From f912e65d8267262ad8be12cde554b1e6ba6bdd6a Mon Sep 17 00:00:00 2001 From: Sebastian Sdorra Date: Thu, 6 Jan 2011 11:53:45 +0100 Subject: [PATCH] fix permission bug in scm-bzr-plugin --- .../java/sonia/scm/web/BzrCGIServlet.java | 45 ++++++++++++++++++- .../sonia/scm/web/BzrPermissionFilter.java | 2 +- .../src/main/resources/sonia/scm/bzrweb.py | 7 ++- 3 files changed, 51 insertions(+), 3 deletions(-) diff --git a/plugins/scm-bzr-plugin/src/main/java/sonia/scm/web/BzrCGIServlet.java b/plugins/scm-bzr-plugin/src/main/java/sonia/scm/web/BzrCGIServlet.java index 1c6e80e29d..e6554ecd34 100644 --- a/plugins/scm-bzr-plugin/src/main/java/sonia/scm/web/BzrCGIServlet.java +++ b/plugins/scm-bzr-plugin/src/main/java/sonia/scm/web/BzrCGIServlet.java @@ -36,19 +36,24 @@ package sonia.scm.web; //~--- non-JDK imports -------------------------------------------------------- import com.google.inject.Inject; +import com.google.inject.Provider; import com.google.inject.Singleton; import sonia.scm.io.RegexResourceProcessor; import sonia.scm.io.ResourceProcessor; import sonia.scm.repository.BzrConfig; import sonia.scm.repository.BzrRepositoryHandler; +import sonia.scm.repository.PermissionType; +import sonia.scm.repository.PermissionUtil; import sonia.scm.repository.Repository; import sonia.scm.repository.RepositoryManager; +import sonia.scm.security.SecurityContext; import sonia.scm.util.AssertUtil; import sonia.scm.util.HttpUtil; import sonia.scm.util.IOUtil; import sonia.scm.web.cgi.AbstractCGIServlet; import sonia.scm.web.cgi.EnvList; +import sonia.scm.web.security.WebSecurityContext; //~--- JDK imports ------------------------------------------------------------ @@ -81,6 +86,10 @@ public class BzrCGIServlet extends AbstractCGIServlet /** Field description */ public static final String ENV_REPOSITORY_PATH = "SCM_REPOSITORY_PATH"; + /** Field description */ + public static final String ENV_REPOSITORY_READONLY = + "SCM_REPOSITORY_READONLY"; + /** Field description */ public static final String MIMETYPE_HTML = "text/html"; @@ -107,13 +116,17 @@ public class BzrCGIServlet extends AbstractCGIServlet * Constructs ... * * + * + * @param securityContextProvider * @param repositoryManager * @param handler */ @Inject - public BzrCGIServlet(RepositoryManager repositoryManager, + public BzrCGIServlet(Provider securityContextProvider, + RepositoryManager repositoryManager, BzrRepositoryHandler handler) { + this.securityContextProvider = securityContextProvider; this.repositoryManager = repositoryManager; this.handler = handler; } @@ -178,6 +191,17 @@ public class BzrCGIServlet extends AbstractCGIServlet list.set(ENV_PYTHON_PATH, pythonPath); + boolean writePermission = hasWritePermission(repository); + + if (writePermission) + { + list.set(ENV_REPOSITORY_READONLY, "False"); + } + else + { + list.set(ENV_REPOSITORY_READONLY, "True"); + } + return list; } @@ -334,6 +358,22 @@ public class BzrCGIServlet extends AbstractCGIServlet repositoryname); } + /** + * Method description + * + * + * @param repository + * + * @return + */ + private boolean hasWritePermission(Repository repository) + { + WebSecurityContext securityContext = securityContextProvider.get(); + + return PermissionUtil.hasPermission(repository, securityContext.getUser(), + PermissionType.WRITE); + } + //~--- fields --------------------------------------------------------------- /** Field description */ @@ -344,4 +384,7 @@ public class BzrCGIServlet extends AbstractCGIServlet /** Field description */ private RepositoryManager repositoryManager; + + /** Field description */ + private Provider securityContextProvider; } diff --git a/plugins/scm-bzr-plugin/src/main/java/sonia/scm/web/BzrPermissionFilter.java b/plugins/scm-bzr-plugin/src/main/java/sonia/scm/web/BzrPermissionFilter.java index 65737a88be..7107229fb0 100644 --- a/plugins/scm-bzr-plugin/src/main/java/sonia/scm/web/BzrPermissionFilter.java +++ b/plugins/scm-bzr-plugin/src/main/java/sonia/scm/web/BzrPermissionFilter.java @@ -96,6 +96,6 @@ public class BzrPermissionFilter extends RegexPermissionFilter @Override protected boolean isWriteRequest(HttpServletRequest request) { - return !request.getMethod().equalsIgnoreCase("GET"); + return false; } } diff --git a/plugins/scm-bzr-plugin/src/main/resources/sonia/scm/bzrweb.py b/plugins/scm-bzr-plugin/src/main/resources/sonia/scm/bzrweb.py index ac07f87421..7174eeb16f 100644 --- a/plugins/scm-bzr-plugin/src/main/resources/sonia/scm/bzrweb.py +++ b/plugins/scm-bzr-plugin/src/main/resources/sonia/scm/bzrweb.py @@ -10,6 +10,11 @@ if len(pythonPath) > 0: repositoryPath = os.environ['SCM_REPOSITORY_PATH'] repositoryName = os.environ['REPO_NAME'] +readonlyString = os.environ['SCM_REPOSITORY_READONLY'] +readonly = True + +if readonlyString == 'False': + readonly = False def run_with_cgi(application): @@ -76,7 +81,7 @@ def application(environ, start_response): root=repositoryPath, prefix="/"+repositoryName, path_var='PATH_INFO', - readonly=False, + readonly=readonly, enable_logging=True) return app(environ, start_response)