You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@archiva.apache.org by jm...@apache.org on 2006/09/15 19:15:24 UTC

svn commit: r446659 - /maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/UserManagementAction.java

Author: jmcconnell
Date: Fri Sep 15 10:15:23 2006
New Revision: 446659

URL: http://svn.apache.org/viewvc?view=rev&rev=446659
Log:
aligned the UserManagementAction with the cleaned up SecureAction interface in plexus-security

Modified:
    maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/UserManagementAction.java

Modified: maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/UserManagementAction.java
URL: http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/UserManagementAction.java?view=diff&rev=446659&r1=446658&r2=446659
==============================================================================
--- maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/UserManagementAction.java (original)
+++ maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/UserManagementAction.java Fri Sep 15 10:15:23 2006
@@ -18,6 +18,7 @@
 
 import com.opensymphony.xwork.Preparable;
 import org.codehaus.plexus.security.rbac.RBACManager;
+import org.codehaus.plexus.security.rbac.Resource;
 import org.codehaus.plexus.security.system.SecuritySession;
 import org.codehaus.plexus.security.user.User;
 import org.codehaus.plexus.security.user.UserManager;
@@ -25,6 +26,7 @@
 import org.codehaus.plexus.security.user.UserManagerException;
 import org.codehaus.plexus.security.authorization.rbac.web.interceptor.SecureAction;
 import org.codehaus.plexus.security.authorization.rbac.web.interceptor.SecureActionException;
+import org.codehaus.plexus.security.authorization.rbac.web.interceptor.SecureActionBundle;
 import org.codehaus.plexus.xwork.action.PlexusActionSupport;
 
 import java.util.ArrayList;
@@ -179,36 +181,30 @@
     }
 
 
-    public List getRequiredOperations()
-        throws SecureActionException
-    {
-        List operations = new ArrayList();
-        operations.add( "edit-all-users" );
-        operations.add( "edit-user" );
-        return operations;
-    }
-
-    public String getRequiredResource()
+    public SecureActionBundle getSecureActionBundle()
         throws SecureActionException
     {
+        // actions are per lookup and this will only be executed once per action instance
+        // so no need to cache it or convert to class field.
+        SecureActionBundle bundle = new SecureActionBundle();
+
+        bundle.setRequiresAuthentication( true );
+        bundle.requiresAuthorization( "edit-all-users", Resource.GLOBAL);
+        
         SecuritySession securitySession = (SecuritySession) session.get( SecuritySession.ROLE );
 
         User user = securitySession.getUser();
 
         if ( user != null )
         {
-            return user.getPrincipal().toString();
+           bundle.requiresAuthorization( "edit-user", user.getPrincipal().toString() );
         }
         else
         {
             throw new SecureActionException( "unable to obtain principal from users session" );
         }
-    }
 
-    public boolean authenticationRequired()
-        throws SecureActionException
-    {
-        return true;
+        return bundle;
     }
 
     public String getUsername()