You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@archiva.apache.org by br...@apache.org on 2010/01/19 09:15:45 UTC
svn commit: r900696 - in /archiva/branches/MRM-1025/archiva-modules:
archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/reports/
plugins/audit/src/main/java/org/apache/archiva/audit/
plugins/audit/src/test/java/org/apache/arch...
Author: brett
Date: Tue Jan 19 08:15:44 2010
New Revision: 900696
URL: http://svn.apache.org/viewvc?rev=900696&view=rev
Log:
[MRM-1316] restrict audit log report to repositories that you are a manager of
Modified:
archiva/branches/MRM-1025/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/reports/ViewAuditLogReportAction.java
archiva/branches/MRM-1025/archiva-modules/plugins/audit/src/main/java/org/apache/archiva/audit/AuditManager.java
archiva/branches/MRM-1025/archiva-modules/plugins/audit/src/main/java/org/apache/archiva/audit/DefaultAuditManager.java
archiva/branches/MRM-1025/archiva-modules/plugins/audit/src/test/java/org/apache/archiva/audit/AuditManagerTest.java
Modified: archiva/branches/MRM-1025/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/reports/ViewAuditLogReportAction.java
URL: http://svn.apache.org/viewvc/archiva/branches/MRM-1025/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/reports/ViewAuditLogReportAction.java?rev=900696&r1=900695&r2=900696&view=diff
==============================================================================
--- archiva/branches/MRM-1025/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/reports/ViewAuditLogReportAction.java (original)
+++ archiva/branches/MRM-1025/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/reports/ViewAuditLogReportAction.java Tue Jan 19 08:15:44 2010
@@ -21,12 +21,13 @@
import java.util.ArrayList;
import java.util.Calendar;
+import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.List;
-
import javax.servlet.http.HttpServletRequest;
+import com.opensymphony.xwork2.Preparable;
import org.apache.archiva.audit.AuditManager;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang.time.DateUtils;
@@ -41,8 +42,6 @@
import org.codehaus.redback.integration.interceptor.SecureActionBundle;
import org.codehaus.redback.integration.interceptor.SecureActionException;
-import com.opensymphony.xwork2.Preparable;
-
/**
* @plexus.component role="com.opensymphony.xwork2.Action" role-hint="viewAuditLogReport"
* instantiation-strategy="per-lookup"
@@ -106,7 +105,13 @@
public SecureActionBundle getSecureActionBundle()
throws SecureActionException
{
- return null;
+ SecureActionBundle bundle = new SecureActionBundle();
+
+ // TODO: should require this, but for now we trust in the list of repositories
+// bundle.setRequiresAuthentication( true );
+// bundle.addRequiredAuthorization( ArchivaRoleConstants.OPERATION_VIEW_AUDIT_LOG );
+
+ return bundle;
}
public void setServletRequest( HttpServletRequest request )
@@ -120,7 +125,8 @@
{
repositories = new ArrayList<String>();
repositories.add( ALL_REPOSITORIES );
- repositories.addAll( getObservableRepositories() );
+ List<String> repos = getManagableRepositories();
+ repositories.addAll( repos );
auditLogs = null;
groupId = "";
@@ -136,7 +142,7 @@
headerName = HEADER_RESULTS;
}
- auditLogs = auditManager.getMostRecentAuditEvents();
+ auditLogs = auditManager.getMostRecentAuditEvents( repos );
}
public String execute()
@@ -177,9 +183,20 @@
range[0] = ( page - 1 ) * rowCount;
range[1] = ( page * rowCount ) + 1;
- String repo = repository.equals( ALL_REPOSITORIES ) ? null : repository;
