[MRM-922] access to upload page with managed repository role

git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@752539 13f79535-47bb-0310-9956-ffa450edef68
2009-03-11 17:33:31 +00:00 · 2009-03-11 17:33:31 +00:00 · 13d43afbfe
parent f63959e3aa
commit 13d43afbfe
5 changed files with 62 additions and 10 deletions
--- a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java
+++ b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java
@ -73,7 +73,22 @@ public class DefaultUserRepositories
    public List<String> getObservableRepositoryIds( String principal )
        throws PrincipalNotFoundException, AccessDeniedException, ArchivaSecurityException
    {
+        String operation = ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS;

+        return getAccessibleRepositoryIds( principal, operation );
+    }
+
+    public List<String> getManagableRepositoryIds( String principal )
+        throws PrincipalNotFoundException, AccessDeniedException, ArchivaSecurityException
+    {
+        String operation = ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD;
+
+        return getAccessibleRepositoryIds( principal, operation );
+    }
+
+    private List<String> getAccessibleRepositoryIds( String principal, String operation )
+        throws ArchivaSecurityException, AccessDeniedException, PrincipalNotFoundException
+    {
        try
        {
            User user = securitySystem.getUserManager().findUser( principal );
@ -100,8 +115,7 @@ public class DefaultUserRepositories
                try
                {
                    String repoId = repo.getId();
-                    if ( securitySystem.isAuthorized( securitySession,
-                                                      ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS, repoId ) )
+                    if ( securitySystem.isAuthorized( securitySession, operation, repoId ) )
                    {
                        repoIds.add( repoId );
                    }
--- a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/UserRepositories.java
+++ b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/UserRepositories.java
@ -43,6 +43,18 @@ public interface UserRepositories
    public List<String> getObservableRepositoryIds( String principal )
        throws PrincipalNotFoundException, AccessDeniedException, ArchivaSecurityException;
    
+    /**
+     * Get the list of writable repository ids for the user specified.
+     * 
+     * @param principal the principle to obtain the observable repository ids from.
+     * @return the list of observable repository ids.
+     * @throws PrincipalNotFoundException
+     * @throws AccessDeniedException
+     * @throws ArchivaSecurityException
+     */
+    public List<String> getManagableRepositoryIds( String principal )
+        throws PrincipalNotFoundException, AccessDeniedException, ArchivaSecurityException;
+    
    /**
     * Create any missing repository roles for the provided repository id.
     * 
--- a/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/UploadAction.java
+++ b/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/UploadAction.java
@ -57,6 +57,7 @@ import org.apache.maven.archiva.repository.metadata.RepositoryMetadataWriter;
 import org.apache.maven.archiva.repository.project.ProjectModelException;
 import org.apache.maven.archiva.repository.project.ProjectModelWriter;
 import org.apache.maven.archiva.repository.project.writers.ProjectModel400Writer;
+import org.apache.maven.archiva.security.AccessDeniedException;
 import org.apache.maven.archiva.security.ArchivaSecurityException;
 import org.apache.maven.archiva.security.PrincipalNotFoundException;
 import org.apache.maven.archiva.security.UserRepositories;
@ -295,8 +296,7 @@ public class UploadAction

    public void prepare()
    {
-        managedRepoIdList =
-            new ArrayList<String>( configuration.getConfiguration().getManagedRepositoriesAsMap().keySet() );
+        managedRepoIdList = getManagableRepos();
    }

    public String input()
@ -622,6 +622,28 @@ public class UploadAction
        this.auditListeners.remove( listener );
    }
    
+    private List<String> getManagableRepos()
+    {
+        try
+        {
+            return userRepositories.getManagableRepositoryIds( getPrincipal() );
+        }
+        catch ( PrincipalNotFoundException e )
+        {
+            getLogger().warn( e.getMessage(), e );
+        }
+        catch ( AccessDeniedException e )
+        {
+            getLogger().warn( e.getMessage(), e );
+            // TODO: pass this onto the screen.
+        }
+        catch ( ArchivaSecurityException e )
+        {
+            getLogger().warn( e.getMessage(), e );
+        }
+        return Collections.emptyList();
+    }
+
    private void triggerAuditEvent( String user, String repositoryId, String resource, String action )
    {
        AuditEvent event = new AuditEvent( repositoryId, user, resource, action );
--- a/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp
+++ b/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp
@ -80,7 +80,7 @@
      </li>
    </ul>

-    <redback:ifAnyAuthorized permissions="archiva-delete-artifact,archiva-manage-users,archiva-access-reports,archiva-manage-configuration">
+    <redback:ifAnyAuthorized permissions="archiva-upload-repository,archiva-delete-artifact,archiva-manage-users,archiva-access-reports,archiva-manage-configuration">
      <h5>Manage</h5>
      <ul>
        <redback:ifAuthorized permission="archiva-access-reports">
@ -88,11 +88,6 @@
            <my:currentWWUrl action="pickReport" namespace="/report">Reports</my:currentWWUrl>
          </li>
        </redback:ifAuthorized>
-          <%-- POSTPONED to 1.1 series
-                <li class="none">
-                  <a href="#">Synchronisation</a>
-                </li>
-          --%>
        <redback:ifAuthorized permission="archiva-manage-users">
          <li class="none">
            <my:currentWWUrl action="userlist" namespace="/security">User Management</my:currentWWUrl>
@ -107,6 +102,8 @@
          <li class="none">
            <my:currentWWUrl action="configureAppearance" namespace="/admin">Appearance</my:currentWWUrl>
          </li>
+        </redback:ifAuthorized>
+        <redback:ifAuthorized permission="archiva-upload-repository">
          <li class="none">
            <my:currentWWUrl action="upload" namespace="/">Upload Artifact</my:currentWWUrl>
          </li>
--- a/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/security/UserRepositoriesStub.java
+++ b/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/security/UserRepositoriesStub.java
@ -67,4 +67,11 @@ public class UserRepositoriesStub
        return false;
    }

+    public List<String> getManagableRepositoryIds( String principal )
+        throws PrincipalNotFoundException, AccessDeniedException, ArchivaSecurityException
+    {
+        // TODO Auto-generated method stub
+        return null;
+    }
+
 }