You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@continuum.apache.org by ev...@apache.org on 2007/01/11 16:47:51 UTC
svn commit: r495263 - in /maven/continuum/trunk/continuum-webapp/src/main:
java/org/apache/maven/continuum/web/action/
java/org/apache/maven/continuum/web/view/ webapp/WEB-INF/jsp/components/
Author: evenisse
Date: Thu Jan 11 07:47:50 2007
New Revision: 495263
URL: http://svn.apache.org/viewvc?view=rev&rev=495263
Log:
Fix some role usage and secure the working copy page
Modified:
maven/continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/GroupSummaryAction.java
maven/continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/WorkingCopyAction.java
maven/continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/view/BuildCell.java
maven/continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/view/StateCell.java
maven/continuum/trunk/continuum-webapp/src/main/webapp/WEB-INF/jsp/components/projectGroupNotifierSummaryComponent.jsp
maven/continuum/trunk/continuum-webapp/src/main/webapp/WEB-INF/jsp/components/projectSummaryComponent.jsp
Modified: maven/continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/GroupSummaryAction.java
URL: http://svn.apache.org/viewvc/maven/continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/GroupSummaryAction.java?view=diff&rev=495263&r1=495262&r2=495263
==============================================================================
--- maven/continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/GroupSummaryAction.java (original)
+++ maven/continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/GroupSummaryAction.java Thu Jan 11 07:47:50 2007
@@ -19,6 +19,7 @@
* under the License.
*/
+import com.opensymphony.xwork.ActionContext;
import org.apache.maven.continuum.ContinuumException;
import org.apache.maven.continuum.model.project.BuildResult;
import org.apache.maven.continuum.model.project.Project;
@@ -26,14 +27,13 @@
import org.apache.maven.continuum.security.ContinuumRoleConstants;
import org.apache.maven.continuum.web.model.GroupSummary;
import org.apache.maven.continuum.web.model.ProjectSummary;
-import org.codehaus.plexus.security.authorization.AuthorizationDataSource;
+import org.codehaus.plexus.PlexusContainer;
+import org.codehaus.plexus.component.repository.exception.ComponentLookupException;
import org.codehaus.plexus.security.authorization.AuthorizationException;
-import org.codehaus.plexus.security.authorization.Authorizer;
import org.codehaus.plexus.security.system.SecuritySession;
+import org.codehaus.plexus.security.system.SecuritySystem;
import org.codehaus.plexus.security.system.SecuritySystemConstants;
-import org.codehaus.plexus.security.user.User;
-
-import com.opensymphony.xwork.ActionContext;
+import org.codehaus.plexus.xwork.PlexusLifecycleListener;
import java.util.ArrayList;
import java.util.Collection;
@@ -44,17 +44,11 @@
/**
* @author <a href="mailto:evenisse@apache.org">Emmanuel Venisse</a>
* @version $Id$
- * @plexus.component role="com.opensymphony.xwork.Action"
- * role-hint="groupSummary"
+ * @plexus.component role="com.opensymphony.xwork.Action" role-hint="groupSummary"
*/
public class GroupSummaryAction
extends ContinuumActionSupport
{
- /**
- * @plexus.requirement role-hint="rbac"
- */
- private Authorizer authorizer;
-
private String infoMessage;
private List groups;
@@ -63,142 +57,125 @@
throws ContinuumException
{
groups = new ArrayList();
-
+
Collection projectGroups = getContinuum().getAllProjectGroupsWithProjects();
- ActionContext context = ActionContext.getContext();
- SecuritySession securitySession = (SecuritySession)context.getSession().get( SecuritySystemConstants.SECURITY_SESSION_KEY );
-
- if ( securitySession != null )
+
+ for ( Iterator j = projectGroups.iterator(); j.hasNext(); )
{
- User user = securitySession.getUser();
- AuthorizationDataSource authSource = new AuthorizationDataSource(user.getUsername(), user, ContinuumRoleConstants.CONTINUUM_VIEW_GROUP_OPERATION);
-
- for ( Iterator j = projectGroups.iterator(); j.hasNext(); )
