[sling-org-apache-sling-jcr-jackrabbit-accessmanager] branch master updated: SLING-10452 adjust HTTP status code for invalid :redirect value (#4)

Wed, 02 Jun 2021 13:23:33 -0700 

This is an automated email from the ASF dual-hosted git repository.

enorman pushed a commit to branch master
in repository 
https://gitbox.apache.org/repos/asf/sling-org-apache-sling-jcr-jackrabbit-accessmanager.git


The following commit(s) were added to refs/heads/master by this push:
     new fb71bfb  SLING-10452 adjust HTTP status code for invalid :redirect 
value (#4)
fb71bfb is described below

commit fb71bfb95d89a1ff6981e4eaeb824ec28965e2a5
Author: Eric Norman <[email protected]>
AuthorDate: Wed Jun 2 13:23:21 2021 -0700

    SLING-10452 adjust HTTP status code for invalid :redirect value (#4)
    
    for modifyAce/deleteAce post request
---
 .../post/AbstractAccessPostServlet.java            | 25 ++++++++++++-----
 .../it/AccessManagerClientTestSupport.java         |  2 ++
 .../jackrabbit/accessmanager/it/ModifyAceIT.java   | 31 ++++++++++++++++++++++
 .../jackrabbit/accessmanager/it/RemoveAcesIT.java  | 27 +++++++++++++++++++
 4 files changed, 78 insertions(+), 7 deletions(-)

diff --git 
a/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/AbstractAccessPostServlet.java
 
b/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/AbstractAccessPostServlet.java
index b3db033..92a12d9 100644
--- 
a/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/AbstractAccessPostServlet.java
+++ 
b/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/post/AbstractAccessPostServlet.java
@@ -138,7 +138,18 @@ public abstract class AbstractAccessPostServlet extends 
SlingAllMethodsServlet {
 
         // check for redirect URL if processing succeeded
         if (response.isSuccessful()) {
-            String redirect = getRedirectUrl(request, response);
+            String redirect = null;
+            try {
+                redirect = getRedirectUrl(request, response);
+            } catch (IOException e) {
+                if (log.isDebugEnabled()) {
+                    log.debug(String.format("Exception while handling redirect 
for POST %s with %s",
+                            request.getResource().getPath(), 
getClass().getName()), e);
+                }
+                // http status code for 422 Unprocessable Entity
+                response.setStatus(422, "invalid redirect");
+                response.setError(e);
+            }
             if (redirect != null) {
                 httpResponse.sendRedirect(redirect);
                 return;
@@ -240,10 +251,11 @@ public abstract class AbstractAccessPostServlet extends 
SlingAllMethodsServlet {
      * @param request the sling http request to process
      * @param ctx the post processor
      * @return the redirect location or <code>null</code>
+     * @throws IOException if there is something invalid with the :redirect 
value
      * @deprecated use {@link #getRedirectUrl(HttpServletRequest, 
PostResponse)} instead
      */
     @Deprecated
-    protected String getRedirectUrl(HttpServletRequest request, 
AbstractPostResponse ctx) {
+    protected String getRedirectUrl(HttpServletRequest request, 
AbstractPostResponse ctx) throws IOException {
         return getRedirectUrl(request, (PostResponse)ctx);
     }
     
@@ -253,8 +265,9 @@ public abstract class AbstractAccessPostServlet extends 
SlingAllMethodsServlet {
      * @param request the sling http request to process
      * @param ctx the post processor
      * @return the redirect location or <code>null</code>
+     * @throws IOException if there is something invalid with the :redirect 
value
      */
-    protected String getRedirectUrl(HttpServletRequest request, PostResponse 
ctx) {
+    protected String getRedirectUrl(HttpServletRequest request, PostResponse 
ctx) throws IOException {
         // redirect param has priority (but see below, magic star)
         String result = 
request.getParameter(SlingPostConstants.RP_REDIRECT_TO);
         if (result != null) {
@@ -262,12 +275,10 @@ public abstract class AbstractAccessPostServlet extends 
SlingAllMethodsServlet {
                 URI redirectUri = new URI(result);
                 if (redirectUri.getAuthority() != null) {
                     // if it has a host information
-                    log.warn("redirect target includes host information ({}). 
This is not allowed for security reasons!", redirectUri.getAuthority());
-                    return null;
+                    throw new IOException("The redirect target included host 
information. This is not allowed for security reasons!");
                 }
             } catch (URISyntaxException e) {
-                log.warn("given redirect target is not a valid uri: {}", 
e.getLocalizedMessage());
-                return null;
+                throw new IOException("The redirect target was not a valid 
uri");
             }
 
             if (ctx.getPath() != null) {
diff --git 
a/src/test/java/org/apache/sling/jcr/jackrabbit/accessmanager/it/AccessManagerClientTestSupport.java
 
