Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2025-11-13 08:55:44 +01:00
Code Issues Packages Projects Releases Activity

Fix verbs for repository and rename class

Browse Source
This commit is contained in:
René Pfeuffer
2019-01-23 12:22:06 +01:00
parent 7e9d60fa8d
commit fdf4421a55
5 changed files with 127 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
scm-webapp/src/main/java/sonia/scm/api/v2/resources/RepositoryPermissionResource.java Normal file
View File

@@ -0,0 +1,50 @@
package sonia.scm.api.v2.resources;
import com.webcohesion.enunciate.metadata.rs.ResponseCode;
import com.webcohesion.enunciate.metadata.rs.StatusCodes;
import sonia.scm.security.RepositoryPermissionProvider;
import sonia.scm.web.VndMediaType;
import javax.inject.Inject;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import java.util.Collection;
/**
* RESTful Web Service Resource to get available repository types.
*/
@Path(RepositoryPermissionResource.PATH)
public class RepositoryPermissionResource {
static final String PATH = "v2/repositoryPermissions/";
private final RepositoryPermissionProvider repositoryPermissionProvider;
@Inject
public RepositoryPermissionResource(RepositoryPermissionProvider repositoryPermissionProvider) {
this.repositoryPermissionProvider = repositoryPermissionProvider;
}
@GET
@Path("verbs")
@StatusCodes({
@ResponseCode(code = 200, condition = "success"),
@ResponseCode(code = 500, condition = "internal server error")
})
@Produces(VndMediaType.REPOSITORY_TYPE_COLLECTION)
public Collection<String> getRepositoryPermissionVerbs() {
return repositoryPermissionProvider.availableVerbs();
}
@GET
@Path("roles")
@StatusCodes({
@ResponseCode(code = 200, condition = "success"),
@ResponseCode(code = 500, condition = "internal server error")
})
@Produces(VndMediaType.REPOSITORY_TYPE_COLLECTION)
public Collection getRepositoryRoles() {
return repositoryPermissionProvider.availableRoles();
}
}

11
scm-webapp/src/main/java/sonia/scm/security/RepositoryPermissions.java → scm-webapp/src/main/java/sonia/scm/security/RepositoryPermissionProvider.java
View File

@@ -21,15 +21,15 @@ import java.util.Enumeration;
import java.util.List; import java.util.List;
import java.util.stream.Collectors; import java.util.stream.Collectors;
public class RepositoryPermissions { public class RepositoryPermissionProvider {
private static final Logger logger = LoggerFactory.getLogger(RepositoryPermissions.class); private static final Logger logger = LoggerFactory.getLogger(RepositoryPermissionProvider.class);
private static final String REPOSITORY_PERMISSION_DESCRIPTOR = "META-INF/scm/repository-permissions.xml"; private static final String REPOSITORY_PERMISSION_DESCRIPTOR = "META-INF/scm/repository-permissions.xml";
private final ConfigurationEntryStoreFactory storeFactory; private final ConfigurationEntryStoreFactory storeFactory;
private final AvailableRepositoryPermissions availablePermissions; private final AvailableRepositoryPermissions availablePermissions;
@Inject @Inject
public RepositoryPermissions(ConfigurationEntryStoreFactory storeFactory, PluginLoader pluginLoader) { public RepositoryPermissionProvider(ConfigurationEntryStoreFactory storeFactory, PluginLoader pluginLoader) {
this.storeFactory = storeFactory; this.storeFactory = storeFactory;
this.availablePermissions = readAvailablePermissions(pluginLoader); this.availablePermissions = readAvailablePermissions(pluginLoader);
} }
@@ -57,7 +57,7 @@ public class RepositoryPermissions {
while (descriptorEnum.hasMoreElements()) { while (descriptorEnum.hasMoreElements()) {
URL descriptorUrl = descriptorEnum.nextElement(); URL descriptorUrl = descriptorEnum.nextElement();
logger.debug("read permission descriptor from {}", descriptorUrl); logger.debug("read repository permission descriptor from {}", descriptorUrl);
RepositoryPermissionsRoot repositoryPermissionsRoot = parsePermissionDescriptor(context, descriptorUrl); RepositoryPermissionsRoot repositoryPermissionsRoot = parsePermissionDescriptor(context, descriptorUrl);
availableVerbs.addAll(repositoryPermissionsRoot.verbs.verbs); availableVerbs.addAll(repositoryPermissionsRoot.verbs.verbs);
@@ -79,7 +79,8 @@ public class RepositoryPermissions {
RepositoryPermissionsRoot descriptorWrapper = RepositoryPermissionsRoot descriptorWrapper =
(RepositoryPermissionsRoot) context.createUnmarshaller().unmarshal( (RepositoryPermissionsRoot) context.createUnmarshaller().unmarshal(
descriptorUrl); descriptorUrl);
logger.trace("permissions from {}: {}", descriptorUrl, descriptorWrapper); logger.trace("repository permissions from {}: {}", descriptorUrl, descriptorWrapper.verbs.verbs);
logger.trace("repository roles from {}: {}", descriptorUrl, descriptorWrapper.roles.roles);
return descriptorWrapper; return descriptorWrapper;
} catch (JAXBException ex) { } catch (JAXBException ex) {
logger.error("could not parse permission descriptor", ex); logger.error("could not parse permission descriptor", ex);

