[MRM-1686] stop support of struts2 webapp.

move redback part to retired.



git-svn-id: https://svn.apache.org/repos/asf/archiva/redback/redback-core/trunk@1395894 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Olivier Lamy 2012-10-09 07:59:02 +00:00
parent ad474747bd
commit 0986c88851
143 changed files with 0 additions and 15763 deletions

View File

@ -1,70 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Licensed to the Apache Software Foundation (ASF) under one
~ or more contributor license agreements. See the NOTICE file
~ distributed with this work for additional information
~ regarding copyright ownership. The ASF licenses this file
~ to you under the Apache License, Version 2.0 (the
~ "License"); you may not use this file except in compliance
~ with the License. You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-integrations</artifactId>
<version>2.1-SNAPSHOT</version>
</parent>
<artifactId>redback-struts2</artifactId>
<name>Redback :: Integration :: Struts 2</name>
<packaging>pom</packaging>
<properties>
<struts.version>2.2.3.1</struts.version>
</properties>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.apache.struts</groupId>
<artifactId>struts2-spring-plugin</artifactId>
<version>${struts.version}</version>
</dependency>
<dependency>
<groupId>org.apache.struts</groupId>
<artifactId>struts2-core</artifactId>
<version>${struts.version}</version>
</dependency>
<dependency>
<groupId>org.apache.struts</groupId>
<artifactId>struts2-junit-plugin</artifactId>
<version>${struts.version}</version>
</dependency>
<dependency>
<groupId>org.apache.struts.xwork</groupId>
<artifactId>xwork-core</artifactId>
<version>${struts.version}</version>
</dependency>
<dependency>
<groupId>ognl</groupId>
<artifactId>ognl</artifactId>
<version>3.0.2</version>
</dependency>
</dependencies>
</dependencyManagement>
<modules>
<module>redback-struts2-integration</module>
<module>redback-struts2-content</module>
</modules>
</project>

View File

@ -1,112 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Licensed to the Apache Software Foundation (ASF) under one
~ or more contributor license agreements. See the NOTICE file
~ distributed with this work for additional information
~ regarding copyright ownership. The ASF licenses this file
~ to you under the Apache License, Version 2.0 (the
~ "License"); you may not use this file except in compliance
~ with the License. You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-struts2</artifactId>
<version>2.1-SNAPSHOT</version>
</parent>
<artifactId>redback-struts2-content</artifactId>
<name>Redback :: Integration :: Struts 2 Content War</name>
<packaging>war</packaging>
<dependencies>
<dependency>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-struts2-integration</artifactId>
</dependency>
<dependency>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-common-integrations</artifactId>
</dependency>
<dependency>
<groupId>commons-lang</groupId>
<artifactId>commons-lang</artifactId>
</dependency>
<dependency>
<groupId>commons-digester</groupId>
<artifactId>commons-digester</artifactId>
</dependency>
<dependency>
<groupId>ognl</groupId>
<artifactId>ognl</artifactId>
</dependency>
<dependency>
<groupId>jpox</groupId>
<artifactId>jpox</artifactId>
<scope>compile</scope>
<exclusions>
<!-- targeting JDK 1.4 we don't need this -->
<exclusion>
<groupId>javax.sql</groupId>
<artifactId>jdbc-stdext</artifactId>
</exclusion>
<exclusion>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
</exclusion>
<exclusion>
<groupId>javax.resource</groupId>
<artifactId>connector</artifactId>
</exclusion>
<exclusion>
<groupId>javax.transaction</groupId>
<artifactId>jta</artifactId>
</exclusion>
</exclusions>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<configuration>
<warSourceExcludes>WEB-INF/lib/**</warSourceExcludes>
</configuration>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>jspc-maven-plugin</artifactId>
<version>1.4.6</version>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>compile</goal>
</goals>
</execution>
</executions>
<configuration>
<warSourceDirectory>${project.build.directory}/${project.build.finalName}/</warSourceDirectory>
<!--
Uncomment outputWebXml if you want the generated web.xml to
be placed in the working directory that the war:war mojo uses.
-->
<!--
<outputWebXml>${project.build.directory}/${project.build.finalName}/WEB-INF/web.xml</outputWebXml>
-->
</configuration>
</plugin>
</plugins>
</build>
</project>

View File

@ -1,348 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Licensed to the Apache Software Foundation (ASF) under one
~ or more contributor license agreements. See the NOTICE file
~ distributed with this work for additional information
~ regarding copyright ownership. The ASF licenses this file
~ to you under the Apache License, Version 2.0 (the
~ "License"); you may not use this file except in compliance
~ with the License. You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<!DOCTYPE struts PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
"http://struts.apache.org/dtds/struts-2.0.dtd">
<!-- ==================================================================
Redback Security Tools
This should contain the /security namespaced action configurations.
These configurations will likely not need changing.
These configurations point to the overlaid jsp files.
================================================================== -->
<struts>
<!-- ==================================================================
Security Tools for Users
All Users should be able to access and use the actions contained
within this package.
================================================================== -->
<package name="security" extends="struts-default" namespace="/security">
<result-types>
<result-type name="security-external" class="securityExternalResult" />
</result-types>
<interceptors>
<interceptor name="redbackForceAdminUser" class="redbackForceAdminUserInterceptor"/>
<interceptor name="redbackEnvCheck" class="redbackEnvironmentCheckInterceptor"/>
<interceptor name="redbackAutoLogin" class="redbackAutoLoginInterceptor"/>
<interceptor name="redbackPolicyEnforcement" class="redbackPolicyEnforcementInterceptor"/>
<interceptor name="redbackSecureActions" class="redbackSecureActionInterceptor"/>
<!--
Stacks are order dependent and fail silently by not running the referenced stack.
Make sure that redbackCommonStack remains above is usages.
-->
<interceptor-stack name="redbackCommonStack">
<interceptor-ref name="redbackEnvCheck"/>
<interceptor-ref name="redbackForceAdminUser"/>
<interceptor-ref name="redbackAutoLogin"/>
<interceptor-ref name="redbackPolicyEnforcement"/>
<interceptor-ref name="redbackSecureActions">
<param name="enableReferrerCheck">true</param>
</interceptor-ref>
</interceptor-stack>
<interceptor-stack name="securedStack">
<interceptor-ref name="defaultStack"/>
<interceptor-ref name="redbackCommonStack"/>
<interceptor-ref name="tokenSession">
<param name="excludeMethods">*</param>
</interceptor-ref>
</interceptor-stack>
<interceptor-stack name="securedPrepareParamsStack">
<interceptor-ref name="paramsPrepareParamsStack"/>
<interceptor-ref name="redbackCommonStack"/>
</interceptor-stack>
</interceptors>
<default-interceptor-ref name="securedStack"/>
<global-results>
<result name="security-admin-user-needed" type="redirectAction">
<param name="actionName">addadmin</param>
<param name="namespace">/security</param>
</result>
<result name="requires-authentication">/WEB-INF/jsp/redback/requiresAuthentication.jsp</result>
<result name="requires-authorization">/WEB-INF/jsp/redback/accessDenied.jsp</result>
<result name="security-must-change-password" type="redirectAction">
<param name="actionName">password</param>
<param name="namespace">/security</param>
</result>
<result name="security-resend-validation-email" type="redirectAction">
<param name="actionName">userlist</param>
<param name="namespace">/security</param>
</result>
<result name="invalid.token">/WEB-INF/jsp/redback/invalidToken.jsp</result>
</global-results>
<action name="login" class="redback-login" method="show">
<result name="input">/WEB-INF/jsp/redback/login.jsp</result>
<result name="error">/WEB-INF/jsp/redback/login.jsp</result>
<result name="security-login-success" type="security-external">
<param name="externalResult">security-login-success</param>
</result>
<result name="cancel" type="security-external">
<param name="externalResult">security-login-cancel</param>
</result>
<result name="security-login-locked" type="security-external">
<param name="externalResult">security-login-locked</param>
</result>
</action>
<action name="logout" class="redback-logout" method="logout">
<result name="security-logout" type="security-external">
<param name="externalResult">security-logout</param>
</result>
</action>
<action name="register" class="redback-register" method="show">
<result name="input">/WEB-INF/jsp/redback/register.jsp</result>
<result name="error">/WEB-INF/jsp/redback/register.jsp</result>
<result name="validation-note">/WEB-INF/jsp/redback/validationNotification.jsp</result>
<result name="security-register-success" type="security-external">
<param name="externalResult">security-register-success</param>
</result>
<result name="cancel" type="security-external">
<param name="externalResult">security-register-cancel</param>
</result>
</action>
<action name="account" class="redback-account" method="show">
<result name="input">/WEB-INF/jsp/redback/account.jsp</result>
<result name="error">/WEB-INF/jsp/redback/account.jsp</result>
<result name="security-account-success" type="security-external">
<param name="externalResult">security-account-success</param>
</result>
<result name="cancel" type="security-external">
<param name="externalResult">security-account-cancel</param>
</result>
</action>
<action name="password" class="redback-password" method="show">
<result name="input">/WEB-INF/jsp/redback/password.jsp</result>
<result name="error">/WEB-INF/jsp/redback/password.jsp</result>
<result name="security-login-success" type="security-external">
<param name="externalResult">security-login-success</param>
</result>
<result name="security-register-success" type="security-external">
<param name="externalResult">security-register-success</param>
</result>
<result name="success" type="redirect">${targetUrl}</result>
<result name="cancel" type="redirectAction">
<param name="actionName">logout</param>
<param name="namespace">/security</param>
</result>
<result name="security-change-password-success">/WEB-INF/jsp/redback/changePasswordSuccess.jsp</result>
</action>
<action name="passwordReset" class="redback-password-reset" method="show">
<result name="input">/WEB-INF/jsp/redback/requestPasswordReset.jsp</result>
<result name="none">/WEB-INF/jsp/redback/login.jsp</result>
</action>
<action name="addadmin" class="redback-admin-account" method="show">
<interceptor-ref name="defaultStack"/>
<result name="input">/WEB-INF/jsp/redback/admin/createAdmin.jsp</result>
<result name="error">/WEB-INF/jsp/redback/admin/createAdmin.jsp</result>
<result name="login-error">/WEB-INF/jsp/redback/login.jsp</result>
<result name="security-login-success" type="security-external">
<param name="externalResult">security-login-success</param>
</result>
<result name="security-login-locked" type="security-external">
<param name="externalResult">security-login-locked</param>
</result>
</action>
<!-- ==================================================================
Security Tools for Administrators
Only Administrators should be able to access and use these actions
================================================================== -->
<action name="systeminfo" class="redback-sysinfo" method="show">
<result>/WEB-INF/jsp/redback/admin/systemInformation.jsp</result>
</action>
<action name="adminConsole" class="redback-admin-console" method="show">
<result>/WEB-INF/jsp/redback/admin/console.jsp</result>
</action>
<action name="report" class="redback-report" method="generate">
<result name="error" type="redirectAction">userlist</result>
</action>
<action name="userlist" class="redback-admin-user-list" method="show">
<result name="input">/WEB-INF/jsp/redback/admin/userList.jsp</result>
<result name="success">/WEB-INF/jsp/redback/admin/userList.jsp</result>
</action>
<action name="useredit" class="redback-admin-user-edit" method="edit">
<result name="input">/WEB-INF/jsp/redback/admin/userEdit.jsp</result>
<result name="error">/WEB-INF/jsp/redback/admin/userEdit.jsp</result>
<result name="confirm">/WEB-INF/jsp/redback/admin/confirmUserAdministrator.jsp</result>
<result name="confirmError">/WEB-INF/jsp/redback/admin/confirmUserAdministrator.jsp</result>
<result name="success" type="redirectAction">userlist</result>
<result name="cancel" type="redirectAction">userlist</result>
</action>
<action name="usercreate" class="redback-admin-user-create" method="show">
<result name="input">/WEB-INF/jsp/redback/admin/userCreate.jsp</result>
<result name="error">/WEB-INF/jsp/redback/admin/userCreate.jsp</result>
<result name="success" type="redirectAction">
<param name="actionName">assignments</param>
<param name="principal">${user.username}</param>
</result>
<interceptor-ref name="securedStack">
<param name="tokenSession.includeMethods">*</param>
</interceptor-ref>
</action>
<action name="userdelete" class="redback-admin-user-delete" method="confirm">
<result name="input">/WEB-INF/jsp/redback/admin/userDelete.jsp</result>
<result name="error" type="redirectAction">userlist</result>
<result name="success" type="redirectAction">userlist</result>
<result name="cancel" type="redirectAction">userlist</result>
<interceptor-ref name="securedStack">
<param name="tokenSession.includeMethods">*</param>
</interceptor-ref>
</action>
<!-- ==== RBAC Actions ========================================== -->
<!-- This action is meant to be embedded within the User Edit action output jsp.
It is injected using the <ww:action> taglib -->
<action name="assignments" class="redback-assignments" method="show">
<interceptor-ref name="securedStack"/>
<result name="input">/WEB-INF/jsp/redback/admin/assignments.jsp</result>
<result name="error">/WEB-INF/jsp/redback/include/error.jsp</result>
<result name="success">/WEB-INF/jsp/redback/admin/assignments.jsp</result>
</action>
<action name="addRolesToUser" class="redback-assignments" method="edituser">
<result name="success" type="redirectAction">userlist</result>
<interceptor-ref name="securedStack">
<param name="tokenSession.includeMethods">*</param>
</interceptor-ref>
</action>
<action name="removeRolesFromUser" class="redback-assignments" method="edituser">
<result name="success" type="redirectAction">userlist</result>
</action>
<action name="rolecreate" class="redback-role-create" method="show">
<result name="input">/WEB-INF/jsp/redback/admin/roleCreate.jsp</result>
<result name="error">/WEB-INF/jsp/redback/admin/roleCreate.jsp</result>
<result name="success" type="redirectAction">userlist</result>
<interceptor-ref name="securedStack">
<param name="tokenSession.includeMethods">*</param>
</interceptor-ref>
</action>
<action name="role" class="redback-role-edit" method="input">
<result name="input">/WEB-INF/jsp/redback/admin/role.jsp</result>
<result name="error">/WEB-INF/jsp/redback/admin/role.jsp</result>
<result name="success" type="redirectAction">roles</result>
</action>
<action name="roleedit" class="redback-role-edit" method="edit">
<result name="input">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
<result name="error">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
<result name="success" type="redirectAction">roles</result>
</action>
<action name="rolesave" class="redback-role-edit" method="save">
<result name="input">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
<result name="error">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
<result name="success" type="redirectAction">roles</result>
<interceptor-ref name="securedStack">
<param name="tokenSession.includeMethods">*</param>
</interceptor-ref>
</action>
<action name="roleusersadd" class="redback-role-edit" method="addUsers">
<result name="input">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
<result name="error">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
<result name="success">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
<interceptor-ref name="securedStack">
<param name="tokenSession.includeMethods">*</param>
</interceptor-ref>
</action>
<action name="roleusersremove" class="redback-role-edit" method="removeUsers">
<result name="input">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
<result name="error">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
<result name="success">/WEB-INF/jsp/redback/admin/roleEdit.jsp</result>
<interceptor-ref name="securedStack">
<param name="tokenSession.includeMethods">*</param>
</interceptor-ref>
</action>
<action name="roleSummary" class="redback-roles" method="list">
<result name="list">/WEB-INF/jsp/redback/admin/roleSummary.jsp</result>
</action>
<action name="roles" class="redback-roles" method="list">
<result name="list">/WEB-INF/jsp/redback/admin/roleList.jsp</result>
</action>
<action name="permissions" class="redback-permissions" method="list">
<result name="list">/WEB-INF/jsp/redback/admin/permissionList.jsp</result>
</action>
<action name="operations" class="redback-operations" method="list">
<result name="list">/WEB-INF/jsp/redback/admin/operationList.jsp</result>
</action>
<action name="resources" class="redback-resources" method="list">
<result name="list">/WEB-INF/jsp/redback/admin/resourceList.jsp</result>
</action>
<action name="roleModel" class="redback-role-model" method="view">
<result name="success">/WEB-INF/jsp/redback/admin/roleModel.jsp</result>
</action>
<!--
Backup Restore actions
-->
<action name="backupRestore" class="backup-restore" method="view">
<result>/WEB-INF/jsp/redback/admin/backupRestore.jsp</result>
</action>
<action name="backup" class="backup-restore" method="backup">
<result name="custom_error">/WEB-INF/jsp/redback/admin/backupRestore.jsp</result>
<result type="redirectAction">backupRestore</result>
</action>
<action name="restore" class="backup-restore" method="restore">
<result name="custom_error">/WEB-INF/jsp/redback/admin/backupRestore.jsp</result>
<result name="success" type="redirectAction">backupRestore</result>
</action>
</package>
</struts>

View File

@ -1,46 +0,0 @@
<%--
~ Copyright 2005-2006 The Apache Software Foundation.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="access.denied.page.title"/></title>
</head>
<body>
<h4><s:text name="access.denied.section.title"/></h4>
<div id="results">
<%-- This is where the "Account Created Successfully" type message goes. --%>
<div class="success">
<s:actionmessage />
</div>
<%-- This is where errors from the action and other non-form field specific errors appear. --%>
<div class="errors">
<s:actionerror />
</div>
</div>
<p>
<s:text name="access.denied.message"/>
</p>
</body>
</s:i18n>
</html>

View File

@ -1,47 +0,0 @@
<%--
~ Copyright 2005-2006 The Apache Software Foundation.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<%@ taglib prefix="redback" uri="/redback/taglib-1.0"%>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="account.details.page.title"/></title>
</head>
<body>
<%@ include file="/WEB-INF/jsp/redback/include/formValidationResults.jsp" %>
<h2><s:text name="account.details.section.title"/></h2>
<s:form action="account" namespace="/security" theme="xhtml"
id="registerForm" method="post" name="register" cssClass="security register">
<%@ include file="/WEB-INF/jsp/redback/include/userCredentials.jsp" %>
<redback:isReadOnlyUserManager>
<s:submit value="%{getText('goback')}" method="cancel" />
</redback:isReadOnlyUserManager>
<redback:isNotReadOnlyUserManager>
<s:submit value="%{getText('submit')}" method="submit" />
<s:submit value="%{getText('cancel')}" method="cancel" />
</redback:isNotReadOnlyUserManager>
</s:form>
</body>
</s:i18n>
</html>

View File

@ -1,26 +0,0 @@
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<%--
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
</body>
</html>

View File

@ -1,176 +0,0 @@
<%--
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/functions" prefix="fn" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="assignments.page.title"/></title>
</head>
<body>
<h2><s:text name="assignments.section.title"/></h2>
<div class="axial">
<table border="1" cellspacing="2" cellpadding="3" width="100%">
<s:label label="%{getText('username')}" name="principal"/>
<s:label label="%{getText('full.name')}" name="user.fullName"/>
<s:label label="%{getText('email')}" name="user.email"/>
</table>
</div>
<!--<h3><s:text name="assignments.available.roles"/></h3>-->
<s:form action="addRolesToUser" namespace="/security" name="addRoles">
<s:hidden name="principal"/>
<s:hidden name="addRolesButton" value="true"/>
<s:token/>
<s:iterator id="application" value="applicationRoleDetails">
<h3><c:out value="${application.name}" /></h3>
<c:if test="${!empty application.description}">
<p><i><c:out value="${application.description}" /></i></p>
</c:if>
<c:if test="${!empty assignedRoles}">
<h5><s:text name="assignments.assigned.roles"/></h5>
<table>
<s:iterator id="assignedRole" value="assignedRoles">
<s:checkbox label="%{assignedRole}" name="addNDSelectedRoles" fieldValue="%{assignedRole}"/>
</s:iterator>
</table>
</c:if>
<c:if test="${!empty availableRoles}">
<h5><s:text name="assignments.available.roles"/></h5>
<table>
<s:iterator id="availableRole" value="availableRoles">
<s:checkbox label="%{availableRole}" name="addNDSelectedRoles" value="false" fieldValue="%{availableRole}"/>
</s:iterator>
</table>
</c:if>
<c:if test="${!empty table}">
<h5><s:text name="assignments.resource.roles"/></h5>
<table>
<tr>
<td></td>
<s:iterator id="column" value="tableHeader">
<td>${column.namePrefix}</td>
</s:iterator>
</tr>
<c:forEach var="row" items="${table}">
<tr>
<c:forEach var="column" items="${row}">
<c:choose>
<c:when test="${column.label}">
<td>${column.name}</td>
</c:when>
<c:when test="${column.assigned}">
<td>
<center>
<input type="checkbox" name="addDSelectedRoles" value="${column.name}" checked="checked"/>
</center>
</td>
</c:when>
<c:when test="${column.effectivelyAssigned}">
<td>
<center>
<input type="checkbox" name="addDSelectedRoles" value="${column.name}" disabled="disabled"/>
</center>
</td>
</c:when>
<c:otherwise>
<td>
<center>
<input type="checkbox" name="addDSelectedRoles" value="${column.name}"/>
</center>
</td>
</c:otherwise>
</c:choose>
</c:forEach>
</tr>
</c:forEach>
</table>
</c:if>
</s:iterator>
<%--
<h4>Global Roles</h4>
<s:checkboxlist list="nondynamicroles" name="addNDSelectedRoles" value="NDRoles" theme="redback"/>
<br/>
<h4>Resource Roles</h4>
<c:choose>
<c:when test="${!empty dynamicroles}">
<c:set var="numtemplates" value="0"/>
<table border="1">
<tr>
<td>&nbsp</td>
<s:iterator id="template" value="templates">
<td>${template.namePrefix}</td>
<c:set var="numtemplates" value="${numtemplates + 1}"/>
</s:iterator>
</tr>
<tr>
<c:set var="count" value="0"/>
<s:iterator id="dynamicrole" value="dynamicroles" status="row_status">
<c:if test="${count == 0}">
<td>${dynamicrole.resource}</td>
</c:if>
<c:set var="chkbx" value="<input type='checkbox' name='addDSelectedRoles' value='${dynamicrole.name}'/>"/>
<s:iterator id="drole" value="DRoles">
<c:if test="${(drole == dynamicrole.name)}">
<c:set var="chkbx" value="<input type='checkbox' name='addDSelectedRoles' value='${dynamicrole.name}' checked='yes'/>"/>
</c:if>
</s:iterator>
<td><center>${chkbx}</center></td>
<c:set var="count" value="${count + 1}"/>
<c:if test="${count == numtemplates}">
<c:choose>
<c:when test="${row_status.last}">
</tr>
</c:when>
<c:otherwise>
</tr><tr>
</c:otherwise>
</c:choose>
<c:set var="count" value="0"/>
</c:if>
</s:iterator>
</table>
</c:when>
<c:otherwise>
<p><em><s:text name="assignments.no.roles.to.grant"/></em></p>
</c:otherwise>
</c:choose>
--%>
<br/>
<s:submit value="%{getText('assignments.submit')}" name="submitRolesButton" theme="simple" />
<br/>
<s:reset type="button" value="%{getText('assignments.reset')}" name="resetRolesButton" theme="simple" />
</s:form>
</body>
</s:i18n>
</html>

View File

@ -1,109 +0,0 @@
<%--
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib uri="/struts-tags" prefix="s"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="backupRestore.page.title"/></title>
</head>
<body>
<div id="h3">
<h3><s:text name="backupRestore.section.backup.title"/></h3>
<c:if test="${!empty actionErrors}">
<div class="errormessage">
<s:iterator value="actionErrors">
<p><s:text name="<s:property/>" /></p>
</s:iterator>
</div>
</c:if>
<p>
You can back up the application data for this installation to prevent data loss in the case of system failures.
The application will be inaccessible while the backup takes place.
</p>
<p>
A backup will be stored on the server in a dated subdirectory of the backup directory:
<code>
<s:property value="backupDirectory" />
</code>
</p>
<s:form action="backup" method="post" >
<s:submit value="Create Backup" theme="simple"/>
</s:form>
</div>
<div id="h3">
<h3><s:text name="backupRestore.section.restore.title"/></h3>
<p>
You can reset the system to a previous state by using the
restore function, or use it to import data from another version of this application.
</p>
<p>
You can specify the directory where the backup files are located, or select from one of the recent backups in the configured
backup directory.
</p>
<s:form action="restore" method="post" validate="true">
<table>
<s:textfield name="restoreDirectory" label="Backup directory"
size="70" required="true" />
<s:submit value="Restore Backup" theme="simple" />
</table>
</s:form>
</div>
<div id="h3">
<h4><s:text name="backupRestore.section.recent.backup"/></h4>
<s:set name="previousBackups" value="previousBackups" />
<c:choose>
<c:when test="${empty(previousBackups)}">
<div class="warningmessage">
No previous backups found in the default backup directory.
</div>
</c:when>
<c:otherwise>
<table>
<c:forEach var="backup" items="${previousBackups}">
<tr>
<td>
<fmt:formatDate value="${backup.date}" pattern="EEE MMM dd, yyyy 'at' HH:mm:ss" />
</td>
<td>
<c:if test="${backup.userDatabase}">
<c:set var="url">
<s:url action="restore">
<s:param name="restoreDirectory">${backup.directory}</s:param>
<s:param name="userDatabase" value="true" />
</s:url>
</c:set>
<a href="${url}">Restore Users</a>
</c:if>
</td>
</tr>
</c:forEach>
</table>
</c:otherwise>
</c:choose>
</div>
</body>
</s:i18n>
</html>

