORBIDDEN, WUIAuthenticationFailure.LOCKED); + res = handleFailedAuthentication(request, ex, Response.Status.FORBIDDEN, + WUIAuthenticationFailure.LOCKED); } catch (ExcessiveAttemptsException ex) { @@ -219,8 +221,8 @@ public class AuthenticationResource username); } - response = handleFailedAuthentication(request, ex, - Response.Status.FORBIDDEN, WUIAuthenticationFailure.TEMPORARY_LOCKED); + res = handleFailedAuthentication(request, ex, Response.Status.FORBIDDEN, + WUIAuthenticationFailure.TEMPORARY_LOCKED); } catch (AuthenticationException ex) { @@ -233,12 +235,12 @@ public class AuthenticationResource logger.warn("authentication failed for user {}", username); } - response = handleFailedAuthentication(request, ex, + res = handleFailedAuthentication(request, ex, Response.Status.UNAUTHORIZED, WUIAuthenticationFailure.WRONG_CREDENTIALS); } - return response; + return res; } /** @@ -270,7 +272,7 @@ public class AuthenticationResource if (configuration.isAnonymousAccessEnabled()) { - resp = Response.ok(createAnonymousState()).build(); + resp = Response.ok(stateFactory.createAnonymousState()).build(); } else { @@ -338,14 +340,14 @@ public class AuthenticationResource subject.getPrincipal()); } - ScmState state = createState(subject); + ScmState state = stateFactory.createState(subject); response = Response.ok(state).build(); } else if (configuration.isAnonymousAccessEnabled()) { - response = Response.ok(createAnonymousState()).build(); + response = Response.ok(stateFactory.createAnonymousState()).build(); } else { @@ -357,78 +359,6 @@ public class AuthenticationResource //~--- methods -------------------------------------------------------------- - /** - * Method description - * - * - * @return - */ - @SuppressWarnings("unchecked") - private ScmState createAnonymousState() - { - return createState(SCMContext.ANONYMOUS, Collections.EMPTY_LIST, - Collections.EMPTY_LIST, Collections.EMPTY_LIST); - } - - /** - * Method description - * - * - * @param securityContext - * - * @param subject - * - * @return - */ - @SuppressWarnings("unchecked") - private ScmState createState(Subject subject) - { - PrincipalCollection collection = subject.getPrincipals(); - User user = collection.oneByType(User.class); - GroupNames groups = collection.oneByType(GroupNames.class); - - List ap = Collections.EMPTY_LIST; - - if (subject.hasRole(Role.ADMIN)) - { - ap = securitySystem.getAvailablePermissions(); - } - - Builder builder = ImmutableList.builder(); - - for (Permission p : permissionCollector.collect().getObjectPermissions()) - { - if (p instanceof StringablePermission) - { - builder.add(((StringablePermission) p).getAsString()); - } - - } - - return createState(user, groups.getCollection(), builder.build(), ap); - } - - /** - * Method description - * - * - * @param user - * @param groups - * @param assignedPermissions - * @param availablePermissions - * - * @return - */ - private ScmState createState(User user, Collection groups, - List assignedPermissions, - List availablePermissions) - { - return new ScmState(contextProvider, user, groups, - repositoryManger.getConfiguredTypes(), userManager.getDefaultType(), - new ScmClientConfig(configuration), assignedPermissions, - availablePermissions); - } - /** * Method description * @@ -529,17 +459,8 @@ public class AuthenticationResource private final ScmConfiguration configuration; /** Field description */ - private final SCMContextProvider contextProvider; + private final ScmStateFactory stateFactory; /** Field description */ - private final AuthorizationCollector permissionCollector; - - /** Field description */ - private final RepositoryManager repositoryManger; - - /** Field description */ - private final SecuritySystem securitySystem; - - /** Field description */ - private final UserManager