Apache
/
archiva
mirror of https://github.com/apache/archiva.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add a lot of missing eol-style native 

git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@1176606 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Olivier Lamy 2011-09-27 20:40:36 +00:00
parent b3a0ceb37d
commit 3c247ba1f8
6 changed files with 966 additions and 966 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

710
archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/archiva/web/action/AbstractActionSupport.java
View File

@ -1,355 +1,355 @@
package org.apache.archiva.web.action;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionSupport;
import org.apache.archiva.admin.model.AuditInformation;
import org.apache.archiva.audit.AuditEvent;
import org.apache.archiva.audit.AuditListener;
import org.apache.archiva.audit.Auditable;
import org.apache.archiva.metadata.repository.RepositorySessionFactory;
import org.apache.archiva.security.ArchivaXworkUser;
import org.apache.commons.lang.StringUtils;
import org.apache.struts2.ServletActionContext;
import org.apache.struts2.interceptor.SessionAware;
import org.codehaus.plexus.redback.users.User;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.ApplicationContext;
import javax.annotation.PostConstruct;
import javax.inject.Inject;
import javax.inject.Named;
import javax.servlet.http.HttpServletRequest;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
/**
* LogEnabled and SessionAware ActionSupport
*/
public abstract class AbstractActionSupport
extends ActionSupport
implements SessionAware, Auditable
{
protected Map<?, ?> session;
protected Logger log = LoggerFactory.getLogger( getClass() );
@Inject
private List<AuditListener> auditListeners = new ArrayList<AuditListener>();
@Inject
@Named( value = "repositorySessionFactory" )
protected RepositorySessionFactory repositorySessionFactory;
@Inject
protected ApplicationContext applicationContext;
private String principal;
@PostConstruct
public void initialize()
{
// no op
}
@SuppressWarnings( "unchecked" )
public void setSession( Map map )
{
this.session = map;
}
public void addAuditListener( AuditListener listener )
{
this.auditListeners.add( listener );
}
public void clearAuditListeners()
{
this.auditListeners.clear();
}
public void removeAuditListener( AuditListener listener )
{
this.auditListeners.remove( listener );
}
protected void triggerAuditEvent( String repositoryId, String resource, String action )
{
AuditEvent event = new AuditEvent( repositoryId, getPrincipal(), resource, action );
event.setRemoteIP( getRemoteAddr() );
for ( AuditListener listener : auditListeners )
{
listener.auditEvent( event );
}
}
protected void triggerAuditEvent( String resource, String action )
{
AuditEvent event = new AuditEvent( null, getPrincipal(), resource, action );
event.setRemoteIP( getRemoteAddr() );
for ( AuditListener listener : auditListeners )
{
listener.auditEvent( event );
}
}
protected void triggerAuditEvent( String action )
{
AuditEvent event = new AuditEvent( null, getPrincipal(), null, action );
event.setRemoteIP( getRemoteAddr() );
for ( AuditListener listener : auditListeners )
{
listener.auditEvent( event );
}
}
private String getRemoteAddr()
{
HttpServletRequest request = ServletActionContext.getRequest();
return request != null ? request.getRemoteAddr() : null;
}
@SuppressWarnings( "unchecked" )
protected String getPrincipal()
{
if ( principal != null )
{
return principal;
}
return ArchivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() );
}
void setPrincipal( String principal )
{
this.principal = principal;
}
public void setAuditListeners( List<AuditListener> auditListeners )
{
this.auditListeners = auditListeners;
}
public void setRepositorySessionFactory( RepositorySessionFactory repositorySessionFactory )
{
this.repositorySessionFactory = repositorySessionFactory;
}
protected <T> Map<String, T> getBeansOfType( Class<T> clazz )
{
//TODO do some caching here !!!
// olamy : with plexus we get only roleHint
// as per convention we named spring bean role#hint remove role# if exists
Map<String, T> springBeans = applicationContext.getBeansOfType( clazz );
Map<String, T> beans = new HashMap<String, T>( springBeans.size() );
for ( Map.Entry<String, T> entry : springBeans.entrySet() )
{
String key = StringUtils.substringAfterLast( entry.getKey(), "#" );
beans.put( key, entry.getValue() );
}
return beans;
}
protected AuditInformation getAuditInformation()
{
AuditInformation auditInformation = new AuditInformation( new SimpleUser( getPrincipal() ), getRemoteAddr() );
return auditInformation;
}
/**
* dummy information for audit events
* @since 1.4
*/
private static class SimpleUser
implements User
{
private String principal;
protected SimpleUser( String principal )
{
this.principal = principal;
}
public Object getPrincipal()
{
return this.principal;
}
public String getUsername()
