mirror of
https://github.com/scm-manager/scm-manager.git
synced 2025-11-11 07:55:47 +01:00
Remove redundant permission check
This commit is contained in:
René Pfeuffer
@@ -16,6 +16,6 @@ public abstract class PermissionDtoToPermissionMapper {
|
|||||||
* @param permissionDto the source dto
|
* @param permissionDto the source dto
|
||||||
* @return the mapped target permission object
|
* @return the mapped target permission object
|
||||||
*/
|
*/
|
||||||
public abstract Permission modify(@MappingTarget Permission target, PermissionDto permissionDto);
|
public abstract void modify(@MappingTarget Permission target, PermissionDto permissionDto);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -14,7 +14,6 @@ import sonia.scm.repository.Repository;
|
|||||||
import sonia.scm.repository.RepositoryException;
|
import sonia.scm.repository.RepositoryException;
|
||||||
import sonia.scm.repository.RepositoryManager;
|
import sonia.scm.repository.RepositoryManager;
|
||||||
import sonia.scm.repository.RepositoryNotFoundException;
|
import sonia.scm.repository.RepositoryNotFoundException;
|
||||||
import sonia.scm.repository.RepositoryPermissions;
|
|
||||||
import sonia.scm.web.VndMediaType;
|
import sonia.scm.web.VndMediaType;
|
||||||
|
|
||||||
import javax.inject.Inject;
|
import javax.inject.Inject;
|
||||||
@@ -69,7 +68,7 @@ public class PermissionRootResource {
|
|||||||
@Consumes(VndMediaType.PERMISSION)
|
@Consumes(VndMediaType.PERMISSION)
|
||||||
public Response create(@PathParam("namespace") String namespace, @PathParam("name") String name, PermissionDto permission) throws RepositoryException {
|
public Response create(@PathParam("namespace") String namespace, @PathParam("name") String name, PermissionDto permission) throws RepositoryException {
|
||||||
log.info("try to add new permission: {}", permission);
|
log.info("try to add new permission: {}", permission);
|
||||||
Repository repository = checkPermission(namespace, name);
|
Repository repository = load(namespace, name);
|
||||||
checkPermissionAlreadyExists(permission, repository);
|
checkPermissionAlreadyExists(permission, repository);
|
||||||
repository.getPermissions().add(dtoToModelMapper.map(permission));
|
repository.getPermissions().add(dtoToModelMapper.map(permission));
|
||||||
manager.modify(repository);
|
manager.modify(repository);
|
||||||
@@ -95,7 +94,7 @@ public class PermissionRootResource {
|
|||||||
@TypeHint(PermissionDto.class)
|
@TypeHint(PermissionDto.class)
|
||||||
@Path("{permission-name}")
|
@Path("{permission-name}")
|
||||||
public Response get(@PathParam("namespace") String namespace, @PathParam("name") String name, @PathParam("permission-name") String permissionName) throws RepositoryException {
|
public Response get(@PathParam("namespace") String namespace, @PathParam("name") String name, @PathParam("permission-name") String permissionName) throws RepositoryException {
|
||||||
Repository repository = checkPermission(namespace, name);
|
Repository repository = load(namespace, name);
|
||||||
return Response.ok(
|
return Response.ok(
|
||||||
repository.getPermissions()
|
repository.getPermissions()
|
||||||
.stream()
|
.stream()
|
||||||
@@ -125,7 +124,7 @@ public class PermissionRootResource {
|
|||||||
@TypeHint(PermissionDto.class)
|
@TypeHint(PermissionDto.class)
|
||||||
@Path("")
|
@Path("")
|
||||||
public Response getAll(@PathParam("namespace") String namespace, @PathParam("name") String name) throws RepositoryNotFoundException {
|
public Response getAll(@PathParam("namespace") String namespace, @PathParam("name") String name) throws RepositoryNotFoundException {
|
||||||
Repository repository = checkPermission(namespace, name);
|
Repository repository = load(namespace, name);
|
||||||
List<PermissionDto> permissionDtoList = repository.getPermissions()
|
List<PermissionDto> permissionDtoList = repository.getPermissions()
|
||||||
.stream()
|
.stream()
|
||||||
.map(per -> modelToDtoMapper.map(per, new NamespaceAndName(repository.getNamespace(), repository.getName())))
|
.map(per -> modelToDtoMapper.map(per, new NamespaceAndName(repository.getNamespace(), repository.getName())))
|
||||||
@@ -155,7 +154,7 @@ public class PermissionRootResource {
|
|||||||
@PathParam("permission-name") String permissionName,
|
@PathParam("permission-name") String permissionName,
|
||||||
PermissionDto permission) throws RepositoryException {
|
PermissionDto permission) throws RepositoryException {
|
||||||
log.info("try to update the permission with name: {}. the modified permission is: {}", permissionName, permission);
