Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2025-11-12 00:15:44 +01:00
Code Issues Packages Projects Releases Activity

Use constant for rest api path

Browse Source
This commit is contained in:
René Pfeuffer
2018-09-12 12:24:57 +02:00
parent f47c5ef16f
commit 9aa9b77922
5 changed files with 25 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
scm-webapp/src/main/java/sonia/scm/ScmServletModule.java
View File

@@ -119,6 +119,8 @@ import sonia.scm.web.security.DefaultAdministrationContext;
import javax.net.ssl.SSLContext;
import javax.servlet.ServletContext;
import static sonia.scm.api.v2.resources.ScmPathInfo.REST_API_PATH;
/**
*
* @author Sebastian Sdorra
@@ -128,14 +130,14 @@ public class ScmServletModule extends ServletModule
/** Field description */
public static final String[] PATTERN_ADMIN = new String[] {
"/api/rest/groups*",
"/api/rest/users*", "/api/rest/plguins*" };
REST_API_PATH + "/groups*",
REST_API_PATH + "/users*", REST_API_PATH + "/plguins*" };
/** Field description */
public static final String PATTERN_ALL = "/*";
/** Field description */
public static final String PATTERN_CONFIG = "/api/rest/config*";
public static final String PATTERN_CONFIG = REST_API_PATH + "/config*";
/** Field description */
public static final String PATTERN_DEBUG = "/debug.html";

14
scm-webapp/src/main/java/sonia/scm/filter/SecurityFilter.java
View File

@@ -37,10 +37,8 @@ package sonia.scm.filter;
import com.google.common.annotations.VisibleForTesting;
import com.google.inject.Inject;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import sonia.scm.Priority;
import sonia.scm.SCMContext;
import sonia.scm.config.ScmConfiguration;
@@ -48,14 +46,15 @@ import sonia.scm.security.SecurityRequests;
import sonia.scm.web.filter.HttpFilter;
import sonia.scm.web.filter.SecurityHttpServletRequestWrapper;
//~--- JDK imports ------------------------------------------------------------
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import static sonia.scm.api.v2.resources.ScmPathInfo.REST_API_PATH;
//~--- JDK imports ------------------------------------------------------------
/**
*
@@ -63,7 +62,8 @@ import javax.servlet.http.HttpServletResponse;
*/
@Priority(Filters.PRIORITY_AUTHORIZATION)
// TODO find a better way for unprotected resources
@WebElement(value = "/api/rest/(?!v2/ui).*", regex = true)
@WebElement(value = REST_API_PATH + "" +
"/(?!v2/ui).*", regex = true)
public class SecurityFilter extends HttpFilter
{

4
scm-webapp/src/main/java/sonia/scm/security/SecurityRequests.java
View File

@@ -3,12 +3,14 @@ package sonia.scm.security;
import javax.servlet.http.HttpServletRequest;
import java.util.regex.Pattern;
import static sonia.scm.api.v2.resources.ScmPathInfo.REST_API_PATH;
/**
* Created by masuewer on 04.07.18.
*/
public final class SecurityRequests {
private static final Pattern URI_LOGIN_PATTERN = Pattern.compile("/api/rest(?:/v2)?/auth/access_token");
private static final Pattern URI_LOGIN_PATTERN = Pattern.compile(REST_API_PATH + "(?:/v2)?/auth/access_token");
private SecurityRequests() {}