You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@continuum.apache.org by ca...@apache.org on 2006/09/05 22:52:25 UTC
svn commit: r440485 - in
/maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main:
java/org/apache/maven/continuum/security/acegi/
java/org/apache/maven/continuum/security/acegi/acl/
resources/META-INF/plexus/
Author: carlos
Date: Tue Sep 5 13:52:24 2006
New Revision: 440485
URL: http://svn.apache.org/viewvc?view=rev&rev=440485
Log:
Add ACL event handler for ACL creation during continuum operations
Added:
maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/java/org/apache/maven/continuum/security/acegi/AclEventHandler.java (with props)
Modified:
maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/java/org/apache/maven/continuum/security/acegi/AcegiContinuum.java
maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/java/org/apache/maven/continuum/security/acegi/acl/AclInitializer.java
maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/resources/META-INF/plexus/components.xml
Modified: maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/java/org/apache/maven/continuum/security/acegi/AcegiContinuum.java
URL: http://svn.apache.org/viewvc/maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/java/org/apache/maven/continuum/security/acegi/AcegiContinuum.java?view=diff&rev=440485&r1=440484&r2=440485
==============================================================================
--- maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/java/org/apache/maven/continuum/security/acegi/AcegiContinuum.java (original)
+++ maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/java/org/apache/maven/continuum/security/acegi/AcegiContinuum.java Tue Sep 5 13:52:24 2006
@@ -18,14 +18,9 @@
import java.io.File;
import java.util.Collection;
-import java.util.Iterator;
import java.util.List;
import java.util.Map;
-import org.acegisecurity.acl.basic.BasicAclExtendedDao;
-import org.acegisecurity.acl.basic.NamedEntityObjectIdentity;
-import org.acegisecurity.acl.basic.SimpleAclEntry;
-import org.acegisecurity.context.SecurityContextHolder;
import org.apache.maven.continuum.Continuum;
import org.apache.maven.continuum.ContinuumException;
import org.apache.maven.continuum.configuration.ConfigurationService;
@@ -54,7 +49,7 @@
private Continuum continuum;
- private BasicAclExtendedDao aclDao;
+ private AclEventHandler aclEventHandler;
/**
* Set the object to delegate to
@@ -76,79 +71,14 @@
return continuum;
}
- public void setAclDao( BasicAclExtendedDao aclDao )
+ public void setAclEventHandler( AclEventHandler eventHandler )
{
- this.aclDao = aclDao;
+ this.aclEventHandler = eventHandler;
}
- public BasicAclExtendedDao getAclDao()
+ public AclEventHandler getAclEventHandler()
{
- return aclDao;
- }
-
- /**
- * Project has same permissions as its project group.
- *
- * @param project
- * @return
- */
- private SimpleAclEntry getProjectAcl( Project project )
- {
- NamedEntityObjectIdentity projectGroupIdentity = new NamedEntityObjectIdentity( ProjectGroup.class.getName(),
- Integer.toString( project
- .getProjectGroup().getId() ) );
- SimpleAclEntry aclEntry = new SimpleAclEntry();
- // aclEntry.setAclObjectIdentity( new NamedEntityObjectIdentity( Project.class.getName(), Integer
- // .toString( project.getId() ) ) );
- aclEntry.setAclObjectParentIdentity( projectGroupIdentity );
- return aclEntry;
- }
-
- /**
- * Creator of {@link ProjectGroup} has {@link SimpleAclEntry#ADMINISTRATION} permissions.
- *
- * @param projectGroup
- * @return an ACL entry for the creator of the group
- */
- private SimpleAclEntry getProjectGroupAcl( ProjectGroup projectGroup )
- {
- Object username = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
- SimpleAclEntry aclEntry = new SimpleAclEntry();
- aclEntry.setAclObjectIdentity( new NamedEntityObjectIdentity( ProjectGroup.class.getName(), Integer
- .toString( projectGroup.getId() ) ) );
- aclEntry.setRecipient( username );
- aclEntry.addPermission( SimpleAclEntry.ADMINISTRATION );
- return aclEntry;
- }
-
- /**
- * Call this method when new {@link ProjectGroup}s are created.
- *
- * @param projectGroups
- */
- private void createNewProjectGroupsACLs( Collection projectGroups )
- {
- Iterator it = projectGroups.iterator();
- while ( it.hasNext() )
- {
- ProjectGroup projectGroup = (ProjectGroup) it.next();
- getAclDao().create( getProjectGroupAcl( projectGroup ) );
- }
- }
-
- /**
- * Call this method when new {@link Project}s are created.
