diff --git a/plugins/basic/nexus-ui-extjs3-plugin/src/main/resources/static/js/Sonatype/utils.js b/plugins/basic/nexus-ui-extjs3-plugin/src/main/resources/static/js/Sonatype/utils.js index 85be3e45cb..56652862b8 100644 --- a/plugins/basic/nexus-ui-extjs3-plugin/src/main/resources/static/js/Sonatype/utils.js +++ b/plugins/basic/nexus-ui-extjs3-plugin/src/main/resources/static/js/Sonatype/utils.js @@ -850,6 +850,7 @@ define('Sonatype/utils',['../extjs', 'Nexus/config', 'Nexus/util/Format', 'Sonat }); } ns.settings.keepAlive = ns.settings.keepAlive === 'true'; + ns.settings.noDownloadPopUps = ns.settings.noDownloadPopUps === 'true'; Sonatype.Events.fireEvent('nexusSettings'); } }); diff --git a/plugins/internal/nexus-atlas-plugin/src/main/resources/static/js/Nexus/atlas/controller/Atlas.js b/plugins/internal/nexus-atlas-plugin/src/main/resources/static/js/Nexus/atlas/controller/Atlas.js index 921671418d..a3c554f9ec 100644 --- a/plugins/internal/nexus-atlas-plugin/src/main/resources/static/js/Nexus/atlas/controller/Atlas.js +++ b/plugins/internal/nexus-atlas-plugin/src/main/resources/static/js/Nexus/atlas/controller/Atlas.js @@ -198,17 +198,18 @@ NX.define('Nexus.atlas.controller.Atlas', { * @private */ downloadSupportZip: function(button, authTicket) { - var me = this, - win = button.up('nx-atlas-view-supportzip-created'), - fileName = win.getValues().name; + var win = button.up('nx-atlas-view-supportzip-created'), + fileName = win.getValues().name, + url = Nexus.siesta.basePath + '/wonderland/download/' + fileName; - // encode ticket for query-parameter - authTicket = Sonatype.utils.base64.encode(authTicket); + if (authTicket != null) { + // encode ticket for query-parameter + url += '?t=' + Sonatype.utils.base64.encode(authTicket); + } - if (Nexus.util.DownloadHelper.downloadUrl( - Nexus.siesta.basePath + '/wonderland/download/' + fileName + '?t=' + authTicket)) + if (Nexus.util.DownloadHelper.downloadUrl(url)) { - // if download was initated close the window + // if download was initiated close the window win.close(); } }, diff --git a/plugins/internal/nexus-wonderland-plugin/src/main/java/org/sonatype/nexus/wonderland/rest/DownloadResource.groovy b/plugins/internal/nexus-wonderland-plugin/src/main/java/org/sonatype/nexus/wonderland/rest/DownloadResource.groovy index 41ea865075..aa8fd20c4e 100644 --- a/plugins/internal/nexus-wonderland-plugin/src/main/java/org/sonatype/nexus/wonderland/rest/DownloadResource.groovy +++ b/plugins/internal/nexus-wonderland-plugin/src/main/java/org/sonatype/nexus/wonderland/rest/DownloadResource.groovy @@ -12,13 +12,6 @@ */ package org.sonatype.nexus.wonderland.rest -import org.apache.shiro.authz.annotation.RequiresPermissions -import org.sonatype.nexus.util.Tokens -import org.sonatype.nexus.wonderland.DownloadService -import org.sonatype.sisu.goodies.common.ComponentSupport -import org.sonatype.sisu.siesta.common.Resource -import org.sonatype.sisu.siesta.common.error.WebApplicationMessageException - import javax.annotation.Nullable import javax.inject.Inject import javax.inject.Named @@ -31,6 +24,13 @@ import javax.ws.rs.Produces import javax.ws.rs.QueryParam import javax.ws.rs.core.Response +import org.sonatype.nexus.util.Tokens +import org.sonatype.nexus.wonderland.AuthTicketService +import org.sonatype.nexus.wonderland.DownloadService +import org.sonatype.sisu.siesta.common.error.WebApplicationMessageException + +import org.apache.shiro.authz.annotation.RequiresPermissions + import static javax.ws.rs.core.Response.Status.BAD_REQUEST import static javax.ws.rs.core.Response.Status.FORBIDDEN import static javax.ws.rs.core.Response.Status.NOT_FOUND @@ -45,17 +45,19 @@ import static org.sonatype.nexus.wonderland.AuthTicketService.AUTH_TICKET_HEADER @Singleton @Path(DownloadResource.RESOURCE_URI) class DownloadResource - extends ComponentSupport - implements Resource + extends WonderlandResourceSupport { static final String RESOURCE_URI = '/wonderland/download' private final DownloadService downloadService + private final AuthTicketService authTickets + @Inject - DownloadResource(final DownloadService