mirror of
https://github.com/scm-manager/scm-manager.git
synced 2025-11-09 15:05:44 +01:00
update resteasy to v3.6.2.Final in order to fix CVE-2017-7561 and CVE-2016-6347
This commit is contained in:
Sebastian Sdorra
@@ -18,6 +18,7 @@ import sonia.scm.web.VndMediaType;
|
||||
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.net.URI;
|
||||
import java.net.URISyntaxException;
|
||||
import java.net.URL;
|
||||
@@ -68,7 +69,7 @@ public class ConfigResourceTest {
|
||||
|
||||
@Test
|
||||
@SubjectAware(username = "readOnly")
|
||||
public void shouldGetGlobalConfig() throws URISyntaxException {
|
||||
public void shouldGetGlobalConfig() throws URISyntaxException, UnsupportedEncodingException {
|
||||
MockHttpRequest request = MockHttpRequest.get("/" + ConfigResource.CONFIG_PATH_V2);
|
||||
MockHttpResponse response = new MockHttpResponse();
|
||||
dispatcher.invoke(request, response);
|
||||
|
||||
@@ -24,6 +24,7 @@ import sonia.scm.web.VndMediaType;
|
||||
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.net.URI;
|
||||
import java.net.URISyntaxException;
|
||||
import java.net.URL;
|
||||
@@ -100,7 +101,7 @@ public class GroupRootResourceTest {
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldGetGroup() throws URISyntaxException {
|
||||
public void shouldGetGroup() throws URISyntaxException, UnsupportedEncodingException {
|
||||
Group group = createDummyGroup();
|
||||
when(groupManager.get("admin")).thenReturn(group);
|
||||
|
||||
@@ -305,7 +306,7 @@ public class GroupRootResourceTest {
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldGetAll() throws URISyntaxException {
|
||||
public void shouldGetAll() throws URISyntaxException, UnsupportedEncodingException {
|
||||
MockHttpRequest request = MockHttpRequest.get("/" + GroupRootResource.GROUPS_PATH_V2);
|
||||
MockHttpResponse response = new MockHttpResponse();
|
||||
|
||||
@@ -317,7 +318,7 @@ public class GroupRootResourceTest {
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldGetPermissionLink() throws URISyntaxException {
|
||||
public void shouldGetPermissionLink() throws URISyntaxException, UnsupportedEncodingException {
|
||||
MockHttpRequest request = MockHttpRequest.get("/" + GroupRootResource.GROUPS_PATH_V2 + "admin");
|
||||
MockHttpResponse response = new MockHttpResponse();
|
||||
|
||||
@@ -329,7 +330,7 @@ public class GroupRootResourceTest {
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldGetPermissions() throws URISyntaxException {
|
||||
public void shouldGetPermissions() throws URISyntaxException, UnsupportedEncodingException {
|
||||
when(permissionAssigner.readPermissionsForGroup("admin")).thenReturn(singletonList(new PermissionDescriptor("something:*")));
|
||||
MockHttpRequest request = MockHttpRequest.get("/" + GroupRootResource.GROUPS_PATH_V2 + "admin/permissions");
|
||||
MockHttpResponse response = new MockHttpResponse();
|
||||
|
||||
@@ -22,6 +22,7 @@ import sonia.scm.user.UserManager;
|
||||
import sonia.scm.web.VndMediaType;
|
||||
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.net.URI;
|
||||
import java.net.URISyntaxException;
|
||||
|
||||
@@ -78,7 +79,7 @@ public class MeResourceTest {
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldReturnCurrentlyAuthenticatedUser() throws URISyntaxException {
|
||||
public void shouldReturnCurrentlyAuthenticatedUser() throws URISyntaxException, UnsupportedEncodingException {
|
||||
applyUserToSubject(originalUser);
|
||||
|
||||
MockHttpRequest request = MockHttpRequest.get("/" + MeResource.ME_PATH_V2);
|
||||
|
||||
@@ -4,6 +4,7 @@ import com.fasterxml.jackson.databind.JsonNode;
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import com.github.sdorra.shiro.ShiroRule;
|
||||
import com.github.sdorra.shiro.SubjectAware;