- *
- * @param projects
- */
- private void createNewProjectsACLs( Collection projects )
- {
- Iterator it = projects.iterator();
- while ( it.hasNext() )
- {
- Project project = (Project) it.next();
- getAclDao().create( getProjectAcl( project ) );
- }
+ return aclEventHandler;
}
/**
@@ -185,8 +115,7 @@
throws ContinuumException
{
ContinuumProjectBuildingResult result = getContinuum().addMavenOneProject( metadataUrl );
- createNewProjectGroupsACLs( result.getProjectGroups() );
- createNewProjectsACLs( result.getProjects() );
+ getAclEventHandler().afterAddProject( result );
return result;
}
@@ -200,8 +129,7 @@
throws ContinuumException
{
ContinuumProjectBuildingResult result = getContinuum().addMavenTwoProject( metadataUrl );
- createNewProjectGroupsACLs( result.getProjectGroups() );
- createNewProjectsACLs( result.getProjects() );
+ getAclEventHandler().afterAddProject( result );
return result;
}
Added: maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/java/org/apache/maven/continuum/security/acegi/AclEventHandler.java
URL: http://svn.apache.org/viewvc/maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/java/org/apache/maven/continuum/security/acegi/AclEventHandler.java?view=auto&rev=440485
==============================================================================
--- maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/java/org/apache/maven/continuum/security/acegi/AclEventHandler.java (added)
+++ maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/java/org/apache/maven/continuum/security/acegi/AclEventHandler.java Tue Sep 5 13:52:24 2006
@@ -0,0 +1,136 @@
+package org.apache.maven.continuum.security.acegi;
+
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import java.util.Collection;
+import java.util.Iterator;
+import java.util.List;
+
+import org.acegisecurity.acl.basic.BasicAclExtendedDao;
+import org.acegisecurity.acl.basic.NamedEntityObjectIdentity;
+import org.acegisecurity.acl.basic.SimpleAclEntry;
+import org.acegisecurity.context.SecurityContextHolder;
+import org.acegisecurity.userdetails.User;
+import org.apache.maven.continuum.model.project.Project;
+import org.apache.maven.continuum.model.project.ProjectGroup;
+import org.apache.maven.continuum.project.builder.ContinuumProjectBuildingResult;
+import org.apache.maven.continuum.security.acegi.acl.AclInitializer;
+
+/**
+ * Utility class to handle ACL manipulation on Continuum events, like adding or
+ * removing projects, adding or removing project groups,...
+ *
+ * @author <a href="mailto:carlos@apache.org">Carlos Sanchez</a>
+ * @version $Id$
+ */
+public class AclEventHandler
+{
+
+ private BasicAclExtendedDao aclDao;
+
+ public void setAclDao( BasicAclExtendedDao aclDao )
+ {
+ this.aclDao = aclDao;
+ }
+
+ public BasicAclExtendedDao getAclDao()
+ {
+ return aclDao;
+ }
+
+ public void afterAddProject( ContinuumProjectBuildingResult result )
+ {
+ List projectGroups = result.getProjectGroups();
+ if ( projectGroups.size() > 0 )
+ {
+ createNewProjectGroupsACLs( projectGroups );
+
+ if ( projectGroups.size() > 1 )
+ {
+ throw new RuntimeException( "Adding a project has returned more than one project group: "
+ + projectGroups );
+ }
+ ProjectGroup projectGroup = (ProjectGroup) projectGroups.iterator().next();
+ createNewProjectsACLs( result.getProjects(), projectGroup );
+ }
+ }
+
+ /**
+ * Call this method when new {@link ProjectGroup}s are created.
+ *
+ * @param projectGroups
+ */
+ private void createNewProjectGroupsACLs( Collection projectGroups )
+ {
+ Iterator it = projectGroups.iterator();
+ while ( it.hasNext() )
+ {
+ ProjectGroup projectGroup = (ProjectGroup) it.next();
+ createNewProjectGroupACL( projectGroup );
+ }
+ }
+
+ /**
+ * Creator of {@link ProjectGroup} has {@link SimpleAclEntry#ADMINISTRATION} permissions.
+ *
+ * @param projectGroup
+ */
+ private void createNewProjectGroupACL( ProjectGroup projectGroup )
+ {
+ User user = (User) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
+ SimpleAclEntry aclEntry = new SimpleAclEntry();
+ aclEntry.setAclObjectIdentity( new NamedEntityObjectIdentity( projectGroup.getClass().getName(), Integer
+ .toString( projectGroup.getId() ) ) );
+ aclEntry.setRecipient( user.getUsername() );
+ aclEntry.setAclObjectParentIdentity( AclInitializer.PARENT_PROJECT_GROUP_ACL_ID );
+ aclEntry.addPermission( SimpleAclEntry.ADMINISTRATION );
+ getAclDao().create( aclEntry );
+ }
+
+ /**
+ * Call this method when new {@link Project}s are created.
