Skip to content
Permalink
Browse files
fix unit test
  • Loading branch information
olamy committed Feb 5, 2015
1 parent 0e1a45a commit 88a2ef7a1c903af4744d7d6e39ac9ff0be7ae10f
Show file tree
Hide file tree
Showing 4 changed files with 21 additions and 10 deletions.
@@ -80,7 +80,7 @@
implements UserService
{

private Logger log = LoggerFactory.getLogger( getClass() );
private final Logger log = LoggerFactory.getLogger( getClass() );

private static final String VALID_USERNAME_CHARS = "[a-zA-Z_0-9\\-.@]*";

@@ -19,9 +19,9 @@
* under the License.
*/

import org.apache.archiva.redback.authorization.RedbackAuthorization;
import org.apache.cxf.jaxrs.model.OperationResourceInfo;
import org.apache.cxf.message.Message;
import org.apache.archiva.redback.authorization.RedbackAuthorization;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@@ -65,8 +65,14 @@ public RedbackAuthorization getRedbackAuthorization( Message message )

Method method = operationResourceInfo.getAnnotatedMethod();

log.debug( " method name {}", method == null ? "null" : method.getName() );
RedbackAuthorization redbackAuthorization = method.getAnnotation( RedbackAuthorization.class );

log.debug( "class {}, resourceClass {}, method {}, redbackAuthorization {}", //
operationResourceInfo.getClassResourceInfo().getServiceClass(), //
operationResourceInfo.getClassResourceInfo().getResourceClass(), //
method, //
redbackAuthorization );

return redbackAuthorization;
}
}
@@ -66,6 +66,7 @@

public void filter( ContainerRequestContext containerRequestContext )
{

Message message = JAXRSUtils.getCurrentMessage();

RedbackAuthorization redbackAuthorization = getRedbackAuthorization( message );
@@ -79,8 +80,8 @@ public void filter( ContainerRequestContext containerRequestContext )
}
String[] permissions = redbackAuthorization.permissions();
//olamy: no value is an array with an empty String
if ( permissions != null && permissions.length > 0 && !( permissions.length == 1 && StringUtils.isEmpty(
permissions[0] ) ) )
if ( permissions != null && permissions.length > 0 //
&& !( permissions.length == 1 && StringUtils.isEmpty( permissions[0] ) ) )
{
HttpServletRequest request = getHttpServletRequest( message );
SecuritySession securitySession = httpAuthenticator.getSecuritySession( request.getSession( true ) );
@@ -90,7 +91,8 @@ public void filter( ContainerRequestContext containerRequestContext )
{
try
{
authenticationResult = httpAuthenticator.getAuthenticationResult( request, getHttpServletResponse( message ) );
authenticationResult =
httpAuthenticator.getAuthenticationResult( request, getHttpServletResponse( message ) );
}
catch ( AuthenticationException e )
{
@@ -139,10 +141,11 @@ public void filter( ContainerRequestContext containerRequestContext )
catch ( AuthorizationException e )
{
log.debug( e.getMessage(), e );
containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() );
return;

}
}
containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() );
return;

}
else
@@ -165,10 +168,12 @@ public void filter( ContainerRequestContext containerRequestContext )
return;
}
}
log.warn( "http path {} doesn't contain any informations regarding permissions ",

log.warn( "http path {} doesn't contain any informations regarding permissions ", //
message.get( Message.REQUEST_URI ) );
// here we failed to authenticate so 403 as there is no detail on karma for this
// it must be marked as it's exposed
containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() );

}
}
@@ -21,7 +21,7 @@

<appenders>
<Console name="console" target="SYSTEM_OUT">
<PatternLayout pattern="%highlight{%d{HH:mm:ss.SSS} [%t] %-5level %logger{36} - %msg%n}" />
<PatternLayout pattern="%highlight{%d{HH:mm:ss.SSS} [%L] [%t] %-5level %logger{36} - %msg%n}" />
</Console>
</appenders>

0 comments on commit 88a2ef7

Please sign in to comment.