You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@continuum.apache.org by ca...@apache.org on 2006/09/18 04:58:22 UTC
svn commit: r447206 - in
/maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main:
java/org/apache/maven/continuum/security/acegi/acl/AclEventHandler.java
resources/META-INF/plexus/components.xml
Author: carlos
Date: Sun Sep 17 19:58:21 2006
New Revision: 447206
URL: http://svn.apache.org/viewvc?view=rev&rev=447206
Log:
Add BuildDefinition and Notifier ACL handlers
Modified:
maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/java/org/apache/maven/continuum/security/acegi/acl/AclEventHandler.java
maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/resources/META-INF/plexus/components.xml
Modified: maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/java/org/apache/maven/continuum/security/acegi/acl/AclEventHandler.java
URL: http://svn.apache.org/viewvc/maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/java/org/apache/maven/continuum/security/acegi/acl/AclEventHandler.java?view=diff&rev=447206&r1=447205&r2=447206
==============================================================================
--- maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/java/org/apache/maven/continuum/security/acegi/acl/AclEventHandler.java (original)
+++ maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/java/org/apache/maven/continuum/security/acegi/acl/AclEventHandler.java Sun Sep 17 19:58:21 2006
@@ -20,8 +20,10 @@
import java.util.Iterator;
import java.util.List;
+import org.apache.maven.continuum.model.project.BuildDefinition;
import org.apache.maven.continuum.model.project.Project;
import org.apache.maven.continuum.model.project.ProjectGroup;
+import org.apache.maven.continuum.model.project.ProjectNotifier;
import org.apache.maven.continuum.project.builder.ContinuumProjectBuildingResult;
import org.apache.maven.user.acegi.AclManager;
import org.apache.maven.user.model.InstancePermissions;
@@ -61,6 +63,26 @@
}
}
+ public void afterAddProjectBuildDefinition( BuildDefinition buildDefinition, int projectId )
+ {
+ afterAddProjectDependentObject( buildDefinition, buildDefinition.getId(), projectId );
+ }
+
+ public void afterAddProjectGroupBuildDefinition( BuildDefinition buildDefinition, int projectGroupId )
+ {
+ afterAddProjectGroupDependentObject( buildDefinition, buildDefinition.getId(), projectGroupId );
+ }
+
+ public void afterAddProjectNotifier( ProjectNotifier notifier, int projectId )
+ {
+ afterAddProjectGroupDependentObject( notifier, notifier.getId(), projectId );
+ }
+
+ public void afterAddProjectGroupNotifier( ProjectNotifier notifier, int projectGroupId )
+ {
+ afterAddProjectGroupDependentObject( notifier, notifier.getId(), projectGroupId );
+ }
+
/**
* Delete {@link ProjectGroup} ACLs
*
@@ -71,6 +93,11 @@
delete( ProjectGroup.class, new Integer( projectGroupId ) );
}
+ public void afterDeleteProject( int projectId )
+ {
+ delete( Project.class, new Integer( projectId ) );
+ }
+
/**
* Set {@link ProjectGroup} permissions in all objects
*
@@ -145,12 +172,41 @@
*/
public void afterAddProject( Project project, int projectGroupId )
{
+ afterAddProjectGroupDependentObject( project, project.getId(), projectGroupId );
+ }
+
+ /**
+ * Create an ACL that inherits from a {@link ProjectGroup} ACL
+ *
+ * @param object object to protect
+ * @param id identifier of the object to protect
+ * @param projectGroupId id of the group that provides the ACLs for this object
+ */
+ private void afterAddProjectGroupDependentObject( Object object, int id, int projectGroupId )
+ {
+ afterAddDependentObject( object, id, ProjectGroup.class, projectGroupId );
+ }
+
+ /**
+ * Create an ACL that inherits from a {@link Project} ACL
+ *
+ * @param object object to protect
+ * @param id identifier of the object to protect
+ * @param projectId id of the group that provides the ACLs for this object
+ */
+ private void afterAddProjectDependentObject( Object object, int id, int projectId )
+ {
+ afterAddDependentObject( object, id, Project.class, projectId );
+ }
+
+ private void afterAddDependentObject( Object object, int id, Class dependentClass, int dependentId )
+ {
InstancePermissions permission = new InstancePermissions();
permission.setUser( null );
- permission.setInstanceClass( Project.class );
- permission.setId( new Integer( project.getId() ) );
- permission.setParentClass( ProjectGroup.class );
- permission.setParentId( new Integer( projectGroupId ) );
+ permission.setInstanceClass( object.getClass() );
+ permission.setId( new Integer( id ) );
+ permission.setParentClass( dependentClass );
+ permission.setParentId( new Integer( dependentId ) );
setUsersInstancePermission( permission );
}
