diff options
author | Jacek Centkowski <geminica.programs@gmail.com> | 2013-10-24 03:22:41 -0700 |
---|---|---|
committer | Jacek Centkowski <geminica.programs@gmail.com> | 2013-11-06 00:51:09 -0800 |
commit | a716d228d4a25e3952663a9dcc4bb2c2851f6cb4 (patch) | |
tree | 35a4940766f678cd1b50c1fc330329f7a6ce23c1 /gerrit-httpd | |
parent | dd1ef1d11440650123a1783339cde5d8fdd267e6 (diff) |
Make plugin servlet's context path authorization aware
When authorized call is performed to plugin servlet its context
contains authorization prefix. Therefore request URI can be matched with
servlet's path and as a result properly handled.
Change-Id: I6b5efc8dfdd3dda85ba8cf1a86a127b19ab9ea6d
Signed-off-by: Jacek Centkowski <geminica.programs@gmail.com>
Diffstat (limited to 'gerrit-httpd')
-rw-r--r-- | gerrit-httpd/src/main/java/com/google/gerrit/httpd/plugins/HttpPluginServlet.java | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/plugins/HttpPluginServlet.java b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/plugins/HttpPluginServlet.java index 549c2398a4..d3693a5a98 100644 --- a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/plugins/HttpPluginServlet.java +++ b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/plugins/HttpPluginServlet.java @@ -78,6 +78,8 @@ class HttpPluginServlet extends HttpServlet private static final long serialVersionUID = 1L; private static final Logger log = LoggerFactory.getLogger(HttpPluginServlet.class); + private static final String PLUGINS_PREFIX = "/plugins/"; + private static final String AUTHORIZED_PREFIX = "/a" + PLUGINS_PREFIX; private final MimeUtilFileTypeRegistry mimeUtil; private final Provider<String> webUrl; @@ -88,6 +90,7 @@ class HttpPluginServlet extends HttpServlet private List<Plugin> pending = Lists.newArrayList(); private String base; + private String authorizedBase; private final ConcurrentMap<String, PluginHolder> plugins = Maps.newConcurrentMap(); @@ -126,7 +129,8 @@ class HttpPluginServlet extends HttpServlet super.init(config); String path = config.getServletContext().getContextPath(); - base = Strings.nullToEmpty(path) + "/plugins/"; + base = Strings.nullToEmpty(path) + PLUGINS_PREFIX; + authorizedBase = Strings.nullToEmpty(path) + AUTHORIZED_PREFIX; for (Plugin plugin : pending) { install(plugin); } @@ -210,7 +214,8 @@ class HttpPluginServlet extends HttpServlet return; } - WrappedRequest wr = new WrappedRequest(req, base + name); + WrappedRequest wr = new WrappedRequest(req, + (isAuthorizedCall(req) ? authorizedBase : base) + name); FilterChain chain = new FilterChain() { @Override public void doFilter(ServletRequest req, ServletResponse res) @@ -225,6 +230,11 @@ class HttpPluginServlet extends HttpServlet } } + private boolean isAuthorizedCall(HttpServletRequest req) { + return !Strings.isNullOrEmpty(req.getServletPath()) + && req.getServletPath().startsWith(AUTHORIZED_PREFIX); + } + private static boolean isApiCall(HttpServletRequest req, List<String> parts) { String method = req.getMethod(); int cnt = parts.size(); |