{
return null;
}
public void setUsername( String name )
{
}
public String getFullName()
{
return null;
}
public void setFullName( String name )
{
}
public String getEmail()
{
return null;
}
public void setEmail( String address )
{
}
public String getPassword()
{
return null;
}
public void setPassword( String rawPassword )
{
}
public String getEncodedPassword()
{
return null;
}
public void setEncodedPassword( String encodedPassword )
{
}
public Date getLastPasswordChange()
{
return null;
}
public void setLastPasswordChange( Date passwordChangeDate )
{
}
public List<String> getPreviousEncodedPasswords()
{
return null;
}
public void setPreviousEncodedPasswords( List<String> encodedPasswordList )
{
}
public void addPreviousEncodedPassword( String encodedPassword )
{
}
public boolean isPermanent()
{
return false;
}
public void setPermanent( boolean permanent )
{
}
public boolean isLocked()
{
return false;
}
public void setLocked( boolean locked )
{
}
public boolean isPasswordChangeRequired()
{
return false;
}
public void setPasswordChangeRequired( boolean changeRequired )
{
}
public boolean isValidated()
{
return false;
}
public void setValidated( boolean valid )
{
}
public int getCountFailedLoginAttempts()
{
return 0;
}
public void setCountFailedLoginAttempts( int count )
{
}
public Date getAccountCreationDate()
{
return null;
}
public void setAccountCreationDate( Date date )
{
}
public Date getLastLoginDate()
{
return null;
}
public void setLastLoginDate( Date date )
{
}
}
}
package org.apache.archiva.web.action;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionSupport;
import org.apache.archiva.admin.model.AuditInformation;
import org.apache.archiva.audit.AuditEvent;
import org.apache.archiva.audit.AuditListener;
import org.apache.archiva.audit.Auditable;
import org.apache.archiva.metadata.repository.RepositorySessionFactory;
import org.apache.archiva.security.ArchivaXworkUser;
import org.apache.commons.lang.StringUtils;
import org.apache.struts2.ServletActionContext;
import org.apache.struts2.interceptor.SessionAware;
import org.codehaus.plexus.redback.users.User;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.ApplicationContext;
import javax.annotation.PostConstruct;
import javax.inject.Inject;
import javax.inject.Named;
import javax.servlet.http.HttpServletRequest;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
/**
* LogEnabled and SessionAware ActionSupport
*/
public abstract class AbstractActionSupport
extends ActionSupport
implements SessionAware, Auditable
{
protected Map<?, ?> session;
protected Logger log = LoggerFactory.getLogger( getClass() );
@Inject
private List<AuditListener> auditListeners = new ArrayList<AuditListener>();
@Inject
@Named( value = "repositorySessionFactory" )
protected RepositorySessionFactory repositorySessionFactory;
@Inject
protected ApplicationContext applicationContext;
private String principal;
@PostConstruct
public void initialize()
{
// no op
}
@SuppressWarnings( "unchecked" )
public void setSession( Map map )
{
this.session = map;
}
public void addAuditListener( AuditListener listener )
{
this.auditListeners.add( listener );
}
public void clearAuditListeners()
{
this.auditListeners.clear();
}
public void removeAuditListener( AuditListener listener )
{
this.auditListeners.remove( listener );
}
protected void triggerAuditEvent( String repositoryId, String resource, String action )
{
AuditEvent event = new AuditEvent( repositoryId, getPrincipal(), resource, action );
event.setRemoteIP( getRemoteAddr() );
for ( AuditListener listener : auditListeners )
{
listener.auditEvent( event );
}
}
protected void triggerAuditEvent( String resource, String action )
{
AuditEvent event = new AuditEvent( null, getPrincipal(), resource, action );
event.setRemoteIP( getRemoteAddr() );
for ( AuditListener listener : auditListeners )
{
listener.auditEvent( event );
}
}
protected void triggerAuditEvent( String action )
{
AuditEvent event = new AuditEvent( null, getPrincipal(), null, action );
event.setRemoteIP( getRemoteAddr() );
for ( AuditListener listener : auditListeners )
{
listener.auditEvent( event );
}
}
private String getRemoteAddr()
{
HttpServletRequest request = ServletActionContext.getRequest();
return request != null ? request.getRemoteAddr() : null;
}
@SuppressWarnings( "unchecked" )
protected String getPrincipal()
{
if ( principal != null )
{
return principal;
}
return ArchivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() );
}
void setPrincipal( String principal )
{
this.principal = principal;
}
public void setAuditListeners( List<AuditListener> auditListeners )
{
this.auditListeners = auditListeners;
}
public void setRepositorySessionFactory( RepositorySessionFactory repositorySessionFactory )
{
this.repositorySessionFactory = repositorySessionFactory;
}
protected <T> Map<String, T> getBeansOfType( Class<T> clazz )
{
//TODO do some caching here !!!