+ Collection<String> repos = getManagableRepositories();
+ if ( !repository.equals( ALL_REPOSITORIES ) )
+ {
+ if ( repos.contains( repository ) )
+ {
+ repos = Collections.singletonList( repository );
+ }
+ else
+ {
+ repos = Collections.emptyList();
+ }
+ }
// TODO: query by artifact
- auditLogs = auditManager.getAuditEventsInRange( repo, startDateInDF, endDateInDF );
+ auditLogs = auditManager.getAuditEventsInRange( repos, startDateInDF, endDateInDF );
if( auditLogs.isEmpty() )
{
@@ -223,11 +240,11 @@
next = StringUtils.replace( next, " ", "%20" );
}
- private List<String> getObservableRepositories()
+ private List<String> getManagableRepositories()
{
try
{
- return userRepositories.getObservableRepositoryIds( getPrincipal() );
+ return userRepositories.getManagableRepositoryIds( getPrincipal() );
}
catch ( PrincipalNotFoundException e )
{
Modified: archiva/branches/MRM-1025/archiva-modules/plugins/audit/src/main/java/org/apache/archiva/audit/AuditManager.java
URL: http://svn.apache.org/viewvc/archiva/branches/MRM-1025/archiva-modules/plugins/audit/src/main/java/org/apache/archiva/audit/AuditManager.java?rev=900696&r1=900695&r2=900696&view=diff
==============================================================================
--- archiva/branches/MRM-1025/archiva-modules/plugins/audit/src/main/java/org/apache/archiva/audit/AuditManager.java (original)
+++ archiva/branches/MRM-1025/archiva-modules/plugins/audit/src/main/java/org/apache/archiva/audit/AuditManager.java Tue Jan 19 08:15:44 2010
@@ -19,6 +19,7 @@
* under the License.
*/
+import java.util.Collection;
import java.util.Date;
import java.util.List;
@@ -26,11 +27,11 @@
public interface AuditManager
{
- List<AuditEvent> getMostRecentAuditEvents();
+ List<AuditEvent> getMostRecentAuditEvents( List<String> repositoryIds );
void addAuditEvent( AuditEvent event );
void deleteAuditEvents( String repositoryId );
- List<AuditEvent> getAuditEventsInRange( String repositoryId, Date startTime, Date endTime );
+ List<AuditEvent> getAuditEventsInRange( Collection<String> repositoryIds, Date startTime, Date endTime );
}
\ No newline at end of file
Modified: archiva/branches/MRM-1025/archiva-modules/plugins/audit/src/main/java/org/apache/archiva/audit/DefaultAuditManager.java
URL: http://svn.apache.org/viewvc/archiva/branches/MRM-1025/archiva-modules/plugins/audit/src/main/java/org/apache/archiva/audit/DefaultAuditManager.java?rev=900696&r1=900695&r2=900696&view=diff
==============================================================================
--- archiva/branches/MRM-1025/archiva-modules/plugins/audit/src/main/java/org/apache/archiva/audit/DefaultAuditManager.java (original)
+++ archiva/branches/MRM-1025/archiva-modules/plugins/audit/src/main/java/org/apache/archiva/audit/DefaultAuditManager.java Tue Jan 19 08:15:44 2010
@@ -48,11 +48,11 @@
private static final Logger log = LoggerFactory.getLogger( DefaultAuditManager.class );
- public List<AuditEvent> getMostRecentAuditEvents()
+ public List<AuditEvent> getMostRecentAuditEvents( List<String> repositoryIds )
{
// TODO: consider a more efficient implementation that directly gets the last ten from the content repository
List<AuditRecord> records = new ArrayList<AuditRecord>();
- for ( String repositoryId : metadataRepository.getRepositories() )
+ for ( String repositoryId : repositoryIds )
{
List<String> timestamps = metadataRepository.getMetadataFacets( repositoryId, AuditEvent.FACET_ID );
for ( String timestamp : timestamps )
@@ -88,11 +88,8 @@
