[MRM-922] access to upload page with managed repository role

git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@752539 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Brett Porter 2009-03-11 17:33:31 +00:00
parent f63959e3aa
commit 13d43afbfe
5 changed files with 62 additions and 10 deletions

View File

@ -73,7 +73,22 @@ public class DefaultUserRepositories
public List<String> getObservableRepositoryIds( String principal ) public List<String> getObservableRepositoryIds( String principal )
throws PrincipalNotFoundException, AccessDeniedException, ArchivaSecurityException throws PrincipalNotFoundException, AccessDeniedException, ArchivaSecurityException
{ {
String operation = ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS;
return getAccessibleRepositoryIds( principal, operation );
}
public List<String> getManagableRepositoryIds( String principal )
throws PrincipalNotFoundException, AccessDeniedException, ArchivaSecurityException
{
String operation = ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD;
return getAccessibleRepositoryIds( principal, operation );
}
private List<String> getAccessibleRepositoryIds( String principal, String operation )
throws ArchivaSecurityException, AccessDeniedException, PrincipalNotFoundException
{
try try
{ {
User user = securitySystem.getUserManager().findUser( principal ); User user = securitySystem.getUserManager().findUser( principal );
@ -100,8 +115,7 @@ public class DefaultUserRepositories
try try
{ {
String repoId = repo.getId(); String repoId = repo.getId();
if ( securitySystem.isAuthorized( securitySession, if ( securitySystem.isAuthorized( securitySession, operation, repoId ) )
ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS, repoId ) )
{ {
repoIds.add( repoId ); repoIds.add( repoId );
} }

View File

@ -43,6 +43,18 @@ public interface UserRepositories
public List<String> getObservableRepositoryIds( String principal ) public List<String> getObservableRepositoryIds( String principal )
throws PrincipalNotFoundException, AccessDeniedException, ArchivaSecurityException; throws PrincipalNotFoundException, AccessDeniedException, ArchivaSecurityException;
/**
* Get the list of writable repository ids for the user specified.
*
* @param principal the principle to obtain the observable repository ids from.
* @return the list of observable repository ids.
* @throws PrincipalNotFoundException
* @throws AccessDeniedException
* @throws ArchivaSecurityException
*/
public List<String> getManagableRepositoryIds( String principal )
throws PrincipalNotFoundException, AccessDeniedException, ArchivaSecurityException;
/** /**
* Create any missing repository roles for the provided repository id. * Create any missing repository roles for the provided repository id.
* *

View File

@ -57,6 +57,7 @@ import org.apache.maven.archiva.repository.metadata.RepositoryMetadataWriter;
import org.apache.maven.archiva.repository.project.ProjectModelException; import org.apache.maven.archiva.repository.project.ProjectModelException;
import org.apache.maven.archiva.repository.project.ProjectModelWriter; import org.apache.maven.archiva.repository.project.ProjectModelWriter;
import org.apache.maven.archiva.repository.project.writers.ProjectModel400Writer; import org.apache.maven.archiva.repository.project.writers.ProjectModel400Writer;
import org.apache.maven.archiva.security.AccessDeniedException;
import org.apache.maven.archiva.security.ArchivaSecurityException; import org.apache.maven.archiva.security.ArchivaSecurityException;
import org.apache.maven.archiva.security.PrincipalNotFoundException; import org.apache.maven.archiva.security.PrincipalNotFoundException;
import org.apache.maven.archiva.security.UserRepositories; import org.apache.maven.archiva.security.UserRepositories;
@ -295,8 +296,7 @@ public class UploadAction
public void prepare() public void prepare()
{ {
managedRepoIdList = managedRepoIdList = getManagableRepos();
new ArrayList<String>( configuration.getConfiguration().getManagedRepositoriesAsMap().keySet() );
} }
public String input() public String input()
@ -622,6 +622,28 @@ public class UploadAction
this.auditListeners.remove( listener ); this.auditListeners.remove( listener );
} }
private List<String> getManagableRepos()
{
try
{
return userRepositories.getManagableRepositoryIds( getPrincipal() );
}
catch ( PrincipalNotFoundException e )
{
getLogger().warn( e.getMessage(), e );
}
catch ( AccessDeniedException e )
{
getLogger().warn( e.getMessage(), e );
// TODO: pass this onto the screen.
}
catch ( ArchivaSecurityException e )
{
getLogger().warn( e.getMessage(), e );
}
return Collections.emptyList();
}
private void triggerAuditEvent( String user, String repositoryId, String resource, String action ) private void triggerAuditEvent( String user, String repositoryId, String resource, String action )
{ {
AuditEvent event = new AuditEvent( repositoryId, user, resource, action ); AuditEvent event = new AuditEvent( repositoryId, user, resource, action );

View File

@ -80,7 +80,7 @@
</li> </li>
</ul> </ul>
<redback:ifAnyAuthorized permissions="archiva-delete-artifact,archiva-manage-users,archiva-access-reports,archiva-manage-configuration"> <redback:ifAnyAuthorized permissions="archiva-upload-repository,archiva-delete-artifact,archiva-manage-users,archiva-access-reports,archiva-manage-configuration">
<h5>Manage</h5> <h5>Manage</h5>
<ul> <ul>
<redback:ifAuthorized permission="archiva-access-reports"> <redback:ifAuthorized permission="archiva-access-reports">
@ -88,11 +88,6 @@
<my:currentWWUrl action="pickReport" namespace="/report">Reports</my:currentWWUrl> <my:currentWWUrl action="pickReport" namespace="/report">Reports</my:currentWWUrl>
</li> </li>
</redback:ifAuthorized> </redback:ifAuthorized>
<%-- POSTPONED to 1.1 series
<li class="none">
<a href="#">Synchronisation</a>
</li>
--%>
<redback:ifAuthorized permission="archiva-manage-users"> <redback:ifAuthorized permission="archiva-manage-users">
<li class="none"> <li class="none">
<my:currentWWUrl action="userlist" namespace="/security">User Management</my:currentWWUrl> <my:currentWWUrl action="userlist" namespace="/security">User Management</my:currentWWUrl>
@ -107,6 +102,8 @@
<li class="none"> <li class="none">
<my:currentWWUrl action="configureAppearance" namespace="/admin">Appearance</my:currentWWUrl> <my:currentWWUrl action="configureAppearance" namespace="/admin">Appearance</my:currentWWUrl>
</li> </li>
</redback:ifAuthorized>
<redback:ifAuthorized permission="archiva-upload-repository">
<li class="none"> <li class="none">
<my:currentWWUrl action="upload" namespace="/">Upload Artifact</my:currentWWUrl> <my:currentWWUrl action="upload" namespace="/">Upload Artifact</my:currentWWUrl>
</li> </li>

View File

@ -67,4 +67,11 @@ public class UserRepositoriesStub
return false; return false;
} }
public List<String> getManagableRepositoryIds( String principal )
throws PrincipalNotFoundException, AccessDeniedException, ArchivaSecurityException
{
// TODO Auto-generated method stub
return null;
}
} }