Apache/archiva-redback-core
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Switching from plexus graph to archiva graph component

Browse Source
This commit is contained in:
Martin Stockhammer 2019-11-15 17:43:14 +01:00
parent 3bb3bb1c6a
commit ce77438066
11 changed files with 310 additions and 331 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
redback-rbac/pom.xml
View File

@ -38,6 +38,12 @@
</modules>
<dependencies>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</dependency>
<dependency>
<groupId>org.junit.platform</groupId>
<artifactId>junit-platform-launcher</artifactId>
@ -58,5 +64,22 @@
<artifactId>junit-vintage-engine</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-core</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-slf4j-impl</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-jcl</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
</project>

6
redback-rbac/redback-rbac-model/pom.xml
View File

@ -43,10 +43,6 @@
<groupId>org.apache.commons</groupId>
<artifactId>commons-collections4</artifactId>
</dependency>
<dependency>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-utils</artifactId>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
@ -58,7 +54,7 @@
</dependency>
<dependency>
<groupId>javax.annotation</groupId>
<artifactId>jsr250-api</artifactId>
<artifactId>javax.annotation-api</artifactId>
</dependency>
</dependencies>

6
redback-rbac/redback-rbac-providers/redback-rbac-cached/pom.xml
View File

@ -85,11 +85,7 @@
<artifactId>hsqldb</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-simple</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
</project>

9
redback-rbac/redback-rbac-providers/redback-rbac-ldap/pom.xml
View File

@ -94,13 +94,8 @@
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-simple</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.archiva.redback.components</groupId>
<artifactId>spring-apacheds</artifactId>
<groupId>org.apache.archiva.components</groupId>
<artifactId>archiva-components-spring-apacheds</artifactId>
<scope>test</scope>
</dependency>
</dependencies>

6
redback-rbac/redback-rbac-providers/redback-rbac-memory/pom.xml
View File

@ -64,11 +64,7 @@
<artifactId>hsqldb</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-simple</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
</project>

18
redback-rbac/redback-rbac-role-manager/pom.xml
View File

@ -34,6 +34,11 @@
<name>Redback :: RBAC Role Manager</name>
<dependencies>
<dependency>
<groupId>org.apache.archiva.components</groupId>
<artifactId>archiva-components-graph</artifactId>
<version>3.0-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>net.java.dev.stax-utils</groupId>
<artifactId>stax-utils</artifactId>
@ -77,16 +82,8 @@
<artifactId>redback-rbac-cached</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-simple</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>jul-to-slf4j</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.hsqldb</groupId>
<artifactId>hsqldb</artifactId>
@ -102,6 +99,7 @@
<artifactId>spring-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>

11
redback-rbac/redback-rbac-role-manager/src/main/java/org/apache/archiva/redback/role/processor/DefaultRoleModelProcessor.java
View File

@ -34,7 +34,6 @@
import org.apache.archiva.redback.role.model.RedbackRoleModel;
import org.apache.archiva.redback.role.util.RoleModelUtils;
import org.apache.commons.lang3.time.StopWatch;
import org.codehaus.plexus.util.dag.CycleDetectedException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;
@ -157,15 +156,7 @@ private void processRoles( RedbackRoleModel model )
StopWatch stopWatch = new StopWatch();
stopWatch.reset();
stopWatch.start();
List<String> sortedGraph;
try
{
sortedGraph = RoleModelUtils.reverseTopologicalSortedRoleList( model );
}
catch ( CycleDetectedException e )
{
throw new RoleManagerException( "cycle detected: this should have been caught in validation", e );
}
List<String> sortedGraph = RoleModelUtils.reverseTopologicalSortedRoleList(model);
List<? extends Role> allRoles;
try

112
redback-rbac/redback-rbac-role-manager/src/main/java/org/apache/archiva/redback/role/util/RoleModelUtils.java
View File

