Permalink
Browse files

Fix up sonar findbugs warnings

  • Loading branch information...
1 parent cdf0540 commit 2d5781693b3b90fe24dce54ece000ebfa634fcfd @cbeer cbeer committed Dec 14, 2013
Showing with 169 additions and 264 deletions.
  1. +2 −2 fcrepo-auth-common/src/main/java/org/fcrepo/auth/common/FedoraPolicyEnforcementPoint.java
  2. +1 −1 fcrepo-auth-common/src/main/java/org/fcrepo/auth/common/HTTPPrincipalFactory.java
  3. +4 −3 fcrepo-auth-common/src/main/java/org/fcrepo/auth/common/ServletContainerAuthenticationProvider.java
  4. +4 −5 fcrepo-auth-oauth/src/main/java/org/fcrepo/auth/oauth/Constants.java
  5. +4 −4 fcrepo-auth-oauth/src/main/java/org/fcrepo/auth/oauth/TokenRequestValidations.java
  6. +3 −10 fcrepo-auth-oauth/src/main/java/org/fcrepo/auth/oauth/api/AuthzEndpoint.java
  7. +1 −3 fcrepo-auth-roles-basic/src/main/java/org/fcrepo/auth/roles/basic/BasicRolesPEP.java
  8. +7 −9 fcrepo-auth-roles-common/src/main/java/org/fcrepo/auth/roles/common/AbstractRolesPEP.java
  9. +10 −9 fcrepo-auth-roles-common/src/main/java/org/fcrepo/auth/roles/common/AccessRoles.java
  10. +5 −4 fcrepo-auth-roles-common/src/main/java/org/fcrepo/auth/roles/common/AccessRolesProvider.java
  11. +1 −1 fcrepo-generator-dc/src/main/java/org/fcrepo/generator/dublincore/JcrPropertiesGenerator.java
  12. +21 −13 fcrepo-http-api/src/main/java/org/fcrepo/http/api/FedoraBatch.java
  13. +24 −23 fcrepo-http-api/src/main/java/org/fcrepo/http/api/FedoraFieldSearch.java
  14. +10 −4 fcrepo-http-api/src/main/java/org/fcrepo/http/api/FedoraNodes.java
  15. +0 −101 fcrepo-http-commons/src/main/java/org/fcrepo/http/commons/AbstractResource.java
  16. +1 −3 fcrepo-http-commons/src/main/java/org/fcrepo/http/commons/api/rdf/HttpGraphSubjects.java
  17. +2 −1 fcrepo-http-commons/src/main/java/org/fcrepo/http/commons/responses/BaseHtmlProvider.java
  18. +3 −3 fcrepo-http-commons/src/main/java/org/fcrepo/http/commons/responses/ViewHelpers.java
  19. +2 −5 fcrepo-http-commons/src/main/java/org/fcrepo/http/commons/session/SessionFactory.java
  20. +2 −2 fcrepo-kernel/src/main/java/org/fcrepo/kernel/FedoraResource.java
  21. +1 −1 fcrepo-kernel/src/main/java/org/fcrepo/kernel/Transaction.java
  22. +10 −0 fcrepo-kernel/src/main/java/org/fcrepo/kernel/exception/MalformedRdfException.java
  23. +1 −1 fcrepo-kernel/src/main/java/org/fcrepo/kernel/observer/EventFilter.java
  24. +1 −1 fcrepo-kernel/src/main/java/org/fcrepo/kernel/rdf/impl/NodeRdfContext.java
  25. +3 −3 fcrepo-kernel/src/main/java/org/fcrepo/kernel/rdf/impl/RootRdfContext.java
  26. +1 −6 fcrepo-kernel/src/main/java/org/fcrepo/kernel/services/DatastreamService.java
  27. +1 −1 fcrepo-kernel/src/main/java/org/fcrepo/kernel/services/policy/StoragePolicy.java
  28. +3 −3 fcrepo-kernel/src/main/java/org/fcrepo/kernel/utils/BasicCacheEntry.java
  29. +3 −3 fcrepo-kernel/src/main/java/org/fcrepo/kernel/utils/CacheEntry.java
  30. +5 −5 fcrepo-kernel/src/main/java/org/fcrepo/kernel/utils/iterators/PersistingRdfStreamConsumer.java
  31. +16 −20 fcrepo-storage-policy/src/main/java/org/fcrepo/storage/policy/FedoraStoragePolicy.java
  32. +1 −1 fcrepo-transform/src/main/java/org/fcrepo/transform/TransformationFactory.java
  33. +2 −2 fcrepo-transform/src/main/java/org/fcrepo/transform/http/FedoraTransform.java
  34. +13 −9 fcrepo-transform/src/main/java/org/fcrepo/transform/sparql/JQLQueryVisitor.java
