merge with branch 1.x

2025-11-12 08:25:44 +01:00 · 2014-08-15 23:53:31 +02:00
parent 3abbff2317 b394950088
commit f1a0435014
45 changed files with 1512 additions and 244 deletions
--- a/scm-webapp/src/main/java/sonia/scm/api/rest/resources/CipherResource.java
+++ b/scm-webapp/src/main/java/sonia/scm/api/rest/resources/CipherResource.java
@@ -0,0 +1,86 @@
+/**
+ * Copyright (c) 2010, Sebastian Sdorra All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer. 2. Redistributions in
+ * binary form must reproduce the above copyright notice, this list of
+ * conditions and the following disclaimer in the documentation and/or other
+ * materials provided with the distribution. 3. Neither the name of SCM-Manager;
+ * nor the names of its contributors may be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * http://bitbucket.org/sdorra/scm-manager
+ *
+ */
+
+
+
+package sonia.scm.api.rest.resources;
+
+//~--- non-JDK imports --------------------------------------------------------
+
+import com.google.common.base.Preconditions;
+import com.google.common.base.Strings;
+
+import org.apache.shiro.SecurityUtils;
+
+import sonia.scm.security.CipherUtil;
+import sonia.scm.security.Role;
+
+//~--- JDK imports ------------------------------------------------------------
+
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.MediaType;
+
+/**
+ * Rest resource to encrypt values.
+ *
+ * @author Sebastian Sdorra
+ * @since 1.41
+ */
+@Path("security/cipher")
+public class CipherResource
+{
+
+  /**
+   * Encrypts the request body and returns an encrypted string. This method can
+   * only executed with administration privileges.<br />
+   * <br />
+   * <ul>
+   *   <li>200 success</li>
+   *   <li>500 internal server error</li>
+   * </ul>
+   *
+   * @param value value to encrypt
+   *
+   * @return unique key
+   */
+  @POST
+  @Path("encrypt")
+  @Produces(MediaType.TEXT_PLAIN)
+  public String encrypt(String value)
+  {
+    SecurityUtils.getSubject().checkRole(Role.ADMIN);
+
+    Preconditions.checkArgument(!Strings.isNullOrEmpty(value),
+      "value is required");
+
+    return CipherUtil.getInstance().encode(value);
+  }
+}
--- a/scm-webapp/src/main/java/sonia/scm/api/rest/resources/KeyResource.java
+++ b/scm-webapp/src/main/java/sonia/scm/api/rest/resources/KeyResource.java
@@ -0,0 +1,98 @@
+/**
+ * Copyright (c) 2010, Sebastian Sdorra All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer. 2. Redistributions in
+ * binary form must reproduce the above copyright notice, this list of
+ * conditions and the following disclaimer in the documentation and/or other
+ * materials provided with the distribution. 3. Neither the name of SCM-Manager;
+ * nor the names of its contributors may be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * http://bitbucket.org/sdorra/scm-manager
+ *
+ */
+
+
+
+package sonia.scm.api.rest.resources;
+
+//~--- non-JDK imports --------------------------------------------------------
+
+import com.google.inject.Inject;
+
+import org.apache.shiro.SecurityUtils;
+
+import sonia.scm.security.KeyGenerator;
+import sonia.scm.security.Role;
+
+//~--- JDK imports ------------------------------------------------------------
+
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.MediaType;
+
+/**
+ * Rest resource to generate unique keys.
+ *
+ * @author Sebastian Sdorra
+ * @since 1.41
+ */
+@Path("security/key")
+public class KeyResource
+{
+
+  /**
+   * Constructs a new KeyResource.
+   *
+   *
+   * @param keyGenerator key generator
+   */
+  @Inject
+  public KeyResource(KeyGenerator keyGenerator)
+  {
+    this.keyGenerator = keyGenerator;
+  }
+
+  //~--- methods --------------------------------------------------------------
+
+  /**
+   * Generates a unique key. This method can only executed with administration 
+   * privileges.<br />
+   * <br />
+   * <ul>
+   *   <li>200 success</li>
+   *   <li>500 internal server error</li>
+   * </ul>
+   *
+   * @return unique key
+   */
+  @GET
+  @Produces(MediaType.TEXT_PLAIN)
+  public String generateKey()
+  {
+    SecurityUtils.getSubject().checkRole(Role.ADMIN);
+
+    return keyGenerator.createKey();
+  }
+
+  //~--- fields ---------------------------------------------------------------
+
+  /** Field description */
+  private final KeyGenerator keyGenerator;
+}