Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2025-11-12 16:35:45 +01:00
Code Issues Packages Projects Releases Activity

merge with branch apache-shiro

Browse Source
This commit is contained in:
Sebastian Sdorra
2012-10-16 07:08:28 +02:00
parent 9f5a8268e0 c224be0d04
commit 727025770c
82 changed files with 3376 additions and 1317 deletions
Download Patch File Download Diff File Expand all files Collapse all files

118
scm-webapp/src/main/java/sonia/scm/api/rest/resources/AuthenticationResource.java
View File

@@ -36,9 +36,13 @@ package sonia.scm.api.rest.resources;
//~--- non-JDK imports --------------------------------------------------------
import com.google.inject.Inject;
import com.google.inject.Provider;
import com.google.inject.Singleton;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.codehaus.enunciate.jaxrs.TypeHint;
import org.codehaus.enunciate.modules.jersey.ExternallyManagedLifecycle;
@@ -50,13 +54,17 @@ import sonia.scm.SCMContextProvider;
import sonia.scm.ScmClientConfig;
import sonia.scm.ScmState;
import sonia.scm.config.ScmConfiguration;
import sonia.scm.group.GroupNames;
import sonia.scm.repository.RepositoryManager;
import sonia.scm.security.Tokens;
import sonia.scm.user.User;
import sonia.scm.user.UserManager;
import sonia.scm.web.security.WebSecurityContext;
//~--- JDK imports ------------------------------------------------------------
import java.util.Collection;
import java.util.Collections;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@@ -98,16 +106,14 @@ public class AuthenticationResource
* @param securityContextProvider
*/
@Inject
public AuthenticationResource(
SCMContextProvider contextProvider, ScmConfiguration configuration,
RepositoryManager repositoryManger, UserManager userManager,
Provider<WebSecurityContext> securityContextProvider)
public AuthenticationResource(SCMContextProvider contextProvider,
ScmConfiguration configuration, RepositoryManager repositoryManger,
UserManager userManager)
{
this.contextProvider = contextProvider;
this.configuration = configuration;
this.repositoryManger = repositoryManger;
this.userManager = userManager;
this.securityContextProvider = securityContextProvider;
}
//~--- methods --------------------------------------------------------------
@@ -132,21 +138,30 @@ public class AuthenticationResource
@Path("login")
@TypeHint(ScmState.class)
public ScmState authenticate(@Context HttpServletRequest request,
@Context HttpServletResponse response,
@FormParam("username") String username,
@FormParam("password") String password)
@FormParam("username") String username,
@FormParam("password") String password)
{
ScmState state = null;
WebSecurityContext securityContext = securityContextProvider.get();
User user = securityContext.authenticate(request, response, username,
password);
if ((user != null) &&!SCMContext.USER_ANONYMOUS.equals(user.getName()))
Subject subject = SecurityUtils.getSubject();
try
{
state = createState(securityContext);
subject.login(Tokens.createAuthenticationToken(request, username,
password));
state = createState(subject);
}
else
catch (AuthenticationException ex)
{
if (logger.isTraceEnabled())
{
logger.trace("authentication failed for user ".concat(username), ex);
}
else if (logger.isWarnEnabled())
{
logger.warn("authentication failed for user {}", username);
}
throw new WebApplicationException(Response.Status.UNAUTHORIZED);
}
@@ -171,20 +186,18 @@ public class AuthenticationResource
@Path("logout")
@TypeHint(ScmState.class)
public Response logout(@Context HttpServletRequest request,
@Context HttpServletResponse response)
@Context HttpServletResponse response)
{
WebSecurityContext securityContext = securityContextProvider.get();
Subject subject = SecurityUtils.getSubject();
securityContext.logout(request, response);
subject.logout();
Response resp = null;
User user = securityContext.getUser();
if (user != null)
if (configuration.isAnonymousAccessEnabled())
{
ScmState state = createState(securityContext);
resp = Response.ok(state).build();
resp = Response.ok(createAnonymousState()).build();
}
else
{
@@ -238,20 +251,24 @@ public class AuthenticationResource
public Response getState(@Context HttpServletRequest request)
{
Response response = null;
ScmState state = null;
WebSecurityContext securityContext = securityContextProvider.get();
User user = securityContext.getUser();
Subject subject = SecurityUtils.getSubject();
if (user != null)
if (subject.isAuthenticated())
{
if (logger.isDebugEnabled())
{
logger.debug("return state for user {}", user.getName());
logger.debug("return state for user {}", subject.getPrincipal());
}
state = createState(securityContext);
ScmState state = createState(subject);
response = Response.ok(state).build();
}
else if (configuration.isAnonymousAccessEnabled())
{
response = Response.ok(createAnonymousState()).build();
}
else
{
response = Response.status(Response.Status.UNAUTHORIZED).build();
@@ -262,20 +279,50 @@ public class AuthenticationResource
//~--- methods --------------------------------------------------------------
/**
* Method description
*
*
* @return
*/
private ScmState createAnonymousState()
{
return createState(SCMContext.ANONYMOUS, Collections.EMPTY_LIST);
}
/**
* Method description
*
*
* @param securityContext
*
* @param subject
*
* @return
*/
private ScmState createState(WebSecurityContext securityContext)
private ScmState createState(Subject subject)
{
return new ScmState(contextProvider, securityContext,
repositoryManger.getConfiguredTypes(),
userManager.getDefaultType(),
new ScmClientConfig(configuration));
PrincipalCollection collection = subject.getPrincipals();
User user = collection.oneByType(User.class);
GroupNames groups = collection.oneByType(GroupNames.class);
return createState(user, groups.getCollection());
}
/**
* Method description
*
*
* @param user
* @param groups
*
* @return
*/
private ScmState createState(User user, Collection<String> groups)
{
return new ScmState(contextProvider, user, groups,
repositoryManger.getConfiguredTypes(), userManager.getDefaultType(),
new ScmClientConfig(configuration));
}
//~--- fields ---------------------------------------------------------------
@@ -289,9 +336,6 @@ public class AuthenticationResource
/** Field description */
private RepositoryManager repositoryManger;
/** Field description */
private Provider<WebSecurityContext> securityContextProvider;
/** Field description */
private UserManager userManager;
}

