You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@archiva.apache.org by br...@apache.org on 2009/03/11 18:33:32 UTC
svn commit: r752539 - in /archiva/trunk/archiva-modules/archiva-web:
archiva-security/src/main/java/org/apache/maven/archiva/security/
archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/
archiva-webapp/src/main/webapp/WEB-INF/jsp/decorato...
Author: brett
Date: Wed Mar 11 17:33:31 2009
New Revision: 752539
URL: http://svn.apache.org/viewvc?rev=752539&view=rev
Log:
[MRM-922] access to upload page with managed repository role
Modified:
archiva/trunk/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java
archiva/trunk/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/UserRepositories.java
archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/UploadAction.java
archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp
archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/security/UserRepositoriesStub.java
Modified: archiva/trunk/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java
URL: http://svn.apache.org/viewvc/archiva/trunk/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java?rev=752539&r1=752538&r2=752539&view=diff
==============================================================================
--- archiva/trunk/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java (original)
+++ archiva/trunk/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java Wed Mar 11 17:33:31 2009
@@ -73,7 +73,22 @@
public List<String> getObservableRepositoryIds( String principal )
throws PrincipalNotFoundException, AccessDeniedException, ArchivaSecurityException
{
+ String operation = ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS;
+ return getAccessibleRepositoryIds( principal, operation );
+ }
+
+ public List<String> getManagableRepositoryIds( String principal )
+ throws PrincipalNotFoundException, AccessDeniedException, ArchivaSecurityException
+ {
+ String operation = ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD;
+
+ return getAccessibleRepositoryIds( principal, operation );
+ }
+
+ private List<String> getAccessibleRepositoryIds( String principal, String operation )
+ throws ArchivaSecurityException, AccessDeniedException, PrincipalNotFoundException
+ {
try
{
User user = securitySystem.getUserManager().findUser( principal );
@@ -100,8 +115,7 @@
try
{
String repoId = repo.getId();
- if ( securitySystem.isAuthorized( securitySession,
- ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS, repoId ) )
+ if ( securitySystem.isAuthorized( securitySession, operation, repoId ) )
{
repoIds.add( repoId );
}
Modified: archiva/trunk/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/UserRepositories.java
URL: http://svn.apache.org/viewvc/archiva/trunk/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/UserRepositories.java?rev=752539&r1=752538&r2=752539&view=diff
==============================================================================
--- archiva/trunk/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/UserRepositories.java (original)
+++ archiva/trunk/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/UserRepositories.java Wed Mar 11 17:33:31 2009
@@ -44,6 +44,18 @@
throws PrincipalNotFoundException, AccessDeniedException, ArchivaSecurityException;
/**
+ * Get the list of writable repository ids for the user specified.
+ *
+ * @param principal the principle to obtain the observable repository ids from.
+ * @return the list of observable repository ids.
+ * @throws PrincipalNotFoundException
+ * @throws AccessDeniedException
+ * @throws ArchivaSecurityException
+ */
+ public List<String> getManagableRepositoryIds( String principal )
+ throws PrincipalNotFoundException, AccessDeniedException, ArchivaSecurityException;
+
+ /**
* Create any missing repository roles for the provided repository id.
*
* @param repoId the repository id to work off of.
Modified: archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/UploadAction.java
URL: http://svn.apache.org/viewvc/archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/UploadAction.java?rev=752539&r1=752538&r2=752539&view=diff
==============================================================================
--- archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/UploadAction.java (original)
+++ archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/UploadAction.java Wed Mar 11 17:33:31 2009
@@ -57,6 +57,7 @@
import org.apache.maven.archiva.repository.project.ProjectModelException;
import org.apache.maven.archiva.repository.project.ProjectModelWriter;
import org.apache.maven.archiva.repository.project.writers.ProjectModel400Writer;
+import org.apache.maven.archiva.security.AccessDeniedException;
import org.apache.maven.archiva.security.ArchivaSecurityException;
import org.apache.maven.archiva.security.PrincipalNotFoundException;
import org.apache.maven.archiva.security.UserRepositories;
@@ -295,8 +296,7 @@
public void prepare()
{
- managedRepoIdList =
- new ArrayList<String>( configuration.getConfiguration().getManagedRepositoriesAsMap().keySet() );
+ managedRepoIdList = getManagableRepos();
}
public String input()
@@ -622,6 +622,28 @@
this.auditListeners.remove( listener );
}
+ private List<String> getManagableRepos()
+ {
+ try
+ {
+ return userRepositories.getManagableRepositoryIds( getPrincipal() );
+ }
+ catch ( PrincipalNotFoundException e )
+ {
+ getLogger().warn( e.getMessage(), e );
+ }
+ catch ( AccessDeniedException e )
+ {
+ getLogger().warn( e.getMessage(), e );
+ // TODO: pass this onto the screen.
+ }
+ catch ( ArchivaSecurityException e )
+ {
+ getLogger().warn( e.getMessage(), e );
+ }
+ return Collections.emptyList();
+ }
+
private void triggerAuditEvent( String user, String repositoryId, String resource, String action )
{
AuditEvent event = new AuditEvent( repositoryId, user, resource, action );
Modified: archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp
URL: http://svn.apache.org/viewvc/archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp?rev=752539&r1=752538&r2=752539&view=diff
==============================================================================
--- archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp (original)
+++ archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp Wed Mar 11 17:33:31 2009
@@ -80,7 +80,7 @@
</li>
</ul>
- <redback:ifAnyAuthorized permissions="archiva-delete-artifact,archiva-manage-users,archiva-access-reports,archiva-manage-configuration">
+ <redback:ifAnyAuthorized permissions="archiva-upload-repository,archiva-delete-artifact,archiva-manage-users,archiva-access-reports,archiva-manage-configuration">
<h5>Manage</h5>
<ul>
<redback:ifAuthorized permission="archiva-access-reports">
@@ -88,11 +88,6 @@
<my:currentWWUrl action="pickReport" namespace="/report">Reports</my:currentWWUrl>
</li>
</redback:ifAuthorized>
- <%-- POSTPONED to 1.1 series
- <li class="none">
- <a href="#">Synchronisation</a>
- </li>
- --%>
<redback:ifAuthorized permission="archiva-manage-users">
<li class="none">
<my:currentWWUrl action="userlist" namespace="/security">User Management</my:currentWWUrl>
@@ -107,6 +102,8 @@
<li class="none">
<my:currentWWUrl action="configureAppearance" namespace="/admin">Appearance</my:currentWWUrl>
</li>
+ </redback:ifAuthorized>
+ <redback:ifAuthorized permission="archiva-upload-repository">
<li class="none">
<my:currentWWUrl action="upload" namespace="/">Upload Artifact</my:currentWWUrl>
</li>
Modified: archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/security/UserRepositoriesStub.java
URL: http://svn.apache.org/viewvc/archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/security/UserRepositoriesStub.java?rev=752539&r1=752538&r2=752539&view=diff
==============================================================================
--- archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/security/UserRepositoriesStub.java (original)
+++ archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/security/UserRepositoriesStub.java Wed Mar 11 17:33:31 2009
@@ -67,4 +67,11 @@
return false;
}
+ public List<String> getManagableRepositoryIds( String principal )
+ throws PrincipalNotFoundException, AccessDeniedException, ArchivaSecurityException
+ {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
}