1 |
|
|
2 |
|
|
3 |
|
|
4 |
|
|
5 |
|
|
6 |
|
|
7 |
|
|
8 |
|
|
9 |
|
|
10 |
|
|
11 |
|
|
12 |
|
|
13 |
|
|
14 |
|
|
15 |
|
|
16 |
|
|
17 |
|
|
18 |
|
|
19 |
|
|
20 |
|
package org.xwiki.security.authorization.internal; |
21 |
|
|
22 |
|
import java.util.Collection; |
23 |
|
import java.util.HashSet; |
24 |
|
import java.util.Set; |
25 |
|
|
26 |
|
import org.apache.commons.lang3.builder.HashCodeBuilder; |
27 |
|
import org.apache.commons.lang3.builder.ToStringBuilder; |
28 |
|
import org.xwiki.model.reference.DocumentReference; |
29 |
|
import org.xwiki.model.reference.DocumentReferenceResolver; |
30 |
|
import org.xwiki.model.reference.WikiReference; |
31 |
|
import org.xwiki.security.GroupSecurityReference; |
32 |
|
import org.xwiki.security.UserSecurityReference; |
33 |
|
import org.xwiki.security.authorization.Right; |
34 |
|
import org.xwiki.security.authorization.RightSet; |
35 |
|
import org.xwiki.security.authorization.RuleState; |
36 |
|
import org.xwiki.security.authorization.SecurityRule; |
37 |
|
import org.xwiki.security.internal.XWikiConstants; |
38 |
|
import org.xwiki.text.XWikiToStringStyle; |
39 |
|
|
40 |
|
import com.xpn.xwiki.objects.BaseObject; |
41 |
|
import com.xpn.xwiki.objects.classes.GroupsClass; |
42 |
|
import com.xpn.xwiki.objects.classes.LevelsClass; |
43 |
|
import com.xpn.xwiki.objects.classes.UsersClass; |
44 |
|
|
45 |
|
|
46 |
|
|
47 |
|
|
48 |
|
|
49 |
|
@version |
50 |
|
@since |
51 |
|
|
|
|
| 82.6% |
Uncovered Elements: 12 (69) |
Complexity: 24 |
Complexity Density: 0.62 |
|
52 |
|
public final class XWikiSecurityRule implements SecurityRule |
53 |
|
{ |
54 |
|
|
55 |
|
private final Set<DocumentReference> users = new HashSet<DocumentReference>(); |
56 |
|
|
57 |
|
|
58 |
|
private final Set<DocumentReference> groups = new HashSet<DocumentReference>(); |
59 |
|
|
60 |
|
|
61 |
|
private final RightSet rights = new RightSet(); |
62 |
|
|
63 |
|
|
64 |
|
private final RuleState state; |
65 |
|
|
66 |
|
|
67 |
|
|
68 |
|
@param |
69 |
|
@param |
70 |
|
@param |
71 |
|
@param |
72 |
|
|
|
|
| 70% |
Uncovered Elements: 3 (10) |
Complexity: 3 |
Complexity Density: 0.5 |
|
73 |
1384 |
protected XWikiSecurityRule(Set<Right> rights, RuleState state, Collection<DocumentReference> users,... |
74 |
|
Collection<DocumentReference> groups) |
75 |
|
{ |
76 |
1384 |
if (users != null) { |
77 |
1382 |
this.users.addAll(users); |
78 |
|
} |
79 |
1384 |
if (groups != null) { |
80 |
0 |
this.groups.addAll(groups); |
81 |
|
} |
82 |
1384 |
this.rights.addAll(rights); |
83 |
1384 |
this.state = state; |
84 |
|
} |
85 |
|
|
86 |
|
|
87 |
|
|
88 |
|
|
89 |
|
@param |
90 |
|
@param |
91 |
|
@param |
92 |
|
@param |
93 |
|
@throws |
94 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (22) |
Complexity: 7 |
Complexity Density: 0.5 |
|
95 |
243 |
private XWikiSecurityRule(BaseObject obj, DocumentReferenceResolver<String> resolver,... |
96 |
|
WikiReference wikiReference, boolean disableEditRight) |
97 |
|
{ |
98 |
243 |
state = (obj.getIntValue(XWikiConstants.ALLOW_FIELD_NAME) == 1) ? RuleState.ALLOW : RuleState.DENY; |
99 |
|
|
100 |
243 |
for (String level : LevelsClass.getListFromString(obj.getStringValue(XWikiConstants.LEVELS_FIELD_NAME))) { |
101 |
250 |
Right right = Right.toRight(level); |
102 |
250 |
if (right != Right.ILLEGAL && (!disableEditRight || right != Right.EDIT)) { |
103 |
248 |
rights.add(right); |
104 |
|
} |
105 |
|
} |
106 |
|
|
107 |
|
|
108 |
243 |
if (rights.size() > 0) { |
109 |
241 |
for (String user : UsersClass.getListFromString(obj.getStringValue(XWikiConstants.USERS_FIELD_NAME))) { |
110 |
211 |
DocumentReference ref = resolver.resolve(user, wikiReference); |
111 |
211 |
