Пример #1
0
 @Path("deleteBundle/{archive: .+}")
 @DELETE
 @Produces(MediaType.APPLICATION_JSON)
 public Response deleteBundle(@PathParam("archive") String archive) throws Exception {
   if (authorizationService.isAnonymous() || !authorizationService.isAdmin()) {
     return Response.status(Response.Status.UNAUTHORIZED).build();
   }
   return runService(advancedServiceFactory.getSupportServiceDeleteBundle(), archive);
 }
Пример #2
0
 @Path("listBundles")
 @GET
 @Produces(MediaType.APPLICATION_JSON)
 public Response listBundles() throws Exception {
   if (authorizationService.isAnonymous() || !authorizationService.isAdmin()) {
     return Response.status(Response.Status.UNAUTHORIZED).build();
   }
   return runService(advancedServiceFactory.getSupportServiceListBundles());
 }
Пример #3
0
 @Path("generateBundle")
 @POST
 @Consumes(MediaType.APPLICATION_JSON)
 @Produces(MediaType.APPLICATION_JSON)
 public Response generateBundle(BundleConfigurationImpl bundleConfiguration) throws Exception {
   if (authorizationService.isAnonymous() || !authorizationService.isAdmin()) {
     return Response.status(Response.Status.UNAUTHORIZED).build();
   }
   return runService(
       advancedServiceFactory.getSupportServiceGenerateBundle(),
       new BundleConfigurationWrapper(bundleConfiguration, httpServletRequest));
 }
  @SuppressWarnings({"unchecked"})
  private InfoRestSearchResult search(List<String> reposToSearch) throws IOException {
    Map<String, String[]> parametersMap = request.getParameterMap();
    if (parametersMap.isEmpty()) {
      RestUtils.sendNotFoundResponse(response, NOT_FOUND);
      return null;
    }

    // build the search controls using the query parameters
    PropertySearchControls searchControls = new PropertySearchControls();
    searchControls.setLimitSearchResults(authorizationService.isAnonymous());
    searchControls.setSelectedRepoForSearch(reposToSearch);
    for (Map.Entry<String, String[]> parameterEntry : parametersMap.entrySet()) {
      String parameterName = parameterEntry.getKey();
      // don't use the repos parameter and the properties parameter as a property name parameter
      if (!SearchRestConstants.PARAM_REPO_TO_SEARCH.equals(parameterName)
          && !SearchRestConstants.PARAM_PROPERTIES.equals(parameterName)) {
        String[] values = parameterEntry.getValue();
        for (String value : values) {
          // all searches are "open" ones
          searchControls.put(parameterName, value, true);
        }
      }
    }

    if (searchControls.isEmpty()) {
      response.sendError(HttpServletResponse.SC_BAD_REQUEST, "The search term cannot be empty");
      return null;
    }
    if (searchControls.isWildcardsOnly()) {
      response.sendError(
          HttpServletResponse.SC_BAD_REQUEST,
          "Search term containing only wildcards is not permitted");
      return null;
    }

    ItemSearchResults<PropertySearchResult> searchResults;
    try {
      searchResults = searchService.searchProperty(searchControls);
    } catch (RepositoryRuntimeException e) {
      RestUtils.sendNotFoundResponse(response, e.getMessage());
      return null;
    }

    List<PropertySearchResult> results = searchResults.getResults();
    InfoRestSearchResult infoSearchResult = new InfoRestSearchResult();
    for (PropertySearchResult result : results) {
      ItemInfo itemInfo = result.getItemInfo();
      StorageInfoHelper storageInfoHelper =
          new StorageInfoHelper(request, repositoryService, repoBrowsingService, itemInfo);
      infoSearchResult.results.add(storageInfoHelper.createStorageInfo());
    }
    return infoSearchResult;
  }
  /** @return */
  private Properties getTemplateProperties(
      String servletContextUrl, GradleSettingModel gradleSettingModel, RestResponse response) {
    Properties repoDetailsProperties = new Properties();

