1 |
|
|
2 |
|
|
3 |
|
|
4 |
|
|
5 |
|
|
6 |
|
|
7 |
|
|
8 |
|
|
9 |
|
|
10 |
|
|
11 |
|
|
12 |
|
|
13 |
|
|
14 |
|
|
15 |
|
|
16 |
|
|
17 |
|
|
18 |
|
|
19 |
|
|
20 |
|
package com.xpn.xwiki.user.impl.xwiki; |
21 |
|
|
22 |
|
import java.security.Principal; |
23 |
|
|
24 |
|
import org.apache.commons.lang3.StringUtils; |
25 |
|
import org.securityfilter.realm.SimplePrincipal; |
26 |
|
import org.slf4j.Logger; |
27 |
|
import org.slf4j.LoggerFactory; |
28 |
|
import org.xwiki.model.reference.DocumentReference; |
29 |
|
import org.xwiki.model.reference.DocumentReferenceResolver; |
30 |
|
|
31 |
|
import com.xpn.xwiki.XWikiContext; |
32 |
|
import com.xpn.xwiki.user.api.XWikiAuthService; |
33 |
|
import com.xpn.xwiki.user.api.XWikiRightService; |
34 |
|
import com.xpn.xwiki.web.Utils; |
35 |
|
|
36 |
|
|
37 |
|
|
38 |
|
|
39 |
|
@version |
40 |
|
|
|
|
| 81% |
Uncovered Elements: 4 (21) |
Complexity: 6 |
Complexity Density: 0.46 |
|
41 |
|
public abstract class AbstractXWikiAuthService implements XWikiAuthService |
42 |
|
{ |
43 |
|
|
44 |
|
|
45 |
|
|
46 |
|
private static final Logger LOGGER = LoggerFactory.getLogger(AbstractXWikiAuthService.class); |
47 |
|
|
48 |
|
|
49 |
|
|
50 |
|
|
51 |
|
private static final String SUPERADMIN_PASSWORD_CONFIG = "xwiki.superadminpassword"; |
52 |
|
|
53 |
|
|
54 |
|
@param |
55 |
|
|
56 |
|
@return |
57 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (2) |
Complexity: 1 |
Complexity Density: 0.5 |
|
58 |
6374 |
protected boolean isSuperAdmin(String username)... |
59 |
|
{ |
60 |
|
|
61 |
|
|
62 |
|
|
63 |
|
|
64 |
|
|
65 |
|
|
66 |
|
|
67 |
6374 |
DocumentReference documentReference = |
68 |
|
Utils.<DocumentReferenceResolver<String>>getComponent(DocumentReferenceResolver.TYPE_STRING).resolve( |
69 |
|
username); |
70 |
6374 |
return StringUtils.equalsIgnoreCase(documentReference.getName(), XWikiRightService.SUPERADMIN_USER); |
71 |
|
} |
72 |
|
|
73 |
|
|
74 |
|
@param |
75 |
|
@param |
76 |
|
@return |
77 |
|
|
|
|
| 76.5% |
Uncovered Elements: 4 (17) |
Complexity: 5 |
Complexity Density: 0.45 |
|
78 |
3733 |
protected Principal authenticateSuperAdmin(String password, XWikiContext context)... |
79 |
|
{ |
80 |
3733 |
if (LOGGER.isTraceEnabled()) { |
81 |
0 |
LOGGER.trace("Authenticate superadmin"); |
82 |
|
} |
83 |
|
|
84 |
3733 |
Principal principal; |
85 |
|
|
86 |
|
|
87 |
|
|
88 |
3733 |
String superadminpassword = context.getWiki().Param(SUPERADMIN_PASSWORD_CONFIG); |
89 |
3733 |
if ((superadminpassword != null) && (superadminpassword.equals(password))) { |
90 |
3730 |
if (context.isMainWiki()) { |
91 |
3730 |
principal = new SimplePrincipal(XWikiRightService.SUPERADMIN_USER_FULLNAME); |
92 |
|
} else { |
93 |
0 |
principal = |
94 |
|
new SimplePrincipal(context.getMainXWiki() + ":" + XWikiRightService.SUPERADMIN_USER_FULLNAME); |
95 |
|
} |
96 |
|
} else { |
97 |
3 |
principal = null; |
98 |
3 |
context.put("message", "invalidcredentials"); |
99 |
|
} |
100 |
|
|
101 |
3733 |
return principal; |
102 |
|
} |
103 |
|
} |