29
scm-webapp/src/main/java/sonia/scm/api/rest/resources/ChangePasswordResource.java
View File

@@ -36,7 +36,9 @@ package sonia.scm.api.rest.resources;
//~--- non-JDK imports --------------------------------------------------------
import com.google.inject.Inject;
import com.google.inject.Provider;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.codehaus.enunciate.jaxrs.TypeHint;
import org.codehaus.enunciate.modules.jersey.ExternallyManagedLifecycle;
@@ -46,11 +48,11 @@ import org.slf4j.LoggerFactory;
import sonia.scm.api.rest.RestActionResult;
import sonia.scm.security.EncryptionHandler;
import sonia.scm.security.ScmSecurityException;
import sonia.scm.user.User;
import sonia.scm.user.UserException;
import sonia.scm.user.UserManager;
import sonia.scm.util.AssertUtil;
import sonia.scm.web.security.WebSecurityContext;
//~--- JDK imports ------------------------------------------------------------
@@ -88,13 +90,11 @@ public class ChangePasswordResource
* @param securityContextProvider
*/
@Inject
public ChangePasswordResource(
UserManager userManager, EncryptionHandler encryptionHandler,
Provider<WebSecurityContext> securityContextProvider)
public ChangePasswordResource(UserManager userManager,
EncryptionHandler encryptionHandler)
{
this.userManager = userManager;
this.encryptionHandler = encryptionHandler;
this.securityContextProvider = securityContextProvider;
}
//~--- methods --------------------------------------------------------------
@@ -121,8 +121,8 @@ public class ChangePasswordResource
@TypeHint(RestActionResult.class)
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public Response changePassword(@FormParam("old-password") String oldPassword,
@FormParam("new-password") String newPassword)
throws UserException, IOException
@FormParam("new-password") String newPassword)
throws UserException, IOException
{
AssertUtil.assertIsNotEmpty(oldPassword);
AssertUtil.assertIsNotEmpty(newPassword);
@@ -135,8 +135,14 @@ public class ChangePasswordResource
}
Response response = null;
WebSecurityContext securityContext = securityContextProvider.get();
User currentUser = securityContext.getUser();
Subject subject = SecurityUtils.getSubject();
if (!subject.isAuthenticated())
{
throw new ScmSecurityException("user is not authenticated");
}
User currentUser = subject.getPrincipals().oneByType(User.class);
if (logger.isInfoEnabled())
{
@@ -178,9 +184,6 @@ public class ChangePasswordResource
/** Field description */
private EncryptionHandler encryptionHandler;
/** Field description */
private Provider<WebSecurityContext> securityContextProvider;
/** Field description */
private UserManager userManager;
}

