Package sonia.scm.web.filter

Class PermissionFilter

java.lang.Object
sonia.scm.repository.spi.ScmProviderHttpServletDecorator
sonia.scm.web.filter.PermissionFilter
All Implemented Interfaces:
ScmProviderHttpServlet
public abstract class PermissionFilter extends ScmProviderHttpServletDecorator
Abstract http filter to check repository permissions.

  • Constructor Summary

    Constructors
    Modifier
    Constructor
    Description
    protected
    PermissionFilter(ScmConfiguration configuration, ScmProviderHttpServlet delegate)
     

  • Method Summary

    Modifier and Type
    Method
    Description
    static boolean
    hasPermission(Repository repository, boolean writeRequest)
    Returns true if the current user has the required permissions.
    protected abstract boolean
    isWriteRequest(jakarta.servlet.http.HttpServletRequest request)
    Returns true if the current request is a write request.
    protected void
    sendNotEnoughPrivilegesError(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
    Sends a "not enough privileges" error back to client.
    protected void
    sendUnauthorizedError(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
    Sends an unauthorized error back to client.
    void
    service(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, Repository repository)
    Checks the permission for the requested repository.

    Methods inherited from class sonia.scm.repository.spi.ScmProviderHttpServletDecorator

    init

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

  • Method Details

    • isWriteRequest

      protected abstract boolean isWriteRequest(jakarta.servlet.http.HttpServletRequest request)
      Returns true if the current request is a write request.
      Parameters:
      request -
      Returns:
      returns true if the current request is a write request

    • service

      public void service(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, Repository repository) throws IOException, jakarta.servlet.ServletException
      Checks the permission for the requested repository. If the user has enough permission, then the filter chain is called.
      Specified by:
      service in interface ScmProviderHttpServlet
      Overrides:
      service in class ScmProviderHttpServletDecorator
      Parameters:
      request - http request
      response - http response
      Throws:
      IOException
      jakarta.servlet.ServletException

    • sendNotEnoughPrivilegesError

      protected void sendNotEnoughPrivilegesError(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws IOException
      Sends a "not enough privileges" error back to client.
      Parameters:
      request - http request
      response - http response
      Throws:
      IOException

    • sendUnauthorizedError

      protected void sendUnauthorizedError(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response) throws IOException
      Sends an unauthorized error back to client.
      Parameters:
      request - http request
      response - http response
      Throws:
      IOException

    • hasPermission

      public static boolean hasPermission(Repository repository, boolean writeRequest)
      Returns true if the current user has the required permissions.
      Parameters:
      repository - repository for the permissions check
      writeRequest - true if request is a write request
      Returns:
      true if the current user has the required permissions