Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2025-11-15 17:56:17 +01:00
Code Issues Packages Projects Releases Activity

check permission in RepositoryManager

Browse Source
This commit is contained in:
Sebastian Sdorra
2010-11-26 17:57:05 +01:00
parent 2fdc1d3a7e
commit 0bf318e0fa
13 changed files with 187 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
plugins/scm-git-plugin/src/main/java/sonia/scm/web/GitPermissionFilter.java
View File

@@ -42,7 +42,7 @@ import com.google.inject.Singleton;
import sonia.scm.repository.GitRepositoryHandler;
import sonia.scm.repository.RepositoryManager;
import sonia.scm.web.filter.RegexPermissionFilter;
import sonia.scm.web.security.SecurityContext;
import sonia.scm.web.security.WebSecurityContext;
//~--- JDK imports ------------------------------------------------------------
@@ -70,7 +70,7 @@ public class GitPermissionFilter extends RegexPermissionFilter
* @param repositoryManager
*/
@Inject
public GitPermissionFilter(Provider<SecurityContext> securityContextProvider,
public GitPermissionFilter(Provider<WebSecurityContext> securityContextProvider,
RepositoryManager repositoryManager)
{
super(securityContextProvider, repositoryManager);

4
plugins/scm-hg-plugin/src/main/java/sonia/scm/web/HgPermissionFilter.java
View File

@@ -44,7 +44,7 @@ import sonia.scm.repository.Repository;
import sonia.scm.repository.RepositoryManager;
import sonia.scm.web.filter.PermissionFilter;
import sonia.scm.web.filter.RegexPermissionFilter;
import sonia.scm.web.security.SecurityContext;
import sonia.scm.web.security.WebSecurityContext;
//~--- JDK imports ------------------------------------------------------------
@@ -66,7 +66,7 @@ public class HgPermissionFilter extends RegexPermissionFilter
* @param repositoryManager
*/
@Inject
public HgPermissionFilter(Provider<SecurityContext> securityContextProvider,
public HgPermissionFilter(Provider<WebSecurityContext> securityContextProvider,
RepositoryManager repositoryManager)
{
super(securityContextProvider, repositoryManager);

4
plugins/scm-svn-plugin/src/main/java/sonia/scm/web/SvnPermissionFilter.java
View File

@@ -44,7 +44,7 @@ import sonia.scm.repository.RepositoryManager;
import sonia.scm.repository.SvnRepositoryHandler;
import sonia.scm.web.filter.PermissionFilter;
import sonia.scm.web.filter.RegexPermissionFilter;
import sonia.scm.web.security.SecurityContext;
import sonia.scm.web.security.WebSecurityContext;
//~--- JDK imports ------------------------------------------------------------
@@ -79,7 +79,7 @@ public class SvnPermissionFilter extends RegexPermissionFilter
* @param repositoryManager
*/
@Inject
public SvnPermissionFilter(Provider<SecurityContext> securityContextProvider,
public SvnPermissionFilter(Provider<WebSecurityContext> securityContextProvider,
RepositoryManager repositoryManager)
{
super(securityContextProvider, repositoryManager);

102
scm-core/src/main/java/sonia/scm/repository/xml/XmlRepositoryManager.java
View File