30
scm-webapp/src/main/java/sonia/scm/api/rest/resources/ConfigurationResource.java
View File

@@ -36,15 +36,17 @@ package sonia.scm.api.rest.resources;
//~--- non-JDK imports --------------------------------------------------------
import com.google.inject.Inject;
import com.google.inject.Provider;
import com.google.inject.Singleton;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.codehaus.enunciate.modules.jersey.ExternallyManagedLifecycle;
import sonia.scm.config.ScmConfiguration;
import sonia.scm.security.Role;
import sonia.scm.security.ScmSecurityException;
import sonia.scm.util.ScmConfigurationUtil;
import sonia.scm.util.SecurityUtil;
import sonia.scm.web.security.WebSecurityContext;
//~--- JDK imports ------------------------------------------------------------
@@ -76,11 +78,8 @@ public class ConfigurationResource
* @param securityContextProvider
*/
@Inject
public ConfigurationResource(
Provider<WebSecurityContext> securityContextProvider,
ScmConfiguration configuration)
public ConfigurationResource(ScmConfiguration configuration)
{
this.securityContextProvider = securityContextProvider;
this.configuration = configuration;
}
@@ -98,7 +97,7 @@ public class ConfigurationResource
{
Response response = null;
if (SecurityUtil.isAdmin(securityContextProvider))
if (SecurityUtils.getSubject().hasRole(Role.ADMIN))
{
response = Response.ok(configuration).build();
}
@@ -124,9 +123,17 @@ public class ConfigurationResource
@POST
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public Response setConfig(@Context UriInfo uriInfo,
ScmConfiguration newConfig)
ScmConfiguration newConfig)
{
SecurityUtil.assertIsAdmin(securityContextProvider);
// TODO replace by checkRole
Subject subject = SecurityUtils.getSubject();
if (!subject.hasRole(Role.ADMIN))
{
throw new ScmSecurityException("admin privileges required");
}
configuration.load(newConfig);
synchronized (ScmConfiguration.class)
@@ -141,7 +148,4 @@ public class ConfigurationResource
/** Field description */
public ScmConfiguration configuration;
/** Field description */
private Provider<WebSecurityContext> securityContextProvider;
}

24
scm-webapp/src/main/java/sonia/scm/api/rest/resources/GroupResource.java
View File

