Merged in bugfix/migrate_security_xml (pull request #286)

Bugfix/migrate security xml
2025-11-13 17:05:43 +01:00 · 2019-07-19 05:15:27 +00:00
parent 796013b928 f9c023330d
commit ad772c778d
5 changed files with 147 additions and 12 deletions
--- a/scm-webapp/src/main/java/sonia/scm/update/security/XmlSecurityV1UpdateStep.java
+++ b/scm-webapp/src/main/java/sonia/scm/update/security/XmlSecurityV1UpdateStep.java
@@ -21,7 +21,10 @@ import javax.xml.bind.annotation.XmlRootElement;
 import java.io.File;
 import java.nio.file.Path;
 import java.util.Arrays;
+import java.util.List;
 import java.util.function.Consumer;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;

 import static java.util.Optional.ofNullable;
 import static sonia.scm.version.Version.parse;
@@ -29,6 +32,8 @@ import static sonia.scm.version.Version.parse;
@Extension
 public class XmlSecurityV1UpdateStep implements UpdateStep {

+  private static final Pattern v1PermissionPattern = Pattern.compile("^repository:\\*:(READ|WRITE|OWNER)$");
+
  private static final Logger LOG = LoggerFactory.getLogger(XmlSecurityV1UpdateStep.class);

  private final SCMContextProvider contextProvider;
@@ -46,6 +51,50 @@ public class XmlSecurityV1UpdateStep implements UpdateStep {

    forAllAdmins(user -> createSecurityEntry(user, false, securityStore),
        group -> createSecurityEntry(group, true, securityStore));
+
+    mapV1Permissions(securityStore);
+  }
+
+  private void mapV1Permissions(ConfigurationEntryStore<AssignedPermission> securityStore) throws JAXBException {
+    Path v1SecurityFile = determineConfigDirectory().resolve("securityV1" + StoreConstants.FILE_EXTENSION);
+
+    if (!v1SecurityFile.toFile().exists()) {
+      LOG.info("no v1 file for security found");
+      return;
+    }
+
+    JAXBContext jaxbContext = JAXBContext.newInstance(XmlSecurityV1UpdateStep.V1Security.class);
+    V1Security v1Security = (V1Security) jaxbContext.createUnmarshaller().unmarshal(v1SecurityFile.toFile());
+
+    v1Security.entries.forEach(assignedPermission -> {
+      Matcher matcher = v1PermissionPattern.matcher(assignedPermission.value.permission);
+      if (matcher.matches()) {
+        String newPermission = convertRole(matcher.group(1));
+        securityStore.put(new AssignedPermission(
+          assignedPermission.value.name,
+          Boolean.parseBoolean(assignedPermission.value.groupPermission),
+          newPermission
+        ));
+      }
+    });
+  }
+
+  private String convertRole(String role) {
+    String newPermission;
+    switch (role) {
+      case "OWNER":
+        newPermission = "repository:*";
+        break;
+      case "WRITE":
+        newPermission = "repository:read,pull,push:*";
+        break;
+      case "READ":
+        newPermission = "repository:read,pull:*";
+        break;
+      default:
+        newPermission = "";
+    }
+    return newPermission;
  }

  private void forAllAdmins(Consumer<String> userConsumer, Consumer<String> groupConsumer) throws JAXBException {
@@ -70,10 +119,9 @@ public class XmlSecurityV1UpdateStep implements UpdateStep {
    Arrays.stream(entries.split(",")).forEach(consumer);
  }

-
  @Override
  public Version getTargetVersion() {
-    return parse("2.0.0");
+    return parse("2.0.1");
  }

  @Override
@@ -102,4 +150,29 @@ public class XmlSecurityV1UpdateStep implements UpdateStep {
    @XmlElement(name = "admin-groups")
    private String adminGroups;
  }
+
+  @XmlAccessorType(XmlAccessType.FIELD)
+  @XmlRootElement(name = "configuration")
+  private static class V1Security {
+    @XmlElement(name = "entry")
+    private List<Entry> entries;
+  }
+
+  @XmlAccessorType(XmlAccessType.FIELD)
+  private static class Entry {
+    @XmlElement(name = "key")
+    private String key;
+    @XmlElement(name = "value")
+    private Value value;
+  }
+
+  @XmlAccessorType(XmlAccessType.FIELD)
+  private static class Value {
+    @XmlElement(name = "permission")
+    String permission;
+    @XmlElement(name = "name")
+    String name;
+    @XmlElement(name = "group-permission")
+    String groupPermission;
+  }
 }
--- a/scm-webapp/src/main/java/sonia/scm/update/user/XmlUserV1UpdateStep.java
+++ b/scm-webapp/src/main/java/sonia/scm/update/user/XmlUserV1UpdateStep.java
@@ -57,7 +57,8 @@ public class XmlUserV1UpdateStep implements UpdateStep {

  @Override
  public void doUpdate() throws JAXBException {
-    Optional<Path> v1UsersFile = determineV1File();
+    Optional<Path> v1UsersFile = determineV1File("users");
+    determineV1File("security");
    if (!v1UsersFile.isPresent()) {
      LOG.info("no v1 file for users found");
      return;
@@ -107,17 +108,17 @@ public class XmlUserV1UpdateStep implements UpdateStep {
    return configurationEntryStoreFactory.withType(AssignedPermission.class).withName("security").build();
  }

-  private Optional<Path> determineV1File() {
-    Path existingUsersFile = resolveConfigFile("users");
-    Path usersV1File = resolveConfigFile("usersV1");
-    if (existingUsersFile.toFile().exists()) {
+  private Optional<Path> determineV1File(String filename) {
+    Path existingFile = resolveConfigFile(filename);
+    Path v1File = resolveConfigFile(filename + "V1");
+    if (existingFile.toFile().exists()) {
      try {
-        Files.move(existingUsersFile, usersV1File);
+        Files.move(existingFile, v1File);
      } catch (IOException e) {
-        throw new UpdateException("could not move old users file to " + usersV1File.toAbsolutePath());
+        throw new UpdateException("could not move old " + filename + " file to " + v1File.toAbsolutePath());
      }
-      LOG.info("moved old users file to {}", usersV1File.toAbsolutePath());
-      return of(usersV1File);
+      LOG.info("moved old " + filename + " file to {}", v1File.toAbsolutePath());
+      return of(v1File);
    }
    return empty();
  }