Test roles

2025-11-12 16:35:45 +01:00 · 2018-06-13 14:07:43 +02:00
parent 384183f3a9
commit b9f1a200fa
3 changed files with 106 additions and 14 deletions
--- a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/GroupSubResource.java
+++ b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/GroupSubResource.java
@@ -1,6 +1,11 @@
 package sonia.scm.api.v2.resources;

+import org.apache.shiro.SecurityUtils;
+import sonia.scm.api.rest.resources.AbstractManagerResource;
 import sonia.scm.group.Group;
+import sonia.scm.group.GroupException;
+import sonia.scm.group.GroupManager;
+import sonia.scm.security.Role;
 import sonia.scm.web.VndMediaType;

 import javax.inject.Inject;
@@ -11,31 +16,39 @@ import javax.ws.rs.Path;
 import javax.ws.rs.PathParam;
 import javax.ws.rs.Produces;
 import javax.ws.rs.core.Context;
+import javax.ws.rs.core.GenericEntity;
 import javax.ws.rs.core.Request;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.UriInfo;
-import java.util.stream.IntStream;
-import java.util.stream.StreamSupport;
-
-import static java.util.stream.Collectors.toList;
+import java.util.Collection;

@Produces(VndMediaType.GROUP)
-public class GroupSubResource {
+public class GroupSubResource extends AbstractManagerResource<Group, GroupException> {

  private final Group2GroupDtoMapper groupToGroupDtoMapper;

  @Inject
-  public GroupSubResource(Group2GroupDtoMapper groupToGroupDtoMapper) {
+  public GroupSubResource(GroupManager manager, Group2GroupDtoMapper groupToGroupDtoMapper) {
+    super(manager);
    this.groupToGroupDtoMapper = groupToGroupDtoMapper;
  }

  @Path("")
  @GET
  public Response get(@Context Request request, @Context UriInfo uriInfo, @PathParam("id") String id) {
-    Group group = new Group("admin", "admin");
-    group.setCreationDate(System.currentTimeMillis());
-    group.setMembers(IntStream.range(1, 10).mapToObj(n -> "user" + n).collect(toList()));
-    return Response.ok(groupToGroupDtoMapper.groupToGroupDto(group, uriInfo)).build();
+    if (SecurityUtils.getSubject().hasRole(Role.ADMIN))
+    {
+      Group group = manager.get(id);
+      if (group == null) {
+        return Response.status(Response.Status.NOT_FOUND).build();
+      }
+      GroupDto groupDto = groupToGroupDtoMapper.groupToGroupDto(group, uriInfo);
+      return Response.ok(groupDto).build();
+    }
+    else
+    {
+      return Response.status(Response.Status.FORBIDDEN).build();
+    }
  }

  @Path("")
@@ -49,4 +62,19 @@ public class GroupSubResource {
  public Response update(@PathParam("id") String id) {
    throw new RuntimeException();
  }
+
+  @Override
+  protected GenericEntity<Collection<Group>> createGenericEntity(Collection<Group> items) {
+    throw new UnsupportedOperationException();
+  }
+
+  @Override
+  protected String getId(Group item) {
+    return item.getName();
+  }
+
+  @Override
+  protected String getPathPart() {
+    throw new UnsupportedOperationException();
+  }
 }