+ ProjectGroup projectGroup = (ProjectGroup) j.next();
+
+ if ( isAuthorized( projectGroup ) )
{
- ProjectGroup projectGroup = (ProjectGroup) j.next();
-
- authSource.setResource( projectGroup.getName() );
-
- try
+ getLogger().debug( "GroupSummaryAction: building group " + projectGroup.getName() );
+
+ GroupSummary groupModel = new GroupSummary();
+ groupModel.setId( projectGroup.getId() );
+ groupModel.setGroupId( projectGroup.getGroupId() );
+ groupModel.setName( projectGroup.getName() );
+ groupModel.setDescription( projectGroup.getDescription() );
+
+ //TODO: Create a summary jpox request so code will be more simple and performance will be better
+ Collection projects = projectGroup.getProjects();
+
+ groupModel.setNumProjects( projects.size() );
+
+ Map buildResults = getContinuum().getLatestBuildResults();
+
+ Map buildResultsInSuccess = getContinuum().getBuildResultsInSuccess();
+
+ List projectModels = new ArrayList();
+ int numSuccesses = 0;
+ int numFailures = 0;
+ int numErrors = 0;
+
+ for ( Iterator i = projects.iterator(); i.hasNext(); )
{
- if ( authorizer.isAuthorized( authSource ).isAuthorized() )
+ Project project = (Project) i.next();
+
+ if ( groupModel.getProjectType() == null )
+ {
+ groupModel.setProjectType( project.getExecutorId() );
+ }
+
+ ProjectSummary model = new ProjectSummary();
+
+ getLogger().debug( "GroupSummaryAction: building project model " + project.getName() );
+
+ model.setId( project.getId() );
+
+ model.setName( project.getName() );
+
+ model.setVersion( project.getVersion() );
+
+ model.setProjectGroupId( project.getProjectGroup().getId() );
+
+ model.setProjectGroupName( project.getProjectGroup().getName() );
+
+ if ( getContinuum().isInBuildingQueue( project.getId() ) )
+ {
+ model.setInBuildingQueue( true );
+ }
+ else if ( getContinuum().isInCheckoutQueue( project.getId() ) )
+ {
+ model.setInCheckoutQueue( true );
+ }
+ else
+ {
+ model.setInBuildingQueue( false );
+ model.setInCheckoutQueue( false );
+ }
+
+ model.setState( project.getState() );
+
+ if ( project.getState() == 2 )
{
- getLogger().debug( "GroupSummaryAction: building group " + projectGroup.getName() );
-
- GroupSummary groupModel = new GroupSummary();
- groupModel.setId( projectGroup.getId() );
- groupModel.setGroupId( projectGroup.getGroupId() );
- groupModel.setName( projectGroup.getName() );
- groupModel.setDescription( projectGroup.getDescription() );
-
- //TODO: Create a summary jpox request so code will be more simple and performance will be better
- Collection projects = projectGroup.getProjects();
-
- groupModel.setNumProjects( projects.size() );
-
- Map buildResults = getContinuum().getLatestBuildResults();
-
- Map buildResultsInSuccess = getContinuum().getBuildResultsInSuccess();
-
- List projectModels = new ArrayList();
- int numSuccesses = 0;
- int numFailures = 0;
- int numErrors = 0;
-
- for ( Iterator i = projects.iterator(); i.hasNext(); )
+ numSuccesses++;
+ }
+ else if ( project.getState() == 3 )
+ {
+ numFailures++;
+ }
+ else if ( project.getState() == 4 )
+ {
+ numErrors++;
+ }
+
+ model.setBuildNumber( project.getBuildNumber() );
+
+ if ( buildResultsInSuccess != null )
+ {
+ BuildResult buildInSuccess =
+ (BuildResult) buildResultsInSuccess.get( new Integer( project.getId() ) );
+
+ if ( buildInSuccess != null )
{
- Project project = (Project) i.next();
-
- if ( groupModel.getProjectType() == null )
- {
- groupModel.setProjectType( project.getExecutorId() );
- }
-
- ProjectSummary model = new ProjectSummary();
-
- getLogger().debug( "GroupSummaryAction: building project model " + project.getName() );
-
- model.setId( project.getId() );
-
- model.setName( project.getName() );
-
- model.setVersion( project.getVersion() );
-
- model.setProjectGroupId( project.getProjectGroup().getId() );
-
- model.setProjectGroupName( project.getProjectGroup().getName() );
-
- if ( getContinuum().isInBuildingQueue( project.getId() ) )
- {
- model.setInBuildingQueue( true );
- }
- else if ( getContinuum().isInCheckoutQueue( project.getId() ) )
- {