// olamy : with plexus we get only roleHint
// as per convention we named spring bean role#hint remove role# if exists
Map<String, T> springBeans = applicationContext.getBeansOfType( clazz );
Map<String, T> beans = new HashMap<String, T>( springBeans.size() );
for ( Map.Entry<String, T> entry : springBeans.entrySet() )
{
String key = StringUtils.substringAfterLast( entry.getKey(), "#" );
beans.put( key, entry.getValue() );
}
return beans;
}
protected AuditInformation getAuditInformation()
{
AuditInformation auditInformation = new AuditInformation( new SimpleUser( getPrincipal() ), getRemoteAddr() );
return auditInformation;
}
/**
* dummy information for audit events
* @since 1.4
*/
private static class SimpleUser
implements User
{
private String principal;
protected SimpleUser( String principal )
{
this.principal = principal;
}
public Object getPrincipal()
{
return this.principal;
}
public String getUsername()
{
return null;
}
public void setUsername( String name )
{
}
public String getFullName()
{
return null;
}
public void setFullName( String name )
{
}
public String getEmail()
{
return null;
}
public void setEmail( String address )
{
}
public String getPassword()
{
return null;
}
public void setPassword( String rawPassword )
{
}
public String getEncodedPassword()
{
return null;
}
public void setEncodedPassword( String encodedPassword )
{
}
public Date getLastPasswordChange()
{
return null;
}
public void setLastPasswordChange( Date passwordChangeDate )
{
}
public List<String> getPreviousEncodedPasswords()
{
return null;
}
public void setPreviousEncodedPasswords( List<String> encodedPasswordList )
{
}
public void addPreviousEncodedPassword( String encodedPassword )
{
}
public boolean isPermanent()
{
return false;
}
public void setPermanent( boolean permanent )
{
}
public boolean isLocked()
{
return false;
}
public void setLocked( boolean locked )
{
}
public boolean isPasswordChangeRequired()
{
return false;
}
public void setPasswordChangeRequired( boolean changeRequired )
{
}
public boolean isValidated()
{
return false;
}
public void setValidated( boolean valid )
{
}
public int getCountFailedLoginAttempts()
{
return 0;
}
public void setCountFailedLoginAttempts( int count )
{
}
public Date getAccountCreationDate()
{
return null;
}
public void setAccountCreationDate( Date date )
{
}
public Date getLastLoginDate()
{
return null;
}
public void setLastLoginDate( Date date )
{
}
}
}

160
archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/archiva/web/action/admin/legacy/DeleteLegacyArtifactPathAction.java
View File

@ -1,80 +1,80 @@
package org.apache.archiva.web.action.admin.legacy;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.apache.archiva.admin.model.RepositoryAdminException;
import org.apache.archiva.admin.model.admin.ArchivaAdministration;
import org.apache.archiva.web.action.AbstractActionSupport;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
import javax.inject.Inject;
/**
* Delete a LegacyArtifactPath to archiva configuration
*
* @since 1.1
*/
@Controller( "deleteLegacyArtifactPathAction" )
@Scope( "prototype" )
public class DeleteLegacyArtifactPathAction
extends AbstractActionSupport
{
@Inject
private ArchivaAdministration archivaAdministration;
private String path;
public String delete()
{
log.info( "remove [" + path + "] from legacy artifact path resolution" );
try
{
getArchivaAdministration().deleteLegacyArtifactPath( path, getAuditInformation() );
}
catch ( RepositoryAdminException e )
{
log.error( e.getMessage(), e );
addActionError( "Exception during delete " + e.getMessage() );
}
return SUCCESS;
}
public String getPath()
{
return path;
}
public void setPath( String path )
{
this.path = path;
}
public ArchivaAdministration getArchivaAdministration()
{
return archivaAdministration;
}
public void setArchivaAdministration( ArchivaAdministration archivaAdministration )
{
this.archivaAdministration = archivaAdministration;
}
}
package org.apache.archiva.web.action.admin.legacy;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.apache.archiva.admin.model.RepositoryAdminException;
import org.apache.archiva.admin.model.admin.ArchivaAdministration;
import org.apache.archiva.web.action.AbstractActionSupport;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
import javax.inject.Inject;
/**
* Delete a LegacyArtifactPath to archiva configuration
*
* @since 1.1
*/
@Controller( "deleteLegacyArtifactPathAction" )
@Scope( "prototype" )
public class DeleteLegacyArtifactPathAction
extends AbstractActionSupport
{
@Inject
private ArchivaAdministration archivaAdministration;
private String path;
public String delete()
{
log.info( "remove [" + path + "] from legacy artifact path resolution" );
try
{
getArchivaAdministration().deleteLegacyArtifactPath( path, getAuditInformation() );
}
catch ( RepositoryAdminException e )
{
log.error( e.getMessage(), e );
addActionError( "Exception during delete " + e.getMessage() );
}
return SUCCESS;
}
public String getPath()
{
return path;
}
public void setPath( String path )
{
this.path = path;
}
public ArchivaAdministration getArchivaAdministration()
{
return archivaAdministration;
}
public void setArchivaAdministration( ArchivaAdministration archivaAdministration )
{
this.archivaAdministration = archivaAdministration;
}
}

212
archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/archiva/web/action/admin/legacy/LegacyArtifactPathAction.java
View File

@ -1,106 +1,106 @@
package org.apache.archiva.web.action.admin.legacy;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import com.opensymphony.xwork2.Preparable;
import org.apache.archiva.admin.model.RepositoryAdminException;
import org.apache.archiva.admin.model.admin.ArchivaAdministration;
import org.apache.archiva.admin.model.beans.LegacyArtifactPath;
import org.apache.archiva.security.common.ArchivaRoleConstants;
import org.apache.archiva.web.util.ContextUtils;
import org.apache.archiva.web.action.AbstractActionSupport;
import org.apache.struts2.interceptor.ServletRequestAware;
import org.codehaus.plexus.redback.rbac.Resource;
import org.codehaus.redback.integration.interceptor.SecureAction;
import org.codehaus.redback.integration.interceptor.SecureActionBundle;
import org.codehaus.redback.integration.interceptor.SecureActionException;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import java.util.ArrayList;
import java.util.List;
/**
* Shows the LegacyArtifactPath Tab for the administrator.
*
* @since 1.1
*/
@Controller( "legacyArtifactPathAction" )
@Scope( "prototype" )
public class LegacyArtifactPathAction
extends AbstractActionSupport
implements SecureAction, ServletRequestAware, Preparable
{
@Inject
private ArchivaAdministration archivaAdministration;
private List<LegacyArtifactPath> legacyArtifactPaths;
/**
* Used to construct the repository WebDAV URL in the repository action.
