You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@archiva.apache.org by jm...@apache.org on 2006/09/12 23:50:57 UTC
svn commit: r442726 - in /maven/archiva/trunk/archiva-webapp/src/main:
java/org/apache/maven/archiva/web/util/ resources/META-INF/plexus/
webapp/WEB-INF/jsp/decorators/ webapp/WEB-INF/jsp/reports/
Author: jmcconnell
Date: Tue Sep 12 14:50:57 2006
New Revision: 442726
URL: http://svn.apache.org/viewvc?view=rev&rev=442726
Log:
added additional checks for report viewing and generation
Added:
maven/archiva/trunk/archiva-webapp/src/main/resources/META-INF/plexus/plexus-security.properties (with props)
Modified:
maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/util/DefaultRoleManager.java
maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp
maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/reports/reports.jsp
Modified: maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/util/DefaultRoleManager.java
URL: http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/util/DefaultRoleManager.java?view=diff&rev=442726&r1=442725&r2=442726
==============================================================================
--- maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/util/DefaultRoleManager.java (original)
+++ maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/util/DefaultRoleManager.java Tue Sep 12 14:50:57 2006
@@ -45,7 +45,7 @@
private RBACManager manager;
private boolean initialized;
-
+
public void initialize()
throws InitializationException
{
@@ -164,13 +164,13 @@
manager.savePermission( editAllUsers );
}
- if ( !manager.permissionExists( "Generate All Reports" ) )
+ if ( !manager.permissionExists( "Generate Reports" ) )
{
- Permission editAllUsers = manager.createPermission( "Generate All Reports", "generate-reports",
+ Permission editAllUsers = manager.createPermission( "Generate Reports", "generate-reports",
manager.getGlobalResource().getIdentifier() );
manager.savePermission( editAllUsers );
- }
+ }
if ( !manager.permissionExists( "Grant Roles" ) )
{
@@ -214,7 +214,7 @@
admin.addPermission( manager.getPermission( "Run Indexer" ) );
admin.addPermission( manager.getPermission( "Add Repository" ) );
admin.addPermission( manager.getPermission( "Access Reports") );
- admin.addPermission( manager.getPermission( "Generate All Reports") );
+ admin.addPermission( manager.getPermission( "Generate Reports") );
admin.addPermission( manager.getPermission( "Regenerate Index" ) );
admin.setAssignable( true );
manager.saveRole( admin );
@@ -273,26 +273,16 @@
deleteRepo.setResource( repoResource );
deleteRepo = manager.savePermission( deleteRepo );
- Permission getReports = manager.createPermission( "Access Reports - " + repositoryName );
- getReports.setOperation( manager.getOperation( "access-reports" ) );
- getReports.setResource( repoResource );
- getReports = manager.savePermission( getReports );
-
- Permission regenReports = manager.createPermission( "generate Reports - " + repositoryName );
- regenReports.setOperation( manager.getOperation( "generate-reports" ) );
- regenReports.setResource( repoResource );
- regenReports = manager.savePermission( regenReports );
-
// make the roles
Role repositoryObserver = manager.createRole( "Repository Observer - " + repositoryName );
- repositoryObserver.addPermission( getReports );
+ repositoryObserver.addPermission( manager.getPermission( "Access Reports" ) );
repositoryObserver.setAssignable( true );
repositoryObserver = manager.saveRole( repositoryObserver );
Role repositoryManager = manager.createRole( "Repository Manager - " + repositoryName );
repositoryManager.addPermission( editRepo );
repositoryManager.addPermission( deleteRepo );
- repositoryManager.addPermission( regenReports );
+ repositoryManager.addPermission( manager.getPermission( "Generate Reports" ) );
repositoryManager.addChildRoleName( repositoryObserver.getName() );
repositoryManager.setAssignable( true );
manager.saveRole( repositoryManager );
Added: maven/archiva/trunk/archiva-webapp/src/main/resources/META-INF/plexus/plexus-security.properties
URL: http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-webapp/src/main/resources/META-INF/plexus/plexus-security.properties?view=auto&rev=442726
==============================================================================
--- maven/archiva/trunk/archiva-webapp/src/main/resources/META-INF/plexus/plexus-security.properties (added)
