DependencyTrack · nscuro · Oct 1, 2024 · Oct 1, 2024
diff --git a/src/main/java/org/dependencytrack/resources/v1/BadgeResource.java b/src/main/java/org/dependencytrack/resources/v1/BadgeResource.java
@@ -19,9 +19,7 @@
 package org.dependencytrack.resources.v1;
 
 import alpine.common.logging.Logger;
-import alpine.common.util.BooleanUtil;
 import alpine.model.ApiKey;
-import alpine.model.ConfigProperty;
 import alpine.model.UserPrincipal;
 import alpine.model.LdapUser;
 import alpine.model.ManagedUser;
@@ -80,12 +78,6 @@ public class BadgeResource extends AlpineResource {
 
     private final Logger LOGGER = Logger.getLogger(AuthenticationFilter.class);
 
-    private boolean isUnauthenticatedBadgeAccessEnabled(final QueryManager qm) {
-        ConfigProperty property = qm.getConfigProperty(
-                GENERAL_BADGE_ENABLED.getGroupName(), GENERAL_BADGE_ENABLED.getPropertyName());
-        return BooleanUtil.valueOf(property.getPropertyValue());
-    }
-
     // Stand-in methods for alpine.server.filters.AuthenticationFilter and
     // alpine.server.filters.AuthorizationFilter to allow enabling and disabling of
     // unauthenticated access to the badges API during runtime, used solely to offer
@@ -191,15 +183,16 @@ public Response getProjectVulnerabilitiesBadge(
             @Parameter(description = "The UUID of the project to retrieve metrics for", schema = @Schema(type = "string", format = "uuid"), required = true)
             @PathParam("uuid") @ValidUuid String uuid) {
         try (QueryManager qm = new QueryManager()) {
-            if (!isUnauthenticatedBadgeAccessEnabled(qm) && !passesAuthentication()) {
+            final boolean shouldBypassAuth = qm.isEnabled(GENERAL_BADGE_ENABLED);
+            if (!shouldBypassAuth && !passesAuthentication()) {
                 return Response.status(Response.Status.UNAUTHORIZED).build();
             }
-            if (!isUnauthenticatedBadgeAccessEnabled(qm) && !passesAuthorization(qm)) {
+            if (!shouldBypassAuth && !passesAuthorization(qm)) {
                 return Response.status(Response.Status.FORBIDDEN).build();
             }
             final Project project = qm.getObjectByUuid(Project.class, uuid);
             if (project != null) {
-                if (!isUnauthenticatedBadgeAccessEnabled(qm) && !qm.hasAccess(super.getPrincipal(), project)) {
+                if (!shouldBypassAuth && !qm.hasAccess(super.getPrincipal(), project)) {
                     return Response.status(Response.Status.FORBIDDEN).entity("Access to the specified project is forbidden").build();
                 }
                 final ProjectMetrics metrics = qm.getMostRecentProjectMetrics(project);
@@ -235,15 +228,16 @@ public Response getProjectVulnerabilitiesBadge(
             @Parameter(description = "The version of the project to query on", required = true)
             @PathParam("version") String version) {
         try (QueryManager qm = new QueryManager()) {
-            if (!isUnauthenticatedBadgeAccessEnabled(qm) && !passesAuthentication()) {
+            final boolean shouldBypassAuth = qm.isEnabled(GENERAL_BADGE_ENABLED);
+            if (!shouldBypassAuth && !passesAuthentication()) {
                 return Response.status(Response.Status.UNAUTHORIZED).build();
             }
-            if (!isUnauthenticatedBadgeAccessEnabled(qm) && !passesAuthorization(qm)) {
+            if (!shouldBypassAuth && !passesAuthorization(qm)) {
                 return Response.status(Response.Status.FORBIDDEN).build();
             }
             final Project project = qm.getProject(name, version);
             if (project != null) {
-                if (!isUnauthenticatedBadgeAccessEnabled(qm) && !qm.hasAccess(super.getPrincipal(), project)) {
+                if (!shouldBypassAuth && !qm.hasAccess(super.getPrincipal(), project)) {
                     return Response.status(Response.Status.FORBIDDEN).entity("Access to the specified project is forbidden").build();
                 }
                 final ProjectMetrics metrics = qm.getMostRecentProjectMetrics(project);
@@ -277,15 +271,16 @@ public Response getProjectPolicyViolationsBadge(
             @Parameter(description = "The UUID of the project to retrieve a badge for", schema = @Schema(type = "string", format = "uuid"), required = true)
             @PathParam("uuid") @ValidUuid String uuid) {
         try (QueryManager qm = new QueryManager()) {
-            if (!isUnauthenticatedBadgeAccessEnabled(qm) && !passesAuthentication()) {
+            final boolean shouldBypassAuth = qm.isEnabled(GENERAL_BADGE_ENABLED);
+            if (!shouldBypassAuth && !passesAuthentication()) {
                 return Response.status(Response.Status.UNAUTHORIZED).build();
             }
-            if (!isUnauthenticatedBadgeAccessEnabled(qm) && !passesAuthorization(qm)) {
+            if (!shouldBypassAuth && !passesAuthorization(qm)) {
                 return Response.status(Response.Status.FORBIDDEN).build();
             }
             final Project project = qm.getObjectByUuid(Project.class, uuid);
             if (project != null) {
-                if (!isUnauthenticatedBadgeAccessEnabled(qm) && !qm.hasAccess(super.getPrincipal(), project)) {
+                if (!shouldBypassAuth && !qm.hasAccess(super.getPrincipal(), project)) {
                     return Response.status(Response.Status.FORBIDDEN).entity("Access to the specified project is forbidden").build();
                 }
                 final ProjectMetrics metrics = qm.getMostRecentProjectMetrics(project);
@@ -321,15 +316,16 @@ public Response getProjectPolicyViolationsBadge(
             @Parameter(description = "The version of the project to query on", required = true)
             @PathParam("version") String version) {
         try (QueryManager qm = new QueryManager()) {
-            if (!isUnauthenticatedBadgeAccessEnabled(qm) && !passesAuthentication()) {
+            final boolean shouldBypassAuth = qm.isEnabled(GENERAL_BADGE_ENABLED);
+            if (!shouldBypassAuth && !passesAuthentication()) {
                 return Response.status(Response.Status.UNAUTHORIZED).build();
             }
-            if (!isUnauthenticatedBadgeAccessEnabled(qm) && !passesAuthorization(qm)) {
+            if (!shouldBypassAuth && !passesAuthorization(qm)) {
                 return Response.status(Response.Status.FORBIDDEN).build();
             }
             final Project project = qm.getProject(name, version);
             if (project != null) {
-                if (!isUnauthenticatedBadgeAccessEnabled(qm) && !qm.hasAccess(super.getPrincipal(), project)) {
+                if (!shouldBypassAuth && !qm.hasAccess(super.getPrincipal(), project)) {
                     return Response.status(Response.Status.FORBIDDEN).entity("Access to the specified project is forbidden").build();
                 }
                 final ProjectMetrics metrics = qm.getMostRecentProjectMetrics(project);