[MRM-1232] Unable to get artifacts from repositories which requires Repository Manager role using repository group

o if at least one unauthorizeddavexception exists in the compiled errors from the repositories in the group, send back a 401 error to force maven to send 
attach credentials to the request
o added tests


git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@803795 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Maria Odea B. Ching 2009-08-13 07:16:35 +00:00
parent d150a6ed98
commit 8b3037bfdc
2 changed files with 400 additions and 12 deletions

View File

@ -336,13 +336,12 @@ public class ArchivaDavResourceFactory
String activePrincipal, List<String> resourcesInAbsolutePath ) String activePrincipal, List<String> resourcesInAbsolutePath )
throws DavException throws DavException
{ {
DavResource resource = null; DavResource resource = null;
DavException storedException = null; List<DavException> storedExceptions = new ArrayList<DavException>();
for ( String repositoryId : repositories ) for ( String repositoryId : repositories )
{ {
ManagedRepositoryContent managedRepository = null; ManagedRepositoryContent managedRepository = null;
try try
{ {
managedRepository = repositoryFactory.getManagedRepositoryContent( repositoryId ); managedRepository = repositoryFactory.getManagedRepositoryContent( repositoryId );
@ -373,16 +372,25 @@ public class ArchivaDavResourceFactory
resourcesInAbsolutePath.add( new File( managedRepository.getRepoRoot(), logicalResource ).getAbsolutePath() ); resourcesInAbsolutePath.add( new File( managedRepository.getRepoRoot(), logicalResource ).getAbsolutePath() );
} }
catch ( DavException e ) catch ( DavException e )
{ {
storedException = e; storedExceptions.add( e );
} }
} }
if ( resource == null ) if ( resource == null )
{ {
if ( storedException != null ) if ( !storedExceptions.isEmpty() )
{ {
throw storedException; // MRM-1232
for( DavException e : storedExceptions )
{
if( 401 == e.getErrorCode() )
{
throw e;
}
}
throw new DavException( HttpServletResponse.SC_NOT_FOUND );
} }
else else
{ {
@ -404,8 +412,7 @@ public class ArchivaDavResourceFactory
{ {
path = path.substring( 1 ); path = path.substring( 1 );
} }
LogicalResource logicalResource = new LogicalResource( path ); LogicalResource logicalResource = new LogicalResource( path );
File resourceFile = new File( managedRepository.getRepoRoot(), path ); File resourceFile = new File( managedRepository.getRepoRoot(), path );
resource = resource =
new ArchivaDavResource( resourceFile.getAbsolutePath(), path, new ArchivaDavResource( resourceFile.getAbsolutePath(), path,
@ -915,7 +922,7 @@ public class ArchivaDavResourceFactory
return resource; return resource;
} }
private String getActivePrincipal( DavServletRequest request ) protected String getActivePrincipal( DavServletRequest request )
{ {
User sessionUser = httpAuth.getSessionUser( request.getSession() ); User sessionUser = httpAuth.getSessionUser( request.getSession() );
return sessionUser != null ? sessionUser.getUsername() : UserManager.GUEST_USERNAME; return sessionUser != null ? sessionUser.getUsername() : UserManager.GUEST_USERNAME;
@ -1035,4 +1042,19 @@ public class ArchivaDavResourceFactory
{ {
this.scheduler = scheduler; this.scheduler = scheduler;
} }
public void setArchivaConfiguration( ArchivaConfiguration archivaConfiguration )
{
this.archivaConfiguration = archivaConfiguration;
}
public void setRepositoryFactory( RepositoryContentFactory repositoryFactory )
{
this.repositoryFactory = repositoryFactory;
}
public void setRepositoryRequest( RepositoryRequest repositoryRequest )
{
this.repositoryRequest = repositoryRequest;
}
} }

View File

@ -0,0 +1,366 @@
package org.apache.maven.archiva.webdav;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import java.io.File;
import java.util.ArrayList;
import java.util.List;
import org.apache.jackrabbit.webdav.DavException;
import org.apache.jackrabbit.webdav.DavResourceLocator;
import org.apache.jackrabbit.webdav.DavServletRequest;
import org.apache.jackrabbit.webdav.DavServletResponse;
