Mercurial > hg > tc-symbol-server

changeset 35:2d2f54daf202 auth

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
single url format
author Evgeniy.Koshkin
date Fri, 23 Aug 2013 16:27:59 +0400
parents b983676b66f9
children 53abede95333
files common/src/jetbrains/buildServer/symbols/SymbolsConstants.java server/src/jetbrains/buildServer/symbols/DownloadSymbolsController.java tests/src/PdbFilePatcherTest.java tests/src/PdbStrExeTest.java
diffstat 4 files changed, 48 insertions(+), 4 deletions(-) [+]
line wrap: on
line diff
--- a/common/src/jetbrains/buildServer/symbols/SymbolsConstants.java	Tue Aug 13 15:53:37 2013 +0400
+++ b/common/src/jetbrains/buildServer/symbols/SymbolsConstants.java	Fri Aug 23 16:27:59 2013 +0400
@@ -12,4 +12,7 @@
 
   public static final String APP_SYMBOLS = "app/symbols/";
   public static final String APP_SOURCES = "app/sources/";
+
+  public static final String APP_SYMBOLS_INTERNAL = "app/symbols-internal/";
+  public static final String APP_SOURCES_INTERNAL = "app/sources-internal/";
 }
--- a/server/src/jetbrains/buildServer/symbols/DownloadSymbolsController.java	Tue Aug 13 15:53:37 2013 +0400
+++ b/server/src/jetbrains/buildServer/symbols/DownloadSymbolsController.java	Fri Aug 23 16:27:59 2013 +0400
@@ -1,20 +1,26 @@
 package jetbrains.buildServer.symbols;
 
+import jetbrains.buildServer.controllers.AuthorizationInterceptor;
 import jetbrains.buildServer.controllers.BaseController;
 import jetbrains.buildServer.serverSide.SBuild;
 import jetbrains.buildServer.serverSide.SBuildServer;
 import jetbrains.buildServer.serverSide.artifacts.BuildArtifact;
 import jetbrains.buildServer.serverSide.artifacts.BuildArtifactsViewMode;
+import jetbrains.buildServer.serverSide.auth.Permission;
 import jetbrains.buildServer.serverSide.metadata.BuildMetadataEntry;
 import jetbrains.buildServer.serverSide.metadata.MetadataStorage;
+import jetbrains.buildServer.users.SUser;
+import jetbrains.buildServer.users.UserModel;
 import jetbrains.buildServer.util.FileUtil;
 import jetbrains.buildServer.web.openapi.WebControllerManager;
+import jetbrains.buildServer.web.util.SessionUser;
 import jetbrains.buildServer.web.util.WebUtil;
 import org.apache.log4j.Logger;
 import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;
 import org.springframework.web.servlet.ModelAndView;
 
+import javax.servlet.RequestDispatcher;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.BufferedOutputStream;
@@ -28,18 +34,30 @@
 public class DownloadSymbolsController extends BaseController {
 
   private static final String APP_SYMBOLS = "/" + SymbolsConstants.APP_SYMBOLS;
+  private static final String APP_SYMBOLS_INTERNAL = "/" + SymbolsConstants.APP_SYMBOLS_INTERNAL;
 
   private static final String COMPRESSED_FILE_EXTENSION = "pd_";
   private static final String FILE_POINTER_FILE_EXTENSION = "ptr";
 
   private static final Logger LOG = Logger.getLogger(DownloadSymbolsController.class);
 
+  @NotNull
+  private final UserModel myUserModel;
   @NotNull private final MetadataStorage myBuildMetadataStorage;
 
-  public DownloadSymbolsController(@NotNull SBuildServer server, @NotNull WebControllerManager controllerManager, @NotNull MetadataStorage buildMetadataStorage) {
+  public DownloadSymbolsController(@NotNull SBuildServer server,
+                                   @NotNull WebControllerManager controllerManager,
+                                   @NotNull AuthorizationInterceptor authInterceptor,
+                                   @NotNull UserModel userModel,
+                                   @NotNull MetadataStorage buildMetadataStorage) {
     super(server);
+    myUserModel = userModel;
     myBuildMetadataStorage = buildMetadataStorage;
-    controllerManager.registerController(APP_SYMBOLS + "**", this);
+    final String path = APP_SYMBOLS + "**";
+    controllerManager.registerController(path, this);
+    authInterceptor.addPathNotRequiringAuth(path);
+    final String internalPath = APP_SYMBOLS_INTERNAL + "**";
+    controllerManager.registerController(internalPath, this);
   }
 
   @Nullable
@@ -61,6 +79,29 @@
       return null;
     }
 
+    final SUser user = SessionUser.getUser(request);
+    if (user != null && !user.isPermissionGrantedGlobally(Permission.VIEW_BUILD_RUNTIME_DATA)) {
+      response.sendError(HttpServletResponse.SC_FORBIDDEN, "You have no permissions to download PDB files.");
+      return null;
+    } else {
+      if (!myServer.getLoginConfiguration().isGuestLoginAllowed() || !myUserModel.getGuestUser().isPermissionGrantedGlobally(Permission.VIEW_BUILD_RUNTIME_DATA)) {
+
+        String authRequiredUrl;
+        final String contextPath = request.getContextPath();
+        if(requestURI.startsWith(contextPath))
+          authRequiredUrl = WebUtil.HTTP_AUTH_PREFIX + requestURI.substring(contextPath.length() + 1);
+        else
+          authRequiredUrl = WebUtil.HTTP_AUTH_PREFIX + requestURI.substring(1);
+
+        authRequiredUrl = authRequiredUrl.replace(APP_SYMBOLS, APP_SYMBOLS_INTERNAL);
+
+        LOG.debug("Unauthorized access to PDB files is denied. Forwarding request to auth-required URL " + authRequiredUrl);
+        final RequestDispatcher dispatcher = request.getRequestDispatcher(authRequiredUrl);
+        dispatcher.forward(request, response);
+        return null;
+      }
+    }
+
     final String valuableUriPart = requestURI.substring(requestURI.indexOf(APP_SYMBOLS) + APP_SYMBOLS.length());
     final int firstDelimiterPosition = valuableUriPart.indexOf('/');
     final String fileName = valuableUriPart.substring(0, firstDelimiterPosition);
--- a/tests/src/PdbFilePatcherTest.java	Tue Aug 13 15:53:37 2013 +0400
+++ b/tests/src/PdbFilePatcherTest.java	Fri Aug 23 16:27:59 2013 +0400
@@ -1,7 +1,7 @@
-import com.intellij.openapi.util.io.FileUtil;
 import jetbrains.buildServer.BaseTestCase;
 import jetbrains.buildServer.symbols.PdbFilePatcher;
 import jetbrains.buildServer.symbols.SrcSrvStreamBuilder;
+import jetbrains.buildServer.util.FileUtil;
 import org.testng.annotations.BeforeMethod;
 import org.testng.annotations.Test;
 
--- a/tests/src/PdbStrExeTest.java	Tue Aug 13 15:53:37 2013 +0400
+++ b/tests/src/PdbStrExeTest.java	Fri Aug 23 16:27:59 2013 +0400
@@ -14,11 +14,11 @@
  * limitations under the License.
  */
 
-import com.intellij.openapi.util.io.FileUtil;
 import jetbrains.buildServer.BaseTestCase;
 import jetbrains.buildServer.ExecResult;
 import jetbrains.buildServer.symbols.tools.PdbStrExe;
 import jetbrains.buildServer.symbols.tools.PdbStrExeCommands;
+import jetbrains.buildServer.util.FileUtil;
 import org.testng.annotations.BeforeMethod;
 import org.testng.annotations.Test;