Modified: maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/resources/META-INF/plexus/components.xml
URL: http://svn.apache.org/viewvc/maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/resources/META-INF/plexus/components.xml?view=diff&rev=447206&r1=447205&r2=447206
==============================================================================
--- maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/resources/META-INF/plexus/components.xml (original)
+++ maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/resources/META-INF/plexus/components.xml Sun Sep 17 19:58:21 2006
@@ -206,11 +206,17 @@
<methodName>org.apache.maven.continuum.Continuum.removeProjectGroup</methodName>
<configAttributes>
<configAttribute>ROLE_admin</configAttribute>
- <configAttribute>ROLE_deleteProject</configAttribute>
+ <configAttribute>ACL_PROJECTGROUP_DELETE</configAttribute>
+ </configAttributes>
+ </methodDefinitionSourceMapping>
+ <methodDefinitionSourceMapping>
+ <methodName>org.apache.maven.continuum.Continuum.removeProject</methodName>
+ <configAttributes>
+ <configAttribute>ROLE_admin</configAttribute>
+ <configAttribute>ACL_PROJECT_DELETE</configAttribute>
</configAttributes>
</methodDefinitionSourceMapping>
<!--
-removeProject( int projectId )
checkoutProject( int projectId )
getProject( int projectId )
getAllProjectsWithAllDetails( int start, int end );
@@ -268,12 +274,20 @@
<configAttribute>AFTER_ACL_READ</configAttribute>
</configAttributes>
</methodDefinitionSourceMapping>
+ <methodDefinitionSourceMapping>
+ <methodName>org.apache.maven.continuum.Continuum.getBuildDefinitions</methodName>
+ <configAttributes>
+ <configAttribute>AFTER_ACL_COLLECTION_READ</configAttribute>
+ </configAttributes>
+ </methodDefinitionSourceMapping>
+ <methodDefinitionSourceMapping>
+ <methodName>org.apache.maven.continuum.Continuum.getBuildDefinition</methodName>
+ <configAttributes>
+ <configAttribute>AFTER_ACL_READ</configAttribute>
+ </configAttributes>
+ </methodDefinitionSourceMapping>
<!--
-getBuildDefinitions( int projectId )
-getBuildDefinition( int projectId, int buildDefinitionId )
removeBuildDefinition( int projectId, int buildDefinitionId )
-getBuildDefinition( int buildDefinitionId )
-getDefaultBuildDefinition( int projectId )
addBuildDefinitionToProject( int projectId, BuildDefinition buildDefinition )
addBuildDefinitionToProjectGroup( int projectGroupId, BuildDefinition buildDefinition )
getBuildDefinitionsForProject( int projectId )
@@ -294,21 +308,6 @@
getConfiguration();
updateConfiguration( Map parameters )
reloadConfiguration()
-getSecurity();
-addUser( ContinuumUser user )
-addUser( Map configuration )
-updateUser( ContinuumUser user )
-updateUser( int userId, Map configuration )
-getUsers()
-getUser( int userId )
-removeUser( int userId )
-addUserGroup( UserGroup userGroup );
-addUserGroup( Map configuration )
-updateUserGroup( UserGroup userGroup )
-updateUserGroup( int userGroupId, Map configuration )
-getUserGroups()
-getUserGroup( int userGroupId )
-removeUserGroup( int userGroupId )
-->
</mappings>
</objectDefinitionSource>
@@ -360,6 +359,46 @@
</configuration>
</component>
-->
+
+ <!-- Processes deletion configuration settings -->
+ <component>
+ <role>org.acegisecurity.vote.AccessDecisionVoter</role>
+ <role-hint>aclProjectGroupDelete</role-hint>
+ <implementation>org.acegisecurity.vote.BasicAclEntryVoter</implementation>
+ <requirements>
+ <requirement>
+ <role>org.acegisecurity.acl.AclManager</role>
+ <field-name>aclManager</field-name>
+ </requirement>
+ </requirements>
+ <configuration>
+ <processConfigAttribute>ACL_PROJECTGROUP_DELETE</processConfigAttribute>
+ <processDomainObjectClass>org.apache.maven.continuum.model.project.ProjectGroup</processDomainObjectClass>
+ <requirePermissionFromString>
+ <permission>ADMINISTRATION</permission>
+ <permission>DELETE</permission>
+ </requirePermissionFromString>
+ </configuration>
+ </component>
+ <component>
+ <role>org.acegisecurity.vote.AccessDecisionVoter</role>
+ <role-hint>aclProjectDelete</role-hint>
+ <implementation>org.acegisecurity.vote.BasicAclEntryVoter</implementation>
+ <requirements>
+ <requirement>
+ <role>org.acegisecurity.acl.AclManager</role>
+ <field-name>aclManager</field-name>
+ </requirement>
+ </requirements>
+ <configuration>
+ <processConfigAttribute>ACL_PROJECT_DELETE</processConfigAttribute>
+ <processDomainObjectClass>org.apache.maven.continuum.model.project.Project</processDomainObjectClass>
+ <requirePermissionFromString>
+ <permission>ADMINISTRATION</permission>
+ <permission>DELETE</permission>
+ </requirePermissionFromString>
+ </configuration>
+ </component>
<!-- ============== "AFTER INTERCEPTION" AUTHORIZATION DEFINITIONS =========== -->