@@ -36,6 +36,7 @@ package sonia.scm.repository.xml;
//~--- non-JDK imports --------------------------------------------------------
import com.google.inject.Inject;
import com.google.inject.Provider;
import com.google.inject.Singleton;
import org.slf4j.Logger;
@@ -47,11 +48,15 @@ import sonia.scm.SCMContext;
import sonia.scm.SCMContextProvider;
import sonia.scm.Type;
import sonia.scm.repository.AbstractRepositoryManager;
import sonia.scm.repository.PermissionType;
import sonia.scm.repository.PermissionUtil;
import sonia.scm.repository.Repository;
import sonia.scm.repository.RepositoryAllreadyExistExeption;
import sonia.scm.repository.RepositoryException;
import sonia.scm.repository.RepositoryHandler;
import sonia.scm.repository.RepositoryHandlerNotFoundException;
import sonia.scm.security.SecurityContext;
import sonia.scm.user.User;
import sonia.scm.util.AssertUtil;
import sonia.scm.util.IOUtil;
@@ -92,11 +97,16 @@ public class XmlRepositoryManager extends AbstractRepositoryManager
* Constructs ...
*
*
*
* @param securityContextProvider
* @param handlerSet
*/
@Inject
public XmlRepositoryManager(Set<RepositoryHandler> handlerSet)
public XmlRepositoryManager(
Provider<SecurityContext> securityContextProvider,
Set<RepositoryHandler> handlerSet)
{
this.securityContextProvider = securityContextProvider;
handlerMap = new HashMap<String, RepositoryHandler>();
types = new HashSet<Type>();
@@ -142,6 +152,7 @@ public class XmlRepositoryManager extends AbstractRepositoryManager
repository.getType());
}
assertIsAdmin();
AssertUtil.assertIsValid(repository);
if (repositoryDB.contains(repository))
@@ -181,6 +192,8 @@ public class XmlRepositoryManager extends AbstractRepositoryManager
repository.getType());
}
assertIsOwner(repository);
if (repositoryDB.contains(repository))
{
getHandler(repository).delete(repository);
@@ -244,6 +257,7 @@ public class XmlRepositoryManager extends AbstractRepositoryManager
repository.getType());
}
assertIsOwner(repository);
AssertUtil.assertIsValid(repository);
if (repositoryDB.contains(repository))
@@ -281,6 +295,7 @@ public class XmlRepositoryManager extends AbstractRepositoryManager
throws RepositoryException, IOException
{
AssertUtil.assertIsNotNull(repository);
assertIsReader(repository);
Repository fresh = repositoryDB.get(repository.getType(),
repository.getName());
@@ -315,6 +330,7 @@ public class XmlRepositoryManager extends AbstractRepositoryManager
if (repository != null)
{
assertIsReader(repository);
repository = repository.clone();
}
@@ -339,9 +355,16 @@ public class XmlRepositoryManager extends AbstractRepositoryManager
Repository repository = repositoryDB.get(type, name);
if (repository != null)
{
if (isReader(repository))
{
repository = repository.clone();
}
else
{
repository = null;
}
}
return repository;
}
@@ -358,9 +381,12 @@ public class XmlRepositoryManager extends AbstractRepositoryManager
LinkedList<Repository> repositories = new LinkedList<Repository>();
for (Repository repository : repositoryDB.values())
{
if (isReader(repository))
{
repositories.add(repository.clone());
}
}
return repositories;
}
@@ -424,6 +450,44 @@ public class XmlRepositoryManager extends AbstractRepositoryManager
types.add(type);
}
/**
* Method description
*
*
* @throws RepositoryException
*/
private void assertIsAdmin() throws RepositoryException
{
if (!getCurrentUser().isAdmin())
{
throw new RepositoryException("admin permsission required");
}
}
/**
* Method description
*
*
* @param repository
*/
private void assertIsOwner(Repository repository)
{
PermissionUtil.assertPermission(repository, getCurrentUser(),
PermissionType.OWNER);
}
/**
* Method description
*
*
* @param repository
*/
private void assertIsReader(Repository repository)
{
PermissionUtil.assertPermission(repository, getCurrentUser(),
PermissionType.READ);
}
/**
* Method description
*
@@ -446,6 +510,25 @@ public class XmlRepositoryManager extends AbstractRepositoryManager
//~--- get methods ----------------------------------------------------------
/**
* Method description
*
*
* @return
*/
private User getCurrentUser()
{
SecurityContext context = securityContextProvider.get();
AssertUtil.assertIsNotNull(context);
User user = context.getUser();
AssertUtil.assertIsNotNull(user);
return user;
}
/**
* Method description
*
@@ -476,6 +559,20 @@ public class XmlRepositoryManager extends AbstractRepositoryManager
return handler;
}
/**
* Method description
*
*
* @param repository
*
* @return
*/
private boolean isReader(Repository repository)
{
return PermissionUtil.hasPermission(repository, getCurrentUser(),
PermissionType.READ);
}
//~--- fields ---------------------------------------------------------------
/** Field description */
@@ -487,6 +584,9 @@ public class XmlRepositoryManager extends AbstractRepositoryManager
/** Field description */
private File repositoryDBFile;
/** Field description */
private Provider<SecurityContext> securityContextProvider;
/** Field description */
private Set<Type> types;
}

54
scm-core/src/main/java/sonia/scm/security/SecurityContext.java Normal file
View File