@@ -39,14 +39,15 @@ import com.google.inject.Inject;
import com.google.inject.Provider;
import com.google.inject.Singleton;
import org.apache.shiro.SecurityUtils;
import org.codehaus.enunciate.jaxrs.TypeHint;
import org.codehaus.enunciate.modules.jersey.ExternallyManagedLifecycle;
import sonia.scm.group.Group;
import sonia.scm.group.GroupException;
import sonia.scm.group.GroupManager;
import sonia.scm.util.SecurityUtil;
import sonia.scm.web.security.WebSecurityContext;
import sonia.scm.security.Role;
//~--- JDK imports ------------------------------------------------------------
@@ -77,7 +78,7 @@ import javax.ws.rs.core.UriInfo;
@Singleton
@ExternallyManagedLifecycle
public class GroupResource
extends AbstractManagerResource<Group, GroupException>
extends AbstractManagerResource<Group, GroupException>
{
/** Field description */
@@ -94,11 +95,9 @@ public class GroupResource
* @param groupManager
*/
@Inject
public GroupResource(Provider<WebSecurityContext> securityContextProvider,
GroupManager groupManager)
public GroupResource(GroupManager groupManager)
{
super(groupManager);
this.securityContextProvider = securityContextProvider;
}
//~--- methods --------------------------------------------------------------
@@ -172,7 +171,7 @@ public class GroupResource
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Override
public Response update(@Context UriInfo uriInfo,
@PathParam("id") String name, Group group)
@PathParam("id") String name, Group group)
{
return super.update(uriInfo, name, group);
}
@@ -205,7 +204,7 @@ public class GroupResource
{
Response response = null;
if (SecurityUtil.isAdmin(securityContextProvider))
if (SecurityUtils.getSubject().hasRole(Role.ADMIN))
{
response = super.get(request, id);
}
@@ -243,7 +242,7 @@ public class GroupResource
public Response getAll(@Context Request request, @DefaultValue("0")
@QueryParam("start") int start, @DefaultValue("-1")
@QueryParam("limit") int limit, @QueryParam("sortby") String sortby,
@DefaultValue("false")
@DefaultValue("false")
@QueryParam("desc") boolean desc)
{
return super.getAll(request, start, limit, sortby, desc);
@@ -261,7 +260,7 @@ public class GroupResource
*/
@Override
protected GenericEntity<Collection<Group>> createGenericEntity(
Collection<Group> items)
Collection<Group> items)
{
return new GenericEntity<Collection<Group>>(items) {}
;
@@ -294,9 +293,4 @@ public class GroupResource
{
return PATH_PART;
}
//~--- fields ---------------------------------------------------------------
/** Field description */
private Provider<WebSecurityContext> securityContextProvider;
}

21
scm-webapp/src/main/java/sonia/scm/api/rest/resources/RepositoryImportResource.java
View File

@@ -30,12 +30,12 @@
*/
package sonia.scm.api.rest.resources;
//~--- non-JDK imports --------------------------------------------------------
import com.google.inject.Inject;
import com.google.inject.Provider;
import com.google.inject.Singleton;
import org.codehaus.enunciate.jaxrs.TypeHint;
@@ -50,7 +50,6 @@ import sonia.scm.repository.Repository;
import sonia.scm.repository.RepositoryHandler;
import sonia.scm.repository.RepositoryManager;
import sonia.scm.util.SecurityUtil;
import sonia.scm.web.security.WebSecurityContext;
//~--- JDK imports ------------------------------------------------------------
@@ -93,12 +92,9 @@ public class RepositoryImportResource
* @param securityContextProvider
*/
@Inject
public RepositoryImportResource(
RepositoryManager manager,
Provider<WebSecurityContext> securityContextProvider)
public RepositoryImportResource(RepositoryManager manager)
{
this.manager = manager;
this.securityContextProvider = securityContextProvider;
}
//~--- methods --------------------------------------------------------------
@@ -116,9 +112,9 @@ public class RepositoryImportResource
@TypeHint(Repository[].class)
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public GenericEntity<List<Repository>> importRepositories(
@PathParam("type") String type)
@PathParam("type") String type)
{
SecurityUtil.assertIsAdmin(securityContextProvider);
SecurityUtil.assertIsAdmin();
List<Repository> repositories = new ArrayList<Repository>();
RepositoryHandler handler = manager.getHandler(type);
@@ -143,7 +139,7 @@ public class RepositoryImportResource
else if (logger.isWarnEnabled())
{
logger.warn("could not find imported repository {}",
repositoryName);
repositoryName);
}
}
}
@@ -175,7 +171,7 @@ public class RepositoryImportResource
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public GenericEntity<List<Type>> getImportableTypes()
{
SecurityUtil.assertIsAdmin(securityContextProvider);
SecurityUtil.assertIsAdmin();
List<Type> types = new ArrayList<Type>();
Collection<Type> handlerTypes = manager.getTypes();
@@ -202,7 +198,7 @@ public class RepositoryImportResource
else if (logger.isInfoEnabled())
{
logger.info("{} handler does not support import of repositories",
t.getName());
t.getName());
}
}
}
@@ -220,7 +216,4 @@ public class RepositoryImportResource
/** Field description */
private RepositoryManager manager;
/** Field description */
private Provider<WebSecurityContext> securityContextProvider;
}

