[MRM-1708] When using LDAP, users can still edit their details upon login.

git-svn-id: https://svn.apache.org/repos/asf/archiva/redback/redback-core/trunk@1412793 13f79535-47bb-0310-9956-ffa450edef68
2012-11-23 09:28:48 +00:00 · 2012-11-23 09:28:48 +00:00 · daeecfa8a0
parent d852fe3356
commit daeecfa8a0
5 changed files with 30 additions and 1 deletions
--- a/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/model/User.java
+++ b/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/model/User.java
@ -68,6 +68,12 @@ public class User
     */
    private List<String> assignedRoles;

+    /**
+     * with some userManagerImpl it's not possible to edit users;
+     * @since 1.4-M4
+     */
+    private boolean readOnly;
+
    public User()
    {
        // no op
@ -239,6 +245,16 @@ public class User
        this.assignedRoles = assignedRoles;
    }

+    public boolean isReadOnly()
+    {
+        return readOnly;
+    }
+
+    public void setReadOnly( boolean readOnly )
+    {
+        this.readOnly = readOnly;
+    }
+
    @Override
    public String toString()
    {
@ -258,6 +274,7 @@ public class User
        sb.append( ", timestampLastPasswordChange='" ).append( timestampLastPasswordChange ).append( '\'' );
        sb.append( ", previousPassword='" ).append( previousPassword ).append( '\'' );
        sb.append( ", assignedRoles=" ).append( assignedRoles );
+        sb.append( ", readOnly=" ).append( readOnly );
        sb.append( '}' );
        return sb.toString();
    }
--- a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/DefaultLoginService.java
+++ b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/DefaultLoginService.java
@ -140,7 +140,7 @@ public class DefaultLoginService
                    return null;
                }
                User restUser = buildRestUser( user );
-
+                restUser.setReadOnly( securitySystem.userManagerReadOnly() );
                // here create an http session
                httpAuthenticator.authenticate( authDataSource, httpServletRequest.getSession( true ) );
                return restUser;
--- a/redback-system/src/main/java/org/apache/archiva/redback/system/DefaultSecuritySystem.java
+++ b/redback-system/src/main/java/org/apache/archiva/redback/system/DefaultSecuritySystem.java
@ -279,4 +279,9 @@ public class DefaultSecuritySystem
    {
        this.policy = policy;
    }
+
+    public boolean userManagerReadOnly()
+    {
+        return userManager.isReadOnly();
+    }
 }
--- a/redback-system/src/main/java/org/apache/archiva/redback/system/SecuritySystem.java
+++ b/redback-system/src/main/java/org/apache/archiva/redback/system/SecuritySystem.java
@ -94,5 +94,11 @@ public interface SecuritySystem
    String getUserManagementId();
    String getAuthenticatorId();
    String getAuthorizerId();
+
+    /**
+     * @since 2.1
+     * @return is it possible to modify user datas (some userManager cannot i.e ldap)
+     */
+    boolean userManagerReadOnly();
 }

--- a/redback-users/redback-users-api/src/main/java/org/apache/archiva/redback/users/User.java
+++ b/redback-users/redback-users-api/src/main/java/org/apache/archiva/redback/users/User.java
@ -291,4 +291,5 @@ public interface User
     * Sets the Last Successful Login Date for this account.
     */
    void setLastLoginDate( Date date );
+
 }