public void doFilter()

in src/main/java/com/gerritforge/gerrit/plugins/account/XAuthFilter.java [48:74]

• 25 lines of code
• 8 McCabe index (conditional complexity)

  public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
      throws IOException, ServletException {
    HttpServletRequest httpRequest = (HttpServletRequest) request;
    String uri = httpRequest.getRequestURI();
    String method = httpRequest.getMethod();

    if ((method.equals("GET") && uri.endsWith(ALLOWED_GET_URI_SUFFIX))
        || method.equals("DELETE") && uri.endsWith(ALLOWED_DELETE_URI_SUFFIX)) {
      WebSession session = webSession.get();
      if (session != null && session.isSignedIn() && session.getXGerritAuth() != null) {
        session
            .getUser()
            .getUserName()
            .ifPresent(
                currentUser -> {
                  log.info("REST API URI {} allowed for user {}", uri, currentUser);
                  session.setAccessPathOk(AccessPath.REST_API, true);
                });
      } else {
        HttpServletResponse httpResponse = (HttpServletResponse) response;
        httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN);
        return;
      }
    }

    chain.doFilter(request, response);
  }