From 55b1e5d09f280f5747c1ba04517fbc233bed5d97 Mon Sep 17 00:00:00 2001 From: Martin Stockhammer Date: Sun, 19 Dec 2021 20:21:12 +0100 Subject: [PATCH] Updating permissions for v2 rest service --- .../security/common/ArchivaRoleConstants.java | 61 +- .../resources/META-INF/redback/redback.xml | 59 +- .../src/enunciate/archiva.css | 765 -------------- .../src/enunciate/archiva.fmt | 937 ------------------ .../src/enunciate/enunciate.xml.org | 47 - .../maven/MavenManagedRepositoryService.java | 109 +- .../services/DefaultRepositoriesService.java | 4 +- .../DefaultMavenManagedRepositoryService.java | 12 +- .../security/ArchivaStandardRolesCheck.java | 4 +- .../security/DefaultUserRepositories.java | 12 +- .../ArchivaServletAuthenticatorTest.java | 16 +- .../archiva/web/api/FileUploadService.java | 2 +- .../archiva/web/rss/RssFeedServlet.java | 2 +- .../archiva/webdav/util/WebdavMethodUtil.java | 6 +- .../webdav/RepositoryServletSecurityTest.java | 20 +- 15 files changed, 230 insertions(+), 1826 deletions(-) delete mode 100644 archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/enunciate/archiva.css delete mode 100644 archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/enunciate/archiva.fmt delete mode 100644 archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/enunciate/enunciate.xml.org diff --git a/archiva-modules/archiva-base/archiva-security-common/src/main/java/org/apache/archiva/security/common/ArchivaRoleConstants.java b/archiva-modules/archiva-base/archiva-security-common/src/main/java/org/apache/archiva/security/common/ArchivaRoleConstants.java index 4700d9646..5be7c8b0e 100644 --- a/archiva-modules/archiva-base/archiva-security-common/src/main/java/org/apache/archiva/security/common/ArchivaRoleConstants.java +++ b/archiva-modules/archiva-base/archiva-security-common/src/main/java/org/apache/archiva/security/common/ArchivaRoleConstants.java @@ -45,29 +45,84 @@ public class ArchivaRoleConstants // operations public static final String OPERATION_MANAGE_USERS = "archiva-manage-users"; + /** + * Maintenance role, that allows to run all configuration changes + */ public static final String OPERATION_MANAGE_CONFIGURATION = "archiva-manage-configuration"; public static final String OPERATION_ACTIVE_GUEST = "archiva-guest"; + /** + * Allows to run the indexer update + */ public static final String OPERATION_RUN_INDEXER = "archiva-run-indexer"; + public static final String OPERATION_REGENERATE_INDEX = "archiva-regenerate-index"; public static final String OPERATION_ACCESS_REPORT = "archiva-access-reports"; + /** + * Permission to add a repository + * Scope: application + */ public static final String OPERATION_ADD_REPOSITORY = "archiva-add-repository"; - public static final String OPERATION_REPOSITORY_ACCESS = "archiva-read-repository"; + /** + * Permission to read the attributes and contents of a repository + * Scope: repository + */ + public static final String OPERATION_READ_REPOSITORY = "archiva-read-repository"; + /** + * Permission to delete a repository + * Scope: repository + */ public static final String OPERATION_DELETE_REPOSITORY = "archiva-delete-repository"; + /** + * Permission edit attributes of a repository + * Scope: repository + */ public static final String OPERATION_EDIT_REPOSITORY = "archiva-edit-repository"; - public static final String OPERATION_REPOSITORY_UPLOAD = "archiva-upload-repository"; + /** + * Permission to upload a artifact to a specific repository + * Scope: repository + */ + public static final String OPERATION_ADD_ARTIFACT = "archiva-add-artifact"; + /** + * Permission to delete a artifact from a repository + * Scope: repository + */ + public static final String OPERATION_DELETE_ARTIFACT = "archiva-delete-artifact"; + + /** + * Permission to delete a namespace (maven group) from a repository. + * Scope: repository + */ + public static final String OPERATION_DELETE_NAMESPACE = "archiva-delete-namespace"; + + /** + * Permission to delete a project + * Scope: repository + */ + public static final String OPERATION_DELETE_PROJECT = "archiva-delete-project"; + + /** + * Permission to delete a version + * Scope: repository + */ + public static final String OPERATION_DELETE_VERSION = "archiva-delete-version"; + + /** + * Permission to upload a file to the upload workspace + * Scope: application + */ public static final String OPERATION_FILE_UPLOAD = "archiva-upload-file"; - public static final String OPERATION_REPOSITORY_DELETE = "archiva-delete-artifact"; + public static final String OPERATION_MERGE_REPOSITORY = "archiva-merge-repository"; diff --git a/archiva-modules/archiva-base/archiva-security-common/src/main/resources/META-INF/redback/redback.xml b/archiva-modules/archiva-base/archiva-security-common/src/main/resources/META-INF/redback/redback.xml index 3960314a4..e236e8218 100644 --- a/archiva-modules/archiva-base/archiva-security-common/src/main/resources/META-INF/redback/redback.xml +++ b/archiva-modules/archiva-base/archiva-security-common/src/main/resources/META-INF/redback/redback.xml @@ -48,11 +48,31 @@ archiva-merge-repository Archiva Merge Repository - + + archiva-delete-namespace + archiva-delete-namespace + Delete Namespace (GroupID) from Archiva Repository + + + archiva-delete-project + archiva-delete-project + Delete Project (all versions) from Archiva Repository + + + archiva-delete-version + archiva-delete-version + Delete Version from Archiva Repository + + archiva-delete-artifact archiva-delete-artifact Delete Artifact + + archiva-add-artifact + archiva-add-artifact + Add artifact to Archiva Repository + archiva-access-reports archiva-access-reports @@ -78,11 +98,6 @@ archiva-edit-repository Edit Archiva Repository - - archiva-upload-repository - archiva-upload-repository - Upload Archiva Repository - archiva-upload-file archiva-upload-file @@ -238,12 +253,36 @@ Repository Manager true - + + archiva-delete-namespace + Archiva Delete Namespace (GroupId) + archiva-delete-namespace + ${resource} + + + archiva-delete-project + Archiva Delete Project + archiva-delete-project + ${resource} + + + archiva-delete-version + Archiva Delete Version + archiva-delete-version + ${resource} + + archiva-delete-artifact Delete Artifact archiva-delete-artifact ${resource} + + archiva-add-artifact + Add Artifact + archiva-add-artifact + ${resource} + archiva-edit-repository Archiva Edit Repository @@ -256,12 +295,6 @@ archiva-delete-repository ${resource} - - archiva-upload-repository - Archiva Upload to Repository - archiva-upload-repository - ${resource} - archiva-upload-file Archiva Upload File to Archiva diff --git a/archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/enunciate/archiva.css b/archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/enunciate/archiva.css deleted file mode 100644 index 8f3a291d4..000000000 --- a/archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/enunciate/archiva.css +++ /dev/null @@ -1,765 +0,0 @@ -/* -Copyright 2015 The Apache Software Foundation. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ -/* - Created on : 13 nov. 2015, 13:47:57 - Author : barboni -*/ -/** - * html5doctor.com Reset Stylesheet (Eric Meyer's Reset Reloaded + HTML5 baseline) - * v1.6.1 2010-09-17 | Authors: Eric Meyer & Richard Clark - * html5doctor.com/html-5-reset-stylesheet/ - */ - -html, body, div, span, object, iframe, -h1, h2, h3, h4, h5, h6, p, blockquote, pre, -abbr, address, cite, code, del, dfn, em, img, ins, kbd, q, samp, -small, strong, sub, sup, var, b, i, dl, dt, dd, ol, ul, li, -fieldset, form, label, legend, -table, caption, tbody, tfoot, thead, tr, th, td, -article, aside, canvas, details, figcaption, figure, -footer, header, hgroup, menu, nav, section, summary, -time, mark, audio, video { - margin: 0; - padding: 0; - border: 0; - font-size: 100%; - font: inherit; - vertical-align: baseline; -} - -article, aside, details, figcaption, figure, -footer, header, hgroup, menu, nav, section { - display: block; -} - -blockquote, q { quotes: none; } - -blockquote:before, blockquote:after, -q:before, q:after { content: ""; content: none; } - -ins { background-color: #ff9; color: #000; text-decoration: none; } - -mark { background-color: #ff9; color: #000; font-style: italic; font-weight: bold; } - -del { text-decoration: line-through; } - -abbr[title], dfn[title] { border-bottom: 1px dotted; cursor: help; } - -table { border-collapse: collapse; border-spacing: 0; } - -hr { display: block; height: 1px; border: 0; border-top: 1px solid #ccc; margin: 1em 0; padding: 0; } - -input, select { vertical-align: middle; } - - -/** - * Font normalization inspired by YUI Library's fonts.css: developer.yahoo.com/yui/ - */ - -body { font:13px/1.231 sans-serif; *font-size:small; } /* Hack retained to preserve specificity */ -select, input, textarea, button { font:99% sans-serif; } - -/* Normalize monospace sizing: - en.wikipedia.org/wiki/MediaWiki_talk:Common.css/Archive_11#Teletype_style_fix_for_Chrome */ -pre, code, kbd, samp { font-family: monospace, sans-serif; } - - -/** - * Minimal base styles. - */ - -/* Always force a scrollbar in non-IE */ -html { overflow-y: scroll; } - -/* Accessible focus treatment: people.opera.com/patrickl/experiments/keyboard/test */ -a:hover, a:active { outline: none; } - -ul, ol { margin-left: 2em; } -ol { list-style-type: decimal; } - -/* Remove margins for navigation lists */ -nav ul, nav li { margin: 0; list-style:none; list-style-image: none; } - -small { font-size: 85%; } -strong, th { font-weight: bold; } - -td { vertical-align: top; } - -/* Set sub, sup without affecting line-height: gist.github.com/413930 */ -sub, sup { font-size: 75%; line-height: 0; position: relative; } -sup { top: -0.5em; } -sub { bottom: -0.25em; } - -pre { - /* www.pathf.com/blogs/2008/05/formatting-quoted-code-in-blog-posts-css21-white-space-pre-wrap/ */ - padding: 15px; -} - -textarea { overflow: auto; } /* www.sitepoint.com/blogs/2010/08/20/ie-remove-textarea-scrollbars/ */ - -.ie6 legend, .ie7 legend { margin-left: -7px; } - -/* Align checkboxes, radios, text inputs with their label by: Thierry Koblentz tjkdesign.com/ez-css/css/base.css */ -input[type="radio"] { vertical-align: text-bottom; } -input[type="checkbox"] { vertical-align: bottom; } -.ie7 input[type="checkbox"] { vertical-align: baseline; } -.ie6 input { vertical-align: text-bottom; } - -/* Hand cursor on clickable input elements */ -label, input[type="button"], input[type="submit"], input[type="image"], button { cursor: pointer; } - -/* Webkit browsers add a 2px margin outside the chrome of form elements */ -button, input, select, textarea { margin: 0; } - -/* Colors for form validity */ -input:valid, textarea:valid { } -input:invalid, textarea:invalid { - border-radius: 1px; -moz-box-shadow: 0px 0px 5px red; -webkit-box-shadow: 0px 0px 5px red; box-shadow: 0px 0px 5px red; -} -.no-boxshadow input:invalid, .no-boxshadow textarea:invalid { background-color: #f0dddd; } - - -/* These selection declarations have to be separate - No text-shadow: twitter.com/miketaylr/status/12228805301 - Also: hot pink! */ -::-moz-selection{ background: #FF5E99; color:#fff; text-shadow: none; } -::selection { background:#FF5E99; color:#fff; text-shadow: none; } - -/* j.mp/webkit-tap-highlight-color */ -a:link { -webkit-tap-highlight-color: #FF5E99; } - -/* Make buttons play nice in IE: - www.viget.com/inspire/styling-the-button-element-in-internet-explorer/ */ -button { width: auto; overflow: visible; } - -/* Bicubic resizing for non-native sized IMG: - code.flickr.com/blog/2008/11/12/on-ui-quality-the-little-things-client-side-image-resizing/ */ -.ie7 img { -ms-interpolation-mode: bicubic; } - -/** - * You might tweak these.. - */ - -body, select, input, textarea { - /* #444 looks better than black: twitter.com/H_FJ/statuses/11800719859 */ - color: #444; - /* Set your base font here, to apply evenly */ - /* font-family: Georgia, serif; */ -} - -/* Headers (h1, h2, etc) have no default font-size or margin; define those yourself */ -h1, h2, h3, h4, h5, h6 { font-weight: bold; } - -a, a:active, a:visited { color: #607890; } -a:hover { color: #036; } - - -/** - * Primary styles - * - * Author: - */ - - -body{text-align:center;margin:0} -.container{text-align:left;position:relative;padding:0;margin:0 auto;width:800px} -.column{float:left;margin:0 5px 0 0;padding:0} -* html .column{overflow-x:hidden} -.border{padding-right:2px;margin-right:2px;border-right:1px solid #ddd} -.span-1{width:35px} -.span-2{width:75px} -.span-3{width:115px} -.span-4{width:155px} -.span-5{width:195px} -.span-6{width:235px} -.span-7{width:275px} -.span-8{width:315px} -.span-9{width:355px} -.span-10{width:395px} -.span-11{width:435px} -.span-12{width:475px} -.span-13{width:515px} -.span-14{width:555px} -.span-15{width:595px} -.span-16{width:635px} -.span-17{width:675px} -.span-18{width:715px} -.span-19{width:755px} -.span-20{width:795px} -.span-21{width:835px} -.span-22{width:875px} -.span-23{width:915px} -.span-24{width:955px;margin:0} -.last{margin-right:0} -.append-1{padding-right:40px} -.append-2{padding-right:80px} -.append-3{padding-right:120px} -.append-4{padding-right:160px} -.append-5{padding-right:200px} -.prepend-1{padding-left:40px} -.prepend-2{padding-left:80px} -.prepend-3{padding-left:120px} -.prepend-4{padding-left:160px} -.prepend-5{padding-left:200px} -.clear{display:inline-block} -.clear:after,.container:after{content:".";display:block;height:0;clear:both;visibility:hidden} -* html .clear{height:1%} -.clear{display:block} -h1,h2,h3,h4,h5,h6, p,ul,ol,dl,pre,form{padding-left:5px;padding-right:5px} -table{margin-left:5px;margin-right:5px} -img{margin:0 0 18px 0} -.pull-1{margin-left:-70px} -.pull-2{margin-left:-140px} -.pull-3{margin-left:-210px} -.push-0{margin:0 0 0 18px;float:right} -.push-1{margin:0 -70px 0 18px;float:right} -.push-2{margin:0 -140px 0 18px;float:right} -.push-3{margin:0 -210px 0 18px;float:right} -.deprecated{text-decoration: line-through} - -/* @end */ - -/* @group typography.css */ - -body { - font-size: 12px; - line-height: 18px; /* Do a complete find/replace on "18px" to change this */ -} - - -/* Default fonts */ -h1,h2,h3, -h4,h5,h6 { font-family: "Helvetica Neue", Helvetica, sans-serif; } -body { font-family: "Lucida Grande", Calibri, Arial, sans-serif; } -pre { font-family: Monaco, "Courier New", monospace; } -code { font-family: Consolas, "Bitstream Vera Sans Mono", "Courier New", Monaco, Courier, monospace; } - - -/* Headings --------------------------------------------------------------- */ - -h1,h2,h3,h4,h5,h6 { - color:#111; - clear:both; -} - -h1 a, h2 a, h3 a, h4 a, h5 a, h6 a { - color: #111; - text-decoration: none; -} - -h1 { font-size: 30px; line-height:36px; padding:10px 0 18px 0; } -h2 { font-size: 20px; line-height:36px; } -h3 { font-size: 12px; line-height:24px; } -h4 { font-size: 12px; font-weight:bold; } -h5 { font-size: 12px; font-weight:bold; } -h6 { font-size: 12px; } - - -/* Text elements --------------------------------------------------------------- */ - -p { margin: 0 0 18px 0; text-align:justify; } -p.last { margin-bottom:0; } -p img { float: left; margin:18px 18px 18px 0; padding:0; } -p img.top { margin-top:0; } /* Use this if the image is at the top of the