import org.apache.maven.archiva.configuration.ArchivaConfiguration;
import org.apache.maven.archiva.configuration.Configuration;
import org.apache.maven.archiva.configuration.ManagedRepositoryConfiguration;
import org.apache.maven.archiva.configuration.RepositoryGroupConfiguration;
import org.apache.maven.archiva.repository.ManagedRepositoryContent;
import org.apache.maven.archiva.repository.RepositoryContentFactory;
import org.apache.maven.archiva.repository.content.ManagedDefaultRepositoryContent;
import org.apache.maven.archiva.repository.content.RepositoryRequest;
import org.codehaus.plexus.spring.PlexusInSpringTestCase;
import org.easymock.MockControl;
import org.easymock.classextension.MockClassControl;
/**
* ArchivaDavResourceFactoryTest
*/
public class ArchivaDavResourceFactoryTest
extends PlexusInSpringTestCase
{
private static final String RELEASES_REPO = "releases";
private static final String INTERNAL_REPO = "internal";
private static final String LOCAL_MIRROR_REPO = "local-mirror";
private static final String LOCAL_REPO_GROUP = "local";
private OverridingArchivaDavResourceFactory resourceFactory;
private MockControl requestControl;
private DavServletRequest request;
private MockControl repoRequestControl;
private RepositoryRequest repoRequest;
private DavServletResponse response;
private MockControl archivaConfigurationControl;
private ArchivaConfiguration archivaConfiguration;
private Configuration config;
private MockControl repoContentFactoryControl;
private RepositoryContentFactory repoFactory;
public void setUp()
throws Exception
{
super.setUp();
requestControl = MockControl.createControl( DavServletRequest.class );
request = (DavServletRequest) requestControl.getMock();
archivaConfigurationControl = MockControl.createControl( ArchivaConfiguration.class );
archivaConfiguration = (ArchivaConfiguration) archivaConfigurationControl.getMock();
config = new Configuration();
config.addManagedRepository( createManagedRepository(
RELEASES_REPO,
new File( getBasedir(), "target/test-classes/releases" ).getPath() ) );
config.addManagedRepository( createManagedRepository(
INTERNAL_REPO,
new File( getBasedir(), "target/test-classes/internal" ).getPath() ) );
RepositoryGroupConfiguration repoGroupConfig = new RepositoryGroupConfiguration();
repoGroupConfig.setId( LOCAL_REPO_GROUP );
repoGroupConfig.addRepository( RELEASES_REPO );
repoGroupConfig.addRepository( INTERNAL_REPO );
config.addRepositoryGroup( repoGroupConfig );
repoContentFactoryControl = MockClassControl.createControl( RepositoryContentFactory.class );
repoFactory = (RepositoryContentFactory) repoContentFactoryControl.getMock();
repoRequestControl = MockClassControl.createControl( RepositoryRequest.class );
repoRequest = (RepositoryRequest) repoRequestControl.getMock();
resourceFactory = new OverridingArchivaDavResourceFactory();
resourceFactory.setArchivaConfiguration( archivaConfiguration );
resourceFactory.setRepositoryFactory( repoFactory );
resourceFactory.setRepositoryRequest( repoRequest );
}
private ManagedRepositoryConfiguration createManagedRepository( String id, String location )
{
ManagedRepositoryConfiguration repoConfig = new ManagedRepositoryConfiguration();
repoConfig.setId( id );
repoConfig.setName( id );
repoConfig.setLocation( location );
return repoConfig;
}
private ManagedRepositoryContent createManagedRepositoryContent( String repoId )
{
ManagedRepositoryContent repoContent = new ManagedDefaultRepositoryContent();
repoContent.setRepository( config.findManagedRepositoryById( repoId ) );
return repoContent;
}
public void tearDown()
throws Exception
{
super.tearDown();
}
// MRM-1232 - Unable to get artifacts from repositories which requires Repository Manager role using repository group
public void testRepositoryGroupFirstRepositoryRequiresAuthentication()
throws Exception
{
DavResourceLocator locator =
new ArchivaDavResourceLocator( "", "/org/apache/archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar",
LOCAL_REPO_GROUP, new ArchivaDavLocatorFactory() );