11
scm-webapp/src/main/resources/META-INF/scm/repository-permissions.xml
View File

@@ -1,7 +1,14 @@
<repository-permissions> <repository-permissions>
<verbs> <verbs>
<verb>abc</verb> <verb>read</verb>
<verb>xyz</verb> <verb>modify</verb>
<verb>delete</verb>
<verb>delete</verb>
<verb>healthCheck</verb>
<verb>pull</verb>
<verb>push</verb>
<verb>permissionRead</verb>
<verb>permissionWrite</verb>
</verbs> </verbs>
<roles> <roles>
<role> <role>

62
scm-webapp/src/test/java/sonia/scm/security/RepositoryPermissionProviderTest.java Normal file
View File

@@ -0,0 +1,62 @@
package sonia.scm.security;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import sonia.scm.plugin.PluginLoader;
import sonia.scm.repository.RepositoryPermissions;
import sonia.scm.store.ConfigurationEntryStoreFactory;
import sonia.scm.util.ClassLoaders;
import java.lang.reflect.Field;
import java.util.Arrays;
import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.jupiter.api.Assertions.fail;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
class RepositoryPermissionProviderTest {
private RepositoryPermissionProvider repositoryPermissionProvider;
private String[] allVerbsFromRepositoryClass;
@BeforeEach
void init() {
PluginLoader pluginLoader = mock(PluginLoader.class);
when(pluginLoader.getUberClassLoader()).thenReturn(ClassLoaders.getContextClassLoader(DefaultSecuritySystem.class));
ConfigurationEntryStoreFactory configurationEntryStoreFactory = mock(ConfigurationEntryStoreFactory.class);
repositoryPermissionProvider = new RepositoryPermissionProvider(configurationEntryStoreFactory, pluginLoader);
allVerbsFromRepositoryClass = Arrays.stream(RepositoryPermissions.class.getDeclaredFields())
.filter(field -> field.getName().startsWith("ACTION_"))
.map(this::getString)
.filter(verb -> !"create".equals(verb))
.toArray(String[]::new);
}
@Test
void shouldReadAvailableRoles() {
assertThat(repositoryPermissionProvider.availableRoles()).isNotEmpty();
assertThat(repositoryPermissionProvider.availableRoles()).allSatisfy(this::eitherStarOrOnlyAvailableVerbs);
}
private void eitherStarOrOnlyAvailableVerbs(RepositoryPermissionProvider.RoleDescriptor role) {
if (!role.getVerbs().contains("*") || role.getVerbs().size() > 1) {
assertThat(role.getVerbs()).isSubsetOf(allVerbsFromRepositoryClass);
}
}
@Test
void shouldReadAvailableVerbsFromRepository() {
assertThat(repositoryPermissionProvider.availableVerbs()).contains(allVerbsFromRepositoryClass);
}
private String getString(Field field) {
try {
return (String) field.get(null);
} catch (IllegalAccessException e) {
fail(e);
return null;
}
}
}

36
scm-webapp/src/test/java/sonia/scm/security/RepositoryPermissionsTest.java
View File

@@ -1,36 +0,0 @@
package sonia.scm.security;
import org.assertj.core.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import sonia.scm.plugin.PluginLoader;
import sonia.scm.store.ConfigurationEntryStoreFactory;
import sonia.scm.util.ClassLoaders;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
class RepositoryPermissionsTest {
private RepositoryPermissions repositoryPermissions;
@BeforeEach
void init() {
PluginLoader pluginLoader = mock(PluginLoader.class);
when(pluginLoader.getUberClassLoader()).thenReturn(ClassLoaders.getContextClassLoader(DefaultSecuritySystem.class));
ConfigurationEntryStoreFactory configurationEntryStoreFactory = mock(ConfigurationEntryStoreFactory.class);
repositoryPermissions = new RepositoryPermissions(configurationEntryStoreFactory, pluginLoader);
}
@Test
void shouldReadAvailableRoles() {
Assertions.assertThat(repositoryPermissions.availableRoles()).isNotEmpty().noneMatch(r -> r.getVerbs().isEmpty());
System.out.println(repositoryPermissions.availableRoles());
}
@Test
void shouldReadAvailableVerbs() {
Assertions.assertThat(repositoryPermissions.availableVerbs()).isNotEmpty();
System.out.println(repositoryPermissions.availableVerbs());
}
}