public SUser getAuthenticatedUser()

in teamcity-symbol-server/src/main/java/jetbrains/buildServer/symbols/AuthHelper.java [40:86]

• 45 lines of code
• 7 McCabe index (conditional complexity)

  public SUser getAuthenticatedUser(@NotNull HttpServletRequest request,
                                    @NotNull HttpServletResponse response,
                                    @NotNull Predicate<SUser> hasPermissions) throws IOException {
    if(myLoginConfiguration.isGuestLoginAllowed()) {
      LOG.debug("Guest access enabled on the server. Trying to check permissions of Guest.");
      final SUser guestUser = myUserModel.getGuestUser();
      if (hasPermissions.apply(guestUser)) {
        LOG.debug("Guest user has enough permissions to process request.");
        return guestUser;
      }
      LOG.debug("Guest user has NO permissions to process request. Will try to authenticate incoming request.");
    } else {
      LOG.debug("Guest access disabled on the server. Will try to authenticate incoming request.");
    }
    LOG.debug("Trying to authenticate incoming request.");
    final HttpAuthenticationResult authResult = myAuthManager.processAuthenticationRequest(request, response, false);
    switch (authResult.getType()) {
      case NOT_APPLICABLE:
        //TODO
        LOG.debug("NOT_APPLICABLE");
        myAuthManager.processUnauthenticatedRequest(request, response, "", false);
        return null;
      case UNAUTHENTICATED:
        //TODO
        LOG.debug("UNAUTHENTICATED");
        return null;
    }
    LOG.debug("Incoming request was authenticated successfully.");
    final ServerPrincipal principal = authResult.getPrincipal();
    final String realm = principal.getRealm();
    final String name = principal.getName();
    final SUser user = myUserModel.findUserAccount(realm, name);
    if(user == null){
      LOG.warn(String.format("Failed to find user account by realm (%s) and name (%s)", realm, name));
      response.sendError(HttpServletResponse.SC_FORBIDDEN, "Access denied");
      return null;
    }
    LOG.debug(String.format("Found user account (id %s) by realm (%s) and name (%s)", user.getId(), realm, name));
    final boolean hasAccess = hasPermissions.apply(user);
    if (hasAccess) {
      LOG.debug(String.format("Located user (name %s) has enough permissions to process the request.", name));
      return user;
    }
    LOG.warn(String.format("Located user (name %s) has NO permissions to process the request.", name));
    response.sendError(HttpServletResponse.SC_FORBIDDEN, "Access denied");
    return null;
  }