@ -19,19 +19,25 @@
* under the License.
*/
import org.apache.archiva.components.graph.api.Category;
import org.apache.archiva.components.graph.api.RelationType;
import org.apache.archiva.components.graph.base.SimpleGraph;
import org.apache.archiva.components.graph.base.SimpleNode;
import org.apache.archiva.components.graph.util.Traversal;
import org.apache.archiva.redback.role.model.ModelApplication;
import org.apache.archiva.redback.role.model.ModelOperation;
import org.apache.archiva.redback.role.model.ModelResource;
import org.apache.archiva.redback.role.model.ModelRole;
import org.apache.archiva.redback.role.model.ModelTemplate;
import org.apache.archiva.redback.role.model.RedbackRoleModel;
import org.codehaus.plexus.util.dag.CycleDetectedException;
import org.codehaus.plexus.util.dag.DAG;
import org.codehaus.plexus.util.dag.TopologicalSorter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.util.ArrayList;
import java.util.Collections;
import java.util.LinkedList;
import java.util.List;
import java.util.stream.Collectors;
/**
* RoleModelUtils:
@ -41,7 +47,17 @@
*/
public class RoleModelUtils
{
public enum RoleType implements Category {
ROLE,TEMPLATE
}
public enum RoleRelation implements RelationType {
ROLE_TO_ROLE,ROLE_TO_TEMPLATE,TEMPLATE_TO_ROLE,TEMPLATE_TO_TEMPLATE;
}
public static final String ROOT = ":archiva:node:root";
private static final Logger log = LoggerFactory.getLogger(RoleModelUtils.class);
public static List<ModelRole> getRoles( RedbackRoleModel model )
{
@ -229,24 +245,36 @@ public static ModelResource getModelResource( RedbackRoleModel model, String res
}
@SuppressWarnings( "unchecked" )
public static DAG generateRoleGraph( RedbackRoleModel model )
throws CycleDetectedException
public static SimpleGraph generateRoleGraph(RedbackRoleModel model )
{
DAG roleGraph = new DAG();
SimpleGraph roleGraph = new SimpleGraph();
SimpleNode rootNode = roleGraph.addNode(ROOT, ROOT);
log.debug("Created graph with root {}", rootNode);
for ( ModelApplication application : model.getApplications() )
{
log.debug("Application {}", application.getId());
for ( ModelRole role : application.getRoles() )
{
roleGraph.addVertex( role.getId() );
final String roleId = role.getId();
SimpleNode roleNode = roleGraph.addNode(roleId, roleId);
roleNode.addCategory(RoleType.ROLE);
if (role.getParentRoles()==null || role.getParentRoles().size()==0) {
// We add it to the root node only, if it has no parent roles
roleGraph.addEdge("root:" + roleId, "root -> " + roleId, rootNode, roleNode);
}
if ( role.getChildRoles() != null )
{
for ( String childRole : role.getChildRoles() )
{
roleGraph.addVertex( childRole );
SimpleNode childNode = roleGraph.addNode(childRole, childRole);
childNode.addCategory(RoleType.ROLE);
roleGraph.addEdge( RoleRelation.ROLE_TO_ROLE, roleId+":"+childRole,
roleId+" -> "+childRole, roleNode, childNode );
roleGraph.addEdge( role.getId(), childRole );
}
}
@ -254,9 +282,10 @@ public static DAG generateRoleGraph( RedbackRoleModel model )
{
for ( String parentRole : role.getParentRoles() )
{
roleGraph.addVertex( parentRole );
roleGraph.addEdge( parentRole, role.getId() );
SimpleNode parentNode = roleGraph.addNode( parentRole, parentRole );
parentNode.addCategory(RoleType.ROLE);
roleGraph.addEdge( RoleRelation.ROLE_TO_ROLE, parentRole+":"+roleId,
parentRole + " -> "+ roleId, parentNode, roleNode);
}
}
}
@ -266,24 +295,31 @@ public static DAG generateRoleGraph( RedbackRoleModel model )
}
@SuppressWarnings( "unchecked" )
public static DAG generateTemplateGraph( RedbackRoleModel model )
throws CycleDetectedException
