Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2025-11-08 14:35:45 +01:00
Code Issues Packages Projects Releases Activity

changes for issue '#2 Support applying permissions to groups as well as users'

Browse Source
This commit is contained in:
Sebastian Sdorra
2011-01-07 18:15:11 +01:00
parent 426f3fe525
commit adf7fae446
9 changed files with 239 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
scm-core/src/main/java/sonia/scm/group/Group.java
View File

@@ -377,6 +377,19 @@ public class Group
return type; return type;
} }
/**
* Method description
*
*
* @param member
*
* @return
*/
public boolean isMember(String member)
{
return (members != null) && members.contains(member);
}
/** /**
* Method description * Method description
* *

19
scm-core/src/main/java/sonia/scm/group/GroupManager.java
View File

@@ -38,10 +38,25 @@ package sonia.scm.group;
import sonia.scm.ListenerSupport; import sonia.scm.ListenerSupport;
import sonia.scm.Manager; import sonia.scm.Manager;
//~--- JDK imports ------------------------------------------------------------
import java.util.Collection;
/** /**
* *
* @author Sebastian Sdorra * @author Sebastian Sdorra
*/ */
public interface GroupManager public interface GroupManager
extends Manager<Group, GroupException>, extends Manager<Group, GroupException>, ListenerSupport<GroupListener>
ListenerSupport<GroupListener> {} {
/**
* Method description
*
*
* @param member
*
* @return
*/
public Collection<Group> getGroupsForMember(String member);
}

40
scm-core/src/main/java/sonia/scm/repository/Permission.java
View File

@@ -85,6 +85,21 @@ public class Permission implements Serializable
this.type = type; this.type = type;
} }
/**
* Constructs ...
*
*
* @param name
* @param groupPermission
* @param type
*/
public Permission(String name, boolean groupPermission, PermissionType type)
{
this.name = name;
this.groupPermission = groupPermission;
this.type = type;
}
//~--- get methods ---------------------------------------------------------- //~--- get methods ----------------------------------------------------------
/** /**
@@ -109,8 +124,30 @@ public class Permission implements Serializable
return type; return type;
} }
/**
* Method description
*
*
* @return
*/
public boolean isGroupPermission()
{
return groupPermission;
}
//~--- set methods ---------------------------------------------------------- //~--- set methods ----------------------------------------------------------
/**
* Method description
*
*
* @param groupPermission
*/
public void setGroupPermission(boolean groupPermission)
{
this.groupPermission = groupPermission;
}
/** /**
* Method description * Method description
* *
@@ -135,6 +172,9 @@ public class Permission implements Serializable
//~--- fields --------------------------------------------------------------- //~--- fields ---------------------------------------------------------------
/** Field description */
private boolean groupPermission = false;
/** Field description */ /** Field description */
private String name; private String name;

18
scm-core/src/main/java/sonia/scm/repository/PermissionUtil.java
View File

@@ -43,6 +43,7 @@ import sonia.scm.web.security.WebSecurityContext;
//~--- JDK imports ------------------------------------------------------------ //~--- JDK imports ------------------------------------------------------------
import java.util.Collection;
import java.util.List; import java.util.List;
/** /**
@@ -134,7 +135,8 @@ public class PermissionUtil
if (permissions != null) if (permissions != null)
{ {
result = hasPermission(permissions, username, pt); result = hasPermission(permissions, username,
securityContext.getGroups(), pt);
} }
} }
@@ -147,12 +149,13 @@ public class PermissionUtil
* *
* @param permissions * @param permissions
* @param username * @param username
* @param groups
* @param pt * @param pt
* *
* @return * @return
*/ */
private static boolean hasPermission(List<Permission> permissions, private static boolean hasPermission(List<Permission> permissions,
String username, PermissionType pt) String username, Collection<String> groups, PermissionType pt)
{ {
boolean result = false; boolean result = false;
@@ -160,12 +163,15 @@ public class PermissionUtil
{ {
String name = p.getName(); String name = p.getName();
if ((name != null) && name.equalsIgnoreCase(username) if ((name != null) && (p.getType().getValue() >= pt.getValue()))
&& (p.getType().getValue() >= pt.getValue()))
{ {
result = true; if (name.equals(username)
|| (p.isGroupPermission() && groups.contains(p.getName())))
{
result = true;
break; break;
}
} }
} }

