minor fix
This commit is contained in:
@@ -17,6 +17,7 @@ import net.woggioni.rbcs.api.Configuration
|
|||||||
import net.woggioni.rbcs.api.Configuration.Group
|
import net.woggioni.rbcs.api.Configuration.Group
|
||||||
import net.woggioni.rbcs.api.Role
|
import net.woggioni.rbcs.api.Role
|
||||||
import net.woggioni.rbcs.common.createLogger
|
import net.woggioni.rbcs.common.createLogger
|
||||||
|
import net.woggioni.rbcs.common.debug
|
||||||
import net.woggioni.rbcs.server.RemoteBuildCacheServer
|
import net.woggioni.rbcs.server.RemoteBuildCacheServer
|
||||||
|
|
||||||
abstract class AbstractNettyHttpAuthenticator(private val authorizer: Authorizer) : ChannelInboundHandlerAdapter() {
|
abstract class AbstractNettyHttpAuthenticator(private val authorizer: Authorizer) : ChannelInboundHandlerAdapter() {
|
||||||
@@ -56,15 +57,17 @@ abstract class AbstractNettyHttpAuthenticator(private val authorizer: Authorizer
|
|||||||
result.groups.asSequence().flatMap { it.roles.asSequence() }
|
result.groups.asSequence().flatMap { it.roles.asSequence() }
|
||||||
).toSet()
|
).toSet()
|
||||||
val authorized = authorizer.authorize(roles, msg)
|
val authorized = authorizer.authorize(roles, msg)
|
||||||
if(log.isDebugEnabled) {
|
log.debug {
|
||||||
val authorizedMessage = if(authorized) { "Authorized" } else { "Forbidden" }
|
val authorizedMessage = if (authorized) {
|
||||||
val clientAddress = ctx.channel().attr<InetSocketAddress>(RemoteBuildCacheServer.clientIp).get()
|
"Authorized"
|
||||||
val roleString = "[" + roles.asSequence().map { "\"" + it + "\""}.joinToString(", ") + "]"
|
} else {
|
||||||
result.user?.name?.takeUnless(String::isEmpty)?.let { username ->
|
"Forbidden"
|
||||||
log.debug("$authorizedMessage ${msg.method()} request from user $username with address $clientAddress, granted roles $roleString")
|
|
||||||
} ?: {
|
|
||||||
log.debug("$authorizedMessage anonymous ${msg.method()} request with address $clientAddress, granted roles $roleString")
|
|
||||||
}
|
}
|
||||||
|
val clientAddress = ctx.channel().attr(RemoteBuildCacheServer.clientIp).get()
|
||||||
|
val roleString = "[" + roles.asSequence().map { "\"" + it + "\"" }.joinToString(", ") + "]"
|
||||||
|
result.user?.name?.takeUnless(String::isEmpty)?.let { username ->
|
||||||
|
"$authorizedMessage ${msg.method()} request from user $username with address $clientAddress, granted roles $roleString"
|
||||||
|
} ?: "$authorizedMessage anonymous ${msg.method()} request with address $clientAddress, granted roles $roleString"
|
||||||
}
|
}
|
||||||
if (authorized) {
|
if (authorized) {
|
||||||
super.channelRead(ctx, msg)
|
super.channelRead(ctx, msg)
|
||||||
|
|||||||
@@ -59,38 +59,28 @@ object ExceptionHandler : ChannelDuplexHandler() {
|
|||||||
override fun exceptionCaught(ctx: ChannelHandlerContext, cause: Throwable) {
|
override fun exceptionCaught(ctx: ChannelHandlerContext, cause: Throwable) {
|
||||||
when (cause) {
|
when (cause) {
|
||||||
is DecoderException -> {
|
is DecoderException -> {
|
||||||
if(log.isDebugEnabled) {
|
log.debug(cause.message, cause)
|
||||||
log.debug(cause.message, cause)
|
|
||||||
}
|
|
||||||
ctx.close()
|
ctx.close()
|
||||||
}
|
}
|
||||||
|
|
||||||
is ConnectException -> {
|
is ConnectException -> {
|
||||||
if(log.isErrorEnabled) {
|
log.error(cause.message, cause)
|
||||||
log.error(cause.message, cause)
|
|
||||||
}
|
|
||||||
ctx.writeAndFlush(SERVER_ERROR.retainedDuplicate())
|
ctx.writeAndFlush(SERVER_ERROR.retainedDuplicate())
|
||||||
}
|
}
|
||||||
|
|
||||||
is SocketException -> {
|
is SocketException -> {
|
||||||
if(log.isDebugEnabled) {
|
log.debug(cause.message, cause)
|
||||||
log.debug(cause.message, cause)
|
|
||||||
}
|
|
||||||
ctx.close()
|
ctx.close()
|
||||||
}
|
}
|
||||||
|
|
||||||
is SSLPeerUnverifiedException -> {
|
is SSLPeerUnverifiedException -> {
|
||||||
if(log.isDebugEnabled) {
|
log.debug(cause.message, cause)
|
||||||
log.debug(cause.message, cause)
|
|
||||||
}
|
|
||||||
ctx.writeAndFlush(NOT_AUTHORIZED.retainedDuplicate())
|
ctx.writeAndFlush(NOT_AUTHORIZED.retainedDuplicate())
|
||||||
.addListener(ChannelFutureListener.CLOSE_ON_FAILURE)
|
.addListener(ChannelFutureListener.CLOSE_ON_FAILURE)
|
||||||
}
|
}
|
||||||
|
|
||||||
is SSLException -> {
|
is SSLException -> {
|
||||||
if(log.isDebugEnabled) {
|
log.debug(cause.message, cause)
|
||||||
log.debug(cause.message, cause)
|
|
||||||
}
|
|
||||||
ctx.close()
|
ctx.close()
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -119,17 +109,13 @@ object ExceptionHandler : ChannelDuplexHandler() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
is CacheException -> {
|
is CacheException -> {
|
||||||
if(log.isErrorEnabled) {
|
log.error(cause.message, cause)
|
||||||
log.error(cause.message, cause)
|
|
||||||
}
|
|
||||||
ctx.writeAndFlush(NOT_AVAILABLE.retainedDuplicate())
|
ctx.writeAndFlush(NOT_AVAILABLE.retainedDuplicate())
|
||||||
.addListener(ChannelFutureListener.CLOSE_ON_FAILURE)
|
.addListener(ChannelFutureListener.CLOSE_ON_FAILURE)
|
||||||
}
|
}
|
||||||
|
|
||||||
else -> {
|
else -> {
|
||||||
if(log.isErrorEnabled) {
|
log.error(cause.message, cause)
|
||||||
log.error(cause.message, cause)
|
|
||||||
}
|
|
||||||
ctx.writeAndFlush(SERVER_ERROR.retainedDuplicate())
|
ctx.writeAndFlush(SERVER_ERROR.retainedDuplicate())
|
||||||
.addListener(ChannelFutureListener.CLOSE_ON_FAILURE)
|
.addListener(ChannelFutureListener.CLOSE_ON_FAILURE)
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user