+ *
+ * @param projects
+ */
+ private void createNewProjectsACLs( Collection projects, ProjectGroup projectGroup )
+ {
+ Iterator it = projects.iterator();
+ while ( it.hasNext() )
+ {
+ Project project = (Project) it.next();
+ createNewProjectACL( project, projectGroup );
+ }
+ }
+
+ /**
+ * Project has same permissions as its project group.
+ *
+ * @param project
+ * @param projectGroup group the projects belong to
+ */
+ private void createNewProjectACL( Project project, ProjectGroup projectGroup )
+ {
+ NamedEntityObjectIdentity projectGroupIdentity = new NamedEntityObjectIdentity( ProjectGroup.class.getName(),
+ Integer.toString( projectGroup
+ .getId() ) );
+ SimpleAclEntry aclEntry = new SimpleAclEntry();
+ aclEntry.setAclObjectIdentity( new NamedEntityObjectIdentity( Project.class.getName(), Integer
+ .toString( project.getId() ) ) );
+ aclEntry.setAclObjectParentIdentity( projectGroupIdentity );
+ getAclDao().create( aclEntry );
+ }
+}
Propchange: maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/java/org/apache/maven/continuum/security/acegi/AclEventHandler.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/java/org/apache/maven/continuum/security/acegi/AclEventHandler.java
------------------------------------------------------------------------------
svn:keywords = "Author Date Id Revision"
Modified: maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/java/org/apache/maven/continuum/security/acegi/acl/AclInitializer.java
URL: http://svn.apache.org/viewvc/maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/java/org/apache/maven/continuum/security/acegi/acl/AclInitializer.java?view=diff&rev=440485&r1=440484&r2=440485
==============================================================================
--- maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/java/org/apache/maven/continuum/security/acegi/acl/AclInitializer.java (original)
+++ maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/java/org/apache/maven/continuum/security/acegi/acl/AclInitializer.java Tue Sep 5 13:52:24 2006
@@ -19,10 +19,11 @@
import java.io.IOException;
import java.io.InputStream;
+import org.acegisecurity.acl.basic.AclObjectIdentity;
import org.acegisecurity.acl.basic.NamedEntityObjectIdentity;
import org.acegisecurity.acl.basic.SimpleAclEntry;
import org.acegisecurity.acl.basic.jdbc.JdbcExtendedDaoImpl;
-import org.apache.maven.continuum.model.project.Project;
+import org.apache.maven.continuum.model.project.ProjectGroup;
import org.apache.maven.plugin.MojoExecutionException;
import org.codehaus.mojo.sql.SqlExecMojo;
import org.codehaus.plexus.logging.AbstractLogEnabled;
@@ -42,6 +43,9 @@
{
public static final String ROLE = AclInitializer.class.getName();
+ public static final AclObjectIdentity PARENT_PROJECT_GROUP_ACL_ID =
+ new NamedEntityObjectIdentity( ProjectGroup.class.getName(), "0" );
+
private JdbcExtendedDaoImpl dao;
private SqlExecMojo sqlMojo;
@@ -145,7 +149,7 @@
/* admin can do anything with project number 1 */
SimpleAclEntry aclEntry = new SimpleAclEntry();
- aclEntry.setAclObjectIdentity( new NamedEntityObjectIdentity( Project.class.getName(), "1" ) );
+ aclEntry.setAclObjectIdentity( PARENT_PROJECT_GROUP_ACL_ID );
aclEntry.setRecipient( "ROLE_admin" );
aclEntry.addPermission( SimpleAclEntry.ADMINISTRATION );
getDao().create( aclEntry );
Modified: maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/resources/META-INF/plexus/components.xml
URL: http://svn.apache.org/viewvc/maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/resources/META-INF/plexus/components.xml?view=diff&rev=440485&r1=440484&r2=440485
==============================================================================
--- maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/resources/META-INF/plexus/components.xml (original)
+++ maven/continuum/branches/continuum-acegi/continuum-security/continuum-security-acegi/src/main/resources/META-INF/plexus/components.xml Tue Sep 5 13:52:24 2006
@@ -12,6 +12,17 @@
<field-name>continuum</field-name>
</requirement>
<requirement>
+ <role>org.apache.maven.continuum.security.acegi.AclEventHandler</role>
+ <field-name>aclEventHandler</field-name>
+ </requirement>
+ </requirements>
+ </component>
+
+ <component>
+ <role>org.apache.maven.continuum.security.acegi.AclEventHandler</role>
+ <implementation>org.apache.maven.continuum.security.acegi.AclEventHandler</implementation>
+ <requirements>
+ <requirement>
<role>org.acegisecurity.acl.basic.BasicAclExtendedDao</role>
<field-name>aclDao</field-name>
</requirement>