Remove dead code need_authentication.rb

author: Simon Brandhof <simon.brandhof@sonarsource.com> 2016-09-23 17:13:27 +0200
committer: Simon Brandhof <simon.brandhof@sonarsource.com> 2016-10-05 13:18:11 +0200
commit: a10d6281091b8b503658eb3cf7172359a18e18cc (patch)
tree: 6a6243db727e84caa433a1470cd565d93bf07295 /server/sonar-web/src/main/webapp
parent: d4c35c39e4da64c42869bba806a6e4fefb8db379 (diff)
download: sonarqube-a10d6281091b8b503658eb3cf7172359a18e18cc.tar.gz
sonarqube-a10d6281091b8b503658eb3cf7172359a18e18cc.zip
2 files changed, 1 insertions, 266 deletions
diff --git a/server/sonar-web/src/main/webapp/WEB-INF/app/models/user.rb b/server/sonar-web/src/main/webapp/WEB-INF/app/models/user.rb
index 34f10ac5b18..4575d7a5722 100644
--- a/server/sonar-web/src/main/webapp/WEB-INF/app/models/user.rb
+++ b/server/sonar-web/src/main/webapp/WEB-INF/app/models/user.rb
@@ -40,8 +40,7 @@ class User < ActiveRecord::Base
   include Authentication
   include Authentication::ByPassword
   include NeedAuthorization::ForUser
-  include NeedAuthentication::ForUser
-
+  
   validates_presence_of :name
   validates_length_of :name, :maximum => 200, :unless => 'name.blank?'
 
diff --git a/server/sonar-web/src/main/webapp/WEB-INF/lib/need_authentication.rb b/server/sonar-web/src/main/webapp/WEB-INF/lib/need_authentication.rb
deleted file mode 100644
index 3d25c117168..00000000000
--- a/server/sonar-web/src/main/webapp/WEB-INF/lib/need_authentication.rb
+++ /dev/null
@@ -1,264 +0,0 @@
-#
-# SonarQube, open source software quality management tool.
-# Copyright (C) 2008-2014 SonarSource
-# mailto:contact AT sonarsource DOT com
-#
-# SonarQube is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser General Public
-# License as published by the Free Software Foundation; either
-# version 3 of the License, or (at your option) any later version.
-#
-# SonarQube is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-# Lesser General Public License for more details.
-#
-# You should have received a copy of the GNU Lesser General Public License
-# along with this program; if not, write to the Free Software Foundation,
-# Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
-#
-
-#
-# Use Sonar database (table USERS) to authenticate users.
-#
-class DefaultRealm
-  def authenticate?(username, password, servlet_request)
-    result=nil
-    if !username.blank? && !password.blank?
-      user=User.find_active_by_login(username)
-      if user && user.authenticated?(password)
-        result=user
-        Java::OrgSonarServerUser::RubyUserSession.setSession(user.id.to_i, user.login, user.name, user.groups.collect {|g| g.name}.to_a, nil)
-      end
-      result
-    end
-    result
-  end
-end
-
-#
-# Use an external security system with fallback to Sonar database.
-# See the Java extension point org.sonar.api.security.SecurityRealm
-#
-class PluginRealm
-  def initialize(java_realm)
-    @java_authenticator = java_realm.doGetAuthenticator()
-    @java_users_provider = java_realm.getUsersProvider()
-    @java_groups_provider = java_realm.getGroupsProvider()
-    @save_password = Api::Utils.java_facade.getSettings().getBoolean('sonar.security.savePassword')
-  end
-
-  def authenticate?(username, password, servlet_request)
-    countUserLocal = User.count('id', :conditions => ['login=? and user_local=?', username, true])
-    if countUserLocal > 0
-      result = local_auth(username, password)
-    else
-      result = auth(username, password, servlet_request)
-    end
-    if result
-      Java::OrgSonarServerUser::RubyUserSession.setSession(result.id.to_i, result.login, result.name, result.groups.collect {|g| g.name}.to_a, nil)
-    end
-    result
-  end
-
-  #
-  # Authenticate using password from Sonar Database
-  #
-  def local_auth(username, password)
-    result = nil
-    if !username.blank? && !password.blank?
-      user = User.find_active_by_login(username)
-      result = user if user && user.authenticated?(password)
-    end
-    result
-  end
-
-  #
-  # Authenticate using external system
-  #
-  def external_auth(username, password, servlet_request, details)
-    if @java_authenticator
-      context = org.sonar.api.security.Authenticator::Context.new(username, password, servlet_request)
-      status = @java_authenticator.doAuthenticate(context)
-      status ? synchronize(username, password, details, servlet_request) : nil
-    else
-      # No authenticator
-      nil
-    end
-  end
-
-  #
-  # Authenticate user using external system. Can fallback on local auth if external system is not available. Return the user.
-  #
-  def auth(username, password, servlet_request)
-    if @java_users_provider
-      begin
-        provider_context = org.sonar.api.security.ExternalUsersProvider::Context.new(username, servlet_request)
-        details = @java_users_provider.doGetUserDetails(provider_context)
-      rescue => e
-        # Maybe LDAP server is not available
-        Rails.logger.error("Error from external users provider: exception #{e.class.name}: #{e.message}")
-        @save_password ? local_auth(username, password) : false
-      else
-        if details
-          # User exist in external system
-          external_auth(username, password, servlet_request, details)
-        else
-          # No such user in external system
-          nil
-        end
-      end
-    else
-      # Legacy authenticator
-      external_auth(username, password, servlet_request, nil)
-    end
-  end
-
-  #
-  # Authentication in external system was successful - replicate password, details and groups into Sonar
-  # Return the user.