+++ maven/archiva/trunk/archiva-webapp/src/main/resources/META-INF/plexus/plexus-security.properties Tue Sep 12 14:50:57 2006
@@ -0,0 +1,20 @@
+#
+# operations
+#
+addRepositoryOperation=add-repository
+editRepositoryOperation=edit-repository
+deleteRepositoryOperation=delete-repository
+
+editConfiguration=edit-configuration
+
+runIndexer=run-indexer
+regenerateIndex=regenerate-index
+
+accessReports=access-reports
+generateReports=generate-reports
+
+editAllUsers=edit-all-users
+editUser=edit-user
+
+grantRoles=grant-roles
+removeRoles=remove-roles
\ No newline at end of file
Propchange: maven/archiva/trunk/archiva-webapp/src/main/resources/META-INF/plexus/plexus-security.properties
------------------------------------------------------------------------------
svn:eol-style = native
Modified: maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp
URL: http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp?view=diff&rev=442726&r1=442725&r2=442726
==============================================================================
--- maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp (original)
+++ maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp Tue Sep 12 14:50:57 2006
@@ -108,10 +108,10 @@
<my:currentWWUrl action="browse" namespace="/">Browse</my:currentWWUrl>
</li>
</ul>
- <pss:ifAnyAuthorized permissions="edit-all-users,get-reports,edit-configuration">
+ <pss:ifAnyAuthorized permissions="edit-all-users,access-reports,edit-configuration">
<h5>Manage</h5>
<ul>
- <pss:ifAuthorized permission="get-reports">
+ <pss:ifAuthorized permission="access-reports">
<li class="none">
<my:currentWWUrl action="reports" namespace="/admin">Reports</my:currentWWUrl>
</li>
Modified: maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/reports/reports.jsp
URL: http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/reports/reports.jsp?view=diff&rev=442726&r1=442725&r2=442726
==============================================================================
--- maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/reports/reports.jsp (original)
+++ maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/reports/reports.jsp Tue Sep 12 14:50:57 2006
@@ -18,6 +18,7 @@
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<%@ taglib prefix="pss" uri="plexusSecuritySystem" %>
<html>
<head>
@@ -33,14 +34,16 @@
<div id="contentArea">
-<ww:form action="reports" namespace="/admin">
- <ww:select list="reports" label="Report" name="reportGroup" onchange="document.reports.submit();"/>
- <ww:select list="configuration.repositories" listKey="id" listValue="name" label="Repository" headerKey="-"
- headerValue="(All repositories)" name="repositoryId" onchange="document.reports.submit();"/>
- <ww:select list="reports[reportGroup].reports" label="Filter" headerKey="-" headerValue="(All Problems)"
- name="filter" onchange="document.reports.submit();"/>
- <ww:submit value="Get Report"/>
-</ww:form>
+<pss:ifAnyAuthorized permissions="generate-reports">
+ <ww:form action="reports" namespace="/admin">
+ <ww:select list="reports" label="Report" name="reportGroup" onchange="document.reports.submit();"/>
+ <ww:select list="configuration.repositories" listKey="id" listValue="name" label="Repository" headerKey="-"
+ headerValue="(All repositories)" name="repositoryId" onchange="document.reports.submit();"/>
+ <ww:select list="reports[reportGroup].reports" label="Filter" headerKey="-" headerValue="(All Problems)"
+ name="filter" onchange="document.reports.submit();"/>
+ <ww:submit value="Get Report"/>
+ </ww:form>
+</pss:ifAnyAuthorized>
<ww:set name="databases" value="databases"/>
<c:forEach items="${databases}" var="database">
@@ -52,13 +55,13 @@
--%>
<c:choose>
<c:when test="${!database.inProgress}">
- <c:set var="url">
- <ww:url action="runReport" namespace="/admin">
- <ww:param name="repositoryId" value="%{'${database.repository.id}'}"/>
+ <pss:ifAuthorized permission="generate-reports">
+ <ww:url id="regenerateReportUrl" action="runReport" namespace="/admin">
+ <ww:param name="repositoryId">${database.repository.id}</ww:param>
<ww:param name="reportGroup" value="reportGroup"/>
</ww:url>
- </c:set>
- <a href="${url}">Regenerate Report</a>
+ <ww:a href="%{regenerateReportUrl}">Regenerate Report</ww:a>
+ </pss:ifAuthorized>
</c:when>
<c:otherwise>
<!-- TODO: would be good to have a generic task/job mechanism that tracked progress and ability to run