if (XWikiConstants.GUEST_USER.equals(ref.getName())) { |
112 |
|
|
113 |
|
|
114 |
|
|
115 |
101 |
ref = null; |
116 |
|
} |
117 |
211 |
this.users.add(ref); |
118 |
|
} |
119 |
|
|
120 |
241 |
for (String group : GroupsClass.getListFromString(obj.getStringValue(XWikiConstants.GROUPS_FIELD_NAME))) { |
121 |
76 |
DocumentReference ref = resolver.resolve(group, wikiReference); |
122 |
76 |
this.groups.add(ref); |
123 |
|
} |
124 |
|
} |
125 |
|
} |
126 |
|
|
127 |
|
|
128 |
|
|
129 |
|
@param |
130 |
|
@param |
131 |
|
@param |
132 |
|
@param |
133 |
|
@return |
134 |
|
@throws |
135 |
|
|
|
|
| 80% |
Uncovered Elements: 2 (10) |
Complexity: 4 |
Complexity Density: 0.67 |
|
136 |
243 |
static SecurityRule createNewRule(BaseObject obj, DocumentReferenceResolver<String> resolver,... |
137 |
|
WikiReference wikiReference, boolean disableEditRight) throws IllegalArgumentException |
138 |
|
{ |
139 |
243 |
XWikiSecurityRule rule = new XWikiSecurityRule(obj, resolver, wikiReference, disableEditRight); |
140 |
|
|
141 |
243 |
if (rule.rights.size() == 0) { |
142 |
2 |
throw new IllegalArgumentException("No rights to build this rule."); |
143 |
|
} |
144 |
|
|
145 |
241 |
if (rule.users.size() == 0 && rule.groups.size() == 0) { |
146 |
0 |
throw new IllegalArgumentException("No user/group to build this rule."); |
147 |
|
} |
148 |
|
|
149 |
241 |
return rule; |
150 |
|
} |
151 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
152 |
51733 |
@Override... |
153 |
|
public boolean match(Right right) |
154 |
|
{ |
155 |
51734 |
return rights.contains(right); |
156 |
|
} |
157 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
158 |
1839 |
@Override... |
159 |
|
public boolean match(GroupSecurityReference group) |
160 |
|
{ |
161 |
1839 |
return groups.contains(group.getOriginalReference()); |
162 |
|
} |
163 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
164 |
4098 |
@Override... |
165 |
|
public boolean match(UserSecurityReference user) |
166 |
|
{ |
167 |
4099 |
return users.contains(user.getOriginalReference()); |
168 |
|
} |
169 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
170 |
8197 |
@Override... |
171 |
|
public RuleState getState() |
172 |
|
{ |
173 |
8197 |
return state; |
174 |
|
} |
175 |
|
|
|
|
| 60% |
Uncovered Elements: 4 (10) |
Complexity: 4 |
Complexity Density: 0.67 |
|
176 |
55 |
@Override... |
177 |
|
public boolean equals(Object object) |
178 |
|
{ |
179 |
55 |
if (object == this) { |
180 |
0 |
return true; |
181 |
|
} |
182 |
55 |
if (object == null || object.getClass() != getClass()) { |
183 |
0 |
return false; |
184 |
|
} |
185 |
|
|
186 |
55 |
XWikiSecurityRule other = (XWikiSecurityRule) object; |
187 |
|
|
188 |
55 |
return state == other.state |
189 |
|
&& rights.equals(other.rights) |
190 |
|
&& users.equals(other.users) |
191 |
|
&& groups.equals(other.groups); |
192 |
|
} |
193 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (1) |
Complexity: 1 |
Complexity Density: 1 |
|
194 |
330 |
@Override... |
195 |
|
public int hashCode() |
196 |
|
{ |
197 |
330 |
return new HashCodeBuilder() |
198 |
|
.append(state) |
199 |
|
.append(rights) |
200 |
|
.append(users) |
201 |
|
.append(groups) |
202 |
|
.toHashCode(); |
203 |
|
} |
204 |
|
|
|
|
| 0% |
Uncovered Elements: 2 (2) |
Complexity: 1 |
Complexity Density: 0.5 |
|
205 |
0 |
@Override... |
206 |
|
public String toString() |
207 |
|
{ |
208 |
0 |
ToStringBuilder builder = new ToStringBuilder(this, new XWikiToStringStyle()); |
209 |
|
|
210 |
0 |
return builder |
211 |
|
.append("State", state) |
212 |
|
.append("Rights", rights) |
213 |
|
.append("Users", users) |
214 |
|
.append("Groups", groups) |
215 |
|
.toString(); |
216 |
|
} |
217 |
|
} |