- model.setInCheckoutQueue( true );
- }
- else
- {
- model.setInBuildingQueue( false );
- model.setInCheckoutQueue( false );
- }
-
- model.setState( project.getState() );
-
- if ( project.getState() == 2 )
- {
- numSuccesses++;
- }
- else if ( project.getState() == 3 )
- {
- numFailures++;
- }
- else if ( project.getState() == 4 )
- {
- numErrors++;
- }
-
- model.setBuildNumber( project.getBuildNumber() );
-
- if ( buildResultsInSuccess != null )
- {
- BuildResult buildInSuccess =
- (BuildResult) buildResultsInSuccess.get( new Integer( project.getId() ) );
-
- if ( buildInSuccess != null )
- {
- model.setBuildInSuccessId( buildInSuccess.getId() );
- }
- }
-
- if ( buildResults != null )
- {
- BuildResult latestBuild = (BuildResult) buildResults.get( new Integer( project.getId() ) );
-
- if ( latestBuild != null )
- {
- model.setLatestBuildId( latestBuild.getId() );
- }
- }
- getLogger().debug( "GroupSummaryAction: adding model to group " + model.getName() );
- projectModels.add( model );
+ model.setBuildInSuccessId( buildInSuccess.getId() );
}
-
- //todo wire in the next scheduled build for the project group and a meaningful status message
- //groupModel.setNextScheduledBuild( "unknown" );
- //groupModel.setStatusMessage( "none" );
-
- groupModel.setNumSuccesses( numSuccesses );
- groupModel.setNumFailures( numFailures );
- groupModel.setNumErrors( numErrors );
- groupModel.setProjects( projectModels );
- getLogger().debug( "GroupSummaryAction: adding group to groups list " + groupModel.getName() );
- groups.add( groupModel );
}
+
+ if ( buildResults != null )
+ {
+ BuildResult latestBuild = (BuildResult) buildResults.get( new Integer( project.getId() ) );
+
+ if ( latestBuild != null )
+ {
+ model.setLatestBuildId( latestBuild.getId() );
+ }
+ }
+ getLogger().debug( "GroupSummaryAction: adding model to group " + model.getName() );
+ projectModels.add( model );
}
- catch ( AuthorizationException e )
- {
- //Do nothing, just skip the current project group and continue processing the next
- }
+
+ //todo wire in the next scheduled build for the project group and a meaningful status message
+ //groupModel.setNextScheduledBuild( "unknown" );
+ //groupModel.setStatusMessage( "none" );
+
+ groupModel.setNumSuccesses( numSuccesses );
+ groupModel.setNumFailures( numFailures );
+ groupModel.setNumErrors( numErrors );
+ groupModel.setProjects( projectModels );
+ getLogger().debug( "GroupSummaryAction: adding group to groups list " + groupModel.getName() );
+ groups.add( groupModel );
}
}
@@ -219,5 +196,36 @@
public void setInfoMessage( String infoMessage )
{
this.infoMessage = infoMessage;
+ }
+
+ private boolean isAuthorized( ProjectGroup projectGroup )
+ {
+ // do the authz bit
+ ActionContext context = ActionContext.getContext();
+
+ PlexusContainer container = (PlexusContainer) context.getApplication().get( PlexusLifecycleListener.KEY );
+ SecuritySession securitySession =
+ (SecuritySession) context.getSession().get( SecuritySystemConstants.SECURITY_SESSION_KEY );
+
+ try
+ {
+ SecuritySystem securitySystem = (SecuritySystem) container.lookup( SecuritySystem.ROLE );
+
+ if ( !securitySystem.isAuthorized( securitySession, ContinuumRoleConstants.CONTINUUM_VIEW_GROUP_OPERATION,
+ projectGroup.getName() ) )
+ {
+ return false;
+ }
+ }
+ catch ( ComponentLookupException cle )
+ {
+ return false;
+ }
+ catch ( AuthorizationException ae )
+ {
+ return false;
+ }
+
+ return true;
}
}
Modified: maven/continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/WorkingCopyAction.java
URL: http://svn.apache.org/viewvc/maven/continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/WorkingCopyAction.java?view=diff&rev=495263&r1=495262&r2=495263
==============================================================================
--- maven/continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/WorkingCopyAction.java (original)
+++ maven/continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/WorkingCopyAction.java Thu Jan 11 07:47:50 2007
@@ -19,28 +19,33 @@
* under the License.