    // General
    repoDetailsProperties.setProperty("artifactory.contextUrl", servletContextUrl);
    repoDetailsProperties.setProperty("gradle.build.1tab", "    ");
    repoDetailsProperties.setProperty("gradle.build.2tabs", "        ");
    repoDetailsProperties.setProperty("gradle.build.3tabs", "            ");
    repoDetailsProperties.setProperty("gradle.build.4tabs", "                ");

    // jcenter overrides both maven and ivy
    if (gradleSettingModel.getPluginRepoKey().equals(JCENTER_DUMMY_REPO_KEY)) {
      repoDetailsProperties.setProperty("maven.repo", "jcenter()");
      repoDetailsProperties.setProperty("ivy.repo", "");
      // Plugins
    } else {
      repoDetailsProperties.setProperty(
          "plugins.repository.url",
          getFullRepositoryUrl(servletContextUrl, gradleSettingModel.getPluginRepoKey()));
      if (gradleSettingModel.getPluginUseMaven()) {
        repoDetailsProperties.setProperty(
            "maven.repo",
            replaceValuesAndGetTemplateValue(
                "/build.gradle.maven.repo.template", repoDetailsProperties, response));
      } else {
        repoDetailsProperties.setProperty("maven.repo", "");
      }

      if (gradleSettingModel.getPluginUseIvy()) {
        repoDetailsProperties.setProperty(
            "ivy.repo",
            replaceValuesAndGetTemplateValue(
                "/build.gradle.ivy.repo.template", repoDetailsProperties, response));
      } else {
        repoDetailsProperties.setProperty("ivy.repo", "");
      }
    }
    // Publisher
    if (gradleSettingModel.getPublisherUseIvy()) {
      repoDetailsProperties.setProperty(
          "ivy.publisher",
          replaceValuesAndGetTemplateValue(
              "/build.gradle.ivy.publisher.template", repoDetailsProperties, response));
      repoDetailsProperties.setProperty(
          "libs.publisher.ivy.pattern",
          getDescriptorPattern(getLayout(gradleSettingModel.getLibsPublisherLayouts())));
      repoDetailsProperties.setProperty(
          "libs.publisher.artifact.pattern",
          getArtifactPattern(getLayout(gradleSettingModel.getLibsPublisherLayouts())));
      repoDetailsProperties.setProperty(
          "libs.publisher.maven.compatible",
          Boolean.toString(
              getFullDescriptorPattern(
                      servletContextUrl,
                      gradleSettingModel.getLibsPublisherRepoKey(),
                      getLayout(gradleSettingModel.getLibsPublisherLayouts()))
                  .contains("pom")));
    } else {
      repoDetailsProperties.setProperty("ivy.publisher", "");
    }
    repoDetailsProperties.setProperty(
        "libs.publisher.repoKey", gradleSettingModel.getLibsPublisherRepoKey());
    repoDetailsProperties.setProperty(
        "libs.publisher.maven", Boolean.toString(gradleSettingModel.getPublisherUseMaven()));

    // Resolver
    if (gradleSettingModel.getResolverUseIvy()) {
      repoDetailsProperties.setProperty(
          "ivy.resolver",
          replaceValuesAndGetTemplateValue(
              "/build.gradle.ivy.resolver.template", repoDetailsProperties, response));
      repoDetailsProperties.setProperty(
          "libs.resolver.ivy.pattern",
          getDescriptorPattern(getLayout(gradleSettingModel.getLibsResolverLayout())));
      repoDetailsProperties.setProperty(
          "libs.resolver.artifact.pattern",
          getArtifactPattern(getLayout(gradleSettingModel.getLibsResolverLayout())));
      repoDetailsProperties.setProperty(
          "libs.resolver.maven.compatible",
          Boolean.toString(
              getFullDescriptorPattern(
                      servletContextUrl,
                      gradleSettingModel.getLibsResolverRepoKey(),
                      getLayout(gradleSettingModel.getLibsResolverLayout()))
                  .contains("pom")));
    } else {
      repoDetailsProperties.setProperty("ivy.resolver", "");
    }
    repoDetailsProperties.setProperty(
        "libs.resolver.repoKey", gradleSettingModel.getLibsResolverRepoKey());
    repoDetailsProperties.setProperty(
        "libs.resolver.maven", Boolean.toString(gradleSettingModel.getResolverUseMaven()));