View File

@ -1,63 +0,0 @@
<%--
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags"%>
<%@ taglib prefix="redback" uri="/redback/taglib-1.0"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="user.edit.confirm.page.title"/></title>
</head>
<body>
<%@ include file="/WEB-INF/jsp/redback/include/formValidationResults.jsp" %>
<h2><s:text name="user.edit.confirm.section.title"/></h2>
<redback:ifAuthorized permission="user-management-user-edit" resource="${user.username}">
<s:form action="useredit" namespace="/security" theme="xhtml"
id="userEditForm" method="post" cssClass="security userEdit">
<redback:isNotReadOnlyUserManager>
<p>
You must re-confirm your password to proceed with the request to
<strong>edit the account information</strong> for user: <strong>${user.username}</strong>
</p>
<s:password label="%{getText('user.admin.password')}" name="userAdminPassword" size="20" required="true"/>
<s:hidden label="Username" name="username" />
<s:hidden name="user.username" value="%{user.username}"/>
<s:hidden name="user.fullName" value="%{user.fullName}"/>
<s:hidden name="user.email" value="%{user.email}"/>
<s:hidden name="user.password" value="%{user.password}"/>
<s:hidden name="user.confirmPassword" value="%{user.confirmPassword}"/>
<s:hidden name="user.timestampAccountCreation" value="%{user.timestampAccountCreation}"/>
<s:hidden name="user.timestampLastLogin" value="%{user.timestampLastLogin}"/>
<s:hidden name="user.timestampLastPasswordChange" value="%{user.timestampLastPasswordChange}"/>
<s:hidden name="user.locked" value="%{user.locked}"/>
<s:hidden name="user.passwordChangeRequired" value="%{user.passwordChangeRequired}"/>
<s:hidden name="method:confirmAdminPassword" value="Submit"/>
<s:submit id="confirmUserAdminSubmit" value="%{getText('submit')}" method="confirmAdminPassword" />
<s:submit id="cancelUserAdminSubmit" value="%{getText('cancel')}" method="cancel" />
</redback:isNotReadOnlyUserManager>
</s:form>
</redback:ifAuthorized>
</body>
</s:i18n>
</html>

View File

@ -1,40 +0,0 @@
<%--
~ Copyright 2005-2006 The Apache Software Foundation.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="create.admin.page.title"/></title>
</head>
<body>
<c:import url="/WEB-INF/jsp/redback/include/formValidationResults.jsp" />
<h2><s:text name="create.admin.section.title"/></h2>
<s:form action="addadmin!submit" namespace="/security" theme="xhtml"
id="adminCreateForm" method="post" name="admincreate" cssClass="security adminCreate">
<c:import url="/WEB-INF/jsp/redback/include/userCredentials.jsp" />
<s:submit value="%{getText('create.admin')}" />
</s:form>
</body>
</s:i18n>
</html>

View File

@ -1,81 +0,0 @@
<%--
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="operation.list.page.title"/></title>
</head>
<body>
<%@ include file="/WEB-INF/jsp/redback/include/rbacListNavigation.jsp" %>
<h2><s:text name="operation.list.section.title"/></h2>
<%@ include file="/WEB-INF/jsp/redback/include/formValidationResults.jsp" %>
<s:form action="operations!remove" method="post" theme="simple">
<table>
<c:choose>
<c:when test="${!empty allOperations}">
<thead>
<tr>
<th>&nbsp;</th>
<th><s:text name="name"/></th>
<th><s:text name="description"/></th>
</tr>
</thead>
<c:forEach var="operation" items="${allOperations}">
<tr>
<td>
<s:checkbox name="selectedOperations" fieldValue="%{operation.name}" />
</td>
<td>
<s:url id="operationUrl" action="operation-edit">
<s:param name="operationName">${operation.name}</s:param>
</s:url>
<s:a href="%{operationUrl}"><c:out value="${operation.name}" /></s:a>
</td>
<td>
<c:out value="${operation.description}" />
</td>
</tr>
</c:forEach>
</c:when>
<c:otherwise>
<p><em><s:text name="operation.list.no.operations.available"/></em></p>
</c:otherwise>
</c:choose>
<tr>
<td colspan="3">
<s:submit value="%{getText('remove.selected.roles')}" />
</td>
</tr>
</table>
</s:form>
</body>
</s:i18n>
</html>

View File

@ -1,81 +0,0 @@
<%--
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="permission.list.page.title"/></title>
</head>
<body>
<%@ include file="/WEB-INF/jsp/redback/include/rbacListNavigation.jsp" %>
<h2><s:text name="permission.list.section.title"/></h2>
<%@ include file="/WEB-INF/jsp/redback/include/formValidationResults.jsp" %>
<s:form action="permissions!remove" method="post" theme="simple">
<table>
<c:choose>
<c:when test="${!empty allPermissions}">
<thead>
<tr>
<th>&nbsp;</th>
<th><s:text name="name"/></th>
<th><s:text name="description"/></th>
</tr>
</thead>
<c:forEach var="permission" items="${allPermissions}">
<tr>
<td>
<s:checkbox name="selectedPermissions" fieldValue="%{permission.name}" />
</td>
<td>
<s:url id="permissionUrl" action="permission-edit">
<s:param name="permissionName">${permission.name}</s:param>
</s:url>
<s:a href="%{permissionUrl}"><c:out value="${permission.name}" /></s:a>
</td>
<td>
<c:out value="${permission.description}" />
</td>
</tr>
</c:forEach>
</c:when>
<c:otherwise>
<p><em><s:text name="permission.list.no.permissions.available"/></em></p>
</c:otherwise>
</c:choose>
<tr>
<td colspan="3">
<s:submit value="%{getText('remove.selected.roles')}" />
</td>
</tr>
</table>
</s:form>
</body>
</s:i18n>
</html>

View File

@ -1,81 +0,0 @@
<%--
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="resource.list.page.title"/></title>
</head>
<body>
<%@ include file="/WEB-INF/jsp/redback/include/rbacListNavigation.jsp" %>
<h2><s:text name="resource.list.section.title"/></h2>
<%@ include file="/WEB-INF/jsp/redback/include/formValidationResults.jsp" %>
<s:form action="resources!remove" method="post" theme="simple">
<table>
<c:choose>
<c:when test="${!empty allResources}">
<thead>
<tr>
<th>&nbsp;</th>
<th><s:text name="name"/></th>
<th><s:text name="description"/></th>
</tr>
</thead>
<c:forEach var="resource" items="${allResources}">
<tr>
<td>
<s:checkbox name="selectedResources" fieldValue="%{resource.identifier}" />
</td>
<td>
<s:url id="resourceUrl" action="resource-edit">
<s:param name="resourceIdentifier">${resource.identifier}</s:param>
</s:url>
<s:a href="%{resourceUrl}"><c:out value="${resource.identifier}" /></s:a>
</td>
<td>
<c:out value="${resource.pattern}" />
</td>
</tr>
</c:forEach>
</c:when>
<c:otherwise>
<p><em><s:text name="resource.list.no.resources.available"/></em></p>
</c:otherwise>
</c:choose>
<tr>
<td colspan="3">
<s:submit value="%{getText('remove.selected.roles')}" />
</td>
</tr>
</table>
</s:form>
</body>
</s:i18n>
</html>

View File

@ -1,132 +0,0 @@
<%--
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<%@ taglib uri="http://www.extremecomponents.org" prefix="ec" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="role.page.title"/></title>
</head>
<body>
<%@ include file="/WEB-INF/jsp/redback/include/formValidationResults.jsp" %>
<h2><s:text name="role"/></h2>
<div class="axial">
<table border="1" cellspacing="2" cellpadding="3" width="100%">
<s:label label="%{getText('name')}" name="name"/>
<s:label label="%{getText('description')}" name="description"/>
</table>
</div>
<div class="functnbar3">
<s:form action="roleedit" namespace="/security">
<s:hidden name="name" />
<s:submit value="%{getText('edit')}" theme="simple" />
</s:form>
</div>
<h3><s:text name="role.model.parent.roles"/></h3>
<c:if test="${empty parentRoleNames}">
<s:text name="role.edit.no.parent.defined"/>
</c:if>
<c:if test="${!empty parentRoleNames}">
<ul>
<s:iterator id="parentRoleName" value="parentRoleNames">
<s:url id="roleUrl" action="role" includeParams="none">
<s:param name="name">${parentRoleName}</s:param>
</s:url>
<li><s:a href="%{roleUrl}">${parentRoleName}</s:a></li>
</s:iterator>
</ul>
</c:if>
<h3><s:text name="role.model.child.roles"/></h3>
<c:if test="${empty childRoleNames}">
<s:text name="role.edit.no.childrole.defined"/>
</c:if>
<c:if test="${!empty childRoleNames}">
<ul>
<s:iterator id="childRoleName" value="childRoleNames">
<s:url id="roleUrl" action="role" includeParams="none">
<s:param name="name">${childRoleName}</s:param>
</s:url>
<li><s:a href="%{roleUrl}"><c:out value="${childRoleName}" /></s:a></li>
</s:iterator>
</ul>
</c:if>
<h3><s:text name="permissions"/></h3>
<c:if test="${empty permissions}">
<s:text name="role.create.no.permissions.defined"/>
</c:if>
<c:if test="${!empty permissions}">
<!-- ec on redback should not be dependent on the resource bundle of the project using it -->
<s:set name="role_name" value="%{getText('name')}"/>
<s:set name="role_operation" value="%{getText('role.operation')}"/>
<s:set name="role_resource" value="%{getText('role.resource')}"/>
<ec:table var="permission"
items="permissions"
autoIncludeParameters="false"
cellspacing="2"
cellpadding="3"
showExports="flase"
showPagination="false"
showTitle="false"
showStatusBar="false"
filterable="false">
<ec:row>
<ec:column property="name" title="${role_name}"/>
<ec:column property="operation.name" title="${role_operation}"/>
<ec:column property="resource.identifier" title="${role_resource}"/>
</ec:row>
</ec:table>
</c:if>
<h3><s:text name="role.edit.section.users"/></h3>
<c:if test="${!empty parentUsers}">
<h4><s:text name="role.edit.users.defined.in.parent.roles"/></h4>
<ul>
<s:iterator id="user" value="parentUsers">
<s:url id="usereditUrl" action="useredit" includeParams="none">
<s:param name="username">${user.username}</s:param>
</s:url>
<li><s:a href="%{usereditUrl}"><c:out value="${user.fullName}" /> (<c:out value="${user.username}" /> - <c:out value="${user.email}" />)</s:a></li>
</s:iterator>
</ul>
</c:if>
<h4><s:text name="role.edit.users.defined.in.current.role"/></h4>
<c:if test="${empty users}">
<s:text name="role.edit.no.user.defined"/>
</c:if>
<c:if test="${!empty users}">
<ul>
<s:iterator id="user" value="users">
<s:url id="usereditUrl" action="useredit" includeParams="none">
<s:param name="username">${user.username}</s:param>
</s:url>
<li><s:a href="%{usereditUrl}"><c:out value="${user.fullName}" /> (<c:out value="${user.username}" /> - <c:out value="${user.email}" />)</s:a></li>
</s:iterator>
</ul>
</c:if>
</body>
</s:i18n>
</html>

View File

@ -1,105 +0,0 @@
<%--
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags"%>
<%@ taglib prefix="redback" uri="/redback/taglib-1.0"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="role.create.page.title"/></title>
</head>
<body>
<%@ include file="/WEB-INF/jsp/redback/include/formValidationResults.jsp" %>
<h2><s:text name="role.create.section.title"/></h2>
<s:form action="rolecreate!submit" method="post" theme="xhtml"
name="roleCreateForm" cssClass="securiy rolecreate">
<s:token/>
<s:textfield label="%{getText('role.name')}" name="roleName" />
<s:textfield label="%{getText('role.description')}" name="description" maxlength="255"/>
<tr>
<td valign="top"><s:text name="permissions"/></td>
<td>
<table cellspacing="0" cellpadding="2" class="permission">
<thead>
<tr>
<th><s:text name="name"/></th>
<th><s:text name="role.create.operation"/></th>
<th><s:text name="role.create.resource"/></th>
</tr>
</thead>
<c:choose>
<c:when test="${!empty permissions}">
<c:forEach var="permission" varStatus="loop" items="${permissions}">
<tr>
<td>
<input type="text" name="permissions(${loop.index}).name"
value="${permission.name}" />
</td>
<td>
<input type="text" name="permissions(${loop.index}).operationName"
value="${permission.operationName}" />
</td>
<td>
<input type="text" name="permissions(${loop.index}).resourceIdentifier"
value="${permission.resourceIdentifier}" />
</td>
</tr>
</c:forEach>
</c:when>
<c:otherwise>
<em><s:text name="role.create.no.permissions.defined"/></em>
</c:otherwise>
</c:choose>
<tr class="addPermission">
<td>
<s:textfield name="addpermission.name" theme="simple"/>
</td>
<td>
<s:textfield name="addpermission.operationName" theme="simple" />
</td>
<td>
<s:textfield name="addpermission.resourceIdentifier" theme="simple" />
</td>
<td>
<s:submit value="%{getText('role.create.add.permission')}"
onclick="setSubmitMode('addPermission')" />
</td>
</tr>
</table>
</td>
</tr>
<s:hidden name="submitMode" value="normal" />
<s:submit value="%{getText('submit')}" onclick="setSubmitMode('normal')" />
</s:form>
<script language="javascript">
function setSubmitMode(mode)
{
document.forms["roleCreateForm"].submitMode.value = mode;
}
</script>
</body>
</s:i18n>
</html>

View File

@ -1,157 +0,0 @@
<%--
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<%@ taglib uri="http://www.extremecomponents.org" prefix="ec" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="role.page.title"/></title>
</head>
<body>
<%@ include file="/WEB-INF/jsp/redback/include/formValidationResults.jsp" %>
<h2><s:text name="role"/></h2>
<s:actionerror/>
<s:form action="rolesave" name="rolesave" namespace="/security">
<s:hidden name="name"/>
<s:hidden name="usersList"/>
<s:token/>
<div class="axial">
<table border="1" cellspacing="2" cellpadding="3" width="100%">
<s:label label="%{getText('name')}" name="name"/>
<s:textfield label="%{getText('description')}" name="newDescription" maxlength="255"/>
</table>
</div>
<div class="functnbar3">
<s:submit value="%{getText('save')}" theme="simple"/>
</div>
</s:form>
<h3><s:text name="role.model.parent.roles"/></h3>
<c:if test="${empty parentRoleNames}">
<s:text name="role.edit.no.parent.defined"/>
</c:if>
<c:if test="${!empty parentRoleNames}">
<ul>
<s:iterator id="parentRoleName" value="parentRoleNames">
<s:url id="roleeditUrl" action="roleedit" includeParams="none">
<s:param name="name">${parentRoleName}</s:param>
</s:url>
<li><s:a href="%{roleeditUrl}"><c:out value="${parentRoleName}"/></s:a></li>
</s:iterator>
</ul>
</c:if>
<h3><s:text name="role.model.child.roles"/></h3>
<c:if test="${empty childRoleNames}">
<s:text name="role.edit.no.childrole.defined"/>
</c:if>
<c:if test="${!empty childRoleNames}">
<ul>
<s:iterator id="childRoleName" value="childRoleNames">
<s:url id="roleeditUrl" action="roleedit" includeParams="none">
<s:param name="name">${childRoleName}</s:param>
</s:url>
<li><s:a href="%{roleeditUrl}"><c:out value="${childRoleName}" /></s:a></li>
</s:iterator>
</ul>
</c:if>
<h3><s:text name="permissions"/></h3>
<c:if test="${empty permissions}">
<s:text name="role.create.no.permissions.defined"/>
</c:if>
<c:if test="${!empty permissions}">
<!-- ec on redback should not be dependent on the resource bundle of the project using it -->
<s:set name="role_name" value="%{getText('name')}"/>
<s:set name="role_operation" value="%{getText('role.operation')}"/>
<s:set name="role_resource" value="%{getText('role.resource')}"/>
<ec:table var="permission"
items="permissions"
autoIncludeParameters="false"
cellspacing="2"
cellpadding="3"
showExports="flase"
showPagination="false"
showTitle="false"
showStatusBar="false"
filterable="false">
<ec:row>
<ec:column property="name" title="${role_name}"/>
<ec:column property="operation.name" title="${role_operation}"/>
<ec:column property="resource.identifier" title="${role_resource}"/>
</ec:row>
</ec:table>
</c:if>
<h3><s:text name="role.edit.section.users"/></h3>
<c:if test="${!empty parentUsers}">
<h4><s:text name="role.edit.users.defined.in.parent.roles"/></h4>
<ul>
<s:iterator id="user" value="parentUsers">
<s:url id="usereditUrl" action="useredit" includeParams="none">
<s:param name="username">${user.username}</s:param>
</s:url>
<li><s:a href="%{usereditUrl}"><c:out value="${user.fullName}"/> (<c:out value="${user.username}"/> - <c:out value="${user.email}"/>)</s:a></li>
</s:iterator>
</ul>
</c:if>
<h4><s:text name="role.edit.users.defined.in.current.role"/></h4>
<form name="roleusers">
<input type="hidden" name="name" value="${name}"/>
<s:token/>
<table style="width:100%">
<tr>
<td style="width:40%">
<select size="20" multiple="multiple" id="allUsers" name="availableUsers" style="width: 100%">
<s:iterator id="user" value="allUsers">
<option value="<c:out value="${user.username}" />"><c:out value="${user.fullName}"/> - <c:out value="${user.username}"/></option>
</s:iterator>
</select>
</td>
<td style="text-align: center">
<input type="submit" value="--&gt;" onclick="this.form.action='roleusersadd.action'; this.form.submit();"/>
<br/>
<input type="submit" value="&lt;--" onclick="this.form.action='roleusersremove.action'; this.form.submit();"/>
</td>
<td style="width:40%">
<c:if test="${!empty users}">
<select size="20" multiple="multiple" id="users" name="currentUsers" style="width: 100%">
<s:iterator id="user" value="users">
<option value="<c:out value="${user.username}" />"><c:out value="${user.fullName}"/> - <c:out value="${user.username}"/></option>
</s:iterator>
</select>
</c:if>
<c:if test="${empty users}">
<select size="20" multiple="multiple" id="users" name="usersList" style="width: 100%">
</select>
</c:if>
</td>
</tr>
</table>
</form>
</body>
</s:i18n>
</html>

View File

@ -1,67 +0,0 @@
<%--
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags"%>
<%@ taglib prefix="redback" uri="/redback/taglib-1.0"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="role.list.page.title"/></title>
</head>
<body>
<!-- %@ include file="/WEB-INF/jsp/redback/include/rbacListNavigation.jsp" % -->
<h2><s:text name="role.list.section.title"/></h2>
<%@ include file="/WEB-INF/jsp/redback/include/formValidationResults.jsp" %>
<table width="100%">
<c:choose>
<c:when test="${!empty allRoles}">
<thead>
<tr>
<th width="49%"><s:text name="role.name"/></th>
<th width="49%"><s:text name="role.description"/></th>
</tr>
</thead>
<c:forEach var="role" items="${allRoles}">
<tr>
<td>
<s:url id="roleUrl" action="role">
<s:param name="name">${role.name}</s:param>
</s:url>
<s:a href="%{roleUrl}"><c:out value="${role.name}" /></s:a>
</td>
<td>
<c:out value="${role.description}" />
</td>
</tr>
</c:forEach>
</c:when>
<c:otherwise>
<p><em><s:text name="role.list.no.roles.available"/></em></p>
</c:otherwise>
</c:choose>
</table>
</body>
</s:i18n>
</html>

View File

@ -1,163 +0,0 @@
<%--
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags"%>
<%@ taglib prefix="redback" uri="/redback/taglib-1.0"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="role.model.page.title"/></title>
</head>
<body>
<%@ include file="/WEB-INF/jsp/redback/include/rbacListNavigation.jsp" %>
<h2><s:text name="role.model.section.title"/></h2>
<p><s:text name="role.model.message"/></p>
<%@ include file="/WEB-INF/jsp/redback/include/formValidationResults.jsp" %>
<h4>${model.application}</h4>
<h5><s:text name="resources"/>:</h5>
<ul>
<s:iterator id="resource" value="model.resources">
<li>
<s:text name="role.model.id"/>: ${resource.id}<br/>
<s:text name="role.model.name"/>: ${resource.name}<br/>
<s:text name="role.model.permanent"/>: ${resource.permanent}<br/>
<br/>
</li>
</s:iterator>
</ul>
<h5><s:text name="operations"/>:</h5>
<ul>
<s:iterator id="operation" value="model.operations">
<li>
<s:text name="role.model.id"/>: ${operation.id}<br/>
<s:text name="role.model.name"/>: ${operation.name}<br/>
<s:text name="role.model.permanent"/>: ${operation.permanent}<br/>
<br/>
</li>
</s:iterator>
</ul>
<h5><s:text name="roles"/>:</h5>
<ul>
<s:iterator id="role" value="model.roles">
<li>
<s:text name="role.model.id"/>: ${role.id}<br/>
<s:text name="role.model.name"/>: ${role.name}<br/>
<s:text name="role.model.permanent"/>: ${role.permanent}<br/>
<s:text name="role.model.assignable"/>: ${role.assignable}<br/>
<s:text name="permissions"/>:
<ul>
<s:iterator id="permission" value="#role.permissions">
<li>
<s:text name="role.model.id"/>: ${permission.id}<br/>
<s:text name="role.model.name"/>: ${permission.name}<br/>
<s:text name="role.model.permanent"/>: ${permission.permanent}<br/>
<s:text name="role.model.operation.id"/>: ${permission.operation}<br/>
<s:text name="role.model.resource.id"/>: ${permission.resource}<br/>
</li>
</s:iterator>
</ul>
<s:text name="role.model.child.roles"/>:
<ul>
<s:iterator id="childRole" value="#role.childRoles">
<li>
<s:text name="role.model.role.id"/>: ${childRole}<br/>
</li>
</s:iterator>
</ul>
<s:text name="role.model.parent.roles"/>:
<ul>
<s:iterator id="parentRole" value="#role.parentRoles">
<li>
<s:text name="role.model.role.id"/>: ${parentRole}<br/>
</li>
</s:iterator>
</ul>
</li>
<br/>
</s:iterator>
</ul>
<h5><s:text name="role.model.templates"/>:</h5>
<ul>
<s:iterator id="template" value="model.templates">
<li>
<s:text name="role.model.id"/>: ${template.id}<br/>
<s:text name="role.model.name.prefix"/>: ${template.namePrefix}<br/>
<s:text name="role.model.permanent"/>: ${template.permanent}<br/>
<s:text name="role.model.assignable"/>: ${template.assignable}<br/>
<s:text name="role.model.delimeter"/>: ${template.delimiter}<br/>
<s:text name="permissions"/>:
<ul>
<s:iterator id="permission" value="#template.permissions">
<li>
<s:text name="role.model.id"/>: ${permission.id}<br/>
<s:text name="role.model.name"/>: ${permission.name}<br/>
<s:text name="role.model.permanent"/>: ${permission.permanent}<br/>
<s:text name="role.model.operation.id"/>: ${permission.operation}<br/>
<s:text name="role.model.resource.id"/>: ${permission.resource}<br/>
</li>
</s:iterator>
</ul>
<s:text name="role.model.child.roles"/>:
<ul>
<s:iterator id="childRole" value="#template.childRoles">
<li>
<s:text name="role.model.role.id"/>: ${childRole}<br/>
</li>
</s:iterator>
</ul>
<s:text name="role.model.parent.roles"/>:
<ul>
<s:iterator id="parentRole" value="#template.parentRoles">
<li>
<s:text name="role.model.role.id"/>: ${parentRole}<br/>
</li>
</s:iterator>
</ul>
<s:text name="role.model.child.templates"/>:
<ul>
<s:iterator id="childTemplate" value="#template.childTemplates">
<li>
<s:text name="role.model.template.id"/>: ${childTemplate}<br/>
</li>
</s:iterator>
</ul>
<s:text name="role.model.parent.templates"/>:
<ul>
<s:iterator id="parentTemplate" value="#template.parentTemplates">
<li>
<s:text name="role.model.template.id"/>: ${parentTemplate}<br/>
</li>
</s:iterator>
</ul>
</li>
<br/>
</s:iterator>
</ul>
</body>
</s:i18n>
</html>

View File

@ -1,47 +0,0 @@
<%--
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags"%>
<%@ taglib prefix="redback" uri="/redback/taglib-1.0"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="role.summary.page.title"/></title>
</head>
<body>
<%@ include file="/WEB-INF/jsp/redback/include/rbacListNavigation.jsp" %>
<h2><s:text name="role.summary.section.title"/></h2>
<%@ include file="/WEB-INF/jsp/redback/include/formValidationResults.jsp" %>
<ul>
<s:iterator id="role" value="allRoles">
<li><s:text name="role"/>: <c:out value="${role.name}"/></li>
<ul>
<s:iterator id="permission" value="#role.permissions">
<li>P[<c:out value="${permission.name}"/>] (<c:out value="${permission.operation.name}"/>, <c:out value="${permission.resource.identifier}"/>)</li>
</s:iterator>
</ul>
</s:iterator>
</ul>
</body>
</s:i18n>
</html>

View File

@ -1,35 +0,0 @@
<%--
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="system.info.page.title"/></title>
</head>
<body>
<h4><s:text name="system.info.section.title"/></h4>
<pre>
${details}
</pre>
</body>
</s:i18n>
</html>

View File

@ -1,40 +0,0 @@
<%--
~ Copyright 2005-2006 The Apache Software Foundation.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="user.create.page.title"/></title>
</head>
<body>
<%@ include file="/WEB-INF/jsp/redback/include/formValidationResults.jsp" %>
<h2><s:text name="user.create.section.title"/></h2>
<s:form action="usercreate!submit" namespace="/security" theme="xhtml"
id="userCreateForm" method="post" name="usercreate" cssClass="security userCreate">
<%@ include file="/WEB-INF/jsp/redback/include/userCredentials.jsp" %>
<s:submit value="%{getText('user.create')}" id="userCreateSubmit" />
</s:form>
</body>
</s:i18n>
</html>

