added assigned permissions to ScmState

2025-11-18 03:01:05 +01:00 · 2013-05-26 13:14:59 +02:00
parent d2097bda05
commit ea39ecb365
6 changed files with 144 additions and 11 deletions
--- a/scm-core/src/main/java/sonia/scm/ScmState.java
+++ b/scm-core/src/main/java/sonia/scm/ScmState.java
@@ -126,7 +126,7 @@ public class ScmState
    String defaultUserType, ScmClientConfig clientConfig)
  {
    this(provider, user, groups, repositoryTypes, defaultUserType,
-      clientConfig, null);
+      clientConfig, null, null);
  }

  /**
@@ -139,6 +139,7 @@ public class ScmState
   * @param repositoryTypes available repository types
   * @param defaultUserType default user type
   * @param clientConfig client configuration
+   * @param assignedPermission
   * @param availablePermissions list of available permissions
   *
   * @since 1.31
@@ -146,6 +147,7 @@ public class ScmState
  public ScmState(SCMContextProvider provider, User user,
    Collection<String> groups, Collection<Type> repositoryTypes,
    String defaultUserType, ScmClientConfig clientConfig,
+    List<String> assignedPermission,
    List<PermissionDescriptor> availablePermissions)
  {
    this.version = provider.getVersion();
@@ -154,11 +156,24 @@ public class ScmState
    this.repositoryTypes = repositoryTypes;
    this.clientConfig = clientConfig;
    this.defaultUserType = defaultUserType;
+    this.assignedPermissions = assignedPermission;
    this.availablePermissions = availablePermissions;
  }

  //~--- get methods ----------------------------------------------------------

+  /**
+   * Return a list of assigned permissions.
+   *
+   *
+   * @return list of assigned permissions
+   * @since 1.31
+   */
+  public List<String> getAssignedPermissions()
+  {
+    return assignedPermissions;
+  }
+
  /**
   * Returns a list of available global permissions.
   *
@@ -253,6 +268,18 @@ public class ScmState

  //~--- set methods ----------------------------------------------------------

+  /**
+   * Sets a list of assigned permissions.
+   *
+   *
+   * @param assignedPermissions list of assigned permissions
+   * @since 1.31
+   */
+  public void setAssignedPermissions(List<String> assignedPermissions)
+  {
+    this.assignedPermissions = assignedPermissions;
+  }
+
  /**
   * Sets a list of available global permissions.
   *
@@ -349,6 +376,9 @@ public class ScmState

  //~--- fields ---------------------------------------------------------------

+  /** Field description */
+  private List<String> assignedPermissions;
+
  /**
   * Avaliable global permission
   * @since 1.31
--- a/scm-core/src/main/java/sonia/scm/security/RepositoryPermission.java
+++ b/scm-core/src/main/java/sonia/scm/security/RepositoryPermission.java
@@ -30,6 +30,7 @@
 */


+
 package sonia.scm.security;

 //~--- non-JDK imports --------------------------------------------------------
@@ -51,9 +52,16 @@ import java.io.Serializable;
 * @author Sebastian Sdorra
 * @since 1.21
 */
-public final class RepositoryPermission implements Permission, Serializable
+public final class RepositoryPermission
+  implements StringablePermission, Serializable
 {

+  /**
+   * Type string of the permission
+   * @since 1.31
+   */
+  public static final String TYPE = "repository";
+
  /** Field description */
  public static final String WILDCARD = "*";

@@ -175,6 +183,22 @@ public final class RepositoryPermission implements Permission, Serializable

  //~--- get methods ----------------------------------------------------------

+  /**
+   * Method description
+   *
+   *
+   * @return
+   */
+  @Override
+  public String getAsString()
+  {
+    StringBuilder buffer = new StringBuilder(TYPE);
+
+    buffer.append(":").append(repositoryId).append(":").append(permissionType);
+
+    return buffer.toString();
+  }
+
  /**
   * Method description
   *
--- a/scm-core/src/main/java/sonia/scm/security/StringablePermission.java
+++ b/scm-core/src/main/java/sonia/scm/security/StringablePermission.java
@@ -0,0 +1,55 @@
+/**
+ * Copyright (c) 2010, Sebastian Sdorra All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer. 2. Redistributions in
+ * binary form must reproduce the above copyright notice, this list of
+ * conditions and the following disclaimer in the documentation and/or other
+ * materials provided with the distribution. 3. Neither the name of SCM-Manager;
+ * nor the names of its contributors may be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * http://bitbucket.org/sdorra/scm-manager
+ *
+ */
+
+
+
+package sonia.scm.security;
+
+//~--- non-JDK imports --------------------------------------------------------
+
+import org.apache.shiro.authz.Permission;
+
+/**
+ * Permission that can be represented by a string. {@link StringablePermission}
+ * are the only permissions which are pushed to the ui.
+ *
+ * @author Sebastian Sdorra
+ * @since 1.31
+ */
+public interface StringablePermission extends Permission
+{
+
+  /**
+   * Return string representation of the permission.
+   *
+   *
+   * @return string representation of the permission
+   */
+  public String getAsString();
+}
--- a/scm-webapp/src/main/java/sonia/scm/api/rest/resources/AuthenticationResource.java
+++ b/scm-webapp/src/main/java/sonia/scm/api/rest/resources/AuthenticationResource.java
@@ -35,11 +35,14 @@ package sonia.scm.api.rest.resources;