-  #
-  def synchronize(username, password, details, servlet_request)
-    user_id = nil
-    user_id = details.getUserId() if details
-
-    username = user_id if !user_id.blank?
-    username = details.getName() if username.blank? && details
-
-    user = User.find_by_login(username)
-
-    now = java.lang.System.currentTimeMillis
-
-    # SONAR-4950 Use a transaction to prevent multiple insertion of same groups
-    User.transaction do
-      if !user
-        # No such user in Sonar database
-        return nil if !Api::Utils.java_facade.getSettings().getBoolean('sonar.authenticator.createUsers')
-        # Automatically create a user in the sonar db if authentication has been successfully done
-        user = User.new(:login => username, :name => username, :email => '', :created_at => now, :updated_at => now)
-        user.external_identity= username
-        user.external_identity_provider= 'sonarqube'
-        user.user_local= false
-
-        if details
-          user.name = details.getName()
-          user.email = details.getEmail()
-        end
-        default_group_name = Api::Utils.java_facade.getSettings().getString('sonar.defaultGroup')
-        default_group = Group.find_by_name(default_group_name)
-        if default_group
-          user.groups << default_group
-        else
-          Rails.logger.error("The default user group does not exist: #{default_group_name}. Please check the parameter 'Default user group' in general settings.")
-        end
-      else
-        # Existing user
-        if details
-          user.name = details.getName()
-          user.email = details.getEmail()
-        end
-
-        # Update external identity and local info for existing users
-        user.external_identity= username
-        user.external_identity_provider= 'sonarqube'
-        user.user_local= false
-
-        # Force the update of updated_at in order to execute an SQL update to block other session
-        user.updated_at = now
-      end
-      if @save_password
-        user.password = password
-        user.password_confirmation = password
-      end
-
-      # A user that is synchronized with an external system is always set to 'active' (see SONAR-3258 for the deactivation concept)
-      user.active=true
-      # Note that validation disabled
-      user.save(false)
-
-      synchronize_groups(user, servlet_request)
-      # Note that validation disabled
-      user.save(false)
-    end
-    # Must be outside the transaction in order to not have a lock on the users table : http://jira.sonarsource.com/browse/SONAR-6726
-    user.notify_creation_handlers
-    
-    Internal.users_api.index()
-
-    # Return user
-    user
-  end
-
-  def synchronize_groups(user, servlet_request)
-    if @java_groups_provider
-      begin
-        provider_context = org.sonar.api.security.ExternalGroupsProvider::Context.new(user.login, servlet_request)
-        groups = @java_groups_provider.doGetGroups(provider_context)
-      rescue Exception => e
-        Rails.logger.error("Error from external groups provider: #{e.message}")
-      else
-        if groups
-          user.groups = []
-          for group_name in groups
-            group = Group.find_by_name(group_name)
-            if group
-              user.groups << group
-            end
-          end
-        end
-      end
-    end
-  end
-end
-
-#
-# Load the realm to use. The server must be restarted when configuration is changed.
-#
-class RealmFactory
-  @@realm = nil
-
-  def self.realm
-    if @@realm.nil?
-      realm_factory = Api::Utils.java_facade.getCoreComponentByClassname('org.sonar.server.user.SecurityRealmFactory')
-      if realm_factory
-        component = realm_factory.getRealm()
-        @@realm = component ? PluginRealm.new(component) : DefaultRealm.new
-      else
-        # SecurityRealmFactory is not yet available in pico, for example during db upgrade
-      end
-    end
-    @@realm
-  end
-end
-
-
-module NeedAuthentication
-
-  # ForUser module is included by the class User. It redirects authentication to the selected Authenticator.
-  module ForUser
-
-    # Stuff directives into including module
-    def self.included(recipient)
-      recipient.extend(ModelClassMethods)
-    end
-
-    module ModelClassMethods
-      # Authenticates a user by their login name and unencrypted password.  Returns the user or nil.
-      #
-      # uff.  this is really an authorization, not authentication routine.
-      # We really need a Dispatch Chain here or something.
-      # This will also let us return a human error message.
-      #
-      def authenticate(login, password, servlet_request)
-        # Downcase login (typically for Active Directory)
-        # Note that login in Sonar DB is case-sensitive, however in this case authentication and automatic user creation will always happen with downcase login
-        downcase = Api::Utils.java_facade.getSettings().getBoolean('sonar.authenticator.downcase')
-        if login && downcase
-          login = login.downcase
-        end
-
-        RealmFactory.realm.authenticate?(login, password, servlet_request) if RealmFactory.realm
-      end
-    end
-  end
-end
author	Simon Brandhof <simon.brandhof@sonarsource.com>	2016-09-23 17:13:27 +0200
committer	Simon Brandhof <simon.brandhof@sonarsource.com>	2016-10-05 13:18:11 +0200
commit	a10d6281091b8b503658eb3cf7172359a18e18cc (patch)
tree	6a6243db727e84caa433a1470cd565d93bf07295 /server/sonar-web/src/main/webapp
parent	d4c35c39e4da64c42869bba806a6e4fefb8db379 (diff)
download	sonarqube-a10d6281091b8b503658eb3cf7172359a18e18cc.tar.gz sonarqube-a10d6281091b8b503658eb3cf7172359a18e18cc.zip