View File

@ -1,45 +0,0 @@
<%--
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags"%>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="user.delete.page.title"/></title>
</head>
<body>
<h2><s:text name="user.delete.section.title"/></h2>
<s:form action="userdelete!submit" namespace="/security">
<p>
<s:text name="user.delete.message"/>:
</p>
<p>
<s:text name="username"/>: <s:property value="user.username"/><br/>
<s:text name="full.name"/>: <s:property value="user.fullName"/><br/>
<s:text name="email"/>: <s:property value="user.email"/><br/>
</p>
<s:hidden label="Username" name="username" />
<s:token/>
<s:submit value="%{getText('user.delete')}" theme="simple" id="userDeleteSubmit"/>
<s:submit value="%{getText('cancel')}" action="userdelete!cancel" theme="simple"/>
</s:form>
</body>
</s:i18n>
</html>

View File

@ -1,75 +0,0 @@
<%--
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags"%>
<%@ taglib prefix="redback" uri="/redback/taglib-1.0"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="user.edit.page.title"/></title>
</head>
<body>
<%@ include file="/WEB-INF/jsp/redback/include/formValidationResults.jsp" %>
<h2><s:text name="user.edit.section.title"/></h2>
<redback:ifAuthorized permission="user-management-user-edit" resource="${user.username}">
<s:form action="useredit" namespace="/security" theme="xhtml"
id="userEditForm" method="post" name="useredit" cssClass="security userEdit">
<%@ include file="/WEB-INF/jsp/redback/include/userCredentials.jsp" %>
<redback:isNotReadOnlyUserManager>
<s:checkbox label="%{getText('user.edit.locked.user')}" name="user.locked" />
<s:checkbox label="%{getText('user.edit.force.user.change.password')}" name="user.passwordChangeRequired" />
<s:hidden label="Username" name="username" />
<s:submit value="%{getText('update')}" method="submit" />
<s:submit value="%{getText('cancel')}" method="cancel" />
</redback:isNotReadOnlyUserManager>
</s:form>
<c:if test="${ emailValidationRequired}">
<p>
<s:form action="register!resendRegistrationEmail" namespace="/security" theme="xhtml"
id="resendRegistationForm" method="post" name="resendRegistration" cssClass="security userEdit">
<s:hidden label="Username" name="username" />
<s:submit value="Resend Validation" method="submit" />
</s:form>
</p>
</c:if>
</redback:ifAuthorized>
<redback:ifAuthorized permission="user-management-user-role" resource="${user.username}">
<c:if test="${!empty effectivelyAssignedRoles}">
<h3><s:text name="effective.roles"/></h3>
<ul>
<s:iterator id="role" value="effectivelyAssignedRoles">
<li>${role.name}</li>
</s:iterator>
</ul>
</c:if>
<s:url id="assignmentUrl" action="assignments" includeParams="none">
<s:param name="username">${user.username}</s:param>
</s:url>
<s:a href="%{assignmentUrl}"><s:text name="user.edit.roles"/></s:a>
</redback:ifAuthorized>
</body>
</s:i18n>
</html>

View File

@ -1,22 +0,0 @@
<%--
~ Copyright 2005-2006 The Apache Software Foundation.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags"%>
<s:form cssClass="find" action="user" name="find" method="post" namespace="/security/admin">
<s:textfield label="%{getText('user.find')}" name="username" />
<s:submit value="%{getText('search')}" />
</s:form>

View File

@ -1,217 +0,0 @@
<%--
~ Copyright 2005-2006 The Apache Software Foundation.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<%@ taglib uri="/redback/taglib-1.0" prefix="redback" %>
<%@ taglib uri="http://www.extremecomponents.org" prefix="ec" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="user.list.page.title"/></title>
<link rel="stylesheet" type="text/css" href="<s:url value="/css/redback/table.css"/>" media="screen"/>
</head>
<body>
<%@ include file="/WEB-INF/jsp/redback/include/formValidationResults.jsp" %>
<!-- ec on redback should not be dependent on the resource bundle of the project using it -->
<s:set name="username" value="%{getText('username')}"/>
<s:set name="fullName" value="%{getText('full.name')}"/>
<s:set name="email" value="%{getText('email')}"/>
<s:set name="permanent" value="%{getText('user.list.permanent')}"/>
<s:set name="validated" value="%{getText('user.list.validated')}"/>
<s:set name="locked" value="%{getText('user.list.locked')}"/>
<s:set name="tasks" value="%{getText('user.list.tasks')}"/>
<h2><s:text name="user.list.section.title"><s:param>${roleName}</s:param></s:text></h2>
<table class="outerTableRegion" cellpadding="0" cellspacing="0">
<tr>
<td><ec:table
var="user"
items="users"
action="${pageContext.request.contextPath}/security/userlist!show.action"
imagePath="${pageContext.request.contextPath}/images/redback/table/*.gif"
autoIncludeParameters="false"
title="Users"
filterable="true"
showTitle="false"
showExports="false"
view="org.apache.archiva.redback.integration.eXc.views.SecurityView"
sortRowsCallback="org.apache.archiva.redback.integration.eXc.ProcessUserRowsCallback"
cellspacing="2"
cellpadding="3"
>
<%-- TODO: Fix export download. --%>
<ec:export
view="csv"
fileName="users.csv"
imageName="csv"
tooltip="Export Table to CSV (Comma Seperated Values)."/>
<ec:export
view="xls"
fileName="users.xls"
imageName="xls"
tooltip="Export Table to Excel format."/>
<ec:row>
<ec:column property="username" title="${username}"
filterCell="org.apache.archiva.redback.integration.eXc.SecurityFilterCell">
<img src="<c:url value="/images/redback/icon-user.gif"/>" />
<redback:ifAuthorized permission="user-management-user-edit" resource="${user.username}">
<s:url id="usereditUrl" action="useredit" includeParams="none">
<s:param name="username">${user.username}</s:param>
</s:url>
<s:a href="%{usereditUrl}"><c:out value="${user.username}" /></s:a>
</redback:ifAuthorized>
<redback:elseAuthorized>
<redback:ifAuthorized permission="user-management-user-role" resource="${user.username}">
<s:url id="usereditUrl" action="useredit" includeParams="none">
<s:param name="username">${user.username}</s:param>
</s:url>
<s:a href="%{usereditUrl}"><c:out value="${user.username}" /></s:a>
</redback:ifAuthorized>
<redback:elseAuthorized>
<c:out value="${user.username}" />
</redback:elseAuthorized>
</redback:elseAuthorized>
</ec:column>
<ec:column property="fullName" title="${fullName}" alias="fullname"
filterCell="org.apache.archiva.redback.integration.eXc.SecurityFilterCell">
<c:out value="${user.fullName}" />
</ec:column>
<ec:column property="email" title="${email}" cell="org.apache.archiva.redback.integration.eXc.MailtoCell"
filterCell="org.apache.archiva.redback.integration.eXc.SecurityFilterCell" />
<ec:column property="permanent" cell="org.apache.archiva.redback.integration.eXc.CheckboxImageCell"
style="text-align: center" title="${permanent}" filterable="false"/> <%-- Boolean's can't be filtered --%>
<ec:column property="validated" cell="org.apache.archiva.redback.integration.eXc.CheckboxImageCell"
style="text-align: center" title="${validated}" filterable="false"/> <%-- Boolean's can't be filtered --%>
<ec:column property="locked" cell="org.apache.archiva.redback.integration.eXc.CheckboxImageCell"
style="text-align: center" title="${locked}" filterable="false"/> <%-- Boolean's can't be filtered --%>
<ec:column title="${tasks}" alias="tasks" sortable="false" filterable="false" styleClass="tasks">
<c:if test="${user.permanent eq false}">
<redback:ifAuthorized permission="user-management-user-delete" resource="${user.username}">
<s:token/>
<s:url id="userdeleteUrl" action="userdelete">
<s:param name="username">${user.username}</s:param>
<s:param name="struts.token.name">struts.token</s:param>
<s:param name="struts.token"><s:property value="struts.token"/></s:param>
</s:url>
<s:a href="%{userdeleteUrl}" title="delete user">
<img src="<c:url value="/images/redback/delete.gif"/>" border="none"/>
</s:a>
</redback:ifAuthorized>
</c:if>
</ec:column>
</ec:row>
</ec:table></td>
</tr>
<%--
<tr><td></td></tr>
<tr>
<td>
<redback:ifAuthorized permission="user-management-user-create">
<div class="task createUser">
<s:form action="usercreate!show" namespace="/security" theme="simple" method="post">
<s:submit cssClass="button" value="Create New User" />
</s:form>
</div>
</redback:ifAuthorized>
</td>
</tr> --%>
</table>
<br>
<br>
<b><s:text name="user.list.tools"/></b>
<br>
<table class="tools" border="0" cellspacing="1" cellpadding="0">
<tr>
<th class="toolHeading"><s:text name="user.list.tasks"/></th>
<th class="toolHeading column"><s:text name="user.list.reports"/></th>
</tr>
<tr>
<td valign="top">
<p class="description"><s:text name="user.list.message"/></p>
<redback:isNotReadOnlyUserManager>
<redback:ifAuthorized permission="user-management-user-create">
<div class="task createUser">
<s:form action="usercreate!show" namespace="/security" theme="simple" method="post">
<s:token/>
<s:submit cssClass="button" value="%{getText('user.list.create.new.user')}" id="userCreateButton"/>
</s:form>
</div>
</redback:ifAuthorized>
</redback:isNotReadOnlyUserManager>
<div class="task showRoles">
<s:form action="userlist!show" namespace="/security" theme="simple" method="get">
<s:submit cssClass="button" value="%{getText('user.list.show.users.in.role')}" />
<s:select list="roles"
name="roleName"
value="roleName"
listKey="name"
listValue="name"
headerKey=""
headerValue="Any"/>
</s:form>
</div>
</td>
<td valign="top" class="column">
<table cellspacing="0" cellpadding="0" border="0" class="reports">
<tr>
<th><s:text name="name"/></th>
<th><s:text name="user.list.types"/></th>
</tr>
<c:forEach items="${reportMap}" var="reportEntry">
<tr>
<td class="reportName" nowrap="nowrap">
<c:forEach items="${reportEntry.value}" var="report" varStatus="status">
<c:if test="${status.first}">
${report.value.name}
</c:if>
</c:forEach>
</td>
<td class="reportViews">
<c:forEach items="${reportEntry.value}" var="report" varStatus="status">
<a href="<c:url value="/security/report!generate.action?reportId=${report.value.id}&reportType=${report.value.type}"/>"
title="${report.value.name} Report (${report.value.type} type)"><img
src="<c:url value="/images/redback/table/${report.value.type}.gif"/>" /></a>
</c:forEach>
</td>
</tr>
</c:forEach>
</table>
</td>
</tr>
</table>
</body>
</s:i18n>
</html>

View File

@ -1,42 +0,0 @@
<%--
~ Copyright 2005-2006 The Apache Software Foundation.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="alert.page.title"/></title>
</head>
<body>
<div id="contentArea">
<div id="searchBox">
<div id="results">
<s:text name="alert.message"/>
</div>
</div>
</div>
<div class="clear">
<hr/>
</div>
</body>
</s:i18n>
</html>

View File

@ -1,29 +0,0 @@
<%--
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="change.password.page.title"/></title>
</head>
<body>
<p><h4><s:text name="change.password.success.section.title"/></h4></p>
</body>
</s:i18n>
</html>

View File

@ -1,36 +0,0 @@
<%--
~ Copyright 2005-2006 The Apache Software Foundation.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="general.error.page.title"/></title>
</head>
<body>
<h1><s:text name="general.error.page.section"/></h1>
<s:actionerror />
<s:actionmessage />
</body>
</s:i18n>
</html>

View File

@ -1,19 +0,0 @@
<%--
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<s:actionerror/>

View File

@ -1,28 +0,0 @@
<%--
~ Copyright 2005-2006 The Apache Software Foundation.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<div id="results">
<%-- This is where the "Account Created Successfully" type message goes. --%>
<div class="success">
<s:actionmessage />
</div>
<%-- This is where errors from the action and other non-form field specific errors appear. --%>
<div class="errors">
<s:actionerror />
</div>
</div>

View File

@ -1,23 +0,0 @@
<%--
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib uri="/struts-tags" prefix="s" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<s:set name="availableRoles" value="#availableRoles"/>
<s:form action="user" name="grantRole" method="post" namespace="/security/admin">
<s:hidden name="principal">${username}"</s:hidden>
<s:select name="roleName" list="availableRoles" labelposition="top" />
<s:submit value="%{getText('grant')}" />
</s:form>

View File

@ -1,30 +0,0 @@
<%--
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags"%>
<div class="rbac-navigation-bar">
<s:url id="rolesUrl" action="roles" namespace="/security" method="list"/>
<s:url id="permissionsUrl" action="permissions" namespace="/security" method="list"/>
<s:url id="operationsUrl" action="operations" namespace="/security" method="list"/>
<s:url id="resourcesUrl" action="resources" namespace="/security" method="list"/>
<s:a href="%{rolesUrl}"><s:text name="roles"/></s:a> |
<s:a href="%{permissionsUrl}"><s:text name="permissions"/></s:a> |
<s:a href="%{operationsUrl}"><s:text name="operations"/></s:a> |
<s:a href="%{resourcesUrl}"><s:text name="resources"/></s:a>
</div>

View File

@ -1,21 +0,0 @@
<%--
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib uri="/struts-tags" prefix="s" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<s:form action="user" name="removeRole" method="post" namespace="/security/admin">
<s:hidden name="principal">${username}</s:hidden>
<s:select name="roleName" list="assignedRoles" labelposition="top" />
<s:submit value="%{getText('remove')}" />
</s:form>

View File

@ -1,25 +0,0 @@
<%--
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<td>
<c:out value="${role.name}" />
</td>
<td>
<c:out value="${role.description}" />
</td>

View File

@ -1,54 +0,0 @@
<%--
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib uri="/struts-tags" prefix="s" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<%@ taglib uri="/redback/taglib-1.0" prefix="redback" %>
<span class="securityLinks">
<c:choose>
<c:when test="${sessionScope.securitySession.authenticated != true}">
<s:url id="loginUrl" action="login" namespace="/security" includeParams="none"/>
<s:url id="registerUrl" action="register" namespace="/security" includeParams="none"/>
<s:a id="loginLink" href="%{loginUrl}"><s:text name="login"/></s:a><redback:isNotReadOnlyUserManager> - <s:a id="registerLink" href="%{registerUrl}"><s:text name="register"/></s:a></redback:isNotReadOnlyUserManager>
</c:when>
<c:otherwise>
<s:url id="logoutUrl" action="logout" namespace="/security" includeParams="none"/>
<s:url id="accountUrl" action="account" namespace="/security" includeParams="none" />
<s:text name="current.user"/>
<c:choose>
<c:when test="${sessionScope.securitySession.user != null}">
<span class="fullname"><s:a href="%{accountUrl}" cssClass="edit"><c:out value="${sessionScope.securitySession.user.fullName}" /></s:a></span>
(<span class="username"><c:out value="${sessionScope.securitySession.user.username}" /></span>)
</c:when>
<c:otherwise>
<span class="fullname"><s:text name="%{unknown.user}"/></span>
</c:otherwise>
</c:choose>
<redback:isNotReadOnlyUserManager>
- <s:a id="editUserLink" href="%{accountUrl}" cssClass="edit"><s:text name="edit.details"/></s:a>
</redback:isNotReadOnlyUserManager>
- <s:a id="logoutLink" href="%{logoutUrl}" cssClass="logout"><s:text name="logout"/></s:a>
<c:if test="${sessionScope.passwordExpirationNotification != null}">
- <s:text name="notify.password.expiration"/> ${sessionScope.passwordExpirationNotification}
</c:if>
</c:otherwise>
</c:choose>
</span>

View File

@ -1,75 +0,0 @@
<%--
~ Copyright 2006 The Apache Software Foundation.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<%@ taglib uri="/redback/taglib-1.0" prefix="redback" %>
<c:choose>
<c:when test="${user.edit}">
<s:label label="%{getText('username')}" name="user.username" />
<s:hidden name="user.username" />
</c:when>
<c:otherwise>
<redback:isReadOnlyUserManager>
<s:label label="%{getText('username')}" name="user.username" />
</redback:isReadOnlyUserManager>
<redback:isNotReadOnlyUserManager>
<s:textfield label="%{getText('username')}" name="user.username" size="30" required="true"/>
</redback:isNotReadOnlyUserManager>
</c:otherwise>
</c:choose>
<redback:isReadOnlyUserManager>
<s:label label="%{getText('full.name')}" name="user.fullName" />
</redback:isReadOnlyUserManager>
<redback:isNotReadOnlyUserManager>
<s:textfield label="%{getText('full.name')}" name="user.fullName" size="30" required="true"/>
</redback:isNotReadOnlyUserManager>
<redback:isReadOnlyUserManager>
<s:label label="%{getText('email.address')}" name="user.email" />
</redback:isReadOnlyUserManager>
<redback:isNotReadOnlyUserManager>
<s:textfield label="%{getText('email.address')}" name="user.email" size="50" required="true"/>
</redback:isNotReadOnlyUserManager>
<redback:isNotReadOnlyUserManager>
<c:choose>
<c:when test="${self}">
<s:password label="%{getText('current.password')}" name="oldPassword" size="20" required="true"/>
<s:password label="%{getText('new.password')}" name="user.password" size="20" required="true"/>
</c:when>
<c:otherwise>
<s:password label="%{getText('password')}" name="user.password" size="20" required="true"/>
</c:otherwise>
</c:choose>
<s:password label="%{getText('confirm.password')}" name="user.confirmPassword" size="20" required="true"/>
</redback:isNotReadOnlyUserManager>
<s:if test="%{user.timestampAccountCreation != null}">
<s:label label="%{getText('account.creation')}" name="user.timestampAccountCreation" />
</s:if>
<s:if test="%{user.timestampLastLogin != null}">
<s:label label="%{getText('last.login')}" name="user.timestampLastLogin" />
</s:if>
<s:if test="%{user.timestampLastPasswordChange != null}">
<s:label label="%{getText('last.password.change')}" name="user.timestampLastPasswordChange" />
</s:if>
<s:token/>

View File

@ -1,35 +0,0 @@
<%--
~ Copyright 2011 The Apache Software Foundation.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="invalid.token.page.title"/></title>
</head>
<body>
<h4><s:text name="invalid.token.section.title"/></h4>
<p>
<s:text name="invalid.token.message"/>
</p>
</body>
</s:i18n>
</html>

View File

@ -1,77 +0,0 @@
<%--
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<%@ taglib uri="/redback/taglib-1.0" prefix="redback" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="login.page.title"/></title>
</head>
<body onload="javascript:document.forms['login'].username.focus();">
<c:choose>
<c:when test="${sessionScope.securitySession.authenticated != true}">
<h2><s:text name="login.section.title"/></h2>
<%@ include file="/WEB-INF/jsp/redback/include/formValidationResults.jsp" %>
<s:form action="login" namespace="/security" theme="xhtml"
id="loginForm" method="post" name="login" cssClass="security login">
<s:textfield label="%{getText('username')}" name="username" size="30" />
<s:password label="%{getText('password')}" name="password" size="20" />
<s:checkbox label="%{getText('login.remember.me')}" name="rememberMe" value="false" />
<s:submit value="%{getText('login')}" method="login" id="loginSubmit"/>
<s:submit value="%{getText('cancel')}" method="cancel" id="loginCancel" />
</s:form>
<%-- TODO: Figure out how to auto-focus to first field --%>
<ul class="tips">
<%--
<li>
Forgot your Username?
<s:url id="forgottenAccount" action="findAccount" />
<s:a href="%{forgottenAccount}">Email me my account information.</s:a>
</li>
--%>
<redback:isNotReadOnlyUserManager>
<li>
<s:text name="login.need.an.account"/>
<s:url id="registerUrl" action="register" />
<s:a id="registerLinkLoginPage" href="%{registerUrl}"><s:text name="login.register"/></s:a>
</li>
<li>
<s:text name="login.forgot.your.password"/>
<s:url id="forgottenPassword" action="passwordReset" />
<s:a id="forgottenPasswordLink" href="%{forgottenPassword}"><s:text name="login.request.password.reset"/></s:a>
</li>
</redback:isNotReadOnlyUserManager>
</ul>
</c:when>
<c:otherwise>
<p/>
<s:text name="login.already.logged.in"/>
<p/>
</c:otherwise>
</c:choose>
</body>
</s:i18n>
</html>

View File

@ -1,48 +0,0 @@
<%--
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="password.page.title"/></title>
</head>
<body onload="javascript:document.forms['password'].existingPassword.focus();">
<h2><s:text name="password.section.title"/></h2>
<%@ include file="/WEB-INF/jsp/redback/include/formValidationResults.jsp" %>
<s:form action="password" namespace="/security" theme="xhtml"
id="passwordForm" method="post" name="password" cssClass="security password">
<c:if test="${provideExisting}">
<s:password label="%{getText('password.existing')}" name="existingPassword" size="20" required="true" />
</c:if>
<s:password label="%{getText('password.new')}" name="newPassword" size="20" required="true" />
<s:password label="%{getText('password.new.confirm')}" name="newPasswordConfirm" size="20" required="true" />
<s:submit value="%{getText('password.change')}" method="submit" />
<s:submit value="%{getText('cancel')}" method="cancel" />
</s:form>
<ul class="tips">
</ul>
</body>
</s:i18n>
</html>

View File

@ -1,39 +0,0 @@
<%--
~ Copyright 2007 The Apache Software Foundation.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="password.reset.page.title"/></title>
</head>
<body>
<p>
<s:text name="password.reset.message"/>
</p>
<p>
<s:url id="loginUrl" action="login" />
<s:text name="password.reset.go.to"/><s:a href="%{loginUrl}"><s:text name="login"/></s:a>
</p>
</body>
</s:i18n>
</html>

View File

@ -1,50 +0,0 @@
<%--
~ Copyright 2005-2006 The Apache Software Foundation.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="register.page.title"/></title>
</head>
<body>
<%@ include file="/WEB-INF/jsp/redback/include/formValidationResults.jsp" %>
<h2><s:text name="register.section.title"/></h2>
<s:form action="register" namespace="/security" theme="xhtml"
id="registerForm" method="post" name="register" cssClass="security register">
<s:textfield label="%{getText('username')}" name="user.username" size="30" required="true"/>
<s:textfield label="%{getText('full.name')}" name="user.fullName" size="30" required="true"/>
<s:textfield label="%{getText('email.address')}" name="user.email" size="50" required="true"/>
<c:if test="${! emailValidationRequired}">
<s:password label="%{getText('password')}" name="user.password" size="20" required="true"/>
<s:password label="%{getText('confirm.password')}" name="user.confirmPassword" size="20" required="true"/>
</c:if>
<s:submit value="%{getText('register')}" method="register" />
<s:submit value="%{getText('cancel')}" method="cancel" />
</s:form>
</body>
</s:i18n>
</html>

View File

@ -1,40 +0,0 @@
<%--
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="request.password.reset.page.title"/></title>
</head>
<body onload="javascript:document.forms['passwordReset'].username.focus();">
<h2><s:text name="request.password.reset.section.title"/></h2>
<%@ include file="/WEB-INF/jsp/redback/include/formValidationResults.jsp" %>
<s:form action="passwordReset" namespace="/security" theme="xhtml"
id="passwordResetForm" method="post" name="passwordReset" cssClass="security passwordReset">
<s:textfield label="%{getText('username')}" name="username" size="30" required="true" />
<s:submit value="%{getText('request.password.reset')}" method="reset" />
<s:submit value="%{getText('cancel')}" method="cancel" />
</s:form>
</body>
</s:i18n>
</html>

View File

@ -1,54 +0,0 @@
<%--
~ Copyright 2005-2006 The Apache Software Foundation.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="requires.authentication.page.title"/></title>
</head>
<body>
<h4><s:text name="requires.authentication.section.title"/></h4>
<div id="results">
<%-- This is where the "Account Created Successfully" type message goes. --%>
<div class="success">
<s:actionmessage />
</div>
<%-- This is where errors from the action and other non-form field specific errors appear. --%>
<div class="errors">
<s:actionerror />
</div>
</div>
<p>
<s:text name="requires.authentication.message"/>
</p>
<ol>
<li>
<s:url id="login" action="login" namespace="/security" includeParams="none"/>
<s:text name="requires.authentication.go.ahead"/><s:a href="%{login}"><s:text name="login"/></s:a>
</li>
</ol>
</body>
</s:i18n>
</html>

View File

@ -1,42 +0,0 @@
<%--
~ Copyright 2005-2006 The Apache Software Foundation.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
--%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<html>
<s:i18n name="org.apache.archiva.redback.struts2.default">
<head>
<title><s:text name="validation.notification.page.title"/></title>
</head>
<body>
<%@ include file="/WEB-INF/jsp/redback/include/formValidationResults.jsp" %>
<h2><s:text name="validation.notification.section.title"/></h2>
<p>
<s:text name="validation.notification.message.1"><s:param>(${user.email}).</s:param></s:text>
</p>
<p>
<s:text name="validation.notification.message.2"><s:param>${user.email}</s:param></s:text>
</p>
</body>
</s:i18n>
</html>

View File

@ -1,27 +0,0 @@
<?xml version="1.0"?>
<!--
~ Copyright 2005-2006 The Apache Software Foundation.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<web-app xmlns="http://java.sun.com/xml/ns/j2ee" version="2.4"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<!-- Nothing Declared In Here.
Just defined to make maven-war-plugin happy.
You should declare web.xml specific content in your application webapp's web.xml
-->
</web-app>