*/
+import com.opensymphony.webwork.ServletActionContext;
+import com.opensymphony.webwork.views.util.UrlHelper;
+import com.opensymphony.xwork.ActionContext;
import org.apache.maven.continuum.ContinuumException;
import org.apache.maven.continuum.model.project.Project;
+import org.apache.maven.continuum.security.ContinuumRoleConstants;
import org.apache.maven.continuum.web.util.WorkingCopyContentGenerator;
-
-import com.opensymphony.webwork.ServletActionContext;
-import com.opensymphony.webwork.views.util.UrlHelper;
+import org.codehaus.plexus.PlexusContainer;
+import org.codehaus.plexus.component.repository.exception.ComponentLookupException;
+import org.codehaus.plexus.security.authorization.AuthorizationException;
+import org.codehaus.plexus.security.system.SecuritySession;
+import org.codehaus.plexus.security.system.SecuritySystem;
+import org.codehaus.plexus.security.system.SecuritySystemConstants;
+import org.codehaus.plexus.xwork.PlexusLifecycleListener;
import javax.activation.MimetypesFileTypeMap;
-import java.util.HashMap;
-import java.util.List;
import java.io.File;
-import java.io.FileNotFoundException;
import java.io.FileInputStream;
+import java.io.FileNotFoundException;
import java.io.InputStream;
+import java.util.HashMap;
+import java.util.List;
/**
* @author <a href="mailto:evenisse@apache.org">Emmanuel Venisse</a>
* @version $Id$
- *
- * @plexus.component
- * role="com.opensymphony.xwork.Action"
- * role-hint="workingCopy"
+ * @plexus.component role="com.opensymphony.xwork.Action" role-hint="workingCopy"
*/
public class WorkingCopyAction
extends ContinuumActionSupport
@@ -81,51 +86,53 @@
projectName = project.getName();
- HashMap params = new HashMap();
+ if ( isAuthorized( project ) )
+ {
+ HashMap params = new HashMap();
- params.put( "projectId", new Integer( projectId ) );
+ params.put( "projectId", new Integer( projectId ) );
- params.put( "projectName", projectName );
+ params.put( "projectName", projectName );
- String baseUrl = UrlHelper.buildUrl( "/workingCopy.action", ServletActionContext.getRequest(), ServletActionContext.getResponse(), params );
+ String baseUrl = UrlHelper.buildUrl( "/workingCopy.action", ServletActionContext.getRequest(),
+ ServletActionContext.getResponse(), params );
- output = generator.generate( files, baseUrl, getContinuum().getWorkingDirectory( projectId ) );
+ output = generator.generate( files, baseUrl, getContinuum().getWorkingDirectory( projectId ) );
- if ( currentFile != null && currentFile != "" )
- {
- String dir;
+ if ( currentFile != null && currentFile != "" )
+ {
+ String dir;
- //TODO: maybe create a plexus component for this so that additional mimetypes can be easily added
- MimetypesFileTypeMap mimeTypesMap = new MimetypesFileTypeMap();
- mimeTypesMap.addMimeTypes( "application/java-archive jar war ear");
- mimeTypesMap.addMimeTypes( "application/java-class class" );
- mimeTypesMap.addMimeTypes( "image/png png" );
+ //TODO: maybe create a plexus component for this so that additional mimetypes can be easily added
+ MimetypesFileTypeMap mimeTypesMap = new MimetypesFileTypeMap();
+ mimeTypesMap.addMimeTypes( "application/java-archive jar war ear" );
+ mimeTypesMap.addMimeTypes( "application/java-class class" );
+ mimeTypesMap.addMimeTypes( "image/png png" );
+
+ if ( FILE_SEPARATOR.equals( userDirectory ) )
+ {
+ dir = userDirectory;
+ }
+ else
+ {
+ dir = FILE_SEPARATOR + userDirectory + FILE_SEPARATOR;
+ }
+
+ downloadFile = new File( getContinuum().getWorkingDirectory( projectId ) + dir + currentFile );
+ mimeType = mimeTypesMap.getContentType( downloadFile );
