1 package org.apache.archiva.webdav;
4 * Licensed to the Apache Software Foundation (ASF) under one
5 * or more contributor license agreements. See the NOTICE file
6 * distributed with this work for additional information
7 * regarding copyright ownership. The ASF licenses this file
8 * to you under the Apache License, Version 2.0 (the
9 * "License"); you may not use this file except in compliance
10 * with the License. You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17 * KIND, either express or implied. See the License for the
18 * specific language governing permissions and limitations
22 import org.apache.archiva.admin.model.RepositoryAdminException;
23 import org.apache.archiva.admin.model.beans.ManagedRepository;
24 import org.apache.archiva.admin.model.beans.RemoteRepository;
25 import org.apache.archiva.admin.model.managed.ManagedRepositoryAdmin;
26 import org.apache.archiva.admin.model.remote.RemoteRepositoryAdmin;
27 import org.apache.archiva.audit.AuditEvent;
28 import org.apache.archiva.audit.AuditListener;
29 import org.apache.archiva.audit.Auditable;
30 import org.apache.archiva.common.plexusbridge.PlexusSisuBridge;
31 import org.apache.archiva.common.plexusbridge.PlexusSisuBridgeException;
32 import org.apache.archiva.common.utils.PathUtil;
33 import org.apache.archiva.common.utils.VersionUtil;
34 import org.apache.archiva.configuration.ArchivaConfiguration;
35 import org.apache.archiva.configuration.RepositoryGroupConfiguration;
36 import org.apache.archiva.indexer.merger.IndexMerger;
37 import org.apache.archiva.indexer.merger.IndexMergerException;
38 import org.apache.archiva.indexer.merger.IndexMergerRequest;
39 import org.apache.archiva.indexer.merger.TemporaryGroupIndex;
40 import org.apache.archiva.indexer.search.RepositorySearch;
41 import org.apache.archiva.maven2.metadata.MavenMetadataReader;
42 import org.apache.archiva.metadata.repository.storage.RepositoryStorage;
43 import org.apache.archiva.model.ArchivaRepositoryMetadata;
44 import org.apache.archiva.model.ArtifactReference;
45 import org.apache.archiva.policies.ProxyDownloadException;
46 import org.apache.archiva.proxy.model.RepositoryProxyConnectors;
47 import org.apache.archiva.redback.authentication.AuthenticationException;
48 import org.apache.archiva.redback.authentication.AuthenticationResult;
49 import org.apache.archiva.redback.authorization.AuthorizationException;
50 import org.apache.archiva.redback.authorization.UnauthorizedException;
51 import org.apache.archiva.redback.integration.filter.authentication.HttpAuthenticator;
52 import org.apache.archiva.redback.policy.AccountLockedException;
53 import org.apache.archiva.redback.policy.MustChangePasswordException;
54 import org.apache.archiva.redback.system.SecuritySession;
55 import org.apache.archiva.redback.users.User;
56 import org.apache.archiva.redback.users.UserManager;
57 import org.apache.archiva.repository.ManagedRepositoryContent;
58 import org.apache.archiva.repository.RepositoryContentFactory;
59 import org.apache.archiva.repository.RepositoryException;
60 import org.apache.archiva.repository.RepositoryNotFoundException;
61 import org.apache.archiva.repository.content.legacy.LegacyPathParser;
62 import org.apache.archiva.repository.content.maven2.RepositoryRequest;
63 import org.apache.archiva.repository.layout.LayoutException;
64 import org.apache.archiva.repository.metadata.MetadataTools;
65 import org.apache.archiva.repository.metadata.RepositoryMetadataException;
66 import org.apache.archiva.repository.metadata.RepositoryMetadataMerge;
67 import org.apache.archiva.repository.metadata.RepositoryMetadataWriter;
68 import org.apache.archiva.scheduler.repository.model.RepositoryArchivaTaskScheduler;
69 import org.apache.archiva.security.ServletAuthenticator;
70 import org.apache.archiva.webdav.util.MimeTypes;