ManagedRepositoryContent internalRepo = createManagedRepositoryContent( INTERNAL_REPO );
try
{
archivaConfigurationControl.expectAndReturn( archivaConfiguration.getConfiguration(), config );
requestControl.expectAndReturn( request.getMethod(), "GET", 2 );
repoContentFactoryControl.expectAndReturn( repoFactory.getManagedRepositoryContent( RELEASES_REPO ),
createManagedRepositoryContent( RELEASES_REPO ) );
requestControl.expectAndReturn( request.getRemoteAddr(), "http://localhost:8080", 2 );
requestControl.expectAndReturn( request.getDavSession(), new ArchivaDavSession(), 2 );
repoRequestControl.expectAndReturn(
repoRequest.isSupportFile( "archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar" ),
false );
repoRequestControl.expectAndReturn(
repoRequest.isDefault( "archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar" ),
false );
repoRequestControl.expectAndReturn(
repoRequest.toArtifactReference( "archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar" ),
null );
repoRequestControl.expectAndReturn(
repoRequest.toNativePath(
"archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar",
internalRepo ),
new File(
config.findManagedRepositoryById( INTERNAL_REPO ).getLocation(),
"target/test-classes/internal/org/apache/archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar" ).getPath() );
repoContentFactoryControl.expectAndReturn( repoFactory.getManagedRepositoryContent( INTERNAL_REPO ),
internalRepo );
archivaConfigurationControl.replay();
requestControl.replay();
repoContentFactoryControl.replay();
repoRequestControl.replay();
resourceFactory.createResource( locator, request, response );
archivaConfigurationControl.verify();
requestControl.verify();
repoContentFactoryControl.verify();
repoRequestControl.verify();
fail( "A DavException with 401 error code should have been thrown." );
}
catch ( DavException e )
{
assertEquals( 401, e.getErrorCode() );
}
}
public void testRepositoryGroupLastRepositoryRequiresAuthentication()
throws Exception
{
DavResourceLocator locator =
new ArchivaDavResourceLocator( "", "/org/apache/archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar",
LOCAL_REPO_GROUP, new ArchivaDavLocatorFactory() );
List<RepositoryGroupConfiguration> repoGroups = new ArrayList<RepositoryGroupConfiguration>();
RepositoryGroupConfiguration repoGroup = new RepositoryGroupConfiguration();
repoGroup.setId( LOCAL_REPO_GROUP );
repoGroup.addRepository( INTERNAL_REPO );
repoGroup.addRepository( RELEASES_REPO );
repoGroups.add( repoGroup );
config.setRepositoryGroups( repoGroups );
ManagedRepositoryContent internalRepo = createManagedRepositoryContent( INTERNAL_REPO );
try
{
archivaConfigurationControl.expectAndReturn( archivaConfiguration.getConfiguration(), config );
requestControl.expectAndReturn( request.getMethod(), "GET", 2 );
repoContentFactoryControl.expectAndReturn( repoFactory.getManagedRepositoryContent( INTERNAL_REPO ),
internalRepo );
repoContentFactoryControl.expectAndReturn( repoFactory.getManagedRepositoryContent( RELEASES_REPO ),
createManagedRepositoryContent( RELEASES_REPO ) );
requestControl.expectAndReturn( request.getRemoteAddr(), "http://localhost:8080", 2 );
requestControl.expectAndReturn( request.getDavSession(), new ArchivaDavSession(), 2 );
repoRequestControl.expectAndReturn(
repoRequest.isSupportFile( "archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar" ),
false );
repoRequestControl.expectAndReturn(
repoRequest.isDefault( "archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar" ),
false );
repoRequestControl.expectAndReturn(
repoRequest.toArtifactReference( "archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar" ),
null );
repoRequestControl.expectAndReturn(
repoRequest.toNativePath(
"archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar",
internalRepo ),
new File(
config.findManagedRepositoryById( INTERNAL_REPO ).getLocation(),
"target/test-classes/internal/org/apache/archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar" ).getPath() );
archivaConfigurationControl.replay();