downloadService) { + DownloadResource(final DownloadService downloadService, final AuthTicketService authTickets) { assert downloadService this.downloadService = downloadService + this.authTickets = authTickets } /** @@ -82,6 +84,10 @@ class DownloadResource authTicket = authTicketHeader } + if (!authTicket && isNoPopUps()) { + authTicket = authTickets.createTicket() + } + // handle one-time auth if (!authTicket) { throw new WebApplicationMessageException(BAD_REQUEST, 'Missing authentication ticket') @@ -103,4 +109,4 @@ class DownloadResource throw new WebApplicationMessageException(FORBIDDEN, e.toString()) } } -} \ No newline at end of file +} diff --git a/plugins/internal/nexus-wonderland-plugin/src/main/java/org/sonatype/nexus/wonderland/rest/SettingsResource.java b/plugins/internal/nexus-wonderland-plugin/src/main/java/org/sonatype/nexus/wonderland/rest/SettingsResource.java index 791365548c..e7fc0d916c 100644 --- a/plugins/internal/nexus-wonderland-plugin/src/main/java/org/sonatype/nexus/wonderland/rest/SettingsResource.java +++ b/plugins/internal/nexus-wonderland-plugin/src/main/java/org/sonatype/nexus/wonderland/rest/SettingsResource.java @@ -23,8 +23,6 @@ import org.sonatype.nexus.util.SystemPropertiesHelper; import org.sonatype.nexus.wonderland.WonderlandPlugin; import org.sonatype.nexus.wonderland.model.PropertyXO; -import org.sonatype.sisu.goodies.common.ComponentSupport; -import org.sonatype.sisu.siesta.common.Resource; import com.google.common.collect.Lists; import org.jetbrains.annotations.NonNls; @@ -41,8 +39,7 @@ @Singleton @Path(SettingsResource.RESOURCE_URI) public class SettingsResource - extends ComponentSupport - implements Resource + extends WonderlandResourceSupport { @NonNls public static final String RESOURCE_URI = WonderlandPlugin.REST_PREFIX + "/settings"; @@ -56,6 +53,7 @@ public List get() { new PropertyXO().withKey("keepAlive") .withValue(Boolean.toString(SystemPropertiesHelper.getBoolean("nexus.ui.keepAlive", true))) ); + properties.add(new PropertyXO().withKey("noDownloadPopUps").withValue(Boolean.toString(isNoPopUps()))); return properties; } diff --git a/plugins/internal/nexus-wonderland-plugin/src/main/java/org/sonatype/nexus/wonderland/rest/WonderlandResourceSupport.java b/plugins/internal/nexus-wonderland-plugin/src/main/java/org/sonatype/nexus/wonderland/rest/WonderlandResourceSupport.java new file mode 100644 index 0000000000..722c9d55a5 --- /dev/null +++ b/plugins/internal/nexus-wonderland-plugin/src/main/java/org/sonatype/nexus/wonderland/rest/WonderlandResourceSupport.java @@ -0,0 +1,43 @@ +/* + * Sonatype Nexus (TM) Open Source Version + * Copyright (c) 2008-present Sonatype, Inc. + * All rights reserved. Includes the third-party code listed at http://links.sonatype.com/products/nexus/oss/attributions. + * + * This program and the accompanying materials are made available under the terms of the Eclipse Public License Version 1.0, + * which accompanies this distribution and is available at http://www.eclipse.org/legal/epl-v10.html. + * + * Sonatype Nexus (TM) Professional Version is available from Sonatype, Inc. "Sonatype" and "Sonatype Nexus" are trademarks + * of Sonatype, Inc. Apache Maven is a trademark of the Apache Software Foundation. M2eclipse is a trademark of the + * Eclipse Foundation. All other trademarks are the property of their respective owners. + */ +package org.sonatype.nexus.wonderland.rest; + +import org.sonatype.nexus.util.SystemPropertiesHelper; +import org.sonatype.sisu.goodies.common.ComponentSupport; +import org.sonatype.sisu.siesta.common.Resource; + +import com.google.common.annotations.VisibleForTesting; + +/** + * Support for wonderland resources. + * + * @since 2.14 + */ +public abstract class WonderlandResourceSupport + extends ComponentSupport + implements Resource +{ + private boolean noPopUps = SystemPropertiesHelper.getBoolean("nexus.download.noPopUps", false); + + /** + * Disable authTicket pop-ups? + */ + protected boolean isNoPopUps() { + return noPopUps; + } + + @VisibleForTesting + void setNoPopUps(final boolean noPopUps) { + this.noPopUps = noPopUps; + } +} diff --git