71 import org.apache.archiva.webdav.util.RepositoryPathUtil;
72 import org.apache.archiva.webdav.util.TemporaryGroupIndexSessionCleaner;
73 import org.apache.archiva.webdav.util.WebdavMethodUtil;
74 import org.apache.archiva.xml.XMLException;
75 import org.apache.commons.io.FileUtils;
76 import org.apache.commons.io.FilenameUtils;
77 import org.apache.commons.lang.StringUtils;
78 import org.apache.commons.lang.SystemUtils;
79 import org.apache.jackrabbit.webdav.DavException;
80 import org.apache.jackrabbit.webdav.DavResource;
81 import org.apache.jackrabbit.webdav.DavResourceFactory;
82 import org.apache.jackrabbit.webdav.DavResourceLocator;
83 import org.apache.jackrabbit.webdav.DavServletRequest;
84 import org.apache.jackrabbit.webdav.DavServletResponse;
85 import org.apache.jackrabbit.webdav.DavSession;
86 import org.apache.jackrabbit.webdav.lock.LockManager;
87 import org.apache.jackrabbit.webdav.lock.SimpleLockManager;
88 import org.apache.maven.index.context.IndexingContext;
89 import org.codehaus.plexus.digest.ChecksumFile;
90 import org.codehaus.plexus.digest.Digester;
91 import org.codehaus.plexus.digest.DigesterException;
92 import org.slf4j.Logger;
93 import org.slf4j.LoggerFactory;
94 import org.slf4j.MarkerFactory;
95 import org.springframework.context.ApplicationContext;
96 import org.springframework.stereotype.Service;
98 import javax.annotation.PostConstruct;
99 import javax.inject.Inject;
100 import javax.inject.Named;
101 import javax.servlet.http.HttpServletResponse;
102 import javax.servlet.http.HttpSession;
104 import java.io.IOException;
105 import java.util.ArrayList;
106 import java.util.Date;
107 import java.util.HashMap;
108 import java.util.HashSet;
109 import java.util.List;
110 import java.util.Map;
111 import java.util.Set;
116 @Service( "davResourceFactory#archiva" )
117 public class ArchivaDavResourceFactory
118 implements DavResourceFactory, Auditable
120 private static final String PROXIED_SUFFIX = " (proxied)";
122 private static final String HTTP_PUT_METHOD = "PUT";
124 private Logger log = LoggerFactory.getLogger( ArchivaDavResourceFactory.class );
127 private List<AuditListener> auditListeners = new ArrayList<AuditListener>();
130 private RepositoryContentFactory repositoryFactory;
132 private RepositoryRequest repositoryRequest;
135 @Named( value = "repositoryProxyConnectors#default" )
136 private RepositoryProxyConnectors connectors;
139 private MetadataTools metadataTools;
142 private MimeTypes mimeTypes;
144 private ArchivaConfiguration archivaConfiguration;
147 private ServletAuthenticator servletAuth;
150 @Named( value = "httpAuthenticator#basic" )
151 private HttpAuthenticator httpAuth;
154 private RemoteRepositoryAdmin remoteRepositoryAdmin;
157 private ManagedRepositoryAdmin managedRepositoryAdmin;
160 private IndexMerger indexMerger;
163 private RepositorySearch repositorySearch;
166 * Lock Manager - use simple implementation from JackRabbit
168 private final LockManager lockManager = new SimpleLockManager();
170 private ChecksumFile checksum;
172 private Digester digestSha1;
174 private Digester digestMd5;
177 @Named( value = "archivaTaskScheduler#repository" )
178 private RepositoryArchivaTaskScheduler scheduler;
180 private ApplicationContext applicationContext;
183 public ArchivaDavResourceFactory( ApplicationContext applicationContext, PlexusSisuBridge plexusSisuBridge,
184 ArchivaConfiguration archivaConfiguration )
185 throws PlexusSisuBridgeException
187 this.archivaConfiguration = archivaConfiguration;
188 this.applicationContext = applicationContext;
189 this.checksum = plexusSisuBridge.lookup( ChecksumFile.class );
191 this.digestMd5 = plexusSisuBridge.lookup( Digester.class, "md5" );
192 this.digestSha1 = plexusSisuBridge.lookup( Digester.class, "sha1" );
194 // TODO remove this hard dependency on maven !!
