From 63e5d2f23d44547f591535b11dd6540d6b4637b5 Mon Sep 17 00:00:00 2001 From: Eduard Heimbuch Date: Tue, 5 May 2020 10:55:23 +0200 Subject: [PATCH] Change the "manage" plugin permission to "write". This way we don't need a migration because the plugin manage permission was already saved as "plugin:read,write" --- .../main/java/sonia/scm/plugin/PluginInformation.java | 2 +- .../scm/api/v2/resources/AvailablePluginResource.java | 2 +- .../sonia/scm/api/v2/resources/IndexDtoGenerator.java | 2 +- .../scm/api/v2/resources/PendingPluginResource.java | 2 +- .../api/v2/resources/PluginDtoCollectionMapper.java | 3 ++- .../sonia/scm/api/v2/resources/PluginDtoMapper.java | 6 +++--- .../java/sonia/scm/plugin/DefaultPluginManager.java | 10 +++++----- 7 files changed, 14 insertions(+), 13 deletions(-) diff --git a/scm-core/src/main/java/sonia/scm/plugin/PluginInformation.java b/scm-core/src/main/java/sonia/scm/plugin/PluginInformation.java index bd89156071..20f3751070 100644 --- a/scm-core/src/main/java/sonia/scm/plugin/PluginInformation.java +++ b/scm-core/src/main/java/sonia/scm/plugin/PluginInformation.java @@ -47,7 +47,7 @@ import java.io.Serializable; value = "plugin", generatedClass = "PluginPermissions", permissions = {}, - globalPermissions = {"read", "manage"}, + globalPermissions = {"read", "write"}, custom = true, customGlobal = true ) @XmlAccessorType(XmlAccessType.FIELD) diff --git a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/AvailablePluginResource.java b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/AvailablePluginResource.java index b898eadafa..c4f11d8a91 100644 --- a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/AvailablePluginResource.java +++ b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/AvailablePluginResource.java @@ -178,7 +178,7 @@ public class AvailablePluginResource { ) ) public Response installPlugin(@PathParam("name") String name, @QueryParam("restart") boolean restartAfterInstallation) { - PluginPermissions.manage().check(); + PluginPermissions.write().check(); pluginManager.install(name, restartAfterInstallation); return Response.ok().build(); } diff --git a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/IndexDtoGenerator.java b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/IndexDtoGenerator.java index 8b0a0a5565..6f6ae8f6bc 100644 --- a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/IndexDtoGenerator.java +++ b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/IndexDtoGenerator.java @@ -82,7 +82,7 @@ public class IndexDtoGenerator extends HalAppenderMapper { builder.single(link("installedPlugins", resourceLinks.installedPluginCollection().self())); builder.single(link("availablePlugins", resourceLinks.availablePluginCollection().self())); } - if (PluginPermissions.manage().isPermitted()) { + if (PluginPermissions.write().isPermitted()) { builder.single(link("pendingPlugins", resourceLinks.pendingPluginCollection().self())); } if (UserPermissions.list().isPermitted()) { diff --git a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/PendingPluginResource.java b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/PendingPluginResource.java index 72b44dc33d..0d59e4ef28 100644 --- a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/PendingPluginResource.java +++ b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/PendingPluginResource.java @@ -118,7 +118,7 @@ public class PendingPluginResource { List uninstallDtos = uninstallPlugins.map(i -> mapper.mapInstalled(i, pending)).collect(toList()); if ( - PluginPermissions.manage().isPermitted() && + PluginPermissions.write().isPermitted() && (!installDtos.isEmpty() || !updateDtos.isEmpty() || !uninstallDtos.isEmpty()) ) { if (restarter.isSupported()) { diff --git a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/PluginDtoCollectionMapper.java b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/PluginDtoCollectionMapper.java index b579935b30..ff66f2bc85 100644 --- a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/PluginDtoCollectionMapper.java +++ b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/PluginDtoCollectionMapper.java @@ -31,6 +31,7 @@ import de.otto.edison.hal.Links; import