Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2025-11-14 17:26:22 +01:00
Code Issues Packages Projects Releases Activity

implement anonymous realm // use constant for _anonymous user

Browse Source
This commit is contained in:
Eduard Heimbuch
2019-10-10 13:40:40 +02:00
parent 344ad696b2
commit 18cb7020d0
7 changed files with 27 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
scm-core/src/main/java/sonia/scm/SCMContext.java
View File

@@ -51,7 +51,7 @@ public final class SCMContext
public static final String DEFAULT_PACKAGE = "sonia.scm";
/** Name of the anonymous user */
public static final String USER_ANONYMOUS = "anonymous";
public static final String USER_ANONYMOUS = "_anonymous";
/**
* the anonymous user

10
scm-core/src/main/java/sonia/scm/security/AnonymousRealm.java
View File

@@ -5,8 +5,15 @@ import com.google.inject.Inject;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.credential.AllowAllCredentialsMatcher;
import org.apache.shiro.realm.AuthenticatingRealm;
import sonia.scm.SCMContext;
import sonia.scm.plugin.Extension;
import javax.inject.Singleton;
@Singleton
@Extension
public class AnonymousRealm extends AuthenticatingRealm {
/**
@@ -25,10 +32,11 @@ public class AnonymousRealm extends AuthenticatingRealm {
this.helper = helperFactory.create(REALM);
setAuthenticationTokenClass(AnonymousToken.class);
setCredentialsMatcher(new AllowAllCredentialsMatcher());
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
return helper.authenticationInfoBuilder("_anonymous").build();
return helper.authenticationInfoBuilder(SCMContext.USER_ANONYMOUS).build();
}
}

6
scm-webapp/src/main/java/sonia/scm/api/v2/resources/ConfigResource.java
View File

@@ -3,10 +3,10 @@ package sonia.scm.api.v2.resources;
import com.webcohesion.enunciate.metadata.rs.ResponseCode;
import com.webcohesion.enunciate.metadata.rs.StatusCodes;
import com.webcohesion.enunciate.metadata.rs.TypeHint;
import sonia.scm.SCMContext;
import sonia.scm.config.ConfigurationPermissions;
import sonia.scm.config.ScmConfiguration;
import sonia.scm.repository.NamespaceStrategyValidator;
import sonia.scm.user.User;
import sonia.scm.user.UserManager;
import sonia.scm.util.ScmConfigurationUtil;
import sonia.scm.web.VndMediaType;
@@ -96,8 +96,8 @@ public class ConfigResource {
ScmConfigurationUtil.getInstance().store(configuration);
}
if (config.isAnonymousAccessEnabled() && !userManager.contains("_anonymous")) {
userManager.create(new User("_anonymous"));
if (config.isAnonymousAccessEnabled() && !userManager.contains(SCMContext.USER_ANONYMOUS)) {
userManager.create(SCMContext.ANONYMOUS);
}
return Response.noContent().build();

3
scm-webapp/src/main/java/sonia/scm/group/DefaultGroupCollector.java
View File

@@ -4,6 +4,7 @@ import com.cronutils.utils.VisibleForTesting;
import com.google.common.collect.ImmutableSet;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import sonia.scm.SCMContext;
import sonia.scm.cache.Cache;
import sonia.scm.cache.CacheManager;
@@ -38,7 +39,7 @@ public class DefaultGroupCollector implements GroupCollector {
public Set<String> collect(String principal) {
ImmutableSet.Builder<String> builder = ImmutableSet.builder();
if (principal != "_anonymous") {
if (!principal.equals(SCMContext.USER_ANONYMOUS)) {
builder.add(AUTHENTICATED);
}

5
scm-webapp/src/main/java/sonia/scm/lifecycle/SetupContextListener.java
View File