|
log.info("try to update the permission with name: {}. the modified permission is: {}", permissionName, permission);
|
||||||
Repository repository = checkPermission(namespace, name);
|
Repository repository = load(namespace, name);
|
||||||
Permission existingPermission = repository.getPermissions()
|
Permission existingPermission = repository.getPermissions()
|
||||||
.stream()
|
.stream()
|
||||||
.filter(perm -> StringUtils.isNotBlank(perm.getName()) && perm.getName().equals(permissionName))
|
.filter(perm -> StringUtils.isNotBlank(perm.getName()) && perm.getName().equals(permissionName))
|
||||||
@@ -186,7 +185,7 @@ public class PermissionRootResource {
|
|||||||
@PathParam("name") String name,
|
@PathParam("name") String name,
|
||||||
@PathParam("permission-name") String permissionName) throws RepositoryException {
|
@PathParam("permission-name") String permissionName) throws RepositoryException {
|
||||||
log.info("try to delete the permission with name: {}.", permissionName);
|
log.info("try to delete the permission with name: {}.", permissionName);
|
||||||
Repository repository = checkPermission(namespace, name);
|
Repository repository = load(namespace, name);
|
||||||
repository.getPermissions()
|
repository.getPermissions()
|
||||||
.stream()
|
.stream()
|
||||||
.filter(perm -> StringUtils.isNotBlank(perm.getName()) && perm.getName().equals(permissionName))
|
.filter(perm -> StringUtils.isNotBlank(perm.getName()) && perm.getName().equals(permissionName))
|
||||||
@@ -208,26 +207,11 @@ public class PermissionRootResource {
|
|||||||
* @return the repository if the user is permitted
|
* @return the repository if the user is permitted
|
||||||
* @throws RepositoryNotFoundException if the repository does not exists
|
* @throws RepositoryNotFoundException if the repository does not exists
|
||||||
*/
|
*/
|
||||||
private Repository checkPermission(@PathParam("namespace") String namespace, @PathParam("name") String name) throws RepositoryNotFoundException {
|
private Repository load(String namespace, String name) throws RepositoryNotFoundException {
|
||||||
return Optional.ofNullable(manager.get(new NamespaceAndName(namespace, name)))
|
return Optional.ofNullable(manager.get(new NamespaceAndName(namespace, name)))
|
||||||
.filter(repository -> {
|
|
||||||
checkUserPermitted(repository);
|
|
||||||
return true;
|
|
||||||
})
|
|
||||||
.orElseThrow(() -> new RepositoryNotFoundException(name));
|
.orElseThrow(() -> new RepositoryNotFoundException(name));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
|
||||||
* throw exception if the user is not permitted
|
|
||||||
*
|
|
||||||
* @param repository
|
|
||||||
*/
|
|
||||||
protected void checkUserPermitted(Repository repository) {
|
|
||||||
RepositoryPermissions.modify(repository).check();
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* check if the permission already exists in the repository
|
* check if the permission already exists in the repository
|
||||||
*
|
*
|
||||||
|
|||||||
@@ -18,10 +18,8 @@ import org.junit.jupiter.api.BeforeEach;
|
|||||||
import org.junit.jupiter.api.DisplayName;
|
import org.junit.jupiter.api.DisplayName;
|
||||||
import org.junit.jupiter.api.DynamicTest;
|
import org.junit.jupiter.api.DynamicTest;
|
||||||
import org.junit.jupiter.api.TestFactory;
|
import org.junit.jupiter.api.TestFactory;
|
||||||
import org.junit.runner.RunWith;
|
|
||||||
import org.mockito.InjectMocks;
|
import org.mockito.InjectMocks;
|
||||||
import org.mockito.Mock;
|
import org.mockito.Mock;
|
||||||
import org.mockito.junit.MockitoJUnitRunner;
|
|
||||||
import sonia.scm.api.rest.AuthorizationExceptionMapper;
|
import sonia.scm.api.rest.AuthorizationExceptionMapper;
|
||||||
import sonia.scm.repository.NamespaceAndName;
|
import sonia.scm.repository.NamespaceAndName;
|
||||||
import sonia.scm.repository.Permission;
|
import sonia.scm.repository.Permission;
|
||||||
@@ -44,14 +42,11 @@ import static org.assertj.core.api.Assertions.assertThat;
|
|||||||
import static org.junit.Assert.fail;
|
import static org.junit.Assert.fail;
|
||||||
import static org.junit.jupiter.api.DynamicTest.dynamicTest;
|
import static org.junit.jupiter.api.DynamicTest.dynamicTest;
|
||||||
import static org.mockito.Matchers.any;
|
import static org.mockito.Matchers.any;
|
||||||
import static org.mockito.Mockito.doNothing;
|
|
||||||
import static org.mockito.Mockito.doThrow;
|
import static org.mockito.Mockito.doThrow;
|
||||||
