added additional checks for report viewing and generation

git-svn-id: https://svn.apache.org/repos/asf/maven/archiva/trunk@442726 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Jesse McConnell 2006-09-12 21:50:57 +00:00
parent bf694ebfed
commit d671cfc524
4 changed files with 45 additions and 32 deletions

View File

@ -45,7 +45,7 @@ public class DefaultRoleManager
private RBACManager manager;
private boolean initialized;
public void initialize()
throws InitializationException
{
@ -164,13 +164,13 @@ public class DefaultRoleManager
manager.savePermission( editAllUsers );
}
if ( !manager.permissionExists( "Generate All Reports" ) )
if ( !manager.permissionExists( "Generate Reports" ) )
{
Permission editAllUsers = manager.createPermission( "Generate All Reports", "generate-reports",
Permission editAllUsers = manager.createPermission( "Generate Reports", "generate-reports",
manager.getGlobalResource().getIdentifier() );
manager.savePermission( editAllUsers );
}
}
if ( !manager.permissionExists( "Grant Roles" ) )
{
@ -214,7 +214,7 @@ public class DefaultRoleManager
admin.addPermission( manager.getPermission( "Run Indexer" ) );
admin.addPermission( manager.getPermission( "Add Repository" ) );
admin.addPermission( manager.getPermission( "Access Reports") );
admin.addPermission( manager.getPermission( "Generate All Reports") );
admin.addPermission( manager.getPermission( "Generate Reports") );
admin.addPermission( manager.getPermission( "Regenerate Index" ) );
admin.setAssignable( true );
manager.saveRole( admin );
@ -273,26 +273,16 @@ public class DefaultRoleManager
deleteRepo.setResource( repoResource );
deleteRepo = manager.savePermission( deleteRepo );
Permission getReports = manager.createPermission( "Access Reports - " + repositoryName );
getReports.setOperation( manager.getOperation( "access-reports" ) );
getReports.setResource( repoResource );
getReports = manager.savePermission( getReports );
Permission regenReports = manager.createPermission( "generate Reports - " + repositoryName );
regenReports.setOperation( manager.getOperation( "generate-reports" ) );
regenReports.setResource( repoResource );
regenReports = manager.savePermission( regenReports );
// make the roles
Role repositoryObserver = manager.createRole( "Repository Observer - " + repositoryName );
repositoryObserver.addPermission( getReports );
repositoryObserver.addPermission( manager.getPermission( "Access Reports" ) );
repositoryObserver.setAssignable( true );
repositoryObserver = manager.saveRole( repositoryObserver );
Role repositoryManager = manager.createRole( "Repository Manager - " + repositoryName );
repositoryManager.addPermission( editRepo );
repositoryManager.addPermission( deleteRepo );
repositoryManager.addPermission( regenReports );
repositoryManager.addPermission( manager.getPermission( "Generate Reports" ) );
repositoryManager.addChildRoleName( repositoryObserver.getName() );
repositoryManager.setAssignable( true );
manager.saveRole( repositoryManager );

View File

@ -0,0 +1,20 @@
#
# operations
#
addRepositoryOperation=add-repository
editRepositoryOperation=edit-repository
deleteRepositoryOperation=delete-repository
editConfiguration=edit-configuration
runIndexer=run-indexer
regenerateIndex=regenerate-index
accessReports=access-reports
generateReports=generate-reports
editAllUsers=edit-all-users
editUser=edit-user
grantRoles=grant-roles
removeRoles=remove-roles

View File

@ -108,10 +108,10 @@
<my:currentWWUrl action="browse" namespace="/">Browse</my:currentWWUrl>
</li>
</ul>
<pss:ifAnyAuthorized permissions="edit-all-users,get-reports,edit-configuration">
<pss:ifAnyAuthorized permissions="edit-all-users,access-reports,edit-configuration">
<h5>Manage</h5>
<ul>
<pss:ifAuthorized permission="get-reports">
<pss:ifAuthorized permission="access-reports">
<li class="none">
<my:currentWWUrl action="reports" namespace="/admin">Reports</my:currentWWUrl>
</li>

View File

@ -18,6 +18,7 @@
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<%@ taglib prefix="pss" uri="plexusSecuritySystem" %>
<html>
<head>
@ -33,14 +34,16 @@
<div id="contentArea">
<ww:form action="reports" namespace="/admin">
<ww:select list="reports" label="Report" name="reportGroup" onchange="document.reports.submit();"/>
<ww:select list="configuration.repositories" listKey="id" listValue="name" label="Repository" headerKey="-"
headerValue="(All repositories)" name="repositoryId" onchange="document.reports.submit();"/>
<ww:select list="reports[reportGroup].reports" label="Filter" headerKey="-" headerValue="(All Problems)"
name="filter" onchange="document.reports.submit();"/>
<ww:submit value="Get Report"/>
</ww:form>
<pss:ifAnyAuthorized permissions="generate-reports">
<ww:form action="reports" namespace="/admin">
<ww:select list="reports" label="Report" name="reportGroup" onchange="document.reports.submit();"/>
<ww:select list="configuration.repositories" listKey="id" listValue="name" label="Repository" headerKey="-"
headerValue="(All repositories)" name="repositoryId" onchange="document.reports.submit();"/>
<ww:select list="reports[reportGroup].reports" label="Filter" headerKey="-" headerValue="(All Problems)"
name="filter" onchange="document.reports.submit();"/>
<ww:submit value="Get Report"/>
</ww:form>
</pss:ifAnyAuthorized>
<ww:set name="databases" value="databases"/>
<c:forEach items="${databases}" var="database">
@ -52,13 +55,13 @@
--%>
<c:choose>
<c:when test="${!database.inProgress}">
<c:set var="url">
<ww:url action="runReport" namespace="/admin">
<ww:param name="repositoryId" value="%{'${database.repository.id}'}"/>
<pss:ifAuthorized permission="generate-reports">
<ww:url id="regenerateReportUrl" action="runReport" namespace="/admin">
<ww:param name="repositoryId">${database.repository.id}</ww:param>
<ww:param name="reportGroup" value="reportGroup"/>
</ww:url>
</c:set>
<a href="${url}">Regenerate Report</a>
<ww:a href="%{regenerateReportUrl}">Regenerate Report</ww:a>
</pss:ifAuthorized>
</c:when>
<c:otherwise>
<!-- TODO: would be good to have a generic task/job mechanism that tracked progress and ability to run