Apache
/
archiva
mirror of https://github.com/apache/archiva.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

improved the flow of login / registration and decorator 

git-svn-id: https://svn.apache.org/repos/asf/maven/archiva/trunk@442298 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Jesse McConnell 2006-09-11 19:24:10 +00:00
parent d1a72cddd5
commit 434f84adba
5 changed files with 148 additions and 77 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/NewUserAction.java
View File

@ -1,22 +1,22 @@
package org.apache.maven.archiva.web.action.admin; package org.apache.maven.archiva.web.action.admin;
/* /*
* Copyright 2005 The Apache Software Foundation. * Copyright 2005 The Apache Software Foundation.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
* You may obtain a copy of the License at * You may obtain a copy of the License at
* *
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
* *
* Unless required by applicable law or agreed to in writing, software * Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, * distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
*/ */
import org.apache.maven.archiva.web.util.RoleManager;
import org.codehaus.plexus.security.system.SecuritySystem; import org.codehaus.plexus.security.system.SecuritySystem;
import org.codehaus.plexus.security.user.User; import org.codehaus.plexus.security.user.User;
import org.codehaus.plexus.security.user.UserManager; import org.codehaus.plexus.security.user.UserManager;
@ -24,7 +24,6 @@ import org.codehaus.plexus.security.user.policy.PasswordRuleViolationException;
import org.codehaus.plexus.security.user.policy.PasswordRuleViolations; import org.codehaus.plexus.security.user.policy.PasswordRuleViolations;
import org.codehaus.plexus.util.StringUtils; import org.codehaus.plexus.util.StringUtils;
import org.codehaus.plexus.xwork.action.PlexusActionSupport; import org.codehaus.plexus.xwork.action.PlexusActionSupport;
import org.apache.maven.archiva.web.util.RoleManager;
import java.util.Iterator; import java.util.Iterator;
import java.util.List; import java.util.List;
@ -90,6 +89,12 @@ public class NewUserAction
UserManager um = securitySystem.getUserManager(); UserManager um = securitySystem.getUserManager();
if ( um.userExists( username ) )
{
addActionError( "User already exists!" );
}
else
{
User user = um.createUser( username, fullName, email ); User user = um.createUser( username, fullName, email );
user.setPassword( password ); user.setPassword( password );
@ -108,14 +113,15 @@ public class NewUserAction
addActionError( (String) it.next() ); addActionError( (String) it.next() );
} }
} }
roleManager.addUser( user.getPrincipal().toString() );
}
if ( hasActionErrors() ) if ( hasActionErrors() )
{ {
return ERROR; return ERROR;
} }
roleManager.addUser( user.getPrincipal().toString() );
return SUCCESS; return SUCCESS;
} }

119
archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/UserManagementAction.java
View File