*/
private String baseUrl;
public void setServletRequest( HttpServletRequest request )
{
// TODO: is there a better way to do this?
this.baseUrl = ContextUtils.getBaseURL( request, "repository" );
}
public SecureActionBundle getSecureActionBundle()
throws SecureActionException
{
SecureActionBundle bundle = new SecureActionBundle();
bundle.setRequiresAuthentication( true );
bundle.addRequiredAuthorization( ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION, Resource.GLOBAL );
return bundle;
}
public void prepare()
throws RepositoryAdminException
{
legacyArtifactPaths = new ArrayList<LegacyArtifactPath>( getArchivaAdministration().getLegacyArtifactPaths() );
}
public List<LegacyArtifactPath> getLegacyArtifactPaths()
{
return legacyArtifactPaths;
}
public String getBaseUrl()
{
return baseUrl;
}
public ArchivaAdministration getArchivaAdministration()
{
return archivaAdministration;
}
public void setArchivaAdministration( ArchivaAdministration archivaAdministration )
{
this.archivaAdministration = archivaAdministration;
}
}
package org.apache.archiva.web.action.admin.legacy;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import com.opensymphony.xwork2.Preparable;
import org.apache.archiva.admin.model.RepositoryAdminException;
import org.apache.archiva.admin.model.admin.ArchivaAdministration;
import org.apache.archiva.admin.model.beans.LegacyArtifactPath;
import org.apache.archiva.security.common.ArchivaRoleConstants;
import org.apache.archiva.web.util.ContextUtils;
import org.apache.archiva.web.action.AbstractActionSupport;
import org.apache.struts2.interceptor.ServletRequestAware;
import org.codehaus.plexus.redback.rbac.Resource;
import org.codehaus.redback.integration.interceptor.SecureAction;
import org.codehaus.redback.integration.interceptor.SecureActionBundle;
import org.codehaus.redback.integration.interceptor.SecureActionException;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Controller;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import java.util.ArrayList;
import java.util.List;
/**
* Shows the LegacyArtifactPath Tab for the administrator.
*
* @since 1.1
*/
@Controller( "legacyArtifactPathAction" )
@Scope( "prototype" )
public class LegacyArtifactPathAction
extends AbstractActionSupport
implements SecureAction, ServletRequestAware, Preparable
{
@Inject
private ArchivaAdministration archivaAdministration;
private List<LegacyArtifactPath> legacyArtifactPaths;
/**
* Used to construct the repository WebDAV URL in the repository action.
*/
private String baseUrl;
public void setServletRequest( HttpServletRequest request )
{
// TODO: is there a better way to do this?
this.baseUrl = ContextUtils.getBaseURL( request, "repository" );
}
public SecureActionBundle getSecureActionBundle()
throws SecureActionException
{
SecureActionBundle bundle = new SecureActionBundle();
bundle.setRequiresAuthentication( true );
bundle.addRequiredAuthorization( ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION, Resource.GLOBAL );
return bundle;
}
public void prepare()
throws RepositoryAdminException
{
legacyArtifactPaths = new ArrayList<LegacyArtifactPath>( getArchivaAdministration().getLegacyArtifactPaths() );
}
public List<LegacyArtifactPath> getLegacyArtifactPaths()
{
return legacyArtifactPaths;
}
public String getBaseUrl()
{
return baseUrl;
}
public ArchivaAdministration getArchivaAdministration()
{
return archivaAdministration;
}
public void setArchivaAdministration( ArchivaAdministration archivaAdministration )
{
this.archivaAdministration = archivaAdministration;
}
}

310
archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/main/java/org/apache/archiva/web/xmlrpc/security/XmlRpcAuthenticator.java
View File

@ -1,155 +1,155 @@
package org.apache.archiva.web.xmlrpc.security;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import java.util.List;
import org.apache.archiva.security.ArchivaRoleConstants;
import org.apache.archiva.security.ArchivaSecurityException;
import org.apache.archiva.security.UserRepositories;
import org.apache.xmlrpc.XmlRpcException;
import org.apache.xmlrpc.XmlRpcRequest;
import org.apache.xmlrpc.common.XmlRpcHttpRequestConfigImpl;
import org.apache.xmlrpc.server.AbstractReflectiveHandlerMapping.AuthenticationHandler;
import org.codehaus.plexus.redback.authentication.AuthenticationException;
import org.codehaus.plexus.redback.authentication.PasswordBasedAuthenticationDataSource;
import org.codehaus.plexus.redback.authorization.AuthorizationException;
import org.codehaus.plexus.redback.authorization.AuthorizationResult;
import org.codehaus.plexus.redback.policy.PolicyViolationException;
import org.codehaus.plexus.redback.system.SecuritySession;
import org.codehaus.plexus.redback.system.SecuritySystem;
import org.codehaus.plexus.redback.users.UserNotFoundException;
/**
* XmlRpcAuthenticator
*
* Custom authentication and authorization handler for xmlrpc requests.
