You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@archiva.apache.org by br...@apache.org on 2006/09/28 16:29:24 UTC
svn commit: r450867 - in /maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin: AbstractConfigureRepositoryAction.java AbstractDeleteRepositoryAction.java RunRepositoryTaskAction.java

Author: brett
Date: Thu Sep 28 07:29:23 2006
New Revision: 450867

URL: http://svn.apache.org/viewvc?view=rev&rev=450867
Log:
add security

Modified:
    maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/AbstractConfigureRepositoryAction.java
    maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/AbstractDeleteRepositoryAction.java
    maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/RunRepositoryTaskAction.java

Modified: maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/AbstractConfigureRepositoryAction.java
URL: http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/AbstractConfigureRepositoryAction.java?view=diff&rev=450867&r1=450866&r2=450867
==============================================================================
--- maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/AbstractConfigureRepositoryAction.java (original)
+++ maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/AbstractConfigureRepositoryAction.java Thu Sep 28 07:29:23 2006
@@ -27,6 +27,7 @@
 import org.apache.maven.archiva.security.ArchivaRoleConstants;
 import org.codehaus.plexus.xwork.action.PlexusActionSupport;
 import org.codehaus.plexus.security.rbac.RbacManagerException;
+import org.codehaus.plexus.security.rbac.Resource;
 import org.codehaus.plexus.security.ui.web.interceptor.SecureAction;
 import org.codehaus.plexus.security.ui.web.interceptor.SecureActionBundle;
 import org.codehaus.plexus.security.ui.web.interceptor.SecureActionException;
@@ -171,11 +172,17 @@
     {
         SecureActionBundle bundle = new SecureActionBundle();
 
+        bundle.setRequiresAuthentication( true );
+
         if ( getRepoId() != null )
         {
-            bundle.setRequiresAuthentication( true );
-            // TODO: this is not right. It needs to change based on method
+            // TODO: this is not right. It needs to change based on method. But is this really the right way to restrict this area?
+            // TODO: not right. We only care about this permission on managed repositories. Otherwise, it's configuration
             bundle.addRequiredAuthorization( ArchivaRoleConstants.OPERATION_EDIT_REPOSITORY, getRepoId() );
+        }
+        else
+        {
+            bundle.addRequiredAuthorization( ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION, Resource.GLOBAL );
         }
 
         return bundle;

Modified: maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/AbstractDeleteRepositoryAction.java
URL: http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/AbstractDeleteRepositoryAction.java?view=diff&rev=450867&r1=450866&r2=450867
==============================================================================
--- maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/AbstractDeleteRepositoryAction.java (original)
+++ maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/AbstractDeleteRepositoryAction.java Thu Sep 28 07:29:23 2006
@@ -22,7 +22,12 @@
 import org.apache.maven.archiva.configuration.ConfigurationStore;
 import org.apache.maven.archiva.configuration.ConfigurationStoreException;
 import org.apache.maven.archiva.configuration.InvalidConfigurationException;
+import org.apache.maven.archiva.security.ArchivaRoleConstants;
 import org.codehaus.plexus.xwork.action.PlexusActionSupport;
+import org.codehaus.plexus.security.ui.web.interceptor.SecureAction;
+import org.codehaus.plexus.security.ui.web.interceptor.SecureActionBundle;
+import org.codehaus.plexus.security.ui.web.interceptor.SecureActionException;
+import org.codehaus.plexus.security.rbac.Resource;
 
 import java.io.IOException;
 
@@ -33,6 +38,7 @@
  */
 public abstract class AbstractDeleteRepositoryAction
     extends PlexusActionSupport
+    implements SecureAction
 {
     /**
      * @plexus.requirement
@@ -111,5 +117,25 @@
     public void setOperation( String operation )
     {
         this.operation = operation;
+    }
+    
+    public SecureActionBundle getSecureActionBundle()
+        throws SecureActionException
+    {
+        SecureActionBundle bundle = new SecureActionBundle();
+
+        bundle.setRequiresAuthentication( true );
+
+        if ( getRepoId() != null )
+        {
+            // TODO: not right. We only care about this permission on managed repositories. Otherwise, it's configuration
+            bundle.addRequiredAuthorization( ArchivaRoleConstants.OPERATION_DELETE_REPOSITORY, getRepoId() );
+        }
+        else
+        {
+            bundle.addRequiredAuthorization( ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION, Resource.GLOBAL );
+        }
+
+        return bundle;
     }
 }

Modified: maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/RunRepositoryTaskAction.java
URL: http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/RunRepositoryTaskAction.java?view=diff&rev=450867&r1=450866&r2=450867
==============================================================================
--- maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/RunRepositoryTaskAction.java (original)
+++ maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/RunRepositoryTaskAction.java Thu Sep 28 07:29:23 2006
@@ -18,7 +18,12 @@
 
 import org.apache.maven.archiva.scheduler.RepositoryTaskScheduler;
 import org.apache.maven.archiva.scheduler.TaskExecutionException;
+import org.apache.maven.archiva.security.ArchivaRoleConstants;
 import org.codehaus.plexus.xwork.action.PlexusActionSupport;
+import org.codehaus.plexus.security.ui.web.interceptor.SecureActionBundle;
+import org.codehaus.plexus.security.ui.web.interceptor.SecureActionException;
+import org.codehaus.plexus.security.ui.web.interceptor.SecureAction;
+import org.codehaus.plexus.security.rbac.Resource;
 
 /**
  * Configures the application.
@@ -27,6 +32,7 @@
  */
 public class RunRepositoryTaskAction
     extends PlexusActionSupport
+    implements SecureAction
 {
     /**
      * @plexus.requirement
@@ -39,5 +45,16 @@
         taskScheduler.runIndexer();
 
         return SUCCESS;
+    }
+
+    public SecureActionBundle getSecureActionBundle()
+        throws SecureActionException
+    {
+        SecureActionBundle bundle = new SecureActionBundle();
+
+        bundle.setRequiresAuthentication( true );
+        bundle.addRequiredAuthorization( ArchivaRoleConstants.OPERATION_RUN_INDEXER, Resource.GLOBAL );
+
+        return bundle;
     }
 }