Examples with AuthorizationFramework org.opensolaris.opengrok.authorization.AuthorizationFramework used on opensource projects

Example 1 with AuthorizationFramework

use of org.opensolaris.opengrok.authorization.AuthorizationFramework in project OpenGrok by OpenGrok.

the class ProjectHelperTestBase method setUp.

@Before
public void setUp() {
    Assert.assertEquals("Should contain 4 groups", 4, env.getGroups().size());
    Assert.assertEquals("Should contain 40 project", 40, env.getProjects().size());
    Assert.assertEquals("Should contain 20 repositories", 20, env.getRepositories().size());
    Assert.assertNotNull("Repository map should not be null", env.getProjectRepositoriesMap());
    Assert.assertEquals("Repository map should contain 20 project", 20, env.getProjectRepositoriesMap().size());
    env.setAuthorizationFramework(new AuthorizationFramework());
    env.getAuthorizationFramework().reload();
    IAuthorizationPlugin plugin = new TestPlugin() {

        @Override
        public boolean isAllowed(HttpServletRequest request, Project project) {
            return project.getName().startsWith("allowed");
        }

        @Override
        public boolean isAllowed(HttpServletRequest request, Group group) {
            return group.getName().startsWith("allowed");
        }
    };
    invokeAddPlugin(plugin);
    cfg = PageConfig.get(getRequest());
    helper = cfg.getProjectHelper();
}

Example 2 with AuthorizationFramework

use of org.opensolaris.opengrok.authorization.AuthorizationFramework in project OpenGrok by OpenGrok.

the class WebappListener method contextInitialized.

/**
 * {@inheritDoc}
 */
@Override
public void contextInitialized(final ServletContextEvent servletContextEvent) {
    ServletContext context = servletContextEvent.getServletContext();
    RuntimeEnvironment env = RuntimeEnvironment.getInstance();
    String config = context.getInitParameter("CONFIGURATION");
    if (config == null) {
        LOGGER.severe("CONFIGURATION section missing in web.xml");
    } else {
        try {
            env.readConfiguration(new File(config));
        } catch (IOException ex) {
            LOGGER.log(Level.WARNING, "OpenGrok Configuration error. Failed to read config file: ", ex);
        }
    }
    /**
     * Create a new instance of authorization framework. If the code above
     * (reading the configuration) failed then the plugin directory is
     * possibly {@code null} causing the framework to allow every request.
     */
    env.setAuthorizationFramework(new AuthorizationFramework(env.getPluginDirectory(), env.getPluginStack()));
    env.getAuthorizationFramework().reload();
    String address = context.getInitParameter("ConfigAddress");
    if (address != null && address.length() > 0) {
        LOGGER.log(Level.CONFIG, "Will listen for configuration on [{0}]", address);
        String[] cfg = address.split(":");
        if (cfg.length == 2) {
            try {
                SocketAddress addr = new InetSocketAddress(InetAddress.getByName(cfg[0]), Integer.parseInt(cfg[1]));
                if (!RuntimeEnvironment.getInstance().startConfigurationListenerThread(addr)) {
                    LOGGER.log(Level.SEVERE, "OpenGrok: Failed to start configuration listener thread");
                }
            } catch (NumberFormatException | UnknownHostException ex) {
                LOGGER.log(Level.SEVERE, "OpenGrok: Failed to start configuration listener thread:", ex);
            }
        } else {
            LOGGER.log(Level.SEVERE, "Incorrect format for the configuration address: ");
            for (int i = 0; i < cfg.length; ++i) {
                LOGGER.log(Level.SEVERE, "[{0}]", cfg[i]);
            }
        }
    }
    try {
        RuntimeEnvironment.getInstance().loadStatistics();
    } catch (IOException ex) {
        LOGGER.log(Level.INFO, "Could not load statistics from a file.", ex);
    } catch (ParseException ex) {
        LOGGER.log(Level.SEVERE, "Could not parse statistics from a file.", ex);
    }
    if (env.getConfiguration().getPluginDirectory() != null && env.isAuthorizationWatchdog()) {
        RuntimeEnvironment.getInstance().startWatchDogService(new File(env.getConfiguration().getPluginDirectory()));
    }
    RuntimeEnvironment.getInstance().startExpirationTimer();
    try {
        RuntimeEnvironment.getInstance().loadStatistics();
    } catch (IOException ex) {
        LOGGER.log(Level.INFO, "Could not load statistics from a file.", ex);
    } catch (ParseException ex) {
        LOGGER.log(Level.SEVERE, "Could not parse statistics from a file.", ex);
    }
}

Example 3 with AuthorizationFramework

use of org.opensolaris.opengrok.authorization.AuthorizationFramework in project OpenGrok by OpenGrok.

the class PageConfigTest method testGetResourceFileList.

/**
 * Testing the root of /xref for authorization filtering.
 */
@Test
public void testGetResourceFileList() {
    RuntimeEnvironment env = RuntimeEnvironment.getInstance();
    // backup original values
    String oldSourceRootPath = env.getSourceRootPath();
    AuthorizationFramework oldAuthorizationFramework = env.getAuthorizationFramework();
    Map<String, Project> oldProjects = env.getProjects();
    // Set up the source root directory containing some projects.
    env.setSourceRoot(repository.getSourceRoot());
    env.setProjectsEnabled(true);
    // Enable projects.
    for (String file : new File(repository.getSourceRoot()).list()) {
        Project proj = new Project(file);
        proj.setIndexed(true);
        env.getProjects().put(file, proj);
    }
    HttpServletRequest req = createRequest("/source", "/xref", "");
    PageConfig cfg = PageConfig.get(req);
    List<String> allFiles = new ArrayList<>(cfg.getResourceFileList());
    /**
     * Check if there are some files (the "5" here is just a sufficient
     * value for now which won't break any future repository tests) without
     * any authorization.
     */
    assertTrue(allFiles.size() > 5);
    assertTrue(allFiles.contains("git"));
    assertTrue(allFiles.contains("mercurial"));
    /**
     * Now set up the same projects with authorization plugin enabling only
     * some of them.
     * <pre>
     *  - disabling "git"
     *  - disabling "mercurial"
     * </pre>
     */
    env.setAuthorizationFramework(new AuthorizationFramework());
    env.getAuthorizationFramework().reload();
    env.getAuthorizationFramework().getStack().add(new AuthorizationPlugin(AuthControlFlag.REQUIRED, new TestPlugin() {

        @Override
        public boolean isAllowed(HttpServletRequest request, Project project) {
            return !project.getName().startsWith("git") && !project.getName().startsWith("mercurial");
        }
    }));
    req = createRequest("/source", "/xref", "");
    cfg = PageConfig.get(req);
    List<String> filteredFiles = new ArrayList<>(cfg.getResourceFileList());
    // list subtraction - retains only disabled files
    allFiles.removeAll(filteredFiles);
    assertEquals(2, allFiles.size());
    assertTrue(allFiles.contains("git"));
    assertTrue(allFiles.contains("mercurial"));
    // restore original values
    env.setAuthorizationFramework(oldAuthorizationFramework);
    env.setSourceRoot(oldSourceRootPath);
    env.setProjects(oldProjects);
}