mirror of https://github.com/apache/archiva.git
[MRM-1736] map roles to ldap groups
git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@1460935 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
40c462af88
commit
bdabf612a2
|
@ -1512,6 +1512,15 @@
|
|||
<type>LdapConfiguration</type>
|
||||
</association>
|
||||
</field>
|
||||
<field>
|
||||
<name>ldapGroupMappings</name>
|
||||
<description>LdapGroupMappings</description>
|
||||
<version>1.4.0+</version>
|
||||
<association>
|
||||
<type>LdapGroupMapping</type>
|
||||
<multiplicity>*</multiplicity>
|
||||
</association>
|
||||
</field>
|
||||
<field>
|
||||
<name>configurationProperties</name>
|
||||
<description>extra properties for redback configuration. String/String</description>
|
||||
|
@ -1673,6 +1682,29 @@
|
|||
</fields>
|
||||
</class>
|
||||
|
||||
<class>
|
||||
<name>LdapGroupMapping</name>
|
||||
<version>1.4.0+</version>
|
||||
<description>configuration of a LDAP group to Archiva roles</description>
|
||||
<fields>
|
||||
<field>
|
||||
<name>group</name>
|
||||
<description>LDAP Group</description>
|
||||
<version>1.4.0+</version>
|
||||
<type>String</type>
|
||||
</field>
|
||||
<field>
|
||||
<name>roleNames</name>
|
||||
<version>1.4.0+</version>
|
||||
<description>Archiva roles.</description>
|
||||
<association>
|
||||
<type>String</type>
|
||||
<multiplicity>*</multiplicity>
|
||||
</association>
|
||||
</field>
|
||||
</fields>
|
||||
</class>
|
||||
|
||||
</classes>
|
||||
</model>
|
||||
|
||||
|
|
|
@ -67,6 +67,11 @@ public class RedbackRuntimeConfiguration
|
|||
|
||||
private CacheConfiguration usersCacheConfiguration;
|
||||
|
||||
/**
|
||||
* Field ldapGroupMappings.
|
||||
*/
|
||||
private List<LdapGroupMapping> ldapGroupMappings;
|
||||
|
||||
public RedbackRuntimeConfiguration()
|
||||
{
|
||||
// no op
|
||||
|
@ -170,6 +175,16 @@ public class RedbackRuntimeConfiguration
|
|||
this.rbacManagerImpls = rbacManagerImpls;
|
||||
}
|
||||
|
||||
public List<LdapGroupMapping> getLdapGroupMappings()
|
||||
{
|
||||
return ldapGroupMappings;
|
||||
}
|
||||
|
||||
public void setLdapGroupMappings( List<LdapGroupMapping> ldapGroupMappings )
|
||||
{
|
||||
this.ldapGroupMappings = ldapGroupMappings;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString()
|
||||
{
|
||||
|
|
|
@ -22,12 +22,11 @@ import net.sf.beanlib.provider.replicator.BeanReplicator;
|
|||
import org.apache.archiva.admin.model.RepositoryAdminException;
|
||||
import org.apache.archiva.admin.model.beans.CacheConfiguration;
|
||||
import org.apache.archiva.admin.model.beans.LdapConfiguration;
|
||||
import org.apache.archiva.admin.model.beans.LdapGroupMapping;
|
||||
import org.apache.archiva.admin.model.beans.RedbackRuntimeConfiguration;
|
||||
import org.apache.archiva.admin.model.runtime.RedbackRuntimeConfigurationAdmin;
|
||||
import org.apache.archiva.configuration.ArchivaConfiguration;
|
||||
import org.apache.archiva.configuration.Configuration;
|
||||
import org.apache.archiva.configuration.ConfigurationEvent;
|
||||
import org.apache.archiva.configuration.ConfigurationListener;
|
||||
import org.apache.archiva.configuration.IndeterminateConfigurationException;
|
||||
import org.apache.archiva.redback.components.cache.Cache;
|
||||
import org.apache.archiva.redback.components.registry.RegistryException;
|
||||
|
@ -42,6 +41,7 @@ import org.springframework.stereotype.Service;
|
|||