sonia.scm.plugin.AvailablePlugin; import sonia.scm.plugin.InstalledPlugin; import sonia.scm.plugin.PluginManager; +import sonia.scm.plugin.PluginPermissions; import java.util.List; @@ -71,7 +72,7 @@ public class PluginDtoCollectionMapper { Links.Builder linksBuilder = linkingTo() .with(Links.linkingTo().self(baseUrl).build()); - if (!manager.getUpdatable().isEmpty()) { + if (!manager.getUpdatable().isEmpty() && PluginPermissions.write().isPermitted()) { linksBuilder.single(link("update", resourceLinks.installedPluginCollection().update())); } diff --git a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/PluginDtoMapper.java b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/PluginDtoMapper.java index ff2522c352..1d71735278 100644 --- a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/PluginDtoMapper.java +++ b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/PluginDtoMapper.java @@ -81,7 +81,7 @@ public abstract class PluginDtoMapper { .self(resourceLinks.availablePlugin() .self(information.getName())); - if (!plugin.isPending() && PluginPermissions.manage().isPermitted()) { + if (!plugin.isPending() && PluginPermissions.write().isPermitted()) { String href = resourceLinks.availablePlugin().install(information.getName()); appendLink(links, "install", href); } @@ -106,7 +106,7 @@ public abstract class PluginDtoMapper { if (!plugin.isCore() && availablePlugin.isPresent() && !availablePlugin.get().isPending() - && PluginPermissions.manage().isPermitted() + && PluginPermissions.write().isPermitted() ) { String href = resourceLinks.availablePlugin().install(information.getName()); appendLink(links, "update", href); @@ -114,7 +114,7 @@ public abstract class PluginDtoMapper { if (plugin.isUninstallable() && (!availablePlugin.isPresent() || !availablePlugin.get().isPending()) - && PluginPermissions.manage().isPermitted() + && PluginPermissions.write().isPermitted() ) { String href = resourceLinks.installedPlugin().uninstall(information.getName()); appendLink(links, "uninstall", href); diff --git a/scm-webapp/src/main/java/sonia/scm/plugin/DefaultPluginManager.java b/scm-webapp/src/main/java/sonia/scm/plugin/DefaultPluginManager.java index bb6dc1491f..9acd07641e 100644 --- a/scm-webapp/src/main/java/sonia/scm/plugin/DefaultPluginManager.java +++ b/scm-webapp/src/main/java/sonia/scm/plugin/DefaultPluginManager.java @@ -157,7 +157,7 @@ public class DefaultPluginManager implements PluginManager { @Override public void install(String name, boolean restartAfterInstallation) { - PluginPermissions.manage().check(); + PluginPermissions.write().check(); getInstalled(name) .map(InstalledPlugin::isCore) @@ -192,7 +192,7 @@ public class DefaultPluginManager implements PluginManager { @Override public void uninstall(String name, boolean restartAfterInstallation) { - PluginPermissions.manage().check(); + PluginPermissions.write().check(); InstalledPlugin installed = getInstalled(name) .orElseThrow(() -> NotFoundException.notFound(entity(InstalledPlugin.class, name))); doThrow().violation("plugin is a core plugin and cannot be uninstalled").when(installed.isCore()); @@ -231,7 +231,7 @@ public class DefaultPluginManager implements PluginManager { @Override public void executePendingAndRestart() { - PluginPermissions.manage().check(); + PluginPermissions.write().check(); if (!pendingInstallQueue.isEmpty() || getInstalled().stream().anyMatch(InstalledPlugin::isMarkedForUninstall)) { triggerRestart("execute pending plugin changes"); } @@ -278,7 +278,7 @@ public class DefaultPluginManager implements PluginManager { @Override public void cancelPending() { - PluginPermissions.manage().check(); + PluginPermissions.write().check(); pendingUninstallQueue.forEach(PendingPluginUninstallation::cancel); pendingInstallQueue.forEach(PendingPluginInstallation::cancel); pendingUninstallQueue.clear(); @@ -288,7 +288,7 @@ public class DefaultPluginManager implements PluginManager { @Override public void updateAll() { - PluginPermissions.manage().check(); + PluginPermissions.write().check(); for (InstalledPlugin installedPlugin : getInstalled()) { String pluginName = installedPlugin.getDescriptor().getInformation().getName(); if (isUpdatable(pluginName)) {