diff --git a/plugins/scm-bzr-plugin/src/main/java/sonia/scm/web/BzrCGIServlet.java b/plugins/scm-bzr-plugin/src/main/java/sonia/scm/web/BzrCGIServlet.java index e6554ecd34..1f5d7b7f8a 100644 --- a/plugins/scm-bzr-plugin/src/main/java/sonia/scm/web/BzrCGIServlet.java +++ b/plugins/scm-bzr-plugin/src/main/java/sonia/scm/web/BzrCGIServlet.java @@ -47,7 +47,6 @@ import sonia.scm.repository.PermissionType; import sonia.scm.repository.PermissionUtil; import sonia.scm.repository.Repository; import sonia.scm.repository.RepositoryManager; -import sonia.scm.security.SecurityContext; import sonia.scm.util.AssertUtil; import sonia.scm.util.HttpUtil; import sonia.scm.util.IOUtil; @@ -368,9 +367,7 @@ public class BzrCGIServlet extends AbstractCGIServlet */ private boolean hasWritePermission(Repository repository) { - WebSecurityContext securityContext = securityContextProvider.get(); - - return PermissionUtil.hasPermission(repository, securityContext.getUser(), + return PermissionUtil.hasPermission(repository, securityContextProvider, PermissionType.WRITE); } diff --git a/scm-core/src/main/java/sonia/scm/repository/PermissionUtil.java b/scm-core/src/main/java/sonia/scm/repository/PermissionUtil.java index 52ee4fb5b6..85526cdf3b 100644 --- a/scm-core/src/main/java/sonia/scm/repository/PermissionUtil.java +++ b/scm-core/src/main/java/sonia/scm/repository/PermissionUtil.java @@ -35,8 +35,11 @@ package sonia.scm.repository; //~--- non-JDK imports -------------------------------------------------------- +import com.google.inject.Provider; + import sonia.scm.user.User; import sonia.scm.util.AssertUtil; +import sonia.scm.web.security.WebSecurityContext; //~--- JDK imports ------------------------------------------------------------ @@ -54,18 +57,33 @@ public class PermissionUtil * * * @param repository - * @param user + * @param securityContext * @param pt */ - public static void assertPermission(Repository repository, User user, - PermissionType pt) + public static void assertPermission(Repository repository, + WebSecurityContext securityContext, PermissionType pt) { - if (!hasPermission(repository, user, pt)) + if (!hasPermission(repository, securityContext, pt)) { throw new IllegalStateException("action denied"); } } + /** + * Method description + * + * + * @param repository + * @param securityContextProvider + * @param pt + */ + public static void assertPermission(Repository repository, + Provider securityContextProvider, + PermissionType pt) + { + assertPermission(repository, securityContextProvider.get(), pt); + } + //~--- get methods ---------------------------------------------------------- /** @@ -73,14 +91,32 @@ public class PermissionUtil * * * @param repository - * @param user + * @param securityContextProvider * @param pt * * @return */ - public static boolean hasPermission(Repository repository, User user, + public static boolean hasPermission(Repository repository, + Provider securityContextProvider, PermissionType pt) { + return hasPermission(repository, securityContextProvider.get(), pt); + } + + /** + * Method description + * + * + * @param repository + * @param securityContext + * @param pt + * + * @return + */ + public static boolean hasPermission(Repository repository, + WebSecurityContext securityContext, PermissionType pt) + { + User user = securityContext.getUser(); String username = user.getName(); AssertUtil.assertIsNotEmpty(username); diff --git a/scm-core/src/main/java/sonia/scm/web/filter/PermissionFilter.java b/scm-core/src/main/java/sonia/scm/web/filter/PermissionFilter.java index b0bd301c8e..c4aed91b7d 100644 --- a/scm-core/src/main/java/sonia/scm/web/filter/PermissionFilter.java +++ b/scm-core/src/main/java/sonia/scm/web/filter/PermissionFilter.java @@ -140,7 +140,7 @@ public abstract class PermissionFilter extends HttpFilter boolean writeRequest = isWriteRequest(request); if (PermissionUtil.hasPermission(repository, - securityContext.getUser(), + securityContext, writeRequest ? PermissionType.WRITE : PermissionType.READ)) diff --git a/scm-core/src/test/java/sonia/scm/repository/PermissionUtilTest.java b/scm-core/src/test/java/sonia/scm/repository/PermissionUtilTest.java index 3b44ade372..676920ff20 100644 --- a/scm-core/src/test/java/sonia/scm/repository/PermissionUtilTest.java +++ b/scm-core/src/test/java/sonia/scm/repository/PermissionUtilTest.java @@ -37,17 +37,20 @@ package sonia.scm.repository; import org.junit.Test; -import sonia.scm.user.User; - -import static org.junit.Assert.*; - -//~--- JDK imports ------------------------------------------------------------ - -import java.util.Arrays; import sonia.scm.repository.Permission; import sonia.scm.repository.PermissionType; import sonia.scm.repository.PermissionUtil; import sonia.scm.repository.Repository; +import sonia.scm.user.User; +import sonia.scm.web.security.WebSecurityContext; + +import static org.junit.Assert.