View File

@ -1,311 +0,0 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
.eXtremeTable {
margin: 0px;
padding: 0px;
}
.eXtremeTable select {
font-family: Verdana;
font-size: 9px;
border: solid 1px #EEE;
width: 75px;
}
.outerTableRegion {
padding: 0px 0px 0px 2px;
border: 1px solid gray;
width: 100%;
}
.outerTableRegion table {
margin-left: 0px;
margin-right: 0px;
}
.outerTableRegion td, .outerTableRegion th {
padding: 2px 2px;
}
.eXtremeTable .tableRegion {
font-family: Verdana;
font-size: 10px;
width: 100%;
}
.eXtremeTable .filter {
background-color: #efefef;
}
.eXtremeTable .filterToolbar {
padding: 0px 0px 10px;
}
.eXtremeTable .filterInput {
padding: 5px 0px 0px 10px;
white-space: nowrap;
}
.eXtremeTable .filter .filterInputGroup {
border: 1px solid gray;
background-color: white;
padding-right: 16px;
padding-left: 1px;
background-image: url("../../images/redback/table/filterIcon.gif");
background-position: center right;
background-repeat: no-repeat;
}
.eXtremeTable .filter input {
font-family: Verdana;
background: transparent;
border: 0px;
font-size: 10px;
margin: 0px;
margin-right: 16px;
height: 16px;
width: 100%;
}
.eXtremeTable .filter select {
font-family: Verdana;
font-size: 9px;
border: solid 1px #EEE;
width: 100%;
}
.eXtremeTable .tableRegion .tableHeader {
background-color: #308dbb;
color: white;
font-weight: bold;
text-align: left;
padding-right: 3px;
padding-left: 3px;
padding-top: 4;
padding-bottom: 4;
margin: 0;
border-right-style: solid;
border-right-width: 1px;
border-color: white;
}
.eXtremeTable .tableRegion .tableHeaderSort {
background-color: #f8c471;
color: white;
font-weight: bold;
text-align: left;
padding-right: 3px;
padding-left: 3px;
padding-top: 4;
padding-bottom: 4;
border-right-style: solid;
border-right-width: 1px;
border-color: white;
}
.eXtremeTable .odd a,.even a {
color: Black;
font-size: 9px;
}
.eXtremeTable .odd td,.eXtremeTable .even td {
padding-top: 2px;
padding-right: 3px;
padding-bottom: 2px;
padding-left: 3px;
vertical-align: middle;
font-size: 9px;
}
.eXtremeTable .odd {
background-color: #FFFFFF;
}
.eXtremeTable .even {
background-color: #dfe4e8;
}
.eXtremeTable .highlight td {
color: black;
font-size: 10px;
padding-top: 2px;
padding-right: 3px;
padding-bottom: 2px;
padding-left: 3px;
vertical-align: middle;
background-color: #fdecae;
}
.eXtremeTable .highlight a,.highlight a {
color: black;
font-size: 10px;
}
.eXtremeTable .toolbar {
background-color: #F4F4F4;
font-family: Verdana;
font-size: 9px;
margin-right: 1px;
border-right: 1px solid silver;
border-left: 1px solid silver;
border-top: 1px solid silver;
border-bottom: 1px solid silver;
}
.eXtremeTable .toolbar td {
color: #444444;
padding: 0px 3px 0px 3px;
text-align: center;
}
.eXtremeTable .separator {
width: 7px;
}
.eXtremeTable .statusBar {
font-family: Verdana;
font-size: 10px;
}
.eXtremeTable .compactToolbar button {
font-size: 10px;
}
.eXtremeTable .compactToolbar {
font-size: 10px;
width: 100%;
padding-bottom: 0px;
}
.eXtremeTable .compactToolbar table td {
white-space: nowrap;
padding-right: 4px;
}
.eXtremeTable .title {
color: #444444;
font-weight: bold;
font-family: Verdana;
font-size: 15px;
vertical-align: middle;
}
.eXtremeTable .title span {
margin-left: 7px;
}
.eXtremeTable .roleSelect {
width: auto;
}
.eXtremeTable .formButtons {
display: block;
margin-top: 10px;
margin-left: 5px;
}
.eXtremeTable .formButton {
cursor: pointer;
font-family: Verdana;
font-size: 10px;
font-weight: bold;
background-color: #308dbb;
color: white;
margin-top: 5px;
border: outset 1px #333;
vertical-align: middle;
}
.eXtremeTable .tableTotal {
background-color: #FFFFFF;
border-top: solid 1px Silver;
}
.eXtremeTable .tableTotalEmpty {
background-color: #FFFFFF;
}
.eXtremeTable img {
border: 0px;
}
.eXtremeTable .tasks {
text-align: center;
}
.eXtremeTable .tasks form {
padding: 0px;
margin: 0px;
}
table.tools {
border: 1px solid gray;
margin-top: 7px;
padding: 0px 2px 2px 2px;
}
table.tools img {
border: 0;
}
table.tools th.toolHeading {
background-color: #308dbb;
color: white;
font-size: 12px;
padding: 3px;
text-align: left;
}
table.tools form {
margin: 0;
padding: 0;
}
table.tools p {
font-size: 10px;
margin: 5px;
}
table.tools .task {
margin-bottom: 2px;
}
table.tools form input,table.tools form select {
font-size: 10px;
}
table.tools form .button {
margin-left: 15px;
width: 15em;
}
table.tools .reports {
}
table.tools .reports th {
text-align: left;
font-size: 11px;
}
table.tools .reports td {
text-align: left;
font-size: 10px;
}

View File

@ -1,6 +0,0 @@
The images in this directory are from the eXtremecomponents 1.0.1 distribution.
http://www.extremecomponents.org/
eXtremecomponents is licensed under the Apache Source License.
http://extremecomp.cvs.sourceforge.net/extremecomp/eXtremeComponents/LICENSE.txt?view=markup

View File

@ -1,342 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Licensed to the Apache Software Foundation (ASF) under one
~ or more contributor license agreements. See the NOTICE file
~ distributed with this work for additional information
~ regarding copyright ownership. The ASF licenses this file
~ to you under the Apache License, Version 2.0 (the
~ "License"); you may not use this file except in compliance
~ with the License. You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-struts2</artifactId>
<version>2.1-SNAPSHOT</version>
</parent>
<artifactId>redback-struts2-integration</artifactId>
<packaging>bundle</packaging>
<name>Redback :: Integration :: Struts 2 Integration</name>
<dependencies>
<!-- ================================================================ -->
<!-- Core Plexus Security Dependencies -->
<dependency>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-configuration</artifactId>
</dependency>
<dependency>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-system</artifactId>
</dependency>
<dependency>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-policy</artifactId>
</dependency>
<!-- User Management / Authentication -->
<dependency>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-authentication-users</artifactId>
</dependency>
<dependency>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-authentication-ldap</artifactId>
</dependency>
<!-- Keys Management / Authentication -->
<dependency>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-keys-api</artifactId>
</dependency>
<dependency>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-authentication-keys</artifactId>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
</dependency>
<!-- RBAC Management / Authorization -->
<dependency>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-authorization-rbac</artifactId>
</dependency>
<dependency>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-rbac-role-manager</artifactId>
</dependency>
<dependency>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-rbac-cached</artifactId>
</dependency>
<dependency>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-users-ldap</artifactId>
</dependency>
<dependency>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-users-configurable</artifactId>
</dependency>
<dependency>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-data-management</artifactId>
</dependency>
<dependency>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-common-integrations</artifactId>
</dependency>
<dependency>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-integrations-security</artifactId>
</dependency>
<!-- ================================================================ -->
<!-- OTHER Dependencies -->
<dependency>
<groupId>org.apache.struts</groupId>
<artifactId>struts2-core</artifactId>
</dependency>
<dependency>
<groupId>org.apache.struts.xwork</groupId>
<artifactId>xwork-core</artifactId>
</dependency>
<dependency>
<groupId>ognl</groupId>
<artifactId>ognl</artifactId>
</dependency>
<dependency>
<groupId>org.apache.struts</groupId>
<artifactId>struts2-spring-plugin</artifactId>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
</dependency>
<dependency>
<groupId>javax.mail</groupId>
<artifactId>mail</artifactId>
<scope>provided</scope>
<version>1.4</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context-support</artifactId>
</dependency>
<dependency>
<groupId>org.extremecomponents</groupId>
<artifactId>extremecomponents</artifactId>
<version>1.0.1</version>
</dependency>
<dependency>
<groupId>commons-beanutils</groupId>
<artifactId>commons-beanutils-bean-collections</artifactId>
<version>1.7.0</version>
<!-- Needed by extremecomponents -->
</dependency>
<dependency>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-utils</artifactId>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jsp-api</artifactId>
<version>2.0</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>taglibs</groupId>
<artifactId>standard</artifactId>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jstl</artifactId>
</dependency>
<dependency>
<groupId>commons-collections</groupId>
<artifactId>commons-collections</artifactId>
</dependency>
<dependency>
<groupId>commons-lang</groupId>
<artifactId>commons-lang</artifactId>
</dependency>
<dependency>
<groupId>opensymphony</groupId>
<artifactId>sitemesh</artifactId>
<version>2.4.2</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</dependency>
<!-- === Test Dependencies ======================= -->
<dependency>
<groupId>org.hsqldb</groupId>
<artifactId>hsqldb</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-keys-memory</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-authentication-memory</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-rbac-memory</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-users-memory</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.easymock</groupId>
<artifactId>easymock</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.struts</groupId>
<artifactId>struts2-junit-plugin</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j.adapters</groupId>
<artifactId>slf4j-impl</artifactId>
<version>${log4jVersion}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j.adapters</groupId>
<artifactId>log4j-jcl</artifactId>
<version>${log4jVersion}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-core</artifactId>
<version>${log4jVersion}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j.adapters</groupId>
<artifactId>log4j12-api</artifactId>
<version>${log4jVersion}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.felix</groupId>
<artifactId>maven-bundle-plugin</artifactId>
<configuration>
<instructions>
<Export-Package>
org.apache.archiva.redback.struts2*;version=${project.version};-split-package:=merge-first
</Export-Package>
<Import-Package>
javax.annotation,
javax.mail.internet,
javax.servlet,
javax.servlet.http,
javax.inject;version="[1,2"),
com.google.common.collect,
com.opensymphony.module.sitemesh.filter;version="[2.4,3)",
com.opensymphony.xwork2*;version="[2.2,3)",
org.apache.archiva.redback.authentication;version=${project.version},
org.apache.archiva.redback.authorization;version=${project.version},
org.apache.archiva.redback.components.cache;version=${project.version},
org.apache.archiva.redback.components.registry;version=${project.version},
org.apache.archiva.redback.configuration;version=${project.version},
org.apache.archiva.redback.integration.checks.xwork;version=${project.version},
org.apache.archiva.redback.integration.interceptor;version=${project.version},
org.apache.archiva.redback.integration.mail;version=${project.version},
org.apache.archiva.redback.integration.model;version=${project.version},
org.apache.archiva.redback.integration.reports;version=${project.version},
org.apache.archiva.redback.integration.util;version=${project.version},
org.apache.archiva.redback.keys;version=${project.version},
org.apache.archiva.redback.management;version=${project.version},
org.apache.archiva.redback.policy;version=${project.version},
org.apache.archiva.redback.rbac;version=${project.version},
org.apache.archiva.redback.role;version=${project.version},
org.apache.archiva.redback.role.model;version=${project.version},
org.apache.archiva.redback.system;version=${project.version},
org.apache.archiva.redback.system.check;version=${project.version},
org.apache.archiva.redback.users,
org.apache.commons.beanutils,
org.apache.commons.io,
org.apache.commons.lang,
org.apache.struts2,
org.apache.struts2.dispatcher,
org.apache.struts2.interceptor,
org.codehaus.plexus.util,
org.extremecomponents.table.context,
org.extremecomponents.table.limit,
org.springframework.*,
org.slf4j;resolution:=optional
</Import-Package>
</instructions>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<configuration>
<systemPropertyVariables>
<basedir>${basedir}</basedir>
<plexus.home>${basedir}/target</plexus.home>
</systemPropertyVariables>
</configuration>
</plugin>
</plugins>
</build>
</project>

View File

@ -1,113 +0,0 @@
package org.apache.archiva.redback.struts2.action;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import javax.servlet.http.HttpServletRequest;
import org.apache.struts2.ServletActionContext;
import org.apache.archiva.redback.policy.PasswordRuleViolationException;
import org.apache.archiva.redback.policy.PasswordRuleViolations;
import org.apache.archiva.redback.system.SecuritySession;
import org.apache.archiva.redback.system.SecuritySystemConstants;
import org.apache.archiva.redback.integration.interceptor.SecureAction;
import org.apache.archiva.redback.integration.interceptor.SecureActionBundle;
import org.apache.archiva.redback.integration.interceptor.SecureActionException;
/**
* AbstractSecurityAction
*
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
*
*/
public abstract class AbstractSecurityAction
extends RedbackActionSupport
implements SecureAction
{
protected static final String REQUIRES_AUTHENTICATION = "requires-authentication";
private SecureActionBundle securityBundle;
public SecureActionBundle getSecureActionBundle()
throws SecureActionException
{
if ( securityBundle == null )
{
securityBundle = initSecureActionBundle();
}
return securityBundle;
}
public abstract SecureActionBundle initSecureActionBundle()
throws SecureActionException;
protected void setAuthTokens( SecuritySession securitySession )
{
session.put( SecuritySystemConstants.SECURITY_SESSION_KEY, securitySession );
this.setSession( session );
}
protected SecuritySession getSecuritySession()
{
return (SecuritySession) session.get( SecuritySystemConstants.SECURITY_SESSION_KEY );
}
// ------------------------------------------------------------------
// Internal Support Methods
// ------------------------------------------------------------------
protected void processPasswordRuleViolations( PasswordRuleViolationException e )
{
processPasswordRuleViolations( e, "user.password" );
}
protected void processPasswordRuleViolations( PasswordRuleViolationException e, String field )
{
PasswordRuleViolations violations = e.getViolations();
if ( violations != null )
{
for ( String violation : violations.getLocalizedViolations() )
{
addFieldError( field, violation );
}
}
}
protected String getBaseUrl()
{
HttpServletRequest req = ServletActionContext.getRequest();
return req.getScheme() + "://" + req.getServerName()
+ ( req.getServerPort() == 80 ? "" : ":" + req.getServerPort() ) + req.getContextPath();
}
protected String getCurrentUser()
{
SecuritySession securitySession = getSecuritySession();
if ( securitySession != null && securitySession.getUser() != null )
{
return securitySession.getUser().getPrincipal().toString();
}
else
{
return null;
}
}
}

View File

@ -1,246 +0,0 @@
package org.apache.archiva.redback.struts2.action;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.apache.archiva.redback.rbac.Permission;
import org.apache.archiva.redback.rbac.RBACManager;
import org.apache.archiva.redback.rbac.Resource;
import org.apache.archiva.redback.rbac.Role;
import org.apache.archiva.redback.users.User;
import org.apache.archiva.redback.policy.PasswordRuleViolationException;
import org.apache.archiva.redback.rbac.RbacManagerException;
import org.apache.archiva.redback.system.SecuritySystem;
import org.codehaus.plexus.util.StringUtils;
import org.apache.archiva.redback.integration.model.UserCredentials;
import org.apache.archiva.redback.integration.security.role.RedbackRoleConstants;
import org.apache.archiva.redback.integration.util.RoleSorter;
import javax.inject.Inject;
import javax.inject.Named;
import javax.mail.internet.AddressException;
import javax.mail.internet.InternetAddress;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Map;
/**
* AbstractUserCredentialsAction
*
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
*
*/
public abstract class AbstractUserCredentialsAction
extends AbstractSecurityAction
{
// ------------------------------------------------------------------
// Component Requirements
// ------------------------------------------------------------------
/**
*
*/
@Inject
@Named( value = "rBACManager#cached" )
private RBACManager manager;
/**
*
*/
@Inject
protected SecuritySystem securitySystem;
// ------------------------------------------------------------------
// Action Parameters
// ------------------------------------------------------------------
protected UserCredentials internalUser;
protected final String VALID_USERNAME_CHARS = "[a-zA-Z_0-9\\-.@]*";
public RBACManager getManager()
{
return manager;
}
public void setManager( RBACManager manager )
{
this.manager = manager;
}
public SecuritySystem getSecuritySystem()
{
return securitySystem;
}
public void setSecuritySystem( SecuritySystem securitySystem )
{
this.securitySystem = securitySystem;
}
// ------------------------------------------------------------------
// Action Entry Points - (aka Names)
// ------------------------------------------------------------------
public void validateCredentialsLoose()
{
if ( StringUtils.isEmpty( internalUser.getUsername() ) )
{
addFieldError( "user.username", getText( "username.required" ) );
}
else
{
if ( !internalUser.getUsername().matches( VALID_USERNAME_CHARS ) )
{
addFieldError( "user.username", getText( "username.invalid.characters" ) );
}
}
if ( StringUtils.isEmpty( internalUser.getFullName() ) )
{
addFieldError( "user.fullName", getText( "fullName.required" ) );
}
if ( StringUtils.isEmpty( internalUser.getEmail() ) )
{
addFieldError( "user.email", getText( "email.required" ) );
}
if ( !StringUtils.equals( internalUser.getPassword(), internalUser.getConfirmPassword() ) )
{
addFieldError( "user.confirmPassword", getText( "passwords.does.not.match" ) );
}
try
{
if ( !StringUtils.isEmpty( internalUser.getEmail() ) )
{
new InternetAddress( internalUser.getEmail(), true );
}
}
catch ( AddressException e )
{
addFieldError( "user.email", getText( "email.invalid" ) );
}
}
public void validateCredentialsStrict()
{
validateCredentialsLoose();
User tmpuser = internalUser.createUser( securitySystem.getUserManager() );
try
{
securitySystem.getPolicy().validatePassword( tmpuser );
}
catch ( PasswordRuleViolationException e )
{
processPasswordRuleViolations( e );
}
if ( ( StringUtils.isEmpty( internalUser.getPassword() ) ) )
{
addFieldError( "user.password", getText( "password.required" ) );
}
}
/**
* this is a hack. this is a hack around the requirements of putting RBAC constraints into the model. this adds one
* very major restriction to this security system, that a role name must contain the identifiers of the resource
* that is being constrained for adding and granting of roles, this is unacceptable in the long term and we need to
* get the model refactored to include this RBAC concept
*
* @param roleList
* @return
* @throws org.apache.archiva.redback.rbac.RbacManagerException
*
*/
protected List<Role> filterRolesForCurrentUserAccess( List<Role> roleList )
throws RbacManagerException
{
String currentUser = getCurrentUser();
List<Role> filteredRoleList = new ArrayList<Role>();
Map<String, List<Permission>> assignedPermissionMap = manager.getAssignedPermissionMap( currentUser );
List<String> resourceGrants = new ArrayList<String>();
if ( assignedPermissionMap.containsKey( RedbackRoleConstants.USER_MANAGEMENT_ROLE_GRANT_OPERATION ) )
{
List<Permission> roleGrantPermissions =
assignedPermissionMap.get( RedbackRoleConstants.USER_MANAGEMENT_ROLE_GRANT_OPERATION );
for ( Permission permission : roleGrantPermissions )
{
if ( permission.getResource().getIdentifier().equals( Resource.GLOBAL ) )
{
// the current user has the rights to assign any given role
return roleList;
}
else
{
resourceGrants.add( permission.getResource().getIdentifier() );
}
}
}
else
{
return Collections.emptyList();
}
String delimiter = " - ";
// we should have a list of resourceGrants now, this will provide us with the information necessary to restrict
// the role list
for ( Role role : roleList )
{
int delimiterIndex = role.getName().indexOf( delimiter );
for ( String resourceIdentifier : resourceGrants )
{
if ( ( role.getName().indexOf( resourceIdentifier ) != -1 ) && ( delimiterIndex != -1 ) )
{
String resourceName = role.getName().substring( delimiterIndex + delimiter.length() );
if ( resourceName.equals( resourceIdentifier ) )
{
filteredRoleList.add( role );
}
}
}
}
Collections.sort( filteredRoleList, new RoleSorter() );
return filteredRoleList;
}
protected List<Role> getFilteredRolesForCurrentUserAccess()
throws RbacManagerException
{
List<Role> roles = manager.getAllRoles();
if ( roles == null )
{
return Collections.emptyList();
}
return filterRolesForCurrentUserAccess( roles );
}
}

View File

@ -1,258 +0,0 @@
package org.apache.archiva.redback.struts2.action;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.apache.archiva.redback.users.User;
import org.apache.archiva.redback.users.UserNotFoundException;
import org.apache.archiva.redback.policy.PasswordEncoder;
import org.apache.archiva.redback.policy.PasswordRuleViolationException;
import org.apache.archiva.redback.system.DefaultSecuritySession;
import org.apache.archiva.redback.system.SecuritySession;
import org.apache.archiva.redback.system.SecuritySystemConstants;
import org.apache.archiva.redback.users.UserManager;
import org.codehaus.plexus.util.StringUtils;
import org.apache.archiva.redback.integration.interceptor.SecureActionBundle;
import org.apache.archiva.redback.integration.interceptor.SecureActionException;
import org.apache.archiva.redback.integration.model.EditUserCredentials;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
import java.util.Arrays;
/**
* AccountAction
*
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
*
*/
@Controller( "redback-account" )
@Scope( "prototype" )
public class AccountAction
extends AbstractUserCredentialsAction
implements CancellableAction
{
private static final String ACCOUNT_SUCCESS = "security-account-success";
// ------------------------------------------------------------------
// Action Parameters
// ------------------------------------------------------------------
private EditUserCredentials user;
private String oldPassword;
// ------------------------------------------------------------------
// Action Entry Points - (aka Names)
// ------------------------------------------------------------------
public String show()
{
SecuritySession session = getSecuritySession();
if ( !session.isAuthenticated() )
{
addActionError( getText( "cannot.show.account.login.required" ) );
return REQUIRES_AUTHENTICATION;
}
String username = session.getUser().getUsername();
if ( username == null )
{
addActionError( getText( "cannot.edit.user.null.username" ) );
return ERROR;
}
if ( StringUtils.isEmpty( username ) )
{
addActionError( getText( "cannot.edit.user.empty.username" ) );
return ERROR;
}
UserManager manager = super.securitySystem.getUserManager();
if ( !manager.userExists( username ) )
{
// Means that the role name doesn't exist.
// We need to fail fast and return to the previous page.
addActionError( getText( "user.does.not.exist", Arrays.asList( (Object) username ) ) );
return ERROR;
}
internalUser = user;
try
{
User u = manager.findUser( username );
if ( u == null )
{
addActionError( getText( "cannot.operate.on.null.user" ) );
return ERROR;
}
user = new EditUserCredentials( u );
}
catch ( UserNotFoundException e )
{
addActionError( getText( "cannot.get.user", Arrays.asList( (Object) username, e.getMessage() ) ) );
return ERROR;
}
return INPUT;
}
public String submit()
{
SecuritySession session = getSecuritySession();
if ( !session.isAuthenticated() )
{
addActionError( getText( "cannot.show.account.login.required" ) );
return REQUIRES_AUTHENTICATION;
}
String username = session.getUser().getUsername();
if ( username == null )
{
addActionError( getText( "cannot.edit.user.null.username" ) );
return ERROR;
}
if ( StringUtils.isEmpty( username ) )
{
addActionError( getText( "cannot.edit.user.empty.username" ) );
return ERROR;
}
if ( user == null )
{
addActionError( getText( "cannot.edit.user.null.credentials" ) );
return ERROR;
}
if ( !user.getPassword().equals( user.getConfirmPassword() ) )
{
addFieldError( "user.confirmPassword", getText( "password.confimation.failed" ) );
return ERROR;
}
UserManager manager = super.securitySystem.getUserManager();
if ( !manager.userExists( username ) )
{
// Means that the role name doesn't exist.
// We need to fail fast and return to the previous page.
addActionError( getText( "user.does.not.exist", Arrays.asList( (Object) username ) ) );
return ERROR;
}
internalUser = user;
try
{
User u = manager.findUser( username );
if ( u == null )
{
addActionError( getText( "cannot.operate.on.null.user" ) );
return ERROR;
}
if ( StringUtils.isNotEmpty( user.getPassword() ) )
{
PasswordEncoder encoder = securitySystem.getPolicy().getPasswordEncoder();
if ( !encoder.isPasswordValid( u.getEncodedPassword(), oldPassword ) )
{
addFieldError( "oldPassword", getText( "password.provided.does.not.match.existing" ) );
return ERROR;
}
u.setPassword( user.getPassword() );
}
u.setFullName( user.getFullName() );
u.setEmail( user.getEmail() );
u.setPassword( user.getPassword() );
manager.updateUser( u );
//check if current user then update the session
if ( getSecuritySession().getUser().getUsername().equals( u.getUsername() ) )
{
SecuritySession securitySession =
new DefaultSecuritySession( getSecuritySession().getAuthenticationResult(), u );
this.session.put( SecuritySystemConstants.SECURITY_SESSION_KEY, securitySession );
setSession( this.session );
}
}
catch ( UserNotFoundException e )
{
addActionError( getText( "cannot.get.user", Arrays.asList( (Object) username, e.getMessage() ) ) );
return ERROR;
}
catch ( PasswordRuleViolationException e )
{
processPasswordRuleViolations( e );
return ERROR;
}
return ACCOUNT_SUCCESS;
}
public String cancel()
{
return CANCEL;
}
// ------------------------------------------------------------------
// Parameter Accessor Methods
// ------------------------------------------------------------------
public EditUserCredentials getUser()
{
return user;
}
public void setUser( EditUserCredentials user )
{
this.user = user;
}
public SecureActionBundle initSecureActionBundle()
throws SecureActionException
{
SecureActionBundle bundle = new SecureActionBundle();
bundle.setRequiresAuthentication( true );
return bundle;
}
public void setOldPassword( String oldPassword )
{
this.oldPassword = oldPassword;
}
public boolean isSelf()
{
return true;
}
}