16
scm-webapp/src/main/java/sonia/scm/api/rest/resources/RepositoryResource.java
View File

@@ -38,9 +38,10 @@ package sonia.scm.api.rest.resources;
import com.google.common.base.Strings;
import com.google.common.io.Closeables;
import com.google.inject.Inject;
import com.google.inject.Provider;
import com.google.inject.Singleton;
import org.apache.shiro.SecurityUtils;
import org.codehaus.enunciate.jaxrs.TypeHint;
import org.codehaus.enunciate.modules.jersey.ExternallyManagedLifecycle;
@@ -55,7 +56,6 @@ import sonia.scm.repository.Changeset;
import sonia.scm.repository.ChangesetPagingResult;
import sonia.scm.repository.Permission;
import sonia.scm.repository.PermissionType;
import sonia.scm.repository.PermissionUtil;
import sonia.scm.repository.Repository;
import sonia.scm.repository.RepositoryException;
import sonia.scm.repository.RepositoryIsNotArchivedException;
@@ -71,10 +71,10 @@ import sonia.scm.repository.api.DiffCommandBuilder;
import sonia.scm.repository.api.LogCommandBuilder;
import sonia.scm.repository.api.RepositoryService;
import sonia.scm.repository.api.RepositoryServiceFactory;
import sonia.scm.security.RepositoryPermission;
import sonia.scm.security.ScmSecurityException;
import sonia.scm.util.AssertUtil;
import sonia.scm.util.Util;
import sonia.scm.web.security.WebSecurityContext;
//~--- JDK imports ------------------------------------------------------------
@@ -137,14 +137,12 @@ public class RepositoryResource
@Inject
public RepositoryResource(ScmConfiguration configuration,
RepositoryManager repositoryManager,
Provider<WebSecurityContext> securityContextProvider,
RepositoryServiceFactory servicefactory)
{
super(repositoryManager);
this.configuration = configuration;
this.repositoryManager = repositoryManager;
this.servicefactory = servicefactory;
this.securityContextProvider = securityContextProvider;
setDisableCache(false);
}
@@ -1091,8 +1089,9 @@ public class RepositoryResource
*/
private boolean isOwner(Repository repository)
{
return PermissionUtil.hasPermission(repository, securityContextProvider,
PermissionType.OWNER);
return SecurityUtils.getSubject().isPermitted(
new RepositoryPermission(repository, PermissionType.OWNER));
}
//~--- fields ---------------------------------------------------------------
@@ -1103,9 +1102,6 @@ public class RepositoryResource
/** Field description */
private RepositoryManager repositoryManager;
/** Field description */
private Provider<WebSecurityContext> securityContextProvider;
/** Field description */
private RepositoryServiceFactory servicefactory;
}

18
scm-webapp/src/main/java/sonia/scm/api/rest/resources/SearchResource.java
View File