import javax.annotation.PostConstruct;
|
||||
import javax.inject.Inject;
|
||||
import javax.inject.Named;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
|
@ -53,7 +53,7 @@ import java.util.Set;
|
|||
* @author Olivier Lamy
|
||||
* @since 1.4-M4
|
||||
*/
|
||||
@Service("userConfiguration#archiva")
|
||||
@Service( "redbackRuntimeConfigurationAdmin#default" )
|
||||
public class DefaultRedbackRuntimeConfigurationAdmin
|
||||
implements RedbackRuntimeConfigurationAdmin, UserConfiguration
|
||||
{
|
||||
|
@ -64,11 +64,11 @@ public class DefaultRedbackRuntimeConfigurationAdmin
|
|||
private ArchivaConfiguration archivaConfiguration;
|
||||
|
||||
@Inject
|
||||
@Named(value = "userConfiguration#redback")
|
||||
UserConfiguration userConfiguration;
|
||||
@Named( value = "userConfiguration#redback" )
|
||||
private UserConfiguration userConfiguration;
|
||||
|
||||
@Inject
|
||||
@Named(value = "cache#users")
|
||||
@Named( value = "cache#users" )
|
||||
private Cache usersCache;
|
||||
|
||||
@PostConstruct
|
||||
|
@ -149,6 +149,31 @@ public class DefaultRedbackRuntimeConfigurationAdmin
|
|||
userConfiguration.getBoolean( UserConfigurationKeys.LDAP_BIND_AUTHENTICATOR_ENABLED, false );
|
||||
ldapConfiguration.setBindAuthenticatorEnabled( ldapBindAuthenticatorEnabled );
|
||||
|
||||
// LDAP groups mapping reading !!
|
||||
// UserConfigurationKeys.LDAP_GROUPS_ROLE_START_KEY
|
||||
// userConfiguration.getKeys()
|
||||
|
||||
Collection<String> keys = userConfiguration.getKeys();
|
||||
|
||||
List<LdapGroupMapping> ldapGroupMappings = new ArrayList<LdapGroupMapping>();
|
||||
|
||||
for ( String key : keys )
|
||||
{
|
||||
if ( key.startsWith( UserConfigurationKeys.LDAP_GROUPS_ROLE_START_KEY ) )
|
||||
{
|
||||
String group =
|
||||
StringUtils.substringAfter( key, UserConfigurationKeys.LDAP_GROUPS_ROLE_START_KEY );
|
||||
String val = userConfiguration.getConcatenatedList( key, "" );
|
||||
if ( !StringUtils.isEmpty( val ) )
|
||||
{
|
||||
String[] roles = StringUtils.split( val, ',' );
|
||||
ldapGroupMappings.add( new LdapGroupMapping( group, roles ) );
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
redbackRuntimeConfiguration.setLdapGroupMappings( ldapGroupMappings );
|
||||
|
||||
redbackRuntimeConfiguration.setMigratedFromRedbackConfiguration( true );
|
||||
|
||||
updateRedbackRuntimeConfiguration( redbackRuntimeConfiguration );
|
||||
|
@ -300,6 +325,20 @@ public class DefaultRedbackRuntimeConfigurationAdmin
|
|||
redbackRuntimeConfiguration.setUsersCacheConfiguration( new CacheConfiguration() );
|
||||
}
|
||||
|
||||
List<org.apache.archiva.configuration.LdapGroupMapping> mappings = runtimeConfiguration.getLdapGroupMappings();
|
||||
|
||||
if ( mappings != null && mappings.size() > 0 )
|
||||
{
|
||||
List<LdapGroupMapping> ldapGroupMappings = new ArrayList<LdapGroupMapping>( mappings.size() );
|
||||
|
||||
for ( org.apache.archiva.configuration.LdapGroupMapping mapping : mappings )
|
||||
{
|
||||
ldapGroupMappings.add( new LdapGroupMapping( mapping.getGroup(), mapping.getRoleNames() ) );
|
||||
}
|
||||
|
||||
redbackRuntimeConfiguration.setLdapGroupMappings( ldapGroupMappings );
|
||||
}
|
||||
|
||||
cleanupProperties( redbackRuntimeConfiguration );
|
||||
|
||||
return redbackRuntimeConfiguration;
|
||||
|
@ -359,10 +398,30 @@ public class DefaultRedbackRuntimeConfigurationAdmin
|
|||
new BeanReplicator().replicateBean( archivaRuntimeConfiguration.getUsersCacheConfiguration(),
