upstream: b=master,r=35b7ea34980746e5881a9bd85ea96aa9d8585184,t=2017-…

…03-31-1219-21995

plugins/basic/nexus-ui-extjs3-plugin/src/main/resources/static/js/Sonatype/utils.js

@@ -850,6 +850,7 @@ define('Sonatype/utils',['../extjs', 'Nexus/config', 'Nexus/util/Format', 'Sonat
             });
           }
           ns.settings.keepAlive = ns.settings.keepAlive === 'true';
+          ns.settings.noDownloadPopUps = ns.settings.noDownloadPopUps === 'true';
           Sonatype.Events.fireEvent('nexusSettings');
         }
       });

plugins/internal/nexus-atlas-plugin/src/main/resources/static/js/Nexus/atlas/controller/Atlas.js

@@ -198,17 +198,18 @@ NX.define('Nexus.atlas.controller.Atlas', {
    * @private
    */
   downloadSupportZip: function(button, authTicket) {
-    var me = this,
-        win = button.up('nx-atlas-view-supportzip-created'),
-        fileName = win.getValues().name;
+    var win = button.up('nx-atlas-view-supportzip-created'),
+        fileName = win.getValues().name,
+        url = Nexus.siesta.basePath + '/wonderland/download/' + fileName;
 
-    // encode ticket for query-parameter
-    authTicket = Sonatype.utils.base64.encode(authTicket);
+    if (authTicket != null) {
+      // encode ticket for query-parameter
+      url += '?t=' + Sonatype.utils.base64.encode(authTicket);
+    }
 
-    if (Nexus.util.DownloadHelper.downloadUrl(
-        Nexus.siesta.basePath + '/wonderland/download/' + fileName + '?t=' + authTicket))
+    if (Nexus.util.DownloadHelper.downloadUrl(url))
     {
-      // if download was initated close the window
+      // if download was initiated close the window
       win.close();
     }
   },

plugins/internal/nexus-wonderland-plugin/src/main/java/org/sonatype/nexus/wonderland/rest/DownloadResource.groovy

@@ -12,13 +12,6 @@
  */
 package org.sonatype.nexus.wonderland.rest
 
-import org.apache.shiro.authz.annotation.RequiresPermissions
-import org.sonatype.nexus.util.Tokens
-import org.sonatype.nexus.wonderland.DownloadService
-import org.sonatype.sisu.goodies.common.ComponentSupport
-import org.sonatype.sisu.siesta.common.Resource
-import org.sonatype.sisu.siesta.common.error.WebApplicationMessageException
-
 import javax.annotation.Nullable
 import javax.inject.Inject
 import javax.inject.Named
@@ -31,6 +24,13 @@ import javax.ws.rs.Produces
 import javax.ws.rs.QueryParam
 import javax.ws.rs.core.Response
 
+import org.sonatype.nexus.util.Tokens
+import org.sonatype.nexus.wonderland.AuthTicketService
+import org.sonatype.nexus.wonderland.DownloadService
+import org.sonatype.sisu.siesta.common.error.WebApplicationMessageException
+
+import org.apache.shiro.authz.annotation.RequiresPermissions
+
 import static javax.ws.rs.core.Response.Status.BAD_REQUEST
 import static javax.ws.rs.core.Response.Status.FORBIDDEN
 import static javax.ws.rs.core.Response.Status.NOT_FOUND
@@ -45,17 +45,19 @@ import static org.sonatype.nexus.wonderland.AuthTicketService.AUTH_TICKET_HEADER
 @Singleton
 @Path(DownloadResource.RESOURCE_URI)
 class DownloadResource
-    extends ComponentSupport
-    implements Resource
+    extends WonderlandResourceSupport
 {
   static final String RESOURCE_URI = '/wonderland/download'
 
   private final DownloadService downloadService
 
+  private final AuthTicketService authTickets
+
   @Inject
-  DownloadResource(final DownloadService downloadService) {
+  DownloadResource(final DownloadService downloadService, final AuthTicketService authTickets) {
     assert downloadService
     this.downloadService = downloadService
+    this.authTickets = authTickets
   }
 