userManager; + private final BearerTokenGenerator tokenGenerator; } diff --git a/scm-webapp/src/main/java/sonia/scm/security/AuthorizationCollector.java b/scm-webapp/src/main/java/sonia/scm/security/DefaultAuthorizationCollector.java similarity index 91% rename from scm-webapp/src/main/java/sonia/scm/security/AuthorizationCollector.java rename to scm-webapp/src/main/java/sonia/scm/security/DefaultAuthorizationCollector.java index a5eab68b11..a9df5e9e8a 100644 --- a/scm-webapp/src/main/java/sonia/scm/security/AuthorizationCollector.java +++ b/scm-webapp/src/main/java/sonia/scm/security/DefaultAuthorizationCollector.java @@ -36,6 +36,7 @@ package sonia.scm.security; //~--- non-JDK imports -------------------------------------------------------- import com.github.legman.Subscribe; + import com.google.common.base.Objects; import com.google.common.base.Preconditions; import com.google.common.base.Predicate; @@ -59,6 +60,7 @@ import sonia.scm.cache.Cache; import sonia.scm.cache.CacheManager; import sonia.scm.group.GroupEvent; import sonia.scm.group.GroupNames; +import sonia.scm.plugin.Extension; import sonia.scm.repository.PermissionType; import sonia.scm.repository.Repository; import sonia.scm.repository.RepositoryDAO; @@ -77,17 +79,18 @@ import java.util.Set; * @author Sebastian Sdorra */ @Singleton -public class AuthorizationCollector +@Extension +public class DefaultAuthorizationCollector implements AuthorizationCollector { /** Field description */ private static final String CACHE_NAME = "sonia.cache.authorizing"; /** - * the logger for AuthorizationCollector + * the logger for DefaultAuthorizationCollector */ private static final Logger logger = - LoggerFactory.getLogger(AuthorizationCollector.class); + LoggerFactory.getLogger(DefaultAuthorizationCollector.class); //~--- constructors --------------------------------------------------------- @@ -102,7 +105,7 @@ public class AuthorizationCollector * @param resolver */ @Inject - public AuthorizationCollector(CacheManager cacheManager, + public DefaultAuthorizationCollector(CacheManager cacheManager, RepositoryDAO repositoryDAO, SecuritySystem securitySystem, PermissionResolver resolver) { @@ -120,6 +123,7 @@ public class AuthorizationCollector * * @return */ + @Override public AuthorizationInfo collect() { AuthorizationInfo authorizationInfo; @@ -267,16 +271,6 @@ public class AuthorizationCollector return info; } - /** - * Method description - * - * - * - * @param builder - * @param user - * @param groups - * - */ private void collectGlobalPermissions(Builder builder, final User user, final GroupNames groups) { @@ -313,16 +307,6 @@ public class AuthorizationCollector } } - /** - * Method description - * - * - * - * @param builder - * @param user - * @param groups - * - */ private void collectRepositoryPermissions(Builder builder, User user, GroupNames groups) { @@ -338,16 +322,6 @@ public class AuthorizationCollector } } - /** - * Method description - * - * - * - * @param builder - * @param repository - * @param user - * @param groups - */ private void collectRepositoryPermissions(Builder builder, Repository repository, User user, GroupNames groups) { @@ -381,15 +355,6 @@ public class AuthorizationCollector } } - /** - * Method description - * - * - * @param user - * @param groups - * - * @return - */ private AuthorizationInfo createAuthorizationInfo(User user, GroupNames groups) { @@ -434,16 +399,6 @@ public class AuthorizationCollector //~--- get methods ---------------------------------------------------------- - /** - * Method description - * - * - * @param user - * @param groups - * @param perm - * - * @return - */ private boolean isUserPermission(User user, GroupNames groups, PermissionObject perm) { @@ -456,22 +411,10 @@ public class AuthorizationCollector //~--- inner classes -------------------------------------------------------- /** - * Class description - * - * - * @version Enter version here..., 13/08/28 - * @author Enter your name here... + * Cache key. */ private static class CacheKey { - - /** - * Constructs ... - * - * - * @param username - * @param groupnames - */ private CacheKey(String username, GroupNames groupnames) { this.username = username; @@ -513,10 +456,10 @@ public class AuthorizationCollector //~--- fields ------------------------------------------------------------- - /** Field description */ + /** group names */ private final GroupNames groupnames; - /** Field description */ + /** username */ private final String username; } diff --git a/scm-webapp/src/main/java/sonia/scm/security/DefaultRealm.java b/scm-webapp/src/main/java/sonia/scm/security/DefaultRealm.java index b4a6518857..d076a9d075 100644 --- a/scm-webapp/src/main/java/sonia/scm/security/DefaultRealm.java +++ b/scm-webapp/src/main/java/sonia/scm/security/DefaultRealm.java @@ -55,9 +55,9 @@ import javax.inject.Inject; import javax.inject.Singleton; /** + * Default authorizing realm. * * @author Sebastian Sdorra - * * @since 2.0.0 */ @Extension @@ -82,7 +82,7 @@ public class DefaultRealm extends AuthorizingRealm */ @Inject public DefaultRealm(PasswordService service, - AuthorizationCollector collector, UserDAO userDAO, GroupDAO groupDAO) + DefaultAuthorizationCollector collector, UserDAO userDAO, GroupDAO groupDAO) { this.collector = collector; this.helper = new DAORealmHelper(REALM, userDAO, groupDAO); @@ -131,9 +131,9 @@ public class DefaultRealm extends AuthorizingRealm //~--- fields --------------------------------------------------------------- - /** Field description */ - private final AuthorizationCollector collector; + /** default authorization collector */ + private final DefaultAuthorizationCollector collector; - /** Field description */ + /** realm helper */ private final DAORealmHelper helper; } diff --git a/scm-webapp/src/main/webapp/resources/js/login/sonia.login.form.js b/scm-webapp/src/main/webapp/resources/js/login/sonia.login.form.js index b27f2484b4..a1c53f2fd4 100644 --- a/scm-webapp/src/main/webapp/resources/js/login/sonia.login.form.js +++ b/scm-webapp/src/main/webapp/resources/js/login/sonia.login.form.js @@ -62,7 +62,7 @@ Sonia.login.Form = Ext.extend(Ext.FormPanel,{ var config = { labelWidth: 120, - url: restUrl + "authentication/login.json", + url: restUrl + "authentication/login.json?cookie=true", frame: true, title: this.titleText, defaultType: 'textfield', diff --git a/scm-webapp/src/test/java/sonia/scm/it/IntegrationTestUtil.java b/scm-webapp/src/test/java/sonia/scm/it/IntegrationTestUtil.java index 03fa5dddd1..8789492f58 100644 --- a/scm-webapp/src/test/java/sonia/scm/it/IntegrationTestUtil.java +++ b/scm-webapp/src/test/java/sonia/scm/it/IntegrationTestUtil.java @@ -108,7 +108,7 @@ public final class IntegrationTestUtil public static ClientResponse authenticate(Client client, String username, String password) { - WebResource wr = createResource(client, "authentication/login"); + WebResource wr = client.resource(createResourceUrl("authentication/login").concat("?cookie=true")); MultivaluedMap formData = new MultivaluedMapImpl(); formData.add("username", username); diff --git a/scm-webapp/src/test/java/sonia/scm/security/DefaultRealmTest.java b/scm-webapp/src/test/java/sonia/scm/security/DefaultRealmTest.java index 40aa4ae179..848796dd51 100644 --- a/scm-webapp/src/test/java/sonia/scm/security/DefaultRealmTest.java +++ b/scm-webapp/src/test/java/sonia/scm/security/DefaultRealmTest.java @@ -290,7 +290,7 @@ public class DefaultRealmTest /** Field description */ @Mock - private AuthorizationCollector collector; + private DefaultAuthorizationCollector collector; /** Field description */ @Mock