[Scmwebeditor-commits] 01/05: PRemière passe pour un peu factoriser le code (mais il reste encore pas mal à faire : utiliser un objet pour représenter un authentification plutôt que d'utiliser des paramètres login-password)

This is an automated email from the git hooks/post-receive script. New commit to branch feature/3879 in repository scmwebeditor. See http://git.nuiton.org/scmwebeditor.git commit 20f0add006bb17e4a323dc5a3c5989f64f46a763 Author: Tony CHEMIT <chemit@codelutin.com> Date: Sun Feb 14 17:16:34 2016 +0100 PRemière passe pour un peu factoriser le code (mais il reste encore pas mal à faire : utiliser un objet pour représenter un authentification plutôt que d'utiliser des paramètres login-password) --- .../org/nuiton/scmwebeditor/uiweb/ScmSession.java | 8 +- .../uiweb/actions/AbstractScmWebEditorAction.java | 69 ++++- .../AbstractScmWebEditorWithAddressAction.java | 331 +++++++++++++++++++++ .../scmwebeditor/uiweb/actions/BrowseAction.java | 124 ++------ .../uiweb/actions/CreateBranchAction.java | 83 ++---- .../uiweb/actions/CreateDirectoryAction.java | 94 ++---- .../uiweb/actions/DownloadFileAction.java | 47 ++- .../scmwebeditor/uiweb/actions/EditAction.java | 117 +------- .../scmwebeditor/uiweb/actions/GetImageAction.java | 19 +- .../uiweb/actions/ListBranchesAction.java | 51 +--- .../scmwebeditor/uiweb/actions/LogoutAction.java | 50 +--- .../scmwebeditor/uiweb/actions/MoveFileAction.java | 91 +----- .../scmwebeditor/uiweb/actions/PreviewAction.java | 13 +- .../uiweb/actions/RemoveDirectoryAction.java | 91 +----- .../uiweb/actions/RemoveFileAction.java | 92 +----- .../scmwebeditor/uiweb/actions/ResetAction.java | 51 +--- .../scmwebeditor/uiweb/actions/SaveAction.java | 6 +- .../uiweb/actions/ScmWebEditorCommitAction.java | 144 +-------- .../uiweb/actions/ScmWebEditorMainAction.java | 54 +--- .../uiweb/actions/UploadFileAction.java | 84 +----- .../uiweb/actions/ViewDiffsAction.java | 106 +------ .../uiweb/actions/ViewImageAction.java | 123 ++------ .../uiweb/actions/ViewRevisionAction.java | 107 +------ 23 files changed, 659 insertions(+), 1296 deletions(-) diff --git a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/ScmSession.java b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/ScmSession.java index ce2ccda..e92d119 100644 --- a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/ScmSession.java +++ b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/ScmSession.java @@ -21,6 +21,8 @@ */ package org.nuiton.scmwebeditor.uiweb; +import org.apache.shiro.authc.UsernamePasswordToken; + import java.util.HashMap; import java.util.Map; @@ -53,6 +55,10 @@ public class ScmSession { scmUsers.put(address, new ScmUser(login, password)); } + public void addScmUser(String repositoryUUID, UsernamePasswordToken usernamePasswordToken) { + scmUsers.put(repositoryUUID, new ScmUser(usernamePasswordToken.getUsername(), new String(usernamePasswordToken.getPassword()))); + } + /** * Removes a user from the list of users * @param address the repository's address @@ -75,6 +81,7 @@ public class ScmSession { } + /** * Gives the password related to the given repository * @param url the repository's address @@ -88,5 +95,4 @@ public class ScmSession { } } - } diff --git a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/AbstractScmWebEditorAction.java b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/AbstractScmWebEditorAction.java index 8e2d845..09fd105 100644 --- a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/AbstractScmWebEditorAction.java +++ b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/AbstractScmWebEditorAction.java @@ -22,24 +22,43 @@ package org.nuiton.scmwebeditor.uiweb.actions; import com.opensymphony.xwork2.ActionContext; -import info.monitorenter.cpdetector.io.*; +import info.monitorenter.cpdetector.io.ASCIIDetector; +import info.monitorenter.cpdetector.io.ByteOrderMarkDetector; +import info.monitorenter.cpdetector.io.CodepageDetectorProxy; +import info.monitorenter.cpdetector.io.JChardetFacade; +import info.monitorenter.cpdetector.io.ParsingDetector; import org.apache.commons.io.IOUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.struts2.interceptor.ServletRequestAware; +import org.apache.struts2.interceptor.ServletResponseAware; import org.apache.tika.exception.TikaException; import org.apache.tika.metadata.Metadata; import org.apache.tika.parser.AutoDetectParser; import org.apache.tika.sax.BodyContentHandler; +import org.nuiton.scmwebeditor.api.ScmConnection; import org.nuiton.scmwebeditor.uiweb.ScmSession; import org.nuiton.scmwebeditor.uiweb.ScmWebEditorConfig; import org.nuiton.web.struts2.BaseAction; import org.xml.sax.SAXException; +import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; -import java.io.*; +import javax.servlet.http.HttpServletResponse; +import java.io.ByteArrayInputStream; +import java.io.File; +import java.io.FileInputStream; +import java.io.FileOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.OutputStream; +import java.io.OutputStreamWriter; +import java.io.Reader; +import java.io.Writer; import java.net.MalformedURLException; import java.nio.charset.Charset; +import java.text.Normalizer; import java.util.Arrays; import java.util.Map; import java.util.Properties; @@ -47,7 +66,7 @@ import java.util.Properties; /** * Base for all the other actions */ -public abstract class AbstractScmWebEditorAction extends BaseAction implements ServletRequestAware { +public abstract class AbstractScmWebEditorAction extends BaseAction implements ServletRequestAware, ServletResponseAware { private static final Log log = LogFactory.getLog(AbstractScmWebEditorAction.class); @@ -64,6 +83,9 @@ public abstract class AbstractScmWebEditorAction extends BaseAction implements S /** the HTTP request received by the server */ protected transient HttpServletRequest request; + /** the HTTP response to send to the client */ + protected transient HttpServletResponse response; + /** the name of the SCM to use for the given repository */ protected String scmType; @@ -355,6 +377,30 @@ public abstract class AbstractScmWebEditorAction extends BaseAction implements S return scmSession; } + protected String getRepositoryUUID(ScmConnection scmConnection, String address) { + + String repositoryUUID = scmConnection.getRepositoryId(); + if (repositoryUUID == null) { + repositoryUUID = address.replace(' ', '_'); + repositoryUUID = Normalizer.normalize(repositoryUUID, Normalizer.Form.NFD).replaceAll("[\u0300-\u036F]", ""); + } + + return repositoryUUID; + + } + + protected void removeRepositoryCookie(String repositoryUUID) { + for (Cookie c : request.getCookies()) { + if (c.getName().equals(repositoryUUID)) { + c.setMaxAge(0);//On supprime le cookie + response.addCookie(c); + if (log.isDebugEnabled()) { + log.debug("Cookie supprimé"); + } + } + } + } + /** * Reads the information in the session to give the username and the password for a given repository if necessary * @param repositoryUUID the ID of the repository to connect to @@ -399,6 +445,16 @@ public abstract class AbstractScmWebEditorAction extends BaseAction implements S return usernamePw; } + protected void removeRepositoryFromCache(String repositoryUUID) { + + // deleting the cookies for this repository + removeRepositoryCookie(repositoryUUID); + + // remove it from user session + getScmSession().delScmUser(repositoryUUID); + + } + public String getUsername(String url) { return getScmSession().getUsername(url); } @@ -410,9 +466,12 @@ public abstract class AbstractScmWebEditorAction extends BaseAction implements S public String getSweVersion() { return ScmWebEditorConfig.getVersion(); } @Override - public void setServletRequest(HttpServletRequest request) { + public final void setServletRequest(HttpServletRequest request) { this.request = request; } - + @Override + public final void setServletResponse(HttpServletResponse response) { + this.response = response; + } } diff --git a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/AbstractScmWebEditorWithAddressAction.java b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/AbstractScmWebEditorWithAddressAction.java new file mode 100644 index 0000000..0cb136c --- /dev/null +++ b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/AbstractScmWebEditorWithAddressAction.java @@ -0,0 +1,331 @@ +package org.nuiton.scmwebeditor.uiweb.actions; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.shiro.authc.UsernamePasswordToken; +import org.apache.shiro.codec.Base64; +import org.apache.shiro.crypto.BlowfishCipherService; +import org.nuiton.scmwebeditor.api.ScmConnection; +import org.nuiton.scmwebeditor.api.ScmFileManager; +import org.nuiton.scmwebeditor.api.ScmProvider; +import org.nuiton.scmwebeditor.uiweb.ScmWebEditorConfig; + +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpSession; +import java.io.File; +import java.io.UnsupportedEncodingException; +import java.util.Optional; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +/** + * Created on 13/02/16. + * + * @author Tony Chemit - chemit@codelutin.com + */ +public class AbstractScmWebEditorWithAddressAction extends AbstractScmWebEditorAction { + + /** Logger. */ + private static final Log log = LogFactory.getLog(AbstractScmWebEditorWithAddressAction.class); + + /** the username to use to connect to the repository */ + private String username; + + /** the password to use to connect to the repository */ + private String pw; + + /** the repository's address */ + private String address; + + private ScmAuthenticatedUrl authenticatedUrl; + + private ScmProvider scmProvider; + + private String sessionId; + + private String pathToLocalRepos; + + private ScmConnection scmConnection; + + private ScmFileManager scmFileManager; + + protected ScmFileManager getScmFileManager() { + if (scmFileManager == null) { + scmFileManager = getScmProvider().getFileManager(getScmConnection()); + } + return scmFileManager; + } + + public String getUsername() { + return username; + } + + public void setUsername(String username) { + this.username = username; + } + + public String getPw() { + return pw; + } + + public void setPw(String pw) { + this.pw = pw; + } + + public String getAddress() { + return address; + } + + public void setAddress(String address) { + this.address = address; + } + + protected void initAddress() { + + if (address.endsWith("/")) { + address = address.substring(0, address.lastIndexOf('/')); + } + + authenticatedUrl = getAuthenticatedUrl(address, username, pw); + + address = authenticatedUrl.getUrl(); + username = authenticatedUrl.getUsername(); + pw = authenticatedUrl.getPw(); + + } + + protected String getRepositoryUUID() { + return getRepositoryUUID(getScmConnection(), address); + } + + protected ScmProvider getScmProvider() { + if (scmProvider == null) { + scmProvider = ScmWebEditorConfig.getProvider(scmType); + } + return scmProvider; + } + + protected String getSessionId() { + if (sessionId == null) { + HttpSession session = request.getSession(); + sessionId = session.getId(); + } + return sessionId; + } + + protected String getPathToLocalRepos() { + if (pathToLocalRepos == null) { + String sessionId = getSessionId(); + pathToLocalRepos = ScmWebEditorConfig.getLocalRepositoriesPath() + File.separator + sessionId; + } + return pathToLocalRepos; + } + + protected ScmConnection getScmConnection() { + if (scmConnection == null) { + String pathToLocalRepos = getPathToLocalRepos(); + + scmConnection = getScmProvider().getConnection(address, pathToLocalRepos); + } + return scmConnection; + } + + protected Optional<UsernamePasswordToken> initAuthenticationInformations(String repositoryUUID, boolean readCookie, boolean saveCookie) { + + UsernamePasswordToken token = null; + + if (readCookie) { + + String usernamepwCookie = null; + + for (Cookie c : request.getCookies()) { + if (c.getName().equals(repositoryUUID)) + usernamepwCookie = c.getValue(); + } + + if (usernamepwCookie != null) { + + BlowfishCipherService bf = new BlowfishCipherService(); + + byte[] privateKey = Base64.decode(ScmWebEditorConfig.getKey()); + + String usernameDecode = null; + try { + usernameDecode = new String(bf.decrypt(Base64.decode(usernamepwCookie), privateKey).getBytes(), "UTF-8"); + } catch (UnsupportedEncodingException e) { + if (log.isErrorEnabled()) { + log.error("Can not create a String with UTF-8 encoding"); + } + } + + if (usernameDecode != null) { + String[] resCookie = usernameDecode.split(","); + if (resCookie.length == 2) { + token = new UsernamePasswordToken(resCookie[0], resCookie[1]); + + } + } + } + + + } + + if (saveCookie && token !