Commits

Sebastian Sdorra committed dc46a00

improve remember me

Comments (0)

Files changed (11)

scm-core/src/main/java/sonia/scm/repository/PermissionUtil.java

 
     Subject subject = SecurityUtils.getSubject();
 
-    if (subject.isAuthenticated())
+    if (subject.isAuthenticated() || subject.isRemembered())
     {
       String username = subject.getPrincipal().toString();
 

scm-core/src/main/java/sonia/scm/util/SecurityUtil.java

   {
     Subject subject = SecurityUtils.getSubject();
 
-    if (!subject.isAuthenticated())
+    if (!subject.hasRole(Role.USER))
     {
       throw new ScmSecurityException("user is not authenticated");
     }

scm-core/src/main/java/sonia/scm/web/filter/PermissionFilter.java

 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import sonia.scm.security.Role;
 
 /**
  * Abstract http filter to check repository permissions.
   private void sendAccessDenied(HttpServletResponse response, Subject subject)
     throws IOException
   {
-    if (subject.isAuthenticated())
+    if (subject.hasRole(Role.USER))
     {
       response.sendError(HttpServletResponse.SC_FORBIDDEN);
     }

scm-plugin-backend/src/main/java/sonia/scm/plugin/rest/SubjectWrapper.java

   {
     String name;
 
-    if (subject.isAuthenticated())
+    if (subject.isAuthenticated() || subject.isRemembered())
     {
       name = (String) subject.getPrincipal();
     }
    */
   public boolean isAuthenticated()
   {
-    return subject.isAuthenticated();
+    return subject.isAuthenticated() || subject.isRemembered();
   }
 
   //~--- fields ---------------------------------------------------------------

scm-samples/scm-sample-hello/src/main/java/sample/hello/HelloResource.java

     Subject subject = SecurityUtils.getSubject();
     String displayName = "Unknown";
 
-    if (subject.isAuthenticated())
+    if (subject.isAuthenticated() || subject.isRemembered())
     {
       displayName =
         subject.getPrincipals().oneByType(User.class).getDisplayName();

scm-webapp/src/main/java/sonia/scm/api/rest/resources/ChangePasswordResource.java

 import javax.ws.rs.WebApplicationException;
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
+import sonia.scm.security.Role;
 
 /**
  *
     Response response = null;
     Subject subject = SecurityUtils.getSubject();
 
-    if (!subject.isAuthenticated())
+    if (!subject.hasRole(Role.USER))
     {
       throw new ScmSecurityException("user is not authenticated");
     }

scm-webapp/src/main/java/sonia/scm/filter/SecurityFilter.java

         chain.doFilter(new SecurityHttpServletRequestWrapper(request,
           getUser(subject)), response);
       }
-      else if (subject.isAuthenticated())
+      else if (subject.isAuthenticated() || subject.isRemembered())
       {
         response.sendError(HttpServletResponse.SC_FORBIDDEN);
       }
    */
   protected boolean hasPermission(Subject subject)
   {
-    return ((configuration != null)
-      && configuration.isAnonymousAccessEnabled()) || subject.isAuthenticated();
+    return ((configuration != null) && configuration.isAnonymousAccessEnabled()) || subject.isAuthenticated() || subject.isRemembered();
   }
 
   /**
   {
     User user = null;
 
-    if (subject.isAuthenticated())
+    if (subject.isAuthenticated() || subject.isRemembered())
     {
       user = subject.getPrincipals().oneByType(User.class);
     }

scm-webapp/src/main/java/sonia/scm/search/SearchHandler.java

 
 import javax.ws.rs.WebApplicationException;
 import javax.ws.rs.core.Response.Status;
+import sonia.scm.security.Role;
 
 /**
  *
   {
     Subject subject = SecurityUtils.getSubject();
 
-    if (!subject.isAuthenticated())
+    if (!subject.hasRole(Role.USER))
     {
       throw new ScmSecurityException("Authentication is required");
     }

scm-webapp/src/main/java/sonia/scm/user/DefaultUserManager.java

 
     Subject subject = SecurityUtils.getSubject();
 
-    if (!subject.isAuthenticated())
+    if (!subject.hasRole(Role.USER))
     {
       throw new ScmSecurityException("user is not authenticated");
     }

scm-webapp/src/main/java/sonia/scm/web/security/BasicSecurityContext.java

     T result = null;
     Subject subject = SecurityUtils.getSubject();
 
-    if (subject.isAuthenticated())
+    if (subject.isAuthenticated() ||  subject.isRemembered())
     {
       PrincipalCollection pc = subject.getPrincipals();
 

scm-webapp/src/main/java/sonia/scm/web/security/DefaultAdministrationContext.java

     {
       String username = null;
 
-      if (subject.isAuthenticated())
+      if (subject.hasRole(Role.USER))
       {
         username = principal;
       }
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.