requestControl.replay();
repoContentFactoryControl.replay();
repoRequestControl.replay();
resourceFactory.createResource( locator, request, response );
archivaConfigurationControl.verify();
requestControl.verify();
repoContentFactoryControl.verify();
repoRequestControl.verify();
fail( "A DavException with 401 error code should have been thrown." );
}
catch ( DavException e )
{
assertEquals( 401, e.getErrorCode() );
}
}
public void testRepositoryGroupArtifactDoesNotExistInAnyOfTheReposAuthenticationDisabled()
throws Exception
{
DavResourceLocator locator =
new ArchivaDavResourceLocator( "", "/org/apache/archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar",
LOCAL_REPO_GROUP, new ArchivaDavLocatorFactory() );
config.addManagedRepository( createManagedRepository( LOCAL_MIRROR_REPO,
new File( getBasedir(),
"target/test-classes/local-mirror" ).getPath() ) );
List<RepositoryGroupConfiguration> repoGroups = new ArrayList<RepositoryGroupConfiguration>();
RepositoryGroupConfiguration repoGroup = new RepositoryGroupConfiguration();
repoGroup.setId( LOCAL_REPO_GROUP );
repoGroup.addRepository( INTERNAL_REPO );
repoGroup.addRepository( LOCAL_MIRROR_REPO );
repoGroups.add( repoGroup );
config.setRepositoryGroups( repoGroups );
ManagedRepositoryContent internalRepo = createManagedRepositoryContent( INTERNAL_REPO );
ManagedRepositoryContent localMirrorRepo = createManagedRepositoryContent( LOCAL_MIRROR_REPO );
try
{
archivaConfigurationControl.expectAndReturn( archivaConfiguration.getConfiguration(), config );
requestControl.expectAndReturn( request.getMethod(), "GET", 4 );
repoContentFactoryControl.expectAndReturn( repoFactory.getManagedRepositoryContent( INTERNAL_REPO ),
internalRepo );
repoContentFactoryControl.expectAndReturn( repoFactory.getManagedRepositoryContent( LOCAL_MIRROR_REPO ),
localMirrorRepo );
requestControl.expectAndReturn( request.getRemoteAddr(), "http://localhost:8080", 4 );
requestControl.expectAndReturn( request.getDavSession(), new ArchivaDavSession(), 4 );
repoRequestControl.expectAndReturn(
repoRequest.isSupportFile( "archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar" ),
false, 2 );
repoRequestControl.expectAndReturn(
repoRequest.isDefault( "archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar" ),
false, 2 );
repoRequestControl.expectAndReturn(
repoRequest.toArtifactReference( "archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar" ),
null, 2 );
repoRequestControl.expectAndReturn(
repoRequest.toNativePath(
"archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar",
internalRepo ),
new File(
config.findManagedRepositoryById( INTERNAL_REPO ).getLocation(),
"target/test-classes/internal/org/apache/archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar" ).getPath() );
repoRequestControl.expectAndReturn(
repoRequest.toNativePath(
"archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar",
localMirrorRepo ),
new File(
config.findManagedRepositoryById( LOCAL_MIRROR_REPO ).getLocation(),
"target/test-classes/internal/org/apache/archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar" ).getPath() );
archivaConfigurationControl.replay();
requestControl.replay();
repoContentFactoryControl.replay();
repoRequestControl.replay();
resourceFactory.createResource( locator, request, response );
archivaConfigurationControl.verify();
requestControl.verify();
repoContentFactoryControl.verify();
repoRequestControl.verify();
fail( "A DavException with 404 error code should have been thrown." );
}
catch ( DavException e )
{
assertEquals( 404, e.getErrorCode() );
}
}
class OverridingArchivaDavResourceFactory
extends ArchivaDavResourceFactory
{
protected boolean isAuthorized( DavServletRequest request, String repositoryId )
throws DavException
{
if ( RELEASES_REPO.equals( repositoryId ) )
{
throw new UnauthorizedDavException( repositoryId,
"You are not authenticated and authorized to access any repository." );
}
else
{
return true;
}
}
protected String getActivePrincipal( DavServletRequest request )
{
return "guest";
}
}
}