add permission to modify the own password over the me and the user endpoints

2025-11-10 23:45:44 +01:00 · 2018-10-12 15:20:58 +02:00
parent 67b3630c16
commit 023b362f68
19 changed files with 191 additions and 91 deletions
--- a/scm-webapp/src/main/java/sonia/scm/user/DefaultUserManager.java
+++ b/scm-webapp/src/main/java/sonia/scm/user/DefaultUserManager.java
@@ -36,6 +36,7 @@ package sonia.scm.user;
 //~--- non-JDK imports --------------------------------------------------------

 import com.github.sdorra.ssp.PermissionActionCheck;
+import com.github.sdorra.ssp.PermissionCheck;
 import com.google.inject.Inject;
 import com.google.inject.Singleton;
 import org.slf4j.Logger;
@@ -63,6 +64,7 @@ import java.util.Collection;
 import java.util.Collections;
 import java.util.Comparator;
 import java.util.List;
+import java.util.function.Function;

 //~--- JDK imports ------------------------------------------------------------

@@ -194,11 +196,15 @@ public class DefaultUserManager extends AbstractUserManager
   */
  @Override
  public void modify(User user) throws NotFoundException {
-    logger.info("modify user {} of type {}", user.getName(), user.getType());
+    modify(user,UserPermissions::modify);
+  }

+  @Override
+  public void modify(User user, Function<User, PermissionCheck> permissionChecker) throws NotFoundException {
+    logger.info("modify user {} of type {}", user.getName(), user.getType());
    managerDaoAdapter.modify(
      user,
-      UserPermissions::modify,
+      permissionChecker,
      notModified -> fireEvent(HandlerEventType.BEFORE_MODIFY, user, notModified),
      notModified -> fireEvent(HandlerEventType.MODIFY, user, notModified));
  }