javax.servlet.annotation.HttpConstraint Java Examples
The following examples show how to use
javax.servlet.annotation.HttpConstraint.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: HttpConstraints.java From packagedrone with Eclipse Public License 1.0 | 6 votes |
|
public static boolean isCallAllowed ( final ControllerMethod m, final HttpServletRequest request )
{
HttpConstraint constraint = m.getMethod ().getAnnotation ( HttpConstraint.class );
if ( constraint == null )
{
constraint = m.getControllerClazz ().getAnnotation ( HttpConstraint.class );
}
if ( constraint == null )
{
return true;
}
return HttpContraintControllerInterceptor.isAllowed ( constraint, request );
}
Example #2
| Source File: ChannelController.java From packagedrone with Eclipse Public License 1.0 | 6 votes |
|
@Secured ( false )
@RequestMapping ( value = "/channel/{channelId}/view", method = RequestMethod.GET )
@HttpConstraint ( PERMIT )
public ModelAndView view ( @PathVariable ( "channelId" ) final String channelId, final HttpServletRequest request, final HttpServletResponse response ) throws ServletException, IOException
{
final Optional<ChannelInformation> channel = this.channelService.getState ( By.name ( channelId ) );
if ( channel.isPresent () )
{
return new ModelAndView ( String.format ( "redirect:/channel/%s/view", channel.get ().getId () ) );
}
else
{
request.getRequestDispatcher ( "tree" ).forward ( request, response );
return null;
}
}
Example #3
| Source File: ChannelController.java From packagedrone with Eclipse Public License 1.0 | 6 votes |
|
@Secured ( false )
@RequestMapping ( value = "/channel/{channelId}/validation", method = RequestMethod.GET )
@HttpConstraint ( PERMIT )
public ModelAndView viewValidation ( @PathVariable ( "channelId" ) final String channelId )
{
try
{
return this.channelService.accessCall ( By.id ( channelId ), ReadableChannel.class, channel -> {
final ModelAndView result = new ModelAndView ( "channel/validation" );
result.put ( "channel", channel.getInformation () );
result.put ( "messages", channel.getInformation ().getState ().getValidationMessages () );
result.put ( "aspects", Activator.getAspects ().getAspectInformations () );
return result;
} );
}
catch ( final ChannelNotFoundException e )
{
return CommonController.createNotFound ( "channel", channelId );
}
}
Example #4
| Source File: ChannelController.java From packagedrone with Eclipse Public License 1.0 | 6 votes |
|
@Secured ( false )
@RequestMapping ( value = "/channel/{channelId}/details", method = RequestMethod.GET )
@HttpConstraint ( PERMIT )
public ModelAndView details ( @PathVariable ( "channelId" ) final String channelId )
{
final ModelAndView result = new ModelAndView ( "channel/details" );
try
{
this.channelService.accessRun ( By.id ( channelId ), ReadableChannel.class, ( channel ) -> {
result.put ( "channel", channel.getInformation () );
} );
}
catch ( final ChannelNotFoundException e )
{
return CommonController.createNotFound ( "channel", channelId );
}
return result;
}
Example #5
| Source File: ChannelController.java From packagedrone with Eclipse Public License 1.0 | 6 votes |
|
@RequestMapping ( "/channel/{channelId}/help/p2" )
@Secured ( false )
@HttpConstraint ( PERMIT )
public ModelAndView helpP2 ( @PathVariable ( "channelId" ) final String channelId )
{
return withChannel ( channelId, ReadableChannel.class, channel -> {
final Map<String, Object> model = new HashMap<> ();
model.put ( "channel", channel.getInformation () );
model.put ( "sitePrefix", this.sitePrefix.getSitePrefix () );
model.put ( "p2Active", channel.hasAspect ( "p2.repo" ) );
return new ModelAndView ( "channel/help/p2", model );
} );
}
Example #6
| Source File: P2RepoController.java From packagedrone with Eclipse Public License 1.0 | 6 votes |
|
@RequestMapping ( value = "/{channelId}/info" )
@Secured ( false )
@HttpConstraint ( PERMIT )
public ModelAndView info ( @PathVariable ( "channelId" ) final String channelId) throws Exception
{
return Channels.withChannel ( this.service, channelId, ReadableChannel.class, channel -> {
final Map<String, Object> model = new HashMap<> ();
final Map<MetaKey, String> metaData = channel.getMetaData ();