@ -17,18 +17,19 @@ package org.apache.maven.archiva.web.action.admin;
* limitations under the License. * limitations under the License.
*/ */
import com.opensymphony.xwork.ModelDriven;
import com.opensymphony.xwork.Preparable;
import org.codehaus.plexus.security.rbac.RBACManager; import org.codehaus.plexus.security.rbac.RBACManager;
import org.codehaus.plexus.security.user.User; import org.codehaus.plexus.security.user.User;
import org.codehaus.plexus.security.user.UserManager; import org.codehaus.plexus.security.user.UserManager;
import org.codehaus.plexus.security.user.UserNotFoundException;
import org.codehaus.plexus.security.system.SecuritySession;
import org.codehaus.plexus.xwork.action.PlexusActionSupport; import org.codehaus.plexus.xwork.action.PlexusActionSupport;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
/** /**
* LoginAction: * UserManagementAction: pulled from the class of the same name in plexus-security-ui-web
* for integrating rbac with user information
* *
* @author Jesse McConnell <jmcconnell@apache.org> * @author Jesse McConnell <jmcconnell@apache.org>
* @version $Id:$ * @version $Id:$
@ -37,7 +38,6 @@ import java.util.List;
*/ */
public class UserManagementAction public class UserManagementAction
extends PlexusActionSupport extends PlexusActionSupport
implements ModelDriven, Preparable
{ {
/** /**
@ -52,6 +52,12 @@ public class UserManagementAction
private User user; private User user;
private String email;
private String fullName;
private boolean locked;
private String username; private String username;
private String principal; private String principal;
@ -64,41 +70,58 @@ public class UserManagementAction
private String resourceName; private String resourceName;
public void prepare() /**
* for this method username should be populated
*
* @return
*/
public String findUser()
{
try
{
user = userManager.findUser( username );
return SUCCESS;
}
catch ( UserNotFoundException ne )
{
addActionError( "user could not be found " + username );
return ERROR;
}
}
/**
* For this method, principal should be populated
*
* @throws Exception
*/
public String display()
throws Exception throws Exception
{ {
if ( username == null ) if ( principal == null )
{ {
username = ( (User) session.get( "user" ) ).getUsername(); addActionError( "a principal is required for this operation" );
user = userManager.findUser( username ); return ERROR;
}
else
{
user = userManager.findUser( username );
} }
// for displaying the potential repositories to be displayed, remove the global resource
// from the list
resources = rbacManager.getAllResources(); resources = rbacManager.getAllResources();
resources.remove( rbacManager.getGlobalResource() );
availableRoles = rbacManager.getAllAssignableRoles(); // check if the user has any roles assigned to them, and populate the lists for
// rendering assign and remove roles links
principal = ( (User) session.get( "user" ) ).getPrincipal().toString();
if ( principal != null && rbacManager.userAssignmentExists( principal ) ) if ( principal != null && rbacManager.userAssignmentExists( principal ) )
{ {
getLogger().info( "recovering assigned roles" );
assignedRoles = new ArrayList( rbacManager.getAssignedRoles( principal ) ); assignedRoles = new ArrayList( rbacManager.getAssignedRoles( principal ) );
availableRoles = new ArrayList( rbacManager.getUnassignedRoles( principal ) ); availableRoles = new ArrayList( rbacManager.getUnassignedRoles( principal ) );
} }
else else
{ {
getLogger().info( "new assigned roles" );
assignedRoles = new ArrayList(); assignedRoles = new ArrayList();
availableRoles = rbacManager.getAllAssignableRoles(); availableRoles = rbacManager.getAllAssignableRoles();
} }
getLogger().info( "assigned roles: " + assignedRoles.size() ); return SUCCESS;
getLogger().info( "available roles: " + availableRoles.size() );
} }
public String save() public String save()
@ -106,18 +129,21 @@ public class UserManagementAction
{ {
User temp = userManager.findUser( username ); User temp = userManager.findUser( username );
temp.setEmail( user.getEmail() ); temp.setEmail( email );
temp.setFullName( user.getFullName() ); temp.setFullName( fullName );
temp.setLocked( user.isLocked() ); temp.setLocked( locked );
userManager.updateUser( temp ); temp = userManager.updateUser( temp );
return SUCCESS; // overwrite the user in the session with the saved one if and only if it is the
// save user as the person currently logged in
User activeUser = (User) session.get( SecuritySession.USERKEY );
if ( temp.getPrincipal().toString().equals( activeUser.getPrincipal().toString() ) )
{
session.put( SecuritySession.USERKEY, temp );
} }
public Object getModel() return SUCCESS;
{
return user;
} }
public String getUsername() public String getUsername()
@ -135,6 +161,41 @@ public class UserManagementAction
return user; return user;
} }
public void setUser( User user )
{
this.user = user;
}
public String getEmail()
{
return email;
}
public void setEmail( String email )
{
this.email = email;
}
public String getFullName()
{
return fullName;
}
public void setFullName( String fullName )
{
this.fullName = fullName;
}
public boolean isLocked()
{
return locked;
}
public void setLocked( boolean locked )
{
this.locked = locked;
}
public String getPrincipal() public String getPrincipal()
{ {
return principal; return principal;

7
archiva-webapp/src/main/resources/xwork.xml
View File

@ -244,12 +244,13 @@
<!-- plexus security actions --> <!-- plexus security actions -->
<action name="userDetails" class="plexusSecurityUserManagement" method="save"> <action name="userDetails" class="userManagement" method="save">
<result name="success">/WEB-INF/jsp/userDetails.jsp</result> <result name="success">/WEB-INF/jsp/userDetails.jsp</result>
</action> </action>
<action name="userManagement" class="plexusSecurityUserManagement"> <action name="userManagement" class="userManagement" method="findUser">
<result name="success">/WEB-INF/jsp/findUser.jsp</result> <result name="input">/WEB-INF/jsp/findUser.jsp</result>
<result name="success" type="redirect-action">user</result>
</action> </action>
<action name="assignRoleToUser" class="plexusSecurityUserAssignment" method="assignRole"> <action name="assignRoleToUser" class="plexusSecurityUserAssignment" method="assignRole">