  35. +0 −1 fcrepo-transform/src/main/java/org/fcrepo/transform/sparql/JQLResultSet.java
  36. +1 −1 fcrepo-webhooks/src/main/java/org/fcrepo/webhooks/FedoraWebhooks.java
@@ -42,7 +42,7 @@
* @param allPrincipals
* @return
*/
- public boolean hasModeShapePermission(Path absPath, String[] actions,
+ boolean hasModeShapePermission(Path absPath, String[] actions,
Set<Principal> allPrincipals, Principal userPrincipal);
/**
@@ -54,7 +54,7 @@ public boolean hasModeShapePermission(Path absPath, String[] actions,
* @param userPrincipal the user principal
* @return an iterator of permitted paths
*/
- public Iterator<Path> filterPathsForReading(Iterator<Path> paths,
+ Iterator<Path> filterPathsForReading(Iterator<Path> paths,
Set<Principal> allPrincipals, Principal userPrincipal);
}
@@ -36,5 +36,5 @@
* @param request the request
* @return a set of security principals
*/
- public Set<Principal> getGroupPrincipals(HttpServletRequest request);
+ Set<Principal> getGroupPrincipals(HttpServletRequest request);
}
@@ -121,11 +121,12 @@ public ExecutionContext authenticate(final Credentials credentials,
final String repositoryName, final String workspaceName,
final ExecutionContext repositoryContext,
final Map<String, Object> sessionAttributes) {
- logger.debug("in authenticate: " + credentials);
- logger.debug("PEP: " + pep);
- if (credentials == null || !(credentials instanceof ServletCredentials)) {
+ logger.debug("in authenticate: {}; PEP: {}", credentials, pep);
+
+ if (!(credentials instanceof ServletCredentials)) {
return null;
}
+
final ServletCredentials creds = (ServletCredentials) credentials;
// does this request have the fedoraAdmin role in the container?
@@ -17,16 +17,15 @@
public interface Constants {
- public static final String OAUTH_WORKSPACE = "oauth";
+ static final String OAUTH_WORKSPACE = "oauth";
// TODO get namespaced properties to work
- public static final String CLIENT_PROPERTY = "oauth-client";
+ static final String CLIENT_PROPERTY = "oauth-client";
// TODO get namespaced properties to work
- public static final String PRINCIPAL_PROPERTY = "oauth-principal";
+ static final String PRINCIPAL_PROPERTY = "oauth-principal";
// TODO get namespaced properties to work
- public static final String SCOPES_PROPERTY = "oauth-scopes";
+ static final String SCOPES_PROPERTY = "oauth-scopes";
- public static final Long EXPIRATION_TIMEOUT = 3600l;
}
@@ -27,7 +27,7 @@
* @return
* @throws RepositoryException
*/
- public boolean isValidAuthCode(final OAuthTokenRequest oauthRequest)
+ boolean isValidAuthCode(final OAuthTokenRequest oauthRequest)
throws RepositoryException;
/**
@@ -36,15 +36,15 @@ public boolean isValidAuthCode(final OAuthTokenRequest oauthRequest)
* @return
* @throws RepositoryException
*/
- public boolean isValidClient(final OAuthTokenRequest oauthRequest);
+ boolean isValidClient(final OAuthTokenRequest oauthRequest);
/**
* Checks the validity of the secret given with the given request
* @param oauthRequest
* @return
* @throws RepositoryException
*/
- public boolean isValidSecret(final OAuthTokenRequest oauthRequest);
+ boolean isValidSecret(final OAuthTokenRequest oauthRequest);
/**
* Checks the validity of the authN credentials
@@ -53,6 +53,6 @@ public boolean isValidAuthCode(final OAuthTokenRequest oauthRequest)
* @return
* @throws RepositoryException
*/
- public boolean isValidCredentials(final OAuthTokenRequest oauthRequest);
