commit 6c0345ef196ebf5ba92a58e59c0ff9a0af81dc54
author Gal Paikin <paiking@google.com> Tue Mar 30 15:41:15 2021 +0200
committer Gal Paikin <paiking@google.com> Tue Mar 30 15:52:28 2021 +0200
tree 53e5142b37d2e39afd92851e3e01465a24f5acc1
parent 1b8e3c99437eb57e6e93aaf08525779dffd12e02

Replace whitelist with allowed

Bug: Issue 13014
Change-Id: I825ca5e5dea01b4a4064883ccec53a4a205a4e05

github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/OAuthFilter.java

diff --git a/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/OAuthFilter.java b/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/OAuthFilter.java
index d68749e..5025002 100644
--- a/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/OAuthFilter.java
+++ b/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/OAuthFilter.java
@@ -38,8 +38,8 @@
   private static Pattern GIT_HTTP_REQUEST_PATTERN = Pattern.compile(GitOverHttpServlet.URL_REGEX);
   private static final Set<String> GERRIT_STATIC_RESOURCES_EXTS =
       Sets.newHashSet("css", "png", "jpg", "gif", "woff", "otf", "ttf", "map", "js", "swf", "txt");
-  private static final Set<String> GERRIT_WHITELISTED_PATHS = Sets.newHashSet("Documentation");
-  private static final Set<String> GERRIT_WHITELISTED_PAGES = Sets.newHashSet("scope.html");
+  private static final Set<String> GERRIT_ALLOWED_PATHS = Sets.newHashSet("Documentation");
+  private static final Set<String> GERRIT_ALLOWED_PAGES = Sets.newHashSet("scope.html");
 
   private final GitHubOAuthConfig config;
   private final OAuthWebFilter webFilter;
@@ -78,7 +78,7 @@
     return isStaticResource(httpRequest)
         || isRpcCall(httpRequest)
         || isAuthenticatedRestCall(httpRequest)
-        || isWhitelisted(httpRequest);
+        || isAllowed(httpRequest);
   }
 
   private static boolean isAuthenticatedRestCall(HttpServletRequest httpRequest) {
@@ -95,11 +95,11 @@
     return GERRIT_STATIC_RESOURCES_EXTS.contains(pathExt.toLowerCase());
   }
 
-  private static boolean isWhitelisted(HttpServletRequest httpRequest) {
+  private static boolean isAllowed(HttpServletRequest httpRequest) {
     String[] requestPathParts = httpRequest.getRequestURI().split("/");
     return (requestPathParts.length > 1
-        && (GERRIT_WHITELISTED_PATHS.contains(requestPathParts[1])
-            || GERRIT_WHITELISTED_PAGES.contains(requestPathParts[requestPathParts.length - 1])));
+        && (GERRIT_ALLOWED_PATHS.contains(requestPathParts[1])
+            || GERRIT_ALLOWED_PAGES.contains(requestPathParts[requestPathParts.length - 1])));
   }
 
   private static boolean isRpcCall(HttpServletRequest httpRequest) {