final P2ChannelInformation channelInfo = new P2ChannelInformation ();
MetaKeys.bind ( channelInfo, metaData );
model.put ( "channel", channel.getInformation () );
model.put ( "channelInfo", channelInfo );
return new ModelAndView ( "p2info", model );
} );
}
Example #7
| Source File: P2MetaDataController.java From packagedrone with Eclipse Public License 1.0 | 6 votes |
|
@RequestMapping ( value = "/{channelId}/info" )
@Secured ( false )
@HttpConstraint ( PERMIT )
public ModelAndView info ( @PathVariable ( "channelId" ) final String channelId) throws Exception
{
return Channels.withChannel ( this.service, channelId, ReadableChannel.class, channel -> {
final Map<String, Object> model = new HashMap<> ();
final Map<MetaKey, String> metaData = channel.getMetaData ();
final P2MetaDataInformation channelInfo = new P2MetaDataInformation ();
MetaKeys.bind ( channelInfo, metaData );
model.put ( "channel", channel.getInformation () );
model.put ( "channelInfo", channelInfo );
return new ModelAndView ( "p2info", model );
} );
}
Example #8
| Source File: ChannelController.java From packagedrone with Eclipse Public License 1.0 | 6 votes |
|
@RequestMapping ( value = "/channel/{channelId}/viewCacheEntry", method = RequestMethod.GET )
@HttpConstraint ( rolesAllowed = { "MANAGER", "ADMIN" } )
public ModelAndView viewCacheEntry ( @PathVariable ( "channelId" ) final String channelId, @RequestParameter ( "namespace" ) final String namespace, @RequestParameter ( "key" ) final String key, final HttpServletResponse response )
{
return withChannel ( channelId, ReadableChannel.class, channel -> {
if ( !channel.streamCacheEntry ( new MetaKey ( namespace, key ), entry -> {
logger.trace ( "Length: {}, Mime: {}", entry.getSize (), entry.getMimeType () );
response.setContentLengthLong ( entry.getSize () );
response.setContentType ( entry.getMimeType () );
response.setHeader ( "Content-Disposition", String.format ( "inline; filename=%s", URLEncoder.encode ( entry.getName (), "UTF-8" ) ) );
// response.setHeader ( "Content-Disposition", String.format ( "attachment; filename=%s", entry.getName () ) );
ByteStreams.copy ( entry.getStream (), response.getOutputStream () );
} ) )
{
return CommonController.createNotFound ( "channel cache entry", String.format ( "%s:%s", namespace, key ) );
}
return null;
} );
}
Example #9
| Source File: UserController.java From packagedrone with Eclipse Public License 1.0 | 6 votes |
|
@RequestMapping ( value = "/{userId}/view", method = RequestMethod.GET )
@HttpConstraint ( value = EmptyRoleSemantic.PERMIT )
public ModelAndView viewUser ( @PathVariable ( "userId" ) final String userId, final HttpServletRequest request )
{
final boolean you = isYou ( userId, request );
if ( !you && !request.isUserInRole ( "ADMIN" ) )
{
return CommonController.createAccessDenied ();
}
final DatabaseUserInformation user = this.storage.getUserDetails ( userId );
if ( user == null || user.getDetails ( DatabaseDetails.class ) == null )
{
return CommonController.createNotFound ( "user", userId );
}
final ModelAndView model = new ModelAndView ( "user/view" );
model.put ( "user", user );
model.put ( "you", you );
return model;
}
Example #10
| Source File: StorageController.java From packagedrone with Eclipse Public License 1.0 | 6 votes |
|
@HttpConstraint ( rolesAllowed = "ADMIN" )
@RequestMapping ( value = "/system/storage/exportAllFs", method = RequestMethod.POST )
public ModelAndView exportAllFsPost ( @Valid @FormData ( "command" ) final ExportAllFileSystemCommand command, final BindingResult result)
{
if ( result.hasErrors () )
{
return new ModelAndView ( "exportAllFs" );
}
File location;
try
{
location = performExport ( command );
}
catch ( final IOException e )
{
return CommonController.createError ( "Spool out", null, e, true );
}
final String bytes = Strings.bytes ( location.length () );
return CommonController.createSuccess ( "Spool out", "to file system", String.format ( "<strong>Complete!</strong> Successfully spooled out all channels to <code>%s</code> (%s)", location, bytes ) );
}
Example #11
| Source File: HttpContraintControllerInterceptor.java From packagedrone with Eclipse Public License 1.0 | 5 votes |
