DEPS: update shiro

1cf12124 · Timm Fitschen · 47917414 · 1cf12124 · 1cf12124 · 1cf12124
Verified Commit 1cf12124 authored 3 years ago by Timm Fitschen
--- a/pom.xml
+++ b/pom.xml
@@ -73,7 +73,7 @@
    <dependency>
      <groupId>org.apache.shiro</groupId>
      <artifactId>shiro-core</artifactId>
-      <version>1.5.3</version>
+      <version>1.8.0</version>
    </dependency>
    <dependency>
      <groupId>junit</groupId>

--- a/src/main/java/org/caosdb/server/CaosDBServer.java
+++ b/src/main/java/org/caosdb/server/CaosDBServer.java
@@ -326,6 +326,8 @@ public class CaosDBServer extends Application {

        // ChecksumUpdater
        ChecksumUpdater.start();
+        
+        ThreadContext.remove();
      }
    } else {
      logger.info("NO BACKEND");

--- a/src/main/java/org/caosdb/server/jobs/Job.java
+++ b/src/main/java/org/caosdb/server/jobs/Job.java
@@ -28,6 +28,7 @@ import java.util.LinkedList;
 import java.util.List;
 import java.util.Set;
 import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.authz.AuthorizationException;
 import org.apache.shiro.authz.Permission;
 import org.apache.shiro.subject.Subject;
 import org.caosdb.server.CaosDBException;
@@ -301,10 +302,8 @@ public abstract class Job {
  }

  protected final void checkPermission(final EntityInterface entity, final Permission permission)
-      throws Message {
-    if (!entity.getEntityACL().isPermitted(SecurityUtils.getSubject(), permission)) {
-      throw ServerMessages.AUTHORIZATION_ERROR;
-    }
+      throws AuthorizationException {
+    entity.checkPermission(permission);
  }

  /**

--- a/src/main/java/org/caosdb/server/jobs/core/CheckPropValid.java
+++ b/src/main/java/org/caosdb/server/jobs/core/CheckPropValid.java
@@ -23,7 +23,7 @@
 package org.caosdb.server.jobs.core;

 import static org.caosdb.server.utils.ServerMessages.ENTITY_DOES_NOT_EXIST;
-
+import org.apache.shiro.authz.AuthorizationException;
 import com.google.common.base.Objects;
 import org.caosdb.server.database.exceptions.EntityDoesNotExistException;
 import org.caosdb.server.database.exceptions.EntityWasNotUniqueException;
@@ -124,11 +124,14 @@ public class CheckPropValid extends EntityJob {
          }
        }
      } catch (final Message m) {
-        addError(property, m);
+        property.addError(m);
+      } catch (AuthorizationException e) {
+        property.addError( ServerMessages.AUTHORIZATION_ERROR);
+        property.addInfo(e.getMessage());
      } catch (final EntityDoesNotExistException e) {
-        addError(property, ENTITY_DOES_NOT_EXIST);
+        property.addError( ENTITY_DOES_NOT_EXIST);
      } catch (final EntityWasNotUniqueException e) {
-        addError(property, ServerMessages.ENTITY_NAME_DUPLICATES);
+        property.addError( ServerMessages.ENTITY_NAME_DUPLICATES);
      }
    }

@@ -147,11 +150,6 @@ public class CheckPropValid extends EntityJob {
    checkPermission(property, EntityPermission.USE_AS_PROPERTY);
  }

-  private void addError(final EntityInterface property, final Message m) {
-    property.addError(m);
-    property.setEntityStatus(EntityStatus.UNQUALIFIED);
-  }
-
  private static void deriveOverrideStatus(final Property child, final EntityInterface parent) {
    if (!Objects.equal(child.getName(), parent.getName())) {
      if (child.hasName()) {