mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
27296 Commits
59 Branches
Tree: 458617e27f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '458617e27f'
${ noResults }
sonarqube/sonar-plugin-api/src/main/java/org/sonar/api/web/ServletFilter.java

ServletFilter.java 8.3KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2018 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.api.web;

  21. 

  22. import java.util.ArrayList;

  23. import java.util.Arrays;

  24. import java.util.Collection;

  25. import java.util.HashSet;

  26. import java.util.LinkedHashSet;

  27. import java.util.List;

  28. import java.util.Set;

  29. import java.util.function.Predicate;

  30. import java.util.stream.Collectors;

  31. import javax.servlet.Filter;

  32. import org.sonar.api.ExtensionPoint;

  33. import org.sonar.api.server.ServerSide;

  34. 

  35. import static com.google.common.base.Preconditions.checkArgument;

  36. import static java.util.Arrays.asList;

  37. import static java.util.Collections.unmodifiableList;

  38. import static org.apache.commons.lang.StringUtils.substringBeforeLast;

  39. 

  40. /**

  41.  * @since 3.1

  42.  */

  43. @ServerSide

  44. @ExtensionPoint

  45. public abstract class ServletFilter implements Filter {

  46. 

  47.   /**

  48.    * Override to change URL. Default is /*

  49.    */

  50.   public UrlPattern doGetPattern() {

  51.     return UrlPattern.builder().build();

  52.   }

  53. 

  54.   public static final class UrlPattern {

  55. 

  56.     private static final String MATCH_ALL = "/*";

  57. 

  58.     private final List<String> inclusions;

  59.     private final List<String> exclusions;

  60.     private final Predicate<String>[] inclusionPredicates;

  61.     private final Predicate<String>[] exclusionPredicates;

  62. 

  63.     private UrlPattern(Builder builder) {

  64.       this.inclusions = unmodifiableList(new ArrayList<>(builder.inclusions));

  65.       this.exclusions = unmodifiableList(new ArrayList<>(builder.exclusions));

  66.       if (builder.inclusionPredicates.isEmpty()) {

  67.         // because Stream#anyMatch() returns false if stream is empty

  68.         this.inclusionPredicates = new Predicate[] {s -> true};

  69.       } else {

  70.         this.inclusionPredicates = builder.inclusionPredicates.stream().toArray(Predicate[]::new);

  71.       }

  72.       this.exclusionPredicates = builder.exclusionPredicates.stream().toArray(Predicate[]::new);

  73.     }

  74. 

  75.     public boolean matches(String path) {

  76.       return !Arrays.stream(exclusionPredicates).anyMatch(pattern -> pattern.test(path)) &&

  77.         Arrays.stream(inclusionPredicates).anyMatch(pattern -> pattern.test(path));

  78.     }

  79. 

  80.     /**

  81.      * @since 6.0

  82.      */

  83.     public Collection<String> getInclusions() {

  84.       return inclusions;

  85.     }

  86. 

  87.     /**

  88.      * @since 6.0

  89.      */

  90.     public Collection<String> getExclusions() {

  91.       return exclusions;

  92.     }

  93. 

  94.     /**

  95.      * @deprecated replaced in version 6.0 by {@link #getInclusions()} and {@link #getExclusions()}

  96.      * @throws IllegalStateException if at least one exclusion or more than one inclusions are defined

  97.      */

  98.     @Deprecated

  99.     public String getUrl() {

  100.       // Before 6.0, it was only possible to include one url

  101.       if (exclusions.isEmpty() && inclusions.size() == 1) {

  102.         return inclusions.get(0);

  103.       }

  104.       throw new IllegalStateException("this method is deprecated and should not be used anymore");

  105.     }

  106. 

  107.     public String label() {

  108.       return "UrlPattern{" +

  109.         "inclusions=[" + convertPatternsToString(inclusions) + "]" +

  110.         ", exclusions=[" + convertPatternsToString(exclusions) + "]" +

  111.         '}';

  112.     }

  113. 

  114.     private static String convertPatternsToString(List<String> input) {

  115.       StringBuilder output = new StringBuilder();

  116.       if (input.isEmpty()) {

  117.         return "";

  118.       }

  119.       if (input.size() == 1) {

  120.         return output.append(input.get(0)).toString();

  121.       }

  122.       return output.append(input.get(0)).append(", ...").toString();

  123.     }

  124. 

  125.     /**

  126.      * Defines only a single inclusion pattern. This is a shortcut for {@code builder().includes(inclusionPattern).build()}.

  127.      */

  128.     public static UrlPattern create(String inclusionPattern) {

  129.       return builder().includes(inclusionPattern).build();

  130.     }

  131. 