View File

@ -1,95 +0,0 @@
package org.apache.archiva.redback.struts2.action;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.slf4j.MDC;
public class AuditEvent
{
private Logger logger = LoggerFactory.getLogger( AuditEvent.class.getName() );
private final String action;
private String affectedUser;
private String role;
private String currentUser;
public AuditEvent( String action )
{
this.action = action;
}
public void setRole( String role )
{
this.role = role;
}
public String getRole()
{
return role;
}
public void setAffectedUser( String affectedUser )
{
this.affectedUser = affectedUser;
}
public String getAffectedUser()
{
return affectedUser;
}
public void setCurrentUser( String currentUser )
{
this.currentUser = currentUser;
}
public String getCurrentUser()
{
return currentUser;
}
public void log()
{
// TODO: it would be better to push this into the login interceptor so it is always set consistently
// (same for IP address)
if ( currentUser != null )
{
MDC.put( "redback.currentUser", currentUser );
}
if ( affectedUser != null )
{
if ( role != null )
{
logger.info( action, affectedUser, role );
}
else
{
logger.info( action, affectedUser );
}
}
}
}

View File

@ -1,33 +0,0 @@
package org.apache.archiva.redback.struts2.action;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
public interface CancellableAction
{
public static final String CANCEL = "cancel";
/**
* Returns the cancel result.
*
* A basic implementation would simply be to return CANCEL.
* @return
*/
String cancel();
}

View File

@ -1,464 +0,0 @@
package org.apache.archiva.redback.struts2.action;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.apache.archiva.redback.keys.AuthenticationKey;
import org.apache.archiva.redback.policy.AccountLockedException;
import org.apache.archiva.redback.users.User;
import org.apache.struts2.ServletActionContext;
import org.apache.archiva.redback.authentication.AuthenticationConstants;
import org.apache.archiva.redback.authentication.AuthenticationDataSource;
import org.apache.archiva.redback.authentication.AuthenticationException;
import org.apache.archiva.redback.authentication.AuthenticationResult;
import org.apache.archiva.redback.authentication.PasswordBasedAuthenticationDataSource;
import org.apache.archiva.redback.authentication.TokenBasedAuthenticationDataSource;
import org.apache.archiva.redback.configuration.UserConfiguration;
import org.apache.archiva.redback.keys.KeyManagerException;
import org.apache.archiva.redback.keys.KeyNotFoundException;
import org.apache.archiva.redback.policy.MustChangePasswordException;
import org.apache.archiva.redback.system.SecuritySession;
import org.apache.archiva.redback.system.SecuritySystem;
import org.apache.archiva.redback.users.UserNotFoundException;
import org.codehaus.plexus.util.StringUtils;
import org.apache.archiva.redback.integration.interceptor.SecureActionBundle;
import org.apache.archiva.redback.integration.interceptor.SecureActionException;
import org.apache.archiva.redback.integration.util.AutoLoginCookies;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
import javax.inject.Inject;
import java.util.Arrays;
import java.util.Date;
/**
* LoginAction
*
* @author Jesse McConnell <jmcconnell@apache.org>
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
*
*/
@Controller( "redback-login" )
@Scope( "prototype" )
public class LoginAction
extends AbstractSecurityAction
implements CancellableAction
{
private static final String LOGIN_SUCCESS = "security-login-success";
private static final String PASSWORD_CHANGE = "security-must-change-password";
private static final String ACCOUNT_LOCKED = "security-login-locked";
// ------------------------------------------------------------------
// Component Requirements
// ------------------------------------------------------------------
/**
*
*/
@Inject
protected SecuritySystem securitySystem;
private String username;
private String password;
private String validateMe;
private String resetPassword;
private boolean rememberMe;
/**
*
*/
@Inject
private AutoLoginCookies autologinCookies;
/**
*
*/
@Inject
private UserConfiguration config;
// ------------------------------------------------------------------
// Action Entry Points - (aka Names)
// ------------------------------------------------------------------
public String show()
{
return INPUT;
}
/**
* 1) check if this is a validation authentication action
* 2) check if this is a reset password authentication action
* 3) sets up a password based authentication and passes on to webLogin()
*
* @return
*/
public String login()
{
if ( StringUtils.isNotEmpty( validateMe ) )
{
// Process a login / validate request.
return validated();
}
if ( StringUtils.isNotEmpty( resetPassword ) )
{
// Process a login / reset password request.
return resetPassword();
}
if ( StringUtils.isEmpty( username ) )
{
addFieldError( "username", getText( "username.required" ) );
return ERROR;
}
PasswordBasedAuthenticationDataSource authdatasource = new PasswordBasedAuthenticationDataSource();
authdatasource.setPrincipal( username );
authdatasource.setPassword( password );
return webLogin( authdatasource, rememberMe );
}
/**
* 1) sets up a token based authentication
* 2) forces a password change requirement to the user
* 3) passes on to webLogin()
*
* @return
*/
public String resetPassword()
{
if ( StringUtils.isEmpty( resetPassword ) )
{
addActionError( getText( "reset.password.missing" ) );
return ERROR;
}
try
{
AuthenticationKey authkey = securitySystem.getKeyManager().findKey( resetPassword );
User user = securitySystem.getUserManager().findUser( authkey.getForPrincipal() );
user.setPasswordChangeRequired( true );
user.setEncodedPassword( "" );
TokenBasedAuthenticationDataSource authsource = new TokenBasedAuthenticationDataSource();
authsource.setPrincipal( user.getPrincipal().toString() );
authsource.setToken( authkey.getKey() );
authsource.setEnforcePasswordChange( false );
securitySystem.getUserManager().updateUser( user );
AuditEvent event = new AuditEvent( getText( "log.password.change" ) );
event.setAffectedUser( username );
event.log();
return webLogin( authsource, false );
}
catch ( KeyNotFoundException e )
{
log.info( "Invalid key requested: {}", resetPassword );
addActionError( getText( "cannot.find.key" ) );
return ERROR;
}
catch ( KeyManagerException e )
{
addActionError( getText( "cannot.find.key.at.the.moment" ) );
log.warn( "Key Manager error: ", e );
return ERROR;
}
catch ( UserNotFoundException e )
{
addActionError( getText( "cannot.find.user" ) );
return ERROR;
}
}
/**
* 1) sets up a token based authentication
* 2) forces a password change requirement to the user
* 3) passes on to webLogin()
*
* @return
*/
public String validated()
{
if ( StringUtils.isEmpty( validateMe ) )
{
addActionError( getText( "validation.failure.key.missing" ) );
return ERROR;
}
try
{
AuthenticationKey authkey = securitySystem.getKeyManager().findKey( validateMe );
User user = securitySystem.getUserManager().findUser( authkey.getForPrincipal() );
user.setValidated( true );
user.setLocked( false );
user.setPasswordChangeRequired( true );
user.setEncodedPassword( "" );
TokenBasedAuthenticationDataSource authsource = new TokenBasedAuthenticationDataSource();
authsource.setPrincipal( user.getPrincipal().toString() );
authsource.setToken( authkey.getKey() );
authsource.setEnforcePasswordChange( false );
securitySystem.getUserManager().updateUser( user );
String currentUser = getCurrentUser();
AuditEvent event = new AuditEvent( getText( "log.account.validation" ) );
event.setAffectedUser( username );
event.setCurrentUser( currentUser );
event.log();
return webLogin( authsource, false );
}
catch ( KeyNotFoundException e )
{
log.info( "Invalid key requested: {}", validateMe );
addActionError( getText( "cannot.find.key" ) );
return ERROR;
}
catch ( KeyManagerException e )
{
addActionError( getText( "cannot.find.key.at.the.momment" ) );
return ERROR;
}
catch ( UserNotFoundException e )
{
addActionError( getText( "cannot.find.user" ) );
return ERROR;
}
}
public String cancel()
{
return CANCEL;
}
public String getUsername()
{
return username;
}
public void setUsername( String username )
{
this.username = username;
}
public String getPassword()
{
return password;
}
public void setPassword( String password )
{
this.password = password;
}
public String getValidateMe()
{
return validateMe;
}
public void setValidateMe( String validateMe )
{
this.validateMe = validateMe;
}
public SecureActionBundle initSecureActionBundle()
throws SecureActionException
{
return SecureActionBundle.OPEN;
}
public String getResetPassword()
{
return resetPassword;
}
public void setResetPassword( String resetPassword )
{
this.resetPassword = resetPassword;
}
public boolean isRememberMe()
{
return rememberMe;
}
public void setRememberMe( boolean rememberMe )
{
this.rememberMe = rememberMe;
}
/**
* 1) attempts to authentication based on the passed in data source
* 2) if successful sets cookies and returns LOGIN_SUCCESS
* 3) if failure then check what kinda failure and return error
*
* @param authdatasource
* @param rememberMe
* @return
*/
private String webLogin( AuthenticationDataSource authdatasource, boolean rememberMe )
{
// An attempt should log out your authentication tokens first!
setAuthTokens( null );
clearErrorsAndMessages();
// TODO: share this section with AutoLoginInterceptor
try
{
SecuritySession securitySession = securitySystem.authenticate( authdatasource );
if ( securitySession.isAuthenticated() )
{
// Success! Create tokens.
setAuthTokens( securitySession );
if ( securitySystem.getPolicy().getUserValidationSettings().isEmailValidationRequired() )
{
if ( !securitySession.getUser().getUsername().equals(
config.getString( "redback.default.admin" ) ) )
{
if ( !securitySession.getUser().isValidated() )
{
setAuthTokens( null );
// NOTE: this text is the same as incorrect.username.password to avoid exposing actual account existence
addActionError( getText( "account.validation.required" ) );
return ERROR;
}
}
}
setCookies( authdatasource, rememberMe );
AuditEvent event = new AuditEvent( getText( "log.login.success" ) );
event.setAffectedUser( username );
event.log();
User user = securitySession.getUser();
user.setLastLoginDate( new Date() );
securitySystem.getUserManager().updateUser( user );
if ( StringUtils.isNotEmpty( validateMe ) )
{
try
{
//REDBACK-146: delete key after validating so user won't be able to use it the second time around
securitySystem.getKeyManager().deleteKey( validateMe );
}
catch ( KeyManagerException e )
{
addActionError( getText( "cannot.find.key.at.the.momment" ) );
return ERROR;
}
}
return LOGIN_SUCCESS;
}
else
{
log.debug( "Login Action failed against principal : {}",
securitySession.getAuthenticationResult().getPrincipal(),
securitySession.getAuthenticationResult().getException() );
AuthenticationResult result = securitySession.getAuthenticationResult();
if ( result.getExceptionsMap() != null && !result.getExceptionsMap().isEmpty() )
{
if ( result.getExceptionsMap().get( AuthenticationConstants.AUTHN_NO_SUCH_USER ) != null )
{
addActionError( getText( "incorrect.username.password" ) );
}
else
{
addActionError( getText( "authentication.failed" ) );
}
}
else
{
addActionError( getText( "authentication.failed" ) );
}
AuditEvent event = new AuditEvent( getText( "log.login.fail" ) );
event.setAffectedUser( username );
event.log();
return ERROR;
}
}
catch ( AuthenticationException ae )
{
addActionError( getText( "authentication.exception", Arrays.asList( (Object) ae.getMessage() ) ) );
return ERROR;
}
catch ( UserNotFoundException ue )
{
addActionError(
getText( "user.not.found.exception", Arrays.asList( (Object) username, ue.getMessage() ) ) );
AuditEvent event = new AuditEvent( getText( "log.login.fail" ) );
event.setAffectedUser( username );
event.log();
return ERROR;
}
catch ( AccountLockedException e )
{
addActionError( getText( "account.locked" ) );
AuditEvent event = new AuditEvent( getText( "log.login.fail.locked" ) );
event.setAffectedUser( username );
event.log();
return ACCOUNT_LOCKED;
}
catch ( MustChangePasswordException e )
{
// TODO: preferably we would not set the cookies for this "partial" login state
setCookies( authdatasource, rememberMe );
AuditEvent event = new AuditEvent( getText( "log.login.fail.locked" ) );
event.setAffectedUser( username );
event.log();
return PASSWORD_CHANGE;
}
}
private void setCookies( AuthenticationDataSource authdatasource, boolean rememberMe )
{
if ( rememberMe )
{
autologinCookies.setRememberMeCookie( authdatasource.getPrincipal(), ServletActionContext.getResponse(),
ServletActionContext.getRequest() );
}
autologinCookies.setSignonCookie( authdatasource.getPrincipal(), ServletActionContext.getResponse(),
ServletActionContext.getRequest() );
}
}

View File

@ -1,134 +0,0 @@
package org.apache.archiva.redback.struts2.action;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.apache.archiva.redback.components.cache.Cache;
import org.apache.struts2.ServletActionContext;
import org.apache.struts2.dispatcher.SessionMap;
import org.apache.archiva.redback.integration.interceptor.SecureActionBundle;
import org.apache.archiva.redback.integration.interceptor.SecureActionException;
import org.apache.archiva.redback.integration.util.AutoLoginCookies;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
import javax.inject.Inject;
import javax.inject.Named;
/**
* LogoutAction
*
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
*
*/
@Controller( "redback-logout" )
@Scope( "prototype" )
public class LogoutAction
extends AbstractSecurityAction
{
// Result Names.
private static final String LOGOUT = "security-logout";
/**
* cache used for user assignments
*
* role-hint="userAssignments"
*/
@Inject
@Named( value = "cache#userAssignments" )
private Cache userAssignmentsCache;
/**
* cache used for user permissions
*
* role-hint="userPermissions"
*/
@Inject
@Named( value = "cache#userPermissions" )
private Cache userPermissionsCache;
/**
* Cache used for users
*
* role-hint="users"
*/
@Inject
@Named( value = "cache#users" )
private Cache usersCache;
/**
*
*/
@Inject
private AutoLoginCookies autologinCookies;
public String logout()
{
if ( getSecuritySession().getUser() == null )
{
return LOGOUT;
}
String currentUser = (String) getSecuritySession().getUser().getPrincipal();
if ( getSecuritySession() != null )
{
// [PLXREDBACK-65] this is a bit of a hack around the cached managers since they don't have the ability to
// purge their caches through the API. Instead try and bring them in here and invalidate
// the keys directly. This will not be required once we move to a different model for pre-calculated
// permission sets since that will not have the overhead that required these caches in the first place.
Object principal = (String) getSecuritySession().getUser().getPrincipal();
if ( userAssignmentsCache != null )
{
userAssignmentsCache.remove( principal );
}
if ( userPermissionsCache != null )
{
userPermissionsCache.remove( principal );
}
if ( usersCache != null )
{
usersCache.remove( principal );
}
}
autologinCookies.removeRememberMeCookie( ServletActionContext.getResponse(),
ServletActionContext.getRequest() );
autologinCookies.removeSignonCookie( ServletActionContext.getResponse(), ServletActionContext.getRequest() );
setAuthTokens( null );
if ( session != null )
{
( (SessionMap) session ).invalidate();
}
AuditEvent event = new AuditEvent( getText( "log.logout.success" ) );
event.setAffectedUser( currentUser );
event.log();
return LOGOUT;
}
public SecureActionBundle initSecureActionBundle()
throws SecureActionException
{
return SecureActionBundle.OPEN;
}
}

View File

@ -1,294 +0,0 @@
package org.apache.archiva.redback.struts2.action;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.apache.archiva.redback.policy.PasswordEncoder;
import org.apache.archiva.redback.policy.PasswordRuleViolations;
import org.apache.archiva.redback.users.User;
import org.apache.archiva.redback.policy.PasswordRuleViolationException;
import org.apache.archiva.redback.system.SecuritySession;
import org.apache.archiva.redback.system.SecuritySystem;
import org.apache.archiva.redback.users.UserNotFoundException;
import org.codehaus.plexus.util.StringUtils;
import org.apache.archiva.redback.integration.interceptor.SecureActionBundle;
import org.apache.archiva.redback.integration.interceptor.SecureActionException;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
import javax.inject.Inject;
import java.util.Arrays;
import java.util.Map;
/**
* PasswordAction
*
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
*
*/
@Controller( "redback-password" )
@Scope( "prototype" )
public class PasswordAction
extends AbstractSecurityAction
implements CancellableAction
{
// ------------------------------------------------------------------
// Plexus Component Requirements
// ------------------------------------------------------------------
protected static final String CHANGE_PASSWORD_SUCCESS = "security-change-password-success";
/**
*
*/
@Inject
protected SecuritySystem securitySystem;
// ------------------------------------------------------------------
// Action Parameters
// ------------------------------------------------------------------
private String existingPassword;
private String newPassword;
private String newPasswordConfirm;
private String targetUrl;
private boolean provideExisting;
public String show()
{
provideExisting = StringUtils.isNotEmpty( getSecuritySession().getUser().getEncodedPassword() );
return INPUT;
}
public String submit()
{
final SecuritySession securitySession = getSecuritySession();
provideExisting = StringUtils.isNotEmpty( securitySession.getUser().getEncodedPassword() );
if ( StringUtils.isEmpty( newPassword ) )
{
addFieldError( "newPassword", getText( "newPassword.cannot.be.empty" ) );
}
if ( !StringUtils.equals( newPassword, newPasswordConfirm ) )
{
addFieldError( "newPassword", getText( "password.confimation.failed" ) );
}
User user = securitySession.getUser();
// Test existing Password.
PasswordEncoder encoder = securitySystem.getPolicy().getPasswordEncoder();
if ( provideExisting )
{
if ( !encoder.isPasswordValid( user.getEncodedPassword(), existingPassword ) )
{
addFieldError( "existingPassword", getText( "password.provided.does.not.match.existing" ) );
}
}
// Validate the Password.
try
{
User tempUser = securitySystem.getUserManager().createUser( "temp", "temp", "temp" );
tempUser.setPassword( newPassword );
securitySystem.getPolicy().validatePassword( tempUser );
}
catch ( PasswordRuleViolationException e )
{
PasswordRuleViolations violations = e.getViolations();
if ( violations != null )
{
for ( String violation : violations.getLocalizedViolations() )
{
addFieldError( "newPassword", violation );
}
}
}
// Toss error (if any exists)
if ( hasActionErrors() || hasFieldErrors() || hasActionMessages() )
{
newPassword = "";
newPasswordConfirm = "";
existingPassword = "";
return ERROR;
}
// We can save the new password.
try
{
String encodedPassword = encoder.encodePassword( newPassword );
user.setEncodedPassword( encodedPassword );
user.setPassword( newPassword );
// TODO: (address this) check once more for password policy, some policies may require additional information
// only available in the actual user object, perhaps the thing to do is add a deep cloning mechanism
// to user so we can validate this with a test user. Its ok to just set and test it here before
// setting the updateUser, but logically its better to maintain a clear separation here
securitySystem.getPolicy().validatePassword( user );
securitySystem.getUserManager().updateUser( user );
}
catch ( UserNotFoundException e )
{
addActionError( getText( "cannot.update.user.not.found", Arrays.asList( (Object) user.getUsername() ) ) );
addActionError( getText( "admin.deleted.account" ) );
return ERROR;
}
catch ( PasswordRuleViolationException e )
{
PasswordRuleViolations violations = e.getViolations();
if ( violations != null )
{
for ( String violation : violations.getLocalizedViolations() )
{
addFieldError( "newPassword", violation );
}
}
// [REDBACK-30] when the password is one of the previous 6, it throws exception here, but since the user
// object is in the session we need to clear out the encodedPassword otherwise the flow will change and think
// it needs to have existingPassword which isn't set on some reset password checks
if ( !provideExisting )
{
user.setEncodedPassword( "" );
user.setPassword( "" );
}
return ERROR;
}
log.info( "Password Change Request Success." );
String currentUser = getCurrentUser();
AuditEvent event = new AuditEvent( getText( "log.password.change" ) );
event.setAffectedUser( user.getUsername() );
event.setCurrentUser( currentUser );
event.log();
if ( !securitySession.isAuthenticated() )
{
log.debug( "User is not authenticated." );
return REQUIRES_AUTHENTICATION;
}
/*
* If provide existing is true, then this was a normal password change flow, if it is
* false then it is changing the password from the registration flow in which case direct to
* external link
*/
if ( !provideExisting )
{
return CHANGE_PASSWORD_SUCCESS;
}
else
{
if ( super.session != null )
{
Map<String, Object> map = (Map<String, Object>) super.session;
String url = "";
if ( map.containsKey( "targetUrl" ) )
{
url = map.remove( "targetUrl" ).toString();
log.info( "targetUrl is retrieved and removed from the session: {}", url );
}
else
{
log.info( "targetUrl is empty, redirect to change password success page" );
return CHANGE_PASSWORD_SUCCESS;
}
setTargetUrl( url );
}
return SUCCESS;
}
}
public String cancel()
{
return CANCEL;
}
// ------------------------------------------------------------------
// Parameter Accessor Methods
// ------------------------------------------------------------------
public String getExistingPassword()
{
return existingPassword;
}
public void setExistingPassword( String existingPassword )
{
this.existingPassword = existingPassword;
}
public String getNewPassword()
{
return newPassword;
}
public void setNewPassword( String newPassword )
{
this.newPassword = newPassword;
}
public String getNewPasswordConfirm()
{
return newPasswordConfirm;
}
public void setNewPasswordConfirm( String newPasswordConfirm )
{
this.newPasswordConfirm = newPasswordConfirm;
}
public boolean isProvideExisting()
{
return provideExisting;
}
public void setProvideExisting( boolean provideExisting )
{
// Do nothing.
}
public SecureActionBundle initSecureActionBundle()
throws SecureActionException
{
return SecureActionBundle.AUTHONLY;
}
public String getTargetUrl()
{
return targetUrl;
}
public void setTargetUrl( String targetUrl )
{
this.targetUrl = targetUrl;
}
}

View File

@ -1,153 +0,0 @@
package org.apache.archiva.redback.struts2.action;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.apache.archiva.redback.keys.KeyManager;
import org.apache.archiva.redback.policy.UserSecurityPolicy;
import org.apache.archiva.redback.users.UserManager;
import org.apache.archiva.redback.users.UserNotFoundException;
import org.apache.archiva.redback.keys.AuthenticationKey;
import org.apache.archiva.redback.keys.KeyManagerException;
import org.apache.archiva.redback.system.SecuritySystem;
import org.apache.archiva.redback.users.User;
import org.codehaus.plexus.util.StringUtils;
import org.apache.archiva.redback.integration.interceptor.SecureActionBundle;
import org.apache.archiva.redback.integration.interceptor.SecureActionException;
import org.apache.archiva.redback.integration.mail.Mailer;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
import javax.inject.Inject;
import java.util.Arrays;
/**
* PasswordResetAction
*
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
*
*/
@Controller( "redback-password-reset" )
@Scope( "prototype" )
public class PasswordResetAction
extends AbstractSecurityAction
implements CancellableAction
{
// ------------------------------------------------------------------
// Component Requirements
// ------------------------------------------------------------------
/**
*
*/
@Inject
private Mailer mailer;
/**
*
*/
@Inject
private SecuritySystem securitySystem;
private String username;
// ------------------------------------------------------------------
// Action Entry Points - (aka Names)
// ------------------------------------------------------------------
public String show()
{
return INPUT;
}
public String reset()
{
if ( StringUtils.isEmpty( username ) )
{
addFieldError( "username", getText( "username.cannot.be.empty" ) );
return INPUT;
}
UserManager userManager = securitySystem.getUserManager();
KeyManager keyManager = securitySystem.getKeyManager();
UserSecurityPolicy policy = securitySystem.getPolicy();
try
{
User user = userManager.findUser( username );
AuthenticationKey authkey = keyManager.createKey( username, "Password Reset Request",
policy.getUserValidationSettings().getEmailValidationTimeout() );
mailer.sendPasswordResetEmail( Arrays.asList( user.getEmail() ), authkey, getBaseUrl() );
AuditEvent event = new AuditEvent( getText( "log.password.reset.request" ) );
event.setAffectedUser( username );
event.log();
addActionMessage( getText( "password.reset.success" ) );
}
catch ( UserNotFoundException e )
{
// By default, the success and failure messages are the same.
// This is done to prevent a malicious user from attempting to ascertain the
// validity of usernames.
addActionMessage( getText( "password.reset.failure" ) );
log.info( "Password Reset on non-existant user [{}].", username );
}
catch ( KeyManagerException e )
{
addActionError( getText( "password.reset.email.generation.failure" ) );
log.info( "Unable to issue password reset.", e );
}
return INPUT;
}
// ------------------------------------------------------------------
// Security Specification
// ------------------------------------------------------------------
public SecureActionBundle initSecureActionBundle()
throws SecureActionException
{
return SecureActionBundle.OPEN;
}
public String cancel()
{
return NONE;
}
// ------------------------------------------------------------------
// Parameter Accessor Methods
// ------------------------------------------------------------------
public String getUsername()
{
return username;
}
public void setUsername( String username )
{
this.username = username;
}
}

View File

@ -1,47 +0,0 @@
package org.apache.archiva.redback.struts2.action;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import java.util.Map;
import org.apache.struts2.interceptor.SessionAware;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.opensymphony.xwork2.ActionSupport;
/**
*
* @author <a href="mailto:james@atlassian.com">James William Dumay</a>
*/
public abstract class RedbackActionSupport
extends ActionSupport
implements SessionAware
{
protected Logger log = LoggerFactory.getLogger( this.getClass() );
protected Map<String,Object> session;
public void setSession( Map<String, Object > map )
{
//noinspection AssignmentToCollectionOrArrayFieldFromParameter
this.session = map;
}
}