b/src/test/java/org/apache/sling/jcr/jackrabbit/accessmanager/it/AccessManagerClientTestSupport.java
index ebda239..a7eca1f 100644
--- 
a/src/test/java/org/apache/sling/jcr/jackrabbit/accessmanager/it/AccessManagerClientTestSupport.java
+++ 
b/src/test/java/org/apache/sling/jcr/jackrabbit/accessmanager/it/AccessManagerClientTestSupport.java
@@ -80,6 +80,8 @@ import org.osgi.service.cm.ConfigurationAdmin;
  * servlets
  */
 public abstract class AccessManagerClientTestSupport extends 
AccessManagerTestSupport {
+    protected static final int SC_UNPROCESSABLE_ENTITY = 422; // http status 
code for 422 Unprocessable Entity
+
     protected static final String TEST_FOLDER_JSON = "{'jcr:primaryType': 
'nt:unstructured'}";
 
     protected static final String CONTENT_TYPE_JSON = "application/json";
diff --git 
a/src/test/java/org/apache/sling/jcr/jackrabbit/accessmanager/it/ModifyAceIT.java
 
b/src/test/java/org/apache/sling/jcr/jackrabbit/accessmanager/it/ModifyAceIT.java
index 1398027..62bacc2 100644
--- 
a/src/test/java/org/apache/sling/jcr/jackrabbit/accessmanager/it/ModifyAceIT.java
+++ 
b/src/test/java/org/apache/sling/jcr/jackrabbit/accessmanager/it/ModifyAceIT.java
@@ -1399,4 +1399,35 @@ public class ModifyAceIT extends 
AccessManagerClientTestSupport {
         assertEquals(testUserId, change.getString("argument"));
     }
 
+    private void testModifyAceRedirect(String redirectTo, int expectedStatus) 
throws IOException {
+        testUserId = createTestUser();
+
+        testFolderUrl = createTestFolder();
+
+        String postUrl = testFolderUrl + ".modifyAce.html";
+
+        List<NameValuePair> postParams = new ArrayList<>();
+        postParams.add(new BasicNameValuePair("principalId", testUserId));
+        postParams.add(new BasicNameValuePair("privilege@jcr:read", 
"granted"));
+        postParams.add(new BasicNameValuePair(":redirect", redirectTo));
+
+        Credentials creds = new UsernamePasswordCredentials("admin", "admin");
+        assertAuthenticatedPostStatus(creds, postUrl, expectedStatus, 
postParams, null);
+    }
+
+    @Test
+    public void testModifyAceValidRedirect() throws IOException, JsonException 
{
+        testModifyAceRedirect("/*.html", 
HttpServletResponse.SC_MOVED_TEMPORARILY);
+    }
+
+    @Test
+    public void testModifyAceInvalidRedirectWithAuthority() throws 
IOException, JsonException {
+        testModifyAceRedirect("https://sling.apache.org";, 
SC_UNPROCESSABLE_ENTITY);
+    }
+
+    @Test
+    public void testModifyAceInvalidRedirectWithInvalidURI() throws 
IOException, JsonException {
+        testModifyAceRedirect("https://";, SC_UNPROCESSABLE_ENTITY);
+    }
+
 }
diff --git 
a/src/test/java/org/apache/sling/jcr/jackrabbit/accessmanager/it/RemoveAcesIT.java
 
b/src/test/java/org/apache/sling/jcr/jackrabbit/accessmanager/it/RemoveAcesIT.java
index 77db5e8..77b04b3 100644
--- 
a/src/test/java/org/apache/sling/jcr/jackrabbit/accessmanager/it/RemoveAcesIT.java
+++ 
b/src/test/java/org/apache/sling/jcr/jackrabbit/accessmanager/it/RemoveAcesIT.java
@@ -312,5 +312,32 @@ public class RemoveAcesIT extends 
AccessManagerClientTestSupport {
         assertEquals(testUserId, change.getString("argument"));
     }
 
+    private void testRemoveAceRedirect(String redirectTo, int expectedStatus) 
throws IOException {
+        String folderUrl = createFolderWithAces(false);
+
+        //remove the ace for the testUser principal
+        String postUrl = folderUrl + ".deleteAce.html";
+        List<NameValuePair> postParams = new ArrayList<>();
+        postParams.add(new BasicNameValuePair(":applyTo", testUserId));
+        postParams.add(new BasicNameValuePair(":redirect", redirectTo));
+        Credentials creds = new UsernamePasswordCredentials("admin", "admin");
+        assertAuthenticatedPostStatus(creds, postUrl, expectedStatus, 
postParams, null);
+    }
+
+    @Test
+    public void testRemoveAceValidRedirect() throws IOException, JsonException 
{
+        testRemoveAceRedirect("/*.html", 
HttpServletResponse.SC_MOVED_TEMPORARILY);
+    }
+
+    @Test
+    public void testRemoveAceInvalidRedirectWithAuthority() throws 
IOException, JsonException {
+        testRemoveAceRedirect("https://sling.apache.org";, 
SC_UNPROCESSABLE_ENTITY);
+    }
+
+    @Test
+    public void testRemoveAceInvalidRedirectWithInvalidURI() throws 
IOException, JsonException {
+        testRemoveAceRedirect("https://";, SC_UNPROCESSABLE_ENTITY);
+    }
+
 }

Reply via email to