@@ -37,7 +37,6 @@ package sonia.scm.api.rest.resources;
import com.google.common.base.Function;
import com.google.inject.Inject;
import com.google.inject.Provider;
import com.google.inject.Singleton;
import org.codehaus.enunciate.modules.jersey.ExternallyManagedLifecycle;
@@ -54,7 +53,6 @@ import sonia.scm.search.SearchResults;
import sonia.scm.user.User;
import sonia.scm.user.UserListener;
import sonia.scm.user.UserManager;
import sonia.scm.web.security.WebSecurityContext;
//~--- JDK imports ------------------------------------------------------------
@@ -92,9 +90,8 @@ public class SearchResource implements UserListener, GroupListener
* @param cacheManager
*/
@Inject
public SearchResource(Provider<WebSecurityContext> securityContextProvider,
UserManager userManager, GroupManager groupManager,
CacheManager cacheManager)
public SearchResource(UserManager userManager, GroupManager groupManager,
CacheManager cacheManager)
{
// create user searchhandler
@@ -103,8 +100,7 @@ public class SearchResource implements UserListener, GroupListener
Cache<String, SearchResults> userCache =
cacheManager.getCache(String.class, SearchResults.class, CACHE_USER);
this.userSearchHandler = new SearchHandler<User>(securityContextProvider,
userCache, userManager);
this.userSearchHandler = new SearchHandler<User>(userCache, userManager);
// create group searchhandler
groupManager.addListener(this);
@@ -112,8 +108,8 @@ public class SearchResource implements UserListener, GroupListener
Cache<String, SearchResults> groupCache =
cacheManager.getCache(String.class, SearchResults.class, CACHE_GROUP);
this.groupSearchHandler = new SearchHandler<Group>(securityContextProvider,
groupCache, groupManager);
this.groupSearchHandler = new SearchHandler<Group>(groupCache,
groupManager);
}
//~--- methods --------------------------------------------------------------
@@ -162,7 +158,7 @@ public class SearchResource implements UserListener, GroupListener
public SearchResults searchGroups(@QueryParam("query") String queryString)
{
return groupSearchHandler.search(queryString,
new Function<Group, SearchResult>()
new Function<Group, SearchResult>()
{
@Override
public SearchResult apply(Group group)
@@ -198,7 +194,7 @@ public class SearchResource implements UserListener, GroupListener
public SearchResults searchUsers(@QueryParam("query") String queryString)
{
return userSearchHandler.search(queryString,
new Function<User, SearchResult>()
new Function<User, SearchResult>()
{
@Override
public SearchResult apply(User user)

25
scm-webapp/src/main/java/sonia/scm/api/rest/resources/SupportResource.java
View File

@@ -39,6 +39,9 @@ import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
import com.google.inject.Inject;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.codehaus.enunciate.modules.jersey.ExternallyManagedLifecycle;
import sonia.scm.SCMContextProvider;
@@ -47,10 +50,10 @@ import sonia.scm.config.ScmConfiguration;
import sonia.scm.plugin.PluginManager;
import sonia.scm.repository.RepositoryHandler;
import sonia.scm.repository.RepositoryManager;
import sonia.scm.security.Role;
import sonia.scm.security.ScmSecurityException;
import sonia.scm.store.StoreFactory;
import sonia.scm.util.SecurityUtil;
import sonia.scm.util.SystemUtil;
import sonia.scm.web.security.WebSecurityContext;
//~--- JDK imports ------------------------------------------------------------
@@ -96,12 +99,10 @@ public class SupportResource
* @param repositoryManager
*/
@Inject
public SupportResource(WebSecurityContext securityContext,
SCMContextProvider context, ScmConfiguration configuration,
PluginManager pluginManager, StoreFactory storeFactory,
RepositoryManager repositoryManager)
public SupportResource(SCMContextProvider context,
ScmConfiguration configuration, PluginManager pluginManager,
StoreFactory storeFactory, RepositoryManager repositoryManager)
{
this.securityContext = securityContext;
this.context = context;
this.configuration = configuration;
this.pluginManager = pluginManager;
@@ -123,7 +124,12 @@ public class SupportResource
@Produces(MediaType.TEXT_HTML)
public Viewable getSupport() throws IOException
{
SecurityUtil.assertIsAdmin(securityContext);
Subject subject = SecurityUtils.getSubject();
if (!subject.hasRole(Role.ADMIN))
{
throw new ScmSecurityException("admin privileges required");
}
Map<String, Object> env = Maps.newHashMap();
@@ -445,9 +451,6 @@ public class SupportResource
/** Field description */
private RepositoryManager repositoryManager;
/** Field description */
private WebSecurityContext securityContext;
/** Field description */
private Class<?> storeFactoryClass;
}