  132.     /**

  133.      * @since 6.0

  134.      */

  135.     public static Builder builder() {

  136.       return new Builder();

  137.     }

  138. 

  139.     /**

  140.      * @since 6.0

  141.      */

  142.     public static class Builder {

  143.       private static final String WILDCARD_CHAR = "*";

  144.       private static final Collection<String> STATIC_RESOURCES = unmodifiableList(asList(

  145.         "*.css", "*.css.map", "*.ico", "*.png", "*.jpg", "*.jpeg", "*.gif", "*.svg", "*.js", "*.js.map", "*.pdf", "/json/*",

  146.         "/static/*", "/robots.txt", "/favicon.ico", "/apple-touch-icon*", "/mstile*"));

  147. 

  148.       private final Set<String> inclusions = new LinkedHashSet<>();

  149.       private final Set<String> exclusions = new LinkedHashSet<>();

  150.       private final Set<Predicate<String>> inclusionPredicates = new HashSet<>();

  151.       private final Set<Predicate<String>> exclusionPredicates = new HashSet<>();

  152. 

  153.       private Builder() {

  154.       }

  155. 

  156.       public static Collection<String> staticResourcePatterns() {

  157.         return STATIC_RESOURCES;

  158.       }

  159. 

  160.       /**

  161.        * Add inclusion patterns. Supported formats are:

  162.        * <ul>

  163.        *   <li>path prefixed by / and ended by * or /*, for example "/api/foo/*", to match all paths "/api/foo" and "api/api/foo/something/else"</li>

  164.        *   <li>path prefixed by / and ended by .*, for example "/api/foo.*", to match exact path "/api/foo" with any suffix like "/api/foo.protobuf"</li>

  165.        *   <li>path prefixed by *, for example "*\/foo", to match all paths "/api/foo" and "something/else/foo"</li>

  166.        *   <li>path with leading slash and no wildcard, for example "/api/foo", to match exact path "/api/foo"</li>

  167.        * </ul>

  168.        */

  169.       public Builder includes(String... includePatterns) {

  170.         return includes(asList(includePatterns));

  171.       }

  172. 

  173.       /**

  174.        * Add exclusion patterns. See format described in {@link #includes(String...)}

  175.        */

  176.       public Builder includes(Collection<String> includePatterns) {

  177.         this.inclusions.addAll(includePatterns);

  178.         this.inclusionPredicates.addAll(includePatterns.stream()

  179.           .filter(pattern -> !MATCH_ALL.equals(pattern))

  180.           .map(Builder::compile)

  181.           .collect(Collectors.toList()));

  182.         return this;

  183.       }

  184. 

  185.       public Builder excludes(String... excludePatterns) {

  186.         return excludes(asList(excludePatterns));

  187.       }

  188. 

  189.       public Builder excludes(Collection<String> excludePatterns) {

  190.         this.exclusions.addAll(excludePatterns);

  191.         this.exclusionPredicates.addAll(excludePatterns.stream()

  192.           .map(Builder::compile)

  193.           .collect(Collectors.toList()));

  194.         return this;

  195.       }

  196. 

  197.       public UrlPattern build() {

  198.         return new UrlPattern(this);

  199.       }

  200. 

  201.       private static Predicate<String> compile(String pattern) {

  202.         int countStars = pattern.length() - pattern.replace(WILDCARD_CHAR, "").length();

  203.         if (countStars == 0) {

  204.           checkArgument(pattern.startsWith("/"), "URL pattern must start with slash '/': %s", pattern);

  205.           return url -> url.equals(pattern);

  206.         }

  207.         checkArgument(countStars == 1, "URL pattern accepts only zero or one wildcard character '*': %s", pattern);

  208.         if (pattern.charAt(0) == '/') {

  209.           checkArgument(pattern.endsWith(WILDCARD_CHAR), "URL pattern must end with wildcard character '*': %s", pattern);

  210.           if (pattern.endsWith("/*")) {

  211.             String path = pattern.substring(0, pattern.length() - "/*".length());

  212.             return url -> url.startsWith(path);

  213.           }

  214.           if (pattern.endsWith(".*")) {

  215.             String path = pattern.substring(0, pattern.length() - ".*".length());

  216.             return url -> substringBeforeLast(url, ".").equals(path);

  217.           }

  218.           String path = pattern.substring(0, pattern.length() - "*".length());

  219.           return url -> url.startsWith(path);

  220.         }

  221.         checkArgument(pattern.startsWith(WILDCARD_CHAR), "URL pattern must start with wildcard character '*': %s", pattern);

  222.         // remove the leading *

  223.         String path = pattern.substring(1);

  224.         return url -> url.endsWith(path);

  225.       }

  226.     }

  227.   }

  228. }