[jboss-svn-commits] JBL Code SVN: r25569 - in labs/jbossrules/trunk/drools-guvnor/src: main/java/org/drools/guvnor/server/files and 1 other directories.
jboss-svn-commits at lists.jboss.org
jboss-svn-commits at lists.jboss.org
Tue Mar 10 05:39:35 EDT 2009
Author: michael.neale at jboss.com
Date: 2009-03-10 05:39:34 -0400 (Tue, 10 Mar 2009)
New Revision: 25569
Modified:
labs/jbossrules/trunk/drools-guvnor/src/main/java/org/drools/guvnor/public/version.txt
labs/jbossrules/trunk/drools-guvnor/src/main/java/org/drools/guvnor/server/files/FeedServlet.java
labs/jbossrules/trunk/drools-guvnor/src/main/java/org/drools/guvnor/server/files/RepositoryServlet.java
labs/jbossrules/trunk/drools-guvnor/src/test/java/org/drools/guvnor/server/files/FeedServletTest.java
Log:
tidied up authorization code a bit
Modified: labs/jbossrules/trunk/drools-guvnor/src/main/java/org/drools/guvnor/public/version.txt
===================================================================
--- labs/jbossrules/trunk/drools-guvnor/src/main/java/org/drools/guvnor/public/version.txt 2009-03-10 09:30:20 UTC (rev 25568)
+++ labs/jbossrules/trunk/drools-guvnor/src/main/java/org/drools/guvnor/public/version.txt 2009-03-10 09:39:34 UTC (rev 25569)
@@ -1 +1 @@
-5.0.0.SNAPSHOT 25566M
\ No newline at end of file
+5.0.0.SNAPSHOT 25566:25567M
\ No newline at end of file
Modified: labs/jbossrules/trunk/drools-guvnor/src/main/java/org/drools/guvnor/server/files/FeedServlet.java
===================================================================
--- labs/jbossrules/trunk/drools-guvnor/src/main/java/org/drools/guvnor/server/files/FeedServlet.java 2009-03-10 09:30:20 UTC (rev 25568)
+++ labs/jbossrules/trunk/drools-guvnor/src/main/java/org/drools/guvnor/server/files/FeedServlet.java 2009-03-10 09:39:34 UTC (rev 25569)
@@ -9,6 +9,7 @@
import org.drools.util.StringUtils;
import org.jboss.seam.contexts.Contexts;
import org.jboss.seam.security.Identity;
+import org.jboss.seam.security.AuthorizationException;
import org.apache.jackrabbit.util.ISO8601;
import org.mvel2.templates.TemplateRuntime;
@@ -26,20 +27,26 @@
@Override
protected void doGet(final HttpServletRequest request, final HttpServletResponse response) throws ServletException, IOException {
- String url = request.getRequestURI();
- if (url.indexOf("feed/package") > -1) {
- doAuthorizedAction(request, response, new A() {
- public void a() throws Exception {
- doPackageFeed(request, response);
- }
- });
- } else if (url.indexOf("feed/category") > -1) {
- doAuthorizedAction(request, response, new A() {
- public void a() throws Exception {
- doCategoryFeed(request, response);
- }
- });
- }
+ try {
+ String url = request.getRequestURI();
+ if (url.indexOf("feed/package") > -1) {
+ doAuthorizedAction(request, response, new A() {
+ public void a() throws Exception {
+ doPackageFeed(request, response);
+ }
+ });
+ } else if (url.indexOf("feed/category") > -1) {
+ doAuthorizedAction(request, response, new A() {
+ public void a() throws Exception {
+ doCategoryFeed(request, response);
+ }
+ });
+ }
+ } catch (AuthorizationException e) {
+ response.setHeader("WWW-Authenticate", "BASIC realm=\"users\"");
+ response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
+ }
+
}
@@ -57,7 +64,7 @@
response.getOutputStream().print(feed.getAtom());
}
- private void checkCategoryPermission(String cat) {
+ void checkCategoryPermission(String cat) {
if ( Contexts.isSessionContextActive() ) {
Identity.instance().checkPermission( new CategoryPathType( cat ),
RoleTypes.ANALYST_READ );
@@ -92,7 +99,7 @@
}