View File

@ -1,266 +0,0 @@
package org.apache.archiva.redback.struts2.action;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.apache.archiva.redback.keys.AuthenticationKey;
import org.apache.archiva.redback.policy.UserSecurityPolicy;
import org.apache.archiva.redback.role.RoleManager;
import org.apache.archiva.redback.role.RoleManagerException;
import org.apache.archiva.redback.users.User;
import org.apache.archiva.redback.keys.KeyManagerException;
import org.apache.archiva.redback.users.UserManager;
import org.apache.archiva.redback.users.UserNotFoundException;
import org.apache.archiva.redback.integration.interceptor.SecureActionBundle;
import org.apache.archiva.redback.integration.interceptor.SecureActionException;
import org.apache.archiva.redback.integration.mail.Mailer;
import org.apache.archiva.redback.integration.model.CreateUserCredentials;
import org.apache.archiva.redback.integration.security.role.RedbackRoleConstants;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
import javax.inject.Inject;
import java.util.Arrays;
/**
* RegisterAction
*
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
*
*/
@Controller( "redback-register" )
@Scope( "prototype" )
public class RegisterAction
extends AbstractUserCredentialsAction
implements CancellableAction
{
protected static final String REGISTER_SUCCESS = "security-register-success";
private static final String VALIDATION_NOTE = "validation-note";
private static final String RESEND_VALIDATION_EMAIL = "security-resend-validation-email";
// ------------------------------------------------------------------
// Component Requirements
// ------------------------------------------------------------------
/**
*
*/
@Inject
private Mailer mailer;
/**
*
*/
@Inject
private RoleManager roleManager;
private CreateUserCredentials user;
private boolean emailValidationRequired;
private String username;
// ------------------------------------------------------------------
// Action Entry Points - (aka Names)
// ------------------------------------------------------------------
public String show()
{
if ( user == null )
{
user = new CreateUserCredentials();
}
emailValidationRequired = securitySystem.getPolicy().getUserValidationSettings().isEmailValidationRequired();
return INPUT;
}
public String register()
{
if ( user == null )
{
user = new CreateUserCredentials();
addActionError( getText( "invalid.user.credentials" ) );
return ERROR;
}
UserSecurityPolicy securityPolicy = securitySystem.getPolicy();
emailValidationRequired = securityPolicy.getUserValidationSettings().isEmailValidationRequired();
internalUser = user;
if ( securityPolicy.getUserValidationSettings().isEmailValidationRequired() )
{
validateCredentialsLoose();
}
else
{
validateCredentialsStrict();
}
// NOTE: Do not perform Password Rules Validation Here.
UserManager manager = super.securitySystem.getUserManager();
if ( manager.userExists( user.getUsername() ) )
{
// Means that the role name doesn't exist.
// We need to fail fast and return to the previous page.
addActionError( getText( "user.already.exists", Arrays.asList( (Object) user.getUsername() ) ) );
}
if ( hasActionErrors() || hasFieldErrors() )
{
return ERROR;
}
User u = manager.createUser( user.getUsername(), user.getFullName(), user.getEmail() );
u.setPassword( user.getPassword() );
u.setValidated( false );
u.setLocked( false );
try
{
roleManager.assignRole( RedbackRoleConstants.REGISTERED_USER_ROLE_ID, u.getPrincipal().toString() );
}
catch ( RoleManagerException rpe )
{
addActionError( getText( "assign.role.failure" ) );
log.error( "RoleProfile Error: " + rpe.getMessage(), rpe );
return ERROR;
}
if ( securityPolicy.getUserValidationSettings().isEmailValidationRequired() )
{
u.setLocked( true );
try
{
AuthenticationKey authkey =
securitySystem.getKeyManager().createKey( u.getPrincipal().toString(), "New User Email Validation",
securityPolicy.getUserValidationSettings().getEmailValidationTimeout() );
mailer.sendAccountValidationEmail( Arrays.asList( u.getEmail() ), authkey, getBaseUrl() );
securityPolicy.setEnabled( false );
manager.addUser( u );
return VALIDATION_NOTE;
}
catch ( KeyManagerException e )
{
addActionError( getText( "cannot.register.user" ) );
log.error( "Unable to register a new user.", e );
return ERROR;
}
finally
{
securityPolicy.setEnabled( true );
}
}
else
{
manager.addUser( u );
}
AuditEvent event = new AuditEvent( getText( "log.account.create" ) );
event.setAffectedUser( username );
event.log();
return REGISTER_SUCCESS;
}
public String resendRegistrationEmail()
{
UserSecurityPolicy securityPolicy = securitySystem.getPolicy();
try
{
User user = super.securitySystem.getUserManager().findUser( username );
AuthenticationKey authkey =
securitySystem.getKeyManager().createKey( user.getPrincipal().toString(), "New User Email Validation",
securityPolicy.getUserValidationSettings().getEmailValidationTimeout() );
mailer.sendAccountValidationEmail( Arrays.asList( user.getEmail() ), authkey, getBaseUrl() );
return RESEND_VALIDATION_EMAIL;
}
catch ( KeyManagerException e )
{
addActionError( getText( "cannot.register.user" ) );
log.error( "Unable to register a new user.", e );
return ERROR;
}
catch ( UserNotFoundException e )
{
addActionError( getText( "cannot.find.user" ) );
log.error( "Unable to find user.", e );
return ERROR;
}
}
public String cancel()
{
return CANCEL;
}
// ------------------------------------------------------------------
// Parameter Accessor Methods
// ------------------------------------------------------------------
public CreateUserCredentials getUser()
{
return user;
}
public void setUser( CreateUserCredentials user )
{
this.user = user;
}
public boolean isEmailValidationRequired()
{
return emailValidationRequired;
}
public void setEmailValidationRequired( boolean emailValidationRequired )
{
this.emailValidationRequired = emailValidationRequired;
}
public String getUsername()
{
return username;
}
public void setUsername( String username )
{
this.username = username;
}
public SecureActionBundle initSecureActionBundle()
throws SecureActionException
{
return SecureActionBundle.OPEN;
}
}

View File

@ -1,58 +0,0 @@
package org.apache.archiva.redback.struts2.action;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.codehaus.plexus.util.StringUtils;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
/**
* SecurityRedirectAction
*
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
*
*/
@Controller( "redback-redirect" )
@Scope( "prototype" )
public class SecurityRedirectAction
extends RedbackActionSupport
{
private String externalResult;
public String redirect()
{
if ( StringUtils.isNotEmpty( externalResult ) )
{
return externalResult;
}
return SUCCESS;
}
public String getExternalResult()
{
return externalResult;
}
public void setExternalResult( String name )
{
this.externalResult = name;
}
}

View File

@ -1,44 +0,0 @@
package org.apache.archiva.redback.struts2.action.admin;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.apache.archiva.redback.struts2.action.AbstractUserCredentialsAction;
/**
* AbstractAdminUserCredentialsAction
*
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
*
*/
public abstract class AbstractAdminUserCredentialsAction
extends AbstractUserCredentialsAction
{
private String username;
public String getUsername()
{
return username;
}
public void setUsername( String username )
{
this.username = username;
}
}

View File

@ -1,289 +0,0 @@
package org.apache.archiva.redback.struts2.action.admin;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.apache.archiva.redback.authentication.AuthenticationException;
import org.apache.archiva.redback.configuration.UserConfiguration;
import org.apache.archiva.redback.policy.MustChangePasswordException;
import org.apache.archiva.redback.role.RoleManager;
import org.apache.archiva.redback.role.RoleManagerException;
import org.apache.archiva.redback.struts2.action.AuditEvent;
import org.apache.archiva.redback.users.UserManager;
import org.apache.struts2.ServletActionContext;
import org.apache.archiva.redback.authentication.AuthenticationConstants;
import org.apache.archiva.redback.authentication.AuthenticationDataSource;
import org.apache.archiva.redback.authentication.AuthenticationResult;
import org.apache.archiva.redback.authentication.PasswordBasedAuthenticationDataSource;
import org.apache.archiva.redback.policy.AccountLockedException;
import org.apache.archiva.redback.system.SecuritySession;
import org.apache.archiva.redback.users.User;
import org.apache.archiva.redback.users.UserNotFoundException;
import org.apache.archiva.redback.integration.interceptor.SecureActionBundle;
import org.apache.archiva.redback.integration.interceptor.SecureActionException;
import org.apache.archiva.redback.integration.model.EditUserCredentials;
import org.apache.archiva.redback.integration.util.AutoLoginCookies;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
import javax.inject.Inject;
import java.util.Arrays;
import java.util.Date;
/**
* AddAdminUserAction
*
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
*
*/
@Controller( "redback-admin-account" )
@Scope( "prototype" )
public class AddAdminUserAction
extends AbstractAdminUserCredentialsAction
{
private static final String LOGIN_ERROR = "login-error";
private static final String LOGIN_SUCCESS = "security-login-success";
private static final String PASSWORD_CHANGE = "security-must-change-password";
private static final String ACCOUNT_LOCKED = "security-login-locked";
@Inject
private RoleManager roleManager;
@Inject
private UserConfiguration config;
private EditUserCredentials user;
@Inject
private AutoLoginCookies autologinCookies;
public String show()
{
if ( user == null )
{
user = new EditUserCredentials( config.getString( "redback.default.admin" ) );
}
return INPUT;
}
/**
* TODO this must done in a service !!
* @return
*/
public String submit()
{
if ( user == null )
{
user = new EditUserCredentials( config.getString( "redback.default.admin" ) );
addActionError( getText( "invalid.admin.credentials" ) );
return ERROR;
}
log.info( "user = {}", user );
internalUser = user;
validateCredentialsStrict();
UserManager userManager = super.securitySystem.getUserManager();
if ( userManager.userExists( config.getString( "redback.default.admin" ) ) )
{
// Means that the role name exist already.
// We need to fail fast and return to the previous page.
addActionError( getText( "admin.user.already.exists" ) );
return ERROR;
}
if ( hasActionErrors() || hasFieldErrors() )
{
return ERROR;
}
User u =
userManager.createUser( config.getString( "redback.default.admin" ), user.getFullName(), user.getEmail() );
if ( u == null )
{
addActionError( getText( "cannot.operate.on.null.user" ) );
return ERROR;
}
u.setPassword( user.getPassword() );
u.setLocked( false );
u.setPasswordChangeRequired( false );
u.setPermanent( true );
userManager.addUser( u );
AuditEvent event = new AuditEvent( getText( "log.account.create" ) );
event.setAffectedUser( u.getUsername() );
event.log();
try
{
roleManager.assignRole( "system-administrator", u.getPrincipal().toString() );
event = new AuditEvent( getText( "log.assign.role" ) );
event.setAffectedUser( u.getUsername() );
event.setRole( "system-administrator" );
event.log();
}
catch ( RoleManagerException rpe )
{
addActionError( getText( "cannot.assign.admin.role" ) );
return ERROR;
}
PasswordBasedAuthenticationDataSource authdatasource = new PasswordBasedAuthenticationDataSource();
authdatasource.setPrincipal( user.getUsername() );
authdatasource.setPassword( user.getPassword() );
return webLogin( authdatasource );
}
public EditUserCredentials getUser()
{
return user;
}
public void setUser( EditUserCredentials user )
{
this.user = user;
}
public SecureActionBundle initSecureActionBundle()
throws SecureActionException
{
return SecureActionBundle.OPEN;
}
/**
* 1) attempts to authentication based on the passed in data source
* 2) if successful sets cookies and returns LOGIN_SUCCESS
* 3) if failure then check what kinda failure and return error
*
* @param authdatasource
* @return
*/
private String webLogin( AuthenticationDataSource authdatasource )
{
// An attempt should log out your authentication tokens first!
setAuthTokens( null );
clearErrorsAndMessages();
String principal = authdatasource.getPrincipal();
try
{
SecuritySession securitySession = securitySystem.authenticate( authdatasource );
if ( securitySession.getAuthenticationResult().isAuthenticated() )
{
// Success! Create tokens.
setAuthTokens( securitySession );
setCookies( authdatasource );
AuditEvent event = new AuditEvent( getText( "log.login.success" ) );
event.setAffectedUser( principal );
event.log();
User u = securitySession.getUser();
u.setLastLoginDate( new Date() );
securitySystem.getUserManager().updateUser( u );
return LOGIN_SUCCESS;
}
else
{
log.debug( "Login Action failed against principal : {}",
securitySession.getAuthenticationResult().getPrincipal(),
securitySession.getAuthenticationResult().getException() );
AuthenticationResult result = securitySession.getAuthenticationResult();
if ( result.getExceptionsMap() != null && !result.getExceptionsMap().isEmpty() )
{
if ( result.getExceptionsMap().get( AuthenticationConstants.AUTHN_NO_SUCH_USER ) != null )
{
addActionError( getText( "incorrect.username.password" ) );
}
else
{
addActionError( getText( "authentication.failed" ) );
}
}
else
{
addActionError( getText( "authentication.failed" ) );
}
AuditEvent event = new AuditEvent( getText( "log.login.fail" ) );
event.setAffectedUser( principal );
event.log();
return LOGIN_ERROR;
}
}
catch ( AuthenticationException ae )
{
addActionError( getText( "authentication.exception", Arrays.asList( (Object) ae.getMessage() ) ) );
return LOGIN_ERROR;
}
catch ( UserNotFoundException ue )
{
addActionError(
getText( "user.not.found.exception", Arrays.asList( (Object) principal, ue.getMessage() ) ) );
AuditEvent event = new AuditEvent( getText( "log.login.fail" ) );
event.setAffectedUser( principal );
event.log();
return LOGIN_ERROR;
}
catch ( AccountLockedException e )
{
addActionError( getText( "account.locked" ) );
AuditEvent event = new AuditEvent( getText( "log.login.fail.locked" ) );
event.setAffectedUser( principal );
event.log();
return ACCOUNT_LOCKED;
}
catch ( MustChangePasswordException e )
{
// TODO: preferably we would not set the cookies for this "partial" login state
setCookies( authdatasource );
AuditEvent event = new AuditEvent( getText( "log.login.fail.locked" ) );
event.setAffectedUser( principal );
event.log();
return PASSWORD_CHANGE;
}
}
private void setCookies( AuthenticationDataSource authdatasource )
{
autologinCookies.setSignonCookie( authdatasource.getPrincipal(), ServletActionContext.getResponse(),
ServletActionContext.getRequest() );
}
}

View File

@ -1,61 +0,0 @@
package org.apache.archiva.redback.struts2.action.admin;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.apache.archiva.redback.rbac.Resource;
import org.apache.archiva.redback.struts2.action.AbstractSecurityAction;
import org.apache.archiva.redback.integration.interceptor.SecureActionBundle;
import org.apache.archiva.redback.integration.interceptor.SecureActionException;
import org.apache.archiva.redback.integration.role.RoleConstants;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
/**
* AdminConsoleAction
*
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
*
*/
@Controller("redback-admin-console")
@Scope("prototype")
public class AdminConsoleAction
extends AbstractSecurityAction
{
public String show()
{
return INPUT;
}
public SecureActionBundle initSecureActionBundle()
throws SecureActionException
{
SecureActionBundle bundle = new SecureActionBundle();
bundle.setRequiresAuthentication( true );
bundle.addRequiredAuthorization( RoleConstants.CONFIGURATION_EDIT_OPERATION, Resource.GLOBAL );
bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_RBAC_ADMIN_OPERATION, Resource.GLOBAL );
bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_ROLE_DROP_OPERATION, Resource.GLOBAL );
bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_ROLE_GRANT_OPERATION, Resource.GLOBAL );
bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_USER_CREATE_OPERATION, Resource.GLOBAL );
bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_USER_DELETE_OPERATION, Resource.GLOBAL );
bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_USER_EDIT_OPERATION, Resource.GLOBAL );
bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_USER_LIST_OPERATION, Resource.GLOBAL );
return bundle;
}
}

View File

@ -1,467 +0,0 @@
package org.apache.archiva.redback.struts2.action.admin;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.apache.archiva.redback.rbac.Resource;
import org.apache.archiva.redback.rbac.Role;
import org.apache.archiva.redback.rbac.UserAssignment;
import org.apache.archiva.redback.role.RoleManager;
import org.apache.archiva.redback.role.model.ModelApplication;
import org.apache.archiva.redback.struts2.action.AbstractUserCredentialsAction;
import org.apache.archiva.redback.users.User;
import org.apache.archiva.redback.users.UserNotFoundException;
import org.apache.archiva.redback.rbac.RbacManagerException;
import org.apache.archiva.redback.struts2.action.AuditEvent;
import org.apache.archiva.redback.struts2.model.ApplicationRoleDetails;
import org.apache.archiva.redback.struts2.model.ApplicationRoleDetails.RoleTableCell;
import org.apache.archiva.redback.users.UserManager;
import org.codehaus.plexus.util.StringUtils;
import org.apache.archiva.redback.integration.interceptor.SecureActionBundle;
import org.apache.archiva.redback.integration.interceptor.SecureActionException;
import org.apache.archiva.redback.integration.model.AdminEditUserCredentials;
import org.apache.archiva.redback.integration.role.RoleConstants;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
import javax.inject.Inject;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
/**
* AssignmentsAction
*
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
*
*/
@Controller("redback-assignments")
@Scope("prototype")
public class AssignmentsAction
extends AbstractUserCredentialsAction
{
// ------------------------------------------------------------------
// Component Requirements
// ------------------------------------------------------------------
/**
* role-hint="default"
*/
@Inject
private RoleManager rmanager;
// ------------------------------------------------------------------
// Action Parameters
// ------------------------------------------------------------------
private String principal;
private AdminEditUserCredentials user;
/**
* A List of {@link Role} objects.
*/
private List<Role> assignedRoles;
/**
* A List of {@link Role} objects.
*/
private List<Role> availableRoles;
private List<Role> effectivelyAssignedRoles;
/**
* List of names (received from client) of dynamic roles to set/unset
*/
private List<String> addDSelectedRoles;
/**
* List of names (received from client) of nondynamic roles to set/unset
*/
private List<String> addNDSelectedRoles;
private List<Role> nondynamicroles;
private List<Role> dynamicroles;
private List<String> NDRoles;
private List<String> DRoles;
private List<ApplicationRoleDetails> applicationRoleDetails = new ArrayList<ApplicationRoleDetails>();
// ------------------------------------------------------------------
// Action Entry Points - (aka Names)
// ------------------------------------------------------------------
public List<ApplicationRoleDetails> getApplicationRoleDetails()
{
return applicationRoleDetails;
}
/**
* Display the edit user panel. <p/> This should consist of the Role details for the specified user. <p/> A table of
* currently assigned roles. This table should have a column to remove the role from the user. This table should
* also have a column of checkboxes that can be selected and then removed from the user. <p/> A table of roles that
* can be assigned. This table should have a set of checkboxes that can be selected and then added to the user. <p/>
* Duplicate role assignment needs to be taken care of.
*
* @throws RbacManagerException
* @throws org.apache.archiva.redback.rbac.RbacObjectNotFoundException
*/
@SuppressWarnings( "unchecked" )
public String show()
throws RbacManagerException
{
this.addNDSelectedRoles = new ArrayList<String>();
this.addDSelectedRoles = new ArrayList<String>();
if ( StringUtils.isEmpty( principal ) )
{
addActionError( getText( "rbac.edit.user.empty.principal" ) );
return ERROR;
}
UserManager userManager = super.securitySystem.getUserManager();
if ( !userManager.userExists( principal ) )
{
addActionError( getText( "user.does.not.exist", new String[]{principal} ) );
return ERROR;
}
try
{
User u = userManager.findUser( principal );
if ( u == null )
{
addActionError( getText( "cannot.operate.on.null.user" ) );
return ERROR;
}
user = new AdminEditUserCredentials( u );
}
catch ( UserNotFoundException e )
{
addActionError( getText( "user.not.found.exception", Arrays.asList( ( Object ) principal, e.getMessage() ) ) );
return ERROR;
}
// check first if role assignments for user exist
if ( !getManager().userAssignmentExists( principal ) )
{
UserAssignment assignment = getManager().createUserAssignment( principal );
getManager().saveUserAssignment( assignment );
}
List<Role> assignableRoles = getFilteredRolesForCurrentUserAccess();
List<ApplicationRoleDetails> appRoleDetails = lookupAppRoleDetails( principal, assignableRoles );
applicationRoleDetails.addAll( appRoleDetails );
return SUCCESS;
}
@SuppressWarnings( "unchecked" )
private List<ApplicationRoleDetails> lookupAppRoleDetails( String principal, List<Role> assignableRoles )
throws RbacManagerException
{
List<ApplicationRoleDetails> appRoleDetails = new ArrayList<ApplicationRoleDetails>();
for ( Iterator<ModelApplication> i = rmanager.getModel().getApplications().iterator(); i.hasNext(); )
{
ModelApplication application = i.next();
ApplicationRoleDetails details =
new ApplicationRoleDetails( application, getManager().getEffectivelyAssignedRoles( principal ),
getManager().getAssignedRoles( principal ), assignableRoles );
appRoleDetails.add( details );
}
return appRoleDetails;
}
/**
* Applies role additions and removals and then displays the edit user panel.
*
* @return
*/
public String edituser()
{
try
{
Collection<Role> assignedRoles = getManager().getAssignedRoles( principal );
List<Role> assignableRoles = getFilteredRolesForCurrentUserAccess();
// Compute set of roles usable by configured apps, add/del from this set only
List<ApplicationRoleDetails> appRoleDetails = lookupAppRoleDetails( principal, assignableRoles );
applicationRoleDetails.addAll( appRoleDetails );
Set<String> availableAppRoleNames = new HashSet<String>();
for ( ApplicationRoleDetails appRoleDetail : applicationRoleDetails )
{
availableAppRoleNames.addAll( appRoleDetail.getAssignedRoles() );
availableAppRoleNames.addAll( appRoleDetail.getAvailableRoles() );
// Add dynamic roles offered on page
for ( List<RoleTableCell> row : appRoleDetail.getTable() )
{
for ( RoleTableCell col : row )
{
if ( !col.isLabel() )
{
availableAppRoleNames.add( col.getName() );
}
}
}
}
Set<Role> availableRoles = new HashSet<Role>( assignedRoles );
availableRoles.addAll( assignableRoles );
// Filter the available roles so we only consider configured app roles
Iterator<Role> availableRoleIterator = availableRoles.iterator();
while ( availableRoleIterator.hasNext() )
{
Role availableRole = availableRoleIterator.next();
if ( !availableAppRoleNames.contains( availableRole.getName() ) )
{
availableRoleIterator.remove();
}
}
List<String> selectedRoleNames = new ArrayList<String>();
addSelectedRoles( availableRoles, selectedRoleNames, addNDSelectedRoles );
addSelectedRoles( availableRoles, selectedRoleNames, addDSelectedRoles );
List<String> newRoles = new ArrayList<String>( selectedRoleNames );
String currentUser = getCurrentUser();
for ( Role assignedRole : assignedRoles )
{
if ( !selectedRoleNames.contains( assignedRole.getName() ) )
{
// removing a currently assigned role, check if we have permission
if ( !availableRoles.contains( assignedRole )
|| !checkRoleName( assignableRoles, assignedRole.getName() ) )
{
// it may have not been on the page. Leave it assigned.
selectedRoleNames.add( assignedRole.getName() );
}
else
{
String role = assignedRole.getName();
AuditEvent event = new AuditEvent( getText( "log.revoke.role" ) );
event.setAffectedUser( principal );
event.setRole( role );
event.setCurrentUser( currentUser );
event.log();
}
}
else
{
newRoles.remove( assignedRole.getName() );
}
}
for ( String r : newRoles )
{
AuditEvent event = new AuditEvent( getText( "log.assign.role" ) );
event.setAffectedUser( principal );
event.setRole( r );
event.setCurrentUser( currentUser );
event.log();
}
UserAssignment assignment;
if ( getManager().userAssignmentExists( principal ) )
{
assignment = getManager().getUserAssignment( principal );
}
else
{
assignment = getManager().createUserAssignment( principal );
}
assignment.setRoleNames( selectedRoleNames );
assignment = getManager().saveUserAssignment( assignment );
}
catch ( RbacManagerException ne )
{
addActionError( getText( "error.removing.selected.roles", Arrays.asList( ( Object ) ne.getMessage() ) ) );
return ERROR;
}
return SUCCESS;
}
private void addSelectedRoles( Collection<Role> assignableRoles, List<String> roles, List<String> selectedRoles )
{
if ( selectedRoles != null )
{
for ( String r : selectedRoles )
{
if ( checkRoleName( assignableRoles, r ) )
{
roles.add( r );
}
}
}
}
private boolean checkRoleName( Collection<Role> assignableRoles, String r )
{
for ( Role role : assignableRoles )
{
if ( role.getName().equals( r ) )
{
return true;
}
}
return false;
}
// ------------------------------------------------------------------
// Parameter Accessor Methods
// ------------------------------------------------------------------
public List<Role> getAssignedRoles()
{
return assignedRoles;
}
public void setAssignedRoles( List<Role> assignedRoles )
{
this.assignedRoles = assignedRoles;
}
public List<Role> getAvailableRoles()
{
return availableRoles;
}
public void setAvailableRoles( List<Role> availableRoles )
{
this.availableRoles = availableRoles;
}
public List<Role> getEffectivelyAssignedRoles()
{
return effectivelyAssignedRoles;
}
public void setEffectivelyAssignedRoles( List<Role> effectivelyAssignedRoles )
{
this.effectivelyAssignedRoles = effectivelyAssignedRoles;
}
public String getPrincipal()
{
return principal;
}
public void setPrincipal( String principal )
{
this.principal = principal;
}
public void setUsername( String username )
{
this.principal = username;
}
public AdminEditUserCredentials getUser()
{
return user;
}
public SecureActionBundle initSecureActionBundle()
throws SecureActionException
{
SecureActionBundle bundle = new SecureActionBundle();
bundle.setRequiresAuthentication( true );
bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_USER_EDIT_OPERATION, Resource.GLOBAL );
bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_RBAC_ADMIN_OPERATION, Resource.GLOBAL );
bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_ROLE_GRANT_OPERATION, Resource.GLOBAL );
bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_ROLE_DROP_OPERATION, Resource.GLOBAL );
bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_USER_ROLE_OPERATION, Resource.GLOBAL );
return bundle;
}
public List<Role> getNondynamicroles()
{
return nondynamicroles;
}
public void setNondynamicroles( List<Role> nondynamicroles )
{
this.nondynamicroles = nondynamicroles;
}
public List<Role> getDynamicroles()
{
return dynamicroles;
}
public void setDynamicroles( List<Role> dynamicroles )
{
this.dynamicroles = dynamicroles;
}
public List<String> getNDRoles()
{
return NDRoles;
}
public void setNDRoles( List<String> roles )
{
NDRoles = roles;
}
public List<String> getDRoles()
{
return DRoles;
}
public void setDRoles( List<String> roles )
{
DRoles = roles;
}
public List<String> getAddDSelectedRoles()
{
return addDSelectedRoles;
}
public void setAddDSelectedRoles( List<String> addDSelectedRoles )
{
this.addDSelectedRoles = addDSelectedRoles;
}
public List<String> getAddNDSelectedRoles()
{
return addNDSelectedRoles;
}
public void setAddNDSelectedRoles( List<String> addNDSelectedRoles )
{
this.addNDSelectedRoles = addNDSelectedRoles;
}
}