public static SimpleGraph generateTemplateGraph( RedbackRoleModel model )
{
DAG templateGraph = generateRoleGraph( model );
SimpleGraph templateGraph = generateRoleGraph( model );
SimpleNode rootNode = templateGraph.getNode(ROOT);
for ( ModelApplication application : model.getApplications() )
{
for ( ModelTemplate template : application.getTemplates() )
{
templateGraph.addVertex( template.getId() );
final String templId = template.getId();
SimpleNode templateNode = templateGraph.addNode(templId, templId);
templateNode.addCategory(RoleType.TEMPLATE);
if ((template.getParentRoles() == null || template.getParentRoles().size()==0)
&& ( template.getParentTemplates() == null || template.getParentTemplates().size()==0) ) {
templateGraph.addEdge("root:" + templId, "root -> " + templId, rootNode, templateNode);
}
if ( template.getChildRoles() != null )
{
for ( String childRole : template.getChildRoles() )
{
templateGraph.addVertex( childRole );
templateGraph.addEdge( template.getId(), childRole );
SimpleNode childNode = templateGraph.addNode(childRole, childRole);
childNode.addCategory(RoleType.ROLE);
templateGraph.addEdge( RoleRelation.TEMPLATE_TO_ROLE, templId+":"+childNode, templId+" -> "+childNode, templateNode, childNode );
}
}
@ -291,9 +327,10 @@ public static DAG generateTemplateGraph( RedbackRoleModel model )
{
for ( String parentRole : template.getParentRoles() )
{
templateGraph.addVertex( parentRole );
templateGraph.addEdge( parentRole, template.getId() );
SimpleNode parentNode = templateGraph.addNode(parentRole, parentRole);
parentNode.addCategory(RoleType.ROLE);
templateGraph.addEdge( RoleRelation.ROLE_TO_TEMPLATE, parentRole+":"+templId,
parentRole+" -> "+templId, parentNode, templateNode);
}
}
@ -301,9 +338,10 @@ public static DAG generateTemplateGraph( RedbackRoleModel model )
{
for ( String childTemplate : template.getChildTemplates() )
{
templateGraph.addVertex( childTemplate );
templateGraph.addEdge( template.getId(), childTemplate );
SimpleNode childTemplNode = templateGraph.addNode(childTemplate, childTemplate);
childTemplNode.addCategory(RoleType.TEMPLATE);
templateGraph.addEdge( RoleRelation.TEMPLATE_TO_TEMPLATE, templId+":"+childTemplate,
templId+" -> "+childTemplate, templateNode, childTemplNode);
}
}
@ -311,9 +349,11 @@ public static DAG generateTemplateGraph( RedbackRoleModel model )
{
for ( String parentTemplate : template.getParentTemplates() )
{
templateGraph.addVertex( parentTemplate );
templateGraph.addEdge( parentTemplate, template.getId() );
SimpleNode parentTemplNode = templateGraph.addNode( parentTemplate, parentTemplate );
parentTemplNode.addCategory(RoleType.TEMPLATE);
templateGraph.addEdge( RoleRelation.TEMPLATE_TO_TEMPLATE,
parentTemplate+":"+templId, parentTemplate+" -> "+templId,
parentTemplNode, templateNode);
}
}
}
@ -324,18 +364,12 @@ public static DAG generateTemplateGraph( RedbackRoleModel model )
@SuppressWarnings( "unchecked" )
public static List<String> reverseTopologicalSortedRoleList( RedbackRoleModel model )
throws CycleDetectedException
{
LinkedList<String> sortedGraph =
(LinkedList<String>) TopologicalSorter.sort( RoleModelUtils.generateRoleGraph( model ) );
List<String> resortedGraph = new LinkedList<String>();
while ( !sortedGraph.isEmpty() )
{
resortedGraph.add( sortedGraph.removeLast() );
}
return resortedGraph;
SimpleGraph graph = generateRoleGraph(model);
List<String> sortedGraph = Traversal.topologialSort(graph.getNode(ROOT)).stream().map(n -> n.getId())
.filter(id -> !ROOT.equals(id)).collect(Collectors.toList());
Collections.reverse(sortedGraph);
return sortedGraph;
}
}