*; + +import static org.mockito.Mockito.*; + +//~--- JDK imports ------------------------------------------------------------ + +import java.util.Arrays; /** * @@ -63,7 +66,7 @@ public class PermissionUtilTest public PermissionUtilTest() { repository = new Repository(); - admams.setAdmin(true); + admams.getUser().setAdmin(true); Permission[] permissions = new Permission[] { new Permission("dent", PermissionType.READ), @@ -140,28 +143,50 @@ public class PermissionUtilTest PermissionType.OWNER)); } + //~--- methods -------------------------------------------------------------- + + /** + * Method description + * + * + * @param user + * + * @return + */ + private WebSecurityContext mockCtx(User user) + { + WebSecurityContext context = mock(WebSecurityContext.class); + + when(context.getUser()).thenReturn(user); + + return context; + } + //~--- fields --------------------------------------------------------------- /** Field description */ - private User dent = new User("dent", "Arthur Dent", - "arthur.dent@hitchhiker.com"); + private WebSecurityContext dent = mockCtx(new User("dent", "Arthur Dent", + "arthur.dent@hitchhiker.com")); /** Field description */ - private User perfect = new User("perfect", "Ford Prefect", - "ford.perfect@hitchhiker.com"); + private WebSecurityContext perfect = mockCtx(new User("perfect", + "Ford Prefect", + "ford.perfect@hitchhiker.com")); /** Field description */ private Repository repository; /** Field description */ - private User slarti = new User("slarti", "Slartibartfaß", - "slartibartfass@hitchhiker.com"); + private WebSecurityContext slarti = mockCtx(new User("slarti", + "Slartibartfaß", + "slartibartfass@hitchhiker.com")); /** Field description */ - private User marvin = new User("marvin", "Marvin", - "paranoid.android@hitchhiker.com"); + private WebSecurityContext marvin = mockCtx(new User("marvin", "Marvin", + "paranoid.android@hitchhiker.com")); /** Field description */ - private User admams = new User("adams", "Douglas Adams", - "douglas.adams@hitchhiker.com"); + private WebSecurityContext admams = mockCtx(new User("adams", + "Douglas Adams", + "douglas.adams@hitchhiker.com")); } diff --git a/scm-test/src/main/java/sonia/scm/util/MockUtil.java b/scm-test/src/main/java/sonia/scm/util/MockUtil.java index de93a4a3ce..ba6d9c74f5 100644 --- a/scm-test/src/main/java/sonia/scm/util/MockUtil.java +++ b/scm-test/src/main/java/sonia/scm/util/MockUtil.java @@ -38,8 +38,9 @@ package sonia.scm.util; import com.google.inject.Provider; import sonia.scm.SCMContextProvider; -import sonia.scm.security.SecurityContext; import sonia.scm.user.User; +import sonia.scm.web.security.DummyWebSecurityContext; +import sonia.scm.web.security.WebSecurityContext; import static org.mockito.Mockito.*; @@ -63,17 +64,14 @@ public class MockUtil * * @return */ - public static Provider getAdminSecurityContextProvider() + public static Provider getAdminSecurityContextProvider() { User admin = new User("scmadmin", "SCM Admin", "scmadmin@scm.org"); admin.setAdmin(true); - SecurityContext context = mock(SecurityContext.class); - - when(context.getUser()).thenReturn(admin); - - Provider scp = mock(Provider.class); + DummyWebSecurityContext context = new DummyWebSecurityContext(admin); + Provider scp = mock(Provider.class); when(scp.get()).thenReturn(context); diff --git a/scm-test/src/main/java/sonia/scm/web/security/DummyWebSecurityContext.java b/scm-test/src/main/java/sonia/scm/web/security/DummyWebSecurityContext.java new file mode 100644 index 0000000000..9ec7ab1409 --- /dev/null +++ b/scm-test/src/main/java/sonia/scm/web/security/DummyWebSecurityContext.java @@ -0,0 +1,128 @@ +/** + * Copyright (c) 2010, Sebastian Sdorra + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * 3. Neither the name of SCM-Manager; nor the names of its + * contributors may be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + * http://bitbucket.org/sdorra/scm-manager + * + */ + + + +package sonia.scm.web.security; + +//~--- non-JDK imports -------------------------------------------------------- + +import sonia.scm.user.User; + +//~--- JDK imports ------------------------------------------------------------ + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * + * @author Sebastian Sdorra + */ +public class DummyWebSecurityContext implements WebSecurityContext +{ + + /** + * Constructs ... + * + * + * @param user + */ + public DummyWebSecurityContext(User user) + { + this.user = user; + } + + //~--- methods -------------------------------------------------------------- + + /** + * Method description + * + * + * @param request + * @param response + * @param username + * @param password + * + * @return + */ + @Override + public User authenticate(HttpServletRequest request, + HttpServletResponse response, String username, + String password) + { + return user; + } + + /** + * Method description + * + * + * @param request + * @param response + */ + @Override + public void logout(HttpServletRequest request, HttpServletResponse response) + { + + // do nothing + } + + //~--- get methods ---------------------------------------------------------- + + /** + * Method description + * + * + * @return + */ + @Override + public User getUser() + { + return user; + } + + /** + * Method description + * + * + * @return + */ + @Override + public boolean isAuthenticated() + { + return true; + } + + //~--- fields --------------------------------------------------------------- + + /** Field description */ + private User user; +} diff --git a/scm-webapp/src/main/java/sonia/scm/repository/xml/XmlRepositoryManager.java b/scm-webapp/src/main/java/sonia/scm/repository/xml/XmlRepositoryManager.java index 23c9d2cbd5..39922bd722 100644 --- a/scm-webapp/src/main/java/sonia/scm/repository/xml/XmlRepositoryManager.java +++ b/scm-webapp/src/main/java/sonia/scm/repository/xml/XmlRepositoryManager.java @@ -62,6 +62,7 @@ import sonia.scm.store.StoreFactory; import sonia.scm.user.User; import sonia.scm.util.AssertUtil; import sonia.scm.util.IOUtil; +import sonia.scm.web.security.WebSecurityContext; //~--- JDK imports ------------------------------------------------------------ @@ -103,7 +104,7 @@ public class XmlRepositoryManager extends AbstractRepositoryManager */ @Inject public XmlRepositoryManager( - Provider securityContextProvider, + Provider securityContextProvider, StoreFactory storeFactory, Set handlerSet) { this.securityContextProvider = securityContextProvider; @@ -469,7 +470,7 @@ public class XmlRepositoryManager extends AbstractRepositoryManager */ private void assertIsOwner(Repository repository) { - PermissionUtil.assertPermission(repository, getCurrentUser(), + PermissionUtil.assertPermission(repository, securityContextProvider, PermissionType.OWNER); } @@ -481,7 +482,7 @@ public class XmlRepositoryManager extends AbstractRepositoryManager */ private void assertIsReader(Repository repository) { - PermissionUtil.assertPermission(repository, getCurrentUser(), + PermissionUtil.assertPermission(repository, securityContextProvider, PermissionType.READ); } @@ -555,7 +556,7 @@ public class XmlRepositoryManager extends AbstractRepositoryManager */ private boolean isReader(Repository repository) { - return PermissionUtil.hasPermission(repository, getCurrentUser(), + return PermissionUtil.hasPermission(repository, securityContextProvider, PermissionType.READ); } @@ -571,7 +572,7 @@ public class XmlRepositoryManager extends AbstractRepositoryManager private XmlRepositoryDatabase repositoryDB; /** Field description */ - private Provider securityContextProvider; + private Provider securityContextProvider; /** Field description */ private Set types; diff --git a/scm-webapp/src/main/java/sonia/scm/user/xml/XmlUserManager.java b/scm-webapp/src/main/java/sonia/scm/user/xml/XmlUserManager.java index e552d4c30a..9851be964f 100644 --- a/scm-webapp/src/main/java/sonia/scm/user/xml/XmlUserManager.java +++ b/scm-webapp/src/main/java/sonia/scm/user/xml/XmlUserManager.java @@ -45,7 +45,6 @@ import org.slf4j.LoggerFactory; import sonia.scm.HandlerEvent; import sonia.scm.SCMContextProvider; import sonia.scm.security.ScmSecurityException; -import sonia.scm.security.SecurityContext; import sonia.scm.store.Store; import sonia.scm.store.StoreFactory; import sonia.scm.user.AbstractUserManager; @@ -56,6 +55,7 @@ import sonia.scm.util.AssertUtil; import sonia.scm.util.IOUtil; import sonia.scm.util.SecurityUtil; import sonia.scm.util.Util; +import sonia.scm.web.security.WebSecurityContext; //~--- JDK imports ------------------------------------------------------------ @@ -104,7 +104,7 @@ public class XmlUserManager extends AbstractUserManager * @param storeFactory */ @Inject - public XmlUserManager(Provider scurityContextProvider, + public XmlUserManager(Provider scurityContextProvider, StoreFactory storeFactory) { this.scurityContextProvider = scurityContextProvider; @@ -428,7 +428,7 @@ public class XmlUserManager extends AbstractUserManager //~--- fields --------------------------------------------------------------- /** Field description */ - private Provider scurityContextProvider; + private Provider scurityContextProvider; /** Field description */ private Store store;