Apache
/
archiva
mirror of https://github.com/apache/archiva.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

moderately working authz on many of the important jsp pages and improvements in the corresponding actions 

git-svn-id: https://svn.apache.org/repos/asf/maven/archiva/trunk@442672 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Jesse McConnell 2006-09-12 18:44:16 +00:00
parent 1e72457fd7
commit f84cd0a20e
9 changed files with 105 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/AbstractConfigureRepositoryAction.java
View File

@ -98,7 +98,7 @@ public abstract class AbstractConfigureRepositoryAction
{
addRepository();
roleManager.addRepository( getRepoId() );
roleManager.addRepository( repository.getId() );
configurationStore.storeConfiguration( configuration );

1
archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/NewUserAction.java
View File

@ -115,6 +115,7 @@ public class NewUserAction
}
roleManager.addUser( user.getPrincipal().toString() );
addActionMessage( "user " + username + " was successfully registered!");
}
if ( hasActionErrors() )

2
archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/UserManagementAction.java
View File

@ -106,7 +106,7 @@ public class UserManagementAction
// for displaying the potential repositories to be displayed, remove the global resource
// from the list
resources = rbacManager.getAllResources();
resources.remove( rbacManager.getGlobalResource() );
//resources.remove( rbacManager.getGlobalResource() );
// check if the user has any roles assigned to them, and populate the lists for
// rendering assign and remove roles links

27
archiva-webapp/src/main/java/org/apache/maven/archiva/web/util/DefaultRoleManager.java
View File

@ -112,6 +112,12 @@ public class DefaultRoleManager
manager.saveOperation( operation );
}
if ( !manager.operationExists( "grant-roles" ) )
{
Operation operation = manager.createOperation( "grant-roles" );
manager.saveOperation( operation );
}
if ( !manager.operationExists( "remove-roles" ) )
{
Operation operation = manager.createOperation( "remove-roles" );
@ -150,12 +156,20 @@ public class DefaultRoleManager
manager.savePermission( editAllUsers );
}
if ( !manager.permissionExists( "Remove Roles" ) )
if ( !manager.permissionExists( "Grant Roles" ) )
{
Permission editAllUsers = manager.createPermission( "Remove Roles", "remove-roles",
Permission granRoles = manager.createPermission( "Grant Roles", "grant-roles",
manager.getGlobalResource().getIdentifier() );
manager.savePermission( editAllUsers );
manager.savePermission( granRoles );
}
if ( !manager.permissionExists( "Remove Roles" ) )
{
Permission removeRoles = manager.createPermission( "Remove Roles", "remove-roles",
manager.getGlobalResource().getIdentifier() );
manager.savePermission( removeRoles );
}
if ( !manager.permissionExists( "Regenerate Index" ) )
@ -171,6 +185,7 @@ public class DefaultRoleManager
Role userAdmin = manager.createRole( "User Administrator" );
userAdmin.addPermission( manager.getPermission( "Edit All Users" ) );
userAdmin.addPermission( manager.getPermission( "Remove Roles" ) );
userAdmin.addPermission( manager.getPermission( "Grant Roles" ) );
userAdmin.setAssignable( true );
manager.saveRole( userAdmin );
}
@ -178,7 +193,7 @@ public class DefaultRoleManager
if ( !manager.roleExists( "System Administrator" ) )
{
Role admin = manager.createRole( "System Administrator" );
admin.addChildRole( manager.getRole( "User Administrator" ) );
admin.addChildRoleName( manager.getRole( "User Administrator" ).getName() );
admin.addPermission( manager.getPermission( "Edit Configuration" ) );
admin.addPermission( manager.getPermission( "Run Indexer" ) );
admin.addPermission( manager.getPermission( "Add Repository" ) );
@ -250,7 +265,7 @@ public class DefaultRoleManager
regenReports = manager.savePermission( regenReports );
// make the roles
Role repositoryObserver = manager.createRole( "Repository Manager - " + repositoryName );
Role repositoryObserver = manager.createRole( "Repository Observer - " + repositoryName );
repositoryObserver.addPermission( editRepo );
repositoryObserver.setAssignable( true );
repositoryObserver = manager.saveRole( repositoryObserver );
@ -259,7 +274,7 @@ public class DefaultRoleManager
repositoryManager.addPermission( editRepo );
repositoryManager.addPermission( deleteRepo );
repositoryManager.addPermission( regenReports );
repositoryManager.addChildRole( repositoryObserver );
repositoryManager.addChildRoleName( repositoryObserver.getName() );
repositoryManager.setAssignable( true );
manager.saveRole( repositoryManager );

2
archiva-webapp/src/main/resources/xwork.xml
View File

@ -238,7 +238,7 @@
</action>
<action name="user" class="userManagement">
<action name="user" class="userManagement" method="display">
<result name="success">/WEB-INF/jsp/user.jsp</result>
</action>

