You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@usergrid.apache.org by mr...@apache.org on 2016/09/10 18:51:53 UTC
usergrid git commit: Ensure database/setup and database/bootstrap
will work if superuser has not yet been provisioned.
Repository: usergrid
Updated Branches:
refs/heads/hotfix-20160819 f890e05ef -> 12c88bd77
Ensure database/setup and database/bootstrap will work if superuser has not yet been provisioned.
Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo
Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/12c88bd7
Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/12c88bd7
Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/12c88bd7
Branch: refs/heads/hotfix-20160819
Commit: 12c88bd774ccc5828750c91fddbaeeb402f8f53c
Parents: f890e05
Author: Michael Russo <mr...@apigee.com>
Authored: Sat Sep 10 11:51:09 2016 -0700
Committer: Michael Russo <mr...@apigee.com>
Committed: Sat Sep 10 11:51:09 2016 -0700
----------------------------------------------------------------------
.../rest/security/shiro/filters/BasicAuthSecurityFilter.java | 5 ++++-
.../java/org/apache/usergrid/services/AbstractService.java | 8 ++++++++
2 files changed, 12 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/usergrid/blob/12c88bd7/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/BasicAuthSecurityFilter.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/BasicAuthSecurityFilter.java b/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/BasicAuthSecurityFilter.java
index 8eb03cf..c3efec1 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/BasicAuthSecurityFilter.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/BasicAuthSecurityFilter.java
@@ -86,8 +86,11 @@ public class BasicAuthSecurityFilter extends SecurityFilter {
}
try {
+ String rawPath = request.getUriInfo().getAbsolutePath().getRawPath();
// make sure the sysadmin can be provisioned, we've already done a user/pass check
- if(request.getUriInfo().getAbsolutePath().getRawPath().contains("superuser/setup")){
+ if(rawPath.contains("superuser/setup") || rawPath.contains("database/setup") ||
+ rawPath.contains("database/bootstrap")){
+
management.provisionSuperuser();
}
http://git-wip-us.apache.org/repos/asf/usergrid/blob/12c88bd7/stack/services/src/main/java/org/apache/usergrid/services/AbstractService.java
----------------------------------------------------------------------
diff --git a/stack/services/src/main/java/org/apache/usergrid/services/AbstractService.java b/stack/services/src/main/java/org/apache/usergrid/services/AbstractService.java
index c627730..6736894 100644
--- a/stack/services/src/main/java/org/apache/usergrid/services/AbstractService.java
+++ b/stack/services/src/main/java/org/apache/usergrid/services/AbstractService.java
@@ -48,6 +48,7 @@ import rx.Subscriber;
import java.util.*;
import static org.apache.usergrid.security.shiro.utils.SubjectUtils.getPermissionFromPath;
+import static org.apache.usergrid.security.shiro.utils.SubjectUtils.isServiceAdmin;
import static org.apache.usergrid.services.ServiceParameter.filter;
import static org.apache.usergrid.services.ServiceParameter.mergeQueries;
import static org.apache.usergrid.utils.ClassUtils.cast;
@@ -1353,6 +1354,13 @@ public abstract class AbstractService implements Service {
return;
}
+ if( isServiceAdmin() ){
+ if(logger.isDebugEnabled()){
+ logger.debug("Subject is the sysadmin, short-circuiting and allowing access");
+ }
+ return;
+ }
+
String perm = getPermissionFromPath(
em.getApplicationRef().getUuid(), context.getAction().toString().toLowerCase(), path );
boolean permitted = currentUser.isPermitted( perm );