[MRM-137] rename security defaults, and make default construction a load-on-start component instead of waiting for requests

git-svn-id: https://svn.apache.org/repos/asf/maven/archiva/trunk@448028 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Brett Porter 2006-09-20 02:01:00 +00:00
parent 7d0e395769
commit 70618a63a9
6 changed files with 30 additions and 34 deletions

View File

@ -19,16 +19,16 @@ package org.apache.maven.archiva.web;
import org.codehaus.plexus.security.user.User; import org.codehaus.plexus.security.user.User;
/** /**
* ArchivaDefaults * ArchivaSecurityDefaults
* *
* NOTE: this is targeted for removal with the forth coming rbac role templating * NOTE: this is targeted for removal with the forth coming rbac role templating
* *
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a> * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
* @version $Id$ * @version $Id$
*/ */
public interface ArchivaDefaults public interface ArchivaSecurityDefaults
{ {
public static final String ROLE = ArchivaDefaults.class.getName(); public static final String ROLE = ArchivaSecurityDefaults.class.getName();
public static final String GUEST_USERNAME = "guest"; public static final String GUEST_USERNAME = "guest";

View File

@ -30,15 +30,15 @@ import org.codehaus.plexus.security.user.UserNotFoundException;
import org.codehaus.plexus.security.policy.UserSecurityPolicy; import org.codehaus.plexus.security.policy.UserSecurityPolicy;
/** /**
* DefaultArchivaDefaults * DefaultArchivaSecurityDefaults
* *
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a> * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
* @version $Id$ * @version $Id$
* @plexus.component role="org.apache.maven.archiva.web.ArchivaDefaults" * @plexus.component role="org.apache.maven.archiva.web.ArchivaSecurityDefaults"
*/ */
public class DefaultArchivaDefaults public class DefaultArchivaSecurityDefaults
extends AbstractLogEnabled extends AbstractLogEnabled
implements ArchivaDefaults, Initializable implements ArchivaSecurityDefaults, Initializable
{ {
/** /**
* @plexus.requirement * @plexus.requirement

View File

@ -22,7 +22,6 @@ import org.apache.maven.archiva.configuration.Configuration;
import org.apache.maven.archiva.configuration.ConfigurationStore; import org.apache.maven.archiva.configuration.ConfigurationStore;
import org.apache.maven.archiva.configuration.ConfigurationStoreException; import org.apache.maven.archiva.configuration.ConfigurationStoreException;
import org.apache.maven.archiva.web.util.RoleManager; import org.apache.maven.archiva.web.util.RoleManager;
import org.apache.maven.archiva.web.ArchivaDefaults;
import org.codehaus.plexus.logging.AbstractLogEnabled; import org.codehaus.plexus.logging.AbstractLogEnabled;
import org.codehaus.plexus.security.rbac.RBACManager; import org.codehaus.plexus.security.rbac.RBACManager;
@ -54,11 +53,6 @@ public class ConfigurationInterceptor
*/ */
private RBACManager rbacManager; private RBACManager rbacManager;
/**
* @plexus.requirement
*/
private ArchivaDefaults archivaDefaults;
/** /**
* *
* @param actionInvocation * @param actionInvocation
@ -68,7 +62,6 @@ public class ConfigurationInterceptor
public String intercept( ActionInvocation actionInvocation ) public String intercept( ActionInvocation actionInvocation )
throws Exception throws Exception
{ {
archivaDefaults.ensureDefaultsExist();
ensureRepoRolesExist(); ensureRepoRolesExist();
// determine if we need an admin account made // determine if we need an admin account made