11
archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp
View File

@ -59,16 +59,19 @@
<div id="breadcrumbs"> <div id="breadcrumbs">
<div class="xleft"> <div class="xleft">
<ww:url id="loginUrl" action="login" namespace="/"/> <ww:url id="loginUrl" action="login" namespace="/" includeParams="none"/>
<ww:url id="logoutUrl" action="logout" namespace="/"/>
<ww:url id="manageUserUrl" action="user" namespace="/admin"/>
<ww:if test="${sessionScope.authStatus != true}"> <ww:if test="${sessionScope.authStatus != true}">
<ww:a href="%{loginUrl}">Login/Register</ww:a> <ww:a href="%{loginUrl}">Login/Register</ww:a>
</ww:if> </ww:if>
<ww:else> <ww:else>
Welcome, <b>${sessionScope.user.username}</b> - <ww:url id="logoutUrl" action="logout" namespace="/" includeParams="none"/>
<ww:url id="manageUserUrl" action="user" namespace="/admin">
<ww:param name="principal">${sessionScope.SecuritySessionUser.principal}</ww:param>
</ww:url>
Welcome, <b>${sessionScope.SecuritySessionUser.username}</b> -
<ww:a href="%{manageUserUrl}">Settings</ww:a> - <ww:a href="%{manageUserUrl}">Settings</ww:a> -
<ww:a href="%{logoutUrl}">Logout</ww:a> <ww:a href="%{logoutUrl}">Logout</ww:a>
</ww:else> </ww:else>

18
archiva-webapp/src/main/webapp/WEB-INF/jsp/user.jsp
View File

@ -29,23 +29,23 @@
<div style="float: right"> <div style="float: right">
<pss:ifAnyAuthorized permissions="edit-all-users,edit-user" resource="${username}"> <pss:ifAnyAuthorized permissions="edit-all-users,edit-user" resource="${username}">
<ww:url id="userDetailsUrl" action="userDetails"> <ww:url id="userDetailsUrl" action="userDetails">
<ww:param name="username">${username}</ww:param> <ww:param name="username">${sessionScope.SecuritySessionUser.username}</ww:param>
</ww:url> </ww:url>
<ww:a href="%{userDetailsUrl}">Edit details</ww:a> <ww:a href="%{userDetailsUrl}">Edit details</ww:a>
</pss:ifAnyAuthorized> </pss:ifAnyAuthorized>
</div> </div>
<h2>${user.fullName}</h2> <h2>${sessionScope.SecuritySessionUser.fullName}</h2>
<table class="bodyTable"> <table class="bodyTable">
<tr class="a"> <tr class="a">
<th>Username</th> <th>Username</th>
<td>${user.username}</td> <td>${sessionScope.SecuritySessionUser.username}</td>
</tr> </tr>
<tr class="b"> <tr class="b">
<th>Email</th> <th>Email</th>
<td>${user.email}</td> <td>${sessionScope.SecuritySessionUser.email}</td>
</tr> </tr>
</table> </table>
@ -54,8 +54,8 @@
<table class="bodyTable"> <table class="bodyTable">
<ww:iterator id="role" value="assignedRoles"> <ww:iterator id="role" value="assignedRoles">
<ww:url id="removeAssignedRoleUrl" action="removeRoleFromUser"> <ww:url id="removeAssignedRoleUrl" action="removeRoleFromUser">
<ww:param name="principal">${principal}</ww:param> <ww:param name="principal">${sessionScope.SecuritySessionUser.principal}</ww:param>
<ww:param name="roleName">${role.name}</ww:param> <ww:param name="roleName">${sessionScope.SecuritySessionUser.name}</ww:param>
</ww:url> </ww:url>
<tr class="a"> <tr class="a">
<td> <td>
@ -73,13 +73,13 @@
<p> <p>
<ww:iterator id="role" value="availableRoles"> <ww:iterator id="role" value="availableRoles">
<ww:url id="addRoleUrl" action="assignRoleToUser"> <ww:url id="addRoleUrl" action="assignRoleToUser">
<ww:param name="principal">${sessionScope.user.principal}</ww:param> <ww:param name="principal">${sessionScope.SecuritySessionUser.principal}</ww:param>
<ww:param name="roleName">${role.name}</ww:param> <ww:param name="roleName">${role.name}</ww:param>
</ww:url> </ww:url>
<ww:a href="%{addRoleUrl}">${role.name}</ww:a><br/> <ww:a href="%{addRoleUrl}">${role.name}</ww:a><br/>
</ww:iterator> </ww:iterator>
</p> </p>
<%--
<p> <p>
This following screen needs have the various roles worked into it. This following screen needs have the various roles worked into it.
</p> </p>
@ -114,7 +114,7 @@
of of
<ww:select name="resourceName" list="resources" listKey="identifier" listValue="identifier" headerKey="" headerValue="(Please Select)"/> <ww:select name="resourceName" list="resources" listKey="identifier" listValue="identifier" headerKey="" headerValue="(Please Select)"/>
</td> </td>
</tr> </tr> --%>
<%-- add in for project level security <%-- add in for project level security
<tr class="b"> <tr class="b">
<td> <td>