This repository has been archived by the owner on Feb 9, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 119
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
BZ(1169544,1169556, 1169557,1169559,1169560): improvements on securit…
…y related to file access
- Loading branch information
Showing
7 changed files
with
578 additions
and
165 deletions.
There are no files selected for viewing
229 changes: 110 additions & 119 deletions
229
.../security/server/util/AntPathMatcher.java → ...re/commons/regex/util/AntPathMatcher.java
Large diffs are not rendered by default.
Oops, something went wrong.
89 changes: 89 additions & 0 deletions
89
uberfire-io/src/main/java/org/uberfire/io/regex/AntPathMatcher.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,89 @@ | ||
| package org.uberfire.io.regex; | ||
|
|
||
| import java.net.URI; | ||
| import java.util.Collection; | ||
|
|
||
| import org.uberfire.java.nio.file.Path; | ||
|
|
||
| import static org.uberfire.commons.validation.Preconditions.*; | ||
|
|
||
| public final class AntPathMatcher { | ||
|
|
||
| private static org.uberfire.commons.regex.util.AntPathMatcher matcher = new org.uberfire.commons.regex.util.AntPathMatcher(); | ||
|
|
||
| public static boolean filter( final Collection<String> includes, | ||
| final Collection<String> excludes, | ||
| final Path path ) { | ||
| checkNotNull( "includes", includes ); | ||
| checkNotNull( "excludes", excludes ); | ||
| checkNotNull( "path", path ); | ||
| if ( includes.isEmpty() && excludes.isEmpty() ) { | ||
| return true; | ||
| } else if ( includes.isEmpty() ) { | ||
| return !( excludes( excludes, path ) ); | ||
| } else if ( excludes.isEmpty() ) { | ||
| return includes( includes, path ); | ||
| } | ||
| return includes( includes, path ) && !( excludes( excludes, path ) ); | ||
| } | ||
|
|
||
| public static boolean filter( final Collection<String> includes, | ||
| final Collection<String> excludes, | ||
| final URI uri ) { | ||
| checkNotNull( "includes", includes ); | ||
| checkNotNull( "excludes", excludes ); | ||
| checkNotNull( "uri", uri ); | ||
| if ( includes.isEmpty() && excludes.isEmpty() ) { | ||
| return true; | ||
| } else if ( includes.isEmpty() ) { | ||
| return !( excludes( excludes, uri ) ); | ||
| } else if ( excludes.isEmpty() ) { | ||
| return includes( includes, uri ); | ||
| } | ||
| return includes( includes, uri ) && !( excludes( excludes, uri ) ); | ||
| } | ||
|
|
||
| public static boolean includes( final Collection<String> patterns, | ||
| final Path path ) { | ||
| checkNotNull( "patterns", patterns ); | ||
| checkNotNull( "path", path ); | ||
| return matches( patterns, path ); | ||
| } | ||
|
|
||
| public static boolean includes( final Collection<String> patterns, | ||
| final URI uri ) { | ||
| checkNotNull( "patterns", patterns ); | ||
| checkNotNull( "uri", uri ); | ||
| return matches( patterns, uri ); | ||
| } | ||
|
|
||
| public static boolean excludes( final Collection<String> patterns, | ||
| final URI uri ) { | ||
| checkNotNull( "patterns", patterns ); | ||
| checkNotNull( "uri", uri ); | ||
| return matches( patterns, uri ); | ||
| } | ||
|
|
||
| public static boolean excludes( final Collection<String> patterns, | ||
| final Path path ) { | ||
| checkNotNull( "patterns", patterns ); | ||
| checkNotNull( "path", path ); | ||
| return matches( patterns, path ); | ||
| } | ||
|
|
||
| private static boolean matches( final Collection<String> patterns, | ||
| final Path path ) { | ||
| return matches( patterns, path.toUri() ); | ||
| } | ||
|
|
||
| private static boolean matches( final Collection<String> patterns, | ||
| final URI uri ) { | ||
| for ( final String pattern : patterns ) { | ||
| if ( matcher.match( pattern, uri.toString() ) ) { | ||
| return true; | ||
| } | ||
| } | ||
| return false; | ||
| } | ||
|
|
||
| } |
244 changes: 244 additions & 0 deletions
244
uberfire-io/src/test/java/org/uberfire/io/regex/AntPathMatcherTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,244 @@ | ||
| package org.uberfire.io.regex; | ||
|
|
||
| import java.io.File; | ||
| import java.io.IOException; | ||
| import java.net.URI; | ||