*
* @version $Id
*/
public class XmlRpcAuthenticator
implements AuthenticationHandler
{
private final SecuritySystem securitySystem;
private UserRepositories userRepositories;
private String username;
public XmlRpcAuthenticator( SecuritySystem securitySystem, UserRepositories userRepositories )
{
this.securitySystem = securitySystem;
this.userRepositories = userRepositories;
}
public boolean isAuthorized( XmlRpcRequest pRequest )
throws XmlRpcException
{
if ( pRequest.getConfig() instanceof XmlRpcHttpRequestConfigImpl )
{
XmlRpcHttpRequestConfigImpl config = (XmlRpcHttpRequestConfigImpl) pRequest.getConfig();
username = config.getBasicUserName();
SecuritySession session =
authenticate( new PasswordBasedAuthenticationDataSource( username,
config.getBasicPassword() ) );
String method = pRequest.getMethodName();
AuthorizationResult result = authorize( session, method, username );
return result.isAuthorized();
}
throw new XmlRpcException( "Unsupported transport (must be http)" );
}
private SecuritySession authenticate( PasswordBasedAuthenticationDataSource authenticationDataSource )
throws XmlRpcException
{
try
{
return securitySystem.authenticate( authenticationDataSource );
}
catch ( PolicyViolationException e )
{
throw new XmlRpcException( 401, e.getMessage(), e );
}
catch ( AuthenticationException e )
{
throw new XmlRpcException( 401, e.getMessage(), e );
}
catch ( UserNotFoundException e )
{
throw new XmlRpcException( 401, e.getMessage(), e );
}
}
private AuthorizationResult authorize( SecuritySession session, String methodName, String username )
throws XmlRpcException
{
try
{
// sample attempt at simplifying authorization checking of requested service method
if ( ServiceMethodsPermissionsMapping.SERVICE_METHODS_FOR_OPERATION_MANAGE_CONFIGURATION.contains( methodName ) )
{
return securitySystem.authorize( session, ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION );
}
else if ( ServiceMethodsPermissionsMapping.SERVICE_METHODS_FOR_OPERATION_RUN_INDEXER.contains( methodName ) )
{
return securitySystem.authorize( session, ArchivaRoleConstants.OPERATION_RUN_INDEXER );
}
else if ( ServiceMethodsPermissionsMapping.SERVICE_METHODS_FOR_OPERATION_REPOSITORY_ACCESS.contains( methodName ) )
{
try
{
List<String> observableRepos = userRepositories.getObservableRepositoryIds( username );
if( observableRepos != null && observableRepos.size() > 1 )
{
return new AuthorizationResult( true, username, null );
}
else
{
return new AuthorizationResult( false, username, null );
}
}
catch ( ArchivaSecurityException e )
{
throw new XmlRpcException( 401, e.getMessage() );
}
}
else if ( methodName.equals( ServiceMethodsPermissionsMapping.PING ) )
{
return new AuthorizationResult( true, username, null );
}
else
{
return securitySystem.authorize( session, ArchivaRoleConstants.GLOBAL_REPOSITORY_MANAGER_ROLE );
}
}
catch ( AuthorizationException e )
{
throw new XmlRpcException( 401, e.getMessage(), e );
}
}
public String getActiveUser()
{
return username;
}
}
package org.apache.archiva.web.xmlrpc.security;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import java.util.List;
import org.apache.archiva.security.ArchivaRoleConstants;
import org.apache.archiva.security.ArchivaSecurityException;
import org.apache.archiva.security.UserRepositories;
import org.apache.xmlrpc.XmlRpcException;
import org.apache.xmlrpc.XmlRpcRequest;
import org.apache.xmlrpc.common.XmlRpcHttpRequestConfigImpl;
import org.apache.xmlrpc.server.AbstractReflectiveHandlerMapping.AuthenticationHandler;
import org.codehaus.plexus.redback.authentication.AuthenticationException;
import org.codehaus.plexus.redback.authentication.PasswordBasedAuthenticationDataSource;
import org.codehaus.plexus.redback.authorization.AuthorizationException;
import org.codehaus.plexus.redback.authorization.AuthorizationResult;
import org.codehaus.plexus.redback.policy.PolicyViolationException;
import org.codehaus.plexus.redback.system.SecuritySession;
import org.codehaus.plexus.redback.system.SecuritySystem;
import org.codehaus.plexus.redback.users.UserNotFoundException;
/**
* XmlRpcAuthenticator
*
* Custom authentication and authorization handler for xmlrpc requests.
*
* @version $Id
*/
public class XmlRpcAuthenticator
implements AuthenticationHandler
{
private final SecuritySystem securitySystem;
private UserRepositories userRepositories;
private String username;
public XmlRpcAuthenticator( SecuritySystem securitySystem, UserRepositories userRepositories )
{
this.securitySystem = securitySystem;
this.userRepositories = userRepositories;
}
public boolean isAuthorized( XmlRpcRequest pRequest )
throws XmlRpcException
{
if ( pRequest.getConfig() instanceof XmlRpcHttpRequestConfigImpl )
{
XmlRpcHttpRequestConfigImpl config = (XmlRpcHttpRequestConfigImpl) pRequest.getConfig();