410
redback-rbac/redback-rbac-role-manager/src/main/java/org/apache/archiva/redback/role/validator/DefaultRoleModelValidator.java
View File

@ -19,16 +19,14 @@
* under the License.
*/
import org.apache.archiva.components.graph.base.SimpleGraph;
import org.apache.archiva.components.graph.base.SimpleNode;
import org.apache.archiva.components.graph.util.Traversal;
import org.apache.archiva.redback.role.RoleManagerException;
import org.apache.archiva.redback.role.model.ModelApplication;
import org.apache.archiva.redback.role.model.ModelOperation;
import org.apache.archiva.redback.role.model.ModelPermission;
import org.apache.archiva.redback.role.model.ModelResource;
import org.apache.archiva.redback.role.model.ModelRole;
import org.apache.archiva.redback.role.model.ModelTemplate;
import org.apache.archiva.redback.role.model.RedbackRoleModel;
import org.apache.archiva.redback.role.model.*;
import org.apache.archiva.redback.role.util.RoleModelUtils;
import org.codehaus.plexus.util.dag.CycleDetectedException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;
import java.util.ArrayList;
@ -38,51 +36,45 @@
* DefaultRoleModelValidator: validates completeness of the model
*
* @author: Jesse McConnell
*
*/
@Service( "roleModelValidator" )
@Service("roleModelValidator")
public class DefaultRoleModelValidator
implements RoleModelValidator
{
implements RoleModelValidator {
private static final Logger log = LoggerFactory.getLogger(DefaultRoleModelValidator.class);
private List<String> validationErrors;
public boolean validate( RedbackRoleModel model )
throws RoleManagerException
{
public boolean validate(RedbackRoleModel model)
throws RoleManagerException {
validationErrors = null;
validateRequiredStructure( model );
validateResourceClosure( model );
validateOperationClosure( model );
validateChildRoleClosure( model );
validateParentRoleClosure( model );
validateTemplateClosure( model );
validateNoRoleCycles( model );
validateNoTemplateCycles( model );
validateRequiredStructure(model);
validateResourceClosure(model);
validateOperationClosure(model);
validateChildRoleClosure(model);
validateParentRoleClosure(model);
validateTemplateClosure(model);
validateNoRoleCycles(model);
validateNoTemplateCycles(model);
if ( validationErrors == null )
{
if (validationErrors == null) {
return true;
}
else
{
} else {
return false;
}
}
public List<String> getValidationErrors()
{
public List<String> getValidationErrors() {
return validationErrors;
}
private void addValidationError( String error )
{
if ( validationErrors == null )
{
validationErrors = new ArrayList<String>( 0 );
private void addValidationError(String error) {
if (validationErrors == null) {
validationErrors = new ArrayList<String>(0);
}
validationErrors.add( error );
validationErrors.add(error);
}
/**
@ -91,125 +83,97 @@ private void addValidationError( String error )
*
* @param model
*/
@SuppressWarnings( "unchecked" )
private void validateRequiredStructure( RedbackRoleModel model )
{
@SuppressWarnings("unchecked")
private void validateRequiredStructure(RedbackRoleModel model) {
// validate model has name
for ( ModelApplication application : model.getApplications() )
{
if ( application.getId() == null )
{
addValidationError( "model is missing application name" );
for (ModelApplication application : model.getApplications()) {
if (application.getId() == null) {
addValidationError("model is missing application name");
}
// validate model has version
if ( application.getVersion() == null )
{
addValidationError( application.getId() + " is missing version" );
if (application.getVersion() == null) {
addValidationError(application.getId() + " is missing version");
}
// validate resource bits
for ( ModelResource resource : application.getResources() )
{
if ( resource.getName() == null )
{
addValidationError( resource.toString() + " missing name" );
for (ModelResource resource : application.getResources()) {
if (resource.getName() == null) {
addValidationError(resource.toString() + " missing name");
}
if ( resource.getId() == null )
{
addValidationError( resource.toString() + " missing id" );
if (resource.getId() == null) {
addValidationError(resource.toString() + " missing id");
}
}
// validate the operations
for ( ModelOperation operation : application.getOperations() )
{
if ( operation.getName() == null )
{
addValidationError( operation.toString() + " missing name" );
for (ModelOperation operation : application.getOperations()) {
if (operation.getName() == null) {
addValidationError(operation.toString() + " missing name");
}
if ( operation.getId() == null )
{
