mirror of
https://github.com/scm-manager/scm-manager.git
synced 2025-11-02 19:45:51 +01:00
Fix permission git lfs integration test
This commit is contained in:
René Pfeuffer
@@ -33,7 +33,6 @@
|
|||||||
|
|
||||||
package sonia.scm.web.filter;
|
package sonia.scm.web.filter;
|
||||||
|
|
||||||
import com.google.common.base.Splitter;
|
|
||||||
import org.apache.shiro.SecurityUtils;
|
import org.apache.shiro.SecurityUtils;
|
||||||
import org.apache.shiro.authz.AuthorizationException;
|
import org.apache.shiro.authz.AuthorizationException;
|
||||||
import org.apache.shiro.subject.Subject;
|
import org.apache.shiro.subject.Subject;
|
||||||
@@ -46,13 +45,11 @@ import sonia.scm.repository.RepositoryPermissions;
|
|||||||
import sonia.scm.security.Role;
|
import sonia.scm.security.Role;
|
||||||
import sonia.scm.security.ScmSecurityException;
|
import sonia.scm.security.ScmSecurityException;
|
||||||
import sonia.scm.util.HttpUtil;
|
import sonia.scm.util.HttpUtil;
|
||||||
import sonia.scm.util.Util;
|
|
||||||
|
|
||||||
import javax.servlet.ServletException;
|
import javax.servlet.ServletException;
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletRequest;
|
||||||
import javax.servlet.http.HttpServletResponse;
|
import javax.servlet.http.HttpServletResponse;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.util.Iterator;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Abstract http filter to check repository permissions.
|
* Abstract http filter to check repository permissions.
|
||||||
@@ -121,7 +118,7 @@ public abstract class PermissionFilter
|
|||||||
getActionAsString(writeRequest), repository.getName(),
|
getActionAsString(writeRequest), repository.getName(),
|
||||||
getUserName(subject));
|
getUserName(subject));
|
||||||
|
|
||||||
continuation.serve();
|
continuation.doService();
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
@@ -172,29 +169,6 @@ public abstract class PermissionFilter
|
|||||||
HttpUtil.sendUnauthorized(response, configuration.getRealmDescription());
|
HttpUtil.sendUnauthorized(response, configuration.getRealmDescription());
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Extracts the type of the repositroy from url.
|
|
||||||
*
|
|
||||||
*
|
|
||||||
* @param request http request
|
|
||||||
*
|
|
||||||
* @return type of repository
|
|
||||||
*/
|
|
||||||
private String extractType(HttpServletRequest request)
|
|
||||||
{
|
|
||||||
Iterator<String> it = Splitter.on(
|
|
||||||
HttpUtil.SEPARATOR_PATH).omitEmptyStrings().split(
|
|
||||||
request.getRequestURI()).iterator();
|
|
||||||
String type = it.next();
|
|
||||||
|
|
||||||
if (Util.isNotEmpty(request.getContextPath()))
|
|
||||||
{
|
|
||||||
type = it.next();
|
|
||||||
}
|
|
||||||
|
|
||||||
return type;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Send access denied to the servlet response.
|
* Send access denied to the servlet response.
