Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2026-03-06 20:30:52 +01:00
Code Issues Packages Projects Releases Activity

improve PermissionUtil

Browse Source
This commit is contained in:
Sebastian Sdorra
2011-01-06 12:44:18 +01:00
parent d9f496d425
commit dfef03f074
8 changed files with 229 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
plugins/scm-bzr-plugin/src/main/java/sonia/scm/web/BzrCGIServlet.java
View File

@@ -47,7 +47,6 @@ import sonia.scm.repository.PermissionType;
import sonia.scm.repository.PermissionUtil;
import sonia.scm.repository.Repository;
import sonia.scm.repository.RepositoryManager;
import sonia.scm.security.SecurityContext;
import sonia.scm.util.AssertUtil;
import sonia.scm.util.HttpUtil;
import sonia.scm.util.IOUtil;
@@ -368,9 +367,7 @@ public class BzrCGIServlet extends AbstractCGIServlet
*/
private boolean hasWritePermission(Repository repository)
{
WebSecurityContext securityContext = securityContextProvider.get();
return PermissionUtil.hasPermission(repository, securityContext.getUser(),
return PermissionUtil.hasPermission(repository, securityContextProvider,
PermissionType.WRITE);
}

48
scm-core/src/main/java/sonia/scm/repository/PermissionUtil.java
View File

@@ -35,8 +35,11 @@ package sonia.scm.repository;
//~--- non-JDK imports --------------------------------------------------------
import com.google.inject.Provider;
import sonia.scm.user.User;
import sonia.scm.util.AssertUtil;
import sonia.scm.web.security.WebSecurityContext;
//~--- JDK imports ------------------------------------------------------------
@@ -54,18 +57,33 @@ public class PermissionUtil
*
*
* @param repository
* @param user
* @param securityContext
* @param pt
*/
public static void assertPermission(Repository repository, User user,
PermissionType pt)
public static void assertPermission(Repository repository,
WebSecurityContext securityContext, PermissionType pt)
{
if (!hasPermission(repository, user, pt))
if (!hasPermission(repository, securityContext, pt))
{
throw new IllegalStateException("action denied");
}
}
/**
* Method description
*
*
* @param repository
* @param securityContextProvider
* @param pt
*/
public static void assertPermission(Repository repository,
Provider<WebSecurityContext> securityContextProvider,
PermissionType pt)
{
assertPermission(repository, securityContextProvider.get(), pt);
}
//~--- get methods ----------------------------------------------------------
/**
@@ -73,14 +91,32 @@ public class PermissionUtil
*
*
* @param repository
* @param user
* @param securityContextProvider
* @param pt
*
* @return
*/
public static boolean hasPermission(Repository repository, User user,
public static boolean hasPermission(Repository repository,
Provider<WebSecurityContext> securityContextProvider,
PermissionType pt)
{
return hasPermission(repository, securityContextProvider.get(), pt);
}
/**
* Method description
*
*
* @param repository
* @param securityContext
* @param pt
*
* @return
*/
public static boolean hasPermission(Repository repository,
WebSecurityContext securityContext, PermissionType pt)
{
User user = securityContext.getUser();
String username = user.getName();
AssertUtil.assertIsNotEmpty(username);

2
scm-core/src/main/java/sonia/scm/web/filter/PermissionFilter.java
View File

@@ -140,7 +140,7 @@ public abstract class PermissionFilter extends HttpFilter
boolean writeRequest = isWriteRequest(request);
if (PermissionUtil.hasPermission(repository,
securityContext.getUser(),
securityContext,
writeRequest
? PermissionType.WRITE
: PermissionType.READ))

