Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2025-11-12 16:35:45 +01:00
Code Issues Packages Projects Releases Activity

fixes AdministrationContext with user admin flag

Browse Source
This commit is contained in:
Sebastian Sdorra
2019-03-13 12:12:06 +01:00
parent a2f83e2429
commit 4ffdde6417
4 changed files with 86 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
scm-webapp/src/main/java/sonia/scm/web/security/AdministrationContextMarker.java Normal file
View File

@@ -0,0 +1,8 @@
package sonia.scm.web.security;
final class AdministrationContextMarker {
static final AdministrationContextMarker MARKER = new AdministrationContextMarker();
private AdministrationContextMarker() {}
}

42
scm-webapp/src/main/java/sonia/scm/web/security/AdministrationContextRealm.java Normal file
View File

@@ -0,0 +1,42 @@
package sonia.scm.web.security;
import com.google.common.collect.Sets;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import sonia.scm.plugin.Extension;
import sonia.scm.security.Role;
@Extension
public class AdministrationContextRealm extends AuthorizingRealm {
private static final Logger LOG = LoggerFactory.getLogger(AdministrationContextRealm.class);
public AdministrationContextRealm() {
setName(DefaultAdministrationContext.REALM);
}
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
AdministrationContextMarker marker = principals.oneByType(AdministrationContextMarker.class);
if (marker == AdministrationContextMarker.MARKER) {
LOG.info("assign admin permissions to admin context user {}", principals.getPrimaryPrincipal());
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo(Sets.newHashSet(Role.USER, Role.ADMIN));
authorizationInfo.setStringPermissions(Sets.newHashSet("*"));
return authorizationInfo;
}
return null;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) {
// we make no authentication we do only authorization
return null;
}
}

3
scm-webapp/src/main/java/sonia/scm/web/security/DefaultAdministrationContext.java
View File

@@ -75,7 +75,7 @@ public class DefaultAdministrationContext implements AdministrationContext
"/sonia/scm/web/security/system-account.xml";
/** Field description */
private static final String REALM = "AdminRealm";
static final String REALM = "AdminRealm";
/** the logger for DefaultAdministrationContext */
private static final Logger logger =
@@ -174,6 +174,7 @@ public class DefaultAdministrationContext implements AdministrationContext
collection.add(adminUser.getId(), REALM);
collection.add(adminUser, REALM);
collection.add(new GroupNames(), REALM);
collection.add(AdministrationContextMarker.MARKER, REALM);
return collection;
}