metadataRepository.removeMetadataFacets( repositoryId, AuditEvent.FACET_ID );
}
- public List<AuditEvent> getAuditEventsInRange( String repoId, Date startTime, Date endTime )
+ public List<AuditEvent> getAuditEventsInRange( Collection<String> repositoryIds, Date startTime, Date endTime )
{
- Collection<String> repositoryIds =
- repoId != null ? Collections.singletonList( repoId ) : metadataRepository.getRepositories();
-
List<AuditEvent> results = new ArrayList<AuditEvent>();
for ( String repositoryId : repositoryIds )
{
Modified: archiva/branches/MRM-1025/archiva-modules/plugins/audit/src/test/java/org/apache/archiva/audit/AuditManagerTest.java
URL: http://svn.apache.org/viewvc/archiva/branches/MRM-1025/archiva-modules/plugins/audit/src/test/java/org/apache/archiva/audit/AuditManagerTest.java?rev=900696&r1=900695&r2=900696&view=diff
==============================================================================
--- archiva/branches/MRM-1025/archiva-modules/plugins/audit/src/test/java/org/apache/archiva/audit/AuditManagerTest.java (original)
+++ archiva/branches/MRM-1025/archiva-modules/plugins/audit/src/test/java/org/apache/archiva/audit/AuditManagerTest.java Tue Jan 19 08:15:44 2010
@@ -91,9 +91,6 @@
public void testGetMostRecentEvents()
throws ParseException
{
- metadataRepositoryControl.expectAndReturn( metadataRepository.getRepositories(),
- Collections.singletonList( TEST_REPO_ID ) );
-
int numEvents = 11;
List<String> eventNames = new ArrayList<String>( numEvents );
for ( int i = 0; i < numEvents; i++ )
@@ -113,7 +110,7 @@
}
metadataRepositoryControl.replay();
- List<AuditEvent> events = auditManager.getMostRecentAuditEvents();
+ List<AuditEvent> events = auditManager.getMostRecentAuditEvents( Collections.singletonList( TEST_REPO_ID ) );
assertNotNull( events );
assertEquals( numEvents - 1, events.size() );
int expectedTimestampCounter = numEvents - 1;
@@ -149,8 +146,6 @@
public void testGetMostRecentEventsLessThan10()
throws ParseException
{
- metadataRepositoryControl.expectAndReturn( metadataRepository.getRepositories(),
- Collections.singletonList( TEST_REPO_ID ) );
int numEvents = 5;
List<String> eventNames = new ArrayList<String>( numEvents );
for ( int i = 0; i < numEvents; i++ )
@@ -170,7 +165,7 @@
}
metadataRepositoryControl.replay();
- List<AuditEvent> events = auditManager.getMostRecentAuditEvents();
+ List<AuditEvent> events = auditManager.getMostRecentAuditEvents( Collections.singletonList( TEST_REPO_ID ) );
assertNotNull( events );
assertEquals( numEvents, events.size() );
int expectedTimestampCounter = numEvents - 1;
@@ -187,8 +182,6 @@
public void testGetMostRecentEventsInterleavedRepositories()
throws ParseException
{
- metadataRepositoryControl.expectAndReturn( metadataRepository.getRepositories(),
- Arrays.asList( TEST_REPO_ID, TEST_REPO_ID_2 ) );
int numEvents = 11;
Map<String, List<String>> eventNames = new LinkedHashMap<String, List<String>>();
List<AuditEvent> events = new ArrayList<AuditEvent>();
@@ -216,7 +209,7 @@
}
metadataRepositoryControl.replay();
- events = auditManager.getMostRecentAuditEvents();
+ events = auditManager.getMostRecentAuditEvents( Arrays.asList( TEST_REPO_ID, TEST_REPO_ID_2 ) );
assertNotNull( events );
assertEquals( numEvents - 1, events.size() );
int expectedTimestampCounter = numEvents - 1;
@@ -248,14 +241,11 @@
public void testGetMostRecentEventsWhenEmpty()
{
- metadataRepositoryControl.expectAndReturn( metadataRepository.getRepositories(),
- Collections.singletonList( TEST_REPO_ID ) );
-
