From c21612bd8ef152e325b64e66e2d238ea921f0464 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20Pfeuffer?= Date: Tue, 11 Sep 2018 13:15:08 +0200 Subject: [PATCH] Fix permission git lfs integration test --- .../scm/web/filter/PermissionFilter.java | 30 +------------- .../api/v2/resources/UserToUserDtoMapper.java | 2 +- .../scm/web/protocol/HttpProtocolServlet.java | 1 + .../test/java/sonia/scm/it/GitLfsITCase.java | 40 ++++++++++++++++--- 4 files changed, 38 insertions(+), 35 deletions(-) diff --git a/scm-core/src/main/java/sonia/scm/web/filter/PermissionFilter.java b/scm-core/src/main/java/sonia/scm/web/filter/PermissionFilter.java index 3415c3e338..a01875fed0 100644 --- a/scm-core/src/main/java/sonia/scm/web/filter/PermissionFilter.java +++ b/scm-core/src/main/java/sonia/scm/web/filter/PermissionFilter.java @@ -33,7 +33,6 @@ package sonia.scm.web.filter; -import com.google.common.base.Splitter; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authz.AuthorizationException; import org.apache.shiro.subject.Subject; @@ -46,13 +45,11 @@ import sonia.scm.repository.RepositoryPermissions; import sonia.scm.security.Role; import sonia.scm.security.ScmSecurityException; import sonia.scm.util.HttpUtil; -import sonia.scm.util.Util; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; -import java.util.Iterator; /** * Abstract http filter to check repository permissions. @@ -121,7 +118,7 @@ public abstract class PermissionFilter getActionAsString(writeRequest), repository.getName(), getUserName(subject)); - continuation.serve(); + continuation.doService(); } else { @@ -172,29 +169,6 @@ public abstract class PermissionFilter HttpUtil.sendUnauthorized(response, configuration.getRealmDescription()); } - /** - * Extracts the type of the repositroy from url. - * - * - * @param request http request - * - * @return type of repository - */ - private String extractType(HttpServletRequest request) - { - Iterator it = Splitter.on( - HttpUtil.SEPARATOR_PATH).omitEmptyStrings().split( - request.getRequestURI()).iterator(); - String type = it.next(); - - if (Util.isNotEmpty(request.getContextPath())) - { - type = it.next(); - } - - return type; - } - /** * Send access denied to the servlet response. * @@ -287,6 +261,6 @@ public abstract class PermissionFilter @FunctionalInterface public interface ContinuationServlet { - void serve() throws ServletException, IOException; + void doService() throws ServletException, IOException; } } diff --git a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/UserToUserDtoMapper.java b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/UserToUserDtoMapper.java index 00aba5a700..97a3a21482 100644 --- a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/UserToUserDtoMapper.java +++ b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/UserToUserDtoMapper.java @@ -33,7 +33,7 @@ public abstract class UserToUserDtoMapper extends BaseMapper { } @AfterMapping - void appendLinks(User user, @MappingTarget UserDto target) { + protected void appendLinks(User user, @MappingTarget UserDto target) { Links.Builder linksBuilder = linkingTo().self(resourceLinks.user().self(target.getName())); if (UserPermissions.delete(user).isPermitted()) { linksBuilder.single(link("delete", resourceLinks.user().delete(target.getName()))); diff --git a/scm-webapp/src/main/java/sonia/scm/web/protocol/HttpProtocolServlet.java b/scm-webapp/src/main/java/sonia/scm/web/protocol/HttpProtocolServlet.java index 7ba4d2392c..2a02afe7f6 100644 --- a/scm-webapp/src/main/java/sonia/scm/web/protocol/HttpProtocolServlet.java +++ b/scm-webapp/src/main/java/sonia/scm/web/protocol/HttpProtocolServlet.java @@ -56,6 +56,7 @@ public class HttpProtocolServlet extends HttpServlet { log.trace("dispatch browser request for user agent {}", userAgent); dispatcher.dispatch(request, response, request.getRequestURI()); } else { + String pathInfo = request.getPathInfo(); Optional namespaceAndName = namespaceAndNameFromPathExtractor.fromUri(pathInfo); if (namespaceAndName.isPresent()) { diff --git a/scm-webapp/src/test/java/sonia/scm/it/GitLfsITCase.java b/scm-webapp/src/test/java/sonia/scm/it/GitLfsITCase.java index b07f0c6067..7da9b8adfb 100644 --- a/scm-webapp/src/test/java/sonia/scm/it/GitLfsITCase.java +++ b/scm-webapp/src/test/java/sonia/scm/it/GitLfsITCase.java @@ -36,34 +36,39 @@ import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.type.TypeFactory; import com.fasterxml.jackson.module.jaxb.JaxbAnnotationIntrospector; import com.google.common.base.Charsets; +import com.sun.jersey.api.client.ClientResponse; import com.sun.jersey.api.client.UniformInterfaceException; import org.apache.shiro.crypto.hash.Sha256Hash; import org.hamcrest.Matchers; import