addValidationError( operation.toString() + " missing id" );
if (operation.getId() == null) {
addValidationError(operation.toString() + " missing id");
}
}
for ( ModelRole role : application.getRoles() )
{
if ( role.getId() == null )
{
addValidationError( role.toString() + " missing id" );
for (ModelRole role : application.getRoles()) {
if (role.getId() == null) {
addValidationError(role.toString() + " missing id");
}
if ( role.getName() == null )
{
addValidationError( role.toString() + " missing name" );
if (role.getName() == null) {
addValidationError(role.toString() + " missing name");
}
if ( role.getPermissions() != null )
{
for ( ModelPermission permission : role.getPermissions() )
{
if ( permission.getName() == null )
{
addValidationError( permission.toString() + " missing name" );
if (role.getPermissions() != null) {
for (ModelPermission permission : role.getPermissions()) {
if (permission.getName() == null) {
addValidationError(permission.toString() + " missing name");
}
if ( permission.getId() == null )
{
addValidationError( permission.toString() + " missing id" );
if (permission.getId() == null) {
addValidationError(permission.toString() + " missing id");
}
if ( permission.getOperation() == null )
{
addValidationError( permission.toString() + " missing operations" );
if (permission.getOperation() == null) {
addValidationError(permission.toString() + " missing operations");
}
if ( permission.getResource() == null )
{
addValidationError( permission.toString() + " missing resource" );
if (permission.getResource() == null) {
addValidationError(permission.toString() + " missing resource");
}
}
}
}
for ( ModelTemplate template : application.getTemplates() )
{
if ( template.getId() == null )
{
addValidationError( template.toString() + " missing id" );
for (ModelTemplate template : application.getTemplates()) {
if (template.getId() == null) {
addValidationError(template.toString() + " missing id");
}
if ( template.getNamePrefix() == null )
{
addValidationError( template.toString() + " missing name prefix" );
if (template.getNamePrefix() == null) {
addValidationError(template.toString() + " missing name prefix");
}
if ( template.getPermissions() != null )
{
for ( ModelPermission permission : template.getPermissions() )
{
if ( permission.getName() == null )
{
addValidationError( permission.toString() + " missing name" );
if (template.getPermissions() != null) {
for (ModelPermission permission : template.getPermissions()) {
if (permission.getName() == null) {
addValidationError(permission.toString() + " missing name");
}
if ( permission.getId() == null )
{
addValidationError( permission.toString() + " missing id" );
if (permission.getId() == null) {
addValidationError(permission.toString() + " missing id");
}
if ( permission.getOperation() == null )
{
addValidationError( permission.toString() + " missing operations" );
if (permission.getOperation() == null) {
addValidationError(permission.toString() + " missing operations");
}
if ( permission.getResource() == null )
{
addValidationError( permission.toString() + " missing resource" );
if (permission.getResource() == null) {
addValidationError(permission.toString() + " missing resource");
}
}
}
@ -222,39 +186,29 @@ private void validateRequiredStructure( RedbackRoleModel model )
*
* @param model
*/
private void validateOperationClosure( RedbackRoleModel model )
{
List<String> operationIdList = RoleModelUtils.getOperationIdList( model );
private void validateOperationClosure(RedbackRoleModel model) {
List<String> operationIdList = RoleModelUtils.getOperationIdList(model);
// check the operations in role permissions
for ( ModelApplication application : model.getApplications() )
{
for ( ModelRole role : application.getRoles() )
{
if ( role.getPermissions() != null )
{
for ( ModelPermission permission : role.getPermissions() )
{
if ( !operationIdList.contains( permission.getOperation() ) )
{
addValidationError( "missing operation: " + permission.getOperation() + " in permission "
+ permission.getId() );
for (ModelApplication application : model.getApplications()) {
for (ModelRole role : application.getRoles()) {
if (role.getPermissions() != null) {
for (ModelPermission permission : role.getPermissions()) {
if (!operationIdList.contains(permission.getOperation())) {
addValidationError("missing operation: " + permission.getOperation() + " in permission "
+ permission.getId());
}
}
}
}
// check the operations in template permissions
for ( ModelTemplate template : application.getTemplates() )
{
if ( template.getPermissions() != null )
{
for ( ModelPermission permission : template.getPermissions() )
{
