diff --git a/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/DefaultLdapRoleMapper.java b/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/DefaultLdapRoleMapper.java index f1d7c03d..fc902c62 100644 --- a/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/DefaultLdapRoleMapper.java +++ b/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/DefaultLdapRoleMapper.java @@ -312,7 +312,27 @@ public class DefaultLdapRoleMapper } close( namingEnumeration ); } + } + public List getRoles( String username ) + throws MappingException + { + List groups = getGroups( username ); + + Map rolesMapping = getLdapGroupMappings(); + + List roles = new ArrayList( groups.size() ); + + for ( String group : groups ) + { + String role = rolesMapping.get( group ); + if ( role != null ) + { + roles.add( role ); + } + } + + return roles; } private void close( NamingEnumeration namingEnumeration ) @@ -350,6 +370,12 @@ public class DefaultLdapRoleMapper log.warn( "removeLdapMapping not implemented" ); } + public void setLdapGroupMappings( Map mappings ) + throws MappingException + { + log.warn( "setLdapGroupMappings not implemented" ); + } + public Map getLdapGroupMappings() { Map map = new HashMap(); diff --git a/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/LdapRoleMapper.java b/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/LdapRoleMapper.java index 3ba48c07..43bb08d0 100644 --- a/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/LdapRoleMapper.java +++ b/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/LdapRoleMapper.java @@ -70,6 +70,9 @@ public interface LdapRoleMapper List getGroups( String username ) throws MappingException; + List getRoles( String username ) + throws MappingException; + /** * add mapping redback role <-> ldap group * @@ -93,4 +96,7 @@ public interface LdapRoleMapper Map getLdapGroupMappings() throws MappingException; + void setLdapGroupMappings( Map mappings ) + throws MappingException; + } diff --git a/redback-common/redback-common-ldap/src/test/java/org/apache/archiva/redback/common/ldap/role/TestLdapRoleMapper.java b/redback-common/redback-common-ldap/src/test/java/org/apache/archiva/redback/common/ldap/role/TestLdapRoleMapper.java index c519784a..60d5c5e1 100644 --- a/redback-common/redback-common-ldap/src/test/java/org/apache/archiva/redback/common/ldap/role/TestLdapRoleMapper.java +++ b/redback-common/redback-common-ldap/src/test/java/org/apache/archiva/redback/common/ldap/role/TestLdapRoleMapper.java @@ -65,7 +65,7 @@ public class TestLdapRoleMapper Logger log = LoggerFactory.getLogger( getClass() ); @Inject - @Named( value = "apacheDS#test" ) + @Named(value = "apacheDS#test") private ApacheDs apacheDs; private String suffix; @@ -294,21 +294,49 @@ public class TestLdapRoleMapper public void getGroups() throws Exception { - List roles = ldapRoleMapper.getGroups( "admin" ); + List groups = ldapRoleMapper.getGroups( "admin" ); + + log.info( "groups for admin: {}", groups ); + + Assertions.assertThat( groups ).isNotNull().isNotEmpty().hasSize( 3 ).contains( "archiva-admin", + "internal-repo-manager", + "internal-repo-observer" ); + + groups = ldapRoleMapper.getGroups( "user.8" ); + + Assertions.assertThat( groups ).isNotNull().isNotEmpty().hasSize( 1 ).contains( "internal-repo-observer" ); + + groups = ldapRoleMapper.getGroups( "user.7" ); + + Assertions.assertThat( groups ).isNotNull().isNotEmpty().hasSize( 2 ).contains( "archiva-admin", + "internal-repo-observer" ); + } + + @Test + public void getRoles() + throws Exception + { + List roles = ldapRoleMapper.getRoles( "admin" ); log.info( "roles for admin: {}", roles ); - Assertions.assertThat( roles ).isNotNull().isNotEmpty().hasSize( 3 ).contains( "archiva-admin", - "internal-repo-manager", - "internal-repo-observer" ); + Assertions.assertThat( roles ).isNotNull().isNotEmpty().hasSize( 3 ).contains( "Archiva System Administrator", + "Internal Repo Manager", + "Internal Repo Observer" ); - roles = ldapRoleMapper.getGroups( "user.8" ); + roles = ldapRoleMapper.getRoles( "user.7" ); - Assertions.assertThat( roles ).isNotNull().isNotEmpty().hasSize( 1 ).contains( "internal-repo-observer" ); + log.info( "roles for user.7: {}", roles ); - roles = ldapRoleMapper.getGroups( "user.7" ); + Assertions.assertThat( roles ).isNotNull().isNotEmpty().hasSize( 2 ).contains( "Archiva System Administrator", + "Internal Repo Observer" ); + + roles = ldapRoleMapper.getRoles( "user.8" ); + + log.info( "roles for user.8: {}", roles ); + + Assertions.assertThat( roles ).isNotNull().isNotEmpty().hasSize( 1 ).contains( "Internal Repo Observer" ); - Assertions.assertThat( roles ).isNotNull().isNotEmpty().hasSize( 2 ).contains( "archiva-admin", - "internal-repo-observer" ); } + } diff --git a/redback-common/redback-common-ldap/src/test/resources/spring-context-role-mapper.xml b/redback-common/redback-common-ldap/src/test/resources/spring-context-role-mapper.xml index c3030806..ad2dc1b9 100755 --- a/redback-common/redback-common-ldap/src/test/resources/spring-context-role-mapper.xml +++ b/redback-common/redback-common-ldap/src/test/resources/spring-context-role-mapper.xml @@ -30,6 +30,21 @@ + + + + + + + + ]]> + + + + diff --git a/redback-common/redback-common-ldap/src/test/security.properties b/redback-common/redback-common-ldap/src/test/security.properties new file mode 100644 index 00000000..1df88925 --- /dev/null +++ b/redback-common/redback-common-ldap/src/test/security.properties @@ -0,0 +1,19 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +ldap.config.groups.role.archiva-admin=Archiva System Administrator +ldap.config.groups.role.internal-repo-manager=Internal Repo Manager +ldap.config.groups.role.internal-repo-observer=Internal Repo Observer \ No newline at end of file diff --git a/redback-rbac/redback-rbac-providers/pom.xml b/redback-rbac/redback-rbac-providers/pom.xml index 897b535e..4717d9f1 100644 --- a/redback-rbac/redback-rbac-providers/pom.xml +++ b/redback-rbac/redback-rbac-providers/pom.xml @@ -31,5 +31,6 @@ redback-rbac-jdo redback-rbac-memory redback-rbac-cached + redback-rbac-ldap