|
||||||
*
|
*
|
||||||
@@ -287,6 +261,6 @@ public abstract class PermissionFilter
|
|||||||
|
|
||||||
@FunctionalInterface
|
@FunctionalInterface
|
||||||
public interface ContinuationServlet {
|
public interface ContinuationServlet {
|
||||||
void serve() throws ServletException, IOException;
|
void doService() throws ServletException, IOException;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -33,7 +33,7 @@ public abstract class UserToUserDtoMapper extends BaseMapper<User, UserDto> {
|
|||||||
}
|
}
|
||||||
|
|
||||||
@AfterMapping
|
@AfterMapping
|
||||||
void appendLinks(User user, @MappingTarget UserDto target) {
|
protected void appendLinks(User user, @MappingTarget UserDto target) {
|
||||||
Links.Builder linksBuilder = linkingTo().self(resourceLinks.user().self(target.getName()));
|
Links.Builder linksBuilder = linkingTo().self(resourceLinks.user().self(target.getName()));
|
||||||
if (UserPermissions.delete(user).isPermitted()) {
|
if (UserPermissions.delete(user).isPermitted()) {
|
||||||
linksBuilder.single(link("delete", resourceLinks.user().delete(target.getName())));
|
linksBuilder.single(link("delete", resourceLinks.user().delete(target.getName())));
|
||||||
|
|||||||
@@ -56,6 +56,7 @@ public class HttpProtocolServlet extends HttpServlet {
|
|||||||
log.trace("dispatch browser request for user agent {}", userAgent);
|
log.trace("dispatch browser request for user agent {}", userAgent);
|
||||||
dispatcher.dispatch(request, response, request.getRequestURI());
|
dispatcher.dispatch(request, response, request.getRequestURI());
|
||||||
} else {
|
} else {
|
||||||
|
|
||||||
String pathInfo = request.getPathInfo();
|
String pathInfo = request.getPathInfo();
|
||||||
Optional<NamespaceAndName> namespaceAndName = namespaceAndNameFromPathExtractor.fromUri(pathInfo);
|
Optional<NamespaceAndName> namespaceAndName = namespaceAndNameFromPathExtractor.fromUri(pathInfo);
|
||||||
if (namespaceAndName.isPresent()) {
|
if (namespaceAndName.isPresent()) {
|
||||||
|
|||||||
@@ -36,34 +36,39 @@ import com.fasterxml.jackson.databind.ObjectMapper;
|
|||||||
import com.fasterxml.jackson.databind.type.TypeFactory;
|
import com.fasterxml.jackson.databind.type.TypeFactory;
|
||||||
import com.fasterxml.jackson.module.jaxb.JaxbAnnotationIntrospector;
|
import com.fasterxml.jackson.module.jaxb.JaxbAnnotationIntrospector;
|
||||||
import com.google.common.base.Charsets;
|
import com.google.common.base.Charsets;
|
||||||
|
import com.sun.jersey.api.client.ClientResponse;
|
||||||
import com.sun.jersey.api.client.UniformInterfaceException;
|
import com.sun.jersey.api.client.UniformInterfaceException;
|
||||||
import org.apache.shiro.crypto.hash.Sha256Hash;
|
import org.apache.shiro.crypto.hash.Sha256Hash;
|
||||||
import org.hamcrest.Matchers;
|
import org.hamcrest.Matchers;
|
||||||
import org.junit.After;
|
import org.junit.After;
|
||||||
import org.junit.Before;
|
import org.junit.Before;
|
||||||
import org.junit.Ignore;
|
|
||||||
import org.junit.Rule;
|
import org.junit.Rule;
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
import org.junit.rules.ExpectedException;
|
import org.junit.rules.ExpectedException;
|
||||||
import org.junit.rules.TemporaryFolder;
|
import org.junit.rules.TemporaryFolder;
|
||||||
import sonia.scm.api.rest.ObjectMapperProvider;
|
import sonia.scm.api.rest.ObjectMapperProvider;
|
||||||
import sonia.scm.api.v2.resources.RepositoryDto;
|
import sonia.scm.api.v2.resources.RepositoryDto;
|
||||||
|
import sonia.scm.api.v2.resources.UserDto;
|
||||||
|
import sonia.scm.api.v2.resources.UserToUserDtoMapperImpl;
|
||||||
import sonia.scm.repository.PermissionType;
|
import sonia.scm.repository.PermissionType;
|
||||||
import sonia.scm.repository.Repository;
