Package sonia.scm.web.filter
Class PermissionFilter
java.lang.Object
sonia.scm.repository.spi.ScmProviderHttpServletDecorator
sonia.scm.web.filter.PermissionFilter
- All Implemented Interfaces:
ScmProviderHttpServlet
Abstract http filter to check repository permissions.
-
Constructor Summary
ConstructorsModifierConstructorDescriptionprotected
PermissionFilter
(ScmConfiguration configuration, ScmProviderHttpServlet delegate) -
Method Summary
Modifier and TypeMethodDescriptionstatic boolean
hasPermission
(Repository repository, boolean writeRequest) Returns true if the current user has the required permissions.protected abstract boolean
isWriteRequest
(jakarta.servlet.http.HttpServletRequest request) Returns true if the current request is a write request.protected void
sendNotEnoughPrivilegesError
(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) Sends a "not enough privileges" error back to client.protected void
sendUnauthorizedError
(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) Sends an unauthorized error back to client.void
service
(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, Repository repository) Checks the permission for the requested repository.Methods inherited from class sonia.scm.repository.spi.ScmProviderHttpServletDecorator
init
-
Constructor Details
-
PermissionFilter
- Since:
- 1.21
-
-
Method Details
-
isWriteRequest
protected abstract boolean isWriteRequest(jakarta.servlet.http.HttpServletRequest request) Returns true if the current request is a write request.- Parameters:
request
-- Returns:
- returns true if the current request is a write request
-
service
public void service(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, Repository repository) throws IOException, jakarta.servlet.ServletException Checks the permission for the requested repository. If the user has enough permission, then the filter chain is called.- Specified by:
service
in interfaceScmProviderHttpServlet
- Overrides:
service
in classScmProviderHttpServletDecorator
- Parameters:
request
- http requestresponse
- http response- Throws:
IOException
jakarta.servlet.ServletException
-
sendNotEnoughPrivilegesError
protected void sendNotEnoughPrivilegesError(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws IOException Sends a "not enough privileges" error back to client.- Parameters:
request
- http requestresponse
- http response- Throws:
IOException
-
sendUnauthorizedError
protected void sendUnauthorizedError(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws IOException Sends an unauthorized error back to client.- Parameters:
request
- http requestresponse
- http response- Throws:
IOException
-
hasPermission
Returns true if the current user has the required permissions.- Parameters:
repository
- repository for the permissions checkwriteRequest
- true if request is a write request- Returns:
- true if the current user has the required permissions
-