if ( !operationIdList.contains( permission.getOperation() ) )
{
addValidationError( "missing operation: " + permission.getOperation() + " in permission "
+ permission.getId() );
for (ModelTemplate template : application.getTemplates()) {
if (template.getPermissions() != null) {
for (ModelPermission permission : template.getPermissions()) {
if (!operationIdList.contains(permission.getOperation())) {
addValidationError("missing operation: " + permission.getOperation() + " in permission "
+ permission.getId());
}
}
}
@ -262,21 +216,15 @@ private void validateOperationClosure( RedbackRoleModel model )
}
}
private void validateResourceClosure( RedbackRoleModel model )
{
List<String> resourceIdList = RoleModelUtils.getResourceIdList( model );
for ( ModelApplication application : model.getApplications() )
{
for ( ModelRole role : application.getRoles() )
{
if ( role.getPermissions() != null )
{
for ( ModelPermission permission : role.getPermissions() )
{
if ( !resourceIdList.contains( permission.getResource() ) )
{
addValidationError( "missing operation: " + permission.getResource() + " in permission "
+ permission.getId() );
private void validateResourceClosure(RedbackRoleModel model) {
List<String> resourceIdList = RoleModelUtils.getResourceIdList(model);
for (ModelApplication application : model.getApplications()) {
for (ModelRole role : application.getRoles()) {
if (role.getPermissions() != null) {
for (ModelPermission permission : role.getPermissions()) {
if (!resourceIdList.contains(permission.getResource())) {
addValidationError("missing operation: " + permission.getResource() + " in permission "
+ permission.getId());
}
}
}
@ -284,36 +232,26 @@ private void validateResourceClosure( RedbackRoleModel model )
}
}
private void validateChildRoleClosure( RedbackRoleModel model )
{
List<String> roleIdList = RoleModelUtils.getRoleIdList( model );
for ( ModelApplication application : model.getApplications() )
{
for ( ModelRole role : application.getRoles() )
{
if ( role.getChildRoles() != null )
{
for ( String childRoleId : role.getChildRoles() )
{
if ( !roleIdList.contains( childRoleId ) )
{
private void validateChildRoleClosure(RedbackRoleModel model) {
List<String> roleIdList = RoleModelUtils.getRoleIdList(model);
for (ModelApplication application : model.getApplications()) {
for (ModelRole role : application.getRoles()) {
if (role.getChildRoles() != null) {
for (String childRoleId : role.getChildRoles()) {
if (!roleIdList.contains(childRoleId)) {
addValidationError(
"missing role id: " + childRoleId + " in child roles of role " + role.getId() );
"missing role id: " + childRoleId + " in child roles of role " + role.getId());
}
}
}
}
for ( ModelTemplate template : application.getTemplates() )
{
if ( template.getChildRoles() != null )
{
for ( String childRoleId : template.getChildRoles() )
{
if ( !roleIdList.contains( childRoleId ) )
{
for (ModelTemplate template : application.getTemplates()) {
if (template.getChildRoles() != null) {
for (String childRoleId : template.getChildRoles()) {
if (!roleIdList.contains(childRoleId)) {
addValidationError(
"missing role id: " + childRoleId + " in child roles of template " + template.getId() );
"missing role id: " + childRoleId + " in child roles of template " + template.getId());
}
}
}
@ -321,38 +259,28 @@ private void validateChildRoleClosure( RedbackRoleModel model )
}
}
@SuppressWarnings( "unchecked" )
private void validateParentRoleClosure( RedbackRoleModel model )
{
List roleIdList = RoleModelUtils.getRoleIdList( model );
@SuppressWarnings("unchecked")
private void validateParentRoleClosure(RedbackRoleModel model) {
List roleIdList = RoleModelUtils.getRoleIdList(model);
for ( ModelApplication application : model.getApplications() )
{
for ( ModelRole role : application.getRoles() )
{
if ( role.getParentRoles() != null )
{
for ( String parentRoleId : role.getParentRoles() )
{
if ( !roleIdList.contains( parentRoleId ) )
{
for (ModelApplication application : model.getApplications()) {
for (ModelRole role : application.getRoles()) {
if (role.getParentRoles() != null) {
for (String parentRoleId : role.getParentRoles()) {
if (!roleIdList.contains(parentRoleId)) {
addValidationError(
"missing role id: " + parentRoleId + " in parent roles of role " + role.getId() );
"missing role id: " + parentRoleId + " in parent roles of role " + role.getId());
}
}
}
}
for ( ModelTemplate template : application.getTemplates() )
{
if ( template.getParentRoles() != null )
{
for ( String parentRoleId : template.getParentRoles() )
{
if ( !roleIdList.contains( parentRoleId ) )
{