. */ - -ul, ol { margin: 0 0 18px 0; } -ul { list-style-type:circle; } -ol { list-style-type: decimal; } -dl { margin: 0 0 18px 0; } -dl dt { font-weight: bold; } - -a { color: #A68000; text-decoration: underline; outline: none; } -a:hover { color: #000; } - -blockquote { margin: 0 0 18px 18px; color: #666; font-style: italic; } -strong { font-weight: bold; } -em { font-style: italic; } -pre { margin-bottom: 18px; background: #eee; border:1px solid #ddd; padding:16px; } -code { - background: #eee; - border: 1px solid #ddd; - color: #555; - display: block; - font: normal 1.1em "Lucida Sans Unicode",serif; - margin-bottom: 12px; - padding: 8px 10px; - white-space: pre; - overflow: auto; - max-height: 300px; -} - -/* Use this to create a horizontal ruler across a column. */ -hr { - background: #FFDF73; - color: #FFDF73; - clear: both; - float: none; - width: 100%; - height: 2px; - margin: 0 0 16px 0; - border: none; -} - - -/* Tables --------------------------------------------------------------- */ - -table { margin-bottom: 16px; border-top:1px solid #ddd; border-left:1px solid #ddd; } -th,td { height: 13px; padding:2px 4px; border-bottom:1px solid #ddd; border-right:1px solid #ddd; } -th { font-weight:bold; } - - -/* Some default classes --------------------------------------------------------------- */ - -p.small { font-size: 10px; margin-bottom: 18px; } -p.large { font-size: 14px; line-height:36px; } -p.quiet { color: #666; } -.hide { display: none; } - - -.caps { - font-variant: small-caps; - letter-spacing: 1px; - text-transform: lowercase; -} - -/* @end */ - -/* @group styles */ - -/* @group Header */ - -#header { - padding-top: 1.8em; - margin-bottom: 1.8em; -} -#site-name { - line-height: 36px; -} -#site-name a { - font-variant: small-caps; - font-size: 3em; - letter-spacing: 3px; - text-decoration: none; - color: #444; -} -#site-name a:visited { - color: #444; - text-decoration: none; -} -#site-name a strong { - color: black; -} -#site-description { - padding-top: 1.4em; - padding-bottom: 1.4em; -} -#site-description h3 { - font-size: 2em; - margin: 0; - font-weight: normal; -} -#site-description p#read-more { - text-align: right; - margin: 6px 0 0; -} -#site-description p#read-more a, #site-description p#read-more a:visited { - font-size: 1.4em; - color: #515151; -} -#site-description p#read-more a:hover { - color: #919191; -} -#site-description { - background-color: #4188D2; - border-top: 2px solid #fff; - color: #444; -} -/* @end */ - -/* @group Navigation */ - -ul.navigation, ul.navigation li { - list-style: none; -} -ul.navigation li { - display: inline; - margin-right: 1.3em; -} - -#primary { - line-height: 72px; - margin-bottom: -24px; - text-align: right; -} -#primary li { - padding-bottom: 5px; -} -#primary a { - color: #444; - text-decoration: none; - font-size: 1.2em; -} -#primary li:hover { - border-bottom: 6px solid #FFDF73; -} -#secondary { - padding-top: 7px; - background-color: #FFDF73; -} -#secondary ul { - list-style: none; - margin-bottom: 7px; -} -#secondary ul li { - display: inline; - list-style: none; - margin-right: 0; -} -#secondary ul li a { - color: #515151; - text-decoration: none; - padding: 8px 24px 8px 24px; - margin-left: -4px; -} -#secondary ul li a.selected { - background-color: #515151; - color: #fff; -} -#secondary ul a:hover { - background: #fff4d0; -} -/* - xBreadcrumbs (Extended Breadcrumbs) jQuery Plugin - � 2009 ajaxBlender.com - For any questions please visit www.ajaxblender.com - or email us at support@ajaxblender.com -*/ -.xbreadcrumbs { - position: relative; - z-index: 1000; -} -.xbreadcrumbs LI UL { - position: absolute; - float: left; -} -.xbreadcrumbs, .xbreadcrumbs LI, .xbreadcrumbs UL, .xbreadcrumbs UL LI { - list-style: none; - margin: 0; - padding: 0; -} -.xbreadcrumbs { clear: both; } -.xbreadcrumbs, .xbreadcrumbs LI { - float: left; -} -.xbreadcrumbs UL { - display: none; -} - -/* Base style of xBreadcrumbs */ -/* Top Level */ -.xbreadcrumbs { - background: #FFDF73; - width: 100%; -} -.xbreadcrumbs LI { - border-right: none; - padding: 5px 15px 5px 10px; - height: 16px; -} -.xbreadcrumbs LI.current { - background: none; -} -.xbreadcrumbs LI UL LI { - background: none; -} -.xbreadcrumbs LI A { - font-size: 11px; - color: #515151; - text-decoration: none; - padding-right: 2em; -} -.xbreadcrumbs LI A.home { - background: url( home.gif ) no-repeat left center; - padding-left: 20px; -} -.xbreadcrumbs LI A:HOVER, .xbreadcrumbs LI.hover A { - color: #000; -} -/* Top Level - Current Page */ -.xbreadcrumbs LI.current A { - color: #333333; - font-weight: bold; -} -/* Sub-level */ -.xbreadcrumbs LI UL { - padding: 3px; - background: #fff4d0; - font-size: 11px; - min-width: 180px; - max-height: 500px; - overflow: auto; - top: 25px; -} -.xbreadcrumbs LI UL LI { - float: left; - width: 100%; - border-right: none; - height: auto; -} -.xbreadcrumbs LI UL LI A { - text-decoration: none; - color: #666666 !important; - display: block; - padding: 4px; - border-bottom: 1px dotted #666666; -} -.xbreadcrumbs LI UL LI:last-child A { - border-bottom: none; -} -.xbreadcrumbs LI UL LI A:HOVER { - background: #fffbee; -} -body.advisories #nav-advisories,body.community #nav-community,body.blog #nav-blog,body.code #nav-code,body.about #nav-about,body.documentation #nav-documentation{border-bottom: 6px solid #FFDF73;} -/* @end */ - -/* @group Main */ - -#main { - font-size: 1.2em; - line-height: 1.5em; - color: #1E250D; -} -#main h2 { - font-size: 1.8em; - font-weight: normal; - border-bottom: 3px solid #c2b2d4; - padding-top: 10px; - padding-left: 0; - padding-right: 0; - margin-bottom: 6px; -} -#main h3 { - font-size: 1.4em; - font-weight: normal; - border-bottom: 4px solid #f7f7f7; - padding: 0 0 5px; - margin-bottom: 0.4em; -} -#main h3 .caps { - font-size: 1.3em; -} -#main .hfeed .hentry { - list-style: none; - list-style-type: none; - margin-bottom: 2em; - border-bottom: 4px solid #eee; - padding-bottom: 1em; - clear: both; -} -#main .hfeed .hentry:last-child { - border-bottom: none; -}#main .hfeed .hentry .entry-title { - border-bottom: none; -} -#main hr { - color: #FFDF73; - background-color: #FFDF73; - border-color: #FFDF73; -} -#main p { - text-align: left; - padding-left: 0; - padding-right: 0; -} -#main img { - max-width: 740px; -} -#main ol { - margin-left: 1.5em; -} -#main ul { - margin-left: 1.2em; - list-style: disc; -} -#main .intro { - font-size: 1.2em; - color: #515151; - border-bottom: 3px solid #f8fbfd; -} -#main .get-started a { - text-align: center; - background-color: #8942D6; - color: #fff; - display: block; - border-radius: 12px; - -webkit-border-radius: 12px; - -moz-border-radius: 12px; - padding: 8px 6px; - width: 10em; - font-size: 1.4em; - margin-left: auto; - margin-right: auto; - text-decoration: none; -} -#main .get-started a:hover { - background-color: #9D69D6; -} -#main pre { - max-height: 600px; - overflow: auto; -} - -/* @end */ -/* @group Footer */ - -#footer { - color: #666; - font-size: 11px; - border-top: 4px double #e7e7e7; - margin-top: 2em; - padding-top: 1.2em; - text-align: center; -} -/*#footer a { - color: #787878; - text-decoration: none; - border-bottom: 1px dotted #787878; -} -#footer a:hover { - border-bottom: 1px solid #787878; -}*/ - -/* @end */ - -.update, .note, .notice, .alert { -margin: 10px 0 20px; -padding: 5px 20px 5px 20px; -clear: both; -} -.note { - background: #e6ecf2; - border-top: 2px solid #8996ad; - border-bottom: 2px solid #8996ad; -} -.update, .notice { - background: #92ED6B; - border-top: 2px solid #2B8E00; - border-bottom: 2px solid #2B8E00; -} -.alert { - background: #ffbfbf; - border-top: 2px solid #f33; - border-bottom: 2px solid #f33; -} -.alert a { - color:#f00; -} -.alert a:visited { - color: #f33; -} - -/* JavaDoc-Specific Styles */ -.TableHeadingColor { text-align: left; border-width: 0 } -.TableSubHeadingColor { text-align: left; border-width: 0 } -.TableRowColor { text-align: left; border-width: 0 } -.NavBarCell1 { text-align: left; border-width: 0 } -.NavBarCell1Rev { text-align: left; border-width: 0 } -.FrameItemFont { text-align: left; } - -/* @end */ - - - -/** - * Non-semantic helper classes: please define your styles before this section. - */ - -/* For image replacement */ -.ir { display: block; text-indent: -999em; overflow: hidden; background-repeat: no-repeat; text-align: left; direction: ltr; } - -/* Hide for both screenreaders and browsers: - css-discuss.incutio.com/wiki/Screenreader_Visibility */ -.hidden { display: none; visibility: hidden; } - -/* Hide only visually, but have it available for screenreaders: by Jon Neal. - www.webaim.org/techniques/css/invisiblecontent/ & j.mp/visuallyhidden */ -.visuallyhidden { border: 0; clip: rect(0 0 0 0); height: 1px; margin: -1px; overflow: hidden; padding: 0; position: absolute; width: 1px; } -/* Extends the .visuallyhidden class to allow the element to be focusable when navigated to via the keyboard: drupal.org/node/897638 */ -.visuallyhidden.focusable:active, -.visuallyhidden.focusable:focus { clip: auto; height: auto; margin: 0; overflow: visible; position: static; width: auto; } - -/* Hide visually and from screenreaders, but maintain layout */ -.invisible { visibility: hidden; } - -/* The Magnificent Clearfix: Updated to prevent margin-collapsing on child elements. - j.mp/bestclearfix */ -.clearfix:before, .clearfix:after { content: "\0020"; display: block; height: 0; overflow: hidden; } -.clearfix:after { clear: both; } -/* Fix clearfix: blueprintcss.lighthouseapp.com/projects/15318/tickets/5-extra-margin-padding-bottom-of-page */ -.clearfix { zoom: 1; } - - - -/** - * Media queries for responsive design. - * - * These follow after primary styles so they will successfully override. - */ - -@media all and (orientation:portrait) { - /* Style adjustments for portrait mode goes here */ - -} - -@media all and (orientation:landscape) { - /* Style adjustments for landscape mode goes here */ - -} - -/* Grade-A Mobile Browsers (Opera Mobile, Mobile Safari, Android Chrome) - consider this: www.cloudfour.com/css-media-query-for-mobile-is-fools-gold/ */ -@media screen and (max-device-width: 480px) { - - - /* Uncomment if you don't want iOS and WinMobile to mobile-optimize the text for you: j.mp/textsizeadjust */ - /* html { -webkit-text-size-adjust:none; -ms-text-size-adjust:none; } */ -} - - -/** - * Print styles. - * - * Inlined to avoid required HTTP connection: www.phpied.com/delay-loading-your-print-css/ - */ -@media print { - * { background: transparent !important; color: black !important; text-shadow: none !important; filter:none !important; - -ms-filter: none !important; } /* Black prints faster: sanbeiji.com/archives/953 */ - a, a:visited { color: #444 !important; text-decoration: underline; } - a[href]:after { content: " (" attr(href) ")"; } - abbr[title]:after { content: " (" attr(title) ")"; } - .ir a:after, a[href^="javascript:"]:after, a[href^="#"]:after { content: ""; } /* Don't show links for images, or javascript/internal links */ - pre, blockquote { border: 1px solid #999; page-break-inside: avoid; } - thead { display: table-header-group; } /* css-discuss.incutio.com/wiki/Printing_Tables */ - tr, img { page-break-inside: avoid; } - @page { margin: 0.5cm; } - p, h2, h3 { orphans: 3; widows: 3; } - h2, h3{ page-break-after: avoid; } -} - diff --git a/archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/enunciate/archiva.fmt b/archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/enunciate/archiva.fmt deleted file mode 100644 index 9d8a114b3..000000000 --- a/archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/enunciate/archiva.fmt +++ /dev/null @@ -1,937 +0,0 @@ -[#ftl] -<#-- -Copyright 2015 The Apache Software Foundation. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. ---> -[#-- @ftlvariable name="resourceApis" type="java.util.List" --] -[#-- @ftlvariable name="serviceApis" type="java.util.List" --] -[#-- @ftlvariable name="data" type="java.util.List" --] -[#-- @ftlvariable name="downloads" type="java.util.List" --] -[#-- @ftlvariable name="title" type="java.lang.String" --] -[#-- @ftlvariable name="indexPageName" type="java.lang.String" --] -[#-- @ftlvariable name="disableMountpoint" type="java.lang.Boolean" --] -[#-- @ftlvariable name="apiRelativePath" type="java.lang.String" --] -[#-- @ftlvariable name="cssFile" type="java.lang.String" --] -[#-- @ftlvariable name="additionalCssFiles" type="java.util.List" --] -[#-- @ftlvariable name="copyright" type="java.lang.String" --] -[#-- @ftlvariable name="apiDoc" type="java.lang.String" --] -[#-- @ftlvariable name="swaggerUI" type="com.webcohesion.enunciate.api.InterfaceDescriptionFile" --] -[#--set up the subnavigation menus--] -[#assign nav_sections = { } /] -[#if resourceApis?size > 0] - [#assign nav_sections = nav_sections + { "Resources" : "resources.html" }/] -[/#if] -[#if serviceApis?size > 0] - [#assign nav_sections = nav_sections + { "Services" : "services.html" }/] -[/#if] -[#if data?size > 0] - [#list data as syntax] - [#assign nav_sections = { syntax.label : syntax.slug + ".html" } /] - [/#list] -[/#if] -[#if downloads?size > 0] - [#assign nav_sections = nav_sections + { "Files and Libraries" : "downloads.html"} /] -[/#if] -[#--Basic boilerplate macro.--] -[#macro boilerplate title=title breadcrumbs=[{"title" : "Home", "href" : indexPageName}] pagenav=[] codeblocks=true] - - - - - - - - - ${title} - - - - - - - - [#if cssFile??] - - - [/#if] - [#list additionalCssFiles as additionalCssFile] - - [/#list] - - - - - - - - -