- private void checkPackageReadPermission(String packageName) {
+ void checkPackageReadPermission(String packageName) {
if ( Contexts.isSessionContextActive() ) {
Identity.instance().checkPermission( new PackageNameType( packageName ),
RoleTypes.PACKAGE_READONLY);
Modified: labs/jbossrules/trunk/drools-guvnor/src/main/java/org/drools/guvnor/server/files/RepositoryServlet.java
===================================================================
--- labs/jbossrules/trunk/drools-guvnor/src/main/java/org/drools/guvnor/server/files/RepositoryServlet.java 2009-03-10 09:30:20 UTC (rev 25568)
+++ labs/jbossrules/trunk/drools-guvnor/src/main/java/org/drools/guvnor/server/files/RepositoryServlet.java 2009-03-10 09:39:34 UTC (rev 25569)
@@ -91,10 +91,13 @@
else {
try {
action.a();
+ } catch (RuntimeException e) {
+ log.error(e);
+ throw e;
} catch (Exception e) {
- log.error(e);
- throw new RuntimeException(e);
- }
+ log.error(e);
+ throw new RuntimeException(e);
+ }
}
}
@@ -115,8 +118,8 @@
if ( Contexts.isApplicationContextActive() ) {
// return (FileManagerUtils) Component.getInstance( "fileManager" );
Identity ids = Identity.instance();
- ids.setUsername(usr);
- ids.setPassword(pwd);
+ ids.getCredentials().setUsername(usr);
+ ids.getCredentials().setPassword(pwd);
try {
ids.authenticate();
return true;
Modified: labs/jbossrules/trunk/drools-guvnor/src/test/java/org/drools/guvnor/server/files/FeedServletTest.java
===================================================================
--- labs/jbossrules/trunk/drools-guvnor/src/test/java/org/drools/guvnor/server/files/FeedServletTest.java 2009-03-10 09:30:20 UTC (rev 25568)
+++ labs/jbossrules/trunk/drools-guvnor/src/test/java/org/drools/guvnor/server/files/FeedServletTest.java 2009-03-10 09:39:34 UTC (rev 25569)
@@ -7,6 +7,7 @@
import org.drools.guvnor.server.util.TestEnvironmentSessionHelper;
import org.drools.guvnor.server.ServiceImplementation;
import org.apache.util.Base64;
+import org.jboss.seam.security.AuthorizationException;
import javax.servlet.http.HttpServletResponse;
import java.io.ByteArrayOutputStream;
@@ -119,7 +120,7 @@
put("viewUrl", "http://foo.bar");
}
});
- FeedServlet fs = new FeedServlet();
+ MockFeedServlet fs = new MockFeedServlet();
ByteArrayOutputStream out = new ByteArrayOutputStream();
MockHTTPResponse res = new MockHTTPResponse(out);
fs.doGet(req, res);
@@ -138,7 +139,7 @@
put("status", "*");
}
});
- fs = new FeedServlet();
+ fs = new MockFeedServlet();
out = new ByteArrayOutputStream();
res = new MockHTTPResponse(out);
fs.doGet(req, res);
@@ -148,8 +149,32 @@
assertTrue(r.indexOf("asset1") > -1);
assertTrue(r.indexOf("http://foo.bar") > -1);
-
+
+ fs = new MockFeedServlet();
+ fs.throwAuthException = true;
+ out = new ByteArrayOutputStream();
+ res = new MockHTTPResponse(out);
+ fs.doGet(req, res);
+
+ assertEquals(HttpServletResponse.SC_UNAUTHORIZED, res.errorCode);
+
+
}
+
+ class MockFeedServlet extends FeedServlet {
+ boolean throwAuthException = false;
+ @Override
+ void checkCategoryPermission(String cat) {
+ if (throwAuthException) throw new AuthorizationException("NO");
+ super.checkCategoryPermission(cat); //To change body of overridden methods use File | Settings | File Templates.
+ }
+
+ @Override
+ void checkPackageReadPermission(String packageName) {
+ if (throwAuthException) throw new AuthorizationException("NO");
+ super.checkPackageReadPermission(packageName); //To change body of overridden methods use File | Settings | File Templates.
+ }
+ }
}
More information about the jboss-svn-commits
mailing list