=null) { + + BlowfishCipherService bf = new BlowfishCipherService(); + + byte[] privateKey = Base64.decode(ScmWebEditorConfig.getKey()); + + Cookie authCookie = null; + + try { + authCookie = new Cookie(repositoryUUID, bf.encrypt((token.getUsername() + "," + new String(token.getPassword())).getBytes("UTF-8"), privateKey).toBase64()); + } catch (UnsupportedEncodingException e) { + if (log.isErrorEnabled()) { + log.error("Can not get bytes from UTF-8 encoding"); + } + } + + if (authCookie != null) { + authCookie.setMaxAge(60 * 60 * 24 * 365); + response.addCookie(authCookie); + } + + } + + String[] usernamePw = getUsernamePwFromSession(repositoryUUID); + username = usernamePw[0]; + pw = usernamePw[1]; + + return Optional.ofNullable(token); + + } + + protected void storeUsernamePasswordToCookie(String repositoryUUID) { + + BlowfishCipherService bf = new BlowfishCipherService(); + + byte[] privateKey = Base64.decode(ScmWebEditorConfig.getKey()); + + if (username != null && pw != null) { + + Cookie authCookie = null; + + try { + authCookie = new Cookie(repositoryUUID, bf.encrypt((username + "," + pw).getBytes("UTF-8"), privateKey).toBase64()); + } catch (UnsupportedEncodingException e) { + if (log.isErrorEnabled()) { + log.error("Can not get bytes from UTF-8 encoding"); + } + } + + if (authCookie != null) { + authCookie.setMaxAge(60 * 60 * 24 * 365); + response.addCookie(authCookie); + } + } + } + + /** + * Reads the information in the session to give the username and the password for a given repository if necessary + * @param repositoryUUID the ID of the repository to connect to + * @return the username to use at position [0] ; the password to use at position [1] + */ + protected String[] getUsernamePwFromSession(String repositoryUUID) { + + String[] usernamePw = new String[2]; + usernamePw[0] = username; + usernamePw[1] = pw; + + if (username == null || pw == null) { + + String login = getScmSession().getUsername(repositoryUUID); + String password = getScmSession().getPassword(repositoryUUID); + + if (login != null && password != null) { + + // getting the authentication information in session + usernamePw[0] = login; + usernamePw[1] = password; + } + } else { + if (username.equals("") || pw.equals("")) { + + String login = getScmSession().getUsername(repositoryUUID); + String password = getScmSession().getPassword(repositoryUUID); + + if (login != null && password != null) { + + // getting the authentication information in session + usernamePw[0] = login; + usernamePw[1] = password; + } + } else { + getScmSession().addScmUser(repositoryUUID, username, pw); + } + } + + return usernamePw; + } + + protected void resetAuthentication() { + username = null; + pw= null; + } + + protected static final Pattern AUTHENTICATED_URL_PATTERN = Pattern.compile("(http[s]://)([^:]+):([^@]+)@(.+)"); + + public static ScmAuthenticatedUrl getAuthenticatedUrl(String url, String username, String pw) { + + Matcher matcher = AUTHENTICATED_URL_PATTERN.matcher(url); + if (matcher.matches()) { + + username = matcher.group(2); + pw = matcher.group(3); + url = matcher.group(1) + matcher.group(4); + } else { + + if (username == null) { + username = "anonymous"; + } + if (pw == null) { + pw = "anonymous"; + } + + } + + return new ScmAuthenticatedUrl(url, username, pw); + } + + public static class ScmAuthenticatedUrl { + + private final String url; + private final String username; + private final String pw; + + + public ScmAuthenticatedUrl(String url, String username, String pw) { + this.url = url; + this.username = username; + this.pw = pw; + } + + public String getUrl() { + return url; + } + + public String getUsername() { + return username; + } + + public String getPw() { + return pw; + } + + public boolean isAuthenticated() { + return !username.equals("anonymous") && !username.equals("") && !pw.equals("anonymous") && !pw.equals(""); + } + + } + +} diff --git a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/BrowseAction.java b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/BrowseAction.java index 4cbe3b9..df692f2 100644 --- a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/BrowseAction.java +++ b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/BrowseAction.java @@ -24,29 +24,20 @@ package org.nuiton.scmwebeditor.uiweb.actions; import com.jgeppert.struts2.jquery.tree.result.TreeNode; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.apache.shiro.codec.Base64; -import org.apache.shiro.crypto.BlowfishCipherService; -import org.apache.struts2.interceptor.ServletResponseAware; +import org.apache.shiro.authc.UsernamePasswordToken; import org.nuiton.scmwebeditor.api.ScmConnection; -import org.nuiton.scmwebeditor.api.ScmProvider; import org.nuiton.scmwebeditor.api.dto.BrowseDto; import org.nuiton.scmwebeditor.api.dto.result.BrowseResultDto; -import org.nuiton.scmwebeditor.uiweb.ScmWebEditorConfig; - -import javax.servlet.http.Cookie; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; -import java.io.File; -import java.io.UnsupportedEncodingException; -import java.text.Normalizer; + import java.util.ArrayList; import java.util.List; import java.util.Map; +import java.util.Optional; /** * Allows to browse through a repository */ -public class BrowseAction extends AbstractScmWebEditorAction implements ServletResponseAware { +public class BrowseAction extends AbstractScmWebEditorWithAddressAction { private static final long serialVersionUID = 4432027215087932750L; @@ -54,15 +45,6 @@ public class BrowseAction extends AbstractScmWebEditorAction implements ServletR public static final String ROOT = "root"; - /** the repository's address */ - protected String address; - - /** the username to connect with */ - protected String username; - - /** the password to connect with */ - protected String pw; - /** equals true when an error occured */ protected boolean error; @@ -81,26 +63,10 @@ public class BrowseAction extends AbstractScmWebEditorAction implements ServletR /** equals true if the SCM is able to use branches */ protected boolean scmSupportsBranches; - /** the HTTP response to send to the client */ - protected transient HttpServletResponse response; - - public boolean getError() { return error; } public void setError(boolean error) { this.error = error; } - public String getAddress() { return address; } - - public void setAddress(String address) { this.address = address; } - - public String getUsername() { return username; } - - public void setUsername(String username) { this.username = username; } - - public String getPw() { return pw; } - - public void setPw(String pw) { this.pw = pw; } - public String getId() { return id; } public String getHeadBranchName() { return headBranchName; } @@ -119,38 +85,24 @@ public class BrowseAction extends AbstractScmWebEditorAction implements ServletR public void setId(String id) { this.id = id; } - - /** - * Execution of the browse action - * @return a code interpreted in the file struts.xml - */ + @Override public String execute() { + if (log.isDebugEnabled()) { log.debug("Enter in browse action"); } - if (address.endsWith("/")) { - address = address.substring(0, address.length() - 1); - } - - if (username == null) { - username = "anonymous"; - } - if (pw == null) { - pw = "anonymous"; - } + initAddress(); // connection to the repository - HttpSession session = request.getSession(); - String sessionId = session.getId(); + ScmConnection scmConn = getScmConnection(); - String pathToLocalRepos = ScmWebEditorConfig.getLocalRepositoriesPath() + File.separator + sessionId; + String repositoryUUID = getRepositoryUUID(); - ScmProvider provider = ScmWebEditorConfig.getProvider(scmType); - ScmConnection scmConn = provider.getConnection(address, pathToLocalRepos); + Optional<UsernamePasswordToken> optionalAuthentication = initAuthenticationInformations(repositoryUUID, false, true); - scmSupportsBranches = provider.supportsBranches(); + scmSupportsBranches = getScmProvider().supportsBranches(); if (scmConn == null) { error = true; @@ -159,10 +111,16 @@ public class BrowseAction extends AbstractScmWebEditorAction implements ServletR // putting all the parameters into a DTO BrowseDto dto = new BrowseDto(); - dto.setUsername(username); - dto.setPassword(pw); + dto.setAddress(getAddress()); + + boolean withAuthentication = optionalAuthentication.isPresent(); + if (withAuthentication) { + + dto.setUsername(optionalAuthentication.get().getUsername()); + dto.setPassword(new String(optionalAuthentication.get().getPassword())); + } + dto.setId(id); - dto.setAddress(address); dto.setSelectedBranch(selectedBranch); BrowseResultDto resultDto = scmConn.browse(dto); @@ -240,50 +198,20 @@ public class BrowseAction extends AbstractScmWebEditorAction implements ServletR } } - // if the repository is not protected for writing, we get its UUID - String repositoryUUID = scmConn.getRepositoryId(); - if (repositoryUUID == null) { - repositoryUUID = address.replace(' ', '_'); - repositoryUUID = Normalizer.normalize(repositoryUUID, Normalizer.Form.NFD).replaceAll("[\u0300-\u036F]", ""); - } - - if (username != null && pw != null) { - if (!username.equals("anonymous") && !username.equals("") && !pw.equals("anonymous") && !pw.equals("")) { - - BlowfishCipherService bf = new BlowfishCipherService(); - byte[] privateKey = Base64.decode(ScmWebEditorConfig.getKey()); - - Cookie authCookie = null; - try { - authCookie = new Cookie(repositoryUUID, bf.encrypt((username + "," + pw).getBytes("UTF-8"), privateKey).toBase64()); - } catch (UnsupportedEncodingException e) { - if (log.isErrorEnabled()) { - log.error("Can not get bytes from UTF-8 encoding"); - } - } - if (authCookie != null) { - authCookie.setMaxAge(60 * 60 * 24 * 365); - response.addCookie(authCookie); - } + if (withAuthentication) { - if (log.isDebugEnabled()) { - log.debug("addscmuser uuid == " + repositoryUUID); - } + storeUsernamePasswordToCookie(repositoryUUID); - getScmSession().addScmUser(repositoryUUID, username, pw); + if (log.isDebugEnabled()) { + log.debug("addscmuser uuid == " + repositoryUUID); } + + getScmSession().addScmUser(repositoryUUID, optionalAuthentication.get()); } return SUCCESS; } - - @Override - public void setServletResponse(HttpServletResponse response) { - this.response = response; - } - - } diff --git a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/CreateBranchAction.java b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/CreateBranchAction.java index 29e86d7..75ccc51 100644 --- a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/CreateBranchAction.java +++ b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/CreateBranchAction.java @@ -23,40 +23,26 @@ package org.nuiton.scmwebeditor.uiweb.actions; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.apache.struts2.interceptor.ServletRequestAware; +import org.apache.shiro.authc.UsernamePasswordToken; import org.nuiton.scmwebeditor.api.OperationNotSupportedException; import org.nuiton.scmwebeditor.api.RepositoryNotFoundException; -import org.nuiton.scmwebeditor.api.ScmConnection; import org.nuiton.scmwebeditor.api.ScmProvider; import org.nuiton.scmwebeditor.api.dto.CreateBranchDto; import org.nuiton.scmwebeditor.api.dto.result.AbstractResultDto; -import org.nuiton.scmwebeditor.uiweb.ScmWebEditorConfig; import javax.naming.AuthenticationException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpSession; -import java.io.File; -import java.text.Normalizer; import java.util.List; +import java.util.Optional; /** * Creates a new branch on the repository */ -public class CreateBranchAction extends AbstractScmWebEditorAction implements ServletRequestAware { +public class CreateBranchAction extends AbstractScmWebEditorWithAddressAction { private static final Log log = LogFactory.getLog(CreateBranchAction.class); public static final String REDIRECT = "redirect"; - /** the username to use to connect to the repository */ - protected String username; - - /** the password to use to connect to the repository */ - protected String pw; - - /** the repository's address */ - protected String address; - /** equals true if there is a problem during the authentication process */ protected boolean badLogin; @@ -72,19 +58,6 @@ public class CreateBranchAction extends AbstractScmWebEditorAction implements Se /** the name of the new branch */ protected String newBranchName; - - public String getUsername() { return username; } - - public void setUsername(String username) { this.username = username; } - - public String getPw() { return pw; } - - public void setPw(String pw) { this.pw = pw; } - - public String getAddress() { return address; } - - public void setAddress(String address) { this.address = address; } - public boolean isBadLogin() { return badLogin; } public void setBadLogin(boolean badLogin) { this.badLogin = badLogin; } @@ -105,34 +78,23 @@ public class CreateBranchAction extends AbstractScmWebEditorAction implements Se public void setNewBranchName(String newBranchName) { this.newBranchName = newBranchName; } - /** - * Execution of the create branch action - * @return a code interpreted in the file struts.xml - */ + @Override public String execute() { - HttpSession session = request.getSession(); - String sessionId = session.getId(); - String pathToLocalRepos = ScmWebEditorConfig.getLocalRepositoriesPath() + File.separator + sessionId; + initAddress(); - ScmProvider provider = ScmWebEditorConfig.getProvider(scmType); + String