@@ -0,0 +1,54 @@
/**
* Copyright (c) 2010, Sebastian Sdorra
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
* 3. Neither the name of SCM-Manager; nor the names of its
* contributors may be used to endorse or promote products derived from this
* software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY
* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
* ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* http://bitbucket.org/sdorra/scm-manager
*
*/
package sonia.scm.security;
//~--- non-JDK imports --------------------------------------------------------
import sonia.scm.user.User;
/**
*
* @author Sebastian Sdorra
*/
public interface SecurityContext
{
/**
* Method description
*
*
* @return
*/
public User getUser();
}

8
scm-web-api/src/main/java/sonia/scm/web/filter/BasicAuthenticationFilter.java
View File

@@ -39,7 +39,7 @@ import com.google.inject.Singleton;
import sonia.scm.user.User;
import sonia.scm.util.Util;
import sonia.scm.web.security.SecurityContext;
import sonia.scm.web.security.WebSecurityContext;
//~--- JDK imports ------------------------------------------------------------
@@ -91,7 +91,7 @@ public class BasicAuthenticationFilter extends HttpFilter
*/
@Inject
public BasicAuthenticationFilter(
Provider<SecurityContext> securityContextProvider)
Provider<WebSecurityContext> securityContextProvider)
{
this.securityContextProvider = securityContextProvider;
}
@@ -114,7 +114,7 @@ public class BasicAuthenticationFilter extends HttpFilter
HttpServletResponse response, FilterChain chain)
throws IOException, ServletException
{
SecurityContext securityContext = securityContextProvider.get();
WebSecurityContext securityContext = securityContextProvider.get();
User user = null;
if (securityContext != null)
@@ -179,5 +179,5 @@ public class BasicAuthenticationFilter extends HttpFilter
//~--- fields ---------------------------------------------------------------
/** Field description */
private Provider<SecurityContext> securityContextProvider;
private Provider<WebSecurityContext> securityContextProvider;
}

8
scm-web-api/src/main/java/sonia/scm/web/filter/PermissionFilter.java
View File

@@ -45,7 +45,7 @@ import sonia.scm.repository.PermissionUtil;
import sonia.scm.repository.Repository;
import sonia.scm.user.User;
import sonia.scm.util.AssertUtil;
import sonia.scm.web.security.SecurityContext;
import sonia.scm.web.security.WebSecurityContext;
//~--- JDK imports ------------------------------------------------------------
@@ -75,7 +75,7 @@ public abstract class PermissionFilter extends HttpFilter
*
* @param securityContextProvider
*/
public PermissionFilter(Provider<SecurityContext> securityContextProvider)
public PermissionFilter(Provider<WebSecurityContext> securityContextProvider)
{
this.securityContextProvider = securityContextProvider;
}
@@ -120,7 +120,7 @@ public abstract class PermissionFilter extends HttpFilter
HttpServletResponse response, FilterChain chain)
throws IOException, ServletException
{
SecurityContext securityContext = securityContextProvider.get();
WebSecurityContext securityContext = securityContextProvider.get();
AssertUtil.assertIsNotNull(securityContext);
@@ -179,5 +179,5 @@ public abstract class PermissionFilter extends HttpFilter
//~--- fields ---------------------------------------------------------------
/** Field description */
protected Provider<SecurityContext> securityContextProvider;
protected Provider<WebSecurityContext> securityContextProvider;
}

4
scm-web-api/src/main/java/sonia/scm/web/filter/RegexPermissionFilter.java
View File

@@ -39,7 +39,7 @@ import com.google.inject.Provider;
import sonia.scm.repository.Repository;
import sonia.scm.repository.RepositoryManager;
import sonia.scm.web.security.SecurityContext;
import sonia.scm.web.security.WebSecurityContext;
//~--- JDK imports ------------------------------------------------------------
@@ -69,7 +69,7 @@ public abstract class RegexPermissionFilter extends PermissionFilter
* @param repositoryManager
*/
public RegexPermissionFilter(
Provider<SecurityContext> securityContextProvider,
Provider<WebSecurityContext> securityContextProvider,
RepositoryManager repositoryManager)
{
super(securityContextProvider);

2
scm-web-api/src/main/java/sonia/scm/web/security/BasicSecurityContext.java
View File