View File

@ -1,70 +0,0 @@
package org.apache.archiva.redback.struts2.action.admin;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import java.io.File;
import java.util.Date;
/**
* A record of a backup directory for displaying the backup/restore page.
*/
public class BackupRecord
implements Comparable<BackupRecord>
{
private final File directory;
private final Date date;
private final boolean userDatabase;
public BackupRecord( File directory )
{
this.directory = directory;
this.date = new Date( directory.lastModified() );
this.userDatabase = new File( directory, "users.xml" ).exists();
}
public File getDirectory()
{
return directory;
}
public Date getDate()
{
return date;
}
public boolean isUserDatabase()
{
return userDatabase;
}
public boolean isValidBackup()
{
return userDatabase;
}
public int compareTo( BackupRecord record )
{
return record.date.compareTo( this.date );
}
}

View File

@ -1,299 +0,0 @@
package org.apache.archiva.redback.struts2.action.admin;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import com.opensymphony.xwork2.Preparable;
import org.apache.archiva.redback.rbac.RBACManager;
import org.apache.archiva.redback.rbac.Resource;
import org.apache.archiva.redback.struts2.action.AbstractSecurityAction;
import org.apache.commons.lang.StringUtils;
import org.apache.archiva.redback.keys.KeyManager;
import org.apache.archiva.redback.management.DataManagementTool;
import org.apache.archiva.redback.users.UserManager;
import org.apache.archiva.redback.integration.interceptor.SecureAction;
import org.apache.archiva.redback.integration.interceptor.SecureActionBundle;
import org.apache.archiva.redback.integration.interceptor.SecureActionException;
import org.apache.archiva.redback.integration.role.RoleConstants;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
import javax.inject.Inject;
import javax.inject.Named;
import java.io.File;
import java.io.IOException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.List;
import java.util.Locale;
/**
* BackupRestoreAction
*/
@Controller( "backup-restore" )
@Scope( "prototype" )
public class BackupRestoreAction
extends AbstractSecurityAction
implements SecureAction, Preparable
{
public final static String CUSTOM_ERROR = "custom_error";
/**
*
*/
private File applicationHome = new File( "data" );
/**
* role-hint="jdo"
*/
@Inject
private DataManagementTool dataManagementTool;
/**
* role-hint="jdo"
*/
@Inject
@Named( value = "rBACManager#jdo" )
private RBACManager rbacManager;
/**
* role-hint="jdo"
*/
@Inject
@Named( value = "userManager#jdo" )
private UserManager userManager;
/**
* role-hint="jdo"
*/
@Inject
@Named( value = "keyManager#jdo" )
private KeyManager keyManager;
private File backupDirectory;
private String restoreDirectory;
private List<BackupRecord> previousBackups;
private boolean confirmed;
public static final String BACKUP_DIRECTORY = "user-backup-directory";
public String view()
throws Exception
{
retrievePreviousBackups();
return SUCCESS;
}
public String backup()
throws Exception
{
File backupDirectory = getTimestampedBackupDirectory();
backupDirectory.mkdirs();
log.info( "Backing up security database to {}", backupDirectory );
this.backupDatabase( backupDirectory );
log.info( "Done backing up security database" );
return SUCCESS;
}
public String restore()
throws Exception
{
if ( StringUtils.isEmpty( restoreDirectory ) )
{
addActionError( getText( "backupRestore.backup.empty.error" ) );
return CUSTOM_ERROR;
}
File restoreDirectory = new File( this.restoreDirectory );
boolean fileExists = restoreDirectory.exists() && restoreDirectory.isDirectory();
boolean isValidBackup = false;
if ( fileExists )
{
BackupRecord record = new BackupRecord( restoreDirectory );
isValidBackup = record.isValidBackup();
}
if ( !fileExists )
{
log.warn( "Backup: " + this.restoreDirectory + " not found." );
addActionError( getText( "backupRestore.backup.error" ) );
retrievePreviousBackups();
return CUSTOM_ERROR;
}
else if ( !isValidBackup )
{
log.warn( "Backup: " + this.restoreDirectory + " is not a valid backup directory." );
addActionError( getText( "backupRestore.backup.error" ) );
retrievePreviousBackups();
return CUSTOM_ERROR;
}
log.info( "Restoring security database from {}", this.restoreDirectory );
this.eraseDatabase();
this.restoreDatabase( restoreDirectory );
log.info( "Done restoring security database" );
return SUCCESS;
}
private void backupDatabase( File backupDirectory )
throws Exception
{
dataManagementTool.backupKeyDatabase( keyManager, backupDirectory );
dataManagementTool.backupRBACDatabase( rbacManager, backupDirectory );
dataManagementTool.backupUserDatabase( userManager, backupDirectory );
}
private void eraseDatabase()
{
dataManagementTool.eraseKeysDatabase( keyManager );
dataManagementTool.eraseRBACDatabase( rbacManager );
dataManagementTool.eraseUsersDatabase( userManager );
}
private void restoreDatabase( File backupDirectory )
throws Exception
{
dataManagementTool.restoreKeysDatabase( keyManager, backupDirectory );
dataManagementTool.restoreRBACDatabase( rbacManager, backupDirectory );
dataManagementTool.restoreUsersDatabase( userManager, backupDirectory );
}
public String getRestoreDirectory()
{
return restoreDirectory;
}
public void setRestoreDirectory( String restoreDirectory )
{
this.restoreDirectory = restoreDirectory;
}
private File getTimestampedBackupDirectory()
{
SimpleDateFormat dateFormat = new SimpleDateFormat( "yyyyMMdd.HHmmss", Locale.US );
return new File( this.backupDirectory, dateFormat.format( new Date() ) );
}
public File getBackupDirectory()
{
return backupDirectory;
}
public List<BackupRecord> getPreviousBackups()
{
return previousBackups;
}
public void prepare()
{
backupDirectory = this.getFile( BACKUP_DIRECTORY );
retrievePreviousBackups();
}
private void retrievePreviousBackups()
{
previousBackups = new ArrayList<BackupRecord>();
File[] files = backupDirectory.listFiles();
if ( files != null )
{
for ( int i = 0; i < files.length; i++ )
{
File f = files[i];
if ( f.isDirectory() && !f.getName().startsWith( "." ) )
{
BackupRecord record = new BackupRecord( f );
if ( record.isValidBackup() )
{
previousBackups.add( record );
}
}
}
}
Collections.sort( previousBackups );
}
public boolean isConfirmed()
{
return confirmed;
}
public void setConfirmed( boolean confirmed )
{
this.confirmed = confirmed;
}
@Override
public SecureActionBundle initSecureActionBundle()
throws SecureActionException
{
SecureActionBundle bundle = new SecureActionBundle();
bundle.setRequiresAuthentication( true );
bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_MANAGE_DATA, Resource.GLOBAL );
return bundle;
}
public File getFile( String filename )
{
if ( filename == null )
{
return null;
}
File f = null;
if ( filename != null && filename.length() != 0 )
{
f = new File( filename );
if ( !f.isAbsolute() )
{
f = new File( applicationHome, filename );
}
}
try
{
return f.getCanonicalFile();
}
catch ( IOException e )
{
return f;
}
}
}

View File

@ -1,544 +0,0 @@
package org.apache.archiva.redback.struts2.action.admin;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.apache.archiva.redback.rbac.Permission;
import org.apache.archiva.redback.rbac.RbacManagerException;
import org.apache.archiva.redback.rbac.Resource;
import org.apache.archiva.redback.rbac.Role;
import org.apache.archiva.redback.rbac.UserAssignment;
import org.apache.archiva.redback.users.User;
import org.apache.commons.lang.StringEscapeUtils;
import org.apache.archiva.redback.struts2.action.AbstractUserCredentialsAction;
import org.apache.archiva.redback.struts2.action.AuditEvent;
import org.apache.archiva.redback.users.UserManager;
import org.apache.archiva.redback.users.UserNotFoundException;
import org.codehaus.plexus.util.StringUtils;
import org.apache.archiva.redback.integration.interceptor.SecureActionBundle;
import org.apache.archiva.redback.integration.interceptor.SecureActionException;
import org.apache.archiva.redback.integration.security.role.RedbackRoleConstants;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
/**
* EditRoleAction
*
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
*
*/
@Controller( "redback-role-edit" )
@Scope( "prototype" )
public class EditRoleAction
extends AbstractUserCredentialsAction
{
// ------------------------------------------------------------------
// Action Parameters
// ------------------------------------------------------------------
private String name;
private String description;
private String newDescription;
private List<String> childRoleNames = new ArrayList<String>();
private List<String> parentRoleNames = new ArrayList<String>();
private List<Permission> permissions = new ArrayList<Permission>();
private List<User> users = new ArrayList<User>();
private List<User> parentUsers = new ArrayList<User>();
private List<User> allUsers = new ArrayList<User>();
private List<String> usersList = new ArrayList<String>();
private List<String> availableUsers = new ArrayList<String>();
private List<String> currentUsers = new ArrayList<String>();
// ------------------------------------------------------------------
// Action Entry Points - (aka Names)
// ------------------------------------------------------------------
public String input()
{
if ( name == null )
{
addActionError( getText( "cannot.edit.null.role" ) );
return ERROR;
}
if ( StringUtils.isEmpty( name ) )
{
addActionError( getText( "cannot.edit.empty.role" ) );
return ERROR;
}
name = StringEscapeUtils.escapeXml( name );
if ( !getManager().roleExists( name ) )
{
// Means that the role name doesn't exist.
// We should exit early and not attempt to look up the role information.
return INPUT;
}
try
{
if ( !isAuthorized() )
{
log.warn( getCurrentUser() + " isn't authorized to access to the role '" + name + "'" );
addActionError( getText( "alert.message" ) );
return ERROR;
}
Role role = getManager().getRole( name );
if ( role == null )
{
addActionError( getText( "cannot.operate.null.role" ) );
return ERROR;
}
description = role.getDescription();
childRoleNames = role.getChildRoleNames();
Map<String, Role> parentRoles = getManager().getParentRoles( role );
for ( String roleName : parentRoles.keySet() )
{
parentRoleNames.add( roleName );
}
permissions = role.getPermissions();
//Get users of the current role
List<String> roles = new ArrayList<String>();
roles.add( name );
List<UserAssignment> userAssignments = getManager().getUserAssignmentsForRoles( roles );
users = new ArrayList<User>();
if ( userAssignments != null )
{
for ( UserAssignment userAssignment : userAssignments )
{
try
{
User user = getUserManager().findUser( userAssignment.getPrincipal() );
users.add( user );
}
catch ( UserNotFoundException e )
{
log.warn( "User '" + userAssignment.getPrincipal() + "' doesn't exist.", e );
}
}
}
//Get users of the parent roles
parentUsers = new ArrayList<User>();
if ( !parentRoles.isEmpty() )
{
List<UserAssignment> userParentAssignments =
getManager().getUserAssignmentsForRoles( parentRoles.keySet() );
if ( userParentAssignments != null )
{
for ( UserAssignment userAssignment : userParentAssignments )
{
try
{
User user = getUserManager().findUser( userAssignment.getPrincipal() );
parentUsers.add( user );
}
catch ( UserNotFoundException e )
{
log.warn( "User '" + userAssignment.getPrincipal() + "' doesn't exist.", e );
}
}
}
}
}
catch ( RbacManagerException e )
{
List<Object> list = new ArrayList<Object>();
list.add( name );
list.add( e.getMessage() );
addActionError( getText( "cannot.get.role", list ) );
return ERROR;
}
return INPUT;
}
private boolean isAuthorized()
throws RbacManagerException
{
List<Role> assignableRoles = getFilteredRolesForCurrentUserAccess();
boolean updatableRole = false;
for ( Role r : assignableRoles )
{
if ( r.getName().equalsIgnoreCase( name ) )
{
updatableRole = true;
}
}
return updatableRole;
}
public String edit()
{
String result = input();
if ( ERROR.equals( result ) )
{
return result;
}
newDescription = description;
//TODO: Remove all users defined in parent roles too
allUsers = getUserManager().getUsers();
for ( User user : users )
{
if ( allUsers.contains( user ) )
{
allUsers.remove( user );
}
}
for ( User user : parentUsers )
{
if ( allUsers.contains( user ) )
{
allUsers.remove( user );
}
}
return result;
}
public String save()
{
String result = input();
if ( ERROR.equals( result ) )
{
return result;
}
if ( name == null )
{
addActionError( getText( "cannot.edit.null.role" ) );
return ERROR;
}
if ( StringUtils.isEmpty( name ) )
{
addActionError( getText( "cannot.edit.empty.role" ) );
return ERROR;
}
try
{
Role role;
if ( getManager().roleExists( name ) )
{
role = getManager().getRole( name );
}
else
{
role = getManager().createRole( name );
}
//TODO: allow to modify childRoleNames and permissions
role.setDescription( newDescription );
//role.setChildRoleNames( childRoleNames );
//role.setPermissions( permissions );
getManager().saveRole( role );
List<Object> list = new ArrayList<Object>();
list.add( name );
String currentUser = getCurrentUser();
AuditEvent event = new AuditEvent( getText( "log.role.edit" ) );
event.setRole( name );
event.setCurrentUser( currentUser );
event.log();
addActionMessage( getText( "save.role.success", list ) );
}
catch ( RbacManagerException e )
{
List<Object> list = new ArrayList<Object>();
list.add( name );
list.add( e.getMessage() );
addActionError( getText( "cannot.get.role", list ) );
return ERROR;
}
return SUCCESS;
}
public String addUsers()
{
if ( availableUsers == null || availableUsers.isEmpty() )
{
return INPUT;
}
for ( String principal : availableUsers )
{
if ( !getUserManager().userExists( principal ) )
{
// Means that the role name doesn't exist.
// We need to fail fast and return to the previous page.
List<Object> list = new ArrayList<Object>();
list.add( principal );
addActionError( getText( "user.does.not.exist", list ) );
return ERROR;
}
try
{
UserAssignment assignment;
if ( getManager().userAssignmentExists( principal ) )
{
assignment = getManager().getUserAssignment( principal );
}
else
{
assignment = getManager().createUserAssignment( principal );
}
assignment.addRoleName( name );
assignment = getManager().saveUserAssignment( assignment );
log.info( "{} role assigned to {}", name, principal );
}
catch ( RbacManagerException e )
{
List<Object> list = new ArrayList<Object>();
list.add( principal );
list.add( e.getMessage() );
addActionError( getText( "cannot.assign.role", list ) );
return ERROR;
}
}
edit();
return SUCCESS;
}
public String removeUsers()
{
if ( currentUsers == null || currentUsers.isEmpty() )
{
return INPUT;
}
for ( String principal : currentUsers )
{
if ( !getUserManager().userExists( principal ) )
{
// Means that the role name doesn't exist.
// We need to fail fast and return to the previous page.
List<Object> list = new ArrayList<Object>();
list.add( principal );
addActionError( getText( "user.does.not.exist", list ) );
return ERROR;
}
try
{
UserAssignment assignment;
if ( getManager().userAssignmentExists( principal ) )
{
assignment = getManager().getUserAssignment( principal );
}
else
{
assignment = getManager().createUserAssignment( principal );
}
assignment.removeRoleName( name );
assignment = getManager().saveUserAssignment( assignment );
log.info( "{} role unassigned to {}", name, principal );
}
catch ( RbacManagerException e )
{
List<Object> list = new ArrayList<Object>();
list.add( principal );
list.add( e.getMessage() );
addActionError( getText( "cannot.assign.role", list ) );
return ERROR;
}
}
edit();
return SUCCESS;
}
private UserManager getUserManager()
{
return securitySystem.getUserManager();
}
// ------------------------------------------------------------------
// Parameter Accessor Methods
// ------------------------------------------------------------------
public String getName()
{
return name;
}
public void setName( String roleName )
{
this.name = roleName;
}
public List<String> getChildRoleNames()
{
return childRoleNames;
}
public void setChildRoleNames( List<String> childRoleNames )
{
this.childRoleNames = childRoleNames;
}
public String getDescription()
{
return description;
}
public void setDescription( String description )
{
this.description = description;
}
public String getNewDescription()
{
return newDescription;
}
public void setNewDescription( String newDescription )
{
this.newDescription = newDescription;
}
public List<Permission> getPermissions()
{
return permissions;
}
public void setPermissions( List<Permission> permissions )
{
this.permissions = permissions;
}
public List<User> getUsers()
{
return users;
}
public void setUsers( List<User> users )
{
this.users = users;
}
public List<User> getAllUsers()
{
return allUsers;
}
public void setAllUsers( List<User> allUsers )
{
this.allUsers = allUsers;
}
public List<String> getUsersList()
{
return usersList;
}
public void setUsersList( List<String> usersList )
{
this.usersList = usersList;
}
public List<String> getAvailableUsers()
{
return availableUsers;
}
public void setAvailableUsers( List<String> availableUsers )
{
this.availableUsers = availableUsers;
}
public List<String> getCurrentUsers()
{
return currentUsers;
}
public void setCurrentUsers( List<String> currentUsers )
{
this.currentUsers = currentUsers;
}
public List<String> getParentRoleNames()
{
return parentRoleNames;
}
public void setParentRoleNames( List<String> parentRoleNames )
{
this.parentRoleNames = parentRoleNames;
}
public List<User> getParentUsers()
{
return parentUsers;
}
public void setParentUsers( List<User> parentUsers )
{
this.parentUsers = parentUsers;
}
// ------------------------------------------------------------------
// Internal Support Methods
// ------------------------------------------------------------------
public SecureActionBundle initSecureActionBundle()
throws SecureActionException
{
SecureActionBundle bundle = new SecureActionBundle();
bundle.setRequiresAuthentication( true );
bundle.addRequiredAuthorization( RedbackRoleConstants.USER_MANAGEMENT_USER_EDIT_OPERATION, Resource.GLOBAL );
bundle.addRequiredAuthorization( RedbackRoleConstants.USER_MANAGEMENT_RBAC_ADMIN_OPERATION, Resource.GLOBAL );
bundle.addRequiredAuthorization( RedbackRoleConstants.USER_MANAGEMENT_ROLE_GRANT_OPERATION, Resource.GLOBAL );
bundle.addRequiredAuthorization( RedbackRoleConstants.USER_MANAGEMENT_ROLE_DROP_OPERATION, Resource.GLOBAL );
bundle.addRequiredAuthorization( RedbackRoleConstants.USER_MANAGEMENT_USER_ROLE_OPERATION, Resource.GLOBAL );
return bundle;
}
}

View File

@ -1,161 +0,0 @@
package org.apache.archiva.redback.struts2.action.admin;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.apache.archiva.redback.rbac.Operation;
import org.apache.archiva.redback.rbac.RBACManager;
import org.apache.archiva.redback.rbac.RbacManagerException;
import org.apache.archiva.redback.rbac.Resource;
import org.apache.archiva.redback.struts2.action.RedbackActionSupport;
import org.apache.archiva.redback.integration.interceptor.SecureActionBundle;
import org.apache.archiva.redback.integration.interceptor.SecureActionException;
import org.apache.archiva.redback.integration.role.RoleConstants;
import org.apache.archiva.redback.integration.util.OperationSorter;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
import javax.inject.Inject;
import javax.inject.Named;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
/**
* OperationsAction:
*
* @author Jesse McConnell <jmcconnell@apache.org>
*
*/
@Controller( "redback-operations" )
@Scope( "prototype" )
public class OperationsAction
extends RedbackActionSupport
{
private static final String LIST = "list";
/**
* role-hint="cached"
*/
@Inject
@Named( value = "rBACManager#cached" )
private RBACManager manager;
private String operationName;
private String description;
private List<Operation> allOperations;
public String list()
{
try
{
allOperations = manager.getAllOperations();
if ( allOperations == null )
{
allOperations = Collections.emptyList();
}
Collections.sort( allOperations, new OperationSorter() );
}
catch ( RbacManagerException e )
{
addActionError( getText( "cannot.list.all.operations", Arrays.asList( (Object) e.getMessage() ) ) );
log.error( "System error:", e );
allOperations = Collections.emptyList();
}
return LIST;
}
public String save()
{
try
{
Operation temp = manager.createOperation( operationName );
temp.setDescription( description );
manager.saveOperation( temp );
}
catch ( RbacManagerException e )
{
addActionError( getText( "cannot.save.operation", Arrays.asList( (Object) operationName ) ) );
log.error( "System error:", e );
allOperations = Collections.emptyList();
}
return LIST;
}
public String remove()
{
try
{
manager.removeOperation( manager.getOperation( operationName ) );
}
catch ( RbacManagerException ne )
{
addActionError( getText( "cannot.remove.operation", Arrays.asList( (Object) operationName ) ) );
return ERROR;
}
return LIST;
}
public List<Operation> getAllOperations()
{
return allOperations;
}
public void setAllOperations( List<Operation> allOperations )
{
this.allOperations = allOperations;
}
public String getDescription()
{
return description;
}
public void setDescription( String description )
{
this.description = description;
}
public String getOperationName()
{
return operationName;
}
public void setOperationName( String operationName )
{
this.operationName = operationName;
}
public SecureActionBundle initSecureActionBundle()
throws SecureActionException
{
SecureActionBundle bundle = new SecureActionBundle();
bundle.setRequiresAuthentication( true );
bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_RBAC_ADMIN_OPERATION, Resource.GLOBAL );
return bundle;
}
}

View File

@ -1,285 +0,0 @@
package org.apache.archiva.redback.struts2.action.admin;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.apache.archiva.redback.rbac.Operation;
import org.apache.archiva.redback.rbac.Permission;
import org.apache.archiva.redback.rbac.RBACManager;
import org.apache.archiva.redback.rbac.Resource;
import org.apache.archiva.redback.rbac.RbacManagerException;
import org.apache.archiva.redback.struts2.action.RedbackActionSupport;
import org.codehaus.plexus.util.StringUtils;
import org.apache.archiva.redback.integration.interceptor.SecureActionBundle;
import org.apache.archiva.redback.integration.interceptor.SecureActionException;
import org.apache.archiva.redback.integration.role.RoleConstants;
import org.apache.archiva.redback.integration.util.PermissionSorter;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
import javax.inject.Inject;
import javax.inject.Named;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
/**
* PermissionsAction
*
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
*
*/
@Controller( "redback-permissions" )
@Scope( "prototype" )
public class PermissionsAction
extends RedbackActionSupport
{
private static final String LIST = "list";
// ------------------------------------------------------------------
// Plexus Component Requirements
// ------------------------------------------------------------------
/**
* role-hint="cached"
*/
@Inject
@Named( value = "rBACManager#cached" )
private RBACManager manager;
// ------------------------------------------------------------------
// Action Parameters
// ------------------------------------------------------------------
private String name;
private String description;
private String operationName;
private String operationDescription;
private String resourceIdentifier;
private List<Permission> allPermissions;
// ------------------------------------------------------------------
// Action Entry Points - (aka Names)
// ------------------------------------------------------------------
public String list()
{
try
{
allPermissions = manager.getAllPermissions();
if ( allPermissions == null )
{
allPermissions = Collections.emptyList();
}
Collections.sort( allPermissions, new PermissionSorter() );
}
catch ( RbacManagerException e )
{
addActionError( getText( "cannot.list.all.permissions", Arrays.asList( (Object) e.getMessage() ) ) );
log.error( "System error:", e );
allPermissions = Collections.emptyList();
}
return LIST;
}
public String input()
{
if ( name == null )
{
addActionError( getText( "cannot.edit.null.permission" ) );
return ERROR;
}
if ( StringUtils.isEmpty( name ) )
{
addActionError( getText( "cannot.edit.empty.permission" ) );
return ERROR;
}
if ( !manager.permissionExists( name ) )
{
// Means that the permission name doesn't exist.
// We should exit early and not attempt to look up the permission information.
return LIST;
}
try
{
Permission permission = manager.getPermission( name );
if ( permission == null )
{
addActionError( getText( "cannot.operate.null.permission" ) );
return ERROR;
}
description = permission.getDescription();
Operation operation = permission.getOperation();
if ( operation != null )
{
operationName = operation.getName();
operationDescription = operation.getDescription();
}
Resource resource = permission.getResource();
if ( resource != null )
{
resourceIdentifier = resource.getIdentifier();
}
}
catch ( RbacManagerException e )
{
addActionError( getText( "cannot.get.permission", Arrays.asList( (Object) name, e.getMessage() ) ) );
return ERROR;
}
return LIST;
}
public String submit()
{
if ( name == null )
{
addActionError( getText( "cannot.edit.null.permission" ) );
return ERROR;
}
if ( StringUtils.isEmpty( name ) )
{
addActionError( getText( "cannot.edit.empty.permission" ) );
return ERROR;
}
try
{
Permission permission;
if ( manager.permissionExists( name ) )
{
permission = manager.getPermission( name );
}
else
{
permission = manager.createPermission( name );
}
permission.setDescription( description );
Operation operation = manager.createOperation( operationName );
if ( StringUtils.isNotEmpty( operationDescription ) )
{
operation.setDescription( operationDescription );
}
permission.setOperation( manager.saveOperation( operation ) );
Resource resource = manager.createResource( resourceIdentifier );
permission.setResource( manager.saveResource( resource ) );
manager.savePermission( permission );
addActionMessage( getText( "save.permission.success", Arrays.asList( (Object) name ) ) );
}
catch ( RbacManagerException e )
{
addActionError( getText( "cannot.get.permission", Arrays.asList( (Object) name, e.getMessage() ) ) );
return ERROR;
}
return LIST;
}
// ------------------------------------------------------------------
// Parameter Accessor Methods
// ------------------------------------------------------------------
public String getDescription()
{
return description;
}
public void setDescription( String description )
{
this.description = description;
}
public String getName()
{
return name;
}
public void setName( String name )
{
this.name = name;
}
public String getOperationDescription()
{
return operationDescription;
}
public void setOperationDescription( String operationDescription )
{
this.operationDescription = operationDescription;
}
public String getOperationName()
{
return operationName;
}
public void setOperationName( String operationName )
{
this.operationName = operationName;
}
public String getResourceIdentifier()
{
return resourceIdentifier;
}
public void setResourceIdentifier( String resourceIdentifier )
{
this.resourceIdentifier = resourceIdentifier;
}
public List<Permission> getAllPermissions()
{
return allPermissions;
}
public void setAllPermissions( List<Permission> allPermissions )
{
this.allPermissions = allPermissions;
}
public SecureActionBundle initSecureActionBundle()
throws SecureActionException
{
SecureActionBundle bundle = new SecureActionBundle();
bundle.setRequiresAuthentication( true );
bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_RBAC_ADMIN_OPERATION, Resource.GLOBAL );
return bundle;
}
}