username = config.getBasicUserName();
SecuritySession session =
authenticate( new PasswordBasedAuthenticationDataSource( username,
config.getBasicPassword() ) );
String method = pRequest.getMethodName();
AuthorizationResult result = authorize( session, method, username );
return result.isAuthorized();
}
throw new XmlRpcException( "Unsupported transport (must be http)" );
}
private SecuritySession authenticate( PasswordBasedAuthenticationDataSource authenticationDataSource )
throws XmlRpcException
{
try
{
return securitySystem.authenticate( authenticationDataSource );
}
catch ( PolicyViolationException e )
{
throw new XmlRpcException( 401, e.getMessage(), e );
}
catch ( AuthenticationException e )
{
throw new XmlRpcException( 401, e.getMessage(), e );
}
catch ( UserNotFoundException e )
{
throw new XmlRpcException( 401, e.getMessage(), e );
}
}
private AuthorizationResult authorize( SecuritySession session, String methodName, String username )
throws XmlRpcException
{
try
{
// sample attempt at simplifying authorization checking of requested service method
if ( ServiceMethodsPermissionsMapping.SERVICE_METHODS_FOR_OPERATION_MANAGE_CONFIGURATION.contains( methodName ) )
{
return securitySystem.authorize( session, ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION );
}
else if ( ServiceMethodsPermissionsMapping.SERVICE_METHODS_FOR_OPERATION_RUN_INDEXER.contains( methodName ) )
{
return securitySystem.authorize( session, ArchivaRoleConstants.OPERATION_RUN_INDEXER );
}
else if ( ServiceMethodsPermissionsMapping.SERVICE_METHODS_FOR_OPERATION_REPOSITORY_ACCESS.contains( methodName ) )
{
try
{
List<String> observableRepos = userRepositories.getObservableRepositoryIds( username );
if( observableRepos != null && observableRepos.size() > 1 )
{
return new AuthorizationResult( true, username, null );
}
else
{
return new AuthorizationResult( false, username, null );
}
}
catch ( ArchivaSecurityException e )
{
throw new XmlRpcException( 401, e.getMessage() );
}
}
else if ( methodName.equals( ServiceMethodsPermissionsMapping.PING ) )
{
return new AuthorizationResult( true, username, null );
}
else
{
return securitySystem.authorize( session, ArchivaRoleConstants.GLOBAL_REPOSITORY_MANAGER_ROLE );
}
}
catch ( AuthorizationException e )
{
throw new XmlRpcException( 401, e.getMessage(), e );
}
}
public String getActiveUser()
{
return username;
}
}

480
archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/java/org/apache/archiva/xmlrpc/security/XmlRpcAuthenticatorTest.java
View File

@ -1,240 +1,240 @@
package org.apache.archiva.xmlrpc.security;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import junit.framework.TestCase;
import org.apache.archiva.web.xmlrpc.security.XmlRpcAuthenticator;
import org.apache.archiva.security.ArchivaRoleConstants;
import org.apache.xmlrpc.XmlRpcRequest;
import org.apache.xmlrpc.common.XmlRpcHttpRequestConfigImpl;
import org.codehaus.plexus.redback.role.RoleManager;
import org.codehaus.plexus.redback.system.SecuritySystem;
import org.codehaus.plexus.redback.users.User;
import org.codehaus.plexus.redback.users.UserManager;
import org.codehaus.plexus.redback.users.UserNotFoundException;
import org.easymock.MockControl;
import org.easymock.classextension.MockClassControl;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import javax.inject.Inject;
import javax.inject.Named;
/**
* XmlRpcAuthenticatorTest
*
* @version $Id XmlRpcAuthenticatorTest.java
*/
@RunWith( SpringJUnit4ClassRunner.class )
@ContextConfiguration( locations = { "classpath*:/META-INF/spring-context.xml", "classpath*:/spring-context.xml" } )
public class XmlRpcAuthenticatorTest
extends TestCase
{
protected static final String USER_GUEST = "guest";
protected static final String USER_ADMIN = "admin";
protected static final String USER_ALPACA = "alpaca";
private static final String PASSWORD = "password123";
@Inject
@Named( value = "securitySystem#testable" )
protected SecuritySystem securitySystem;
@Inject
@Named( value = "roleManager#testable" )
protected RoleManager roleManager;
private MockControl xmlRpcRequestControl;
private XmlRpcRequest xmlRpcRequest;
private XmlRpcAuthenticator authenticator;
private MockControl configControl;
private XmlRpcHttpRequestConfigImpl config;
@Before
public void setUp()
throws Exception
{
super.setUp();
//securitySystem = (SecuritySystem) lookup( SecuritySystem.class, "testable" );
//roleManager = (RoleManager) lookup( RoleManager.class, "default" );
// Some basic asserts.
assertNotNull( securitySystem );
assertNotNull( roleManager );
// Setup Admin User.
User adminUser = createUser( USER_ADMIN, "Admin User", null );
roleManager.assignRole( ArchivaRoleConstants.TEMPLATE_SYSTEM_ADMIN, adminUser.getPrincipal().toString() );
// Setup Guest User.
