merge with default branch

2025-11-10 15:35:49 +01:00 · 2011-11-19 13:02:05 +01:00
parent fe9d6f06e6 f00f37149a
commit 352b639ab7
320 changed files with 7673 additions and 484 deletions
--- a/scm-webapp/src/main/java/sonia/scm/ScmContextListener.java
+++ b/scm-webapp/src/main/java/sonia/scm/ScmContextListener.java
@@ -57,8 +57,6 @@ import java.util.ArrayList;
 import java.util.List;

 import javax.servlet.ServletContextEvent;
-import sonia.scm.security.CipherHandler;
-import sonia.scm.security.CipherUtil;

 /**
 *
--- a/scm-webapp/src/main/java/sonia/scm/api/rest/resources/AbstractManagerResource.java
+++ b/scm-webapp/src/main/java/sonia/scm/api/rest/resources/AbstractManagerResource.java
@@ -45,6 +45,7 @@ import sonia.scm.Manager;
 import sonia.scm.ModelObject;
 import sonia.scm.security.ScmSecurityException;
 import sonia.scm.util.AssertUtil;
+import sonia.scm.util.HttpUtil;
 import sonia.scm.util.Util;

 //~--- JDK imports ------------------------------------------------------------
@@ -142,9 +143,13 @@ public abstract class AbstractManagerResource<T extends ModelObject,
    try
    {
      manager.create(item);
+
+      String id = getId(item);
+
+      id = HttpUtil.encode(id);
      response = Response.created(
        uriInfo.getAbsolutePath().resolve(
-          getPathPart().concat("/").concat(getId(item)))).build();
+          getPathPart().concat("/").concat(id))).build();
    }
    catch (ScmSecurityException ex)
    {
--- a/scm-webapp/src/main/java/sonia/scm/api/rest/resources/RepositoryResource.java
+++ b/scm-webapp/src/main/java/sonia/scm/api/rest/resources/RepositoryResource.java
@@ -67,6 +67,7 @@ import sonia.scm.repository.RepositoryNotFoundException;
 import sonia.scm.util.AssertUtil;
 import sonia.scm.util.HttpUtil;
 import sonia.scm.util.SecurityUtil;
+import sonia.scm.util.Util;
 import sonia.scm.web.security.WebSecurityContext;

 //~--- JDK imports ------------------------------------------------------------
@@ -420,11 +421,13 @@ public class RepositoryResource
   *     <li>404 not found, if the repository or the path could not be found</li>
   *     <li>500 internal server error</li>
   *   </ul>
-   *  
+   *
   *   @param id the id of the repository
+   *   @param path path of a file
+   *   @param revision the revision of the file specified by the path parameter
   *   @param start the start value for paging
   *   @param limit the limit value for paging
-   *  
+   *
   *   @return
   *
   * @throws IOException
@@ -434,7 +437,10 @@ public class RepositoryResource
  @Path("{id}/changesets")
  @TypeHint(ChangesetPagingResult.class)
  @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
-  public Response getChangesets(@PathParam("id") String id, @DefaultValue("0")
+  public Response getChangesets(@PathParam("id") String id,
+                                @QueryParam("path") String path,
+                                @QueryParam("revision") String revision,
+                                @DefaultValue("0")
  @QueryParam("start") int start, @DefaultValue("20")
  @QueryParam("limit") int limit) throws RepositoryException, IOException
  {
@@ -442,8 +448,17 @@ public class RepositoryResource

    try
    {
-      ChangesetPagingResult changesets = changesetViewerUtil.getChangesets(id,
-                                           start, limit);
+      ChangesetPagingResult changesets = null;
+
+      if (Util.isEmpty(path))
+      {
+        changesets = changesetViewerUtil.getChangesets(id, start, limit);
+      }
+      else
+      {
+        changesets = changesetViewerUtil.getChangesets(id, path, revision,
+                start, limit);
+      }

      if (changesets != null)
      {
--- a/scm-webapp/src/main/java/sonia/scm/cache/EhCache.java
+++ b/scm-webapp/src/main/java/sonia/scm/cache/EhCache.java
@@ -40,6 +40,12 @@ import net.sf.ehcache.Element;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

+import sonia.scm.Filter;
+
+//~--- JDK imports ------------------------------------------------------------
+
+import java.util.Iterator;
+
 /**
 *
 * @author Sebastian Sdorra
@@ -126,6 +132,36 @@ public class EhCache<K, V> implements Cache<K, V>
    return cache.remove(key);
  }