View File

@ -1,147 +0,0 @@
package org.apache.archiva.redback.struts2.action.admin;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.Arrays;
import javax.inject.Inject;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts2.ServletActionContext;
import org.apache.archiva.redback.rbac.Resource;
import org.apache.archiva.redback.struts2.action.AbstractSecurityAction;
import org.apache.archiva.redback.integration.interceptor.SecureActionBundle;
import org.apache.archiva.redback.integration.interceptor.SecureActionException;
import org.apache.archiva.redback.integration.reports.Report;
import org.apache.archiva.redback.integration.reports.ReportException;
import org.apache.archiva.redback.integration.reports.ReportManager;
import org.apache.archiva.redback.integration.role.RoleConstants;
import com.opensymphony.module.sitemesh.filter.PageResponseWrapper;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
/**
* ReportAction
*
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
*
*/
@Controller("redback-report")
@Scope("prototype")
public class ReportAction
extends AbstractSecurityAction
{
/**
*
*/
@Inject
private ReportManager reportManager;
private String reportId;
private String reportType;
public String generate()
{
Report report;
try
{
report = reportManager.findReport( reportId, reportType );
}
catch ( ReportException e )
{
addActionError( getText( "cannot.get.report", Arrays.asList( ( Object ) e.getMessage() ) ) );
return ERROR;
}
HttpServletResponse response = ServletActionContext.getResponse();
// HACK: Unwrap sitemesh response. (effectively disables sitemesh)
if ( response instanceof PageResponseWrapper )
{
response = (HttpServletResponse) ( (PageResponseWrapper) response ).getResponse();
}
try
{
ByteArrayOutputStream os = new ByteArrayOutputStream();
report.writeReport( os );
response.reset();
response.setContentType( report.getMimeType() );
response.addHeader( "Content-Disposition",
"attachment; filename=" + report.getId() + "." + report.getType() );
byte bytes[] = os.toByteArray();
response.setContentLength( bytes.length );
response.getOutputStream().write( bytes, 0, bytes.length );
response.getOutputStream().flush();
response.getOutputStream().close();
// Don't return a result.
return null;
}
catch ( ReportException e )
{
String emsg = getText( "cannot.generate.report" );
addActionError( emsg );
log.error( emsg, e );
return ERROR;
}
catch ( IOException e )
{
String emsg = getText( "cannot.generate.report" );
addActionError( emsg );
log.error( emsg, e );
return ERROR;
}
}
public SecureActionBundle initSecureActionBundle()
throws SecureActionException
{
SecureActionBundle bundle = new SecureActionBundle();
bundle.setRequiresAuthentication( true );
bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_USER_LIST_OPERATION, Resource.GLOBAL );
return bundle;
}
public String getReportId()
{
return reportId;
}
public void setReportId( String reportId )
{
this.reportId = reportId;
}
public String getReportType()
{
return reportType;
}
public void setReportType( String reportType )
{
this.reportType = reportType;
}
}

View File

@ -1,161 +0,0 @@
package org.apache.archiva.redback.struts2.action.admin;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.apache.archiva.redback.rbac.RBACManager;
import org.apache.archiva.redback.rbac.Resource;
import org.apache.archiva.redback.rbac.RbacManagerException;
import org.apache.archiva.redback.struts2.action.AbstractSecurityAction;
import org.apache.archiva.redback.integration.interceptor.SecureActionBundle;
import org.apache.archiva.redback.integration.interceptor.SecureActionException;
import org.apache.archiva.redback.integration.role.RoleConstants;
import org.apache.archiva.redback.integration.util.ResourceSorter;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
import javax.inject.Inject;
import javax.inject.Named;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
/**
* OperationsAction:
*
* @author Jesse McConnell <jmcconnell@apache.org>
*
*/
@Controller( "redback-resources" )
@Scope( "prototype" )
public class ResourcesAction
extends AbstractSecurityAction
{
private static final String LIST = "list";
/**
* role-hint="cached"
*/
@Inject
@Named( value = "rBACManager#cached" )
private RBACManager manager;
private String resourceIdentifier;
private boolean isPattern;
private List<Resource> allResources;
public String list()
{
try
{
allResources = manager.getAllResources();
if ( allResources == null )
{
allResources = Collections.emptyList();
}
Collections.sort( allResources, new ResourceSorter() );
}
catch ( RbacManagerException e )
{
addActionError( getText( "cannot.list.all.resources", Arrays.asList( (Object) e.getMessage() ) ) );
log.error( "System error:", e );
allResources = Collections.emptyList();
}
return LIST;
}
public String save()
{
try
{
Resource temp = manager.createResource( resourceIdentifier );
temp.setIdentifier( resourceIdentifier );
temp.setPattern( isPattern );
manager.saveResource( temp );
}
catch ( RbacManagerException e )
{
addActionError( getText( "cannot.save.resource", Arrays.asList( (Object) e.getMessage() ) ) );
log.error( "System error:", e );
allResources = Collections.emptyList();
}
return LIST;
}
public String remove()
{
try
{
manager.removeResource( manager.getResource( resourceIdentifier ) );
}
catch ( RbacManagerException ne )
{
addActionError( getText( "cannot.remove.resource", Arrays.asList( (Object) resourceIdentifier ) ) );
return ERROR;
}
return LIST;
}
public List<Resource> getAllResources()
{
return allResources;
}
public void setAllResources( List<Resource> allResources )
{
this.allResources = allResources;
}
public String getResourceIdentifier()
{
return resourceIdentifier;
}
public void setResourceIdentifier( String resourceIdentifier )
{
this.resourceIdentifier = resourceIdentifier;
}
public boolean isPattern()
{
return isPattern;
}
public void setPattern( boolean isPattern )
{
this.isPattern = isPattern;
}
public SecureActionBundle initSecureActionBundle()
throws SecureActionException
{
SecureActionBundle bundle = new SecureActionBundle();
bundle.setRequiresAuthentication( true );
bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_RBAC_ADMIN_OPERATION, Resource.GLOBAL );
return bundle;
}
}

View File

@ -1,232 +0,0 @@
package org.apache.archiva.redback.struts2.action.admin;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.apache.archiva.redback.rbac.Permission;
import org.apache.archiva.redback.rbac.RbacManagerException;
import org.apache.archiva.redback.rbac.Resource;
import org.apache.archiva.redback.rbac.Role;
import org.apache.archiva.redback.rbac.RBACManager;
import org.apache.archiva.redback.struts2.action.AuditEvent;
import org.apache.archiva.redback.struts2.action.AbstractSecurityAction;
import org.codehaus.plexus.util.StringUtils;
import org.apache.archiva.redback.integration.interceptor.SecureActionBundle;
import org.apache.archiva.redback.integration.interceptor.SecureActionException;
import org.apache.archiva.redback.integration.model.SimplePermission;
import org.apache.archiva.redback.integration.role.RoleConstants;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
import javax.inject.Inject;
import javax.inject.Named;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
/**
* RoleCreateAction
*
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
*
*/
@Controller( "redback-role-create" )
@Scope( "prototype" )
public class RoleCreateAction
extends AbstractSecurityAction
{
// ------------------------------------------------------------------
// Component Requirements
// ------------------------------------------------------------------
/**
* role-hint="cached"
*/
@Inject
@Named( value = "rBACManager#cached" )
private RBACManager manager;
// ------------------------------------------------------------------
// Action Parameters
// ------------------------------------------------------------------
private String principal;
private String roleName;
private String description;
private List<SimplePermission> permissions;
private List<String> childRoles;
private SimplePermission addpermission;
private String submitMode;
protected static final String VALID_ROLENAME_CHARS = "[a-zA-Z_0-9\\-\\s.,]*";
// ------------------------------------------------------------------
// Action Entry Points - (aka Names)
// ------------------------------------------------------------------
public String show()
{
if ( permissions == null )
{
permissions = new ArrayList<SimplePermission>();
}
if ( childRoles == null )
{
childRoles = new ArrayList<String>();
}
if ( addpermission == null )
{
addpermission = new SimplePermission();
}
return INPUT;
}
public String addpermission()
{
if ( addpermission == null )
{
addActionError( getText( "cannot.add.null.permission" ) );
return ERROR;
}
if ( permissions == null )
{
permissions = new ArrayList<SimplePermission>();
}
permissions.add( addpermission );
addpermission = new SimplePermission();
return INPUT;
}
public String submit()
{
if ( StringUtils.equals( getSubmitMode(), "addPermission" ) )
{
return addpermission();
}
if ( StringUtils.isEmpty( roleName ) )
{
addActionError( getText( "cannot.add.empty.role" ) );
return ERROR;
}
if ( !roleName.matches( VALID_ROLENAME_CHARS ) )
{
addActionError( getText( "roleName.invalid.characters" ) );
return ERROR;
}
try
{
Role _role;
if ( manager.roleExists( roleName ) )
{
_role = manager.getRole( roleName );
}
else
{
_role = manager.createRole( roleName );
}
_role.setDescription( description );
_role.setChildRoleNames( childRoles );
List<Permission> _permissionList = new ArrayList<Permission>();
for ( SimplePermission perm : permissions )
{
_permissionList.add(
manager.createPermission( perm.getName(), perm.getOperationName(), perm.getResourceIdentifier() ) );
}
_role.setPermissions( _permissionList );
manager.saveRole( _role );
addActionMessage( getText( "save.role.success", Arrays.asList( (Object) roleName ) ) );
String currentUser = getCurrentUser();
AuditEvent event = new AuditEvent( getText( "log.role.create" ) );
event.setRole( roleName );
event.setCurrentUser( currentUser );
event.log();
}
catch ( RbacManagerException e )
{
addActionError( getText( "cannot.get.role", Arrays.asList( (Object) roleName, e.getMessage() ) ) );
return ERROR;
}
return SUCCESS;
}
// ------------------------------------------------------------------
// Parameter Accessor Methods
// ------------------------------------------------------------------
public String getPrincipal()
{
return principal;
}
public void setPrincipal( String principal )
{
this.principal = principal;
}
public SimplePermission getAddpermission()
{
return addpermission;
}
public void setAddpermission( SimplePermission addpermission )
{
this.addpermission = addpermission;
}
public String getSubmitMode()
{
return submitMode;
}
public void setSubmitMode( String submitMode )
{
this.submitMode = submitMode;
}
public SecureActionBundle initSecureActionBundle()
throws SecureActionException
{
SecureActionBundle bundle = new SecureActionBundle();
bundle.setRequiresAuthentication( true );
bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_RBAC_ADMIN_OPERATION, Resource.GLOBAL );
return bundle;
}
}

View File

@ -1,78 +0,0 @@
package org.apache.archiva.redback.struts2.action.admin;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.apache.archiva.redback.rbac.Resource;
import org.apache.archiva.redback.role.RoleManager;
import org.apache.archiva.redback.role.model.RedbackRoleModel;
import org.apache.archiva.redback.struts2.action.AbstractSecurityAction;
import org.apache.archiva.redback.integration.interceptor.SecureActionBundle;
import org.apache.archiva.redback.integration.interceptor.SecureActionException;
import org.apache.archiva.redback.integration.role.RoleConstants;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
import javax.inject.Inject;
/**
* RolesAction
*
* @author <a href="mailto:jmcconnell@apache.org">Jesse McConnell</a>
*
*/
@Controller( "redback-role-model" )
@Scope( "prototype" )
public class RoleModelAction
extends AbstractSecurityAction
{
/**
* role-hint="default"
*/
@Inject
private RoleManager manager;
private RedbackRoleModel model;
public String view()
{
model = manager.getModel();
return SUCCESS;
}
public RedbackRoleModel getModel()
{
return model;
}
public void setModel( RedbackRoleModel model )
{
this.model = model;
}
public SecureActionBundle initSecureActionBundle()
throws SecureActionException
{
SecureActionBundle bundle = new SecureActionBundle();
bundle.setRequiresAuthentication( true );
bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_RBAC_ADMIN_OPERATION, Resource.GLOBAL );
return bundle;
}
}

View File

@ -1,91 +0,0 @@
package org.apache.archiva.redback.struts2.action.admin;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.apache.archiva.redback.rbac.Resource;
import org.apache.archiva.redback.rbac.Role;
import org.apache.archiva.redback.rbac.RbacManagerException;
import org.apache.archiva.redback.struts2.action.AbstractUserCredentialsAction;
import org.apache.archiva.redback.integration.interceptor.SecureActionBundle;
import org.apache.archiva.redback.integration.interceptor.SecureActionException;
import org.apache.archiva.redback.integration.role.RoleConstants;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
/**
* RolesAction
*
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
*
*/
@Controller( "redback-roles" )
@Scope( "prototype" )
public class RolesAction
extends AbstractUserCredentialsAction
{
private static final String LIST = "list";
private List<Role> allRoles;
public String list()
{
try
{
allRoles = getFilteredRolesForCurrentUserAccess();
}
catch ( RbacManagerException e )
{
List<Object> list = new ArrayList<Object>();
list.add( e.getMessage() );
addActionError( getText( "cannot.list.all.roles", list ) );
log.error( "System error:", e );
allRoles = Collections.emptyList();
}
return LIST;
}
public List<Role> getAllRoles()
{
return allRoles;
}
public void setAllRoles( List<Role> allRoles )
{
this.allRoles = allRoles;
}
public SecureActionBundle initSecureActionBundle()
throws SecureActionException
{
SecureActionBundle bundle = new SecureActionBundle();
bundle.setRequiresAuthentication( true );
bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_USER_EDIT_OPERATION, Resource.GLOBAL );
bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_RBAC_ADMIN_OPERATION, Resource.GLOBAL );
bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_ROLE_GRANT_OPERATION, Resource.GLOBAL );
bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_ROLE_DROP_OPERATION, Resource.GLOBAL );
bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_USER_ROLE_OPERATION, Resource.GLOBAL );
return bundle;
}
}

View File

@ -1,274 +0,0 @@
package org.apache.archiva.redback.struts2.action.admin;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.apache.archiva.redback.components.registry.Registry;
import org.apache.archiva.redback.rbac.RBACManager;
import org.apache.archiva.redback.rbac.Resource;
import org.apache.commons.beanutils.PropertyUtils;
import org.apache.commons.lang.StringEscapeUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.archiva.redback.struts2.action.AbstractSecurityAction;
import org.apache.archiva.redback.system.SecuritySystem;
import org.apache.archiva.redback.integration.interceptor.SecureActionBundle;
import org.apache.archiva.redback.integration.interceptor.SecureActionException;
import org.apache.archiva.redback.integration.role.RoleConstants;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
import javax.inject.Inject;
import javax.inject.Named;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
/**
* SystemInfoAction
*
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
*
*/
@Controller( "redback-sysinfo" )
@Scope( "prototype" )
public class SystemInfoAction
extends AbstractSecurityAction
{
// ------------------------------------------------------------------
// Component Requirements
// ------------------------------------------------------------------
/**
*
*/
@Inject
private SecuritySystem securitySystem;
/**
* role-hint="commons-configuration"
*/
@Inject
@Named( value = "commons-configuration" )
private Registry registry;
/**
* role-hint="cached"
*/
@Inject
@Named( value = "rBACManager#cached" )
private RBACManager rbacManager;
// Class.getClass() and some JPOX classes
private static final List<String> ignoredReaders = Arrays.asList( "class", "copy" );
private static final String NULL = "&lt;null&gt;";
private static final char LN = Character.LINE_SEPARATOR;
private static final String INDENT = " ";
private static final int MAXDEPTH = 10;
// ------------------------------------------------------------------
// Action Parameters
// ------------------------------------------------------------------
private StringBuilder details;
// ------------------------------------------------------------------
// Action Entry Points - (aka Names)
// ------------------------------------------------------------------
public String show()
{
details = new StringBuilder();
details.append( "Configuration: " );
dumpObject( details, registry, INDENT );
details.append( registry.dump() );
details.append( LN );
details.append( LN ).append( "<hr/>" ).append( LN );
details.append( "RBAC Manager: " );
dumpObject( details, rbacManager, INDENT );
details.append( LN ).append( "<hr/>" ).append( LN );
details.append( "SecuritySystem: " );
dumpObject( details, securitySystem, INDENT );
return SUCCESS;
}
private void dumpObject( StringBuilder sb, Object obj, String indent )
{
dumpObjectSwitchboard( new ArrayList<Object>(), sb, obj, indent, 0 );
}
/**
* The recursive object dumping switchboard.
*
* @param seenObjects objects already seen (to prevent cycles)
* @param sb the StringBuilder to populate
* @param obj the object to dump
* @param indent the current indent string.
* @param depth the depth in the tree.
*/
private void dumpObjectSwitchboard( List<Object> seenObjects, StringBuilder sb, Object obj, String indent,
int depth )
{
if ( obj == null )
{
sb.append( NULL ).append( LN );
return;
}
if ( depth > MAXDEPTH )
{
sb.append( StringEscapeUtils.escapeHtml( "<MAX DEPTH>" ) );
sb.append( LN );
return;
}
depth++;
String className = obj.getClass().getName();
sb.append( '(' ).append( className ).append( ") " );
if ( obj instanceof List )
{
dumpIterator( seenObjects, sb, ( (List<?>) obj ).iterator(), indent, depth );
}
else if ( obj instanceof Set )
{
dumpIterator( seenObjects, sb, ( (Set<?>) obj ).iterator(), indent, depth );
}
else if ( obj instanceof Map )
{
dumpIterator( seenObjects, sb, ( (Map<?, ?>) obj ).entrySet().iterator(), indent, depth );
}
else if ( obj instanceof Iterator )
{
dumpIterator( seenObjects, sb, (Iterator<?>) obj, indent, depth );
}
else
{
// Filter classes that start with java or javax
if ( className.startsWith( "java." ) || className.startsWith( "javax." ) )
{
sb.append( StringEscapeUtils.escapeHtml( obj.toString() ) ).append( LN );
return;
}
// prevent cycles
if ( seenObjects.contains( obj ) )
{
// No need to dump.
sb.append( StringEscapeUtils.escapeHtml( "<seen already preventing cycle in dump> " ) );
sb.append( LN );
return;
}
// Adding object to seen list (to prevent cycles)
seenObjects.add( obj );
dumpObjectReaders( seenObjects, sb, obj, indent, depth );
}
depth--;
}
@SuppressWarnings( "unchecked" )
private void dumpObjectReaders( List<Object> seenObjects, StringBuilder sb, Object obj, String indent, int depth )
{
sb.append( obj.toString() ).append( LN );
String name = null;
try
{
Map<String, Object> readers = PropertyUtils.describe( obj );
for ( Map.Entry<String, Object> readerEntry : readers.entrySet() )
{
name = (String) readerEntry.getKey();
if ( ignoredReaders.contains( name ) )
{
// skip this reader.
continue;
}
sb.append( indent );
sb.append( name ).append( ':' );
Object value = readerEntry.getValue();
if ( value == null )
{
sb.append( NULL ).append( LN );
}
else
{
dumpObjectSwitchboard( seenObjects, sb, value, INDENT + indent, depth );
}
}
}
catch ( Throwable e )
{
sb.append( LN ).append( indent );
sb.append( "Unable to read bean [" ).append( obj.getClass().getName() );
if ( StringUtils.isNotBlank( name ) )
{
sb.append( ".get" ).append( StringUtils.capitalize( name ) ).append( "()" );
}
sb.append( "]: " ).append( '(' ).append( e.getClass().getName() ).append( ") " );
sb.append( e.getMessage() ).append( LN );
}
}
private void dumpIterator( List<Object> seenObjects, StringBuilder sb, Iterator<?> iterator, String indent,
int depth )
{
sb.append( LN );
while ( iterator.hasNext() )
{
Object entry = iterator.next();
sb.append( indent );
dumpObjectSwitchboard( seenObjects, sb, entry, indent + " | ", depth );
}
}
// ------------------------------------------------------------------
// Parameter Accessor Methods
// ------------------------------------------------------------------
public String getDetails()
{
return details.toString();
}
public SecureActionBundle initSecureActionBundle()
throws SecureActionException
{
SecureActionBundle bundle = new SecureActionBundle();
bundle.setRequiresAuthentication( true );
bundle.addRequiredAuthorization( RoleConstants.CONFIGURATION_EDIT_OPERATION, Resource.GLOBAL );
return bundle;
}
}

View File

@ -1,148 +0,0 @@
package org.apache.archiva.redback.struts2.action.admin;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import java.util.Arrays;
import org.apache.archiva.redback.policy.UserSecurityPolicy;
import org.apache.archiva.redback.rbac.Resource;
import org.apache.archiva.redback.struts2.action.AbstractUserCredentialsAction;
import org.apache.archiva.redback.struts2.action.AuditEvent;
import org.apache.archiva.redback.users.User;
import org.apache.archiva.redback.users.UserManager;
import org.apache.archiva.redback.integration.interceptor.SecureActionBundle;
import org.apache.archiva.redback.integration.interceptor.SecureActionException;
import org.apache.archiva.redback.integration.model.CreateUserCredentials;
import org.apache.archiva.redback.integration.role.RoleConstants;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
/**
* UserCreateAction
*
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
*
*/
@Controller("redback-admin-user-create")
@Scope("prototype")
public class UserCreateAction
extends AbstractUserCredentialsAction
{
// ------------------------------------------------------------------
// Action Parameters
// ------------------------------------------------------------------
private CreateUserCredentials user;
// ------------------------------------------------------------------
// Action Entry Points - (aka Names)
// ------------------------------------------------------------------
public String show()
{
if ( user == null )
{
user = new CreateUserCredentials();
}
return INPUT;
}
public String submit()
{
if ( user == null )
{
user = new CreateUserCredentials();
addActionError( getText( "invalid.user.credentials" ) );
return ERROR;
}
internalUser = user;
validateCredentialsLoose();
// NOTE: Do not perform Password Rules Validation Here.
UserManager manager = super.securitySystem.getUserManager();
if ( manager.userExists( user.getUsername() ) )
{
// Means that the role name doesn't exist.
// We need to fail fast and return to the previous page.
addActionError( getText( "user.already.exists", Arrays.asList( ( Object ) user.getUsername() ) ) );
}
if ( hasActionErrors() || hasFieldErrors() )
{
return ERROR;
}
User u = manager.createUser( user.getUsername(), user.getFullName(), user.getEmail() );
u.setPassword( user.getPassword() );
// force the user to change their password when they log in next
u.setPasswordChangeRequired( true );
// Disable Password Rules for this creation.
UserSecurityPolicy securityPolicy = securitySystem.getPolicy();
try
{
// REDBACK-156
securityPolicy.setEnabled( false );
u.setValidated( true );
manager.addUser( u );
String currentUser = getCurrentUser();
AuditEvent event = new AuditEvent( getText( "log.account.create" ) );
event.setAffectedUser( u.getUsername() );
event.setCurrentUser( currentUser );
event.log();
}
finally
{
securityPolicy.setEnabled( true );
}
return SUCCESS;
}
// ------------------------------------------------------------------
// Parameter Accessor Methods
// ------------------------------------------------------------------
public CreateUserCredentials getUser()
{
return user;
}
public void setUser( CreateUserCredentials user )
{
this.user = user;
}
public SecureActionBundle initSecureActionBundle()
throws SecureActionException
{
SecureActionBundle bundle = new SecureActionBundle();
bundle.setRequiresAuthentication( true );
bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_USER_CREATE_OPERATION, Resource.GLOBAL );
return bundle;
}
}

Some files were not shown because too many files have changed in this diff Show More