Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2025-11-13 00:45:44 +01:00
Code Issues Packages Projects Releases Activity

Check plugin dependencies after download

Browse Source
This commit is contained in:
Rene Pfeuffer
2020-01-23 17:02:53 +01:00
parent 787f9c7dec
commit 97600b26e2
4 changed files with 140 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
scm-webapp/src/main/java/sonia/scm/plugin/PluginInstaller.java
View File

@@ -19,11 +19,13 @@ class PluginInstaller {
private final SCMContextProvider context;
private final AdvancedHttpClient client;
private final SmpDDescriptorExtractor smpDDescriptorExtractor;
@Inject
public PluginInstaller(SCMContextProvider context, AdvancedHttpClient client) {
public PluginInstaller(SCMContextProvider context, AdvancedHttpClient client, SmpDDescriptorExtractor smpDDescriptorExtractor) {
this.context = context;
this.client = client;
this.smpDDescriptorExtractor = smpDDescriptorExtractor;
}
@SuppressWarnings("squid:S4790") // hashing should be safe
@@ -34,6 +36,17 @@ class PluginInstaller {
Files.copy(input, file);
verifyChecksum(plugin, input.hash(), file);
InstalledPluginDescriptor pluginDescriptor = smpDDescriptorExtractor.extractPluginDescriptor(file);
if (!pluginDescriptor.getCondition().isSupported()) {
cleanup(file);
throw new PluginConditionFailedException(
pluginDescriptor.getCondition(),
String.format(
"could not load plugin %s, the plugin condition does not match",
pluginDescriptor.getInformation().getId()
)
);
}
return new PendingPluginInstallation(plugin.install(), file);
} catch (IOException ex) {
cleanup(file);

28
scm-webapp/src/main/java/sonia/scm/plugin/SmpDDescriptorExtractor.java Normal file
View File

@@ -0,0 +1,28 @@
package sonia.scm.plugin;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Path;
import java.util.zip.ZipEntry;
import java.util.zip.ZipInputStream;
class SmpDDescriptorExtractor {
InstalledPluginDescriptor extractPluginDescriptor(Path file) throws IOException {
try (ZipInputStream zipInputStream = new ZipInputStream(Files.newInputStream(file), StandardCharsets.UTF_8)) {
ZipEntry nextEntry;
while ((nextEntry = zipInputStream.getNextEntry()) != null) {
if ("META-INF/scm/plugin.xml".equals(nextEntry.getName())) {
JAXBContext context = JAXBContext.newInstance(ScmModule.class, InstalledPluginDescriptor.class);
return (InstalledPluginDescriptor) context.createUnmarshaller().unmarshal(zipInputStream);
}
}
} catch (JAXBException e) {
throw new IOException("failed to read descriptor file META-INF/scm/plugin.xml from plugin", e);
}
throw new IOException("Missing plugin descriptor META-INF/scm/plugin.xml in download package");
}
}