use of org.springframework.security.context.SecurityContext in project gocd by gocd.
the class GoFileConfigDataSourceTest method shouldUse_UserFromSession_asConfigModifyingUserWhenNoneGiven.
@Test
public void shouldUse_UserFromSession_asConfigModifyingUserWhenNoneGiven() throws GitAPIException, IOException {
SecurityContext context = SecurityContextHolder.getContext();
context.setAuthentication(new UsernamePasswordAuthenticationToken(new User("loser_boozer", "pass", true, true, true, true, new GrantedAuthority[] {}), null));
goConfigDao.updateMailHost(getMailHost("mailhost.local"));
CruiseConfig cruiseConfig = goConfigDao.load();
GoConfigRevision revision = configRepository.getRevision(cruiseConfig.getMd5());
assertThat(revision.getUsername(), is("loser_boozer"));
}
use of org.springframework.security.context.SecurityContext in project gocd by gocd.
the class BasicAuthenticationFilterTest method testShouldRender500WithHTMLTextBodyWithApiAcceptHeaderWithHTML.
@Test
public void testShouldRender500WithHTMLTextBodyWithApiAcceptHeaderWithHTML() throws IOException {
httpRequest.addHeader("Accept", "text/html");
SecurityContext context = SecurityContextHolder.getContext();
filter.handleException(httpRequest, httpResponse, new Exception("some error"));
verify(localizer).localize("INVALID_LDAP_ERROR");
assertThat(((Exception) (httpRequest.getSession().getAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY))).getMessage(), is(errorMessage));
assertThat(httpRequest.getAttribute(SessionDenialAwareAuthenticationProcessingFilterEntryPoint.SESSION_DENIED).toString(), is("true"));
assertThat(context.getAuthentication(), is(nullValue()));
assertThat(httpResponse.getRedirectedUrl(), is("/go/auth/login?login_error=1"));
}
use of org.springframework.security.context.SecurityContext in project gocd by gocd.
the class GoVelocityView method exposeHelpers.
protected void exposeHelpers(Context velocityContext, HttpServletRequest request) throws Exception {
RailsAssetsService railsAssetsService = getRailsAssetsService();
VersionInfoService versionInfoService = getVersionInfoService();
velocityContext.put(ADMINISTRATOR, true);
velocityContext.put(GROUP_ADMINISTRATOR, true);
velocityContext.put(TEMPLATE_ADMINISTRATOR, true);
velocityContext.put(VIEW_ADMINISTRATOR_RIGHTS, true);
velocityContext.put(TEMPLATE_VIEW_USER, true);
velocityContext.put(USE_COMPRESS_JS, systemEnvironment.useCompressedJs());
velocityContext.put(Toggles.PIPELINE_COMMENT_FEATURE_TOGGLE_KEY, Toggles.isToggleOn(Toggles.PIPELINE_COMMENT_FEATURE_TOGGLE_KEY));
velocityContext.put(CONCATENATED_JAVASCRIPT_FILE_PATH, railsAssetsService.getAssetPath("application.js"));
velocityContext.put(CONCATENATED_APPLICATION_CSS_FILE_PATH, railsAssetsService.getAssetPath("application.css"));
velocityContext.put(CURRENT_GOCD_VERSION, CurrentGoCDVersion.getInstance());
velocityContext.put(CONCATENATED_VM_APPLICATION_CSS_FILE_PATH, railsAssetsService.getAssetPath("vm/application.css"));
velocityContext.put(CONCATENATED_CSS_APPLICATION_CSS_FILE_PATH, railsAssetsService.getAssetPath("css/application.css"));
velocityContext.put(CONCATENATED_NEW_THEME_CSS_FILE_PATH, railsAssetsService.getAssetPath("new-theme.css"));
velocityContext.put(CONCATENATED_STAGE_BAR_CANCELLED_ICON_FILE_PATH, railsAssetsService.getAssetPath("g9/stage_bar_cancelled_icon.png"));
velocityContext.put(CONCATENATED_SPINNER_ICON_FILE_PATH, railsAssetsService.getAssetPath("spinner.gif"));
velocityContext.put(CONCATENATED_CRUISE_ICON_FILE_PATH, railsAssetsService.getAssetPath("cruise.ico"));
velocityContext.put(PATH_RESOLVER, railsAssetsService);
velocityContext.put(GO_UPDATE, versionInfoService.getGoUpdate());
velocityContext.put(GO_UPDATE_CHECK_ENABLED, versionInfoService.isGOUpdateCheckEnabled());
SecurityContext securityContext = (SecurityContext) request.getSession().getAttribute(SPRING_SECURITY_CONTEXT_KEY);
if (securityContext == null || securityContext.getAuthentication() == null) {
return;
}
final Authentication authentication = securityContext.getAuthentication();
setPrincipal(velocityContext, authentication);
setAdmininstratorRole(velocityContext, authentication);
}
use of org.springframework.security.context.SecurityContext in project gocd by gocd.
the class ConfigModifyingUserTest method shouldIdentifyLoggedInUserAsModifyingUser_WhenNoModifyingUserIsGiven.
@Test
public void shouldIdentifyLoggedInUserAsModifyingUser_WhenNoModifyingUserIsGiven() {
SecurityContext context = SecurityContextHolder.getContext();
context.setAuthentication(new UsernamePasswordAuthenticationToken(new User("loser_boozer", "pass", true, true, true, true, new GrantedAuthority[] {}), null));
ConfigModifyingUser user = new ConfigModifyingUser();
assertThat(user.getUserName(), is("loser_boozer"));
}
use of org.springframework.security.context.SecurityContext in project gocd by gocd.
the class CasProcessingFilter method onUnsuccessfulAuthentication.
@Override
protected void onUnsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) throws IOException {
SecurityContext context = SecurityContextHolder.getContext();
request.getSession().setAttribute(SPRING_SECURITY_LAST_EXCEPTION_KEY, new OnlyKnownUsersAllowedException("Foo"));
request.setAttribute(SessionDenialAwareAuthenticationProcessingFilterEntryPoint.SESSION_DENIED, true);
context.setAuthentication(null);
response.sendRedirect("/go/auth/login");
super.onUnsuccessfulAuthentication(request, response, failed);
}
Aggregations