org.junit.After; import org.junit.Before; -import org.junit.Ignore; import org.junit.Rule; import org.junit.Test; import org.junit.rules.ExpectedException; import org.junit.rules.TemporaryFolder; import sonia.scm.api.rest.ObjectMapperProvider; import sonia.scm.api.v2.resources.RepositoryDto; +import sonia.scm.api.v2.resources.UserDto; +import sonia.scm.api.v2.resources.UserToUserDtoMapperImpl; import sonia.scm.repository.PermissionType; import sonia.scm.repository.Repository; import sonia.scm.user.User; import sonia.scm.user.UserTestData; import sonia.scm.util.HttpUtil; +import sonia.scm.web.VndMediaType; import javax.xml.bind.annotation.XmlAccessType; import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlRootElement; import java.io.IOException; +import java.net.URI; import java.util.UUID; import static org.junit.Assert.assertArrayEquals; import static sonia.scm.it.IntegrationTestUtil.BASE_URL; import static sonia.scm.it.IntegrationTestUtil.REST_BASE_URL; import static sonia.scm.it.IntegrationTestUtil.createAdminClient; +import static sonia.scm.it.IntegrationTestUtil.createResource; import static sonia.scm.it.IntegrationTestUtil.readJson; import static sonia.scm.it.RepositoryITUtil.createRepository; import static sonia.scm.it.RepositoryITUtil.deleteRepository; @@ -112,7 +117,7 @@ public class GitLfsITCase { } @Test - @Ignore("permissions not yet implemented") +// @Ignore("permissions not yet implemented") public void testLfsAPIWithOwnerPermissions() throws IOException { uploadAndDownloadAsUser(PermissionType.OWNER); } @@ -126,6 +131,11 @@ public class GitLfsITCase { // TODO enable when permissions are implemented in v2 // repository.getPermissions().add(new Permission(trillian.getId(), permissionType)); // modifyRepository(repository); + String permissionsUrl = repository.getLinks().getLinkBy("permissions").get().getHref(); + IntegrationTestUtil.createResource(adminClient, URI.create(permissionsUrl)) + .accept("*/*") + .type(VndMediaType.PERMISSION) + .post(ClientResponse.class, "{\"name\": \""+ trillian.getId() +"\", \"type\":\"WRITE\"}"); ScmClient client = new ScmClient(trillian.getId(), "secret123"); @@ -136,13 +146,21 @@ public class GitLfsITCase { } @Test - @Ignore("permissions not yet implemented") +// @Ignore("permissions not yet implemented") public void testLfsAPIWithWritePermissions() throws IOException { uploadAndDownloadAsUser(PermissionType.WRITE); } private void createUser(User user) { - adminClient.resource(REST_BASE_URL + "users.json").post(user); + UserDto dto = new UserToUserDtoMapperImpl(){ + @Override + protected void appendLinks(User user, UserDto target) {} + }.map(user); + dto.setPassword(user.getPassword()); + createResource(adminClient, "users") + .accept("*/*") + .type(VndMediaType.USER) + .post(ClientResponse.class, dto); } private void modifyRepository(Repository repository) { @@ -154,7 +172,7 @@ public class GitLfsITCase { } @Test - @Ignore("permissions not yet implemented") +// @Ignore("permissions not yet implemented") public void testLfsAPIWithoutWritePermissions() throws IOException { User trillian = UserTestData.createTrillian(); trillian.setPassword("secret123"); @@ -168,6 +186,11 @@ public class GitLfsITCase { // TODO enable when permissions are implemented in v2 // repository.getPermissions().add(new Permission(trillian.getId(), PermissionType.READ)); // modifyRepository(repository); + String permissionsUrl = repository.getLinks().getLinkBy("permissions").get().getHref(); + IntegrationTestUtil.createResource(adminClient, URI.create(permissionsUrl)) + .accept("*/*") + .type(VndMediaType.PERMISSION) + .post(ClientResponse.class, "{\"name\": \""+ trillian.getId() +"\", \"type\":\"READ\"}"); ScmClient client = new ScmClient(trillian.getId(), "secret123"); uploadAndDownload(client); @@ -177,7 +200,7 @@ public class GitLfsITCase { } @Test - @Ignore("permissions not yet implemented") +// @Ignore("permissions not yet implemented") public void testLfsDownloadWithReadPermissions() throws IOException { User trillian = UserTestData.createTrillian(); trillian.setPassword("secret123"); @@ -188,6 +211,11 @@ public class GitLfsITCase { // TODO enable when permissions are implemented in v2 // repository.getPermissions().add(new Permission(trillian.getId(), PermissionType.READ)); // modifyRepository(repository); + String permissionsUrl = repository.getLinks().getLinkBy("permissions").get().getHref(); + IntegrationTestUtil.createResource(adminClient, URI.create(permissionsUrl)) + .accept("*/*") + .type(VndMediaType.PERMISSION) + .post(ClientResponse.class, "{\"name\": \""+ trillian.getId() +"\", \"type\":\"READ\"}"); // upload data as admin String data = UUID.randomUUID().toString();