|
public static boolean isAllowed ( final HttpConstraint constraint, final HttpServletRequest request )
{
final EmptyRoleSemantic empty = constraint.value ();
final String[] allowedRoles = constraint.rolesAllowed ();
if ( allowedRoles == null || allowedRoles.length <= 0 )
{
// no roles
if ( EmptyRoleSemantic.PERMIT.equals ( empty ) )
{
return true;
}
else
{
return false;
}
}
else
{
// check all roles .. one is ok
for ( final String role : allowedRoles )
{
if ( request.isUserInRole ( role ) )
{
return true;
}
}
// we ran out of options
return false;
}
}
Example #12
| Source File: HttpContraintControllerInterceptor.java From packagedrone with Eclipse Public License 1.0 | 5 votes |
|
@Override
public RequestHandler before ( final Object controller, final Method m, final HttpServletRequest request, final HttpServletResponse response, final BiFunction<HttpServletRequest, HttpServletResponse, RequestHandler> next ) throws Exception
{
HttpConstraint s = m.getAnnotation ( HttpConstraint.class );
if ( s == null )
{
s = controller.getClass ().getAnnotation ( HttpConstraint.class );
}
logger.trace ( "Checking http contraints: {} for {}", s, request );
if ( s == null )
{
return next.apply ( request, response );
}
if ( isAllowed ( s, request ) )
{
return next.apply ( request, response );
}
final Principal p = request.getUserPrincipal ();
if ( p == null )
{
// make a different when no one is logged in
return handleLoginRequired ( request, response );
}
return handleAccessDenied ( response );
}
Example #13
| Source File: BackupController.java From packagedrone with Eclipse Public License 1.0 | 5 votes |
|
@RequestMapping ( value = "/provision", method = RequestMethod.POST )
@Secured ( false )
@HttpConstraint ( PERMIT )
public void provision ( final HttpServletRequest request, final HttpServletResponse response ) throws IOException
{
internalProvision ( request, response );
}
Example #14
| Source File: JobController.java From packagedrone with Eclipse Public License 1.0 | 5 votes |
|
@RequestMapping ( value = "/{factoryId}/create", method = RequestMethod.POST )
@HttpConstraint ( rolesAllowed = { "MANAGER", "ADMIN" } )
public ModelAndView create ( @PathVariable ( "factoryId" ) final String factoryId, @RequestParameter (
required = false, value = "data" ) final String data)
{
final JobHandle job = this.manager.startJob ( factoryId, data );
// forward to get loose of the POST request, so that we can reload the status page
return new ModelAndView ( String.format ( "redirect:/job/%s/view", job.getId () ) );
}
Example #15
| Source File: ArtifactController.java From packagedrone with Eclipse Public License 1.0 | 5 votes |
|
@RequestMapping ( value = "/channel/{channelId}/artifacts/{artifactId}/generate", method = RequestMethod.GET )
@HttpConstraint ( PERMIT )
public ModelAndView generate ( @PathVariable ( "channelId" ) final String channelId, @PathVariable ( "artifactId" ) final String artifactId)
{
return Channels.withArtifact ( this.service, channelId, artifactId, ModifiableChannel.class, ( channel, artifact ) -> {
channel.getContext ().regenerate ( artifact.getId () );
return new ModelAndView ( "redirect:/channel/" + UrlEscapers.urlPathSegmentEscaper ().escape ( artifact.getChannelId ().getId () ) + "/view" );
} );
}
Example #16
| Source File: StorageController.java From packagedrone with Eclipse Public License 1.0 | 5 votes |
|
@RequestMapping ( value = "/system/storage" )
@HttpConstraint ( rolesAllowed = { "MANAGER", "ADMIN" } )
public ModelAndView index ()
{
final Map<String, Object> model = new HashMap<> ();
return new ModelAndView ( "index", model );
}
Example #17
| Source File: ChannelController.java From packagedrone with Eclipse Public License 1.0 | 5 votes |
|
@RequestMapping ( value = "/channel/{channelId}/viewCache", method = RequestMethod.GET )
@HttpConstraint ( rolesAllowed = { "MANAGER", "ADMIN" } )
public ModelAndView viewCache ( @PathVariable ( "channelId" ) final String channelId )
{
return withChannel ( channelId, ReadableChannel.class, channel -> {
final Map<String, Object> model = new HashMap<> ();
model.put ( "channel", channel.getInformation () );