10
scm-core/src/main/java/sonia/scm/web/security/WebSecurityContext.java
View File

@@ -40,6 +40,8 @@ import sonia.scm.user.User;
//~--- JDK imports ------------------------------------------------------------ //~--- JDK imports ------------------------------------------------------------
import java.util.Collection;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
@@ -76,6 +78,14 @@ public interface WebSecurityContext extends SecurityContext
//~--- get methods ---------------------------------------------------------- //~--- get methods ----------------------------------------------------------
/**
* Method description
*
*
* @return
*/
public Collection<String> getGroups();
/** /**
* Method description * Method description
* *

47
scm-core/src/test/java/sonia/scm/repository/PermissionUtilTest.java
View File

@@ -50,7 +50,10 @@ import static org.mockito.Mockito.*;
//~--- JDK imports ------------------------------------------------------------ //~--- JDK imports ------------------------------------------------------------
import java.util.ArrayList;
import java.util.Arrays; import java.util.Arrays;
import java.util.HashSet;
import java.util.Set;
/** /**
* *
@@ -108,6 +111,30 @@ public class PermissionUtilTest
PermissionUtil.assertPermission(repository, admams, PermissionType.OWNER); PermissionUtil.assertPermission(repository, admams, PermissionType.OWNER);
} }
/**
* Method description
*
*/
@Test
public void testGroupPermissions()
{
WebSecurityContext context = mockGroupCtx(new User("dent", "Arthur Dent",
"arthur.dent@hitchhiker.com"));
Repository r = new Repository();
r.setPermissions(
new ArrayList<Permission>(
Arrays.asList(
new Permission("dent"),
new Permission("devel", true, PermissionType.READ),
new Permission("qa", true, PermissionType.WRITE))));
assertTrue(PermissionUtil.hasPermission(r, context, PermissionType.READ));
assertTrue(PermissionUtil.hasPermission(r, context, PermissionType.WRITE));
assertFalse(PermissionUtil.hasPermission(r, context, PermissionType.OWNER));
r.getPermissions().add(new Permission("dent", PermissionType.OWNER));
assertTrue(PermissionUtil.hasPermission(r, context, PermissionType.OWNER));
}
//~--- get methods ---------------------------------------------------------- //~--- get methods ----------------------------------------------------------
/** /**
@@ -162,6 +189,26 @@ public class PermissionUtilTest
return context; return context;
} }
/**
* Method description
*
*
* @param user
*
* @return
*/
private WebSecurityContext mockGroupCtx(User user)
{
WebSecurityContext context = mockCtx(user);
Set<String> groups = new HashSet<String>();
groups.add("devel");
groups.add("qa");
when(context.getGroups()).thenReturn(groups);
return context;
}
//~--- fields --------------------------------------------------------------- //~--- fields ---------------------------------------------------------------
/** Field description */ /** Field description */

18
scm-test/src/main/java/sonia/scm/web/security/DummyWebSecurityContext.java
View File

@@ -39,6 +39,9 @@ import sonia.scm.user.User;
//~--- JDK imports ------------------------------------------------------------ //~--- JDK imports ------------------------------------------------------------
import java.util.HashSet;
import java.util.Set;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
@@ -97,6 +100,18 @@ public class DummyWebSecurityContext implements WebSecurityContext
//~--- get methods ---------------------------------------------------------- //~--- get methods ----------------------------------------------------------
/**
* Method description
*
*
* @return
*/
@Override
public Set<String> getGroups()
{
return groups;
}
/** /**
* Method description * Method description
* *
@@ -123,6 +138,9 @@ public class DummyWebSecurityContext implements WebSecurityContext
//~--- fields --------------------------------------------------------------- //~--- fields ---------------------------------------------------------------
/** Field description */
private Set<String> groups = new HashSet<String>();
/** Field description */ /** Field description */
private User user; private User user;
} }