+
+ if ( ( mimeType.indexOf( "image" ) >= 0 ) || ( mimeType.indexOf( "java-archive" ) >= 0 ) ||
+ ( mimeType.indexOf( "java-class" ) >= 0 ) || ( downloadFile.length() > 100000 ) )
+ {
+ return "stream";
+ }
- if ( FILE_SEPARATOR.equals( userDirectory ) )
- {
- dir = userDirectory;
+ currentFileContent = getContinuum().getFileContent( projectId, userDirectory, currentFile );
}
else
{
- dir = FILE_SEPARATOR + userDirectory + FILE_SEPARATOR;
+ currentFileContent = "";
}
-
- downloadFile = new File( getContinuum().getWorkingDirectory( projectId ) + dir + currentFile );
- mimeType = mimeTypesMap.getContentType( downloadFile );
-
- if ( ( mimeType.indexOf( "image" ) >= 0 ) ||
- ( mimeType.indexOf( "java-archive" ) >= 0 ) ||
- ( mimeType.indexOf( "java-class" ) >= 0 ) ||
- ( downloadFile.length() > 100000 ) )
- {
- return "stream";
- }
-
- currentFileContent = getContinuum().getFileContent( projectId, userDirectory, currentFile );
- }
- else
- {
- currentFileContent = "";
}
return SUCCESS;
@@ -211,5 +218,36 @@
public Project getProject()
{
return project;
+ }
+
+ private boolean isAuthorized( Project project )
+ {
+ // do the authz bit
+ ActionContext context = ActionContext.getContext();
+
+ PlexusContainer container = (PlexusContainer) context.getApplication().get( PlexusLifecycleListener.KEY );
+ SecuritySession securitySession =
+ (SecuritySession) context.getSession().get( SecuritySystemConstants.SECURITY_SESSION_KEY );
+
+ try
+ {
+ SecuritySystem securitySystem = (SecuritySystem) container.lookup( SecuritySystem.ROLE );
+
+ if ( !securitySystem.isAuthorized( securitySession, ContinuumRoleConstants.CONTINUUM_VIEW_GROUP_OPERATION,
+ project.getProjectGroup().getName() ) )
+ {
+ return false;
+ }
+ }
+ catch ( ComponentLookupException cle )
+ {
+ return false;
+ }
+ catch ( AuthorizationException ae )
+ {
+ return false;
+ }
+
+ return true;
}
}
Modified: maven/continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/view/BuildCell.java
URL: http://svn.apache.org/viewvc/maven/continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/view/BuildCell.java?view=diff&rev=495263&r1=495262&r2=495263
==============================================================================
--- maven/continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/view/BuildCell.java (original)
+++ maven/continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/view/BuildCell.java Thu Jan 11 07:47:50 2007
@@ -22,6 +22,7 @@
import com.opensymphony.webwork.views.util.UrlHelper;
import com.opensymphony.xwork.ActionContext;
import org.apache.maven.continuum.web.model.ProjectSummary;
+import org.apache.maven.continuum.security.ContinuumRoleConstants;
import org.codehaus.plexus.PlexusContainer;
import org.codehaus.plexus.component.repository.exception.ComponentLookupException;
import org.codehaus.plexus.security.authorization.AuthorizationException;
@@ -146,7 +147,7 @@
{
SecuritySystem securitySystem = (SecuritySystem) container.lookup( SecuritySystem.ROLE );
- if ( !securitySystem.isAuthorized( securitySession, "continuum-build-group",
+ if ( !securitySystem.isAuthorized( securitySession, ContinuumRoleConstants.CONTINUUM_VIEW_GROUP_OPERATION,
project.getProjectGroupName() ) )
{
return false;
Modified: maven/continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/view/StateCell.java
URL: http://svn.apache.org/viewvc/maven/continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/view/StateCell.java?view=diff&rev=495263&r1=495262&r2=495263
==============================================================================
