Apache
/
archiva
mirror of https://github.com/apache/archiva.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[MRM-137] rename security defaults, and make default construction a load-on-start component instead of waiting for requests 

git-svn-id: https://svn.apache.org/repos/asf/maven/archiva/trunk@448028 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Brett Porter 2006-09-20 02:01:00 +00:00
parent 7d0e395769
commit 70618a63a9
6 changed files with 30 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
archiva-webapp/src/main/java/org/apache/maven/archiva/web/ArchivaDefaults.java → archiva-webapp/src/main/java/org/apache/maven/archiva/web/ArchivaSecurityDefaults.java
View File

@ -19,16 +19,16 @@ package org.apache.maven.archiva.web;
import org.codehaus.plexus.security.user.User;
/**
* ArchivaDefaults
* ArchivaSecurityDefaults
*
* NOTE: this is targeted for removal with the forth coming rbac role templating
*
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
* @version $Id$
*/
public interface ArchivaDefaults
public interface ArchivaSecurityDefaults
{
public static final String ROLE = ArchivaDefaults.class.getName();
public static final String ROLE = ArchivaSecurityDefaults.class.getName();
public static final String GUEST_USERNAME = "guest";

8
archiva-webapp/src/main/java/org/apache/maven/archiva/web/DefaultArchivaDefaults.java → archiva-webapp/src/main/java/org/apache/maven/archiva/web/DefaultArchivaSecurityDefaults.java
View File

@ -30,15 +30,15 @@ import org.codehaus.plexus.security.user.UserNotFoundException;
import org.codehaus.plexus.security.policy.UserSecurityPolicy;
/**
* DefaultArchivaDefaults
* DefaultArchivaSecurityDefaults
*
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
* @version $Id$
* @plexus.component role="org.apache.maven.archiva.web.ArchivaDefaults"
* @plexus.component role="org.apache.maven.archiva.web.ArchivaSecurityDefaults"
*/
public class DefaultArchivaDefaults
public class DefaultArchivaSecurityDefaults
extends AbstractLogEnabled
implements ArchivaDefaults, Initializable
implements ArchivaSecurityDefaults, Initializable
{
/**
* @plexus.requirement

7
archiva-webapp/src/main/java/org/apache/maven/archiva/web/interceptor/ConfigurationInterceptor.java
View File

@ -22,7 +22,6 @@ import org.apache.maven.archiva.configuration.Configuration;
import org.apache.maven.archiva.configuration.ConfigurationStore;
import org.apache.maven.archiva.configuration.ConfigurationStoreException;
import org.apache.maven.archiva.web.util.RoleManager;
import org.apache.maven.archiva.web.ArchivaDefaults;
import org.codehaus.plexus.logging.AbstractLogEnabled;
import org.codehaus.plexus.security.rbac.RBACManager;
@ -54,11 +53,6 @@ public class ConfigurationInterceptor
*/
private RBACManager rbacManager;
/**
* @plexus.requirement
*/
private ArchivaDefaults archivaDefaults;
/**
*
* @param actionInvocation
@ -68,7 +62,6 @@ public class ConfigurationInterceptor
public String intercept( ActionInvocation actionInvocation )
throws Exception
{
archivaDefaults.ensureDefaultsExist();
ensureRepoRolesExist();
// determine if we need an admin account made

12
archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryAccess.java
View File

@ -22,7 +22,7 @@ import org.apache.maven.archiva.configuration.Configuration;
import org.apache.maven.archiva.configuration.ConfigurationStore;
import org.apache.maven.archiva.configuration.ConfigurationStoreException;
import org.apache.maven.archiva.configuration.RepositoryConfiguration;
import org.apache.maven.archiva.web.ArchivaDefaults;
import org.apache.maven.archiva.web.ArchivaSecurityDefaults;
import org.apache.maven.archiva.web.servlet.AbstractPlexusServlet;
import org.codehaus.plexus.security.authentication.AuthenticationException;
import org.codehaus.plexus.security.authentication.AuthenticationResult;
@ -47,7 +47,7 @@ import java.util.Map;
/**
* RepositoryAccess - access read/write to the repository.
*
* @plexus.component role="org.apache.maven.archiva.web.servlet.PlexusServlet"
* @plexus.component role="org.apache.maven.archiva.web.servlet.PlexusServlet"
* role-hint="repositoryAccess"
*
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
@ -75,7 +75,7 @@ public class RepositoryAccess
/**
* @plexus.requirement
*/
private ArchivaDefaults archiva;
private ArchivaSecurityDefaults archivaSecurity;
/**
* List of request methods that fall into the category of 'access' or 'read' of a repository.
@ -143,7 +143,7 @@ public class RepositoryAccess
AuthenticationResult result;
try
{
result = httpAuth.getAuthenticationResult( request, response, archiva.getGuestUser().getPrincipal()
result = httpAuth.getAuthenticationResult( request, response, archivaSecurity.getGuestUser().getPrincipal()
.toString() );
if ( !result.isAuthenticated() )
@ -177,11 +177,11 @@ public class RepositoryAccess
SecuritySession securitySession = httpAuth.getSecuritySession();
try
{
String permission = ArchivaDefaults.REPOSITORY_ACCESS;
String permission = ArchivaSecurityDefaults.REPOSITORY_ACCESS;
if ( isWriteRequest )
{
permission = ArchivaDefaults.REPOSITORY_UPLOAD;
permission = ArchivaSecurityDefaults.REPOSITORY_UPLOAD;
}
permission += " - " + repoconfig.getId();