-
- - - -
-
- - [#nested/] - -
- -
- -
- -
- - - - - - - - - - - - -[/#macro] -[#--Macro that wraps its text in a deprecated tag if the element is deprecated.--] -[#macro deprecation element] - [#assign deprecated=(element?? && element.deprecated??)/] - [#if deprecated][/#if][#nested/][#if deprecated][/#if] -[/#macro] -[@file name=indexPageName] - [#assign pagenav=[]/] - [#if resourceApis?size > 0] - [#assign pagenav=pagenav + [{ "href" : "#resources", "title" : "Resources" }]/] - [/#if] - [#if serviceApis?size > 0] - [#assign pagenav=pagenav + [{ "href" : "#services", "title" : "Services" }]/] - [/#if] - [#list data as syntax] - [#assign pagenav=pagenav + [{ "href" : "#" + syntax.slug, "title" : syntax.label }]/] - [/#list] - [@boilerplate pagenav=pagenav] - [#if apiDoc??] -
-
- ${apiDoc} -
-
- [/#if] - [#if resourceApis?size > 0] - -

Resources

- [#list resourceApis as resourceApi] - [#if downloads?size > 0] - -

- The resources use a data model that is supported by a set of client-side libraries that are made available on the - files and libraries page. -

- [/#if] - [#if resourceApi.wadlFile??] - -

- There is a WADL document available that describes the resources API. -

- [/#if] - [#if swaggerUI??] - -

- You may also enjoy the Swagger UI provided for this API. -

- [/#if] -
    - [#list resourceApi.resourceGroups as resourceGroup] - [@processResourceGroup resourceGroup=resourceGroup/] -
  • ${resourceGroup.label}
  • - - [/#list] -
- - [/#list] - [/#if] - [#if serviceApis?size > 0] - -

Services

- [#list serviceApis as serviceApi] - [#list serviceApi.serviceGroups as serviceGroup] - - - - - - - - - - - [#list serviceGroup.services as service] - [@processService service=service/] - - - - - [/#list] - -
Namespace ${serviceGroup.namespace!"(Default)"}[#if serviceGroup.wsdlFile??] (wsdl)[/#if]
namedescription
[@deprecation element=service]${service.label}[/@deprecation][@deprecation element=service]${service.description!" "}[/@deprecation]
- [/#list] - [/#list] - [#if downloads?size > 0] - -

The services API is also accessible by a set of client-side libraries that can be downloaded from the files and libraries page.

- [/#if] - [/#if] - [#if data?size > 0] - -

Data Types

- [#list data as syntax] - [@processDataSyntax syntax=syntax/] - -

${syntax.label}

- [#list syntax.namespaces as ns] - [#if ns.types?size > 0] - - - [#if ns.uri?? && ns.uri?length > 0] -

Namespace ${ns.uri}[#if ns.schemaFile??] (schema)[/#if]

- [#else] -

Default Namespace [#if ns.schemaFile??] (schema)[/#if]

- [/#if] -
    - [#list ns.types?sort_by("label") as type] -
  • ${type.label}
  • - - [/#list] -
- - [/#if] - [/#list] - [/#list] - [/#if] - [/@boilerplate] -[/@file] -[@file name="data.html"] - [#assign pagenav=[]/] - [#list data as syntax] - [#assign pagenav=pagenav + [{ "href" : "#" + syntax.slug, "title" : syntax.label }]/] - [/#list] - [@boilerplate title=title + ": Data Types" breadcrumbs=[{"title" : "Home", "href" : indexPageName}, {"title" : "Data Types" , "href" : "data.html"}] pagenav=pagenav] -

Data Types

- [#list data as syntax] - -

${syntax.label}

- [#list syntax.namespaces as ns] - [#if ns.types?size > 0] - - - [#if ns.uri?? && ns.uri?length > 0] -

Namespace ${ns.uri}[#if ns.schemaFile??] (schema)[/#if]

- [#else] -

Default Namespace [#if ns.schemaFile??] (schema)[/#if]

- [/#if] - - - - [/#if] - [/#list] - [/#list] - [/@boilerplate] -[/@file] -[#if downloads?size > 0] - [@file name="downloads.html"] - [#assign pagenav=[]/] - [#list downloads as download] - [#assign pagenav=pagenav + [{ "href" : "#" + download.slug, "title" : download.name }]/] - [/#list] - [@boilerplate title=title + ": Files and Libraries" breadcrumbs=[{"title" : "Home", "href" : indexPageName}, { "title" : "Files and Libraries" , "href" : "downloads.html"}] codeblocks=true pagenav=pagenav] -

Files and Libraries

- - [#list downloads as download] -

${download.name}

- [#if download.created??] -

Created ${download.created?date?string.long}

- [/#if] - [#if download.description??] -

${download.description}

- [/#if] - - - - - - - - - - - [#list download.files as file] - - - - - - [/#list] - -
Files
namesizedescription
${file.name}${file.size}${file.description!" "}
- [/#list] - [/@boilerplate] - [/@file] -[/#if] -[#if resourceApis?size > 0] - [@file name="resources.html"] - [@boilerplate title=title + ": Resources" breadcrumbs=[{"title" : "Home", "href" : indexPageName}, {"title" : "Resources" , "href" : "resources.html"}]] -

Resources

- - [#list resourceApis as resourceApi] - [#if downloads?size > 0] -

- The resources use a data model that is supported by a set of client-side libraries that are made available on the - files and libraries page. -

- [/#if] - [#if resourceApi.wadlFile??] -

- There is a WADL document available that describes the resources API. -

- [/#if] - [#if swaggerUI??] -

- You may also enjoy the Swagger UI provided for this API. -

- [/#if] - - - - [/#list] - [/@boilerplate] - [/@file] -[/#if] -[#if serviceApis?size > 0] - [@file name="services.html"] - [@boilerplate title=title + ": Services" breadcrumbs=[{"title" : "Home", "href" : indexPageName}, {"title" : "Services" , "href" : "services.html"}]] -

Services

- [#list serviceApis as serviceApi] - [#list serviceApi.serviceGroups as serviceGroup] - - - - - - - - - - - [#list serviceGroup.services as service] - - - - - [/#list] - -
Namespace ${serviceGroup.namespace}[#if serviceGroup.wsdlFile??] (wsdl)[/#if]
namedescription
[@deprecation element=service]${service.label}[/@deprecation][@deprecation element=service]${service.description!" "}[/@deprecation]
- [/#list] - [/#list] - [#if downloads?size > 0] - -

The services API is also accessible by a set of client-side libraries that can be downloaded from the files and libraries page.