View File

@ -22,7 +22,7 @@ import org.apache.maven.archiva.configuration.Configuration;
import org.apache.maven.archiva.configuration.ConfigurationStore; import org.apache.maven.archiva.configuration.ConfigurationStore;
import org.apache.maven.archiva.configuration.ConfigurationStoreException; import org.apache.maven.archiva.configuration.ConfigurationStoreException;
import org.apache.maven.archiva.configuration.RepositoryConfiguration; import org.apache.maven.archiva.configuration.RepositoryConfiguration;
import org.apache.maven.archiva.web.ArchivaDefaults; import org.apache.maven.archiva.web.ArchivaSecurityDefaults;
import org.apache.maven.archiva.web.servlet.AbstractPlexusServlet; import org.apache.maven.archiva.web.servlet.AbstractPlexusServlet;
import org.codehaus.plexus.security.authentication.AuthenticationException; import org.codehaus.plexus.security.authentication.AuthenticationException;
import org.codehaus.plexus.security.authentication.AuthenticationResult; import org.codehaus.plexus.security.authentication.AuthenticationResult;
@ -75,7 +75,7 @@ public class RepositoryAccess
/** /**
* @plexus.requirement * @plexus.requirement
*/ */
private ArchivaDefaults archiva; private ArchivaSecurityDefaults archivaSecurity;
/** /**
* List of request methods that fall into the category of 'access' or 'read' of a repository. * List of request methods that fall into the category of 'access' or 'read' of a repository.
@ -143,7 +143,7 @@ public class RepositoryAccess
AuthenticationResult result; AuthenticationResult result;
try try
{ {
result = httpAuth.getAuthenticationResult( request, response, archiva.getGuestUser().getPrincipal() result = httpAuth.getAuthenticationResult( request, response, archivaSecurity.getGuestUser().getPrincipal()
.toString() ); .toString() );
if ( !result.isAuthenticated() ) if ( !result.isAuthenticated() )
@ -177,11 +177,11 @@ public class RepositoryAccess
SecuritySession securitySession = httpAuth.getSecuritySession(); SecuritySession securitySession = httpAuth.getSecuritySession();
try try
{ {
String permission = ArchivaDefaults.REPOSITORY_ACCESS; String permission = ArchivaSecurityDefaults.REPOSITORY_ACCESS;
if ( isWriteRequest ) if ( isWriteRequest )
{ {
permission = ArchivaDefaults.REPOSITORY_UPLOAD; permission = ArchivaSecurityDefaults.REPOSITORY_UPLOAD;
} }
permission += " - " + repoconfig.getId(); permission += " - " + repoconfig.getId();