|
||||
import com.google.common.base.Throwables;
|
||||
import com.google.common.collect.ImmutableList;
|
||||
import com.google.inject.util.Providers;
|
||||
import de.otto.edison.hal.HalRepresentation;
|
||||
@@ -36,6 +37,7 @@ import sonia.scm.repository.RepositoryPermission;
|
||||
import sonia.scm.web.VndMediaType;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.net.URI;
|
||||
import java.net.URISyntaxException;
|
||||
import java.util.ArrayList;
|
||||
@@ -214,7 +216,12 @@ public class RepositoryPermissionRootResourceTest extends RepositoryTestBase {
|
||||
.expectedResponseStatus(200)
|
||||
.path(PATH_OF_ALL_PERMISSIONS + expectedPermission.getName())
|
||||
.responseValidator((response) -> {
|
||||
String body = response.getContentAsString();
|
||||
String body = null;
|
||||
try {
|
||||
body = response.getContentAsString();
|
||||
} catch (UnsupportedEncodingException e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
ObjectMapper mapper = new ObjectMapper();
|
||||
try {
|
||||
RepositoryPermissionDto actualRepositoryPermissionDto = mapper.readValue(body, RepositoryPermissionDto.class);
|
||||
@@ -268,13 +275,21 @@ public class RepositoryPermissionRootResourceTest extends RepositoryTestBase {
|
||||
assertExpectedRequest(requestPOSTPermission
|
||||
.content("{\"name\" : \"" + newPermission.getName() + "\" , \"verbs\" : [\"read\",\"pull\",\"push\"], \"groupPermission\" : true}")
|
||||
.expectedResponseStatus(201)
|
||||
.responseValidator(response -> assertThat(response.getContentAsString())
|
||||
.responseValidator(response -> assertThat(getContentAsString(response))
|
||||
.as("POST response has no body")
|
||||
.isBlank())
|
||||
);
|
||||
assertGettingExpectedPermissions(expectedPermissions, PERMISSION_WRITE);
|
||||
}
|
||||
|
||||
private String getContentAsString(MockHttpResponse response) {
|
||||
try {
|
||||
return response.getContentAsString();
|
||||
} catch (UnsupportedEncodingException e) {
|
||||
throw new RuntimeException("could not get content from response", e);
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldNotAddExistingPermission() throws URISyntaxException {
|
||||
createUserWithRepositoryAndPermissions(TEST_PERMISSIONS, PERMISSION_WRITE);
|
||||
@@ -296,7 +311,7 @@ public class RepositoryPermissionRootResourceTest extends RepositoryTestBase {
|
||||
.content("{\"name\" : \"" + modifiedPermission.getName() + "\" , \"verbs\" : [\"*\"], \"groupPermission\" : false}")
|
||||
.path(PATH_OF_ALL_PERMISSIONS + modifiedPermission.getName())
|
||||
.expectedResponseStatus(204)
|
||||
.responseValidator(response -> assertThat(response.getContentAsString())
|
||||
.responseValidator(response -> assertThat(getContentAsString(response))
|
||||
.as("PUT response has no body")
|
||||
.isBlank())
|
||||
);
|
||||
@@ -312,7 +327,7 @@ public class RepositoryPermissionRootResourceTest extends RepositoryTestBase {
|
||||
assertExpectedRequest(requestDELETEPermission
|
||||
.path(PATH_OF_ALL_PERMISSIONS + deletedPermission.getName())
|
||||
.expectedResponseStatus(204)
|
||||
.responseValidator(response -> assertThat(response.getContentAsString())
|
||||
.responseValidator(response -> assertThat(getContentAsString(response))
|
||||
.as("DELETE response has no body")
|
||||
.isBlank())
|
||||
);
|
||||
@@ -327,7 +342,7 @@ public class RepositoryPermissionRootResourceTest extends RepositoryTestBase {
|
||||
assertExpectedRequest(requestDELETEPermission
|
||||
.path(PATH_OF_ALL_PERMISSIONS + deletedPermission.getName())
|
||||
.expectedResponseStatus(204)
|
||||
.responseValidator(response -> assertThat(response.getContentAsString())
|
||||
.responseValidator(response -> assertThat(getContentAsString(response))
|
||||
.as("DELETE response has no body")
|
||||
.isBlank())