195 repositoryRequest = new RepositoryRequest( new LegacyPathParser( archivaConfiguration ) );
199 public void initialize()
204 public DavResource createResource( final DavResourceLocator locator, final DavServletRequest request,
205 final DavServletResponse response )
208 ArchivaDavResourceLocator archivaLocator = checkLocatorIsInstanceOfRepositoryLocator( locator );
210 RepositoryGroupConfiguration repoGroupConfig =
211 archivaConfiguration.getConfiguration().getRepositoryGroupsAsMap().get( archivaLocator.getRepositoryId() );
213 String activePrincipal = getActivePrincipal( request );
215 List<String> resourcesInAbsolutePath = new ArrayList<String>();
217 boolean readMethod = WebdavMethodUtil.isReadMethod( request.getMethod() );
218 DavResource resource;
219 if ( repoGroupConfig != null )
223 throw new DavException( HttpServletResponse.SC_METHOD_NOT_ALLOWED,
224 "Write method not allowed for repository groups." );
227 log.debug( "Repository group '{}' accessed by '{}", repoGroupConfig.getId(), activePrincipal );
229 // handle browse requests for virtual repos
230 if ( getLogicalResource( archivaLocator, null, true ).endsWith( "/" ) )
234 return getResourceFromGroup( request, repoGroupConfig.getRepositories(), archivaLocator,
237 catch ( RepositoryAdminException e )
239 throw new DavException( HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e );
244 // make a copy to avoid potential concurrent modifications (eg. by configuration)
245 // TODO: ultimately, locking might be more efficient than copying in this fashion since updates are
247 List<String> repositories = new ArrayList<String>( repoGroupConfig.getRepositories() );
248 resource = processRepositoryGroup( request, archivaLocator, repositories, activePrincipal,
249 resourcesInAbsolutePath, repoGroupConfig );
257 RemoteRepository remoteRepository =
258 remoteRepositoryAdmin.getRemoteRepository( archivaLocator.getRepositoryId() );
260 if ( remoteRepository != null )
262 String logicalResource = getLogicalResource( archivaLocator, null, false );
263 IndexingContext indexingContext = remoteRepositoryAdmin.createIndexContext( remoteRepository );
264 File resourceFile = StringUtils.equals( logicalResource, "/" )
265 ? new File( indexingContext.getIndexDirectoryFile().getParent() )
266 : new File( indexingContext.getIndexDirectoryFile().getParent(), logicalResource );
267 resource = new ArchivaDavResource( resourceFile.getAbsolutePath(), locator.getResourcePath(), null,
268 request.getRemoteAddr(), activePrincipal,
269 request.getDavSession(), archivaLocator, this, mimeTypes,
270 auditListeners, scheduler );
271 setHeaders( response, locator, resource );
275 catch ( RepositoryAdminException e )
277 log.debug( "RepositoryException remote repository with d'{}' not found, msg: {}",
278 archivaLocator.getRepositoryId(), e.getMessage() );
281 ManagedRepositoryContent managedRepositoryContent = null;
285 managedRepositoryContent =
286 repositoryFactory.getManagedRepositoryContent( archivaLocator.getRepositoryId() );
288 catch ( RepositoryNotFoundException e )
290 throw new DavException( HttpServletResponse.SC_NOT_FOUND,
291 "Invalid repository: " + archivaLocator.getRepositoryId() );
293 catch ( RepositoryException e )
295 throw new DavException( HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e );
298 log.debug( "Managed repository '{}' accessed by '{}'", managedRepositoryContent.getId(), activePrincipal );
302 resource = processRepository( request, archivaLocator, activePrincipal, managedRepositoryContent,
303 managedRepositoryAdmin.getManagedRepository(
304 archivaLocator.getRepositoryId() ) );
306 String logicalResource = getLogicalResource( archivaLocator, null, false );
307 resourcesInAbsolutePath.add(
308 new File( managedRepositoryContent.getRepoRoot(), logicalResource ).getAbsolutePath() );
311 catch ( RepositoryAdminException e )
313 throw new DavException( HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e );
317 String requestedResource = request.getRequestURI();
319 // MRM-872 : merge all available metadata
320 // merge metadata only when requested via the repo group
321 if ( ( repositoryRequest.isMetadata( requestedResource ) || repositoryRequest.isMetadataSupportFile(
322 requestedResource ) ) && repoGroupConfig != null )
324 // this should only be at the project level not version level!