import static org.mockito.Mockito.mock;
|
import static org.mockito.Mockito.mock;
|
||||||
import static org.mockito.Mockito.spy;
|
|
||||||
import static org.mockito.Mockito.when;
|
import static org.mockito.Mockito.when;
|
||||||
import static org.mockito.MockitoAnnotations.initMocks;
|
import static org.mockito.MockitoAnnotations.initMocks;
|
||||||
|
|
||||||
@RunWith(MockitoJUnitRunner.Silent.class)
|
|
||||||
@Slf4j
|
@Slf4j
|
||||||
public class PermissionRootResourceTest {
|
public class PermissionRootResourceTest {
|
||||||
private static final String REPOSITORY_NAMESPACE = "repo_namespace";
|
private static final String REPOSITORY_NAMESPACE = "repo_namespace";
|
||||||
@@ -112,7 +107,7 @@ public class PermissionRootResourceTest {
|
|||||||
@Before
|
@Before
|
||||||
public void prepareEnvironment() {
|
public void prepareEnvironment() {
|
||||||
initMocks(this);
|
initMocks(this);
|
||||||
permissionRootResource = spy(new PermissionRootResource(permissionDtoToPermissionMapper, permissionToPermissionDtoMapper, resourceLinks, repositoryManager));
|
permissionRootResource = new PermissionRootResource(permissionDtoToPermissionMapper, permissionToPermissionDtoMapper, resourceLinks, repositoryManager);
|
||||||
RepositoryRootResource repositoryRootResource = new RepositoryRootResource(MockProvider
|
RepositoryRootResource repositoryRootResource = new RepositoryRootResource(MockProvider
|
||||||
.of(new RepositoryResource(null, null, null, null, null, null, null,null, MockProvider.of(permissionRootResource))), null);
|
.of(new RepositoryResource(null, null, null, null, null, null, null,null, MockProvider.of(permissionRootResource))), null);
|
||||||
dispatcher.getRegistry().addSingletonResource(repositoryRootResource);
|
dispatcher.getRegistry().addSingletonResource(repositoryRootResource);
|
||||||
@@ -150,8 +145,7 @@ public class PermissionRootResourceTest {
|
|||||||
Stream<DynamicTest> missedPermissionUserForbiddenTestFactory() {
|
Stream<DynamicTest> missedPermissionUserForbiddenTestFactory() {
|
||||||
Repository mockRepository = mock(Repository.class);
|
Repository mockRepository = mock(Repository.class);
|
||||||
when(mockRepository.getId()).thenReturn(REPOSITORY_NAME);
|
when(mockRepository.getId()).thenReturn(REPOSITORY_NAME);
|
||||||
doThrow(AuthorizationException.class).when(permissionRootResource).checkUserPermitted(mockRepository);
|
doThrow(AuthorizationException.class).when(repositoryManager).get(any(NamespaceAndName.class));
|
||||||
when(repositoryManager.get(any(NamespaceAndName.class))).thenReturn(mockRepository);
|
|
||||||
return createDynamicTestsToAssertResponses(
|
return createDynamicTestsToAssertResponses(
|
||||||
requestGETPermission.expectedResponseStatus(403),
|
requestGETPermission.expectedResponseStatus(403),
|
||||||
requestPOSTPermission.expectedResponseStatus(403),
|
requestPOSTPermission.expectedResponseStatus(403),
|
||||||
@@ -321,7 +315,6 @@ public class PermissionRootResourceTest {
|
|||||||
when(mockRepository.getId()).thenReturn(REPOSITORY_NAME);
|
when(mockRepository.getId()).thenReturn(REPOSITORY_NAME);
|
||||||
when(mockRepository.getNamespace()).thenReturn(REPOSITORY_NAMESPACE);
|
when(mockRepository.getNamespace()).thenReturn(REPOSITORY_NAMESPACE);
|
||||||
when(mockRepository.getName()).thenReturn(REPOSITORY_NAME);
|
when(mockRepository.getName()).thenReturn(REPOSITORY_NAME);
|
||||||
doNothing().when(permissionRootResource).checkUserPermitted(mockRepository);
|
|
||||||
when(repositoryManager.get(any(NamespaceAndName.class))).thenReturn(mockRepository);
|
when(repositoryManager.get(any(NamespaceAndName.class))).thenReturn(mockRepository);
|
||||||
return mockRepository;
|
return mockRepository;
|
||||||
}
|
}
|
||||||
@@ -344,9 +337,9 @@ public class PermissionRootResourceTest {
|
|||||||
.contentType(VndMediaType.PERMISSION);
|
.contentType(VndMediaType.PERMISSION);
|
||||||
dispatcher.invoke(request, response);
|
dispatcher.invoke(request, response);
|
||||||
log.info("Test the Request :{}", entry);
|
log.info("Test the Request :{}", entry);
|
||||||
assertThat(entry.expectedResponseStatus)
|
assertThat(response.getStatus())
|
||||||
.as("assert status code")
|
.as("assert status code")
|
||||||
.isEqualTo(response.getStatus());
|
.isEqualTo(entry.expectedResponseStatus);
|
||||||
if (entry.responseValidator != null) {
|
if (entry.responseValidator != null) {
|
||||||
entry.responseValidator.accept(response);
|
entry.responseValidator.accept(response);
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user