 //~--- non-JDK imports --------------------------------------------------------

+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableList.Builder;
 import com.google.inject.Inject;
 import com.google.inject.Singleton;

 import org.apache.shiro.SecurityUtils;
 import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authz.Permission;
 import org.apache.shiro.subject.PrincipalCollection;
 import org.apache.shiro.subject.Subject;

@@ -56,9 +59,11 @@ import sonia.scm.ScmState;
 import sonia.scm.config.ScmConfiguration;
 import sonia.scm.group.GroupNames;
 import sonia.scm.repository.RepositoryManager;
+import sonia.scm.security.PermissionCollector;
 import sonia.scm.security.PermissionDescriptor;
 import sonia.scm.security.Role;
 import sonia.scm.security.SecuritySystem;
+import sonia.scm.security.StringablePermission;
 import sonia.scm.security.Tokens;
 import sonia.scm.user.User;
 import sonia.scm.user.UserManager;
@@ -110,17 +115,20 @@ public class AuthenticationResource
   * @param userManager
   * @param securityContextProvider
   * @param securitySystem
+   * @param collector
   */
  @Inject
  public AuthenticationResource(SCMContextProvider contextProvider,
    ScmConfiguration configuration, RepositoryManager repositoryManger,
-    UserManager userManager, SecuritySystem securitySystem)
+    UserManager userManager, SecuritySystem securitySystem,
+    PermissionCollector collector)
  {
    this.contextProvider = contextProvider;
    this.configuration = configuration;
    this.repositoryManger = repositoryManger;
    this.userManager = userManager;
    this.securitySystem = securitySystem;
+    this.permissionCollector = collector;
  }

  //~--- methods --------------------------------------------------------------
@@ -302,7 +310,7 @@ public class AuthenticationResource
  private ScmState createAnonymousState()
  {
    return createState(SCMContext.ANONYMOUS, Collections.EMPTY_LIST,
-      Collections.EMPTY_LIST);
+      Collections.EMPTY_LIST, Collections.EMPTY_LIST);
  }

  /**
@@ -328,7 +336,18 @@ public class AuthenticationResource
      ap = securitySystem.getAvailablePermissions();
    }

-    return createState(user, groups.getCollection(), ap);
+    Builder<String> builder = ImmutableList.builder();
+
+    for (Permission p : permissionCollector.collect(user, groups))
+    {
+      if (p instanceof StringablePermission)
+      {
+        builder.add(((StringablePermission) p).getAsString());
+      }
+
+    }
+
+    return createState(user, groups.getCollection(), builder.build(), ap);
  }

  /**
@@ -337,16 +356,19 @@ public class AuthenticationResource
   *
   * @param user
   * @param groups
+   * @param assignedPermissions
   * @param availablePermissions
   *
   * @return
   */
  private ScmState createState(User user, Collection<String> groups,
+    List<String> assignedPermissions,
    List<PermissionDescriptor> availablePermissions)
  {
    return new ScmState(contextProvider, user, groups,
      repositoryManger.getConfiguredTypes(), userManager.getDefaultType(),
-      new ScmClientConfig(configuration), availablePermissions);
+      new ScmClientConfig(configuration), assignedPermissions,
+      availablePermissions);
  }

  //~--- fields ---------------------------------------------------------------
@@ -357,6 +379,9 @@ public class AuthenticationResource
  /** Field description */
  private SCMContextProvider contextProvider;

+  /** Field description */
+  private PermissionCollector permissionCollector;
+
  /** Field description */
  private RepositoryManager repositoryManger;

--- a/scm-webapp/src/main/java/sonia/scm/security/PermissionCollector.java
+++ b/scm-webapp/src/main/java/sonia/scm/security/PermissionCollector.java
@@ -34,6 +34,7 @@ package sonia.scm.security;
 //~--- non-JDK imports --------------------------------------------------------

 import com.google.common.base.Predicate;
+import com.google.common.collect.ImmutableList;
 import com.google.common.collect.ImmutableList.Builder;
 import com.google.inject.Inject;
 import com.google.inject.Singleton;
@@ -100,7 +101,7 @@ public class PermissionCollector
   */
  public List<Permission> collect(User user, GroupNames groups)
  {
-    Builder<Permission> builder = new Builder<Permission>();
+    Builder<Permission> builder = ImmutableList.builder();

    collectRepositoryPermissions(builder, user, groups);
    collectGlobalPermissions(builder, user, groups);
--- a/scm-webapp/src/main/java/sonia/scm/security/RepositoryPermissionResolver.java
+++ b/scm-webapp/src/main/java/sonia/scm/security/RepositoryPermissionResolver.java
@@ -30,6 +30,7 @@
 */


+
 package sonia.scm.security;

 //~--- non-JDK imports --------------------------------------------------------
@@ -55,9 +56,6 @@ import java.util.Locale;
 public class RepositoryPermissionResolver implements PermissionResolver
 {

-  /** Field description */
-  private static final String TYPE_REPOSITORY = "repository";
-
  /**
   * the logger for RepositoryPermissionResolver
   */
@@ -86,7 +84,7 @@ public class RepositoryPermissionResolver implements PermissionResolver
    {
      String type = permissionIt.next();

-      if (type.equals(TYPE_REPOSITORY))
+      if (type.equals(RepositoryPermission.TYPE))
      {
        permission = createRepositoryPermission(permissionIt);
      }