|
import sonia.scm.repository.Repository;
|
||||||
import sonia.scm.user.User;
|
import sonia.scm.user.User;
|
||||||
import sonia.scm.user.UserTestData;
|
import sonia.scm.user.UserTestData;
|
||||||
import sonia.scm.util.HttpUtil;
|
import sonia.scm.util.HttpUtil;
|
||||||
|
import sonia.scm.web.VndMediaType;
|
||||||
|
|
||||||
import javax.xml.bind.annotation.XmlAccessType;
|
import javax.xml.bind.annotation.XmlAccessType;
|
||||||
import javax.xml.bind.annotation.XmlAccessorType;
|
import javax.xml.bind.annotation.XmlAccessorType;
|
||||||
import javax.xml.bind.annotation.XmlRootElement;
|
import javax.xml.bind.annotation.XmlRootElement;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
import java.net.URI;
|
||||||
import java.util.UUID;
|
import java.util.UUID;
|
||||||
|
|
||||||
import static org.junit.Assert.assertArrayEquals;
|
import static org.junit.Assert.assertArrayEquals;
|
||||||
import static sonia.scm.it.IntegrationTestUtil.BASE_URL;
|
import static sonia.scm.it.IntegrationTestUtil.BASE_URL;
|
||||||
import static sonia.scm.it.IntegrationTestUtil.REST_BASE_URL;
|
import static sonia.scm.it.IntegrationTestUtil.REST_BASE_URL;
|
||||||
import static sonia.scm.it.IntegrationTestUtil.createAdminClient;
|
import static sonia.scm.it.IntegrationTestUtil.createAdminClient;
|
||||||
|
import static sonia.scm.it.IntegrationTestUtil.createResource;
|
||||||
import static sonia.scm.it.IntegrationTestUtil.readJson;
|
import static sonia.scm.it.IntegrationTestUtil.readJson;
|
||||||
import static sonia.scm.it.RepositoryITUtil.createRepository;
|
import static sonia.scm.it.RepositoryITUtil.createRepository;
|
||||||
import static sonia.scm.it.RepositoryITUtil.deleteRepository;
|
import static sonia.scm.it.RepositoryITUtil.deleteRepository;
|
||||||
@@ -112,7 +117,7 @@ public class GitLfsITCase {
|
|||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
@Ignore("permissions not yet implemented")
|
// @Ignore("permissions not yet implemented")
|
||||||
public void testLfsAPIWithOwnerPermissions() throws IOException {
|
public void testLfsAPIWithOwnerPermissions() throws IOException {
|
||||||
uploadAndDownloadAsUser(PermissionType.OWNER);
|
uploadAndDownloadAsUser(PermissionType.OWNER);
|
||||||
}
|
}
|
||||||
@@ -126,6 +131,11 @@ public class GitLfsITCase {
|
|||||||
// TODO enable when permissions are implemented in v2
|
// TODO enable when permissions are implemented in v2
|
||||||
// repository.getPermissions().add(new Permission(trillian.getId(), permissionType));
|
// repository.getPermissions().add(new Permission(trillian.getId(), permissionType));
|
||||||
// modifyRepository(repository);
|
// modifyRepository(repository);
|
||||||
|
String permissionsUrl = repository.getLinks().getLinkBy("permissions").get().getHref();
|
||||||
|
IntegrationTestUtil.createResource(adminClient, URI.create(permissionsUrl))
|
||||||
|
.accept("*/*")
|
||||||
|
.type(VndMediaType.PERMISSION)
|
||||||
|
.post(ClientResponse.class, "{\"name\": \""+ trillian.getId() +"\", \"type\":\"WRITE\"}");
|
||||||
|
|
||||||
ScmClient client = new ScmClient(trillian.getId(), "secret123");
|
ScmClient client = new ScmClient(trillian.getId(), "secret123");
|
||||||
|
|
||||||
@@ -136,13 +146,21 @@ public class GitLfsITCase {
|
|||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
@Ignore("permissions not yet implemented")
|
// @Ignore("permissions not yet implemented")
|
||||||
public void testLfsAPIWithWritePermissions() throws IOException {
|
public void testLfsAPIWithWritePermissions() throws IOException {
|
||||||
uploadAndDownloadAsUser(PermissionType.WRITE);
|
uploadAndDownloadAsUser(PermissionType.WRITE);
|
||||||
}
|
}
|
||||||
|
|
||||||
private void createUser(User user) {
|