+ boolean isValidCredentials(final OAuthTokenRequest oauthRequest);
}
@@ -47,6 +47,7 @@
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
+import com.google.common.collect.Iterables;
import org.apache.oltu.oauth2.as.issuer.MD5Generator;
import org.apache.oltu.oauth2.as.issuer.OAuthIssuerImpl;
import org.apache.oltu.oauth2.as.request.OAuthAuthzRequest;
@@ -82,7 +83,7 @@
public Response getAuthorization(@Context final HttpServletRequest request)
throws URISyntaxException, OAuthSystemException, RepositoryException {
- OAuthAuthzRequest oauthRequest = null;
+ final OAuthAuthzRequest oauthRequest;
final OAuthIssuerImpl oauthIssuerImpl =
new OAuthIssuerImpl(new MD5Generator());
@@ -118,13 +119,6 @@ public Response getAuthorization(@Context final HttpServletRequest request)
builder.setParam("client_secret", "YOUR_SECRET");
}
- /** as far as I can tell from spec and a number of docs,
- * "token" is not a valid response type for the authCode
- * endpoint
- */
-// } else if (responseType.equals(TOKEN.toString())) {
-// builder.setAccessToken(oauthIssuerImpl.accessToken());
-// builder.setExpiresIn(EXPIRATION_TIMEOUT);
} else {
String errorDesc =
"Invalid response_type parameter value \"" +
@@ -189,8 +183,7 @@ private void saveAuthCode(final String authCode, final Set<String> scopes,
jcrTools.findOrCreateNode(session, "/authorization-codes/" +
authCode);
codeNode.setProperty(CLIENT_PROPERTY, client);
- codeNode.setProperty(Constants.SCOPES_PROPERTY, scopes
- .toArray(new String[0]));
+ codeNode.setProperty(Constants.SCOPES_PROPERTY, Iterables.toArray(scopes, String.class));
session.save();
} finally {
session.logout();
@@ -16,8 +16,6 @@
package org.fcrepo.auth.roles.basic;
-
-
import java.security.Principal;
import java.util.Set;
@@ -53,7 +51,7 @@ public boolean rolesHaveModeShapePermission(final String absPath,
return true;
}
if (roles.contains("writer")) {
- if (absPath.toString().contains(AUTHZ_DETECTION)) {
+ if (absPath.contains(AUTHZ_DETECTION)) {
log.debug("Denying writer role permission to perform an action on an ACL node.");
return false;
} else {
@@ -133,9 +133,9 @@ public void setSessionFactory(final SessionFactory sessionFactory) {
public boolean hasModeShapePermission(final Path absPath,
final String[] actions, final Set<Principal> allPrincipals,
final Principal userPrincipal) {
- final boolean newNode = false;
- Set<String> roles = null;
- JcrSession session = null;
+ final Set<String> roles;
+ final JcrSession session;
+
try {
session = (JcrSession)sessionFactory.getInternalSession();
final Map<String, List<String>> acl =
@@ -148,28 +148,26 @@ public boolean hasModeShapePermission(final Path absPath,
}
if (log.isDebugEnabled()) {
- final StringBuilder msg = new StringBuilder();
- msg.append(roles.toString()).append("\t").append(
- Arrays.toString(actions)).append("\t").append(
- newNode ? "NEW" : "OLD").append("\t").append(
- (absPath == null ? absPath : absPath.toString()));
- log.debug(msg.toString());
+ log.debug("{}\t{}\t{}", roles, actions, absPath);
if (actions.length > 1) { // have yet to see more than one
log.debug("FOUND MULTIPLE ACTIONS: {}", Arrays
.toString(actions));
}
}
+
if (actions.length == 1 && "remove_child_nodes".equals(actions[0])) {
// in roles-based ACLs, the permission to remove children is
// conferred by earlier check for "remove_node" on the child node
// itself.
