1. Project Clover database Tue Dec 20 2016 21:24:09 CET
  2. Package org.xwiki.vfs.internal

File DefaultVfsPermissionChecker.java

 

Coverage histogram

../../../../img/srcFileCovDistChart10.png
0% of files have more coverage

Code metrics

2
2
1
1
57
25
2
1
2
1
2

Classes

Class Line # Actions
DefaultVfsPermissionChecker 41 2 0% 2 0
1.0100%
 

Contributing tests

This file is covered by 2 tests. .

Source view

1    /*
2    * See the NOTICE file distributed with this work for additional
3    * information regarding copyright ownership.
4    *
5    * This is free software; you can redistribute it and/or modify it
6    * under the terms of the GNU Lesser General Public License as
7    * published by the Free Software Foundation; either version 2.1 of
8    * the License, or (at your option) any later version.
9    *
10    * This software is distributed in the hope that it will be useful,
11    * but WITHOUT ANY WARRANTY; without even the implied warranty of
12    * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13    * Lesser General Public License for more details.
14    *
15    * You should have received a copy of the GNU Lesser General Public
16    * License along with this software; if not, write to the Free
17    * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
18    * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
19    */
20    package org.xwiki.vfs.internal;
21   
22    import javax.inject.Inject;
23    import javax.inject.Singleton;
24   
25    import org.xwiki.component.annotation.Component;
26    import org.xwiki.security.authorization.ContextualAuthorizationManager;
27    import org.xwiki.security.authorization.Right;
28    import org.xwiki.vfs.VfsException;
29    import org.xwiki.vfs.VfsPermissionChecker;
30    import org.xwiki.vfs.VfsResourceReference;
31   
32    /**
33    * Generic Permission checked used when there's no scheme-specific Permission Checker and that verifies that the current
34    * user has Programming Rights.
35    *
36    * @version $Id: 6adc734ee7ea841f48b67b4c4489f7919c25bba7 $
37    * @since 7.4M2
38    */
39    @Component
40    @Singleton
 
41    public class DefaultVfsPermissionChecker implements VfsPermissionChecker
42    {
43    @Inject
44    private ContextualAuthorizationManager authorizationManager;
45   
 
46  2 toggle @Override
47    public void checkPermission(VfsResourceReference resourceReference) throws VfsException
48    {
49    // By default we only allow VFS access when the current user has Programming Rights, for security reason.
50    // Without this a wiki user could access the local filesystem for example by using the File URI scheme.
51  2 if (!this.authorizationManager.hasAccess(Right.PROGRAM)) {
52  1 throw new VfsException(String.format(
53    "Current logged-in user needs to have Programming Rights to use the [%s] VFS",
54    resourceReference.getURI().getScheme()));
55    }
56    }
57    }