| import java.util.ArrayList; | ||
| import java.util.Collection; | ||
| import java.util.Collections; | ||
| import java.util.HashMap; | ||
|
|
||
| import org.apache.commons.io.FileUtils; | ||
| import org.junit.AfterClass; | ||
| import org.junit.Assert; | ||
| import org.junit.BeforeClass; | ||
| import org.junit.Test; | ||
| import org.uberfire.io.CommonIOServiceDotFileTest; | ||
| import org.uberfire.io.IOService; | ||
| import org.uberfire.io.impl.IOServiceDotFileImpl; | ||
| import org.uberfire.java.nio.file.Path; | ||
| import org.uberfire.java.nio.file.Paths; | ||
|
|
||
| import static org.uberfire.io.regex.AntPathMatcher.*; | ||
|
|
||
| public class AntPathMatcherTest { | ||
|
|
||
| final static IOService ioService = new IOServiceDotFileImpl(); | ||
| private static File path = null; | ||
|
|
||
| @BeforeClass | ||
| public static void setup() throws IOException { | ||
| path = CommonIOServiceDotFileTest.createTempDirectory(); | ||
| System.setProperty( "org.uberfire.nio.git.dir", path.getAbsolutePath() ); | ||
| System.out.println( ".niogit: " + path.getAbsolutePath() ); | ||
|
|
||
| final URI newRepo = URI.create( "git://antpathmatcher" ); | ||
|
|
||
| ioService.newFileSystem( newRepo, new HashMap<String, Object>() ); | ||
| } | ||
|
|
||
| @AfterClass | ||
| @BeforeClass | ||
| public static void cleanup() { | ||
| if ( path != null ) { | ||
| FileUtils.deleteQuietly( path ); | ||
| } | ||
| } | ||
|
|
||
| @Test | ||
| public void testIncludes() { | ||
| final Collection<String> patterns = new ArrayList<String>() {{ | ||
| add( "git://**" ); | ||
| add( "**/repo/**" ); | ||
| }}; | ||
|
|
||
| { | ||
| final Path path = Paths.get( URI.create( "file:///Users/home" ) ); | ||
| Assert.assertFalse( includes( patterns, path ) ); | ||
| } | ||
|
|
||
| { | ||
| final Path path = Paths.get( URI.create( "git://antpathmatcher" ) ); | ||
| Assert.assertTrue( includes( patterns, path ) ); | ||
| } | ||
|
|
||
| { | ||
| final Path path = Paths.get( URI.create( "git://master@antpathmatcher" ) ); | ||
| Assert.assertTrue( includes( patterns, path ) ); | ||
| } | ||
| } | ||
|
|
||
| @Test | ||
| public void testIncludesMid() { | ||
| final Collection<String> patterns = new ArrayList<String>() {{ | ||
| add( "default://**" ); | ||
| add( "**/repo/**" ); | ||
| }}; | ||
|
|
||
| { | ||
| final Path path = Paths.get( URI.create( "file:///Users/home" ) ); | ||
| Assert.assertTrue( includes( patterns, path ) ); | ||
| } | ||
|
|
||
| { | ||
| final Path path = Paths.get( URI.create( "git://antpathmatcher" ) ); | ||
| Assert.assertFalse( includes( patterns, path ) ); | ||
| } | ||
|
|
||
| { | ||
| final Path path = Paths.get( URI.create( "git://master@antpathmatcher/repo/sss" ) ); | ||
| Assert.assertTrue( includes( patterns, path ) ); | ||
| } | ||
| } | ||
|
|
||
| @Test | ||
| public void testExcludes() { | ||
| final Collection<String> patterns = new ArrayList<String>() {{ | ||
| add( "git://**" ); | ||
| add( "**/repo/**" ); | ||
| }}; | ||
|
|
||
| { | ||
| final Path path = Paths.get( URI.create( "file:///Users/home" ) ); | ||
| Assert.assertFalse( excludes( patterns, path ) ); | ||
| } | ||
|
|
||
| { | ||
| final Path path = Paths.get( URI.create( "git://antpathmatcher" ) ); | ||
| Assert.assertTrue( excludes( patterns, path ) ); | ||
| } | ||
|
|
||
| { | ||
| final Path path = Paths.get( URI.create( "git://master@antpathmatcher" ) ); | ||
| Assert.assertTrue( excludes( patterns, path ) ); | ||
| } | ||
| } | ||
|
|
||
| @Test | ||
| public void testExcludesMid() { | ||
| final Collection<String> patterns = new ArrayList<String>() {{ | ||
| add( "default://**" ); | ||
| add( "**/repo/**" ); | ||
| }}; | ||
|
|
||
| { | ||
| final Path path = Paths.get( URI.create( "file:///Users/home" ) ); | ||
| Assert.assertTrue( excludes( patterns, path ) ); | ||
| } | ||
|
|
||
| { | ||
| final Path path = Paths.get( URI.create( "git://antpathmatcher" ) ); | ||
| Assert.assertFalse( excludes( patterns, path ) ); | ||
| } | ||
|
|
||
| { | ||
| final Path path = Paths.get( URI.create( "git://master@antpathmatcher/repo/sss" ) ); | ||