@@ -48,7 +48,7 @@ import javax.servlet.http.HttpServletResponse;
* @author Sebastian Sdorra
*/
@SessionScoped
public class BasicSecurityContext implements SecurityContext
public class BasicSecurityContext implements WebSecurityContext
{
/**

13
scm-web-api/src/main/java/sonia/scm/web/security/SecurityContext.java → scm-web-api/src/main/java/sonia/scm/web/security/WebSecurityContext.java
View File

@@ -29,10 +29,13 @@
*
*/
package sonia.scm.web.security;
//~--- non-JDK imports --------------------------------------------------------
import sonia.scm.security.SecurityContext;
import sonia.scm.user.User;
//~--- JDK imports ------------------------------------------------------------
@@ -44,7 +47,7 @@ import javax.servlet.http.HttpServletResponse;
*
* @author Sebastian Sdorra
*/
public interface SecurityContext
public interface WebSecurityContext extends SecurityContext
{
/**
@@ -73,14 +76,6 @@ public interface SecurityContext
//~--- get methods ----------------------------------------------------------
/**
* Method description
*
*
* @return
*/
public User getUser();
/**
* Method description
*

4
scm-webapp/src/main/java/sonia/scm/ScmServletModule.java
View File

@@ -62,7 +62,7 @@ import sonia.scm.web.plugin.ScmWebPluginContext;
import sonia.scm.web.plugin.SecurityConfig;
import sonia.scm.web.security.Authenticator;
import sonia.scm.web.security.BasicSecurityContext;
import sonia.scm.web.security.SecurityContext;
import sonia.scm.web.security.WebSecurityContext;
import sonia.scm.web.security.XmlAuthenticator;
//~--- JDK imports ------------------------------------------------------------
@@ -81,6 +81,7 @@ import java.util.Map;
import java.util.Set;
import javax.xml.bind.JAXB;
import sonia.scm.security.SecurityContext;
/**
*
@@ -161,6 +162,7 @@ public class ScmServletModule extends ServletModule
// bind(EncryptionHandler.class).to(MessageDigestEncryptionHandler.class);
// bind(Authenticator.class).to(XmlAuthenticator.class);
bind(SecurityContext.class).to(BasicSecurityContext.class);
bind(WebSecurityContext.class).to(BasicSecurityContext.class);
loadPlugins(pluginManager);
bind(CacheManager.class).to(EhCacheManager.class);

4
scm-webapp/src/main/java/sonia/scm/api/rest/resources/AuthenticationResource.java
View File

@@ -45,7 +45,7 @@ import sonia.scm.ScmState;
import sonia.scm.Type;
import sonia.scm.repository.RepositoryManager;
import sonia.scm.user.User;
import sonia.scm.web.security.SecurityContext;
import sonia.scm.web.security.WebSecurityContext;
//~--- JDK imports ------------------------------------------------------------
@@ -193,5 +193,5 @@ public class AuthenticationResource
/** Field description */
@Inject
private SecurityContext securityContext;
private WebSecurityContext securityContext;
}

8
scm-webapp/src/main/java/sonia/scm/filter/SecurityFilter.java
View File

@@ -39,7 +39,7 @@ import com.google.inject.Singleton;
import sonia.scm.web.filter.HttpFilter;
import sonia.scm.web.filter.SecurityHttpServletRequestWrapper;
import sonia.scm.web.security.SecurityContext;
import sonia.scm.web.security.WebSecurityContext;
//~--- JDK imports ------------------------------------------------------------
@@ -70,7 +70,7 @@ public class SecurityFilter extends HttpFilter
* @param securityContextProvider
*/
@Inject
public SecurityFilter(Provider<SecurityContext> securityContextProvider)
public SecurityFilter(Provider<WebSecurityContext> securityContextProvider)
{
this.securityContextProvider = securityContextProvider;
}
@@ -93,7 +93,7 @@ public class SecurityFilter extends HttpFilter
HttpServletResponse response, FilterChain chain)
throws IOException, ServletException
{
SecurityContext securityContext = securityContextProvider.get();
WebSecurityContext securityContext = securityContextProvider.get();
if (securityContext != null)
{
@@ -126,5 +126,5 @@ public class SecurityFilter extends HttpFilter
//~--- fields ---------------------------------------------------------------
/** Field description */
private Provider<SecurityContext> securityContextProvider;
private Provider<WebSecurityContext> securityContextProvider;
}