View File

@ -16,7 +16,7 @@ package org.apache.maven.archiva.web.util;
* limitations under the License. * limitations under the License.
*/ */
import org.apache.maven.archiva.web.ArchivaDefaults; import org.apache.maven.archiva.web.ArchivaSecurityDefaults;
import org.codehaus.plexus.personality.plexus.lifecycle.phase.Initializable; import org.codehaus.plexus.personality.plexus.lifecycle.phase.Initializable;
import org.codehaus.plexus.personality.plexus.lifecycle.phase.InitializationException; import org.codehaus.plexus.personality.plexus.lifecycle.phase.InitializationException;
import org.codehaus.plexus.security.rbac.Permission; import org.codehaus.plexus.security.rbac.Permission;
@ -47,14 +47,14 @@ public class DefaultRoleManager
/** /**
* @plexus.requirement * @plexus.requirement
*/ */
private ArchivaDefaults archivaDefaults; private ArchivaSecurityDefaults archivaSecurity;
private boolean initialized; private boolean initialized;
public void initialize() public void initialize()
throws InitializationException throws InitializationException
{ {
archivaDefaults.ensureDefaultsExist(); archivaSecurity.ensureDefaultsExist();
initialized = true; initialized = true;
} }
@ -91,7 +91,7 @@ public class DefaultRoleManager
throws RbacStoreException throws RbacStoreException
{ {
UserAssignment assignment = manager.createUserAssignment( principal ); UserAssignment assignment = manager.createUserAssignment( principal );
assignment.addRoleName( ArchivaDefaults.SYSTEM_ADMINISTRATOR ); assignment.addRoleName( ArchivaSecurityDefaults.SYSTEM_ADMINISTRATOR );
manager.saveUserAssignment( assignment ); manager.saveUserAssignment( assignment );
} }
@ -105,29 +105,29 @@ public class DefaultRoleManager
repoResource = manager.saveResource( repoResource ); repoResource = manager.saveResource( repoResource );
// make the permissions // make the permissions
Permission editRepo = manager.createPermission( ArchivaDefaults.REPOSITORY_EDIT + " - " + repositoryName ); Permission editRepo = manager.createPermission( ArchivaSecurityDefaults.REPOSITORY_EDIT + " - " + repositoryName );
editRepo.setOperation( manager.getOperation( ArchivaDefaults.REPOSITORY_EDIT_OPERATION ) ); editRepo.setOperation( manager.getOperation( ArchivaSecurityDefaults.REPOSITORY_EDIT_OPERATION ) );
editRepo.setResource( repoResource ); editRepo.setResource( repoResource );
editRepo = manager.savePermission( editRepo ); editRepo = manager.savePermission( editRepo );
Permission deleteRepo = manager.createPermission( ArchivaDefaults.REPOSITORY_DELETE + " - " + repositoryName ); Permission deleteRepo = manager.createPermission( ArchivaSecurityDefaults.REPOSITORY_DELETE + " - " + repositoryName );
deleteRepo.setOperation( manager.getOperation( ArchivaDefaults.REPOSITORY_DELETE_OPERATION ) ); deleteRepo.setOperation( manager.getOperation( ArchivaSecurityDefaults.REPOSITORY_DELETE_OPERATION ) );
deleteRepo.setResource( repoResource ); deleteRepo.setResource( repoResource );
deleteRepo = manager.savePermission( deleteRepo ); deleteRepo = manager.savePermission( deleteRepo );
Permission accessRepo = manager.createPermission( ArchivaDefaults.REPOSITORY_ACCESS + " - " + repositoryName ); Permission accessRepo = manager.createPermission( ArchivaSecurityDefaults.REPOSITORY_ACCESS + " - " + repositoryName );
accessRepo.setOperation( manager.getOperation( ArchivaDefaults.REPOSITORY_ACCESS_OPERATION ) ); accessRepo.setOperation( manager.getOperation( ArchivaSecurityDefaults.REPOSITORY_ACCESS_OPERATION ) );
accessRepo.setResource( repoResource ); accessRepo.setResource( repoResource );
accessRepo = manager.savePermission( accessRepo ); accessRepo = manager.savePermission( accessRepo );
Permission uploadRepo = manager.createPermission( ArchivaDefaults.REPOSITORY_UPLOAD + " - " + repositoryName ); Permission uploadRepo = manager.createPermission( ArchivaSecurityDefaults.REPOSITORY_UPLOAD + " - " + repositoryName );
uploadRepo.setOperation( manager.getOperation( ArchivaDefaults.REPOSITORY_UPLOAD_OPERATION ) ); uploadRepo.setOperation( manager.getOperation( ArchivaSecurityDefaults.REPOSITORY_UPLOAD_OPERATION ) );
uploadRepo.setResource( repoResource ); uploadRepo.setResource( repoResource );
uploadRepo = manager.savePermission( uploadRepo ); uploadRepo = manager.savePermission( uploadRepo );
// make the roles // make the roles
Role repositoryObserver = manager.createRole( "Repository Observer - " + repositoryName ); Role repositoryObserver = manager.createRole( "Repository Observer - " + repositoryName );
repositoryObserver.addPermission( manager.getPermission( ArchivaDefaults.REPORTS_ACCESS_PERMISSION ) ); repositoryObserver.addPermission( manager.getPermission( ArchivaSecurityDefaults.REPORTS_ACCESS_PERMISSION ) );
repositoryObserver.setAssignable( true ); repositoryObserver.setAssignable( true );
repositoryObserver = manager.saveRole( repositoryObserver ); repositoryObserver = manager.saveRole( repositoryObserver );
@ -136,7 +136,7 @@ public class DefaultRoleManager
repositoryManager.addPermission( deleteRepo ); repositoryManager.addPermission( deleteRepo );
repositoryManager.addPermission( accessRepo ); repositoryManager.addPermission( accessRepo );
repositoryManager.addPermission( uploadRepo ); repositoryManager.addPermission( uploadRepo );
repositoryManager.addPermission( manager.getPermission( ArchivaDefaults.REPORTS_GENERATE_PERMISSION ) ); repositoryManager.addPermission( manager.getPermission( ArchivaSecurityDefaults.REPORTS_GENERATE_PERMISSION ) );
repositoryManager.addChildRoleName( repositoryObserver.getName() ); repositoryManager.addChildRoleName( repositoryObserver.getName() );
repositoryManager.setAssignable( true ); repositoryManager.setAssignable( true );
manager.saveRole( repositoryManager ); manager.saveRole( repositoryManager );

View File

@ -227,5 +227,8 @@
<component> <component>
<role>org.apache.maven.archiva.scheduler.RepositoryTaskScheduler</role> <role>org.apache.maven.archiva.scheduler.RepositoryTaskScheduler</role>
</component> </component>
<component>
<role>org.apache.maven.archiva.web.ArchivaSecurityDefaults</role>
</component>
</load-on-start> </load-on-start>
</plexus> </plexus>