create _anonymous user when anonymous access activated and user does not exist yet / also create _anonymous user on system start if required

2025-11-12 16:35:45 +01:00 · 2019-10-09 15:45:32 +02:00
parent 964c9d2c8d
commit 8556278533
5 changed files with 119 additions and 4 deletions
--- a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/ConfigResource.java
+++ b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/ConfigResource.java
@@ -6,6 +6,8 @@ import com.webcohesion.enunciate.metadata.rs.TypeHint;
 import sonia.scm.config.ConfigurationPermissions;
 import sonia.scm.config.ScmConfiguration;
 import sonia.scm.repository.NamespaceStrategyValidator;
+import sonia.scm.user.User;
+import sonia.scm.user.UserManager;
 import sonia.scm.util.ScmConfigurationUtil;
 import sonia.scm.web.VndMediaType;

@@ -29,15 +31,17 @@ public class ConfigResource {
  private final ScmConfigurationToConfigDtoMapper configToDtoMapper;
  private final ScmConfiguration configuration;
  private final NamespaceStrategyValidator namespaceStrategyValidator;
+  private final UserManager userManager;

  @Inject
  public ConfigResource(ConfigDtoToScmConfigurationMapper dtoToConfigMapper,
                        ScmConfigurationToConfigDtoMapper configToDtoMapper,
-                        ScmConfiguration configuration, NamespaceStrategyValidator namespaceStrategyValidator) {
+                        ScmConfiguration configuration, NamespaceStrategyValidator namespaceStrategyValidator, UserManager userManager) {
    this.dtoToConfigMapper = dtoToConfigMapper;
    this.configToDtoMapper = configToDtoMapper;
    this.configuration = configuration;
    this.namespaceStrategyValidator = namespaceStrategyValidator;
+    this.userManager = userManager;
  }

  /**
@@ -92,6 +96,10 @@ public class ConfigResource {
      ScmConfigurationUtil.getInstance().store(configuration);
    }

+    if (config.isAnonymousAccessEnabled() && !userManager.contains("_anonymous")) {
+      userManager.create(new User("_anonymous"));
+    }
+
    return Response.noContent().build();
  }
 }
--- a/scm-webapp/src/main/java/sonia/scm/lifecycle/SetupContextListener.java
+++ b/scm-webapp/src/main/java/sonia/scm/lifecycle/SetupContextListener.java
@@ -4,6 +4,7 @@ import com.google.common.annotations.VisibleForTesting;
 import org.apache.shiro.authc.credential.PasswordService;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import sonia.scm.config.ScmConfiguration;
 import sonia.scm.plugin.Extension;
 import sonia.scm.security.PermissionAssigner;
 import sonia.scm.security.PermissionDescriptor;
@@ -47,12 +48,14 @@ public class SetupContextListener implements ServletContextListener {
    private final UserManager userManager;
    private final PasswordService passwordService;
    private final PermissionAssigner permissionAssigner;
+    private final ScmConfiguration scmConfiguration;

    @Inject
-    public SetupAction(UserManager userManager, PasswordService passwordService, PermissionAssigner permissionAssigner) {
+    public SetupAction(UserManager userManager, PasswordService passwordService, PermissionAssigner permissionAssigner, ScmConfiguration scmConfiguration) {
      this.userManager = userManager;
      this.passwordService = passwordService;
      this.permissionAssigner = permissionAssigner;
+      this.scmConfiguration = scmConfiguration;
    }

    @Override
@@ -60,6 +63,13 @@ public class SetupContextListener implements ServletContextListener {
      if (isFirstStart()) {
        createAdminAccount();
      }
+      if (anonymousUserRequiredButNotExists()) {
+        userManager.create(new User("_anonymous"));
+      }
+    }
+
+    private boolean anonymousUserRequiredButNotExists() {
+      return scmConfiguration.isAnonymousAccessEnabled() && !userManager.contains("_anonymous");
    }

    private boolean isFirstStart() {