addValidationError( "missing role id: " + parentRoleId + " in parent roles of template "
+ template.getId() );
for (ModelTemplate template : application.getTemplates()) {
if (template.getParentRoles() != null) {
for (String parentRoleId : template.getParentRoles()) {
if (!roleIdList.contains(parentRoleId)) {
addValidationError("missing role id: " + parentRoleId + " in parent roles of template "
+ template.getId());
}
}
}
@ -360,50 +288,38 @@ private void validateParentRoleClosure( RedbackRoleModel model )
}
}
private void validateTemplateClosure( RedbackRoleModel model )
{
List templateIdList = RoleModelUtils.getTemplateIdList( model );
private void validateTemplateClosure(RedbackRoleModel model) {
List templateIdList = RoleModelUtils.getTemplateIdList(model);
// template name prefix must be unique
List<String> templateNamePrefixList = new ArrayList<String>();
for ( ModelApplication application : model.getApplications() )
{
for ( ModelTemplate template : application.getTemplates() )
{
if ( template.getParentTemplates() != null )
{
for ( String parentTemplateId : template.getParentTemplates() )
{
if ( !templateIdList.contains( parentTemplateId ) )
{
for (ModelApplication application : model.getApplications()) {
for (ModelTemplate template : application.getTemplates()) {
if (template.getParentTemplates() != null) {
for (String parentTemplateId : template.getParentTemplates()) {
if (!templateIdList.contains(parentTemplateId)) {
addValidationError(
"missing template id: " + parentTemplateId + " in parent templates of template "
+ template.getId() );
"missing template id: " + parentTemplateId + " in parent templates of template "
+ template.getId());
}
}
}
if ( template.getChildTemplates() != null )
{
for ( String childTemplateId : template.getChildTemplates() )
{
if ( !templateIdList.contains( childTemplateId ) )
{
if (template.getChildTemplates() != null) {
for (String childTemplateId : template.getChildTemplates()) {
if (!templateIdList.contains(childTemplateId)) {
addValidationError(
"missing template id: " + childTemplateId + " in child templates of template "
+ template.getId() );
"missing template id: " + childTemplateId + " in child templates of template "
+ template.getId());
}
}
}
if ( !templateNamePrefixList.contains( template.getNamePrefix() ) )
{
templateNamePrefixList.add( template.getNamePrefix() );
}
else
{
addValidationError( "duplicate name prefix detected: " + template.getNamePrefix() );
if (!templateNamePrefixList.contains(template.getNamePrefix())) {
templateNamePrefixList.add(template.getNamePrefix());
} else {
addValidationError("duplicate name prefix detected: " + template.getNamePrefix());
}
}
}
@ -414,15 +330,14 @@ private void validateTemplateClosure( RedbackRoleModel model )
*
* @param model
*/
private void validateNoRoleCycles( RedbackRoleModel model )
{
try
{
RoleModelUtils.generateRoleGraph( model );
}
catch ( CycleDetectedException e )
{
addValidationError( "cycle detected: " + e.getMessage() );
private void validateNoRoleCycles(RedbackRoleModel model) {
log.debug("Validating cycles in role model");
SimpleGraph graph = RoleModelUtils.generateRoleGraph(model);
SimpleNode rootNode = graph.getNode(RoleModelUtils.ROOT);
SimpleNode n;
if ((n = Traversal.findFirstCycleNode(rootNode))!=null) {
log.debug("Adding template cycle validation error for node {}", n.getId());
addValidationError("Cycle detected at "+n.getId());
}
}
@ -430,21 +345,20 @@ private void validateNoRoleCycles( RedbackRoleModel model )
* We are not allowed to have cycles between template either, this method is to detect and
* raise a red flag when that happens. Templates are a bit more complex since they have both
* child and parent roles, as well as runtime parent and child templates
*
* <p>
* the id should be sufficient to test cycles here even though in runtime the id's do not need to be
* unique since it is the binding of a namePrefix and a resource that makes them unique
*
* @param model
*/
private void validateNoTemplateCycles( RedbackRoleModel model )
{
try
{
RoleModelUtils.generateTemplateGraph( model );
}
catch ( CycleDetectedException e )
{
addValidationError( "template cycle detected: " + e.getMessage() );
private void validateNoTemplateCycles(RedbackRoleModel model) {
log.debug("Validating cycles in role template model ");
SimpleGraph graph = RoleModelUtils.generateTemplateGraph(model);
SimpleNode rootNode = graph.getNode(RoleModelUtils.ROOT);
SimpleNode n;
if ((n = Traversal.findFirstCycleNode(rootNode)) != null) {
log.debug("Adding template cycle validation error for node {}", n.getId());
addValidationError("Template cycle detected at "+n.getId());
}
}
}