return true;
}
+
if (!rolesHaveModeShapePermission(absPath.toString(), actions,
allPrincipals,
userPrincipal, roles)) {
return false;
}
+
if (actions.length == 1 && "remove".equals(actions[0])) {
// you must be able to delete all the children
// TODO make recursive/ACL-query-based check configurable
@@ -16,6 +16,7 @@
package org.fcrepo.auth.roles.common;
+import static com.sun.jersey.api.Responses.notFound;
import static javax.ws.rs.core.MediaType.APPLICATION_JSON;
import java.util.List;
@@ -89,14 +90,14 @@ private AccessRolesProvider getAccessRolesProvider() {
*
* @param pathList
* @return JSON representation of assignment map
- * @throws Exception
+ * @throws RepositoryException
*/
@GET
@Produces(APPLICATION_JSON)
@Timed
public Response get(@PathParam("path")
final List<PathSegment> pathList, @QueryParam("effective")
- final String effective) throws Exception {
+ final String effective) throws RepositoryException {
final String path = toPath(pathList);
log.debug("Get access roles for: {}", path);
log.debug("effective: {}", effective);
@@ -113,7 +114,7 @@ public Response get(@PathParam("path")
response = Response.ok(data);
}
} catch (final PathNotFoundException e) {
- response = Response.status(404).entity(e.getMessage());
+ response = notFound().entity(e.getMessage());
} catch (final AccessDeniedException e) {
response = Response.status(Status.FORBIDDEN);
} finally {
@@ -128,14 +129,14 @@ public Response get(@PathParam("path")
* @param pathList
* @param data
* @return
- * @throws Exception
+ * @throws RepositoryException
*/
@POST
@Consumes(APPLICATION_JSON)
@Timed
public Response post(@PathParam("path")
final List<PathSegment> pathList, final Map<String, Set<String>> data)
- throws Exception {
+ throws RepositoryException {
final String path = toPath(pathList);
log.debug("POST Received request param: {}", request);
Response.ResponseBuilder response;
@@ -172,16 +173,16 @@ private void validatePOST(final Map<String, Set<String>> data)
throw new IllegalArgumentException(
"Posted access roles must include role assignments");
}
- for (final String key : data.keySet()) {
- if (key == null || data.get(key) == null || data.get(key).isEmpty()) {
+ for (final Map.Entry<String, Set<String>> entry : data.entrySet()) {
+ if (entry.getKey() == null || entry.getValue() == null || entry.getValue().isEmpty()) {
throw new IllegalArgumentException(
"Assignments must include principal name and one or more roles");
}
- if (key.trim().length() == 0) {
+ if (entry.getKey().trim().length() == 0) {
throw new IllegalArgumentException(
"Principal names cannot be an empty strings or whitespace.");
}
- for (final String r : data.get(key)) {
+ for (final String r : entry.getValue()) {
if (r.trim().length() == 0) {
throw new IllegalArgumentException(
"Role names cannot be an empty strings or whitespace.");
@@ -38,6 +38,8 @@
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
+import static com.google.common.collect.Iterables.toArray;
+
/**
* Provides the effective access roles for authorization.
*
@@ -175,13 +177,12 @@ public void postRoles(final Node node, final Map<String, Set<String>> data)
}
}
- for (final String key : data.keySet()) {
+ for (final Map.Entry<String, Set<String>> entry : data.entrySet()) {
final Node assign =
acl.addNode(JcrName.assignment.getQualified(),
JcrName.Assignment.getQualified());
- assign.setProperty(JcrName.principal.getQualified(), key);
- assign.setProperty(JcrName.role.getQualified(), data.get(key)
- .toArray(new String[] {}));
+ assign.setProperty(JcrName.principal.getQualified(), entry.getKey());
+ assign.setProperty(JcrName.role.getQualified(), toArray(entry.getValue(), String.class));
}
}
@@ -38,7 +38,7 @@
private static final Logger LOGGER =
getLogger(JcrPropertiesGenerator.class);
- public static final String[] SALIENT_DC_PROPERTY_NAMESPACES =
+ protected static final String[] SALIENT_DC_PROPERTY_NAMESPACES =
new String[] {"dc:*"};
@Override
Oops, something went wrong.

0 comments on commit 2d57816

Please sign in to comment.