|
||||
);
|
||||
@@ -335,7 +350,7 @@ public class RepositoryPermissionRootResourceTest extends RepositoryTestBase {
|
||||
assertExpectedRequest(requestDELETEPermission
|
||||
.path(PATH_OF_ALL_PERMISSIONS + deletedPermission.getName())
|
||||
.expectedResponseStatus(204)
|
||||
.responseValidator(response -> assertThat(response.getContentAsString())
|
||||
.responseValidator(response -> assertThat(getContentAsString(response))
|
||||
.as("DELETE response has no body")
|
||||
.isBlank())
|
||||
);
|
||||
@@ -346,7 +361,7 @@ public class RepositoryPermissionRootResourceTest extends RepositoryTestBase {
|
||||
assertExpectedRequest(requestGETAllPermissions
|
||||
.expectedResponseStatus(200)
|
||||
.responseValidator((response) -> {
|
||||
String body = response.getContentAsString();
|
||||
String body = getContentAsString(response);
|
||||
ObjectMapper mapper = new ObjectMapper();
|
||||
try {
|
||||
HalRepresentation halRepresentation = mapper.readValue(body, HalRepresentation.class);
|
||||
|
||||
@@ -27,6 +27,7 @@ import sonia.scm.web.VndMediaType;
|
||||
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.net.URI;
|
||||
import java.net.URISyntaxException;
|
||||
import java.net.URL;
|
||||
@@ -120,7 +121,7 @@ public class RepositoryRootResourceTest extends RepositoryTestBase {
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldFindExistingRepository() throws URISyntaxException {
|
||||
public void shouldFindExistingRepository() throws URISyntaxException, UnsupportedEncodingException {
|
||||
mockRepository("space", "repo");
|
||||
|
||||
MockHttpRequest request = MockHttpRequest.get("/" + RepositoryRootResource.REPOSITORIES_PATH_V2 + "space/repo");
|
||||
@@ -133,7 +134,7 @@ public class RepositoryRootResourceTest extends RepositoryTestBase {
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldMapProperties() throws URISyntaxException {
|
||||
public void shouldMapProperties() throws URISyntaxException, UnsupportedEncodingException {
|
||||
Repository repository = mockRepository("space", "repo");
|
||||
repository.setProperty("testKey", "testValue");
|
||||
|
||||
@@ -146,7 +147,7 @@ public class RepositoryRootResourceTest extends RepositoryTestBase {
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldGetAll() throws URISyntaxException {
|
||||
public void shouldGetAll() throws URISyntaxException, UnsupportedEncodingException {
|
||||
PageResult<Repository> singletonPageResult = createSingletonPageResult(mockRepository("space", "repo"));
|
||||
when(repositoryManager.getPage(any(), eq(0), eq(10))).thenReturn(singletonPageResult);
|
||||
|
||||
|
||||
@@ -16,6 +16,7 @@ import sonia.scm.plugin.*;
|
||||
import sonia.scm.web.VndMediaType;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.net.URI;
|
||||
import java.net.URISyntaxException;
|
||||
import java.util.HashSet;
|
||||
@@ -87,7 +88,7 @@ public class UIRootResourceTest {
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldReturnPlugin() throws URISyntaxException {
|
||||
public void shouldReturnPlugin() throws URISyntaxException, UnsupportedEncodingException {
|
||||
mockPlugins(mockPlugin("awesome", "Awesome", createPluginResources("my/awesome.bundle.js")));
|
||||
|
||||
MockHttpRequest request = MockHttpRequest.get("/v2/ui/plugins/awesome");
|
||||
@@ -101,7 +102,7 @@ public class UIRootResourceTest {
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldReturnPlugins() throws URISyntaxException {
|
||||
public void shouldReturnPlugins() throws URISyntaxException, UnsupportedEncodingException {
|
||||
mockPlugins(
|
||||
mockPlugin("awesome", "Awesome", createPluginResources("my/awesome.bundle.js")),
|
||||
mockPlugin("special", "Special", createPluginResources("my/special.bundle.js"))
|
||||
