start implementation of repository permissions

2025-11-14 09:25:43 +01:00 · 2015-07-09 20:29:07 +02:00
parent 480a188763
commit 6dd765e3be
22 changed files with 730 additions and 701 deletions
--- a/scm-webapp/src/main/java/sonia/scm/repository/HealthChecker.java
+++ b/scm-webapp/src/main/java/sonia/scm/repository/HealthChecker.java
@@ -36,18 +36,14 @@ package sonia.scm.repository;
 import com.google.common.collect.ImmutableList;
 import com.google.inject.Inject;

-import org.apache.shiro.SecurityUtils;
-
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-
-import sonia.scm.security.Role;
-
 //~--- JDK imports ------------------------------------------------------------

 import java.io.IOException;

 import java.util.Set;
+import sonia.scm.security.PermissionActionCheck;

 /**
 *
@@ -95,7 +91,7 @@ public final class HealthChecker
  public void check(String id)
    throws RepositoryNotFoundException, RepositoryException, IOException
  {
-    SecurityUtils.getSubject().checkRole(Role.ADMIN);
+    RepositoryPermissions.healthCheck(id);

    Repository repository = repositoryManager.get(id);

@@ -105,7 +101,7 @@ public final class HealthChecker
        "could not find repository with id ".concat(id));
    }

-    check(repository);
+    doCheck(repository);
  }

  /**
@@ -119,9 +115,49 @@ public final class HealthChecker
   */
  public void check(Repository repository)
    throws RepositoryException, IOException
+  {
+    RepositoryPermissions.healthCheck(repository);
+
+    doCheck(repository);
+  }
+
+  /**
+   * Method description
+   *
+   *
+   */
+  public void checkAll()
+  {
+    logger.debug("check health of all repositories");
+
+    PermissionActionCheck<Repository> check = RepositoryPermissions.healthCheck();
+
+    for (Repository repository : repositoryManager.getAll())
+    {
+      if (check.isPermitted(repository))
+      {
+        try
+        {
+          check(repository);
+        }
+        catch (RepositoryException | IOException ex)
+        {
+          logger.error("health check ends with exception", ex);
+        }
+      }
+      else
+      {
+        logger.debug(
+          "no permissions to execute health check for repository {}",
+          repository.getId());
+      }
+    }
+  }
+
+  private void doCheck(Repository repository)
+    throws RepositoryException, IOException
  {
    logger.info("start health check for repository {}", repository.getName());
-    SecurityUtils.getSubject().checkRole(Role.ADMIN);

    HealthCheckResult result = HealthCheckResult.healthy();

@@ -152,29 +188,6 @@ public final class HealthChecker
    }
  }

-  /**
-   * Method description
-   *
-   *
-   */
-  public void checkAll()
-  {
-    logger.debug("check health of all repositories");
-    SecurityUtils.getSubject().checkRole(Role.ADMIN);
-
-    for (Repository repository : repositoryManager.getAll())
-    {
-      try
-      {
-        check(repository);
-      }
-      catch (Exception ex)
-      {
-        logger.error("health check ends with exception", ex);
-      }
-    }
-  }
-
  //~--- fields ---------------------------------------------------------------

  /** Field description */