use of org.opensolaris.opengrok.authorization.AuthorizationFramework in project OpenGrok by OpenGrok.
the class ProjectHelperTestBase method setUp.
@Before
public void setUp() {
Assert.assertEquals("Should contain 4 groups", 4, env.getGroups().size());
Assert.assertEquals("Should contain 40 project", 40, env.getProjects().size());
Assert.assertEquals("Should contain 20 repositories", 20, env.getRepositories().size());
Assert.assertNotNull("Repository map should not be null", env.getProjectRepositoriesMap());
Assert.assertEquals("Repository map should contain 20 project", 20, env.getProjectRepositoriesMap().size());
env.setAuthorizationFramework(new AuthorizationFramework());
env.getAuthorizationFramework().reload();
IAuthorizationPlugin plugin = new TestPlugin() {
@Override
public boolean isAllowed(HttpServletRequest request, Project project) {
return project.getName().startsWith("allowed");
}
@Override
public boolean isAllowed(HttpServletRequest request, Group group) {
return group.getName().startsWith("allowed");
}
};
invokeAddPlugin(plugin);
cfg = PageConfig.get(getRequest());
helper = cfg.getProjectHelper();
}
use of org.opensolaris.opengrok.authorization.AuthorizationFramework in project OpenGrok by OpenGrok.
the class WebappListener method contextInitialized.
/**
* {@inheritDoc}
*/
@Override
public void contextInitialized(final ServletContextEvent servletContextEvent) {
ServletContext context = servletContextEvent.getServletContext();
RuntimeEnvironment env = RuntimeEnvironment.getInstance();
String config = context.getInitParameter("CONFIGURATION");
if (config == null) {
LOGGER.severe("CONFIGURATION section missing in web.xml");
} else {
try {
env.readConfiguration(new File(config));
} catch (IOException ex) {
LOGGER.log(Level.WARNING, "OpenGrok Configuration error. Failed to read config file: ", ex);
}
}
/**
* Create a new instance of authorization framework. If the code above
* (reading the configuration) failed then the plugin directory is
* possibly {@code null} causing the framework to allow every request.
*/
env.setAuthorizationFramework(new AuthorizationFramework(env.getPluginDirectory(), env.getPluginStack()));
env.getAuthorizationFramework().reload();
String address = context.getInitParameter("ConfigAddress");
if (address != null && address.length() > 0) {
LOGGER.log(Level.CONFIG, "Will listen for configuration on [{0}]", address);
String[] cfg = address.split(":");
if (cfg.length == 2) {
try {
SocketAddress addr = new InetSocketAddress(InetAddress.getByName(cfg[0]), Integer.parseInt(cfg[1]));
if (!RuntimeEnvironment.getInstance().startConfigurationListenerThread(addr)) {
LOGGER.log(Level.SEVERE, "OpenGrok: Failed to start configuration listener thread");
}
} catch (NumberFormatException | UnknownHostException ex) {
LOGGER.log(Level.SEVERE, "OpenGrok: Failed to start configuration listener thread:", ex);
}
} else {
LOGGER.log(Level.SEVERE, "Incorrect format for the configuration address: ");
for (int i = 0; i < cfg.length; ++i) {
LOGGER.log(Level.SEVERE, "[{0}]", cfg[i]);
}
}
}
try {
RuntimeEnvironment.getInstance().loadStatistics();
} catch (IOException ex) {
LOGGER.log(Level.INFO, "Could not load statistics from a file.", ex);
} catch (ParseException ex) {
LOGGER.log(Level.SEVERE, "Could not parse statistics from a file.", ex);
}
if (env.getConfiguration().getPluginDirectory() != null && env.isAuthorizationWatchdog()) {
RuntimeEnvironment.getInstance().startWatchDogService(new File(env.getConfiguration().getPluginDirectory()));
}
RuntimeEnvironment.getInstance().startExpirationTimer();
try {
RuntimeEnvironment.getInstance().loadStatistics();
} catch (IOException ex) {
LOGGER.log(Level.INFO, "Could not load statistics from a file.", ex);
} catch (ParseException ex) {
LOGGER.log(Level.SEVERE, "Could not parse statistics from a file.", ex);
}
}
use of org.opensolaris.opengrok.authorization.AuthorizationFramework in project OpenGrok by OpenGrok.
the class PageConfigTest method testGetResourceFileList.
/**
* Testing the root of /xref for authorization filtering.
*/
@Test
public void testGetResourceFileList() {
RuntimeEnvironment env = RuntimeEnvironment.getInstance();
// backup original values
String oldSourceRootPath = env.getSourceRootPath();
AuthorizationFramework oldAuthorizationFramework = env.getAuthorizationFramework();
Map<String, Project> oldProjects = env.getProjects();
// Set up the source root directory containing some projects.
env.setSourceRoot(repository.getSourceRoot());
env.setProjectsEnabled(true);
// Enable projects.
for (String file : new File(repository.getSourceRoot()).list()) {
Project proj = new Project(file);
proj.setIndexed(true);
env.getProjects().put(file, proj);
}
HttpServletRequest req = createRequest("/source", "/xref", "");
PageConfig cfg = PageConfig.get(req);
List<String> allFiles = new ArrayList<>(cfg.getResourceFileList());
/**
* Check if there are some files (the "5" here is just a sufficient
* value for now which won't break any future repository tests) without
* any authorization.
*/
assertTrue(allFiles.size() > 5);
assertTrue(allFiles.contains("git"));
assertTrue(allFiles.contains("mercurial"));
/**
* Now set up the same projects with authorization plugin enabling only
* some of them.
* <pre>
* - disabling "git"
* - disabling "mercurial"
* </pre>
*/
env.setAuthorizationFramework(new AuthorizationFramework());
env.getAuthorizationFramework().reload();
env.getAuthorizationFramework().getStack().add(new AuthorizationPlugin(AuthControlFlag.REQUIRED, new TestPlugin() {
@Override
public boolean isAllowed(HttpServletRequest request, Project project) {
return !project.getName().startsWith("git") && !project.getName().startsWith("mercurial");
}
}));
req = createRequest("/source", "/xref", "");
cfg = PageConfig.get(req);
List<String> filteredFiles = new ArrayList<>(cfg.getResourceFileList());
// list subtraction - retains only disabled files
allFiles.removeAll(filteredFiles);
assertEquals(2, allFiles.size());
assertTrue(allFiles.contains("git"));
assertTrue(allFiles.contains("mercurial"));
// restore original values
env.setAuthorizationFramework(oldAuthorizationFramework);
env.setSourceRoot(oldSourceRootPath);
env.setProjects(oldProjects);
}
Aggregations