@@ -4,6 +4,7 @@ import com.google.common.annotations.VisibleForTesting;
import org.apache.shiro.authc.credential.PasswordService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import sonia.scm.SCMContext;
import sonia.scm.config.ScmConfiguration;
import sonia.scm.plugin.Extension;
import sonia.scm.security.PermissionAssigner;
@@ -64,12 +65,12 @@ public class SetupContextListener implements ServletContextListener {
createAdminAccount();
}
if (anonymousUserRequiredButNotExists()) {
userManager.create(new User("_anonymous"));
userManager.create(SCMContext.ANONYMOUS);
}
}
private boolean anonymousUserRequiredButNotExists() {
return scmConfiguration.isAnonymousAccessEnabled() && !userManager.contains("_anonymous");
return scmConfiguration.isAnonymousAccessEnabled() && !userManager.contains(SCMContext.USER_ANONYMOUS);
}
private boolean isFirstStart() {

8
scm-webapp/src/test/java/sonia/scm/api/v2/resources/ConfigResourceTest.java
View File

@@ -14,9 +14,9 @@ import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import sonia.scm.SCMContext;
import sonia.scm.config.ScmConfiguration;
import sonia.scm.repository.NamespaceStrategyValidator;
import sonia.scm.user.User;
import sonia.scm.user.UserManager;
import sonia.scm.web.VndMediaType;
@@ -137,13 +137,13 @@ public class ConfigResourceTest {
assertTrue(response.getContentAsString().contains("\"proxyPassword\":\"newPassword\""));
assertTrue(response.getContentAsString().contains("\"self\":{\"href\":\"/v2/config"));
assertTrue("link not found", response.getContentAsString().contains("\"update\":{\"href\":\"/v2/config"));
verify(userManager).create(new User("_anonymous"));
verify(userManager).create(SCMContext.ANONYMOUS);
}
@Test
@SubjectAware(username = "readWrite")
public void shouldUpdateConfigAndNotCreateAnonymousUserIfAlreadyExists() throws URISyntaxException, IOException {
when(userManager.contains("_anonymous")).thenReturn(true);
when(userManager.contains(SCMContext.USER_ANONYMOUS)).thenReturn(true);
MockHttpRequest request = post("sonia/scm/api/v2/config-test-update-with-anonymous-access.json");
MockHttpResponse response = new MockHttpResponse();
@@ -157,7 +157,7 @@ public class ConfigResourceTest {
assertTrue(response.getContentAsString().contains("\"proxyPassword\":\"newPassword\""));
assertTrue(response.getContentAsString().contains("\"self\":{\"href\":\"/v2/config"));
assertTrue("link not found", response.getContentAsString().contains("\"update\":{\"href\":\"/v2/config"));
verify(userManager, never()).create(new User("_anonymous"));
verify(userManager, never()).create(SCMContext.ANONYMOUS);
}
@Test

9
scm-webapp/src/test/java/sonia/scm/lifecycle/SetupContextListenerTest.java
View File

@@ -11,6 +11,7 @@ import org.mockito.Mock;
import org.mockito.junit.jupiter.MockitoExtension;
import org.mockito.junit.jupiter.MockitoSettings;
import org.mockito.quality.Strictness;
import sonia.scm.SCMContext;
import sonia.scm.config.ScmConfiguration;
import sonia.scm.security.PermissionAssigner;
import sonia.scm.security.PermissionDescriptor;
@@ -112,7 +113,7 @@ class SetupContextListenerTest {
setupContextListener.contextInitialized(null);
verify(userManager).create(new User("_anonymous"));
verify(userManager).create(SCMContext.ANONYMOUS);
}
@Test
@@ -122,18 +123,18 @@ class SetupContextListenerTest {
setupContextListener.contextInitialized(null);
verify(userManager, never()).create(new User("_anonymous"));
verify(userManager, never()).create(SCMContext.ANONYMOUS);
}
@Test
void shouldNotCreateAnonymousUserIfAlreadyExists() {
List<User> users = Lists.newArrayList(new User("_anonymous"));
List<User> users = Lists.newArrayList(SCMContext.ANONYMOUS);
when(userManager.getAll()).thenReturn(users);
when(scmConfiguration.isAnonymousAccessEnabled()).thenReturn(true);
setupContextListener.contextInitialized(null);
verify(userManager, times(1)).create(new User("_anonymous"));
verify(userManager, times(1)).create(SCMContext.ANONYMOUS);
}
private void verifyAdminPermissionsAssigned() {