--- maven/continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/view/StateCell.java (original)
+++ maven/continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/view/StateCell.java Thu Jan 11 07:47:50 2007
@@ -21,10 +21,18 @@
import com.opensymphony.webwork.ServletActionContext;
import com.opensymphony.webwork.views.util.UrlHelper;
-
+import com.opensymphony.xwork.ActionContext;
import org.apache.maven.continuum.project.ContinuumProjectState;
import org.apache.maven.continuum.web.model.ProjectSummary;
import org.apache.maven.continuum.web.util.StateGenerator;
+import org.apache.maven.continuum.security.ContinuumRoleConstants;
+import org.codehaus.plexus.PlexusContainer;
+import org.codehaus.plexus.component.repository.exception.ComponentLookupException;
+import org.codehaus.plexus.security.authorization.AuthorizationException;
+import org.codehaus.plexus.security.system.SecuritySession;
+import org.codehaus.plexus.security.system.SecuritySystem;
+import org.codehaus.plexus.security.system.SecuritySystemConstants;
+import org.codehaus.plexus.xwork.PlexusLifecycleListener;
import org.extremecomponents.table.bean.Column;
import org.extremecomponents.table.cell.DisplayCell;
import org.extremecomponents.table.core.TableModel;
@@ -34,11 +42,10 @@
/**
* Used in Summary view
*
- * @deprecated use of cells is discouraged due to lack of i18n and design in java code.
- * Use jsp:include instead.
- *
* @author <a href="mailto:evenisse@apache.org">Emmanuel Venisse</a>
* @version $Id$
+ * @deprecated use of cells is discouraged due to lack of i18n and design in java code.
+ * Use jsp:include instead.
*/
public class StateCell
extends DisplayCell
@@ -59,7 +66,14 @@
if ( project.getLatestBuildId() != -1 && !StateGenerator.NEW.equals( state ) )
{
- return createActionLink( "buildResult", project, state );
+ if ( isAuthorized( project ) )
+ {
+ return createActionLink( "buildResult", project, state );
+ }
+ else
+ {
+ return state;
+ }
}
else
{
@@ -84,13 +98,42 @@
params.put( "buildId", new Integer( project.getLatestBuildId() ) );
- params.put( "projectGroupId", new Integer( project.getProjectGroupId()));
+ params.put( "projectGroupId", new Integer( project.getProjectGroupId() ) );
- String url = UrlHelper.buildUrl( "/" + action + ".action",
- ServletActionContext.getRequest(),
- ServletActionContext.getResponse(),
- params );
+ String url = UrlHelper.buildUrl( "/" + action + ".action", ServletActionContext.getRequest(),
+ ServletActionContext.getResponse(), params );
return "<a href=\"" + url + "\">" + state + "</a>";
+ }
+
+ private boolean isAuthorized( ProjectSummary project )
+ {
+ // do the authz bit
+ ActionContext context = ActionContext.getContext();
+
+ PlexusContainer container = (PlexusContainer) context.getApplication().get( PlexusLifecycleListener.KEY );
+ SecuritySession securitySession =
+ (SecuritySession) context.getSession().get( SecuritySystemConstants.SECURITY_SESSION_KEY );
+
+ try
+ {
+ SecuritySystem securitySystem = (SecuritySystem) container.lookup( SecuritySystem.ROLE );
+
+ if ( !securitySystem.isAuthorized( securitySession, ContinuumRoleConstants.CONTINUUM_VIEW_GROUP_OPERATION,
+ project.getProjectGroupName() ) )
+ {
+ return false;
+ }
+ }
+ catch ( ComponentLookupException cle )
+ {
+ return false;
+ }
+ catch ( AuthorizationException ae )
+ {
+ return false;
+ }
+
+ return true;
}
}
Modified: maven/continuum/trunk/continuum-webapp/src/main/webapp/WEB-INF/jsp/components/projectGroupNotifierSummaryComponent.jsp