User guestUser = createUser( USER_GUEST, "Guest User", null );
roleManager.assignRole( ArchivaRoleConstants.TEMPLATE_GUEST, guestUser.getPrincipal().toString() );
configControl = MockClassControl.createControl( XmlRpcHttpRequestConfigImpl.class );
config = (XmlRpcHttpRequestConfigImpl) configControl.getMock();
xmlRpcRequestControl = MockControl.createControl( XmlRpcRequest.class );
xmlRpcRequest = (XmlRpcRequest) xmlRpcRequestControl.getMock();
authenticator = new XmlRpcAuthenticator( securitySystem, null );
}
private User createUser( String principal, String fullname, String password )
throws UserNotFoundException
{
UserManager userManager = securitySystem.getUserManager();
User user = userManager.createUser( principal, fullname, principal + "@testable.archiva.apache.org" );
securitySystem.getPolicy().setEnabled( false );
userManager.addUser( user );
securitySystem.getPolicy().setEnabled( true );
user.setPassword( password );
userManager.updateUser( user );
return user;
}
@Test
public void testIsAuthorizedUserExistsButNotAuthorized()
throws Exception
{
createUser( USER_ALPACA, "Al 'Archiva' Paca", PASSWORD );
UserManager userManager = securitySystem.getUserManager();
try
{
User user = userManager.findUser( USER_ALPACA );
assertEquals( USER_ALPACA, user.getPrincipal() );
}
catch ( UserNotFoundException e )
{
fail( "User should exist in the database." );
}
xmlRpcRequestControl.expectAndReturn( xmlRpcRequest.getConfig(), config, 2 );
configControl.expectAndReturn( config.getBasicUserName(), USER_ALPACA );
configControl.expectAndReturn( config.getBasicPassword(), PASSWORD );
xmlRpcRequestControl.expectAndReturn( xmlRpcRequest.getMethodName(),
"AdministrationService.getAllManagedRepositories" );
xmlRpcRequestControl.replay();
configControl.replay();
boolean isAuthorized = authenticator.isAuthorized( xmlRpcRequest );
xmlRpcRequestControl.verify();
configControl.verify();
assertFalse( isAuthorized );
}
@Test
public void testIsAuthorizedUserExistsAndAuthorized()
throws Exception
{
createUser( USER_ALPACA, "Al 'Archiva' Paca", PASSWORD );
UserManager userManager = securitySystem.getUserManager();
try
{
User user = userManager.findUser( USER_ALPACA );
assertEquals( USER_ALPACA, user.getPrincipal() );
}
catch ( UserNotFoundException e )
{
fail( "User should exist in the database." );
}
//TODO cannot assign global repo manager role - it says role does not exist :|
//roleManager.assignRole( ArchivaRoleConstants.GLOBAL_REPOSITORY_MANAGER_ROLE, USER_ALPACA );
xmlRpcRequestControl.expectAndReturn( xmlRpcRequest.getConfig(), config, 2 );
configControl.expectAndReturn( config.getBasicUserName(), USER_ALPACA );
configControl.expectAndReturn( config.getBasicPassword(), PASSWORD );
xmlRpcRequestControl.expectAndReturn( xmlRpcRequest.getMethodName(),
"AdministrationService.getAllManagedRepositories" );
xmlRpcRequestControl.replay();
configControl.replay();
@SuppressWarnings( "unused" ) boolean isAuthorized = authenticator.isAuthorized( xmlRpcRequest );
// TODO: broken or bad test?
// assertTrue( isAuthorized );
xmlRpcRequestControl.verify();
configControl.verify();
userManager.deleteUser( USER_ALPACA );
}
@Test
public void testIsAuthorizedUserDoesNotExist()
throws Exception
{
UserManager userManager = securitySystem.getUserManager();
try
{
userManager.findUser( USER_ALPACA );
fail( "User should not exist in the database." );
}
catch ( UserNotFoundException e )
{
assertEquals( "Unable to find user 'alpaca'", e.getMessage() );
}
xmlRpcRequestControl.expectAndReturn( xmlRpcRequest.getConfig(), config, 2 );
configControl.expectAndReturn( config.getBasicUserName(), USER_ALPACA );
configControl.expectAndReturn( config.getBasicPassword(), PASSWORD );
xmlRpcRequestControl.expectAndReturn( xmlRpcRequest.getMethodName(),
"AdministrationService.getAllManagedRepositories" );
xmlRpcRequestControl.replay();
configControl.replay();
boolean isAuthorized = authenticator.isAuthorized( xmlRpcRequest );
xmlRpcRequestControl.verify();
configControl.verify();
assertFalse( isAuthorized );
}
}
package org.apache.archiva.xmlrpc.security;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import junit.framework.TestCase;
import org.apache.archiva.web.xmlrpc.security.XmlRpcAuthenticator;
import org.apache.archiva.security.ArchivaRoleConstants;
import org.apache.xmlrpc.XmlRpcRequest;
import org.apache.xmlrpc.common.XmlRpcHttpRequestConfigImpl;
import org.codehaus.plexus.redback.role.RoleManager;
import org.codehaus.plexus.redback.system.SecuritySystem;
import org.codehaus.plexus.redback.users.User;
import org.codehaus.plexus.redback.users.UserManager;
import org.codehaus.plexus.redback.users.UserNotFoundException;
import org.easymock.MockControl;
import org.easymock.classextension.MockClassControl;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import javax.inject.Inject;
import javax.inject.Named;
/**
* XmlRpcAuthenticatorTest
*
* @version $Id XmlRpcAuthenticatorTest.java
*/
@RunWith( SpringJUnit4ClassRunner.class )
@ContextConfiguration( locations = { "classpath*:/META-INF/spring-context.xml", "classpath*:/spring-context.xml" } )
public class XmlRpcAuthenticatorTest
extends TestCase
{
protected static final String USER_GUEST = "guest";
protected static final String USER_ADMIN = "admin";
protected static final String USER_ALPACA = "alpaca";
private static final String PASSWORD = "password123";
@Inject
@Named( value = "securitySystem#testable" )
protected SecuritySystem securitySystem;
@Inject
@Named( value = "roleManager#testable" )
protected RoleManager roleManager;
private MockControl xmlRpcRequestControl;
private XmlRpcRequest xmlRpcRequest;
private XmlRpcAuthenticator authenticator;
private MockControl configControl;
private XmlRpcHttpRequestConfigImpl config;
@Before
public void setUp()
throws Exception
{
super.setUp();
//securitySystem = (SecuritySystem) lookup( SecuritySystem.class, "testable" );
//roleManager = (RoleManager) lookup( RoleManager.class, "default" );
// Some basic asserts.
assertNotNull( securitySystem );
assertNotNull( roleManager );
// Setup Admin User.