model.put ( "cacheEntries", channel.getCacheEntries ().values () );
return new ModelAndView ( "channel/viewCache", model );
} );
}
Example #18
| Source File: ChannelController.java From packagedrone with Eclipse Public License 1.0 | 5 votes |
|
@RequestMapping ( "/channel/{channelId}/help/api" )
@Secured ( false )
@HttpConstraint ( PERMIT )
public ModelAndView helpApi ( @PathVariable ( "channelId" ) final String channelId, final HttpServletRequest request )
{
return withChannel ( channelId, ReadableChannel.class, channel -> {
final Map<String, Object> model = new HashMap<> ();
model.put ( "channel", channel.getInformation () );
model.put ( "sitePrefix", this.sitePrefix.getSitePrefix () );
final String exampleKey;
if ( request.isUserInRole ( "MANAGER" ) )
{
final Collection<DeployKey> keys = this.channelService.getChannelDeployKeys ( By.id ( channel.getId ().getId () ) ).orElse ( emptyList () );
exampleKey = keys.stream ().map ( DeployKey::getKey ).findFirst ().orElse ( DEFAULT_EXAMPLE_KEY );
}
else
{
exampleKey = DEFAULT_EXAMPLE_KEY;
}
model.put ( "hasExampleKey", !DEFAULT_EXAMPLE_KEY.equals ( exampleKey ) );
model.put ( "exampleKey", exampleKey );
model.put ( "exampleSitePrefix", makeCredentialsPrefix ( this.sitePrefix.getSitePrefix (), "deploy", exampleKey ) );
return new ModelAndView ( "channel/help/api", model );
} );
}
Example #19
| Source File: ChannelController.java From packagedrone with Eclipse Public License 1.0 | 5 votes |
|
@Secured ( false )
@RequestMapping ( value = "/channel/{channelId}/viewPlain", method = RequestMethod.GET )
@HttpConstraint ( PERMIT )
public ModelAndView viewPlain ( @PathVariable ( "channelId" ) final String channelId )
{
try
{
return this.channelService.accessCall ( By.id ( channelId ), ReadableChannel.class, ( channel ) -> {
final Map<String, Object> model = new HashMap<> ();
model.put ( "channel", channel.getInformation () );
final Collection<ArtifactInformation> artifacts = channel.getContext ().getArtifacts ().values ();
if ( artifacts.size () > maxWebListSize () )
{
return viewTooMany ( channel );
}
// sort artifacts
final List<ArtifactInformation> sortedArtifacts = new ArrayList<> ( artifacts );
sortedArtifacts.sort ( Comparator.comparing ( ArtifactInformation::getName ) );
model.put ( "sortedArtifacts", sortedArtifacts );
return new ModelAndView ( "channel/view", model );
} );
}
catch ( final ChannelNotFoundException e )
{
return CommonController.createNotFound ( "channel", channelId );
}
}
Example #20
| Source File: ChannelController.java From packagedrone with Eclipse Public License 1.0 | 5 votes |
|
@Secured ( false )
@RequestMapping ( value = "/channel", method = RequestMethod.GET )
@HttpConstraint ( PERMIT )
public ModelAndView list ( @RequestParameter ( value = "start", required = false ) final Integer startPage )
{
final ModelAndView result = new ModelAndView ( "channel/list" );
final List<ChannelListEntry> channels = this.channelService.list ().stream ().flatMap ( ChannelController::toEntry ).collect ( Collectors.toList () );
channels.sort ( CHANNEL_LIST_ENTRY_COMPARATOR );
result.put ( "channels", Pagination.paginate ( startPage, 10, channels ) );
return result;
}
Example #21
| Source File: UserController.java From packagedrone with Eclipse Public License 1.0 | 5 votes |
|
@RequestMapping ( "/{userId}/newPassword" )
@HttpConstraint ( value = EmptyRoleSemantic.PERMIT )
public ModelAndView changePassword ( @PathVariable ( "userId" ) final String userId, final HttpServletRequest request )
{
final Map<String, Object> model = new HashMap<> ();
final boolean you = isYou ( userId, request );
if ( !you && !request.isUserInRole ( "ADMIN" ) )
{
return CommonController.createAccessDenied ();
}
final DatabaseUserInformation user = this.storage.getUserDetails ( userId );
if ( user == null )
{
return CommonController.createNotFound ( "user", userId );
}
final DatabaseDetails details = user.getDetails ( DatabaseDetails.class );
if ( details == null )
{
return CommonController.createNotFound ( "details", userId );
}
final NewPassword data = new NewPassword ();
data.setEmail ( details.getEmail () );
model.put ( "you", you );
model.put ( "command", data );