+  /**
+   * Method description
+   *
+   *
+   * @param filter
+   *
+   * @return
+   */
+  @Override
+  public boolean removeAll(Filter<K> filter)
+  {
+    boolean result = true;
+    Iterator<K> it = cache.getKeys().iterator();
+
+    while (it.hasNext())
+    {
+      K key = it.next();
+
+      if (filter.accept(key))
+      {
+        if (!cache.remove(key))
+        {
+          result = false;
+        }
+      }
+    }
+
+    return result;
+  }
+
  //~--- get methods ----------------------------------------------------------

  /**
--- a/scm-webapp/src/main/java/sonia/scm/web/security/BasicSecurityContext.java
+++ b/scm-webapp/src/main/java/sonia/scm/web/security/BasicSecurityContext.java
@@ -123,43 +123,82 @@ public class BasicSecurityContext implements WebSecurityContext
    AuthenticationResult ar = authenticator.authenticate(request, response,
                                username, password);

-    if (ar != null)
+    if ((ar != null) && (ar.getState() == AuthenticationState.SUCCESS))
    {
      user = ar.getUser();

      try
      {
+        Set<String> groupSet = new HashSet<String>();
+
+        // load external groups
+        Collection<String> extGroups = ar.getGroups();
+
+        if (extGroups != null)
+        {
+          groupSet.addAll(extGroups);
+        }
+
+        // load internal groups
+        loadGroups(groupSet);
+
+        // check for admin user
+        if (!user.isAdmin())
+        {
+          user.setAdmin(isAdmin(groupSet));
+
+          if (logger.isDebugEnabled() && user.isAdmin())
+          {
+            logger.debug("user '{}' is marked as admin by configuration",
+                         user.getType(), user.getName());
+          }
+        }
+        else if (logger.isDebugEnabled())
+        {
+          logger.debug("authenticator {} marked user '{}' as admin",
+                       user.getType(), user.getName());
+        }
+
+        // store user
        User dbUser = userManager.get(user.getName());

-        if ((dbUser != null) && user.copyProperties(dbUser, false))
+        if (dbUser != null)
        {
-          userManager.modify(dbUser);
+
+          // if database user is an admin, set admin for the current user
+          if (dbUser.isAdmin())
+          {
+            if (logger.isDebugEnabled())
+            {
+              logger.debug("user '{}' is marked as admin by local database",
+                           user.getType(), user.getName());
+            }
+
+            user.setAdmin(true);
+          }
+
+          // modify existing user, copy properties except password and admin
+          if (user.copyProperties(dbUser, false))
+          {
+            userManager.modify(dbUser);
+          }
        }
+
+        // create new user
        else if (dbUser == null)
        {
          userManager.create(user);
        }

-        Collection<String> groupCollection = ar.getGroups();
-
-        if (groupCollection != null)
-        {
-          groups.addAll(groupCollection);
-        }
-
-        loadGroups();
-
-        if (!user.isAdmin())
-        {
-          user.setAdmin(isAdmin());
-        }
+        groups = groupSet;

        if (logger.isDebugEnabled())
        {
          logGroups();
        }

-        String credentials = dbUser.getName();
+        // store encrypted credentials in session
+        String credentials = user.getName();

        if (Util.isNotEmpty(password))
        {
@@ -172,6 +211,12 @@ public class BasicSecurityContext implements WebSecurityContext
      catch (Exception ex)
      {
        user = null;
+
+        if (groups != null)
+        {
+          groups.clear();
+        }
+
        logger.error("authentication failed", ex);
      }
    }
@@ -253,8 +298,10 @@ public class BasicSecurityContext implements WebSecurityContext
  /**
   * Method description
   *
+   *
+   * @param groupSet
   */
-  private void loadGroups()
+  private void loadGroups(Set<String> groupSet)
  {
    Collection<Group> groupCollection =
      groupManager.getGroupsForMember(user.getName());
@@ -263,7 +310,7 @@ public class BasicSecurityContext implements WebSecurityContext
    {
      for (Group group : groupCollection)
      {
-        groups.add(group.getName());
+        groupSet.add(group.getName());
      }
    }
  }
@@ -308,9 +355,11 @@ public class BasicSecurityContext implements WebSecurityContext
   * Method description
   *
   *
+   *
+   * @param groups
   * @return
   */
-  private boolean isAdmin()
+  private boolean isAdmin(Collection<String> groups)
  {
    boolean result = false;
    Set<String> adminUsers = configuration.getAdminUsers();