4
redback-rbac/redback-rbac-role-manager/src/test/java/org/apache/archiva/redback/role/validator/RoleModelValidatorTest.java
View File

@ -112,9 +112,9 @@ public void testBad() throws Exception
assertTrue( checkForValidationError( modelValidator.getValidationErrors(), "test-template-missing-child-template" ) );
assertTrue( checkForValidationError( modelValidator.getValidationErrors(), "cycle detected" ) );
assertTrue( checkForValidationError( modelValidator.getValidationErrors(), "Cycle detected" ) );
assertTrue( checkForValidationError( modelValidator.getValidationErrors(), "template cycle detected" ) );
assertTrue( checkForValidationError( modelValidator.getValidationErrors(), "Template cycle detected" ) );
}

36
redback-rbac/redback-rbac-role-manager/src/test/resources/log4j2-test.xml Normal file
View File

@ -0,0 +1,36 @@
<?xml version="1.0" encoding="UTF-8" ?>
<!--
~ Licensed to the Apache Software Foundation (ASF) under one
~ or more contributor license agreements. See the NOTICE file
~ distributed with this work for additional information
~ regarding copyright ownership. The ASF licenses this file
~ to you under the Apache License, Version 2.0 (the
~ "License"); you may not use this file except in compliance
~ with the License. You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<configuration>
<appenders>
<Console name="console" target="SYSTEM_OUT">
<PatternLayout pattern="%d{HH:mm:ss.SSS} [%t] %-5level %logger{36} - %msg%n"/>
</Console>
</appenders>
<loggers>
<logger name="org.apache.archiva.redback.role" level="info" />
<logger name="org.apache.archiva.components.graph" level="info" />
<root level="error" includeLocation="true">
<appender-ref ref="console"/>
</root>
</loggers>
</configuration>