return new ModelAndView ( "user/newPassword", model );
}
Example #22
| Source File: UserController.java From packagedrone with Eclipse Public License 1.0 | 5 votes |
|
@RequestMapping ( value = "/{userId}/newPassword", method = RequestMethod.POST )
@HttpConstraint ( value = EmptyRoleSemantic.PERMIT )
public ModelAndView changePasswordPost ( @PathVariable ( "userId" ) final String userId, @Valid @FormData ( "command" ) final NewPassword data, final BindingResult result, final HttpServletRequest request )
{
final boolean you = isYou ( userId, request );
if ( !you && !request.isUserInRole ( "ADMIN" ) )
{
return CommonController.createAccessDenied ();
}
final Map<String, Object> model = new HashMap<> ();
model.put ( "you", you );
if ( result.hasErrors () )
{
model.put ( "command", data );
return new ModelAndView ( "user/newPassword", model );
}
try
{
if ( !you /* but we are ADMIN */ )
{
this.storage.updatePassword ( userId, null, data.getPassword () );
}
else
{
this.storage.updatePassword ( userId, data.getCurrentPassword (), data.getPassword () );
}
return new ModelAndView ( "redirect:/user/" + userId + "/view" );
}
catch ( final Exception e )
{
return CommonController.createError ( "Error", "Failed to change password", e );
}
}
Example #23
| Source File: StorageController.java From packagedrone with Eclipse Public License 1.0 | 4 votes |
|
@HttpConstraint ( rolesAllowed = "ADMIN" )
@RequestMapping ( value = "/system/storage/exportAllFs", method = RequestMethod.GET )
public ModelAndView exportAllFs ()
{
return new ModelAndView ( "exportAllFs" );
}
Example #24
| Source File: ServletSecurityElementTest.java From piranha with BSD 3-Clause "New" or "Revised" License | 4 votes |
|
/**
* Test constructor.
*/
@Test
public void testConstructor4() {
ServletSecurity servletSecurity = new ServletSecurity() {
@Override
public HttpMethodConstraint[] httpMethodConstraints() {
return new HttpMethodConstraint[]{
new HttpMethodConstraint() {
@Override
public ServletSecurity.EmptyRoleSemantic emptyRoleSemantic() {
return ServletSecurity.EmptyRoleSemantic.PERMIT;
}
@Override
public String[] rolesAllowed() {
return new String[]{};
}
@Override
public ServletSecurity.TransportGuarantee transportGuarantee() {
return ServletSecurity.TransportGuarantee.NONE;
}
@Override
public String value() {
return "HEAD";
}
@Override
public Class<? extends Annotation> annotationType() {
throw new UnsupportedOperationException("Not supported yet.");
}
}
};
}
@Override
public HttpConstraint value() {
return new HttpConstraint() {
@Override
public String[] rolesAllowed() {
return new String[]{};
}
@Override
public ServletSecurity.TransportGuarantee transportGuarantee() {
return ServletSecurity.TransportGuarantee.NONE;
}
@Override
public ServletSecurity.EmptyRoleSemantic value() {
return ServletSecurity.EmptyRoleSemantic.PERMIT;
}
@Override
public Class<? extends Annotation> annotationType() {
throw new UnsupportedOperationException("Not supported yet.");
}
};
}
@Override
public Class<? extends Annotation> annotationType() {
throw new UnsupportedOperationException("Not supported yet.");
}
};
ServletSecurityElement servletSecurityElement = new ServletSecurityElement(servletSecurity);
assertNotNull(servletSecurityElement);
}
Example #25
| Source File: TransferController.java From packagedrone with Eclipse Public License 1.0 | 4 votes |
|
@RequestMapping ( value = "/channel/export", method = RequestMethod.GET )
@HttpConstraint ( value = EmptyRoleSemantic.PERMIT )
public ModelAndView exportAll ( final HttpServletResponse response )
{
return performExport ( response, makeExportFileName ( null ), this.transferService::exportAll );
}
Example #26
| Source File: TransferController.java From packagedrone with Eclipse Public License 1.0 | 4 votes |
|
@RequestMapping ( value = "/channel/{channelId}/export", method = RequestMethod.GET )
@HttpConstraint ( value = EmptyRoleSemantic.PERMIT )
public ModelAndView exportChannel ( @PathVariable ( "channelId" ) final String channelId, final HttpServletResponse response )
{
return performExport ( response, makeExportFileName ( channelId ), ( stream ) -> this.transferService.exportChannel ( channelId, stream ) );
}
