From 84191eb242c40a4cfab965ad9a06795a54440e3a Mon Sep 17 00:00:00 2001
From: Sebastian Sdorra <sebastian.sdorra@cloudogu.com>
Date: Thu, 16 Dec 2010 07:46:02 +0100
Subject: [PATCH] secure plugin manager

---
 .../sonia/scm/plugin/PluginInformation.java   | 20 ++++++++++++-
 .../scm/plugin/DefaultPluginManager.java      | 28 ++++++++++++++++---
 2 files changed, 43 insertions(+), 5 deletions(-)

diff --git a/scm-core/src/main/java/sonia/scm/plugin/PluginInformation.java b/scm-core/src/main/java/sonia/scm/plugin/PluginInformation.java
index 05b5c6c98b..df87714c10 100644
--- a/scm-core/src/main/java/sonia/scm/plugin/PluginInformation.java
+++ b/scm-core/src/main/java/sonia/scm/plugin/PluginInformation.java
@@ -33,6 +33,11 @@
 
 package sonia.scm.plugin;
 
+//~--- non-JDK imports --------------------------------------------------------
+
+import sonia.scm.Validateable;
+import sonia.scm.util.Util;
+
 //~--- JDK imports ------------------------------------------------------------
 
 import javax.xml.bind.annotation.XmlRootElement;
@@ -42,7 +47,7 @@ import javax.xml.bind.annotation.XmlRootElement;
  * @author Sebastian Sdorra
  */
 @XmlRootElement(name = "plugin-information")
-public class PluginInformation
+public class PluginInformation implements Validateable
 {
 
   /**
@@ -137,6 +142,19 @@ public class PluginInformation
     return version;
   }
 
+  /**
+   * Method description
+   *
+   *
+   * @return
+   */
+  @Override
+  public boolean isValid()
+  {
+    return Util.isNotEmpty(groupId) && Util.isNotEmpty(artifactId)
+           && Util.isNotEmpty(name) && Util.isNotEmpty(version);
+  }
+
   //~--- set methods ----------------------------------------------------------
 
   /**
diff --git a/scm-webapp/src/main/java/sonia/scm/plugin/DefaultPluginManager.java b/scm-webapp/src/main/java/sonia/scm/plugin/DefaultPluginManager.java
index 81f948ed72..3d584a5fcf 100644
--- a/scm-webapp/src/main/java/sonia/scm/plugin/DefaultPluginManager.java
+++ b/scm-webapp/src/main/java/sonia/scm/plugin/DefaultPluginManager.java
@@ -36,6 +36,7 @@ package sonia.scm.plugin;
 //~--- non-JDK imports --------------------------------------------------------
 
 import com.google.inject.Inject;
+import com.google.inject.Provider;
 import com.google.inject.Singleton;
 
 import org.slf4j.Logger;
@@ -46,6 +47,8 @@ import sonia.scm.SCMContext;
 import sonia.scm.cache.CacheManager;
 import sonia.scm.cache.SimpleCache;
 import sonia.scm.config.ScmConfiguration;
+import sonia.scm.security.SecurityContext;
+import sonia.scm.util.SecurityUtil;
 
 //~--- JDK imports ------------------------------------------------------------
 
@@ -81,15 +84,19 @@ public class DefaultPluginManager implements PluginManager
    *
    *
    *
+   *
+   * @param securityContextProvicer
    * @param configuration
    * @param pluginLoader
    * @param cacheManager
    */
   @Inject
-  public DefaultPluginManager(ScmConfiguration configuration,
-                              PluginLoader pluginLoader,
-                              CacheManager cacheManager)
+  public DefaultPluginManager(
+          Provider<SecurityContext> securityContextProvicer,
+          ScmConfiguration configuration, PluginLoader pluginLoader,
+          CacheManager cacheManager)
   {
+    this.securityContextProvicer = securityContextProvicer;
     this.configuration = configuration;
     this.cache = cacheManager.getSimpleCache(String.class, PluginCenter.class,
             CACHE_NAME);
@@ -99,7 +106,7 @@ public class DefaultPluginManager implements PluginManager
     {
       PluginInformation info = plugin.getInformation();
 
-      if (info != null)
+      if ((info != null) && info.isValid())
       {
         installedPlugins.put(info.getId(), plugin.getInformation());
       }
@@ -127,6 +134,8 @@ public class DefaultPluginManager implements PluginManager
   @Override
   public void install(String id)
   {
+    SecurityUtil.assertIsAdmin(securityContextProvicer);
+
     if (pluginHandler == null)
     {
       getPluginCenter();
@@ -144,6 +153,8 @@ public class DefaultPluginManager implements PluginManager
   @Override
   public void uninstall(String id)
   {
+    SecurityUtil.assertIsAdmin(securityContextProvicer);
+
     throw new UnsupportedOperationException("Not supported yet.");
   }
 
@@ -160,6 +171,8 @@ public class DefaultPluginManager implements PluginManager
   @Override
   public PluginInformation get(String id)
   {
+    SecurityUtil.assertIsAdmin(securityContextProvicer);
+
     PluginInformation result = null;
 
     for (PluginInformation info : getPluginCenter().getPlugins())
@@ -184,6 +197,8 @@ public class DefaultPluginManager implements PluginManager
   @Override
   public Collection<PluginInformation> getAvailable()
   {
+    SecurityUtil.assertIsAdmin(securityContextProvicer);
+
     return getPluginCenter().getPlugins();
   }
 
@@ -196,6 +211,8 @@ public class DefaultPluginManager implements PluginManager
   @Override
   public Collection<PluginInformation> getInstalled()
   {
+    SecurityUtil.assertIsAdmin(securityContextProvicer);
+
     return installedPlugins.values();
   }
 
@@ -256,6 +273,9 @@ public class DefaultPluginManager implements PluginManager
   /** Field description */
   private AetherPluginHandler pluginHandler;
 
+  /** Field description */
+  private Provider<SecurityContext> securityContextProvicer;
+
   /** Field description */
   private Unmarshaller unmarshaller;
 }