private void createUser(User user) {
|
||||||
adminClient.resource(REST_BASE_URL + "users.json").post(user);
|
UserDto dto = new UserToUserDtoMapperImpl(){
|
||||||
|
@Override
|
||||||
|
protected void appendLinks(User user, UserDto target) {}
|
||||||
|
}.map(user);
|
||||||
|
dto.setPassword(user.getPassword());
|
||||||
|
createResource(adminClient, "users")
|
||||||
|
.accept("*/*")
|
||||||
|
.type(VndMediaType.USER)
|
||||||
|
.post(ClientResponse.class, dto);
|
||||||
}
|
}
|
||||||
|
|
||||||
private void modifyRepository(Repository repository) {
|
private void modifyRepository(Repository repository) {
|
||||||
@@ -154,7 +172,7 @@ public class GitLfsITCase {
|
|||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
@Ignore("permissions not yet implemented")
|
// @Ignore("permissions not yet implemented")
|
||||||
public void testLfsAPIWithoutWritePermissions() throws IOException {
|
public void testLfsAPIWithoutWritePermissions() throws IOException {
|
||||||
User trillian = UserTestData.createTrillian();
|
User trillian = UserTestData.createTrillian();
|
||||||
trillian.setPassword("secret123");
|
trillian.setPassword("secret123");
|
||||||
@@ -168,6 +186,11 @@ public class GitLfsITCase {
|
|||||||
// TODO enable when permissions are implemented in v2
|
// TODO enable when permissions are implemented in v2
|
||||||
// repository.getPermissions().add(new Permission(trillian.getId(), PermissionType.READ));
|
// repository.getPermissions().add(new Permission(trillian.getId(), PermissionType.READ));
|
||||||
// modifyRepository(repository);
|
// modifyRepository(repository);
|
||||||
|
String permissionsUrl = repository.getLinks().getLinkBy("permissions").get().getHref();
|
||||||
|
IntegrationTestUtil.createResource(adminClient, URI.create(permissionsUrl))
|
||||||
|
.accept("*/*")
|
||||||
|
.type(VndMediaType.PERMISSION)
|
||||||
|
.post(ClientResponse.class, "{\"name\": \""+ trillian.getId() +"\", \"type\":\"READ\"}");
|
||||||
|
|
||||||
ScmClient client = new ScmClient(trillian.getId(), "secret123");
|
ScmClient client = new ScmClient(trillian.getId(), "secret123");
|
||||||
uploadAndDownload(client);
|
uploadAndDownload(client);
|
||||||
@@ -177,7 +200,7 @@ public class GitLfsITCase {
|
|||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
@Ignore("permissions not yet implemented")
|
// @Ignore("permissions not yet implemented")
|
||||||
public void testLfsDownloadWithReadPermissions() throws IOException {
|
public void testLfsDownloadWithReadPermissions() throws IOException {
|
||||||
User trillian = UserTestData.createTrillian();
|
User trillian = UserTestData.createTrillian();
|
||||||
trillian.setPassword("secret123");
|
trillian.setPassword("secret123");
|
||||||
@@ -188,6 +211,11 @@ public class GitLfsITCase {
|
|||||||
// TODO enable when permissions are implemented in v2
|
// TODO enable when permissions are implemented in v2
|
||||||
// repository.getPermissions().add(new Permission(trillian.getId(), PermissionType.READ));
|
// repository.getPermissions().add(new Permission(trillian.getId(), PermissionType.READ));
|
||||||
// modifyRepository(repository);
|
// modifyRepository(repository);
|
||||||
|
String permissionsUrl = repository.getLinks().getLinkBy("permissions").get().getHref();
|
||||||
|
IntegrationTestUtil.createResource(adminClient, URI.create(permissionsUrl))
|
||||||
|
.accept("*/*")
|
||||||
|
.type(VndMediaType.PERMISSION)
|
||||||
|
.post(ClientResponse.class, "{\"name\": \""+ trillian.getId() +"\", \"type\":\"READ\"}");
|
||||||
|
|
||||||
// upload data as admin
|
// upload data as admin
|
||||||
String data = UUID.randomUUID().toString();
|
String data = UUID.randomUUID().toString();
|
||||||
|
|||||||
Reference in New Issue
Block a user