| Assert.assertTrue( excludes( patterns, path ) ); | ||
| } | ||
| } | ||
|
|
||
| @Test | ||
| public void testFilter() { | ||
| final Collection<String> includes = new ArrayList<String>() {{ | ||
| add( "git://**" ); | ||
| }}; | ||
| final Collection<String> excludes = new ArrayList<String>() {{ | ||
| add( "default://**" ); | ||
| }}; | ||
|
|
||
| { | ||
| final Path path = Paths.get( URI.create( "file:///Users/home" ) ); | ||
| Assert.assertFalse( filter( includes, excludes, path ) ); | ||
| } | ||
|
|
||
| { | ||
| final Path path = Paths.get( URI.create( "git://antpathmatcher" ) ); | ||
| Assert.assertTrue( filter( includes, excludes, path ) ); | ||
| } | ||
|
|
||
| { | ||
| final Path path = Paths.get( URI.create( "git://master@antpathmatcher/repo/sss" ) ); | ||
| Assert.assertTrue( filter( includes, excludes, path ) ); | ||
| } | ||
|
|
||
| Assert.assertTrue( filter( Collections.<String>emptyList(), Collections.<String>emptyList(), Paths.get( URI.create( "git://master@antpathmatcher/repo/sss" ) ) ) ); | ||
| Assert.assertTrue( filter( Collections.<String>emptyList(), Collections.<String>emptyList(), Paths.get( URI.create( "git://antpathmatcher" ) ) ) ); | ||
| } | ||
|
|
||
| @Test | ||
| public void testIncludesUri() { | ||
| final Collection<String> patterns = new ArrayList<String>() {{ | ||
| add( "git://**" ); | ||
| add( "**/repo/**" ); | ||
| }}; | ||
|
|
||
| Assert.assertFalse( includes( patterns, URI.create( "file:///Users/home" ) ) ); | ||
|
|
||
| Assert.assertTrue( includes( patterns, URI.create( "git://antpathmatcher" ) ) ); | ||
|
|
||
| Assert.assertTrue( includes( patterns, URI.create( "git://master@antpathmatcher" ) ) ); | ||
| } | ||
|
|
||
| @Test | ||
| public void testIncludesMidUri() { | ||
| final Collection<String> patterns = new ArrayList<String>() {{ | ||
| add( "file://**" ); | ||
| add( "**/repo/**" ); | ||
| }}; | ||
|
|
||
| Assert.assertTrue( includes( patterns, URI.create( "file:///Users/home" ) ) ); | ||
|
|
||
| Assert.assertFalse( includes( patterns, URI.create( "git://antpathmatcher" ) ) ); | ||
|
|
||
| Assert.assertTrue( includes( patterns, URI.create( "git://master@antpathmatcher/repo/sss" ) ) ); | ||
| } | ||
|
|
||
| @Test | ||
| public void testExcludesUri() { | ||
| final Collection<String> patterns = new ArrayList<String>() {{ | ||
| add( "git://**" ); | ||
| add( "**/repo/**" ); | ||
| }}; | ||
|
|
||
| Assert.assertFalse( excludes( patterns, URI.create( "file:///Users/home" ) ) ); | ||
|
|
||
| Assert.assertTrue( excludes( patterns, URI.create( "git://antpathmatcher" ) ) ); | ||
|
|
||
| Assert.assertTrue( excludes( patterns, URI.create( "git://master@antpathmatcher" ) ) ); | ||
| } | ||
|
|
||
| @Test | ||
| public void testExcludesMidUri() { | ||
| final Collection<String> patterns = new ArrayList<String>() {{ | ||
| add( "file://**" ); | ||
| add( "**/repo/**" ); | ||
| }}; | ||
|
|
||
| Assert.assertTrue( excludes( patterns, URI.create( "file:///Users/home" ) ) ); | ||
|
|
||
| Assert.assertFalse( excludes( patterns, URI.create( "git://antpathmatcher" ) ) ); | ||
|
|
||
| Assert.assertTrue( excludes( patterns, URI.create( "git://master@antpathmatcher/repo/sss" ) ) ); | ||
| } | ||
|
|
||
| @Test | ||
| public void testFilterUri() { | ||
| final Collection<String> includes = new ArrayList<String>() {{ | ||
| add( "git://**" ); | ||
| }}; | ||
| final Collection<String> excludes = new ArrayList<String>() {{ | ||
| add( "file://**" ); | ||
| }}; | ||
|
|
||
| Assert.assertFalse( filter( includes, excludes, URI.create( "file:///Users/home" ) ) ); | ||
|
|
||
| Assert.assertTrue( filter( includes, excludes, URI.create( "git://antpathmatcher" ) ) ); | ||
|
|
||
| Assert.assertTrue( filter( includes, excludes, URI.create( "git://master@antpathmatcher/repo/sss" ) ) ); | ||
|
|
||
| Assert.assertTrue( filter( Collections.<String>emptyList(), Collections.<String>emptyList(), URI.create( "file:///Users/home" ) ) ); | ||
|
|
||
| Assert.assertTrue( filter( Collections.<String>emptyList(), Collections.<String>emptyList(), URI.create( "git://master@antpathmatcher/repo/sss" ) ) ); | ||
|
|
||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.