   /**
@@ -82,6 +84,10 @@ class DownloadResource
       authTicket = authTicketHeader
     }
 
+    if (!authTicket && isNoPopUps()) {
+      authTicket = authTickets.createTicket()
+    }
+
     // handle one-time auth
     if (!authTicket) {
       throw new WebApplicationMessageException(BAD_REQUEST, 'Missing authentication ticket')
@@ -103,4 +109,4 @@ class DownloadResource
       throw new WebApplicationMessageException(FORBIDDEN, e.toString())
     }
   }
-}
+}

plugins/internal/nexus-wonderland-plugin/src/main/java/org/sonatype/nexus/wonderland/rest/SettingsResource.java

@@ -23,8 +23,6 @@
 import org.sonatype.nexus.util.SystemPropertiesHelper;
 import org.sonatype.nexus.wonderland.WonderlandPlugin;
 import org.sonatype.nexus.wonderland.model.PropertyXO;
-import org.sonatype.sisu.goodies.common.ComponentSupport;
-import org.sonatype.sisu.siesta.common.Resource;
 
 import com.google.common.collect.Lists;
 import org.jetbrains.annotations.NonNls;
@@ -41,8 +39,7 @@
 @Singleton
 @Path(SettingsResource.RESOURCE_URI)
 public class SettingsResource
-    extends ComponentSupport
-    implements Resource
+    extends WonderlandResourceSupport
 {
   @NonNls
   public static final String RESOURCE_URI = WonderlandPlugin.REST_PREFIX + "/settings";
@@ -56,6 +53,7 @@ public List<PropertyXO> get() {
         new PropertyXO().withKey("keepAlive")
             .withValue(Boolean.toString(SystemPropertiesHelper.getBoolean("nexus.ui.keepAlive", true)))
     );
+    properties.add(new PropertyXO().withKey("noDownloadPopUps").withValue(Boolean.toString(isNoPopUps())));
 
     return properties;
   }

plugins/internal/nexus-wonderland-plugin/src/main/java/org/sonatype/nexus/wonderland/rest/WonderlandResourceSupport.java

@@ -0,0 +1,43 @@
+/*
+ * Sonatype Nexus (TM) Open Source Version
+ * Copyright (c) 2008-present Sonatype, Inc.
+ * All rights reserved. Includes the third-party code listed at http://links.sonatype.com/products/nexus/oss/attributions.
+ *
+ * This program and the accompanying materials are made available under the terms of the Eclipse Public License Version 1.0,
+ * which accompanies this distribution and is available at http://www.eclipse.org/legal/epl-v10.html.
+ *
+ * Sonatype Nexus (TM) Professional Version is available from Sonatype, Inc. "Sonatype" and "Sonatype Nexus" are trademarks
+ * of Sonatype, Inc. Apache Maven is a trademark of the Apache Software Foundation. M2eclipse is a trademark of the
+ * Eclipse Foundation. All other trademarks are the property of their respective owners.
+ */
+package org.sonatype.nexus.wonderland.rest;
+
+import org.sonatype.nexus.util.SystemPropertiesHelper;
+import org.sonatype.sisu.goodies.common.ComponentSupport;
+import org.sonatype.sisu.siesta.common.Resource;
+
+import com.google.common.annotations.VisibleForTesting;
+
+/**
+ * Support for wonderland resources.
+ *
+ * @since 2.14
+ */
+public abstract class WonderlandResourceSupport
+    extends ComponentSupport
+    implements Resource
+{
+  private boolean noPopUps = SystemPropertiesHelper.getBoolean("nexus.download.noPopUps", false);
+
+  /**
+   * Disable authTicket pop-ups?
+   */
+  protected boolean isNoPopUps() {
+    return noPopUps;
+  }
+
+  @VisibleForTesting
+  void setNoPopUps(final boolean noPopUps) {
+    this.noPopUps = noPopUps;
+  }
+}

plugins/internal/nexus-wonderland-plugin/src/main/resources/static/js/Nexus/wonderland/view/FileCreated.js