61
scm-core/src/test/java/sonia/scm/repository/PermissionUtilTest.java
View File

@@ -37,17 +37,20 @@ package sonia.scm.repository;
import org.junit.Test;
import sonia.scm.user.User;
import static org.junit.Assert.*;
//~--- JDK imports ------------------------------------------------------------
import java.util.Arrays;
import sonia.scm.repository.Permission;
import sonia.scm.repository.PermissionType;
import sonia.scm.repository.PermissionUtil;
import sonia.scm.repository.Repository;
import sonia.scm.user.User;
import sonia.scm.web.security.WebSecurityContext;
import static org.junit.Assert.*;
import static org.mockito.Mockito.*;
//~--- JDK imports ------------------------------------------------------------
import java.util.Arrays;
/**
*
@@ -63,7 +66,7 @@ public class PermissionUtilTest
public PermissionUtilTest()
{
repository = new Repository();
admams.setAdmin(true);
admams.getUser().setAdmin(true);
Permission[] permissions = new Permission[] {
new Permission("dent", PermissionType.READ),
@@ -140,28 +143,50 @@ public class PermissionUtilTest
PermissionType.OWNER));
}
//~--- methods --------------------------------------------------------------
/**
* Method description
*
*
* @param user
*
* @return
*/
private WebSecurityContext mockCtx(User user)
{
WebSecurityContext context = mock(WebSecurityContext.class);
when(context.getUser()).thenReturn(user);
return context;
}
//~--- fields ---------------------------------------------------------------
/** Field description */
private User dent = new User("dent", "Arthur Dent",
"arthur.dent@hitchhiker.com");
private WebSecurityContext dent = mockCtx(new User("dent", "Arthur Dent",
"arthur.dent@hitchhiker.com"));
/** Field description */
private User perfect = new User("perfect", "Ford Prefect",
"ford.perfect@hitchhiker.com");
private WebSecurityContext perfect = mockCtx(new User("perfect",
"Ford Prefect",
"ford.perfect@hitchhiker.com"));
/** Field description */
private Repository repository;
/** Field description */
private User slarti = new User("slarti", "Slartibartfaß",
"slartibartfass@hitchhiker.com");
private WebSecurityContext slarti = mockCtx(new User("slarti",
"Slartibartfaß",
"slartibartfass@hitchhiker.com"));
/** Field description */
private User marvin = new User("marvin", "Marvin",
"paranoid.android@hitchhiker.com");
private WebSecurityContext marvin = mockCtx(new User("marvin", "Marvin",
"paranoid.android@hitchhiker.com"));
/** Field description */
private User admams = new User("adams", "Douglas Adams",
"douglas.adams@hitchhiker.com");
private WebSecurityContext admams = mockCtx(new User("adams",
"Douglas Adams",
"douglas.adams@hitchhiker.com"));
}

12
scm-test/src/main/java/sonia/scm/util/MockUtil.java
View File

@@ -38,8 +38,9 @@ package sonia.scm.util;
import com.google.inject.Provider;
import sonia.scm.SCMContextProvider;
import sonia.scm.security.SecurityContext;
import sonia.scm.user.User;
import sonia.scm.web.security.DummyWebSecurityContext;
import sonia.scm.web.security.WebSecurityContext;
import static org.mockito.Mockito.*;
@@ -63,17 +64,14 @@ public class MockUtil
*
* @return
*/
public static Provider<SecurityContext> getAdminSecurityContextProvider()
public static Provider<WebSecurityContext> getAdminSecurityContextProvider()
{
User admin = new User("scmadmin", "SCM Admin", "scmadmin@scm.org");
admin.setAdmin(true);
SecurityContext context = mock(SecurityContext.class);
when(context.getUser()).thenReturn(admin);
Provider<SecurityContext> scp = mock(Provider.class);
DummyWebSecurityContext context = new DummyWebSecurityContext(admin);
Provider<WebSecurityContext> scp = mock(Provider.class);
when(scp.get()).thenReturn(context);

128
scm-test/src/main/java/sonia/scm/web/security/DummyWebSecurityContext.java Normal file
View File

@@ -0,0 +1,128 @@
/**
* Copyright (c) 2010, Sebastian Sdorra
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
* 3. Neither the name of SCM-Manager; nor the names of its
* contributors may be used to endorse or promote products derived from this
* software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY
* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
* ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* http://bitbucket.org/sdorra/scm-manager
*
*/
package sonia.scm.web.security;
//~--- non-JDK imports --------------------------------------------------------
import sonia.scm.user.User;
//~--- JDK imports ------------------------------------------------------------
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
*
* @author Sebastian Sdorra
*/
public class DummyWebSecurityContext implements WebSecurityContext
{
/**
* Constructs ...
*
*
* @param user
*/
public DummyWebSecurityContext(User user)
{
this.user = user;
}
//~--- methods --------------------------------------------------------------
/**
* Method description
*
*
* @param request
* @param response
* @param username
* @param password
*
* @return
*/
@Override
public User authenticate(HttpServletRequest request,
HttpServletResponse response, String username,
String password)
{
return user;
}
/**
* Method description
*
*
* @param request
* @param response
*/
@Override
public void logout(HttpServletRequest request, HttpServletResponse response)
{
// do nothing
}
//~--- get methods ----------------------------------------------------------
/**
* Method description
*
*
* @return
*/
@Override
public User getUser()
{
return user;
}
/**
* Method description
*
*
* @return
*/
@Override
public boolean isAuthenticated()
{
return true;
}
//~--- fields ---------------------------------------------------------------
/** Field description */
private User user;
}