    // Credentials
    Properties credentialProperties = new Properties();
    String resolveCreds;
    String publishCreds;
    String pluginsCreds;
    if (!authorizationService.isAnonymous() || !authorizationService.isAnonAccessEnabled()) {
      credentialProperties.setProperty("creds.line.break", "\n            ");
      resolveCreds =
          replaceValuesAndGetTemplateValue(
              "/build.gradle.resolve.creds.template", credentialProperties, response);
      publishCreds =
          replaceValuesAndGetTemplateValue(
              "/build.gradle.publish.creds.template", credentialProperties, response);
      pluginsCreds =
          replaceValuesAndGetTemplateValue(
              "/build.gradle.creds.template", credentialProperties, response);
    } else {
      resolveCreds = "";
      publishCreds = "";
      pluginsCreds = "";
    }
    repoDetailsProperties.setProperty("resolve.creds", resolveCreds);
    repoDetailsProperties.setProperty("publish.creds", publishCreds);
    repoDetailsProperties.setProperty("repo.creds", pluginsCreds);

    return repoDetailsProperties;
  }
 @Override
 public void filterActions(AuthorizationService authService) {
   if (getRepoPath() != null && authService.canRead(getRepoPath())) {
     getActions().add(new ShowInTreeAction());
   }
 }
  @Override
  public ContainerRequest filter(ContainerRequest request) {
    // validate session still active
    AuthUtils.validateSession(this.request, uriInfo, response);
    boolean authenticated = authorizationService.isAuthenticated();
    boolean anonAccessEnabled = authorizationService.isAnonAccessEnabled();
    if (!authenticated) {
      if (anonAccessEnabled || uriInfo.getPath().indexOf("auth") != -1) {
        // If anon access is allowed and we didn't bother authenticating try to perform the action
        // as a user
        request.setSecurityContext(
            new RoleAuthenticator(UserInfo.ANONYMOUS, AuthorizationService.ROLE_USER));
      } else {
        throw new AuthorizationRestException();
      }
    } else {
      // Block all the REST calls that pass trough 'mc' entry point and are not authenticated by the
      // MS token authentication,
      // except the FIRST and only the FIRST call to the setupMC that can be authenticated by the
      // basic authentication,
      if (isMissionControlAccesPoint(request)) {
        boolean firstCallToSetupMC = isFirstCallToSetupMC(request);
        boolean tokenAuthentication = isTokenAuthentication(request);
        if (!firstCallToSetupMC && !tokenAuthentication) {
          // Block all the REST calls that pass trough 'mc' entry point and are not authenticated by
          // the MS token authentication,
          throw new AuthorizationRestException(
              "The access trough the 'mc' entry point is allowed only with token authentication");
        } else if ((firstCallToSetupMC && tokenAuthentication)) {
          // Block the setupMC REST calls that pass trough 'mc' entry point and are authenticated by
          // basic authentication except the first time.
          throw new AuthorizationRestException(
              "To initialize mission control chanel for the first time use user name and password ");
        } else {
          String username = authorizationService.currentUsername();
          request.setSecurityContext(
              new RoleAuthenticator(username, AuthorizationService.ROLE_ADMIN));
          return request;
        }
      }

      // Set the authenticated user and role
      String username = authorizationService.currentUsername();
      boolean admin = authorizationService.isAdmin();

      boolean ha =
          SecurityContextHolder.getContext().getAuthentication()
              instanceof HaSystemAuthenticationToken;
      if (ha) {
        request.setSecurityContext(new RoleAuthenticator(username, HaRestConstants.ROLE_HA));
        return request;
      }

      if (admin) {
        request.setSecurityContext(
            new RoleAuthenticator(username, AuthorizationService.ROLE_ADMIN));
      } else {
        request.setSecurityContext(new RoleAuthenticator(username, AuthorizationService.ROLE_USER));
      }
    }
    return request;
  }