@@ -120,7 +121,7 @@ public class UIRootResourceTest {
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldNotReturnPluginsWithoutResources() throws URISyntaxException {
|
||||
public void shouldNotReturnPluginsWithoutResources() throws URISyntaxException, UnsupportedEncodingException {
|
||||
mockPlugins(
|
||||
mockPlugin("awesome", "Awesome", createPluginResources("my/awesome.bundle.js")),
|
||||
mockPlugin("special")
|
||||
|
||||
@@ -26,6 +26,7 @@ import sonia.scm.user.UserManager;
|
||||
import sonia.scm.web.VndMediaType;
|
||||
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.net.URI;
|
||||
import java.net.URISyntaxException;
|
||||
import java.net.URL;
|
||||
@@ -97,7 +98,7 @@ public class UserRootResourceTest {
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldCreateFullResponseForAdmin() throws URISyntaxException {
|
||||
public void shouldCreateFullResponseForAdmin() throws URISyntaxException, UnsupportedEncodingException {
|
||||
MockHttpRequest request = MockHttpRequest.get("/" + UserRootResource.USERS_PATH_V2 + "Neo");
|
||||
MockHttpResponse response = new MockHttpResponse();
|
||||
|
||||
@@ -137,7 +138,7 @@ public class UserRootResourceTest {
|
||||
|
||||
@Test
|
||||
@SubjectAware(username = "unpriv")
|
||||
public void shouldCreateLimitedResponseForSimpleUser() throws URISyntaxException {
|
||||
public void shouldCreateLimitedResponseForSimpleUser() throws URISyntaxException, UnsupportedEncodingException {
|
||||
MockHttpRequest request = MockHttpRequest.get("/" + UserRootResource.USERS_PATH_V2 + "Neo");
|
||||
MockHttpResponse response = new MockHttpResponse();
|
||||
|
||||
@@ -331,7 +332,7 @@ public class UserRootResourceTest {
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldCreatePageForOnePageOnly() throws URISyntaxException {
|
||||
public void shouldCreatePageForOnePageOnly() throws URISyntaxException, UnsupportedEncodingException {
|
||||
PageResult<User> singletonPageResult = createSingletonPageResult(1);
|
||||
when(userManager.getPage(any(), eq(0), eq(10))).thenReturn(singletonPageResult);
|
||||
MockHttpRequest request = MockHttpRequest.get("/" + UserRootResource.USERS_PATH_V2);
|
||||
@@ -347,7 +348,7 @@ public class UserRootResourceTest {
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldCreatePageForMultiplePages() throws URISyntaxException {
|
||||
public void shouldCreatePageForMultiplePages() throws URISyntaxException, UnsupportedEncodingException {
|
||||
PageResult<User> singletonPageResult = createSingletonPageResult(3);
|
||||
when(userManager.getPage(any(), eq(1), eq(1))).thenReturn(singletonPageResult);
|
||||
MockHttpRequest request = MockHttpRequest.get("/" + UserRootResource.USERS_PATH_V2 + "?page=1&pageSize=1");
|
||||
@@ -365,7 +366,7 @@ public class UserRootResourceTest {
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldGetPermissionLink() throws URISyntaxException {
|
||||
public void shouldGetPermissionLink() throws URISyntaxException, UnsupportedEncodingException {
|
||||
MockHttpRequest request = MockHttpRequest.get("/" + UserRootResource.USERS_PATH_V2 + "Neo");
|
||||
MockHttpResponse response = new MockHttpResponse();
|
||||
|
||||
@@ -377,7 +378,7 @@ public class UserRootResourceTest {
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldGetPermissions() throws URISyntaxException {
|
||||
public void shouldGetPermissions() throws URISyntaxException, UnsupportedEncodingException {
|
||||
when(permissionAssigner.readPermissionsForUser("Neo")).thenReturn(singletonList(new PermissionDescriptor("something:*")));
|
||||
MockHttpRequest request = MockHttpRequest.get("/" + UserRootResource.USERS_PATH_V2 + "Neo/permissions");
|
||||
MockHttpResponse response = new MockHttpResponse();
|
||||
|
||||
Reference in New Issue
Block a user