|
| 1 | +/* |
| 2 | + * CDDL HEADER START |
| 3 | + * |
| 4 | + * The contents of this file are subject to the terms of the |
| 5 | + * Common Development and Distribution License (the "License"). |
| 6 | + * You may not use this file except in compliance with the License. |
| 7 | + * |
| 8 | + * See LICENSE.txt included in this distribution for the specific |
| 9 | + * language governing permissions and limitations under the License. |
| 10 | + * |
| 11 | + * When distributing Covered Code, include this CDDL HEADER in each |
| 12 | + * file and include the License file at LICENSE.txt. |
| 13 | + * If applicable, add the following below this CDDL HEADER, with the |
| 14 | + * fields enclosed by brackets "[]" replaced with your own identifying |
| 15 | + * information: Portions Copyright [yyyy] [name of copyright owner] |
| 16 | + * |
| 17 | + * CDDL HEADER END |
| 18 | + */ |
| 19 | + |
| 20 | +/* |
| 21 | + * Copyright (c) 2019 Oracle and/or its affiliates. All rights reserved. |
| 22 | + */ |
| 23 | + |
| 24 | +package opengrok.auth.plugin; |
| 25 | + |
| 26 | +import opengrok.auth.plugin.entity.User; |
| 27 | +import org.opengrok.indexer.authorization.IAuthorizationPlugin; |
| 28 | +import org.opengrok.indexer.configuration.Group; |
| 29 | +import org.opengrok.indexer.configuration.Project; |
| 30 | + |
| 31 | +import javax.servlet.http.HttpServletRequest; |
| 32 | +import java.io.IOException; |
| 33 | +import java.nio.file.Files; |
| 34 | +import java.nio.file.Paths; |
| 35 | +import java.util.Map; |
| 36 | +import java.util.Set; |
| 37 | +import java.util.TreeSet; |
| 38 | +import java.util.logging.Level; |
| 39 | +import java.util.logging.Logger; |
| 40 | +import java.util.stream.Stream; |
| 41 | + |
| 42 | +public class UserWhiteListPlugin implements IAuthorizationPlugin { |
| 43 | + private static final String className = UserWhiteListPlugin.class.getName(); |
| 44 | + private static final Logger LOGGER = Logger.getLogger(className); |
| 45 | + |
| 46 | + private static final String FILE_PARAM = "file"; |
| 47 | + |
| 48 | + private final Set<String> whitelist = new TreeSet<>(); |
| 49 | + |
| 50 | + @Override |
| 51 | + public void load(Map<String, Object> parameters) { |
| 52 | + String filePath; |
| 53 | + |
| 54 | + if ((filePath = (String) parameters.get(FILE_PARAM)) == null) { |
| 55 | + throw new NullPointerException("Missing parameter [" + FILE_PARAM + "] in the configuration"); |
| 56 | + } |
| 57 | + |
| 58 | + // Load whitelist from file to memory. |
| 59 | + try (Stream<String> stream = Files.lines(Paths.get(filePath))) { |
| 60 | + stream.forEach(whitelist::add); |
| 61 | + } catch (IOException e) { |
| 62 | + throw new IllegalArgumentException(String.format("Unable to read the file \"%s\"", filePath), e); |
| 63 | + } |
| 64 | + } |
| 65 | + |
| 66 | + @Override |
| 67 | + public void unload() { |
| 68 | + whitelist.clear(); |
| 69 | + } |
| 70 | + |
| 71 | + private boolean checkWhitelist(HttpServletRequest request) { |
| 72 | + User user; |
| 73 | + String attrName = UserPlugin.REQUEST_ATTR; |
| 74 | + if ((user = (User) request.getAttribute(attrName)) == null) { |
| 75 | + LOGGER.log(Level.WARNING, "cannot get {0} attribute", attrName); |
| 76 | + return false; |
| 77 | + } |
| 78 | + |
| 79 | + return whitelist.contains(user.getUsername()); |
| 80 | + } |
| 81 | + |
| 82 | + @Override |
| 83 | + public boolean isAllowed(HttpServletRequest request, Project project) { |
| 84 | + return checkWhitelist(request); |
| 85 | + } |
| 86 | + |
| 87 | + @Override |
| 88 | + public boolean isAllowed(HttpServletRequest request, Group group) { |
| 89 | + return checkWhitelist(request); |
| 90 | + } |
| 91 | +} |
0 commit comments