User adminUser = createUser( USER_ADMIN, "Admin User", null );
roleManager.assignRole( ArchivaRoleConstants.TEMPLATE_SYSTEM_ADMIN, adminUser.getPrincipal().toString() );
// Setup Guest User.
User guestUser = createUser( USER_GUEST, "Guest User", null );
roleManager.assignRole( ArchivaRoleConstants.TEMPLATE_GUEST, guestUser.getPrincipal().toString() );
configControl = MockClassControl.createControl( XmlRpcHttpRequestConfigImpl.class );
config = (XmlRpcHttpRequestConfigImpl) configControl.getMock();
xmlRpcRequestControl = MockControl.createControl( XmlRpcRequest.class );
xmlRpcRequest = (XmlRpcRequest) xmlRpcRequestControl.getMock();
authenticator = new XmlRpcAuthenticator( securitySystem, null );
}
private User createUser( String principal, String fullname, String password )
throws UserNotFoundException
{
UserManager userManager = securitySystem.getUserManager();
User user = userManager.createUser( principal, fullname, principal + "@testable.archiva.apache.org" );
securitySystem.getPolicy().setEnabled( false );
userManager.addUser( user );
securitySystem.getPolicy().setEnabled( true );
user.setPassword( password );
userManager.updateUser( user );
return user;
}
@Test
public void testIsAuthorizedUserExistsButNotAuthorized()
throws Exception
{
createUser( USER_ALPACA, "Al 'Archiva' Paca", PASSWORD );
UserManager userManager = securitySystem.getUserManager();
try
{
User user = userManager.findUser( USER_ALPACA );
assertEquals( USER_ALPACA, user.getPrincipal() );
}
catch ( UserNotFoundException e )
{
fail( "User should exist in the database." );
}
xmlRpcRequestControl.expectAndReturn( xmlRpcRequest.getConfig(), config, 2 );
configControl.expectAndReturn( config.getBasicUserName(), USER_ALPACA );
configControl.expectAndReturn( config.getBasicPassword(), PASSWORD );
xmlRpcRequestControl.expectAndReturn( xmlRpcRequest.getMethodName(),
"AdministrationService.getAllManagedRepositories" );
xmlRpcRequestControl.replay();
configControl.replay();
boolean isAuthorized = authenticator.isAuthorized( xmlRpcRequest );
xmlRpcRequestControl.verify();
configControl.verify();
assertFalse( isAuthorized );
}
@Test
public void testIsAuthorizedUserExistsAndAuthorized()
throws Exception
{
createUser( USER_ALPACA, "Al 'Archiva' Paca", PASSWORD );
UserManager userManager = securitySystem.getUserManager();
try
{
User user = userManager.findUser( USER_ALPACA );
assertEquals( USER_ALPACA, user.getPrincipal() );
}
catch ( UserNotFoundException e )
{
fail( "User should exist in the database." );
}
//TODO cannot assign global repo manager role - it says role does not exist :|
//roleManager.assignRole( ArchivaRoleConstants.GLOBAL_REPOSITORY_MANAGER_ROLE, USER_ALPACA );
xmlRpcRequestControl.expectAndReturn( xmlRpcRequest.getConfig(), config, 2 );
configControl.expectAndReturn( config.getBasicUserName(), USER_ALPACA );
configControl.expectAndReturn( config.getBasicPassword(), PASSWORD );
xmlRpcRequestControl.expectAndReturn( xmlRpcRequest.getMethodName(),
"AdministrationService.getAllManagedRepositories" );
xmlRpcRequestControl.replay();
configControl.replay();
@SuppressWarnings( "unused" ) boolean isAuthorized = authenticator.isAuthorized( xmlRpcRequest );
// TODO: broken or bad test?
// assertTrue( isAuthorized );
xmlRpcRequestControl.verify();
configControl.verify();
userManager.deleteUser( USER_ALPACA );
}
@Test
public void testIsAuthorizedUserDoesNotExist()
throws Exception
{
UserManager userManager = securitySystem.getUserManager();
try
{
userManager.findUser( USER_ALPACA );
fail( "User should not exist in the database." );
}
catch ( UserNotFoundException e )
{
assertEquals( "Unable to find user 'alpaca'", e.getMessage() );
}
xmlRpcRequestControl.expectAndReturn( xmlRpcRequest.getConfig(), config, 2 );
configControl.expectAndReturn( config.getBasicUserName(), USER_ALPACA );
configControl.expectAndReturn( config.getBasicPassword(), PASSWORD );
xmlRpcRequestControl.expectAndReturn( xmlRpcRequest.getMethodName(),
"AdministrationService.getAllManagedRepositories" );
xmlRpcRequestControl.replay();
configControl.replay();
boolean isAuthorized = authenticator.isAuthorized( xmlRpcRequest );
xmlRpcRequestControl.verify();
configControl.verify();
assertFalse( isAuthorized );
}
}

60
archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-services/src/main/java/org/apache/archiva/web/xmlrpc/services/PingServiceImpl.java
View File

@ -1,30 +1,30 @@
package org.apache.archiva.web.xmlrpc.services;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.apache.archiva.web.xmlrpc.api.PingService;
public class PingServiceImpl implements PingService
{
public String ping()
{
return "pong";
}
}
package org.apache.archiva.web.xmlrpc.services;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.apache.archiva.web.xmlrpc.api.PingService;
public class PingServiceImpl implements PingService
{
public String ping()
{
return "pong";
}
}