From f94922837b997183cf3749e6d5e7ae5ca3af42af Mon Sep 17 00:00:00 2001 From: Mohamed Karray Date: Tue, 16 Oct 2018 09:15:35 +0200 Subject: [PATCH] apply permission from adapter --- .../scm/api/v2/resources/IdResourceManagerAdapter.java | 9 +++++---- .../main/java/sonia/scm/api/v2/resources/MeResource.java | 2 +- .../java/sonia/scm/api/v2/resources/UserResource.java | 2 +- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/IdResourceManagerAdapter.java b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/IdResourceManagerAdapter.java index d58a870d6a..f3ff20b010 100644 --- a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/IdResourceManagerAdapter.java +++ b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/IdResourceManagerAdapter.java @@ -51,9 +51,10 @@ class IdResourceManagerAdapter getChangePasswordPermission(String usernameToChangePassword) { + public Function getChangePasswordPermission(String usernameToChangePassword) { AssertUtil.assertIsNotEmpty(usernameToChangePassword); - return user -> { + return model -> { + User user = (User) model; if (usernameToChangePassword.equals(AuthenticationUtil.getAuthenticatedUsername())) { return UserPermissions.changeOwnPassword(); } @@ -61,13 +62,13 @@ class IdResourceManagerAdapter applyChanges, Consumer checker, Function permissionCheck) throws NotFoundException, ConcurrentModificationException { + public Response changePassword(String id, Function applyChanges, Consumer checker ) throws NotFoundException, ConcurrentModificationException { return singleAdapter.changePassword( loadBy(id), applyChanges, idStaysTheSame(id), checker, - permissionCheck); + getChangePasswordPermission(id)); } public Response update(String id, Function applyChanges) throws NotFoundException, ConcurrentModificationException { diff --git a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/MeResource.java b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/MeResource.java index 4c99b62618..7ebbf7ebb2 100644 --- a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/MeResource.java +++ b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/MeResource.java @@ -81,7 +81,7 @@ public class MeResource { @Consumes(VndMediaType.PASSWORD_CHANGE) public Response changePassword(PasswordChangeDto passwordChangeDto) throws NotFoundException, ConcurrentModificationException { String name = (String) SecurityUtils.getSubject().getPrincipals().getPrimaryPrincipal(); - return adapter.changePassword(name, user -> user.clone().changePassword(passwordService.encryptPassword(passwordChangeDto.getNewPassword())), userManager.getChangePasswordChecker().andThen(getOldOriginalPasswordChecker(passwordChangeDto.getOldPassword())), user -> UserPermissions.changeOwnPassword()); + return adapter.changePassword(name, user -> user.clone().changePassword(passwordService.encryptPassword(passwordChangeDto.getNewPassword())), userManager.getChangePasswordChecker().andThen(getOldOriginalPasswordChecker(passwordChangeDto.getOldPassword()))); } /** diff --git a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/UserResource.java b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/UserResource.java index 42f9274d74..8c87d1b2d7 100644 --- a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/UserResource.java +++ b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/UserResource.java @@ -130,7 +130,7 @@ public class UserResource { }) @TypeHint(TypeHint.NO_CONTENT.class) public Response changePassword(@PathParam("id") String name, @Valid PasswordChangeDto passwordChangeDto) throws NotFoundException, ConcurrentModificationException { - return adapter.changePassword(name, user -> user.changePassword(passwordService.encryptPassword(passwordChangeDto.getNewPassword())), userManager.getChangePasswordChecker(), adapter.getChangePasswordPermission(name)); + return adapter.changePassword(name, user -> user.changePassword(passwordService.encryptPassword(passwordChangeDto.getNewPassword())), userManager.getChangePasswordChecker()); } }