28
archiva-webapp/src/main/java/org/apache/maven/archiva/web/util/DefaultRoleManager.java
View File

@ -16,7 +16,7 @@ package org.apache.maven.archiva.web.util;
* limitations under the License.
*/
import org.apache.maven.archiva.web.ArchivaDefaults;
import org.apache.maven.archiva.web.ArchivaSecurityDefaults;
import org.codehaus.plexus.personality.plexus.lifecycle.phase.Initializable;
import org.codehaus.plexus.personality.plexus.lifecycle.phase.InitializationException;
import org.codehaus.plexus.security.rbac.Permission;
@ -47,14 +47,14 @@ public class DefaultRoleManager
/**
* @plexus.requirement
*/
private ArchivaDefaults archivaDefaults;
private ArchivaSecurityDefaults archivaSecurity;
private boolean initialized;
public void initialize()
throws InitializationException
{
archivaDefaults.ensureDefaultsExist();
archivaSecurity.ensureDefaultsExist();
initialized = true;
}
@ -91,7 +91,7 @@ public class DefaultRoleManager
throws RbacStoreException
{
UserAssignment assignment = manager.createUserAssignment( principal );
assignment.addRoleName( ArchivaDefaults.SYSTEM_ADMINISTRATOR );
assignment.addRoleName( ArchivaSecurityDefaults.SYSTEM_ADMINISTRATOR );
manager.saveUserAssignment( assignment );
}
@ -105,29 +105,29 @@ public class DefaultRoleManager
repoResource = manager.saveResource( repoResource );
// make the permissions
Permission editRepo = manager.createPermission( ArchivaDefaults.REPOSITORY_EDIT + " - " + repositoryName );
editRepo.setOperation( manager.getOperation( ArchivaDefaults.REPOSITORY_EDIT_OPERATION ) );
Permission editRepo = manager.createPermission( ArchivaSecurityDefaults.REPOSITORY_EDIT + " - " + repositoryName );
editRepo.setOperation( manager.getOperation( ArchivaSecurityDefaults.REPOSITORY_EDIT_OPERATION ) );
editRepo.setResource( repoResource );
editRepo = manager.savePermission( editRepo );
Permission deleteRepo = manager.createPermission( ArchivaDefaults.REPOSITORY_DELETE + " - " + repositoryName );
deleteRepo.setOperation( manager.getOperation( ArchivaDefaults.REPOSITORY_DELETE_OPERATION ) );
Permission deleteRepo = manager.createPermission( ArchivaSecurityDefaults.REPOSITORY_DELETE + " - " + repositoryName );
deleteRepo.setOperation( manager.getOperation( ArchivaSecurityDefaults.REPOSITORY_DELETE_OPERATION ) );
deleteRepo.setResource( repoResource );
deleteRepo = manager.savePermission( deleteRepo );
Permission accessRepo = manager.createPermission( ArchivaDefaults.REPOSITORY_ACCESS + " - " + repositoryName );
accessRepo.setOperation( manager.getOperation( ArchivaDefaults.REPOSITORY_ACCESS_OPERATION ) );
Permission accessRepo = manager.createPermission( ArchivaSecurityDefaults.REPOSITORY_ACCESS + " - " + repositoryName );
accessRepo.setOperation( manager.getOperation( ArchivaSecurityDefaults.REPOSITORY_ACCESS_OPERATION ) );
accessRepo.setResource( repoResource );
accessRepo = manager.savePermission( accessRepo );
Permission uploadRepo = manager.createPermission( ArchivaDefaults.REPOSITORY_UPLOAD + " - " + repositoryName );
uploadRepo.setOperation( manager.getOperation( ArchivaDefaults.REPOSITORY_UPLOAD_OPERATION ) );
Permission uploadRepo = manager.createPermission( ArchivaSecurityDefaults.REPOSITORY_UPLOAD + " - " + repositoryName );
uploadRepo.setOperation( manager.getOperation( ArchivaSecurityDefaults.REPOSITORY_UPLOAD_OPERATION ) );
uploadRepo.setResource( repoResource );
uploadRepo = manager.savePermission( uploadRepo );
// make the roles
Role repositoryObserver = manager.createRole( "Repository Observer - " + repositoryName );
repositoryObserver.addPermission( manager.getPermission( ArchivaDefaults.REPORTS_ACCESS_PERMISSION ) );
repositoryObserver.addPermission( manager.getPermission( ArchivaSecurityDefaults.REPORTS_ACCESS_PERMISSION ) );
repositoryObserver.setAssignable( true );
repositoryObserver = manager.saveRole( repositoryObserver );
@ -136,7 +136,7 @@ public class DefaultRoleManager
repositoryManager.addPermission( deleteRepo );
repositoryManager.addPermission( accessRepo );
repositoryManager.addPermission( uploadRepo );
repositoryManager.addPermission( manager.getPermission( ArchivaDefaults.REPORTS_GENERATE_PERMISSION ) );
repositoryManager.addPermission( manager.getPermission( ArchivaSecurityDefaults.REPORTS_GENERATE_PERMISSION ) );
repositoryManager.addChildRoleName( repositoryObserver.getName() );
repositoryManager.setAssignable( true );
manager.saveRole( repositoryManager );

3
archiva-webapp/src/main/resources/META-INF/plexus/application.xml
View File

@ -227,5 +227,8 @@
<component>
<role>org.apache.maven.archiva.scheduler.RepositoryTaskScheduler</role>
</component>
<component>
<role>org.apache.maven.archiva.web.ArchivaSecurityDefaults</role>
</component>
</load-on-start>
</plexus>