- [/#if] - [/@boilerplate] - [/@file] -[/#if] -[#macro processResourceGroup resourceGroup] - [#assign pagenav=[]/] - [#list resourceGroup.resources as resource] - [#list resource.methods as method] - [#assign pagenav=pagenav + [{ "href" : "#" + method.slug, "title" : method.label + " " + resource.path }]/] - [/#list] - [/#list] - [#-- @ftlvariable name="resourceGroup" type="com.webcohesion.enunciate.api.resources.ResourceGroup" --] - [@file name=resourceGroup.slug + ".html"] - [@boilerplate title=title + ": " + resourceGroup.label breadcrumbs=[{"title" : "Home", "href" : indexPageName}, {"title" : "Resources" , "href" : "resources.html"}, {"title" : resourceGroup.label , "href" : resourceGroup.slug + ".html"}] pagenav=pagenav] -

${resourceGroup.label} Resource

- [#if resourceGroup.description??] - -

${resourceGroup.description}

- [/#if] - - [#list resourceGroup.resources?sort_by("path") as resource] - [#if resource.since?? || resource.version??] - -
- [#if resource.since??] -
Available Since
-
${resource.since}
- [/#if] - [#if resource.version??] -
Version
-
${resource.version}
- [/#if] -
- [/#if] - [#list resource.methods as method] - -
-

${method.label} ${resource.path}

- [#if resourceGroup.deprecated?? || method.deprecated??] - -
This method has been deprecated. [#if method.deprecated??] ${method.deprecated!""}[#else] ${resource.deprecated!""}[/#if]
- [/#if] - [#if method.description??] - -

${method.description}

- [/#if] - [#-- would be nice to enable a "Try it out" link to Swagger. See https://github.com/swagger-api/swagger-spec/issues/239 - [#if swaggerUI??] - -

Try it out!

- [/#if] - --] - [#if (method.since?? || method.version??)] - -
- [#if method.since??] -
Available Since
-
${method.since}
- [/#if] - [#if method.version??] -
Version
-
${method.version}
- [/#if] -
- [/#if] - [#if method.parameters?size > 0] - - - - - - - - - - - - - [#list method.parameters as parameter] - - - - - - - [/#list] - -
Request Parameters
nametypedescriptiondefault
${parameter.name}${parameter.typeLabel}${parameter.description!" "}${parameter.defaultValue!"n/a"}
- [/#if] - [#if method.requestEntity??] - - - - - - - - [#if method.requestEntity.description??] - - [/#if] - - - - [#list method.requestEntity.mediaTypes as io] - - - - [#if io_index = 0 && method.requestEntity.description??] - - [/#if] - - [/#list] - -
Request Body
media typedata typedescription
${io.mediaType}[@referenceDataType referenceType=io.dataType!{"label" : "(custom)"}/][#if io.syntax??] (${io.syntax})[/#if]${method.requestEntity.description}
- [/#if] - [#if method.responseCodes?size > 0] - - - - - - - - - - - [#list method.responseCodes as responseCode] - - - - - [/#list] - -
Response Codes
codecondition
${responseCode.code}${responseCode.condition}
- [/#if] - [#if method.responseEntity??] - - - - - - - - [#if method.responseEntity.description??] - - [/#if] - - - - [#list method.responseEntity.mediaTypes as io] - - - - [#if io_index = 0 && method.responseEntity.description??] - - [/#if] - - [/#list] - -
Response Body
media typedata typedescription
${io.mediaType}[@referenceDataType referenceType=io.dataType!{"label" : "(custom)"}/][#if io.syntax??] (${io.syntax})[/#if]${method.responseEntity.description}
- [/#if] - [#if method.warnings?size > 0] - - - - - - - - - - - [#list method.warnings as responseCode] - - - - - [/#list] - -
Response Warnings
codecondition
${responseCode.code}${responseCode.condition}
- [/#if] - [#if method.responseHeaders?size > 0] - - - - - - - - - - - [#list method.responseHeaders as header] - - - - - [/#list] - -
Response Headers
namedescription
${header.name}${header.description!" "}
- [/#if] -
- [/#list] - [/#list] - [/@boilerplate] - [/@file] -[/#macro] -[#macro processService service] - [#assign pagenav=[]/] - [#list service.operations as operation] - [#assign pagenav=pagenav + [{ "href" : "#" + operation.slug, "title" : operation.name }]/] - [/#list] - [#-- @ftlvariable name="service" type="com.webcohesion.enunciate.api.services.Service" --] - [@file name=service.slug + ".html"] - [@boilerplate title=title + ": " + service.label breadcrumbs=[{"title" : "Home", "href" : indexPageName}, {"title" : service.label , "href" : service.slug + ".html"}] pagenav=pagenav] -

${service.label} Service

- [#if service.deprecated??] - -
This service has been deprecated. ${service.deprecated}
- [/#if] - [#if service.description??] - -

${service.description}

- [/#if] - -
- [#if service.namespace?? && service.namespace?length > 0] -
Namespace
-
${service.namespace}
- [/#if] - [#if service.group.wsdlFile??] -
WSDL
-
${service.group.wsdlFile.href}
- [/#if] - [#if service.path??] -
Path
-
${service.path}
- [/#if] - [#if service.since??] -
Available Since
-
${service.since}
- [/#if] - [#if service.version??] -
Version
-
${service.version}
- [/#if] -
- [#list service.operations as operation] - -

${operation.name} Operation

- [#if operation.deprecated??] - -
This method has been deprecated. ${operation.deprecated}
- [/#if] - [#if operation.description??] - -

${operation.description}

- [/#if] - [#if (operation.since?? || operation.version??)] - -
- [#if operation.since??] -
Available Since
-
${operation.since}
- [/#if] - [#if operation.version??] -
Version
-
${operation.version}
- [/#if] -
- [/#if] - [#if operation.inputParameters?size > 0] - - - - - - - - - - - - [#list operation.inputParameters as parameter] - - - - - - [/#list] - -
Input Parameters
nametypedescription
${parameter.name}[@referenceDataType referenceType=parameter.dataType/]${parameter.description!" "}
- [/#if] - [#if operation.outputParameters?size > 0] - - - - - - - - - - - - [#list operation.outputParameters as parameter] - - - - - - [/#list] - -
Output Parameters
nametypedescription
${parameter.name}[@referenceDataType referenceType=parameter.dataType/]${parameter.description!" "}
- [/#if] - [#if operation.returnType??] - - - - - - - - - - - - - - - -
Return Value
typedescription
[#if operation.returnType.slug??][/#if]${operation.returnType.label}[#if operation.returnType.slug??][/#if]${operation.returnDescription!" "}
- [/#if] - [#if operation.faults?size > 0] - - - - - - - - - - - - [#list operation.faults as fault] - - - - - - [/#list] - -
Faults
nametypedescription
${fault.name}[@referenceDataType referenceType=fault.dataType/]${fault.description!" "}
- [/#if] - [/#list] - [/@boilerplate] - [/@file] -[/#macro] -[#macro processDataSyntax syntax] - [#-- @ftlvariable name="syntax" type="com.webcohesion.enunciate.api.datatype.Syntax" --] - [@file name=syntax.slug + ".html"] - [@boilerplate title=title + ": " + syntax.label breadcrumbs=[{"title" : "Home", "href" : indexPageName}, {"title" : syntax.label , "href" : syntax.slug + ".html"} ]] -

${syntax.label}

- [#list syntax.namespaces as ns] - [#if ns.types?size > 0] - - - [#if ns.uri?? && ns.uri?length > 0] - - [#else] - - [/#if] - - - - - - - - [#list ns.types as type] - [@processDataType type=type/] - - - - - [/#list] - -
Namespace ${ns.uri}[#if ns.schemaFile??] (schema)[/#if]Default Namespace [#if ns.schemaFile??] (schema)[/#if]
typedescription
[@deprecation element=type]${type.label}[/@deprecation][@deprecation element=type]${type.description}[/@deprecation]
- [/#if] - [/#list] - [/@boilerplate] - [/@file] -[/#macro] -[#macro processDataType type] - [#-- @ftlvariable name="type" type="com.webcohesion.enunciate.api.datatype.DataType" --] - [@file name=type.slug + ".html"] - [@boilerplate title=title + ": " + type.label breadcrumbs=[{"title" : "Home", "href" : indexPageName}, {"title" : type.syntax.label , "href" : type.syntax.slug + ".html"}, {"title" : type.label , "href" : type.slug + ".html"} ] codeblocks=true] -

${type.label} Data Type

- [#if type.deprecated??] - -
This data type has been deprecated. ${type.deprecated}
- [/#if] - [#if type.description??] - -

${type.description}

- [/#if] - -
- [#if type.namespace.uri??] -
Namespace
- [#if type.namespace.uri?length > 0] -
${type.namespace.uri}
- [#else] -
(Default)
- [/#if] - [/#if] - [#if type.namespace.schemaFile??] -
Schema
-
${type.namespace.schemaFile.href}
- [/#if] - [#if type.since??] -
Available Since
-
${type.since}
- [/#if] - [#if type.version??] -
Version
-
${type.version}
- [/#if] -
- [#if type.values??] - - - - - - - - - - - [#list type.values as value] - - - - - [/#list] - -
Values
valuedescription
${value.value}${value.description!" "}
- [/#if] - [#if type.properties??] - - - - - - - - [#list type.propertyMetadata?keys as meta] - - [/#list] - - - - - [#list type.properties as property] - - - - [#list type.propertyMetadata?keys as meta] - - [/#list] - - - [/#list] - - [#if type.supertypes??] - [#list type.supertypes as supertype] - [#if supertype.value?? && supertype.value.properties?? && supertype.value.properties?size > 0] - - - - - [#list supertype.value.properties as superProperty] - - - - [#list type.propertyMetadata?keys as meta] - - [/#list] - - - [/#list] - - [/#if] - [/#list] - [/#if] -
Properties
namedata type${type.propertyMetadata[meta]}description
[@deprecation element=property]${property.name}[/@deprecation][@deprecation element=property][@referenceDataType referenceType=property.dataType/][/@deprecation][@deprecation element=property][@printPropertyMetadata property=property meta=meta/][/@deprecation][@deprecation element=property]${property.description!" "}[/@deprecation]
Properties inherited from ${supertype.label}
${superProperty.name}[@referenceDataType referenceType=superProperty.dataType/][@printPropertyMetadata property=superProperty meta=meta/]${superProperty.description!" "}
- [/#if] - [#if type.example??] - -