metadataRepositoryControl.expectAndReturn(
metadataRepository.getMetadataFacets( TEST_REPO_ID, AuditEvent.FACET_ID ), Collections.emptyList() );
metadataRepositoryControl.replay();
- assertTrue( auditManager.getMostRecentAuditEvents().isEmpty() );
+ assertTrue( auditManager.getMostRecentAuditEvents( Collections.singletonList( TEST_REPO_ID ) ).isEmpty() );
metadataRepositoryControl.verify();
}
@@ -322,9 +312,9 @@
metadataRepositoryControl.replay();
- List<AuditEvent> events =
- auditManager.getAuditEventsInRange( TEST_REPO_ID, new Date( current.getTime() - 4000 ),
- new Date( current.getTime() - 2000 ) );
+ List<AuditEvent> events = auditManager.getAuditEventsInRange( Collections.singletonList( TEST_REPO_ID ),
+ new Date( current.getTime() - 4000 ),
+ new Date( current.getTime() - 2000 ) );
assertEquals( 1, events.size() );
assertEvent( events.get( 0 ), name2, expectedEvent.getResource() );
@@ -355,8 +345,8 @@
metadataRepositoryControl.replay();
- List<AuditEvent> events =
- auditManager.getAuditEventsInRange( TEST_REPO_ID, new Date( current.getTime() - 4000 ), current );
+ List<AuditEvent> events = auditManager.getAuditEventsInRange( Collections.singletonList( TEST_REPO_ID ),
+ new Date( current.getTime() - 4000 ), current );
assertEquals( 2, events.size() );
assertEvent( events.get( 0 ), name3, expectedEvent3.getResource() );
@@ -388,9 +378,9 @@
metadataRepositoryControl.replay();
- List<AuditEvent> events =
- auditManager.getAuditEventsInRange( TEST_REPO_ID, new Date( current.getTime() - 20000 ),
- new Date( current.getTime() - 2000 ) );
+ List<AuditEvent> events = auditManager.getAuditEventsInRange( Collections.singletonList( TEST_REPO_ID ),
+ new Date( current.getTime() - 20000 ),
+ new Date( current.getTime() - 2000 ) );
assertEquals( 2, events.size() );
assertEvent( events.get( 0 ), name2, expectedEvent2.getResource() );
@@ -425,8 +415,8 @@
metadataRepositoryControl.replay();
- List<AuditEvent> events =
- auditManager.getAuditEventsInRange( TEST_REPO_ID, new Date( current.getTime() - 20000 ), current );
+ List<AuditEvent> events = auditManager.getAuditEventsInRange( Collections.singletonList( TEST_REPO_ID ),
+ new Date( current.getTime() - 20000 ), current );
assertEquals( 3, events.size() );
assertEvent( events.get( 0 ), name3, expectedEvent3.getResource() );
@@ -439,9 +429,6 @@
public void testGetEventsRangeMultipleRepositories()
throws ParseException
{
- metadataRepositoryControl.expectAndReturn( metadataRepository.getRepositories(),
- Arrays.asList( TEST_REPO_ID, TEST_REPO_ID_2 ) );
-
Date current = new Date();
String name1 = TIMESTAMP_FORMAT.format( new Date( current.getTime() - 12345 ) );
@@ -466,8 +453,8 @@
metadataRepositoryControl.replay();
- List<AuditEvent> events =
- auditManager.getAuditEventsInRange( null, new Date( current.getTime() - 20000 ), current );
+ List<AuditEvent> events = auditManager.getAuditEventsInRange( Arrays.asList( TEST_REPO_ID, TEST_REPO_ID_2 ),
+ new Date( current.getTime() - 20000 ), current );
assertEquals( 3, events.size() );
assertEvent( events.get( 0 ), name3, expectedEvent3.getResource() );
@@ -496,9 +483,9 @@
metadataRepositoryControl.replay();
- List<AuditEvent> events =
- auditManager.getAuditEventsInRange( TEST_REPO_ID, new Date( current.getTime() - 20000 ),
- new Date( current.getTime() - 16000 ) );
+ List<AuditEvent> events = auditManager.getAuditEventsInRange( Collections.singletonList( TEST_REPO_ID ),
+ new Date( current.getTime() - 20000 ),
+ new Date( current.getTime() - 16000 ) );
assertEquals( 0, events.size() );