Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2025-11-10 23:45:44 +01:00
Code Issues Packages Projects Releases Activity

Introduce new permissions for listings

Browse Source
This commit is contained in:
René Pfeuffer
2018-09-27 08:55:07 +02:00
parent 987cd54dc7
commit f74003e485
5 changed files with 47 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
scm-core/src/main/java/sonia/scm/config/Configuration.java
View File

@@ -22,7 +22,7 @@ import com.github.sdorra.ssp.StaticPermissions;
@StaticPermissions( @StaticPermissions(
value = "configuration", value = "configuration",
permissions = {"read", "write"}, permissions = {"read", "write"},
globalPermissions = {} globalPermissions = {"list"}
) )
public interface Configuration extends PermissionObject { public interface Configuration extends PermissionObject {
} }

2
scm-core/src/main/java/sonia/scm/group/Group.java
View File

@@ -60,7 +60,7 @@ import java.util.List;
* *
* @author Sebastian Sdorra * @author Sebastian Sdorra
*/ */
@StaticPermissions("group") @StaticPermissions(value = "group", globalPermissions = {"create", "list"})
@XmlRootElement(name = "groups") @XmlRootElement(name = "groups")
@XmlAccessorType(XmlAccessType.FIELD) @XmlAccessorType(XmlAccessType.FIELD)
public class Group extends BasicPropertiesAware public class Group extends BasicPropertiesAware

2
scm-core/src/main/java/sonia/scm/user/User.java
View File

@@ -55,7 +55,7 @@ import java.security.Principal;
* *
* @author Sebastian Sdorra * @author Sebastian Sdorra
*/ */
@StaticPermissions("user") @StaticPermissions(value = "user", globalPermissions = {"create", "list"})
@XmlRootElement(name = "users") @XmlRootElement(name = "users")
@XmlAccessorType(XmlAccessType.FIELD) @XmlAccessorType(XmlAccessType.FIELD)
public class public class

13
scm-webapp/src/main/java/sonia/scm/api/v2/resources/IndexDtoGenerator.java
View File

@@ -3,6 +3,9 @@ package sonia.scm.api.v2.resources;
import de.otto.edison.hal.Link; import de.otto.edison.hal.Link;
import de.otto.edison.hal.Links; import de.otto.edison.hal.Links;
import org.apache.shiro.SecurityUtils; import org.apache.shiro.SecurityUtils;
import sonia.scm.config.ConfigurationPermissions;
import sonia.scm.group.GroupPermissions;
import sonia.scm.user.UserPermissions;
import javax.inject.Inject; import javax.inject.Inject;
@@ -22,6 +25,16 @@ public class IndexDtoGenerator {
Link.link("me", resourceLinks.me().self()), Link.link("me", resourceLinks.me().self()),
Link.link("logout", resourceLinks.authentication().logout()) Link.link("logout", resourceLinks.authentication().logout())
); );
if (UserPermissions.list().isPermitted()) {
builder.single(Link.link("users", resourceLinks.userCollection().self()));
}
if (GroupPermissions.list().isPermitted()) {
builder.single(Link.link("groups", resourceLinks.groupCollection().self()));
}
if (ConfigurationPermissions.list().isPermitted()) {
builder.single(Link.link("configuration", resourceLinks.config().self()));
}
builder.single(Link.link("repositories", resourceLinks.repositoryCollection().self()));
} else { } else {
builder.single( builder.single(
Link.link("formLogin", resourceLinks.authentication().formLogin()), Link.link("formLogin", resourceLinks.authentication().formLogin()),

31
scm-webapp/src/test/java/sonia/scm/api/v2/resources/IndexResourceTest.java
View File

@@ -3,12 +3,15 @@ package sonia.scm.api.v2.resources;
import com.github.sdorra.shiro.ShiroRule; import com.github.sdorra.shiro.ShiroRule;
import com.github.sdorra.shiro.SubjectAware; import com.github.sdorra.shiro.SubjectAware;
import org.assertj.core.api.Assertions; import org.assertj.core.api.Assertions;
import org.assertj.core.api.Condition;
import org.junit.Rule; import org.junit.Rule;
import org.junit.Test; import org.junit.Test;
import java.net.URI; import java.net.URI;
import java.util.Optional; import java.util.Optional;
import static org.mockito.AdditionalMatchers.not;
@SubjectAware(configuration = "classpath:sonia/scm/shiro-001.ini") @SubjectAware(configuration = "classpath:sonia/scm/shiro-001.ini")
public class IndexResourceTest { public class IndexResourceTest {
@@ -41,4 +44,32 @@ public class IndexResourceTest {
Assertions.assertThat(index.getLinks().getLinkBy("logout")).matches(Optional::isPresent); Assertions.assertThat(index.getLinks().getLinkBy("logout")).matches(Optional::isPresent);
} }
@Test
@SubjectAware(username = "trillian", password = "secret")
public void shouldRenderRepositoriesForAuthenticatedRequest() {
IndexDto index = indexResource.getIndex();
Assertions.assertThat(index.getLinks().getLinkBy("repositories")).matches(Optional::isPresent);
}
@Test
@SubjectAware(username = "trillian", password = "secret")
public void shouldNotRenderUserCollectionIfNotAuthorized() {
IndexDto index = indexResource.getIndex();
Assertions.assertThat(index.getLinks().getLinkBy("users")).matches(o -> !o.isPresent());
Assertions.assertThat(index.getLinks().getLinkBy("groups")).matches(o -> !o.isPresent());
Assertions.assertThat(index.getLinks().getLinkBy("configuration")).matches(o -> !o.isPresent());
}
@Test
@SubjectAware(username = "dent", password = "secret")
public void shouldRenderUserCollectionIfAuthorized() {
IndexDto index = indexResource.getIndex();
Assertions.assertThat(index.getLinks().getLinkBy("users")).matches(Optional::isPresent);
Assertions.assertThat(index.getLinks().getLinkBy("groups")).matches(Optional::isPresent);
Assertions.assertThat(index.getLinks().getLinkBy("configuration")).matches(Optional::isPresent);
}
} }