a/plugins/internal/nexus-wonderland-plugin/src/main/resources/static/js/Nexus/wonderland/view/FileCreated.js b/plugins/internal/nexus-wonderland-plugin/src/main/resources/static/js/Nexus/wonderland/view/FileCreated.js index 5879ef0ecb..9a9f70386f 100644 --- a/plugins/internal/nexus-wonderland-plugin/src/main/resources/static/js/Nexus/wonderland/view/FileCreated.js +++ b/plugins/internal/nexus-wonderland-plugin/src/main/resources/static/js/Nexus/wonderland/view/FileCreated.js @@ -121,7 +121,13 @@ NX.define('Nexus.wonderland.view.FileCreated', { buttonAlign: 'right', buttons: [ { text: 'Close', xtype: 'link-button', handler: me.close, scope: me }, - { text: 'Download', xtype: 'nx-wonderland-button-authenticate', formBind: true, id: me.downloadButtonId } + { + text: 'Download', + xtype: 'nx-wonderland-button-authenticate', + formBind: true, + id: me.downloadButtonId, + noPopUps: Sonatype.utils.settings.noDownloadPopUps + } ] } ], diff --git a/plugins/internal/nexus-wonderland-plugin/src/test/java/org/sonatype/nexus/wonderland/rest/DownloadResourceTest.groovy b/plugins/internal/nexus-wonderland-plugin/src/test/java/org/sonatype/nexus/wonderland/rest/DownloadResourceTest.groovy new file mode 100644 index 0000000000..e219940fe1 --- /dev/null +++ b/plugins/internal/nexus-wonderland-plugin/src/test/java/org/sonatype/nexus/wonderland/rest/DownloadResourceTest.groovy @@ -0,0 +1,75 @@ +/* + * Sonatype Nexus (TM) Open Source Version + * Copyright (c) 2008-present Sonatype, Inc. + * All rights reserved. Includes the third-party code listed at http://links.sonatype.com/products/nexus/oss/attributions. + * + * This program and the accompanying materials are made available under the terms of the Eclipse Public License Version 1.0, + * which accompanies this distribution and is available at http://www.eclipse.org/legal/epl-v10.html. + * + * Sonatype Nexus (TM) Professional Version is available from Sonatype, Inc. "Sonatype" and "Sonatype Nexus" are trademarks + * of Sonatype, Inc. Apache Maven is a trademark of the Apache Software Foundation. M2eclipse is a trademark of the + * Eclipse Foundation. All other trademarks are the property of their respective owners. + */ +package org.sonatype.nexus.wonderland.rest + +import java.nio.charset.StandardCharsets + +import javax.ws.rs.WebApplicationException + +import org.sonatype.nexus.util.Tokens +import org.sonatype.nexus.wonderland.AuthTicketService +import org.sonatype.nexus.wonderland.DownloadService +import org.sonatype.sisu.litmus.testsupport.TestSupport + +import org.junit.Before +import org.junit.Test +import org.mockito.Mock + +import static org.mockito.Mockito.when + +/** + * Test for {@link DownloadResource}. + */ +class DownloadResourceTest + extends TestSupport +{ + private static final String AUTH_TICKET = "a valid ticket" + + private static final String ZIP_NAME = "foo" + + @Mock + private DownloadService downloadService + + @Mock + private AuthTicketService authTickets + + private DownloadResource underTest + + @Before + void setup() { + when(authTickets.createTicket()).thenReturn(AUTH_TICKET) + when(downloadService.get(ZIP_NAME, AUTH_TICKET)).thenReturn(util.createTempFile()) + underTest = new DownloadResource(downloadService, authTickets) + } + + @Test + void downloadZipWithAuthTicketParam() { + underTest.downloadZip(ZIP_NAME, Tokens.encodeBase64String(AUTH_TICKET.getBytes(StandardCharsets.UTF_8)), null) + } + + @Test + void downloadZipWithAuthTicketHeader() { + underTest.downloadZip(ZIP_NAME, null, AUTH_TICKET) + } + + @Test(expected = WebApplicationException.class) + void downloadZipNoAuthTicket() { + underTest.downloadZip(ZIP_NAME, null, null) + } + + @Test + void downloadZipNoAuthTicketNoPopUps() { + underTest.setNoPopUps(true) + underTest.downloadZip(ZIP_NAME, null, null) + } +} diff --git a/revision.txt b/revision.txt index 1e2b96e6d9..8a897e19a1 100644 --- a/revision.txt +++ b/revision.txt @@ -1 +1 @@ -b=master,r=dbc4629fbdd4be6dafb961da1f91f6d0b467e950,t=2017-03-29-1147-11872 \ No newline at end of file +b=master,r=35b7ea34980746e5881a9bd85ea96aa9d8585184,t=2017-03-31-1219-21995 \ No newline at end of file