@@ -121,7 +121,13 @@ NX.define('Nexus.wonderland.view.FileCreated', {
           buttonAlign: 'right',
           buttons: [
             { text: 'Close', xtype: 'link-button', handler: me.close, scope: me },
-            { text: 'Download', xtype: 'nx-wonderland-button-authenticate', formBind: true, id: me.downloadButtonId }
+            {
+              text: 'Download',
+              xtype: 'nx-wonderland-button-authenticate',
+              formBind: true,
+              id: me.downloadButtonId,
+              noPopUps: Sonatype.utils.settings.noDownloadPopUps
+            }
           ]
         }
       ],

plugins/internal/nexus-wonderland-plugin/src/test/java/org/sonatype/nexus/wonderland/rest/DownloadResourceTest.groovy

@@ -0,0 +1,75 @@
+/*
+ * Sonatype Nexus (TM) Open Source Version
+ * Copyright (c) 2008-present Sonatype, Inc.
+ * All rights reserved. Includes the third-party code listed at http://links.sonatype.com/products/nexus/oss/attributions.
+ *
+ * This program and the accompanying materials are made available under the terms of the Eclipse Public License Version 1.0,
+ * which accompanies this distribution and is available at http://www.eclipse.org/legal/epl-v10.html.
+ *
+ * Sonatype Nexus (TM) Professional Version is available from Sonatype, Inc. "Sonatype" and "Sonatype Nexus" are trademarks
+ * of Sonatype, Inc. Apache Maven is a trademark of the Apache Software Foundation. M2eclipse is a trademark of the
+ * Eclipse Foundation. All other trademarks are the property of their respective owners.
+ */
+package org.sonatype.nexus.wonderland.rest
+
+import java.nio.charset.StandardCharsets
+
+import javax.ws.rs.WebApplicationException
+
+import org.sonatype.nexus.util.Tokens
+import org.sonatype.nexus.wonderland.AuthTicketService
+import org.sonatype.nexus.wonderland.DownloadService
+import org.sonatype.sisu.litmus.testsupport.TestSupport
+
+import org.junit.Before
+import org.junit.Test
+import org.mockito.Mock
+
+import static org.mockito.Mockito.when
+
+/**
+ * Test for {@link DownloadResource}.
+ */
+class DownloadResourceTest
+    extends TestSupport
+{
+  private static final String AUTH_TICKET = "a valid ticket"
+
+  private static final String ZIP_NAME = "foo"
+
+  @Mock
+  private DownloadService downloadService
+
+  @Mock
+  private AuthTicketService authTickets
+
+  private DownloadResource underTest
+
+  @Before
+  void setup() {
+    when(authTickets.createTicket()).thenReturn(AUTH_TICKET)
+    when(downloadService.get(ZIP_NAME, AUTH_TICKET)).thenReturn(util.createTempFile())
+    underTest = new DownloadResource(downloadService, authTickets)
+  }
+
+  @Test
+  void downloadZipWithAuthTicketParam() {
+    underTest.downloadZip(ZIP_NAME, Tokens.encodeBase64String(AUTH_TICKET.getBytes(StandardCharsets.UTF_8)), null)
+  }
+
+  @Test
+  void downloadZipWithAuthTicketHeader() {
+    underTest.downloadZip(ZIP_NAME, null, AUTH_TICKET)
+  }
+
+  @Test(expected = WebApplicationException.class)
+  void downloadZipNoAuthTicket() {
+    underTest.downloadZip(ZIP_NAME, null, null)
+  }
+
+  @Test
+  void downloadZipNoAuthTicketNoPopUps() {
+    underTest.setNoPopUps(true)
+    underTest.downloadZip(ZIP_NAME, null, null)
+  }
+}

revision.txt

@@ -1 +1 @@
-b=master,r=dbc4629fbdd4be6dafb961da1f91f6d0b467e950,t=2017-03-29-1147-11872
+b=master,r=35b7ea34980746e5881a9bd85ea96aa9d8585184,t=2017-03-31-1219-21995