|
||||
org.apache.archiva.configuration.CacheConfiguration.class ) );
|
||||
|
||||
List<LdapGroupMapping> ldapGroupMappings = archivaRuntimeConfiguration.getLdapGroupMappings();
|
||||
|
||||
if ( ldapGroupMappings != null && ldapGroupMappings.size() > 0 )
|
||||
{
|
||||
|
||||
List<org.apache.archiva.configuration.LdapGroupMapping> mappings =
|
||||
new ArrayList<org.apache.archiva.configuration.LdapGroupMapping>( ldapGroupMappings.size() );
|
||||
|
||||
for ( LdapGroupMapping ldapGroupMapping : ldapGroupMappings )
|
||||
{
|
||||
|
||||
org.apache.archiva.configuration.LdapGroupMapping mapping =
|
||||
new org.apache.archiva.configuration.LdapGroupMapping();
|
||||
mapping.setGroup( ldapGroupMapping.getGroup() );
|
||||
mapping.setRoleNames( new ArrayList<String>( ldapGroupMapping.getRoleNames() ) );
|
||||
mappings.add( mapping );
|
||||
|
||||
}
|
||||
redbackRuntimeConfiguration.setLdapGroupMappings( mappings );
|
||||
}
|
||||
return redbackRuntimeConfiguration;
|
||||
}
|
||||
|
||||
// wrapper for UserConfiguration to intercept values (and store it not yet migrated
|
||||
// wrapper for UserConfiguration to intercept values (and store it not yet migrated)
|
||||
|
||||
|
||||
public String getString( String key )
|
||||
|
@ -373,6 +432,18 @@ public class DefaultRedbackRuntimeConfigurationAdmin
|
|||
return getRedbackRuntimeConfiguration().getUserManagerImpls().get( 0 );
|
||||
}
|
||||
|
||||
if ( StringUtils.startsWith( key, UserConfigurationKeys.LDAP_GROUPS_ROLE_START_KEY ) )
|
||||
{
|
||||
RedbackRuntimeConfiguration redbackRuntimeConfiguration = getRedbackRuntimeConfiguration();
|
||||
int index = redbackRuntimeConfiguration.getLdapGroupMappings().indexOf( new LdapGroupMapping(
|
||||
StringUtils.substringAfter( key, UserConfigurationKeys.LDAP_GROUPS_ROLE_START_KEY ) ) );
|
||||
if ( index > -1 )
|
||||
{
|
||||
return StringUtils.join( redbackRuntimeConfiguration.getLdapGroupMappings().get( index ).getRoleNames(),
|
||||
',' );
|
||||
}
|
||||
}
|
||||
|
||||
RedbackRuntimeConfiguration conf = getRedbackRuntimeConfiguration();
|
||||
|
||||
if ( conf.getConfigurationProperties().containsKey( key ) )
|
||||
|
|
|
@ -31,6 +31,6 @@
|
|||
<context:component-scan
|
||||
base-package="org.apache.archiva.admin.repository"/>
|
||||
|
||||
|
||||
<alias name="redbackRuntimeConfigurationAdmin#default" alias="userConfiguration#archiva"/>
|
||||
|
||||
</beans>
|
|
@ -45,6 +45,8 @@
|
|||
|
||||
<alias name="ldapConnectionFactory#archiva" alias="ldapConnectionFactory"/>
|
||||
<alias name="ldapConnectionFactory#archiva" alias="ldapConnectionFactory#configurable"/>
|
||||
|
||||
<alias name="ldapRoleMapperConfiguration#archiva" alias="ldapRoleMapperConfiguration#default"/>
|
||||
|
||||
|
||||
<bean id="loggerManager" class="org.codehaus.plexus.logging.slf4j.Slf4jLoggerManager"
|
||||
|
|
|
@ -1727,7 +1727,7 @@ define("archiva.general-admin",["jquery","i18n","utils","jquery.tmpl","knockout"
|
|||
|
||||
addLdapGroupMapping=function(){
|
||||
// FIXME validate datas from ldapGroupMapping
|
||||
$.log("addLdapGroupMapping:"+self.newLdapGroupMapping().group());
|
||||
$.log("addLdapGroupMapping:"+self.newLdapGroupMapping().group()+",roles:"+self.newLdapGroupMapping().roleNames().length);
|
||||
clearUserMessages();
|
||||
|
||||
if (self.newLdapGroupMapping().roleNames().length<1){
|
||||
|
|
Loading…
Reference in New Issue