11
scm-webapp/src/main/java/sonia/scm/repository/xml/XmlRepositoryManager.java
View File

@@ -62,6 +62,7 @@ import sonia.scm.store.StoreFactory;
import sonia.scm.user.User;
import sonia.scm.util.AssertUtil;
import sonia.scm.util.IOUtil;
import sonia.scm.web.security.WebSecurityContext;
//~--- JDK imports ------------------------------------------------------------
@@ -103,7 +104,7 @@ public class XmlRepositoryManager extends AbstractRepositoryManager
*/
@Inject
public XmlRepositoryManager(
Provider<SecurityContext> securityContextProvider,
Provider<WebSecurityContext> securityContextProvider,
StoreFactory storeFactory, Set<RepositoryHandler> handlerSet)
{
this.securityContextProvider = securityContextProvider;
@@ -469,7 +470,7 @@ public class XmlRepositoryManager extends AbstractRepositoryManager
*/
private void assertIsOwner(Repository repository)
{
PermissionUtil.assertPermission(repository, getCurrentUser(),
PermissionUtil.assertPermission(repository, securityContextProvider,
PermissionType.OWNER);
}
@@ -481,7 +482,7 @@ public class XmlRepositoryManager extends AbstractRepositoryManager
*/
private void assertIsReader(Repository repository)
{
PermissionUtil.assertPermission(repository, getCurrentUser(),
PermissionUtil.assertPermission(repository, securityContextProvider,
PermissionType.READ);
}
@@ -555,7 +556,7 @@ public class XmlRepositoryManager extends AbstractRepositoryManager
*/
private boolean isReader(Repository repository)
{
return PermissionUtil.hasPermission(repository, getCurrentUser(),
return PermissionUtil.hasPermission(repository, securityContextProvider,
PermissionType.READ);
}
@@ -571,7 +572,7 @@ public class XmlRepositoryManager extends AbstractRepositoryManager
private XmlRepositoryDatabase repositoryDB;
/** Field description */
private Provider<SecurityContext> securityContextProvider;
private Provider<WebSecurityContext> securityContextProvider;
/** Field description */
private Set<Type> types;

6
scm-webapp/src/main/java/sonia/scm/user/xml/XmlUserManager.java
View File

@@ -45,7 +45,6 @@ import org.slf4j.LoggerFactory;
import sonia.scm.HandlerEvent;
import sonia.scm.SCMContextProvider;
import sonia.scm.security.ScmSecurityException;
import sonia.scm.security.SecurityContext;
import sonia.scm.store.Store;
import sonia.scm.store.StoreFactory;
import sonia.scm.user.AbstractUserManager;
@@ -56,6 +55,7 @@ import sonia.scm.util.AssertUtil;
import sonia.scm.util.IOUtil;
import sonia.scm.util.SecurityUtil;
import sonia.scm.util.Util;
import sonia.scm.web.security.WebSecurityContext;
//~--- JDK imports ------------------------------------------------------------
@@ -104,7 +104,7 @@ public class XmlUserManager extends AbstractUserManager
* @param storeFactory
*/
@Inject
public XmlUserManager(Provider<SecurityContext> scurityContextProvider,
public XmlUserManager(Provider<WebSecurityContext> scurityContextProvider,
StoreFactory storeFactory)
{
this.scurityContextProvider = scurityContextProvider;
@@ -428,7 +428,7 @@ public class XmlUserManager extends AbstractUserManager
//~--- fields ---------------------------------------------------------------
/** Field description */
private Provider<SecurityContext> scurityContextProvider;
private Provider<WebSecurityContext> scurityContextProvider;
/** Field description */
private Store<XmlUserDatabase> store;