From 6815634fad4ef392fb469cc33cca27b47f37bd8d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20Pfeuffer?= Date: Sat, 19 Jan 2019 20:27:25 +0100 Subject: [PATCH] Fail assignment on not existing permission --- .../sonia/scm/security/PermissionAssigner.java | 15 +++++++++++++++ .../scm/security/PermissionAssignerTest.java | 18 +++++++++++++++++- 2 files changed, 32 insertions(+), 1 deletion(-) diff --git a/scm-webapp/src/main/java/sonia/scm/security/PermissionAssigner.java b/scm-webapp/src/main/java/sonia/scm/security/PermissionAssigner.java index b7874add69..22b3cd1e2c 100644 --- a/scm-webapp/src/main/java/sonia/scm/security/PermissionAssigner.java +++ b/scm-webapp/src/main/java/sonia/scm/security/PermissionAssigner.java @@ -1,5 +1,8 @@ package sonia.scm.security; +import sonia.scm.ContextEntry; +import sonia.scm.NotFoundException; + import javax.inject.Inject; import java.util.Collection; import java.util.List; @@ -62,9 +65,21 @@ public class PermissionAssigner { .collect(Collectors.toList()); toRemove.forEach(securitySystem::deletePermission); + Collection availablePermissions = this.getAvailablePermissions(); + permissions.stream() + .filter(permissionExists(availablePermissions)) .map(p -> new AssignedPermission(id, groupPermission, p)) .filter(p -> !existingPermissions.contains(p)) .forEach(securitySystem::addPermission); } + + private Predicate permissionExists(Collection availablePermissions) { + return p -> { + if (!availablePermissions.contains(p)) { + throw NotFoundException.notFound(ContextEntry.ContextBuilder.entity("permission", p.getValue())); + } + return true; + }; + } } diff --git a/scm-webapp/src/test/java/sonia/scm/security/PermissionAssignerTest.java b/scm-webapp/src/test/java/sonia/scm/security/PermissionAssignerTest.java index a5eb32b594..8ab2ef8c8e 100644 --- a/scm-webapp/src/test/java/sonia/scm/security/PermissionAssignerTest.java +++ b/scm-webapp/src/test/java/sonia/scm/security/PermissionAssignerTest.java @@ -8,11 +8,14 @@ import org.junit.Before; import org.junit.Rule; import org.junit.Test; import org.junit.rules.ExpectedException; +import sonia.scm.NotFoundException; import sonia.scm.plugin.PluginLoader; import sonia.scm.store.InMemoryConfigurationEntryStoreFactory; import sonia.scm.util.ClassLoaders; +import java.util.Arrays; import java.util.Collection; +import java.util.stream.Collectors; import static java.util.Arrays.asList; import static org.mockito.Mockito.mock; @@ -35,7 +38,14 @@ public class PermissionAssignerTest { PluginLoader pluginLoader = mock(PluginLoader.class); when(pluginLoader.getUberClassLoader()).thenReturn(ClassLoaders.getContextClassLoader(DefaultSecuritySystem.class)); - securitySystem = new DefaultSecuritySystem(new InMemoryConfigurationEntryStoreFactory(), pluginLoader); + securitySystem = new DefaultSecuritySystem(new InMemoryConfigurationEntryStoreFactory(), pluginLoader) { + @Override + public Collection getAvailablePermissions() { + return Arrays.stream(new String[]{"perm:read:1", "perm:read:2", "perm:read:3", "perm:read:4"}) + .map(PermissionDescriptor::new) + .collect(Collectors.toList()); + } + }; try { securitySystem.addPermission(new AssignedPermission("1", "perm:read:1")); @@ -86,4 +96,10 @@ public class PermissionAssignerTest { permissionAssigner.setPermissionsForUser("2", asList(new PermissionDescriptor("perm:read:3"), new PermissionDescriptor("perm:read:4"))); } + + @Test + public void shouldFailForNotExistingPermissions() { + expectedException.expect(NotFoundException.class); + permissionAssigner.setPermissionsForUser("2", asList(new PermissionDescriptor("perm:read:5"), new PermissionDescriptor("perm:read:4"))); + } }