Example

- -
${type.example.body?xhtml}
- [/#if] - [/@boilerplate] - [/@file] -[/#macro] -[#macro referenceDataType referenceType] -[#-- @ftlvariable name="type" type="com.webcohesion.enunciate.api.datatype.DataTypeReference" --] -[#if referenceType.containers??][#list referenceType.containers as container]${container?string} of [/#list][/#if][#if referenceType.slug??][/#if]${referenceType.label!"(custom)"}[#if referenceType.slug??][/#if] -[/#macro] -[#macro printPropertyMetadata property meta] - [#assign metaValue=property[meta]!({ "structure" : true })/] - [#if metaValue?is_hash && metaValue.structure!false] -[#if metaValue.href??][/#if][#if metaValue.title??][/#if]${metaValue.value!" "}[#if metaValue.title??][/#if][#if metaValue.href??][/#if] - [#else] -${metaValue} - [/#if] -[/#macro] diff --git a/archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/enunciate/enunciate.xml.org b/archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/enunciate/enunciate.xml.org deleted file mode 100644 index 3e1fe0605..000000000 --- a/archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/enunciate/enunciate.xml.org +++ /dev/null @@ -1,47 +0,0 @@ - - - - - Apache Archiva REST API - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/main/java/org/apache/archiva/rest/api/v2/svc/maven/MavenManagedRepositoryService.java b/archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/main/java/org/apache/archiva/rest/api/v2/svc/maven/MavenManagedRepositoryService.java index 404d913d4..98ac75419 100644 --- a/archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/main/java/org/apache/archiva/rest/api/v2/svc/maven/MavenManagedRepositoryService.java +++ b/archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/main/java/org/apache/archiva/rest/api/v2/svc/maven/MavenManagedRepositoryService.java @@ -50,9 +50,10 @@ import java.util.List; import static javax.ws.rs.core.MediaType.APPLICATION_JSON; import static org.apache.archiva.rest.api.v2.svc.RestConfiguration.DEFAULT_PAGE_LIMIT; +import static org.apache.archiva.security.common.ArchivaRoleConstants.*; /** - * Service interface for managing managed maven repositories + * Service interface for update, delete, add of Managed Maven Repositories * * @author Martin Stockhammer * @since 3.0 @@ -66,7 +67,7 @@ public interface MavenManagedRepositoryService @Path( "" ) @GET @Produces( {APPLICATION_JSON} ) - @RedbackAuthorization( permissions = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION ) + @RedbackAuthorization( permissions = OPERATION_MANAGE_CONFIGURATION ) @Operation( summary = "Returns all managed repositories.", parameters = { @Parameter( name = "q", description = "Search term" ), @@ -77,7 +78,7 @@ public interface MavenManagedRepositoryService }, security = { @SecurityRequirement( - name = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION + name = OPERATION_MANAGE_CONFIGURATION ) }, responses = { @@ -101,11 +102,18 @@ public interface MavenManagedRepositoryService @Path( "{id}" ) @GET @Produces( {MediaType.APPLICATION_JSON} ) - @RedbackAuthorization( permissions = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION ) + @RedbackAuthorization( + permissions = { OPERATION_MANAGE_CONFIGURATION, OPERATION_READ_REPOSITORY}, + resource = "{id}" + ) @Operation( summary = "Returns the managed repository with the given id.", security = { @SecurityRequirement( - name = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION + name = OPERATION_MANAGE_CONFIGURATION + ), + @SecurityRequirement( + name = OPERATION_READ_REPOSITORY, + scopes = "{id}" ) }, responses = { @@ -126,11 +134,18 @@ public interface MavenManagedRepositoryService @Path( "{id}" ) @DELETE @Produces( {MediaType.APPLICATION_JSON} ) - @RedbackAuthorization( permissions = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION ) + @RedbackAuthorization( + permissions = { OPERATION_MANAGE_CONFIGURATION, OPERATION_DELETE_REPOSITORY }, + resource = "{id}" + ) @Operation( summary = "Deletes the managed repository with the given id.", security = { @SecurityRequirement( - name = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION + name = OPERATION_MANAGE_CONFIGURATION + ), + @SecurityRequirement( + name = OPERATION_DELETE_REPOSITORY, + scopes = "{id}" ) }, responses = { @@ -152,11 +167,18 @@ public interface MavenManagedRepositoryService @POST @Consumes( {MediaType.APPLICATION_JSON} ) @Produces( {MediaType.APPLICATION_JSON} ) - @RedbackAuthorization( permissions = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION ) + @RedbackAuthorization( + permissions = { OPERATION_MANAGE_CONFIGURATION, OPERATION_ADD_REPOSITORY }, + resource = "{id}" + ) @Operation( summary = "Creates the managed repository", security = { @SecurityRequirement( - name = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION + name = OPERATION_MANAGE_CONFIGURATION + ), + @SecurityRequirement( + name = OPERATION_ADD_REPOSITORY, + scopes = "{id}" ) }, responses = { @@ -183,11 +205,18 @@ public interface MavenManagedRepositoryService @PUT @Consumes( {MediaType.APPLICATION_JSON} ) @Produces( {MediaType.APPLICATION_JSON} ) - @RedbackAuthorization( permissions = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION ) + @RedbackAuthorization( + permissions = { OPERATION_MANAGE_CONFIGURATION, OPERATION_EDIT_REPOSITORY }, + resource = "{id}" + ) @Operation( summary = "Updates the managed repository with the given id", security = { @SecurityRequirement( - name = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION + name = OPERATION_MANAGE_CONFIGURATION + ), + @SecurityRequirement( + name = OPERATION_EDIT_REPOSITORY, + scopes = "{id}" ) }, responses = { @@ -210,12 +239,20 @@ public interface MavenManagedRepositoryService @Path( "{id}/path/{filePath: .+}" ) @GET @Produces( {MediaType.APPLICATION_JSON} ) - @RedbackAuthorization( permissions = ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS, resource = "{id}") + @RedbackAuthorization( + permissions = { OPERATION_MANAGE_CONFIGURATION, OPERATION_READ_REPOSITORY}, + resource = "{id}" + ) @Operation( summary = "Returns the status of a given file in the repository", security = { @SecurityRequirement( - name = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION + name = OPERATION_MANAGE_CONFIGURATION + ), + @SecurityRequirement( + name = OPERATION_READ_REPOSITORY, + scopes = "{id}" ) + }, responses = { @ApiResponse( responseCode = "200", @@ -243,13 +280,13 @@ public interface MavenManagedRepositoryService @Operation( summary = "Copies a artifact from the source repository to the destination repository", security = { @SecurityRequirement( - name = ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS, + name = OPERATION_READ_REPOSITORY, scopes = { "{srcId}" } ), @SecurityRequirement( - name= ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD, + name= OPERATION_ADD_ARTIFACT, scopes = { "{dstId}" } @@ -274,12 +311,20 @@ public interface MavenManagedRepositoryService @Path ("{id}/path/{path: .+}") @DELETE @Consumes ({ APPLICATION_JSON }) - @RedbackAuthorization (noPermission = true) + @RedbackAuthorization ( + permissions = { OPERATION_MANAGE_CONFIGURATION, OPERATION_DELETE_ARTIFACT }, + resource = "{id}" + ) @Operation( summary = "Deletes a artifact in the repository.", security = { @SecurityRequirement( - name = ArchivaRoleConstants.OPERATION_RUN_INDEXER + name = OPERATION_MANAGE_CONFIGURATION + ), + @SecurityRequirement( + name = OPERATION_DELETE_ARTIFACT, + scopes = "{id}" ) + }, responses = { @ApiResponse( responseCode = "200", @@ -297,12 +342,20 @@ public interface MavenManagedRepositoryService @Path ( "{id}/co/{group}/{project}/{version}" ) @DELETE @Produces ({ MediaType.APPLICATION_JSON }) - @RedbackAuthorization (noPermission = true) + @RedbackAuthorization ( + permissions = { OPERATION_MANAGE_CONFIGURATION, OPERATION_DELETE_VERSION}, + resource = "{id}" + ) @Operation( summary = "Removes a version tree in the repository", security = { @SecurityRequirement( - name = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION + name = OPERATION_MANAGE_CONFIGURATION + ), + @SecurityRequirement( + name = OPERATION_DELETE_VERSION, + scopes = "{id}" ) + }, responses = { @ApiResponse( responseCode = "200", @@ -327,8 +380,13 @@ public interface MavenManagedRepositoryService @Operation( summary = "Removes a project tree in the repository", security = { @SecurityRequirement( - name = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION + name = OPERATION_MANAGE_CONFIGURATION + ), + @SecurityRequirement( + name = OPERATION_DELETE_PROJECT, + scopes = "{id}" ) + }, responses = { @ApiResponse( responseCode = "200", @@ -346,11 +404,18 @@ public interface MavenManagedRepositoryService @Path ( "{id}/co/{namespace}" ) @DELETE @Produces ({ MediaType.APPLICATION_JSON }) - @RedbackAuthorization (noPermission = true) + @RedbackAuthorization ( + permissions = { OPERATION_MANAGE_CONFIGURATION, OPERATION_DELETE_NAMESPACE }, + resource = "{id}" + ) @Operation( summary = "Removes a namespace tree in the repository", security = { @SecurityRequirement( - name = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION + name = OPERATION_MANAGE_CONFIGURATION + ), + @SecurityRequirement( + name = OPERATION_DELETE_NAMESPACE, + scopes = "{id}" ) }, responses = { diff --git a/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/java/org/apache/archiva/rest/services/DefaultRepositoriesService.java