11
archiva-webapp/src/main/webapp/WEB-INF/jsp/admin/index.jsp
View File

@ -97,11 +97,14 @@
<c:forEach items="${repositories}" var="repository" varStatus="i">
<div>
<div style="float: right">
<ww:url id="editRepositoryUrl" action="editRepository" method="input">
<ww:param name="repoId" value="%{'${repository.id}'}" />
</ww:url>
<ww:url id="deleteRepositoryUrl" action="deleteRepository" method="input">
<ww:param name="repoId" value="%{'${repository.id}'}" />
</ww:url>
<%-- TODO replace with icons --%>
<a href="<ww:url action="editRepository" method="input"><ww:param name="repoId" value="%{'${repository.id}'}" /></ww:url>">Edit
Repository</a> | <a
href="<ww:url action="deleteRepository" method="input"><ww:param name="repoId" value="%{'${repository.id}'}" /></ww:url>">Delete
Repository</a>
<pss:ifAuthorized permission="edit-repository" resource="${repository.id}"><ww:a href="%{editRepositoryUrl}">Edit Repository</ww:a></pss:ifAuthorized> | <pss:ifAuthorized permission="delete-repository" resource="${repository.id}"><ww:a href="%{deleteRepositoryUrl}">Delete Repository</ww:a></pss:ifAuthorized>
</div>
<h3>${repository.name}</h3>
<table class="infoTable">

22
archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp
View File

@ -107,20 +107,30 @@
<my:currentWWUrl action="browse" namespace="/">Browse</my:currentWWUrl>
</li>
</ul>
<pss:ifAnyAuthorized permissions="edit-all-users,get-reports,edit-configuration">
<h5>Manage</h5>
<ul>
<pss:ifAuthorized permission="get-reports">
<li class="none">
<my:currentWWUrl action="reports" namespace="/admin">Reports</my:currentWWUrl>
</li>
</pss:ifAuthorized>
<%-- TODO
<li class="none">
<a href="#">Synchronisation</a>
</li>
--%>
<pss:ifAnyAuthorized permissions="edit-configuration,edit-all-users">
<li class="expanded">
<pss:ifAuthorized permission="edit-all-users">
<my:currentWWUrl action="userManagement" namespace="/admin">User Management</my:currentWWUrl>
</pss:ifAuthorized>
</li>
<li>
<pss:ifAuthorized permission="edit-configuration">
<my:currentWWUrl action="index" namespace="/admin">Administration</my:currentWWUrl>
</pss:ifAuthorized>
<ul>
<li class="none">
<my:currentWWUrl action="proxiedRepositories" namespace="/admin">Proxied Repositories</my:currentWWUrl>
@ -131,15 +141,11 @@
<my:currentWWUrl action="syncedRepositories" namespace="/admin">Synced Repositories</my:currentWWUrl>
</li>
--%>
<pss:ifAuthorized permission="edit-all-users">
<li class="none">
<my:currentWWUrl action="userManagement" namespace="/admin">User Management</my:currentWWUrl>
</li>
</pss:ifAuthorized>
</ul>
</li>
</pss:ifAnyAuthorized>
</ul>
</pss:ifAnyAuthorized>
<br/>
</div>
</div>

4
archiva-webapp/src/main/webapp/WEB-INF/jsp/loginRegister.jsp
View File

@ -32,6 +32,10 @@
</div>
<p>
<ww:actionmessage/>
</p>
<h2>Login</h2>
<ww:form action="login">
<table class="bodyTable">

39
archiva-webapp/src/main/webapp/WEB-INF/jsp/user.jsp
View File

@ -53,32 +53,51 @@
<table class="bodyTable">
<ww:iterator id="role" value="assignedRoles">
<ww:url id="removeAssignedRoleUrl" action="removeRoleFromUser">
<ww:param name="principal">${sessionScope.SecuritySessionUser.principal}</ww:param>
<ww:param name="roleName">${sessionScope.SecuritySessionUser.name}</ww:param>
</ww:url>
<tr class="a">
<td>
<em>${role.name}</em><br/>
</td>
<td>
<pss:ifAuthorized permission="remove-roles">
<ww:url id="removeAssignedRoleUrl" action="removeRoleFromUser">
<ww:param name="principal">${sessionScope.SecuritySessionUser.principal}</ww:param>
<ww:param name="roleName">${role.name}</ww:param>
</ww:url>
<ww:a href="%{removeAssignedRoleUrl}">Delete</ww:a>
</pss:ifAuthorized>
</td>
</tr>
</ww:iterator>
</table>
<h2>Grant Roles</h2>
<p>
<%-- this is for debug purposes only --%>
<div id="sidebar">
<ww:iterator id="role" value="availableRoles">
<ww:url id="addRoleUrl" action="assignRoleToUser">
<ww:param name="principal">${sessionScope.SecuritySessionUser.principal}</ww:param>
<ww:param name="roleName">${role.name}</ww:param>
</ww:url>
<ww:a href="%{addRoleUrl}">${role.name}</ww:a><br/>
<ww:a href="%{addRoleUrl}">${role.name}</ww:a>
<br/>
</ww:iterator>
</div>
<h2>Grant Roles</h2>
<p>
</p>
<pss:ifAuthorized permission="grant-roles">
<ww:iterator id="role" value="availableRoles">
<ww:url id="addRoleUrl" action="assignRoleToUser">
<ww:param name="principal">${sessionScope.SecuritySessionUser.principal}</ww:param>
<ww:param name="roleName">${role.name}</ww:param>
</ww:url>
<ww:a href="%{addRoleUrl}">${role.name}</ww:a>
<br/>
</ww:iterator>
</pss:ifAuthorized>
<%--
<p>
This following screen needs have the various roles worked into it.
@ -145,7 +164,7 @@
</td>
</tr>
--%>
<tr class="a">
<td></td>
<td>
@ -155,7 +174,7 @@
</tr>
</table>
--%>
</div>
</div>