URL: http://svn.apache.org/viewvc/maven/continuum/trunk/continuum-webapp/src/main/webapp/WEB-INF/jsp/components/projectGroupNotifierSummaryComponent.jsp?view=diff&rev=495263&r1=495262&r2=495263
==============================================================================
--- maven/continuum/trunk/continuum-webapp/src/main/webapp/WEB-INF/jsp/components/projectGroupNotifierSummaryComponent.jsp (original)
+++ maven/continuum/trunk/continuum-webapp/src/main/webapp/WEB-INF/jsp/components/projectGroupNotifierSummaryComponent.jsp Thu Jan 11 07:47:50 2007
@@ -82,15 +82,16 @@
</ec:row>
</ec:table>
</ww:if>
- <div class="functnbar3">
- <pss:ifAuthorized permission="continuum-modify-group" resource="${projectGroupName}">
- <ww:url id="addUrl" action="addProjectGroupNotifier" namespace="/" includeContext="false" includeParams="none" />
- <ww:form action="%{addUrl}" method="post">
- <input type="hidden" name="projectGroupId" value="<ww:property value="projectGroupId"/>"/>
- <ww:submit value="%{getText('add')}"/>
- </ww:form>
- </pss:ifAuthorized>
- </div>
+
+ <pss:ifAuthorized permission="continuum-modify-group" resource="${projectGroupName}">
+ <div class="functnbar3">
+ <ww:url id="addUrl" action="addProjectGroupNotifier" namespace="/" includeContext="false" includeParams="none" />
+ <ww:form action="%{addUrl}" method="post">
+ <input type="hidden" name="projectGroupId" value="<ww:property value="projectGroupId"/>"/>
+ <ww:submit value="%{getText('add')}"/>
+ </ww:form>
+ </div>
+ </pss:ifAuthorized>
<ww:if test="${not empty projectNotifierSummaries}">
<h3>Project Notifiers</h3>
Modified: maven/continuum/trunk/continuum-webapp/src/main/webapp/WEB-INF/jsp/components/projectSummaryComponent.jsp
URL: http://svn.apache.org/viewvc/maven/continuum/trunk/continuum-webapp/src/main/webapp/WEB-INF/jsp/components/projectSummaryComponent.jsp?view=diff&rev=495263&r1=495262&r2=495263
==============================================================================
--- maven/continuum/trunk/continuum-webapp/src/main/webapp/WEB-INF/jsp/components/projectSummaryComponent.jsp (original)
+++ maven/continuum/trunk/continuum-webapp/src/main/webapp/WEB-INF/jsp/components/projectSummaryComponent.jsp Thu Jan 11 07:47:50 2007
@@ -72,7 +72,7 @@
</pss:elseAuthorized>
</ec:column>
<ec:column property="buildHistoryAction" title=" " width="1%">
- <pss:ifAuthorized permission="continuum-modify-group" resource="${projectGroupName}">
+ <pss:ifAuthorized permission="continuum-view-group" resource="${projectGroupName}">
<c:choose>
<c:when test="${pageScope.project.latestBuildId > 0}">
<ww:url id="buildResultsUrl" action="buildResults" namespace="/">
@@ -94,7 +94,7 @@
</pss:elseAuthorized>
</ec:column>
<ec:column property="workingCopyAction" title=" " width="1%">
- <pss:ifAuthorized permission="continuum-modify-group" resource="${projectGroupName}">
+ <pss:ifAuthorized permission="continuum-view-group" resource="${projectGroupName}">
<c:choose>
<c:when test="${pageScope.project.state == 10 || pageScope.project.state == 2 || pageScope.project.state == 3 || pageScope.project.state == 4 || pageScope.project.state == 6}">
<ww:url id="workingCopyUrl" action="workingCopy" namespace="/">
@@ -115,7 +115,7 @@
</pss:elseAuthorized>
</ec:column>
<ec:column property="releaseAction" title=" " width="1%" sortable="false">
- <pss:ifAuthorized permission="continuum-modify-group" resource="${projectGroupName}">
+ <pss:ifAuthorized permission="continuum-build-group" resource="${projectGroupName}">
<c:choose>
<c:when test="${pageScope.project.state == 2}">
<ww:url id="releaseProjectUrl" action="releasePromptGoal" namespace="/">