b/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/java/org/apache/archiva/rest/services/DefaultRepositoriesService.java index 8a8f0deb9..1df79ed6c 100644 --- a/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/java/org/apache/archiva/rest/services/DefaultRepositoriesService.java +++ b/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/java/org/apache/archiva/rest/services/DefaultRepositoriesService.java @@ -339,7 +339,7 @@ public class DefaultRepositoriesService try { boolean authz = - securitySystem.isAuthorized( securitySession, ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS, + securitySystem.isAuthorized( securitySession, ArchivaRoleConstants.OPERATION_READ_REPOSITORY, artifactTransferRequest.getRepositoryId() ); if ( !authz ) { @@ -357,7 +357,7 @@ public class DefaultRepositoriesService try { boolean authz = - securitySystem.isAuthorized( securitySession, ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD, + securitySystem.isAuthorized( securitySession, ArchivaRoleConstants.OPERATION_ADD_ARTIFACT, artifactTransferRequest.getTargetRepositoryId() ); if ( !authz ) { diff --git a/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/java/org/apache/archiva/rest/v2/svc/DefaultMavenManagedRepositoryService.java b/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/java/org/apache/archiva/rest/v2/svc/DefaultMavenManagedRepositoryService.java index 0c67cd4c9..8296d0444 100644 --- a/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/java/org/apache/archiva/rest/v2/svc/DefaultMavenManagedRepositoryService.java +++ b/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/java/org/apache/archiva/rest/v2/svc/DefaultMavenManagedRepositoryService.java @@ -64,8 +64,8 @@ import java.util.List; import java.util.function.Predicate; import java.util.stream.Collectors; -import static org.apache.archiva.security.common.ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS; -import static org.apache.archiva.security.common.ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD; +import static org.apache.archiva.security.common.ArchivaRoleConstants.OPERATION_READ_REPOSITORY; +import static org.apache.archiva.security.common.ArchivaRoleConstants.OPERATION_ADD_ARTIFACT; /** * @author Martin Stockhammer @@ -327,11 +327,11 @@ public class DefaultMavenManagedRepositoryService implements MavenManagedReposit try { boolean authz = - securitySystem.isAuthorized( securitySession, OPERATION_REPOSITORY_ACCESS, + securitySystem.isAuthorized( securitySession, OPERATION_READ_REPOSITORY, srcRepositoryId ); if ( !authz ) { - throw new ArchivaRestServiceException(ErrorMessage.of( ErrorKeys.PERMISSION_REPOSITORY_DENIED, srcRepositoryId, OPERATION_REPOSITORY_ACCESS ), 403); + throw new ArchivaRestServiceException(ErrorMessage.of( ErrorKeys.PERMISSION_REPOSITORY_DENIED, srcRepositoryId, OPERATION_READ_REPOSITORY ), 403); } } catch ( AuthorizationException e ) @@ -344,11 +344,11 @@ public class DefaultMavenManagedRepositoryService implements MavenManagedReposit try { boolean authz = - securitySystem.isAuthorized( securitySession, ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD, + securitySystem.isAuthorized( securitySession, ArchivaRoleConstants.OPERATION_ADD_ARTIFACT, dstRepositoryId ); if ( !authz ) { - throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.PERMISSION_REPOSITORY_DENIED, dstRepositoryId, OPERATION_REPOSITORY_UPLOAD ) ); + throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.PERMISSION_REPOSITORY_DENIED, dstRepositoryId, OPERATION_ADD_ARTIFACT ) ); } } catch ( AuthorizationException e ) diff --git a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/ArchivaStandardRolesCheck.java b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/ArchivaStandardRolesCheck.java index 4d42f7726..bf5f7c741 100644 --- a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/ArchivaStandardRolesCheck.java +++ b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/ArchivaStandardRolesCheck.java @@ -84,8 +84,8 @@ public class ArchivaStandardRolesCheck ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION, ArchivaRoleConstants.OPERATION_REGENERATE_INDEX, ArchivaRoleConstants.OPERATION_RUN_INDEXER, ArchivaRoleConstants.OPERATION_ACCESS_REPORT, ArchivaRoleConstants.OPERATION_ADD_REPOSITORY, ArchivaRoleConstants.OPERATION_DELETE_REPOSITORY, - ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS, ArchivaRoleConstants.OPERATION_EDIT_REPOSITORY, - ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD, ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS, + ArchivaRoleConstants.OPERATION_READ_REPOSITORY, ArchivaRoleConstants.OPERATION_EDIT_REPOSITORY, + ArchivaRoleConstants.OPERATION_ADD_ARTIFACT, ArchivaRoleConstants.OPERATION_READ_REPOSITORY, "archiva-guest" }; log.info( "Checking the existance of required operations." ); diff --git a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/DefaultUserRepositories.java b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/DefaultUserRepositories.java index 4679bc733..c388a9bd2 100644 --- a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/DefaultUserRepositories.java +++ b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/DefaultUserRepositories.java @@ -64,7 +64,7 @@ public class DefaultUserRepositories public List getObservableRepositoryIds( String principal ) throws PrincipalNotFoundException, AccessDeniedException, ArchivaSecurityException { - String operation = ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS; + String operation = ArchivaRoleConstants.OPERATION_READ_REPOSITORY; return getAccessibleRepositoryIds( principal, operation ); } @@ -73,7 +73,7 @@ public class DefaultUserRepositories public List getManagableRepositoryIds( String principal ) throws PrincipalNotFoundException, AccessDeniedException, ArchivaSecurityException { - String operation = ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD; + String operation = ArchivaRoleConstants.OPERATION_ADD_ARTIFACT; return getAccessibleRepositoryIds( principal, operation ); } @@ -96,12 +96,12 @@ public class DefaultUserRepositories public List getAccessibleRepositories( String principal ) throws ArchivaSecurityException, AccessDeniedException, PrincipalNotFoundException { - return getAccessibleRepositories( principal, ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS ); + return getAccessibleRepositories( principal, ArchivaRoleConstants.OPERATION_READ_REPOSITORY ); } @Override public List getManagableRepositories(String principal) throws ArchivaSecurityException, AccessDeniedException, PrincipalNotFoundException { - return getAccessibleRepositories( principal, ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD ); + return getAccessibleRepositories( principal, ArchivaRoleConstants.OPERATION_ADD_ARTIFACT ); } private List getAccessibleRepositories( String principal, String operation ) @@ -206,7 +206,7 @@ public class DefaultUserRepositories { SecuritySession securitySession = createSession( principal ); - return securitySystem.isAuthorized( securitySession, ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD, + return securitySystem.isAuthorized( securitySession, ArchivaRoleConstants.OPERATION_ADD_ARTIFACT, repoId ); } @@ -224,7 +224,7 @@ public class DefaultUserRepositories { SecuritySession securitySession = createSession( principal ); - return securitySystem.isAuthorized( securitySession, ArchivaRoleConstants.OPERATION_REPOSITORY_DELETE, + return securitySystem.isAuthorized( securitySession, ArchivaRoleConstants.OPERATION_DELETE_ARTIFACT, repoId ); } diff --git a/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/archiva/security/ArchivaServletAuthenticatorTest.java b/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/archiva/security/ArchivaServletAuthenticatorTest.java index ce0218e97..9258abea8 100644 --- a/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/archiva/security/ArchivaServletAuthenticatorTest.java +++ b/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/archiva/security/ArchivaServletAuthenticatorTest.java @@ -110,7 +110,7 @@ public class ArchivaServletAuthenticatorTest SecuritySession session = new DefaultSecuritySession( result, user ); boolean isAuthorized = - servletAuth.isAuthorized( request, session, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD ); + servletAuth.isAuthorized( request, session, "corporate", ArchivaRoleConstants.OPERATION_ADD_ARTIFACT ); assertTrue( isAuthorized ); @@ -139,7 +139,7 @@ public class ArchivaServletAuthenticatorTest try { - servletAuth.isAuthorized( request, session, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD ); + servletAuth.isAuthorized( request, session, "corporate", ArchivaRoleConstants.OPERATION_ADD_ARTIFACT ); fail( "UnauthorizedException should have been thrown." ); } catch ( UnauthorizedException e ) @@ -167,7 +167,7 @@ public class ArchivaServletAuthenticatorTest SecuritySession session = new DefaultSecuritySession( result, user ); boolean isAuthorized = - servletAuth.isAuthorized( request, session, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS ); + servletAuth.isAuthorized( request, session, "corporate", ArchivaRoleConstants.OPERATION_READ_REPOSITORY ); assertTrue( isAuthorized ); @@ -188,7 +188,7 @@ public class ArchivaServletAuthenticatorTest SecuritySession session = new DefaultSecuritySession( result, user ); try { - servletAuth.isAuthorized( request, session, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS ); + servletAuth.isAuthorized( request, session, "corporate", ArchivaRoleConstants.OPERATION_READ_REPOSITORY ); fail( "UnauthorizedException should have been thrown." ); } catch ( UnauthorizedException e ) @@ -205,7 +205,7 @@ public class ArchivaServletAuthenticatorTest { assignRepositoryManagerRole( USER_GUEST, "corporate" ); boolean isAuthorized = - servletAuth.isAuthorized( USER_GUEST, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD ); + servletAuth.isAuthorized( USER_GUEST, "corporate", ArchivaRoleConstants.OPERATION_ADD_ARTIFACT ); assertTrue( isAuthorized ); @@ -221,7 +221,7 @@ public class ArchivaServletAuthenticatorTest assignRepositoryObserverRole( USER_GUEST, "corporate" ); boolean isAuthorized = - servletAuth.isAuthorized( USER_GUEST, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD ); + servletAuth.isAuthorized( USER_GUEST, "corporate", ArchivaRoleConstants.OPERATION_ADD_ARTIFACT ); assertFalse( isAuthorized ); // cleanup previously add karma @@ -236,7 +236,7 @@ public class ArchivaServletAuthenticatorTest assignRepositoryObserverRole( USER_GUEST, "corporate" ); boolean isAuthorized = - servletAuth.isAuthorized( USER_GUEST, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS ); + servletAuth.isAuthorized( USER_GUEST, "corporate", ArchivaRoleConstants.OPERATION_READ_REPOSITORY ); assertTrue( isAuthorized ); @@ -249,7 +249,7 @@ public class ArchivaServletAuthenticatorTest throws Exception { boolean isAuthorized = - servletAuth.isAuthorized( USER_GUEST, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS ); + servletAuth.isAuthorized( USER_GUEST, "corporate", ArchivaRoleConstants.OPERATION_READ_REPOSITORY ); assertFalse( isAuthorized ); } diff --git a/archiva-modules/archiva-web/archiva-web-common/src/main/java/org/apache/archiva/web/api/FileUploadService.java b/archiva-modules/archiva-web/archiva-web-common/src/main/java/org/apache/archiva/web/api/FileUploadService.java index 215bda188..241349614 100644 --- a/archiva-modules/archiva-web/archiva-web-common/src/main/java/org/apache/archiva/web/api/FileUploadService.java +++ b/archiva-modules/archiva-web/archiva-web-common/src/main/java/org/apache/archiva/web/api/FileUploadService.java @@ -70,7 +70,7 @@ public interface FileUploadService @Path( "save/{repositoryId}/{groupId}/{artifactId}/{version}/{packaging}" ) @GET @Produces( { MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML } ) - @RedbackAuthorization( resource = "{repositoryId}", permissions = ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD ) + @RedbackAuthorization( resource = "{repositoryId}", permissions = ArchivaRoleConstants.OPERATION_ADD_ARTIFACT ) Boolean save( @PathParam( "repositoryId" ) String repositoryId, @PathParam( "groupId" ) String groupId, @PathParam( "artifactId" ) String artifactId, @PathParam( "version" ) String version, @PathParam( "packaging" ) String packaging, @QueryParam( "generatePom" ) boolean generatePom ) diff --git a/archiva-modules/archiva-web/archiva-web-common/src/main/java/org/apache/archiva/web/rss/RssFeedServlet.java b/archiva-modules/archiva-web/archiva-web-common/src/main/java/org/apache/archiva/web/rss/RssFeedServlet.java index 30a15c441..cbd1e862a 100644 --- a/archiva-modules/archiva-web/archiva-web-common/src/main/java/org/apache/archiva/web/rss/RssFeedServlet.java +++ b/archiva-modules/archiva-web/archiva-web-common/src/main/java/org/apache/archiva/web/rss/RssFeedServlet.java @@ -308,7 +308,7 @@ public class RssFeedServlet && servletAuth.isAuthorized( req, // securitySession, // repoId, // - ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS ) ) + ArchivaRoleConstants.OPERATION_READ_REPOSITORY ) ) { return true; } diff --git a/archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/archiva/webdav/util/WebdavMethodUtil.java b/archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/archiva/webdav/util/WebdavMethodUtil.java index cf1a9fd55..ce0675048 100644 --- a/archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/archiva/webdav/util/WebdavMethodUtil.java +++ b/archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/archiva/webdav/util/WebdavMethodUtil.java @@ -53,15 +53,15 @@ public class WebdavMethodUtil } if ( READ_METHODS.contains( method.toUpperCase( Locale.US ) ) ) { - return ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS; + return ArchivaRoleConstants.OPERATION_READ_REPOSITORY; } else if ( "DELETE".equals( method.toUpperCase( Locale.US ) ) ) { - return ArchivaRoleConstants.OPERATION_REPOSITORY_DELETE; + return ArchivaRoleConstants.OPERATION_DELETE_ARTIFACT; } else { - return ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD; + return ArchivaRoleConstants.OPERATION_ADD_ARTIFACT; } } diff --git a/archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/archiva/webdav/RepositoryServletSecurityTest.java b/archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/archiva/webdav/RepositoryServletSecurityTest.java index a73b2f448..6713786ed 100644 --- a/archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/archiva/webdav/RepositoryServletSecurityTest.java +++ b/archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/archiva/webdav/RepositoryServletSecurityTest.java @@ -265,7 +265,7 @@ public class RepositoryServletSecurityTest EasyMock.anyObject( AuthenticationResult.class ) ); EasyMock.expectLastCall().andThrow( new AuthenticationException( "Authentication error" ) ); - servletAuth.isAuthorized( "guest", "internal", ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD ); + servletAuth.isAuthorized( "guest", "internal", ArchivaRoleConstants.OPERATION_ADD_ARTIFACT ); EasyMock.expectLastCall().andThrow( new UnauthorizedException( "'guest' has no write access to repository" ) ); @@ -313,7 +313,7 @@ public class RepositoryServletSecurityTest new AuthenticationException( "Authentication error" ) ); EasyMock.expect( servletAuth.isAuthorized( "guest", "internal", - ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD ) ).andReturn( + ArchivaRoleConstants.OPERATION_ADD_ARTIFACT ) ).andReturn( true ); // ArchivaDavResourceFactory#isAuthorized() @@ -332,7 +332,7 @@ public class RepositoryServletSecurityTest // check if guest has write access EasyMock.expect( servletAuth.isAuthorized( "guest", "internal", - ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD ) ).andReturn( + ArchivaRoleConstants.OPERATION_ADD_ARTIFACT ) ).andReturn( true ); httpAuthControl.replay(); @@ -399,7 +399,7 @@ public class RepositoryServletSecurityTest EasyMock.expect( servletAuth.isAuthorized( anyObject( HttpServletRequest.class ), eq( session ), eq( "internal" ), - eq( ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD ) ) ).andThrow( + eq( ArchivaRoleConstants.OPERATION_ADD_ARTIFACT ) ) ).andThrow( new UnauthorizedException( "User not authorized" ) ); httpAuthControl.replay(); servletAuthControl.replay(); @@ -473,7 +473,7 @@ public class RepositoryServletSecurityTest EasyMock.expect( servletAuth.isAuthorized( anyObject( HttpServletRequest.class ), eq( session ), eq( "internal" ), - eq( ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD ) ) ).andReturn( true ); + eq( ArchivaRoleConstants.OPERATION_ADD_ARTIFACT ) ) ).andReturn( true ); httpAuthControl.replay(); servletAuthControl.replay(); @@ -528,7 +528,7 @@ public class RepositoryServletSecurityTest new AuthenticationException( "Authentication error" ) ); EasyMock.expect( servletAuth.isAuthorized( "guest", "internal", - ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS ) ).andReturn( + ArchivaRoleConstants.OPERATION_READ_REPOSITORY ) ).andReturn( true ); // ArchivaDavResourceFactory#isAuthorized() @@ -547,7 +547,7 @@ public class RepositoryServletSecurityTest EasyMock.expect( servletAuth.isAuthorized( anyObject( HttpServletRequest.class ), eq( session ), eq( "internal" ), - eq( ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS ) ) ).andReturn( true ); + eq( ArchivaRoleConstants.OPERATION_READ_REPOSITORY ) ) ).andReturn( true ); httpAuthControl.replay(); servletAuthControl.replay(); @@ -594,7 +594,7 @@ public class RepositoryServletSecurityTest new AuthenticationException( "Authentication error" ) ); EasyMock.expect( servletAuth.isAuthorized( "guest", "internal", - ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS ) ).andReturn( + ArchivaRoleConstants.OPERATION_READ_REPOSITORY ) ).andReturn( false ); httpAuthControl.replay(); servletAuthControl.replay(); @@ -659,7 +659,7 @@ public class RepositoryServletSecurityTest EasyMock.expect( servletAuth.isAuthorized( anyObject( HttpServletRequest.class ), eq( session ), eq( "internal" ), - eq( ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS ) ) ).andReturn( true ); + eq( ArchivaRoleConstants.OPERATION_READ_REPOSITORY ) ) ).andReturn( true ); httpAuthControl.replay(); servletAuthControl.replay(); @@ -726,7 +726,7 @@ public class RepositoryServletSecurityTest EasyMock.expect( servletAuth.isAuthorized( anyObject( HttpServletRequest.class ), eq( session ), eq( "internal" ), - eq( ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS ) ) ).andThrow( + eq( ArchivaRoleConstants.OPERATION_READ_REPOSITORY ) ) ).andThrow( new UnauthorizedException( "User not authorized to read repository." ) ); httpAuthControl.replay(); servletAuthControl.replay();