21
scm-webapp/src/main/java/sonia/scm/api/rest/resources/UserResource.java
View File

@@ -36,20 +36,20 @@ package sonia.scm.api.rest.resources;
//~--- non-JDK imports --------------------------------------------------------
import com.google.inject.Inject;
import com.google.inject.Provider;
import com.google.inject.Singleton;
import org.apache.shiro.SecurityUtils;
import org.codehaus.enunciate.jaxrs.TypeHint;
import org.codehaus.enunciate.modules.jersey.ExternallyManagedLifecycle;
import sonia.scm.security.EncryptionHandler;
import sonia.scm.security.Role;
import sonia.scm.user.User;
import sonia.scm.user.UserException;
import sonia.scm.user.UserManager;
import sonia.scm.util.AssertUtil;
import sonia.scm.util.SecurityUtil;
import sonia.scm.util.Util;
import sonia.scm.web.security.WebSecurityContext;
//~--- JDK imports ------------------------------------------------------------
@@ -100,12 +100,10 @@ public class UserResource extends AbstractManagerResource<User, UserException>
*/
@Inject
public UserResource(UserManager userManager,
EncryptionHandler encryptionHandler,
Provider<WebSecurityContext> securityContextProvider)
EncryptionHandler encryptionHandler)
{
super(userManager);
this.encryptionHandler = encryptionHandler;
this.securityContextProvider = securityContextProvider;
}
//~--- methods --------------------------------------------------------------
@@ -179,7 +177,7 @@ public class UserResource extends AbstractManagerResource<User, UserException>
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Override
public Response update(@Context UriInfo uriInfo,
@PathParam("id") String name, User user)
@PathParam("id") String name, User user)
{
return super.update(uriInfo, name, user);
}
@@ -212,7 +210,7 @@ public class UserResource extends AbstractManagerResource<User, UserException>
{
Response response = null;
if (SecurityUtil.isAdmin(securityContextProvider))
if (SecurityUtils.getSubject().hasRole(Role.ADMIN))
{
response = super.get(request, id);
}
@@ -250,7 +248,7 @@ public class UserResource extends AbstractManagerResource<User, UserException>
public Response getAll(@Context Request request, @DefaultValue("0")
@QueryParam("start") int start, @DefaultValue("-1")
@QueryParam("limit") int limit, @QueryParam("sortby") String sortby,
@DefaultValue("false")
@DefaultValue("false")
@QueryParam("desc") boolean desc)
{
return super.getAll(request, start, limit, sortby, desc);
@@ -268,7 +266,7 @@ public class UserResource extends AbstractManagerResource<User, UserException>
*/
@Override
protected GenericEntity<Collection<User>> createGenericEntity(
Collection<User> items)
Collection<User> items)
{
return new GenericEntity<Collection<User>>(items) {}
;
@@ -396,7 +394,4 @@ public class UserResource extends AbstractManagerResource<User, UserException>
/** Field description */
private EncryptionHandler encryptionHandler;
/** Field description */
private Provider<WebSecurityContext> securityContextProvider;
}