25
scm-webapp/src/main/java/sonia/scm/group/xml/XmlGroupManager.java
View File

@@ -60,6 +60,7 @@ import java.io.IOException;
import java.util.Collection; import java.util.Collection;
import java.util.LinkedList; import java.util.LinkedList;
import java.util.Set;
/** /**
* *
@@ -323,6 +324,30 @@ public class XmlGroupManager extends AbstractGroupManager
return groups; return groups;
} }
/**
* Method description
*
*
* @param member
*
* @return
*/
@Override
public Collection<Group> getGroupsForMember(String member)
{
LinkedList<Group> groups = new LinkedList<Group>();
for (Group group : groupDB.values())
{
if (group.isMember(member))
{
groups.add(group.clone());
}
}
return groups;
}
//~--- methods -------------------------------------------------------------- //~--- methods --------------------------------------------------------------
/** /**

57
scm-webapp/src/main/java/sonia/scm/web/security/BasicSecurityContext.java
View File

@@ -42,11 +42,17 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import sonia.scm.config.ScmConfiguration; import sonia.scm.config.ScmConfiguration;
import sonia.scm.group.Group;
import sonia.scm.group.GroupManager;
import sonia.scm.user.User; import sonia.scm.user.User;
import sonia.scm.user.UserManager; import sonia.scm.user.UserManager;
//~--- JDK imports ------------------------------------------------------------ //~--- JDK imports ------------------------------------------------------------
import java.util.Collection;
import java.util.HashSet;
import java.util.Set;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
@@ -74,15 +80,18 @@ public class BasicSecurityContext implements WebSecurityContext
* *
* @param configuration * @param configuration
* @param authenticator * @param authenticator
* @param groupManager
* @param userManager * @param userManager
*/ */
@Inject @Inject
public BasicSecurityContext(ScmConfiguration configuration, public BasicSecurityContext(ScmConfiguration configuration,
AuthenticationManager authenticator, AuthenticationManager authenticator,
GroupManager groupManager,
UserManager userManager) UserManager userManager)
{ {
this.configuration = configuration; this.configuration = configuration;
this.authenticator = authenticator; this.authenticator = authenticator;
this.groupManager = groupManager;
this.userManager = userManager; this.userManager = userManager;
} }
@@ -128,6 +137,8 @@ public class BasicSecurityContext implements WebSecurityContext
{ {
userManager.create(user); userManager.create(user);
} }
loadGroups();
} }
catch (Exception ex) catch (Exception ex)
{ {
@@ -150,10 +161,28 @@ public class BasicSecurityContext implements WebSecurityContext
public void logout(HttpServletRequest request, HttpServletResponse response) public void logout(HttpServletRequest request, HttpServletResponse response)
{ {
user = null; user = null;
groups = null;
} }
//~--- get methods ---------------------------------------------------------- //~--- get methods ----------------------------------------------------------
/**
* Method description
*
*
* @return
*/
@Override
public Collection<String> getGroups()
{
if (groups == null)
{
groups = new HashSet<String>();
}
return groups;
}
/** /**
* Method description * Method description
* *
@@ -183,6 +212,28 @@ public class BasicSecurityContext implements WebSecurityContext
return getUser() != null; return getUser() != null;
} }
//~--- methods --------------------------------------------------------------
/**
* Method description
*
*/
private void loadGroups()
{
groups = new HashSet<String>();
Collection<Group> groupCollection =
groupManager.getGroupsForMember(user.getName());
if (groupCollection != null)
{
for (Group group : groupCollection)
{
groups.add(group.getName());
}
}
}
//~--- fields --------------------------------------------------------------- //~--- fields ---------------------------------------------------------------
/** Field description */ /** Field description */
@@ -191,6 +242,12 @@ public class BasicSecurityContext implements WebSecurityContext
/** Field description */ /** Field description */
private ScmConfiguration configuration; private ScmConfiguration configuration;
/** Field description */
private GroupManager groupManager;
/** Field description */
private Set<String> groups = new HashSet<String>();
/** Field description */ /** Field description */
private User user; private User user;