Make plugin servlet's context path authorization aware

When authorized call is performed to plugin servlet its context contains authorization prefix. Therefore request URI can be matched with servlet's path and as a result properly handled. Change-Id: I6b5efc8dfdd3dda85ba8cf1a86a127b19ab9ea6d Signed-off-by: Jacek Centkowski <geminica.programs@gmail.com>
author: Jacek Centkowski <geminica.programs@gmail.com> 2013-10-24 03:22:41 -0700
committer: Jacek Centkowski <geminica.programs@gmail.com> 2013-11-06 00:51:09 -0800
commit: a716d228d4a25e3952663a9dcc4bb2c2851f6cb4 (patch)
tree: 35a4940766f678cd1b50c1fc330329f7a6ce23c1 /gerrit-httpd
parent: dd1ef1d11440650123a1783339cde5d8fdd267e6 (diff)
1 files changed, 12 insertions, 2 deletions
diff --git a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/plugins/HttpPluginServlet.java b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/plugins/HttpPluginServlet.java
index 549c2398a4..d3693a5a98 100644
--- a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/plugins/HttpPluginServlet.java
+++ b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/plugins/HttpPluginServlet.java
@@ -78,6 +78,8 @@ class HttpPluginServlet extends HttpServlet
   private static final long serialVersionUID = 1L;
   private static final Logger log
       = LoggerFactory.getLogger(HttpPluginServlet.class);
+  private static final String PLUGINS_PREFIX = "/plugins/";
+  private static final String AUTHORIZED_PREFIX = "/a" + PLUGINS_PREFIX;
 
   private final MimeUtilFileTypeRegistry mimeUtil;
   private final Provider<String> webUrl;
@@ -88,6 +90,7 @@ class HttpPluginServlet extends HttpServlet
 
   private List<Plugin> pending = Lists.newArrayList();
   private String base;
+  private String authorizedBase;
   private final ConcurrentMap<String, PluginHolder> plugins
       = Maps.newConcurrentMap();
 
@@ -126,7 +129,8 @@ class HttpPluginServlet extends HttpServlet
     super.init(config);
 
     String path = config.getServletContext().getContextPath();
-    base = Strings.nullToEmpty(path) + "/plugins/";
+    base = Strings.nullToEmpty(path) + PLUGINS_PREFIX;
+    authorizedBase = Strings.nullToEmpty(path) + AUTHORIZED_PREFIX;
     for (Plugin plugin : pending) {
       install(plugin);
     }
@@ -210,7 +214,8 @@ class HttpPluginServlet extends HttpServlet
       return;
     }
 
-    WrappedRequest wr = new WrappedRequest(req, base + name);
+    WrappedRequest wr = new WrappedRequest(req,
+        (isAuthorizedCall(req) ? authorizedBase : base) + name);
     FilterChain chain = new FilterChain() {
       @Override
       public void doFilter(ServletRequest req, ServletResponse res)
@@ -225,6 +230,11 @@ class HttpPluginServlet extends HttpServlet
     }
   }
 
+  private boolean isAuthorizedCall(HttpServletRequest req) {
+    return !Strings.isNullOrEmpty(req.getServletPath())
+        && req.getServletPath().startsWith(AUTHORIZED_PREFIX);
+  }
+
   private static boolean isApiCall(HttpServletRequest req, List<String> parts) {
     String method = req.getMethod();
     int cnt = parts.size();
author	Jacek Centkowski <geminica.programs@gmail.com>	2013-10-24 03:22:41 -0700
committer	Jacek Centkowski <geminica.programs@gmail.com>	2013-11-06 00:51:09 -0800
commit	a716d228d4a25e3952663a9dcc4bb2c2851f6cb4 (patch)
tree	35a4940766f678cd1b50c1fc330329f7a6ce23c1 /gerrit-httpd
parent	dd1ef1d11440650123a1783339cde5d8fdd267e6 (diff)