repositoryUUID = getRepositoryUUID(); - ScmConnection scmConn = provider.getConnection(address, pathToLocalRepos); + Optional<UsernamePasswordToken> optionalAuthentication = initAuthenticationInformations(repositoryUUID, false, false); - // if the repository is not protected for writing, we get its UUID - if (address.endsWith("/")) { - address = address.substring(0, address.lastIndexOf('/')); - } + boolean withAuthentication = optionalAuthentication.isPresent(); - String repositoryUUID = scmConn.getRepositoryId(); - if (repositoryUUID == null) { - repositoryUUID = address.replace(' ', '_'); - repositoryUUID = Normalizer.normalize(repositoryUUID, Normalizer.Form.NFD).replaceAll("[\u0300-\u036F]", ""); - } + String username = withAuthentication ? optionalAuthentication.get().getUsername() : null; + String pw = withAuthentication ? new String(optionalAuthentication.get().getPassword()) : null; + + ScmProvider provider = getScmProvider(); - String[] usernamePw = getUsernamePwFromSession(repositoryUUID, username, pw); - username = usernamePw[0]; - pw = usernamePw[1]; + String address = getAddress(); try { branches = provider.listBranches(address, username, pw); @@ -153,9 +115,11 @@ public class CreateBranchAction extends AbstractScmWebEditorAction implements Se CreateBranchDto dto = new CreateBranchDto(); dto.setAddress(address); dto.setNewBranchName(newBranchName); - dto.setUsername(username); - dto.setPassword(pw); - dto.setPathToLocalRepos(pathToLocalRepos); + if (withAuthentication) { + dto.setUsername(username); + dto.setPassword(pw); + } + dto.setPathToLocalRepos(getPathToLocalRepos()); dto.setSelectedBranch(selectedBranch); String createBranchError; @@ -173,8 +137,8 @@ public class CreateBranchAction extends AbstractScmWebEditorAction implements Se log.error("Authentication problem", e); } badLogin = true; - username = null; - pw = null; + resetAuthentication(); + return LOGIN; } catch (RepositoryNotFoundException e) { if (log.isErrorEnabled()) { @@ -187,8 +151,7 @@ public class CreateBranchAction extends AbstractScmWebEditorAction implements Se if (createBranchError != null) { if (createBranchError.equals(AbstractResultDto.AUTH_ERROR)) { badLogin = true; - username = null; - pw = null; + resetAuthentication(); return LOGIN; } else { error = true; @@ -200,8 +163,4 @@ public class CreateBranchAction extends AbstractScmWebEditorAction implements Se return SUCCESS; } - @Override - public void setServletRequest(HttpServletRequest request) { - this.request = request; - } } diff --git a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/CreateDirectoryAction.java b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/CreateDirectoryAction.java index ee303c6..1ce08ed 100644 --- a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/CreateDirectoryAction.java +++ b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/CreateDirectoryAction.java @@ -21,36 +21,24 @@ */ package org.nuiton.scmwebeditor.uiweb.actions; +import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.struts2.interceptor.ServletRequestAware; import org.nuiton.scmwebeditor.api.ScmConnection; import org.nuiton.scmwebeditor.api.ScmFileManager; -import org.nuiton.scmwebeditor.api.ScmProvider; import org.nuiton.scmwebeditor.api.dto.CreateDirectoryDto; import org.nuiton.scmwebeditor.api.dto.result.CreateDirectoryResultDto; -import org.nuiton.scmwebeditor.uiweb.ScmWebEditorConfig; -import javax.servlet.http.HttpSession; -import java.io.File; -import java.text.Normalizer; +import java.util.Optional; /** * Creates a new directory in the repository */ -public class CreateDirectoryAction extends AbstractScmWebEditorAction implements ServletRequestAware { +public class CreateDirectoryAction extends AbstractScmWebEditorWithAddressAction implements ServletRequestAware { private static final long serialVersionUID = 4244339447567114412L; public static final String REDIRECT = "redirect"; - /** the username to use to connect to the repository */ - protected String username; - - /** the password to use to connect to the repository */ - protected String pw; - - /** the repository's address */ - protected String address; - /** the URL the root of the repository */ protected String scmRoot; @@ -69,31 +57,6 @@ public class CreateDirectoryAction extends AbstractScmWebEditorAction implements /** the full path of the root */ protected String fileRoot; - - public String getUsername() { - return username; - } - - public void setUsername(String username) { - this.username = username; - } - - public String getPw() { - return pw; - } - - public void setPw(String pw) { - this.pw = pw; - } - - public void setAddress(String address) { - this.address = address; - } - - public String getAddress() { - return address; - } - public boolean isBadLogin() { return badLogin; } @@ -124,42 +87,26 @@ public class CreateDirectoryAction extends AbstractScmWebEditorAction implements public void setParentDirectory(String parentDirectory) { this.parentDirectory = parentDirectory; } - /** - * Execution of the create directory action - * @return a code interpreted in the file struts.xml - */ + @Override public String execute() { - HttpSession session = request.getSession(); - String sessionId = session.getId(); - String pathToLocalRepos = ScmWebEditorConfig.getLocalRepositoriesPath() + File.separator + sessionId; + initAddress(); - ScmProvider provider = ScmWebEditorConfig.getProvider(scmType); + String repositoryUUID = getRepositoryUUID(); - ScmConnection scmConn = provider.getConnection(address, pathToLocalRepos); - ScmFileManager scmFileManager = provider.getFileManager(scmConn); + Optional<UsernamePasswordToken> optionalAuthentication = initAuthenticationInformations(repositoryUUID, false, false); - // if the repository is not protected for writing, we get its UUID - if (address.endsWith("/")) { - address = address.substring(0, address.lastIndexOf('/')); - } - - String repositoryUUID = scmConn.getRepositoryId(); - if (repositoryUUID == null) { - repositoryUUID = address.replace(' ', '_'); - repositoryUUID = Normalizer.normalize(repositoryUUID, Normalizer.Form.NFD).replaceAll("[\u0300-\u036F]", ""); - } - - String[] usernamePw = getUsernamePwFromSession(repositoryUUID, username, pw); - username = usernamePw[0]; - pw = usernamePw[1]; + boolean withAuthentication = optionalAuthentication.isPresent(); CreateDirectoryDto dto = new CreateDirectoryDto(); - dto.setUsername(username); - dto.setPassword(pw); + if (withAuthentication) { + dto.setUsername(optionalAuthentication.get().getUsername()); + dto.setPassword(new String(optionalAuthentication.get().getPassword())); + } dto.setDirectoryName(directoryName); dto.setParentDirectory(parentDirectory); + ScmFileManager scmFileManager = getScmFileManager(); CreateDirectoryResultDto resultDto = scmFileManager.createDirectory(dto); if (resultDto.getScmRoot() != null) { @@ -169,11 +116,8 @@ public class CreateDirectoryAction extends AbstractScmWebEditorAction implements fileRoot = resultDto.getFileRoot(); } - if (username != null && pw != null) { - if (username.equals("") && pw.equals("")) { - username = null; - pw = null; - } + if (withAuthentication) { + resetAuthentication(); } @@ -182,19 +126,19 @@ public class CreateDirectoryAction extends AbstractScmWebEditorAction implements String errorMessage = resultDto.getError(); error = true; + ScmConnection scmConn = getScmConnection(); + if (errorMessage.equals(CreateDirectoryResultDto.CONNECTION_FAILED)) { getScmSession().delScmUser(scmConn.getRepositoryId()); - username = null; - pw = null; + resetAuthentication(); return ERROR; } else if (errorMessage.equals(CreateDirectoryResultDto.AUTH_ERROR)) { badLogin = true; - username = null; - pw = null; + resetAuthentication(); getScmSession().delScmUser(scmConn.getRepositoryId()); return LOGIN; diff --git a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/DownloadFileAction.java b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/DownloadFileAction.java index 685497d..498cce9 100644 --- a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/DownloadFileAction.java +++ b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/DownloadFileAction.java @@ -23,58 +23,49 @@ package org.nuiton.scmwebeditor.uiweb.actions; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.apache.shiro.authc.UsernamePasswordToken; import org.nuiton.scmwebeditor.api.ScmConnection; -import org.nuiton.scmwebeditor.api.ScmProvider; -import org.nuiton.scmwebeditor.uiweb.ScmWebEditorConfig; import javax.servlet.ServletOutputStream; -import javax.servlet.http.HttpSession; -import java.io.*; -import java.text.Normalizer; +import java.io.BufferedInputStream; +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.util.Optional; /** * Allows to download the file at the given path */ -public class DownloadFileAction extends ScmWebEditorMainAction { +public class DownloadFileAction extends AbstractScmWebEditorWithAddressAction { private static final Log log = LogFactory.getLog(DownloadFileAction.class); /** the path to the root of the repository */ protected String repositoryRoot; - public String getRepositoryRoot() { return repositoryRoot; } public void setRepositoryRoot(String repositoryRoot) { this.repositoryRoot = repositoryRoot; } - - /** - * Execution of the download file action - * @return a code interpreted in the file struts.xml - */ + @Override public String execute() { - HttpSession session = request.getSession(); - String sessionId = session.getId(); - String pathToLocalRepos = ScmWebEditorConfig.getLocalRepositoriesPath() + File.separator + sessionId; + initAddress(); - ScmProvider provider = ScmWebEditorConfig.getProvider(scmType); - ScmConnection scmConn = provider.getConnection(address, pathToLocalRepos); + String repositoryUUID = getRepositoryUUID(); - // getting the authentication information - // if the repository is not protected for writing, we get its UUID - String repositoryUUID = scmConn.getRepositoryId(); - if (repositoryUUID == null) { - repositoryUUID = address.replace(' ', '_'); - repositoryUUID = Normalizer.normalize(repositoryUUID, Normalizer.Form.NFD).replaceAll("[\u0300-\u036F]", ""); - } + Optional<UsernamePasswordToken> optionalAuthentication = initAuthenticationInformations(repositoryUUID, false, false); + boolean withAuthentication = optionalAuthentication.isPresent(); + + String username = withAuthentication ? optionalAuthentication.get().getUsername() : null; + String pw = withAuthentication ? new String(optionalAuthentication.get().getPassword()) : null; + + ScmConnection scmConn = getScmConnection(); - String[] usernamePw = getUsernamePwFromSession(repositoryUUID, username, pw); - username = usernamePw[0]; - pw = usernamePw[1]; // getting the path to use to download the file - String filePath = scmConn.getFilePath(address, repositoryRoot, username, pw); + String filePath = scmConn.getFilePath(getAddress(), repositoryRoot, username, pw); String filename = filePath.substring(filePath.lastIndexOf('/') + 1); File fileToDownload = new File(filePath); diff --git a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/EditAction.java b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/EditAction.java index 7323cde..84e441c 100644 --- a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/EditAction.java +++ b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/EditAction.java @@ -24,8 +24,7 @@ package org.nuiton.scmwebeditor.uiweb.actions; import org.apache.commons.io.FileUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.apache.shiro.codec.Base64; -import org.apache.shiro.crypto.BlowfishCipherService; +import org.apache.shiro.authc.UsernamePasswordToken; import org.nuiton.scmwebeditor.api.OperationNotSupportedException; import org.nuiton.scmwebeditor.api.ScmConnection; import org.nuiton.scmwebeditor.api.ScmProvider; @@ -34,14 +33,11 @@ import org.nuiton.scmwebeditor.api.dto.result.AbstractResultDto; import org.nuiton.scmwebeditor.uiweb.ScmWebEditorConfig; import javax.naming.AuthenticationException; -import javax.servlet.http.Cookie; -import javax.servlet.http.HttpSession; import java.io.File; import java.io.IOException; -import java.io.UnsupportedEncodingException; -import java.text.Normalizer; import java.util.LinkedList; import java.util.Map; +import java.util.Optional; /** * Allows to edit a file @@ -120,21 +116,15 @@ public class EditAction extends ScmWebEditorMainAction { public void setFileDirectlyAccessible( boolean fileDirectlyAccessible) { this.fileDirectlyAccessible = fileDirectlyAccessible; } - /** - * Execution of the edit action - * @return a code interpreted in the file struts.xml - */ + @Override public String execute() { autoSaveInterval = ScmWebEditorConfig.getAutoSaveInterval(); - HttpSession session = request.getSession(); - String sessionId = session.getId(); + String pathToLocalRepos = getPathToLocalRepos(); - String pathToLocalRepos = ScmWebEditorConfig.getLocalRepositoriesPath() + File.separator + sessionId; - - ScmProvider provider = ScmWebEditorConfig.getProvider(scmType); - ScmConnection scmConn = provider.getConnection(address, pathToLocalRepos); + ScmProvider provider = getScmProvider(); + ScmConnection scmConn = getScmConnection(); fileDirectlyAccessible = provider.filesDirectlyAccessible(); @@ -155,92 +145,25 @@ public class EditAction extends ScmWebEditorMainAction { String originalText = ""; // if the repository is not protected, we get its UUID - String repositoryUUID = scmConn.getRepositoryId(); - if (repositoryUUID == null) { - repositoryUUID = address.replace(' ', '_'); - repositoryUUID = Normalizer.normalize(repositoryUUID, Normalizer.Form.NFD).replaceAll("[\u0300-\u036F]", ""); - } + String repositoryUUID = getRepositoryUUID(); + String address = getAddress(); if (repositoryRoot == null) { repositoryRoot = address.substring(0, address.lastIndexOf('/')); } else if (repositoryRoot.equals("")) { repositoryRoot = address.substring(0, address.lastIndexOf('/')); } - if (log.isDebugEnabled()) { - log.debug("Login : " + username); - } - - - /* - * Reading the cookie - */ - + Optional<UsernamePasswordToken> optionalAuthentication = initAuthenticationInformations(repositoryUUID, false, false); + boolean withAuthentication = optionalAuthentication.isPresent(); - String usernamepwCookie = null; - // read the cookies - - BlowfishCipherService bf = new BlowfishCipherService(); - - byte[] privateKey = Base64.decode(ScmWebEditorConfig.getKey()); - - if (request.getCookies() != null) { - for (Cookie c : request.getCookies()) { - if (c.getName().equals(repositoryUUID)) { - usernamepwCookie = c.getValue(); - } - } - } - - if (usernamepwCookie != null) { - - String usernameDecode = null; - try { - usernameDecode = new String(bf.decrypt(Base64.decode(usernamepwCookie), privateKey).getBytes(), "UTF-8"); - } catch (UnsupportedEncodingException e) { - if (log.isErrorEnabled()) { - log.error("Can not create a String with UTF-8 encoding"); - } - } - - if (usernameDecode != null) { - String[] resCookie = usernameDecode.split(","); - if (resCookie.length == 2) { - username = resCookie[0]; - pw = resCookie[1]; - } - } - } - - if (saveCookie) { - if (username != null && pw != null) { - - if (!username.equals("") && !pw.equals("")) { - - Cookie authCookie = null; - - try { - authCookie = new Cookie(repositoryUUID, bf.encrypt((username + "," + pw).getBytes("UTF-8"), - privateKey).toBase64()); - } catch (UnsupportedEncodingException e) { - if (log.isErrorEnabled()) { - log.error("Can not get a String from UTF-8 encoding"); - } - } - - if (authCookie != null) { - authCookie.setMaxAge(60 * 60 * 24 * 365); - response.addCookie(authCookie); - } - } - } + String username = withAuthentication ? optionalAuthentication.get().getUsername() : null; + String pw = withAuthentication ? new String(optionalAuthentication.get().getPassword()) : null; + if (log.isDebugEnabled()) { + log.debug("Login : " + username + " to repository: " + repositoryUUID); } - // authentication - String[] usernamePw = getUsernamePwFromSession(repositoryUUID, username, pw); - username = usernamePw[0]; - pw = usernamePw[1]; String name = username; String password = pw; @@ -305,18 +228,8 @@ public class EditAction extends ScmWebEditorMainAction { log.debug("Auth Fail ", e); } - // deleting the cookies for this repository - for (Cookie c : request.getCookies()) { - if (c.getName().equals(repositoryUUID)) { - c.setMaxAge(0);//On supprime le cookie - response.addCookie(c); - if (log.isDebugEnabled()) { - log.debug("Cookie supprimé"); - } - } - } + removeRepositoryFromCache(repositoryUUID); - getScmSession().delScmUser(repositoryUUID); //redirect to a login page return LOGIN; } catch (IOException e) { diff --git a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/GetImageAction.java b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/GetImageAction.java index dedb3d4..e64daaa 100644 --- a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/GetImageAction.java +++ b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/GetImageAction.java @@ -23,11 +23,8 @@ package org.nuiton.scmwebeditor.uiweb.actions; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.nuiton.scmwebeditor.uiweb.ScmWebEditorConfig; import javax.imageio.ImageIO; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpSession; import java.awt.image.BufferedImage; import java.io.ByteArrayOutputStream; import java.io.File; @@ -50,10 +47,6 @@ public class GetImageAction extends ScmWebEditorMainAction { /** the path to the image */ protected String imagePath; - /** the HTTP request sent to the server */ - protected HttpServletRequest servletRequest; - - public byte[] getImageInByte() { return imageInByte; } public void setImageInByte(byte[] imageInByte) { @@ -69,18 +62,14 @@ public class GetImageAction extends ScmWebEditorMainAction { public void setImagePath(String imagePath) { this.imagePath = imagePath; } - + @Override public String execute() { return SUCCESS; } public byte[] getCustomImageInBytes() { - - HttpSession session = servletRequest.getSession(); - String sessionId = session.getId(); - - String pathToLocalRepos = ScmWebEditorConfig.getLocalRepositoriesPath() + File.separator + sessionId; + String pathToLocalRepos = getPathToLocalRepos(); if (imagePath.startsWith(pathToLocalRepos)) { @@ -140,8 +129,4 @@ public class GetImageAction extends ScmWebEditorMainAction { return type; } - @Override - public void setServletRequest(HttpServletRequest request) { - servletRequest = request; - } } diff --git a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ListBranchesAction.java b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ListBranchesAction.java index 8f102a6..e9e4540 100644 --- a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ListBranchesAction.java +++ b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ListBranchesAction.java @@ -23,39 +23,26 @@ package org.nuiton.scmwebeditor.uiweb.actions; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.apache.shiro.authc.UsernamePasswordToken; import org.nuiton.scmwebeditor.api.OperationNotSupportedException; import org.nuiton.scmwebeditor.api.ScmProvider; -import org.nuiton.scmwebeditor.uiweb.ScmWebEditorConfig; import java.util.List; +import java.util.Optional; /** * Gives a list of the existing branches on the repository */ -public class ListBranchesAction extends AbstractScmWebEditorAction { +public class ListBranchesAction extends AbstractScmWebEditorWithAddressAction { private static final Log log = LogFactory.getLog(ListBranchesAction.class); - /** the repository's address */ - protected String address; - /** equals true if the SCM is able to use branches */ protected boolean scmSupportsBranches; /** list of the existing branches on the repository */ protected List<String> branches; - /** the username to use to connect to the repository */ - protected String username; - - /** the password to use to connect to the repository */ - protected String pw; - - - public String getAddress() { return address; } - - public void setAddress(String address) { this.address = address; } - public boolean isScmSupportsBranches() { return scmSupportsBranches; } public void setScmSupportsBranches(boolean scmSupportsBranches) { this.scmSupportsBranches = scmSupportsBranches; } @@ -64,34 +51,24 @@ public class ListBranchesAction extends AbstractScmWebEditorAction { public void setBranches(List<String> branches) { this.branches = branches; } - public String getUsername() { return username; } - - public void setUsername(String username) { this.username = username; } - - public String getPw() { return pw; } - - public void setPw(String pw) { this.pw = pw; } - - - /** - * Execution of the list branches action - * @return a code interpreted in the file struts.xml - */ + @Override public String execute() { - if (username == null) { - username = "anonymous"; - } - if (pw == null) { - pw = "anonymous"; - } + initAddress(); + + String repositoryUUID = getRepositoryUUID(); - ScmProvider provider = ScmWebEditorConfig.getProvider(scmType); + Optional<UsernamePasswordToken> optionalAuthentication = initAuthenticationInformations(repositoryUUID, false, false); + boolean withAuthentication = optionalAuthentication.isPresent(); + String username = withAuthentication ? optionalAuthentication.get().getUsername() : null; + String pw = withAuthentication ? new String(optionalAuthentication.get().getPassword()) : null; + ScmProvider provider = getScmProvider(); scmSupportsBranches = provider.supportsBranches(); + try { - branches = provider.listBranches(address, username, pw); + branches = provider.listBranches(getAddress(), username, pw); } catch (OperationNotSupportedException e) { if (log.isDebugEnabled()) { log.debug("The SCM " + scmType + " does not support branches", e); diff --git a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/LogoutAction.java b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/LogoutAction.java index d0a9f5b..a4e1d40 100644 --- a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/LogoutAction.java +++ b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/LogoutAction.java @@ -23,22 +23,16 @@ package org.nuiton.scmwebeditor.uiweb.actions; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.apache.struts2.interceptor.ServletRequestAware; -import org.apache.struts2.interceptor.ServletResponseAware; import org.nuiton.scmwebeditor.api.ScmConnection; import org.nuiton.scmwebeditor.api.ScmProvider; import org.nuiton.scmwebeditor.uiweb.ScmWebEditorConfig; -import javax.servlet.http.Cookie; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import java.io.File; -import java.text.Normalizer; /** * Ends the user session on the repository */ -public class LogoutAction extends AbstractScmWebEditorAction implements ServletRequestAware, ServletResponseAware { +public class LogoutAction extends AbstractScmWebEditorAction { private static final long serialVersionUID = 6937086747942656369L; @@ -50,13 +44,6 @@ public class LogoutAction extends AbstractScmWebEditorAction implements ServletR /** the URL to the repository's root */ protected String projectUrl; - /** the HTTP request sent to the server */ - protected transient HttpServletRequest request; - - /** the HTTP response to send to the client */ - protected transient HttpServletResponse response; - - public void setAddress(String address) { this.address = address; } public String getAddress() { return address; } @@ -65,11 +52,7 @@ public class LogoutAction extends AbstractScmWebEditorAction implements ServletR public void setProjectUrl(String projectUrl) { this.projectUrl = projectUrl; } - - /** - * Execution of the logout action - * @return a code interpreted in the file struts.xml - */ + @Override public String execute() { String sessionId = request.getSession().getId(); @@ -79,38 +62,15 @@ public class LogoutAction extends AbstractScmWebEditorAction implements ServletR ScmConnection scmConn = provider.getConnection(address, pathToLocalRepos); // getting the repository unique identifier if it is possible - String repositoryId = scmConn.getRepositoryId(); - if (repositoryId == null) { - repositoryId = address.replace(' ', '_'); - repositoryId = Normalizer.normalize(repositoryId, Normalizer.Form.NFD).replaceAll("[\u0300-\u036F]", ""); - } + String repositoryUUID = getRepositoryUUID(scmConn, address); // deleting the cookies for this repository - for (Cookie c : request.getCookies()) { - if (c.getName().equals(repositoryId)) { - c.setMaxAge(0);// deleting the cookie - response.addCookie(c); - if (log.isDebugEnabled()) { - log.debug("Cookie supprimé"); - } - } - } + removeRepositoryCookie(repositoryUUID); // deleting the authentication info in session - getScmSession().delScmUser(repositoryId); + getScmSession().delScmUser(repositoryUUID); return SUCCESS; } - - @Override - public void setServletRequest(HttpServletRequest request) { - this.request = request; - } - - @Override - public void setServletResponse(HttpServletResponse response) { - this.response = response; - } - } diff --git a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/MoveFileAction.java b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/MoveFileAction.java index 368d26a..b2ff290 100644 --- a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/MoveFileAction.java +++ b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/MoveFileAction.java @@ -21,35 +21,23 @@ */ package org.nuiton.scmwebeditor.uiweb.actions; +import org.apache.shiro.authc.UsernamePasswordToken; import org.nuiton.scmwebeditor.api.ScmConnection; import org.nuiton.scmwebeditor.api.ScmFileManager; -import org.nuiton.scmwebeditor.api.ScmProvider; import org.nuiton.scmwebeditor.api.dto.MoveFileDto; import org.nuiton.scmwebeditor.api.dto.result.MoveFileResultDto; -import org.nuiton.scmwebeditor.uiweb.ScmWebEditorConfig; -import javax.servlet.http.HttpSession; -import java.io.File; -import java.text.Normalizer; +import java.util.Optional; /** * Moves a file in the repository */ -public class MoveFileAction extends AbstractScmWebEditorAction { +public class MoveFileAction extends AbstractScmWebEditorWithAddressAction { private static final long serialVersionUID = 4244339447567114412L; public static final String REDIRECT = "redirect"; - /** the username to use to connect to the repository */ - protected String username; - - /** the password to use to connect to the repository */ - protected String pw; - - /** the repository's address */ - protected String address; - /** the URL the root of the repository */ protected String scmRoot; @@ -71,31 +59,6 @@ public class MoveFileAction extends AbstractScmWebEditorAction { /** the full path of the destination directory */ protected String destinationDirectory; - - public String getUsername() { - return username; - } - - public void setUsername(String username) { - this.username = username; - } - - public String getPw() { - return pw; - } - - public void setPw(String pw) { - this.pw = pw; - } - - public void setAddress(String address) { - this.address = address; - } - - public String getAddress() { - return address; - } - public boolean isBadLogin() { return badLogin; } @@ -131,35 +94,17 @@ public class MoveFileAction extends AbstractScmWebEditorAction { public void setDestinationDirectory( String destinationDirectory) { this.destinationDirectory = destinationDirectory; } - /** - * Execution of the move a file action - * @return a code interpreted in the file struts.xml - */ + @Override public String execute() { - HttpSession session = request.getSession(); - String sessionId = session.getId(); - String pathToLocalRepos = ScmWebEditorConfig.getLocalRepositoriesPath() + File.separator + sessionId; - - ScmProvider provider = ScmWebEditorConfig.getProvider(scmType); - - ScmConnection scmConn = provider.getConnection(address, pathToLocalRepos); - ScmFileManager scmFileManager = provider.getFileManager(scmConn); - - // if the repository is not protected for writing, we get its UUID - if (address.endsWith("/")) { - address = address.substring(0, address.lastIndexOf('/')); - } + initAddress(); - String repositoryUUID = scmConn.getRepositoryId(); - if (repositoryUUID == null) { - repositoryUUID = address.replace(' ', '_'); - repositoryUUID = Normalizer.normalize(repositoryUUID, Normalizer.Form.NFD).replaceAll("[\u0300-\u036F]", ""); - } + String repositoryUUID = getRepositoryUUID(); - String[] usernamePw = getUsernamePwFromSession(repositoryUUID, username, pw); - username = usernamePw[0]; - pw = usernamePw[1]; + Optional<UsernamePasswordToken> optionalAuthentication = initAuthenticationInformations(repositoryUUID, false, false); + boolean withAuthentication = optionalAuthentication.isPresent(); + String username = withAuthentication ? optionalAuthentication.get().getUsername() : null; + String pw = withAuthentication ? new String(optionalAuthentication.get().getPassword()) : null; MoveFileDto dto = new MoveFileDto(); dto.setUsername(username); @@ -168,6 +113,7 @@ public class MoveFileAction extends AbstractScmWebEditorAction { dto.setFileToMove(fileToMove); dto.setDestinationDirectory(destinationDirectory); + ScmFileManager scmFileManager = getScmFileManager(); MoveFileResultDto resultDto = scmFileManager.moveFile(dto); if (resultDto.getScmRoot() != null) { @@ -177,32 +123,23 @@ public class MoveFileAction extends AbstractScmWebEditorAction { fileRoot = resultDto.getFileRoot(); } - if (username != null && pw != null) { - if (username.equals("") && pw.equals("")) { - username = null; - pw = null; - } - } - - if (resultDto.getError() != null) { + ScmConnection scmConn = getScmConnection(); String errorMessage = resultDto.getError(); error = true; if (errorMessage.equals(MoveFileResultDto.CONNECTION_FAILED)) { getScmSession().delScmUser(scmConn.getRepositoryId()); - username = null; - pw = null; + resetAuthentication(); return ERROR; } else if (errorMessage.equals(MoveFileResultDto.AUTH_ERROR)) { badLogin = true; - username = null; - pw = null; + resetAuthentication(); getScmSession().delScmUser(scmConn.getRepositoryId()); return LOGIN; diff --git a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/PreviewAction.java b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/PreviewAction.java index 0a6f933..9528920 100644 --- a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/PreviewAction.java +++ b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/PreviewAction.java @@ -24,27 +24,22 @@ package org.nuiton.scmwebeditor.uiweb.actions; import com.github.rjeschke.txtmark.Processor; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.apache.struts2.interceptor.ServletRequestAware; import org.dom4j.Document; import org.nuiton.jrst.JRST; import org.nuiton.jrst.legacy.JRSTReader; -import javax.servlet.http.HttpServletRequest; import java.io.StringReader; /** * Gives a preview of the edited RST or Markdown file */ -public class PreviewAction extends AbstractScmWebEditorAction implements ServletRequestAware { +public class PreviewAction extends AbstractScmWebEditorAction { /** serialVersionUID. */ private static final long serialVersionUID = -2388759298175611718L; private static final Log log = LogFactory.getLog(PreviewAction.class); - /** the HTTP request sent to the server */ - protected transient HttpServletRequest request; - /** the HTML code to display for the preview */ protected String htmlPreview; @@ -111,10 +106,4 @@ public class PreviewAction extends AbstractScmWebEditorAction implements Servlet return SUCCESS; } - @Override - public void setServletRequest(HttpServletRequest request) { - this.request = request; - } - - } diff --git a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/RemoveDirectoryAction.java b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/RemoveDirectoryAction.java index df2ae20..0c7ab44 100644 --- a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/RemoveDirectoryAction.java +++ b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/RemoveDirectoryAction.java @@ -21,35 +21,23 @@ */ package org.nuiton.scmwebeditor.uiweb.actions; +import org.apache.shiro.authc.UsernamePasswordToken; import org.nuiton.scmwebeditor.api.ScmConnection; import org.nuiton.scmwebeditor.api.ScmFileManager; -import org.nuiton.scmwebeditor.api.ScmProvider; import org.nuiton.scmwebeditor.api.dto.RemoveDirectoryDto; import org.nuiton.scmwebeditor.api.dto.result.RemoveDirectoryResultDto; -import org.nuiton.scmwebeditor.uiweb.ScmWebEditorConfig; -import javax.servlet.http.HttpSession; -import java.io.File; -import java.text.Normalizer; +import java.util.Optional; /** * Removes a directory on the repository */ -public class RemoveDirectoryAction extends AbstractScmWebEditorAction { +public class RemoveDirectoryAction extends AbstractScmWebEditorWithAddressAction { private static final long serialVersionUID = 4244339447567114412L; public static final String REDIRECT = "redirect"; - /** the username to use to connect to the repository */ - protected String username; - - /** the password to use to connect to the repository */ - protected String pw; - - /** the repository's address */ - protected String address; - /** the path to the directory to remove */ protected String directoryToRemove; @@ -65,31 +53,6 @@ public class RemoveDirectoryAction extends AbstractScmWebEditorAction { /** the full path of the root */ protected String fileRoot; - - public String getUsername() { - return username; - } - - public void setUsername(String username) { - this.username = username; - } - - public String getPw() { - return pw; - } - - public void setPw(String pw) { - this.pw = pw; - } - - public void setAddress(String address) { - this.address = address; - } - - public String getAddress() { - return address; - } - public boolean isBadLogin() { return badLogin; } @@ -116,41 +79,24 @@ public class RemoveDirectoryAction extends AbstractScmWebEditorAction { public void setScmRoot(String scmRoot) { this.scmRoot = scmRoot; } - /** - * Execution of the remove directory action - * @return a code interpreted in the file struts.xml - */ + @Override public String execute() { - HttpSession session = request.getSession(); - String sessionId = session.getId(); - String pathToLocalRepos = ScmWebEditorConfig.getLocalRepositoriesPath() + File.separator + sessionId; - - ScmProvider provider = ScmWebEditorConfig.getProvider(scmType); - - ScmConnection scmConn = provider.getConnection(address, pathToLocalRepos); - ScmFileManager scmFileManager = provider.getFileManager(scmConn); - - // if the repository is not protected for writing, we get its UUID - if (address.endsWith("/")) { - address = address.substring(0, address.lastIndexOf('/')); - } + initAddress(); - String repositoryUUID = scmConn.getRepositoryId(); - if (repositoryUUID == null) { - repositoryUUID = address.replace(' ', '_'); - repositoryUUID = Normalizer.normalize(repositoryUUID, Normalizer.Form.NFD).replaceAll("[\u0300-\u036F]", ""); - } + String repositoryUUID = getRepositoryUUID(); - String[] usernamePw = getUsernamePwFromSession(repositoryUUID, username, pw); - username = usernamePw[0]; - pw = usernamePw[1]; + Optional<UsernamePasswordToken> optionalAuthentication = initAuthenticationInformations(repositoryUUID, false, false); + boolean withAuthentication = optionalAuthentication.isPresent(); + String username = withAuthentication ? optionalAuthentication.get().getUsername() : null; + String pw = withAuthentication ? new String(optionalAuthentication.get().getPassword()) : null; RemoveDirectoryDto dto = new RemoveDirectoryDto(); dto.setUsername(username); dto.setPassword(pw); dto.setDirectoryToRemove(directoryToRemove); + ScmFileManager scmFileManager = getScmFileManager(); RemoveDirectoryResultDto resultDto = scmFileManager.removeDirectory(dto); if (resultDto.getScmRoot() != null) { @@ -160,32 +106,25 @@ public class RemoveDirectoryAction extends AbstractScmWebEditorAction { fileRoot = resultDto.getFileRoot(); } - if (username != null && pw != null) { - if (username.equals("") && pw.equals("")) { - username = null; - pw = null; - } - } - if (resultDto.getError() != null) { + ScmConnection scmConn = getScmConnection(); + String errorMessage = resultDto.getError(); error = true; if (errorMessage.equals(RemoveDirectoryResultDto.CONNECTION_FAILED)) { getScmSession().delScmUser(scmConn.getRepositoryId()); - username = null; - pw = null; + resetAuthentication(); return ERROR; } else if (errorMessage.equals(RemoveDirectoryResultDto.AUTH_ERROR)) { badLogin = true; - username = null; - pw = null; + resetAuthentication(); getScmSession().delScmUser(scmConn.getRepositoryId()); return LOGIN; diff --git a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/RemoveFileAction.java b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/RemoveFileAction.java index 459cf95..08d4fef 100644 --- a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/RemoveFileAction.java +++ b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/RemoveFileAction.java @@ -21,35 +21,23 @@ */ package org.nuiton.scmwebeditor.uiweb.actions; +import org.apache.shiro.authc.UsernamePasswordToken; import org.nuiton.scmwebeditor.api.ScmConnection; import org.nuiton.scmwebeditor.api.ScmFileManager; -import org.nuiton.scmwebeditor.api.ScmProvider; import org.nuiton.scmwebeditor.api.dto.RemoveFileDto; import org.nuiton.scmwebeditor.api.dto.result.RemoveFileResultDto; -import org.nuiton.scmwebeditor.uiweb.ScmWebEditorConfig; -import javax.servlet.http.HttpSession; -import java.io.File; -import java.text.Normalizer; +import java.util.Optional; /** * Removes a file from the repository */ -public class RemoveFileAction extends AbstractScmWebEditorAction { +public class RemoveFileAction extends AbstractScmWebEditorWithAddressAction { private static final long serialVersionUID = 4244339447567114412L; public static final String REDIRECT = "redirect"; - /** the username to use to connect to the repository */ - protected String username; - - /** the password to use to connect to the repository */ - protected String pw; - - /** the repository's address */ - protected String address; - /** the URL the root of the repository */ protected String scmRoot; @@ -65,31 +53,6 @@ public class RemoveFileAction extends AbstractScmWebEditorAction { /** the full path of the root */ protected String fileRoot; - - public String getUsername() { - return username; - } - - public void setUsername(String username) { - this.username = username; - } - - public String getPw() { - return pw; - } - - public void setPw(String pw) { - this.pw = pw; - } - - public void setAddress(String address) { - this.address = address; - } - - public String getAddress() { - return address; - } - public boolean isBadLogin() { return badLogin; } @@ -116,41 +79,24 @@ public class RemoveFileAction extends AbstractScmWebEditorAction { public void setFileRoot(String fileRoot) { this.fileRoot = fileRoot; } - /** - * Execution of the remove action - * @return a code interpreted in the file struts.xml - */ + @Override public String execute() { - HttpSession session = request.getSession(); - String sessionId = session.getId(); - String pathToLocalRepos = ScmWebEditorConfig.getLocalRepositoriesPath() + File.separator + sessionId; - - ScmProvider provider = ScmWebEditorConfig.getProvider(scmType); + initAddress(); - ScmConnection scmConn = provider.getConnection(address, pathToLocalRepos); - ScmFileManager scmFileManager = provider.getFileManager(scmConn); + String repositoryUUID = getRepositoryUUID(); - // if the repository is not protected for writing, we get its UUID - if (address.endsWith("/")) { - address = address.substring(0, address.lastIndexOf('/')); - } - - String repositoryUUID = scmConn.getRepositoryId(); - if (repositoryUUID == null) { - repositoryUUID = address.replace(' ', '_'); - repositoryUUID = Normalizer.normalize(repositoryUUID, Normalizer.Form.NFD).replaceAll("[\u0300-\u036F]", ""); - } - - String[] usernamePw = getUsernamePwFromSession(repositoryUUID, username, pw); - username = usernamePw[0]; - pw = usernamePw[1]; + Optional<UsernamePasswordToken> optionalAuthentication = initAuthenticationInformations(repositoryUUID, false, false); + boolean withAuthentication = optionalAuthentication.isPresent(); + String username = withAuthentication ? optionalAuthentication.get().getUsername() : null; + String pw = withAuthentication ? new String(optionalAuthentication.get().getPassword()) : null; RemoveFileDto dto = new RemoveFileDto(); dto.setUsername(username); dto.setPassword(pw); dto.setScmPath(scmPath); + ScmFileManager scmFileManager = getScmFileManager(); RemoveFileResultDto resultDto = scmFileManager.removeFile(dto); if (resultDto.getScmRoot() != null) { @@ -160,32 +106,24 @@ public class RemoveFileAction extends AbstractScmWebEditorAction { fileRoot = resultDto.getFileRoot(); } - if (username != null && pw != null) { - if (username.equals("") && pw.equals("")) { - username = null; - pw = null; - } - } - - if (resultDto.getError() != null) { + ScmConnection scmConn = getScmConnection(); + String errorMessage = resultDto.getError(); error = true; if (errorMessage.equals(RemoveFileResultDto.CONNECTION_FAILED)) { getScmSession().delScmUser(scmConn.getRepositoryId()); - username = null; - pw = null; + resetAuthentication(); return ERROR; } else if (errorMessage.equals(RemoveFileResultDto.AUTH_ERROR)) { badLogin = true; - username = null; - pw = null; + resetAuthentication(); getScmSession().delScmUser(scmConn.getRepositoryId()); return LOGIN; diff --git a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ResetAction.java b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ResetAction.java index 51390f3..6f6fd5b 100644 --- a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ResetAction.java +++ b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ResetAction.java @@ -24,19 +24,18 @@ package org.nuiton.scmwebeditor.uiweb.actions; import org.apache.commons.io.FileUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.apache.shiro.authc.UsernamePasswordToken; import org.nuiton.scmwebeditor.api.ScmConnection; -import org.nuiton.scmwebeditor.api.ScmProvider; -import org.nuiton.scmwebeditor.uiweb.ScmWebEditorConfig; import javax.naming.AuthenticationException; import java.io.File; import java.io.IOException; -import java.text.Normalizer; +import java.util.Optional; /** * Deletes all the changes made to the edited file */ -public class ResetAction extends AbstractScmWebEditorAction { +public class ResetAction extends AbstractScmWebEditorWithAddressAction { private static final long serialVersionUID = -1154924826535371319L; @@ -48,54 +47,31 @@ public class ResetAction extends AbstractScmWebEditorAction { /** the number of the current revision */ protected String numRevision; - /** the repository's address */ - protected String address; - - /** the username to use to connect to the repository */ - protected String username; - - /** the password to use to connect to the repository */ - protected String pw; - /** information about an error if one occurs */ protected String error; - public String getLastRevision() { return lastRevision; } public String getNumRevision() { return numRevision; } - public void setAddress(String address) { this.address = address; } - - public void setUsername(String username) { this.username = username; } - - public void setPw(String pw) { this.pw = pw; } - public String getError() { return error; } - /** - * Execution of the reset action - * @return a code interpreted in the file struts.xml - */ + @Override public String execute() { - String sessionId = request.getSession().getId(); - String pathToLocalRepos = ScmWebEditorConfig.getLocalRepositoriesPath() + File.separator + sessionId; + initAddress(); - ScmProvider provider = ScmWebEditorConfig.getProvider(scmType); - ScmConnection scmConn = provider.getConnection(address, pathToLocalRepos); + String repositoryUUID = getRepositoryUUID(); - // getting the repository unique identifier if it is possible - String repositoryId = scmConn.getRepositoryId(); - if (repositoryId == null) { - repositoryId = address.replace(' ', '_'); - repositoryId = Normalizer.normalize(repositoryId, Normalizer.Form.NFD).replaceAll("[\u0300-\u036F]", ""); - } - String[] usernamePw = getUsernamePwFromSession(repositoryId, username, pw); - username = usernamePw[0]; - pw = usernamePw[1]; + Optional<UsernamePasswordToken> optionalAuthentication = initAuthenticationInformations(repositoryUUID, false, false); + boolean withAuthentication = optionalAuthentication.isPresent(); + String username = withAuthentication ? optionalAuthentication.get().getUsername() : null; + String pw = withAuthentication ? new String(optionalAuthentication.get().getPassword()) : null; + + ScmConnection scmConn = getScmConnection(); try { + String address = getAddress(); File originalFile = scmConn.getFileContent(address, username, pw); lastRevision = FileUtils.readFileToString(originalFile); numRevision = scmConn.getHeadRevisionNumber(address, username, pw); @@ -114,5 +90,4 @@ public class ResetAction extends AbstractScmWebEditorAction { return SUCCESS; } - } diff --git a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/SaveAction.java b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/SaveAction.java index f46d2f1..7d61d94 100644 --- a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/SaveAction.java +++ b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/SaveAction.java @@ -50,11 +50,7 @@ public class SaveAction extends ScmWebEditorCommitAction { public Date getDate() { return date; } - - /** - * Execution of the save action - * @return a code interpreted in the file struts.xml - */ + @Override public String execute() { if (log.isDebugEnabled()) { diff --git a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ScmWebEditorCommitAction.java b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ScmWebEditorCommitAction.java index 2f06b9d..33de9c1 100644 --- a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ScmWebEditorCommitAction.java +++ b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ScmWebEditorCommitAction.java @@ -23,32 +23,21 @@ package org.nuiton.scmwebeditor.uiweb.actions; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.apache.shiro.codec.Base64; -import org.apache.shiro.crypto.BlowfishCipherService; -import org.apache.struts2.interceptor.ServletRequestAware; -import org.apache.struts2.interceptor.ServletResponseAware; +import org.apache.shiro.authc.UsernamePasswordToken; import org.dom4j.Document; import org.nuiton.jrst.JRST; import org.nuiton.jrst.legacy.JRSTReader; import org.nuiton.scmwebeditor.api.ScmConnection; -import org.nuiton.scmwebeditor.api.ScmProvider; import org.nuiton.scmwebeditor.api.dto.CommitDto; import org.nuiton.scmwebeditor.api.dto.result.CommitResultDto; -import org.nuiton.scmwebeditor.uiweb.ScmWebEditorConfig; -import javax.servlet.http.Cookie; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; -import java.io.File; import java.io.StringReader; -import java.io.UnsupportedEncodingException; -import java.text.Normalizer; +import java.util.Optional; /** * Commits all the changes to the remote repository */ -public class ScmWebEditorCommitAction extends AbstractScmWebEditorAction implements ServletRequestAware, ServletResponseAware { +public class ScmWebEditorCommitAction extends AbstractScmWebEditorWithAddressAction { public static final String FILE_MODIFY = "fileModify"; @@ -65,15 +54,6 @@ public class ScmWebEditorCommitAction extends AbstractScmWebEditorAction impleme /** the old file content */ protected String origText; - /** the username to use to connect to the repository */ - protected String username; - - /** the password to use to connect to the repository */ - protected String pw; - - /** the repository's address */ - protected String address; - /** the last revision's file content */ protected String lastText; @@ -107,12 +87,6 @@ public class ScmWebEditorCommitAction extends AbstractScmWebEditorAction impleme /** equals true if only a commit is requested, without a push */ protected boolean commitOnly; - /** the HTTP request sent to the server */ - protected transient HttpServletRequest request; - - /** the HTTP response to send to the client */ - protected transient HttpServletResponse response; - public String getCommitMessage() { return commitMessage; } public void setCommitMessage(String commitMessage) { this.commitMessage = commitMessage; } @@ -129,18 +103,6 @@ public class ScmWebEditorCommitAction extends AbstractScmWebEditorAction impleme public void setOrigText(String origText) { this.origText = origText; } - public String getUsername() { return username; } - - public void setUsername(String username) { this.username = username; } - - public String getPw() { return pw; } - - public void setPw(String pw) { this.pw = pw; } - - public String getAddress() { return address; } - - public void setAddress(String address) { this.address = address; } - public String getLastText() { return lastText; } public void setLastText(String lastText) { this.lastText = lastText; } @@ -169,8 +131,6 @@ public class ScmWebEditorCommitAction extends AbstractScmWebEditorAction impleme public void setMimeType(String mimeType) { this.mimeType = mimeType; } - public HttpServletRequest getRequest() { return request; } - public boolean getForce() { return force; } public void setForce(boolean force) { this.force = force; } @@ -208,13 +168,9 @@ public class ScmWebEditorCommitAction extends AbstractScmWebEditorAction impleme return false; } - } - /** - * Execution of the commit action - * @return a code interpreted in the file struts.xml - */ + @Override public String execute() { System.setProperty("file.encoding", "UTF-8"); @@ -228,81 +184,20 @@ public class ScmWebEditorCommitAction extends AbstractScmWebEditorAction impleme } // connection to the repository - HttpSession session = request.getSession(); - String sessionId = session.getId(); - String pathToLocalRepos = ScmWebEditorConfig.getLocalRepositoriesPath() + File.separator + sessionId; - - ScmProvider provider = ScmWebEditorConfig.getProvider(scmType); - ScmConnection scmConn = provider.getConnection(address, pathToLocalRepos); + ScmConnection scmConn = getScmConnection(); // if the repository is not protected for writing, we get its UUID - String repositoryUUID = scmConn.getRepositoryId(); - if (repositoryUUID == null) { - repositoryUUID = address.replace(' ', '_'); - repositoryUUID = Normalizer.normalize(repositoryUUID, Normalizer.Form.NFD).replaceAll("[\u0300-\u036F]", ""); - } - - - /* - * reading the cookie - */ - String usernamepwCookie = null; - // read the cookies - - BlowfishCipherService bf = new BlowfishCipherService(); - - byte[] privateKey = Base64.decode(ScmWebEditorConfig.getKey()); - - for (Cookie c : request.getCookies()) { - if (c.getName().equals(repositoryUUID)) - usernamepwCookie = c.getValue(); - } - - - if (usernamepwCookie != null) { + String repositoryUUID = getRepositoryUUID(); - String usernameDecode = null; - try { - usernameDecode = new String(bf.decrypt(Base64.decode(usernamepwCookie), privateKey).getBytes(), "UTF-8"); - } catch (UnsupportedEncodingException e) { - if (log.isErrorEnabled()) { - log.error("Can not create a String with UTF-8 encoding"); - } - } + Optional<UsernamePasswordToken> optionalAuthentication = initAuthenticationInformations(repositoryUUID, true, saveCookie); + boolean withAuthentication = optionalAuthentication.isPresent(); + String username = withAuthentication ? optionalAuthentication.get().getUsername() : null; + String pw = withAuthentication ? new String(optionalAuthentication.get().getPassword()) : null; - if (usernameDecode != null) { - String[] resCookie = usernameDecode.split(","); - if (resCookie.length == 2) { - username = resCookie[0]; - pw = resCookie[1]; - } - } + if (log.isDebugEnabled()) { + log.debug("Login : " + username + " to repository: " + repositoryUUID); } - if (saveCookie) { - if (username != null && pw != null) { - - Cookie authCookie = null; - - try { - authCookie = new Cookie(repositoryUUID, bf.encrypt((username + "," + pw).getBytes("UTF-8"), privateKey).toBase64()); - } catch (UnsupportedEncodingException e) { - if (log.isErrorEnabled()) { - log.error("Can not get bytes from UTF-8 encoding"); - } - } - - if (authCookie != null) { - authCookie.setMaxAge(60 * 60 * 24 * 365); - response.addCookie(authCookie); - } - } - - } - - String[] usernamePw = getUsernamePwFromSession(repositoryUUID, username, pw); - username = usernamePw[0]; - pw = usernamePw[1]; CommitDto dto = new CommitDto(); dto.setUsername(username); @@ -310,7 +205,7 @@ public class ScmWebEditorCommitAction extends AbstractScmWebEditorAction impleme dto.setNewText(newText); dto.setCommitMessage(commitMessage); dto.setForce(force); - dto.setAddress(address); + dto.setAddress(getAddress()); dto.setCommitOnly(commitOnly); CommitResultDto resultDto = scmConn.commit(dto); @@ -339,7 +234,7 @@ public class ScmWebEditorCommitAction extends AbstractScmWebEditorAction impleme if (error.equals(CommitResultDto.ERROR_PATH)) { return ERROR_PATH; } else if (error.equals(CommitResultDto.AUTH_ERROR)) { - request.setAttribute(getParameterAddress(), address); + request.setAttribute(getParameterAddress(), getAddress()); getScmSession().delScmUser(scmConn.getRepositoryId()); username = null; pw = null; @@ -355,15 +250,4 @@ public class ScmWebEditorCommitAction extends AbstractScmWebEditorAction impleme return SUCCESS; } - - @Override - public void setServletRequest(HttpServletRequest request) { - this.request = request; - } - - @Override - public void setServletResponse(HttpServletResponse response) { - this.response = response; - } - } diff --git a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ScmWebEditorMainAction.java b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ScmWebEditorMainAction.java index ffca302..7943130 100644 --- a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ScmWebEditorMainAction.java +++ b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ScmWebEditorMainAction.java @@ -21,19 +21,18 @@ */ package org.nuiton.scmwebeditor.uiweb.actions; +import com.google.common.base.Strings; import com.google.common.collect.Lists; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.apache.struts2.interceptor.ServletResponseAware; import org.nuiton.scmwebeditor.uiweb.ScmWebEditorConfig; -import javax.servlet.http.HttpServletResponse; import java.util.List; /** * The first action called when entering the website */ -public class ScmWebEditorMainAction extends AbstractScmWebEditorAction implements ServletResponseAware { +public class ScmWebEditorMainAction extends AbstractScmWebEditorWithAddressAction { private static final long serialVersionUID = 8361035067228171624L; @@ -44,9 +43,6 @@ public class ScmWebEditorMainAction extends AbstractScmWebEditorAction implement public static final String EDIT_PAGE = "editPage"; - /** the repository's address */ - protected String address; - /** the URL to the repository's root */ protected String projectUrl; @@ -68,15 +64,6 @@ public class ScmWebEditorMainAction extends AbstractScmWebEditorAction implement /** the number of the edited file's revision */ protected String numRevision; - /** the username to use to connect to the repository */ - protected String username; - - /** the password to use to connect to the repository */ - protected String pw; - - /** the HTTP response to send to the client */ - protected transient HttpServletResponse response; - /** the repository's unique identifier */ protected String repositoryId; @@ -93,30 +80,6 @@ public class ScmWebEditorMainAction extends AbstractScmWebEditorAction implement this.repositoryId = repositoryId; } - public String getUsername() { - return username; - } - - public void setUsername(String username) { - this.username = username; - } - - public String getPw() { - return pw; - } - - public void setPw(String pw) { - this.pw = pw; - } - - public String getAddress() { - return address; - } - - public void setAddress(String address) { - this.address = address; - } - public String getFormat() { return format; } @@ -156,17 +119,13 @@ public class ScmWebEditorMainAction extends AbstractScmWebEditorAction implement * @return true if the parameters are empty */ private boolean testParameters() { - if (address == null || address.length() == 0) { + if (Strings.isNullOrEmpty(getAddress())) { return true; } else { return false; } } - /** - * Execution of the main action - * @return a code interpreted in the file struts.xml - */ @Override public String execute() { @@ -193,11 +152,4 @@ public class ScmWebEditorMainAction extends AbstractScmWebEditorAction implement } - - @Override - public void setServletResponse(HttpServletResponse response) { - this.response = response; - } - - } diff --git a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/UploadFileAction.java b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/UploadFileAction.java index 30a8279..08ebc59 100644 --- a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/UploadFileAction.java +++ b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/UploadFileAction.java @@ -21,21 +21,18 @@ */ package org.nuiton.scmwebeditor.uiweb.actions; +import org.apache.shiro.authc.UsernamePasswordToken; import org.nuiton.scmwebeditor.api.ScmConnection; -import org.nuiton.scmwebeditor.api.ScmFileManager; -import org.nuiton.scmwebeditor.api.ScmProvider; import org.nuiton.scmwebeditor.api.dto.UploadFileDto; import org.nuiton.scmwebeditor.api.dto.result.UploadFileResultDto; -import org.nuiton.scmwebeditor.uiweb.ScmWebEditorConfig; -import javax.servlet.http.HttpSession; import java.io.File; -import java.text.Normalizer; +import java.util.Optional; /** * Uploads a file from the client to the repository */ -public class UploadFileAction extends AbstractScmWebEditorAction { +public class UploadFileAction extends AbstractScmWebEditorWithAddressAction { private static final long serialVersionUID = 4244339447567114412L; @@ -50,15 +47,6 @@ public class UploadFileAction extends AbstractScmWebEditorAction { /** the type of the file to upload */ protected String uploadContentType; - /** the username to use to connect to the repository */ - protected String username; - - /** the password to use to connect to the repository */ - protected String pw; - - /** the repository's address */ - protected String address; - /** the URL the root of the repository */ protected String scmRoot; @@ -99,30 +87,6 @@ public class UploadFileAction extends AbstractScmWebEditorAction { this.uploadFileName = uploadFileName; } - public String getUsername() { - return username; - } - - public void setUsername(String username) { - this.username = username; - } - - public String getPw() { - return pw; - } - - public void setPw(String pw) { - this.pw = pw; - } - - public void setAddress(String address) { - this.address = address; - } - - public String getAddress() { - return address; - } - public boolean isBadLogin() { return badLogin; } @@ -151,36 +115,17 @@ public class UploadFileAction extends AbstractScmWebEditorAction { public String getScmPath() { return scmPath; } - - /** - * Execution of the upload action - * @return a code interpreted in the file struts.xml - */ + @Override public String execute() { - HttpSession session = request.getSession(); - String sessionId = session.getId(); - String pathToLocalRepos = ScmWebEditorConfig.getLocalRepositoriesPath() + File.separator + sessionId; + initAddress(); - ScmProvider provider = ScmWebEditorConfig.getProvider(scmType); - - ScmConnection scmConn = provider.getConnection(address, pathToLocalRepos); - ScmFileManager scmFileManager = provider.getFileManager(scmConn); - - // if the repository is not protected for writing, we get its UUID - if (address.endsWith("/")) { - address = address.substring(0, address.lastIndexOf('/')); - } - - String repositoryUUID = scmConn.getRepositoryId(); - if (repositoryUUID == null) { - repositoryUUID = address.replace(' ', '_'); - repositoryUUID = Normalizer.normalize(repositoryUUID, Normalizer.Form.NFD).replaceAll("[\u0300-\u036F]", ""); - } + String repositoryUUID = getRepositoryUUID(); - String[] usernamePw = getUsernamePwFromSession(repositoryUUID, username, pw); - username = usernamePw[0]; - pw = usernamePw[1]; + Optional<UsernamePasswordToken> optionalAuthentication = initAuthenticationInformations(repositoryUUID, false, false); + boolean withAuthentication = optionalAuthentication.isPresent(); + String username = withAuthentication ? optionalAuthentication.get().getUsername() : null; + String pw = withAuthentication ? new String(optionalAuthentication.get().getPassword()) : null; UploadFileDto dto = new UploadFileDto(); dto.setUsername(username); @@ -190,7 +135,7 @@ public class UploadFileAction extends AbstractScmWebEditorAction { dto.setUploadContentType(uploadContentType); dto.setScmPath(scmPath); - UploadFileResultDto resultDto = scmFileManager.uploadFile(dto); + UploadFileResultDto resultDto = getScmFileManager().uploadFile(dto); if (resultDto.getFileRoot() != null) { fileRoot = resultDto.getFileRoot(); @@ -201,22 +146,21 @@ public class UploadFileAction extends AbstractScmWebEditorAction { if (resultDto.getError() != null) { + ScmConnection scmConn = getScmConnection(); String errorMessage = resultDto.getError(); error = true; if (errorMessage.equals(UploadFileResultDto.CONNECTION_FAILED)) { getScmSession().delScmUser(scmConn.getRepositoryId()); - username = null; - pw = null; + resetAuthentication(); return ERROR; } else if (errorMessage.equals(UploadFileResultDto.AUTH_ERROR)) { badLogin = true; - username = null; - pw = null; + resetAuthentication(); getScmSession().delScmUser(scmConn.getRepositoryId()); return LOGIN; diff --git a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ViewDiffsAction.java b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ViewDiffsAction.java index ac8cbd1..4ba180a 100644 --- a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ViewDiffsAction.java +++ b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ViewDiffsAction.java @@ -24,19 +24,13 @@ package org.nuiton.scmwebeditor.uiweb.actions; import org.apache.commons.io.FileUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.apache.shiro.codec.Base64; -import org.apache.shiro.crypto.BlowfishCipherService; +import org.apache.shiro.authc.UsernamePasswordToken; import org.nuiton.scmwebeditor.api.ScmConnection; -import org.nuiton.scmwebeditor.api.ScmProvider; -import org.nuiton.scmwebeditor.uiweb.ScmWebEditorConfig; import javax.naming.AuthenticationException; -import javax.servlet.http.Cookie; -import javax.servlet.http.HttpSession; import java.io.File; import java.io.IOException; -import java.io.UnsupportedEncodingException; -import java.text.Normalizer; +import java.util.Optional; /** * Allows to view the history of a file @@ -74,90 +68,23 @@ public class ViewDiffsAction extends ScmWebEditorMainAction { public void setError(String error) { this.error = error; } - /** - * Execution of the view history action - * @return a code interpreted in the file struts.xml - */ + @Override public String execute() { - HttpSession session = request.getSession(); - String sessionId = session.getId(); - error = null; - String pathToLocalRepos = ScmWebEditorConfig.getLocalRepositoriesPath() + File.separator + sessionId; - - ScmProvider provider = ScmWebEditorConfig.getProvider(scmType); - ScmConnection scmConn = provider.getConnection(address, pathToLocalRepos); + String repositoryUUID = getRepositoryUUID(); - // if the repository is not protected, we get its UUID - String repositoryUUID = scmConn.getRepositoryId(); - if (repositoryUUID == null) { - repositoryUUID = address.replace(' ', '_'); - repositoryUUID = Normalizer.normalize(repositoryUUID, Normalizer.Form.NFD).replaceAll("[\u0300-\u036F]", ""); - } + Optional<UsernamePasswordToken> optionalAuthentication = initAuthenticationInformations(repositoryUUID, true, saveCookie); + boolean withAuthentication = optionalAuthentication.isPresent(); + String username = withAuthentication ? optionalAuthentication.get().getUsername() : null; + String pw = withAuthentication ? new String(optionalAuthentication.get().getPassword()) : null; if (log.isDebugEnabled()) { - log.debug("Login : " + username); - } - - - /* - * Reading the cookie - */ - - - String usernamepwCookie = null; - // read the cookies - - BlowfishCipherService bf = new BlowfishCipherService(); - - byte[] privateKey = Base64.decode(ScmWebEditorConfig.getKey()); - - if (request.getCookies() != null) { - for (Cookie c : request.getCookies()) { - if (c.getName().equals(repositoryUUID)) { - usernamepwCookie = c.getValue(); - } - } + log.debug("Login : " + username + " to repository: " + repositoryUUID); } - if (usernamepwCookie != null) { - - String usernameDecode = null; - try { - usernameDecode = new String(bf.decrypt(Base64.decode(usernamepwCookie), privateKey).getBytes(), "UTF-8"); - } catch (UnsupportedEncodingException e) { - if (log.isErrorEnabled()) { - log.error("Can not create a String with UTF-8 encoding"); - } - } - - if (usernameDecode != null) { - String[] resCookie = usernameDecode.split(","); - if (resCookie.length == 2) { - username = resCookie[0]; - pw = resCookie[1]; - } - } - } - - if (saveCookie) { - if (username != null && pw != null) { - - if (!username.equals("") && !pw.equals("")) { - Cookie authCookie = new Cookie(repositoryUUID, bf.encrypt((username + "," + pw).getBytes(), privateKey).toBase64()); - authCookie.setMaxAge(60 * 60 * 24 * 365); - response.addCookie(authCookie); - } - } - - } - - // authentication - String[] usernamePw = getUsernamePwFromSession(repositoryUUID, username, pw); - username = usernamePw[0]; - pw = usernamePw[1]; + initAuthenticationInformations(repositoryUUID, true, saveCookie); String name = username; String password = pw; @@ -169,12 +96,15 @@ public class ViewDiffsAction extends ScmWebEditorMainAction { password = "anonymous"; } + String address = getAddress(); /* * Getting the differences */ try { + + ScmConnection scmConn = getScmConnection(); File tempFile = scmConn.getDiffs(address, name, password, revision1, revision2); if (tempFile != null) { @@ -192,15 +122,7 @@ public class ViewDiffsAction extends ScmWebEditorMainAction { } // deleting the cookies for this repository - for (Cookie c : request.getCookies()) { - if (c.getName().equals(repositoryUUID)) { - c.setMaxAge(0);//On supprime le cookie - response.addCookie(c); - if (log.isDebugEnabled()) { - log.debug("Cookie supprimé"); - } - } - } + removeRepositoryCookie(repositoryUUID); getScmSession().delScmUser(repositoryUUID); error = LOGIN; diff --git a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ViewImageAction.java b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ViewImageAction.java index 6e43da9..8dbf5c7 100644 --- a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ViewImageAction.java +++ b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ViewImageAction.java @@ -23,22 +23,16 @@ package org.nuiton.scmwebeditor.uiweb.actions; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.apache.shiro.codec.Base64; -import org.apache.shiro.crypto.BlowfishCipherService; +import org.apache.shiro.authc.UsernamePasswordToken; import org.nuiton.scmwebeditor.api.OperationNotSupportedException; import org.nuiton.scmwebeditor.api.ScmConnection; import org.nuiton.scmwebeditor.api.ScmProvider; import org.nuiton.scmwebeditor.api.dto.result.AbstractResultDto; -import org.nuiton.scmwebeditor.uiweb.ScmWebEditorConfig; import javax.naming.AuthenticationException; -import javax.servlet.http.Cookie; -import javax.servlet.http.HttpSession; -import java.io.File; -import java.io.UnsupportedEncodingException; -import java.text.Normalizer; import java.util.Arrays; import java.util.List; +import java.util.Optional; /** * Allows to view an image @@ -88,35 +82,25 @@ public class ViewImageAction extends ScmWebEditorMainAction { public void setFilesDirectlyAccessible( boolean filesDirectlyAccessible) { this.filesDirectlyAccessible = filesDirectlyAccessible; } - /** - * Execution of the view image action - * @return a code interpreted in the file struts.xml - */ + @Override public String execute() { + String address = getAddress(); format = address.substring(address.lastIndexOf('.') + 1).toLowerCase(); if (!SUPPORTED_IMAGE_FORMATS.contains(format)) { return ERROR_PATH; } - HttpSession session = request.getSession(); - String sessionId = session.getId(); + String pathToLocalRepos = getPathToLocalRepos(); - String pathToLocalRepos = ScmWebEditorConfig.getLocalRepositoriesPath() + File.separator + sessionId; - - ScmProvider provider = ScmWebEditorConfig.getProvider(scmType); - ScmConnection scmConn = provider.getConnection(address, pathToLocalRepos); + ScmProvider provider = getScmProvider(); scmSupportsBranches = provider.supportsBranches(); filesDirectlyAccessible = provider.filesDirectlyAccessible(); // if the repository is not protected, we get its UUID - String repositoryUUID = scmConn.getRepositoryId(); - if (repositoryUUID == null) { - repositoryUUID = address.replace(' ', '_'); - repositoryUUID = Normalizer.normalize(repositoryUUID, Normalizer.Form.NFD).replaceAll("[\u0300-\u036F]", ""); - } + String repositoryUUID = getRepositoryUUID(); if (repositoryRoot == null) { repositoryRoot = address.substring(0, address.lastIndexOf('/')); @@ -124,80 +108,17 @@ public class ViewImageAction extends ScmWebEditorMainAction { repositoryRoot = address.substring(0, address.lastIndexOf('/')); } - if (log.isDebugEnabled()) { - log.debug("Login : " + username); - } - - - /* - * Reading the cookie - */ - - - String usernamepwCookie = null; - // read the cookies - - BlowfishCipherService bf = new BlowfishCipherService(); - - byte[] privateKey = Base64.decode(ScmWebEditorConfig.getKey()); - - if (request.getCookies() != null) { - for (Cookie c : request.getCookies()) { - if (c.getName().equals(repositoryUUID)) { - usernamepwCookie = c.getValue(); - } - } - } - - if (usernamepwCookie != null) { - String usernameDecode = null; - try { - usernameDecode = new String(bf.decrypt(Base64.decode(usernamepwCookie), privateKey).getBytes(), "UTF-8"); - } catch (UnsupportedEncodingException e) { - if (log.isErrorEnabled()) { - log.error("Can not create a String with UTF-8 encoding"); - } - } - - if (usernameDecode != null) { - String[] resCookie = usernameDecode.split(","); - if (resCookie.length == 2) { - username = resCookie[0]; - pw = resCookie[1]; - } - } - } - - if (saveCookie) { - if (username != null && pw != null) { - - if (!username.equals("") && !pw.equals("")) { - - Cookie authCookie = null; - - try { - authCookie = new Cookie(repositoryUUID, bf.encrypt((username + "," + pw).getBytes("UTF-8"), privateKey).toBase64()); - } catch (UnsupportedEncodingException e) { - if (log.isErrorEnabled()) { - log.error("Can not get a String from UTF-8 encoding"); - } - } - - if (authCookie != null) { - authCookie.setMaxAge(60 * 60 * 24 * 365); - response.addCookie(authCookie); - } - } - } + // authentication + Optional<UsernamePasswordToken> optionalAuthentication = initAuthenticationInformations(repositoryUUID, true, saveCookie); + boolean withAuthentication = optionalAuthentication.isPresent(); + String username = withAuthentication ? optionalAuthentication.get().getUsername() : null; + String pw = withAuthentication ? new String(optionalAuthentication.get().getPassword()) : null; + if (log.isDebugEnabled()) { + log.debug("Login : " + username + " to " + repositoryUUID); } - // authentication - String[] usernamePw = getUsernamePwFromSession(repositoryUUID, username, pw); - username = usernamePw[0]; - pw = usernamePw[1]; - String name = username; String password = pw; @@ -233,6 +154,8 @@ public class ViewImageAction extends ScmWebEditorMainAction { * Getting the file's revision */ + ScmConnection scmConn = provider.getConnection(address, pathToLocalRepos); + try { numRevision = scmConn.getHeadRevisionNumber(address, name, password); } catch (AuthenticationException e) { @@ -243,18 +166,8 @@ public class ViewImageAction extends ScmWebEditorMainAction { log.debug("Auth Fail ", e); } - // deleting the cookies for this repository - for (Cookie c : request.getCookies()) { - if (c.getName().equals(repositoryUUID)) { - c.setMaxAge(0);//On supprime le cookie - response.addCookie(c); - if (log.isDebugEnabled()) { - log.debug("Cookie supprimé"); - } - } - } + removeRepositoryFromCache(repositoryUUID); - getScmSession().delScmUser(repositoryUUID); //redirect to a login page return LOGIN; } catch (IllegalArgumentException e) { @@ -266,7 +179,6 @@ public class ViewImageAction extends ScmWebEditorMainAction { imagePath = scmConn.getFilePath(address, repositoryRoot, username, pw); - if (log.isInfoEnabled()) { log.info("IP client : " + request.getRemoteAddr() + " , get file : " + address + ". File's mimetype : " + mimeType); @@ -274,4 +186,5 @@ public class ViewImageAction extends ScmWebEditorMainAction { return VIEW_IMAGE; } + } diff --git a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ViewRevisionAction.java b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ViewRevisionAction.java index 0f4bf55..1c19d6b 100644 --- a/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ViewRevisionAction.java +++ b/swe-ui-web/src/main/java/org/nuiton/scmwebeditor/uiweb/actions/ViewRevisionAction.java @@ -24,19 +24,13 @@ package org.nuiton.scmwebeditor.uiweb.actions; import org.apache.commons.io.FileUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.apache.shiro.codec.Base64; -import org.apache.shiro.crypto.BlowfishCipherService; +import org.apache.shiro.authc.UsernamePasswordToken; import org.nuiton.scmwebeditor.api.ScmConnection; -import org.nuiton.scmwebeditor.api.ScmProvider; -import org.nuiton.scmwebeditor.uiweb.ScmWebEditorConfig; import javax.naming.AuthenticationException; -import javax.servlet.http.Cookie; -import javax.servlet.http.HttpSession; import java.io.File; import java.io.IOException; -import java.io.UnsupportedEncodingException; -import java.text.Normalizer; +import java.util.Optional; /** * Allows to view a file at the given revision @@ -81,90 +75,25 @@ public class ViewRevisionAction extends ScmWebEditorMainAction { public void setError(String error) { this.error = error; } - /** - * Execution of the view history action - * @return a code interpreted in the file struts.xml - */ + @Override public String execute() { - HttpSession session = request.getSession(); - String sessionId = session.getId(); - error = null; - String pathToLocalRepos = ScmWebEditorConfig.getLocalRepositoriesPath() + File.separator + sessionId; - - ScmProvider provider = ScmWebEditorConfig.getProvider(scmType); - ScmConnection scmConn = provider.getConnection(address, pathToLocalRepos); + ScmConnection scmConn = getScmConnection(); // if the repository is not protected, we get its UUID - String repositoryUUID = scmConn.getRepositoryId(); - if (repositoryUUID == null) { - repositoryUUID = address.replace(' ', '_'); - repositoryUUID = Normalizer.normalize(repositoryUUID, Normalizer.Form.NFD).replaceAll("[\u0300-\u036F]", ""); - } - - if (log.isDebugEnabled()) { - log.debug("Login : " + username); - } - - - /* - * Reading the cookie - */ - - - String usernamepwCookie = null; - // read the cookies - - BlowfishCipherService bf = new BlowfishCipherService(); - - byte[] privateKey = Base64.decode(ScmWebEditorConfig.getKey()); + String repositoryUUID = getRepositoryUUID(); - if (request.getCookies() != null) { - for (Cookie c : request.getCookies()) { - if (c.getName().equals(repositoryUUID)) { - usernamepwCookie = c.getValue(); - } - } - } - - if (usernamepwCookie != null) { - - String usernameDecode = null; - try { - usernameDecode = new String(bf.decrypt(Base64.decode(usernamepwCookie), privateKey).getBytes(), "UTF-8"); - } catch (UnsupportedEncodingException e) { - if (log.isErrorEnabled()) { - log.error("Can not create a String with UTF-8 encoding"); - } - } - - if (usernameDecode != null) { - String[] resCookie = usernameDecode.split(","); - if (resCookie.length == 2) { - username = resCookie[0]; - pw = resCookie[1]; - } - } - } - - if (saveCookie) { - if (username != null && pw != null) { - - if (!username.equals("") && !pw.equals("")) { - Cookie authCookie = new Cookie(repositoryUUID, bf.encrypt((username + "," + pw).getBytes(), privateKey).toBase64()); - authCookie.setMaxAge(60 * 60 * 24 * 365); - response.addCookie(authCookie); - } - } + Optional<UsernamePasswordToken> optionalAuthentication = initAuthenticationInformations(repositoryUUID, true, saveCookie); + boolean withAuthentication = optionalAuthentication.isPresent(); + String username = withAuthentication ? optionalAuthentication.get().getUsername() : null; + String pw = withAuthentication ? new String(optionalAuthentication.get().getPassword()) : null; + if (log.isDebugEnabled()) { + log.debug("Login : " + username + " to repository: " + repositoryUUID); } - // authentication - String[] usernamePw = getUsernamePwFromSession(repositoryUUID, username, pw); - username = usernamePw[0]; - pw = usernamePw[1]; String name = username; String password = pw; @@ -181,6 +110,7 @@ public class ViewRevisionAction extends ScmWebEditorMainAction { * Getting the file's revision */ + String address = getAddress(); try { String revision = revision1; @@ -204,18 +134,8 @@ public class ViewRevisionAction extends ScmWebEditorMainAction { log.debug("Auth Fail ", e); } - // deleting the cookies for this repository - for (Cookie c : request.getCookies()) { - if (c.getName().equals(repositoryUUID)) { - c.setMaxAge(0);//On supprime le cookie - response.addCookie(c); - if (log.isDebugEnabled()) { - log.debug("Cookie supprimé"); - } - } - } + removeRepositoryFromCache(repositoryUUID); - getScmSession().delScmUser(repositoryUUID); error = LOGIN; return LOGIN; } catch (IOException e) { @@ -228,4 +148,5 @@ public class ViewRevisionAction extends ScmWebEditorMainAction { return SUCCESS; } + } -- To stop receiving notification emails like this one, please contact nuiton.org SCM administrator <admin+scm@nuiton.org>.