325 if ( isProjectReference( requestedResource ) )
328 ArchivaDavResource res = (ArchivaDavResource) resource;
330 StringUtils.substringBeforeLast( res.getLocalResource().getAbsolutePath().replace( '\\', '/' ),
332 filePath = filePath + "/maven-metadata-" + repoGroupConfig.getId() + ".xml";
334 // for MRM-872 handle checksums of the merged metadata files
335 if ( repositoryRequest.isSupportFile( requestedResource ) )
337 File metadataChecksum =
338 new File( filePath + "." + StringUtils.substringAfterLast( requestedResource, "." ) );
339 if ( metadataChecksum.exists() )
341 LogicalResource logicalResource =
342 new LogicalResource (getLogicalResource( archivaLocator, null, false ) );
345 new ArchivaDavResource( metadataChecksum.getAbsolutePath(), logicalResource.getPath(), null,
346 request.getRemoteAddr(), activePrincipal, request.getDavSession(),
347 archivaLocator, this, mimeTypes, auditListeners, scheduler );
352 if ( resourcesInAbsolutePath != null && resourcesInAbsolutePath.size() > 1 )
354 // merge the metadata of all repos under group
355 ArchivaRepositoryMetadata mergedMetadata = new ArchivaRepositoryMetadata();
356 for ( String resourceAbsPath : resourcesInAbsolutePath )
360 File metadataFile = new File( resourceAbsPath );
361 ArchivaRepositoryMetadata repoMetadata = MavenMetadataReader.read( metadataFile );
362 mergedMetadata = RepositoryMetadataMerge.merge( mergedMetadata, repoMetadata );
364 catch ( XMLException e )
366 throw new DavException( HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
367 "Error occurred while reading metadata file." );
369 catch ( RepositoryMetadataException r )
371 throw new DavException( HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
372 "Error occurred while merging metadata file." );
378 File resourceFile = writeMergedMetadataToFile( mergedMetadata, filePath );
380 LogicalResource logicalResource = new LogicalResource( getLogicalResource( archivaLocator, null, false ) );
383 new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource.getPath(), null,
384 request.getRemoteAddr(), activePrincipal,
385 request.getDavSession(), archivaLocator, this, mimeTypes,
386 auditListeners, scheduler );
388 catch ( RepositoryMetadataException r )
390 throw new DavException( HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
391 "Error occurred while writing metadata file." );
393 catch ( IOException ie )
395 throw new DavException( HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
396 "Error occurred while generating checksum files." );
398 catch ( DigesterException de )
400 throw new DavException( HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
401 "Error occurred while generating checksum files." + de.getMessage() );
408 setHeaders( response, locator, resource );
410 // compatibility with MRM-440 to ensure browsing the repository works ok
411 if ( resource.isCollection() && !request.getRequestURI().endsWith( "/" ) )
413 throw new BrowserRedirectException( resource.getHref() );
415 resource.addLockManager( lockManager );
419 private DavResource processRepositoryGroup( final DavServletRequest request,
420 ArchivaDavResourceLocator archivaLocator, List<String> repositories,
421 String activePrincipal, List<String> resourcesInAbsolutePath,
422 RepositoryGroupConfiguration repoGroupConfig )
425 DavResource resource = null;
426 List<DavException> storedExceptions = new ArrayList<DavException>();
428 String pathInfo = StringUtils.removeEnd( request.getPathInfo(), "/" );
430 String rootPath = StringUtils.substringBeforeLast( pathInfo, "/" );
432 if ( StringUtils.endsWith( rootPath, repoGroupConfig.getMergedIndexPath() ) )
434 // we are in the case of index file request
435 String requestedFileName = StringUtils.substringAfterLast( pathInfo, "/" );
436 File temporaryIndexDirectory =
437 buildMergedIndexDirectory( repositories, activePrincipal, request, repoGroupConfig );
439 File resourceFile = new File( temporaryIndexDirectory, requestedFileName );
440 resource = new ArchivaDavResource( resourceFile.getAbsolutePath(), requestedFileName, null,
441 request.getRemoteAddr(), activePrincipal, request.getDavSession(),
442 archivaLocator, this, mimeTypes, auditListeners, scheduler );
447 for ( String repositoryId : repositories )
449 ManagedRepositoryContent managedRepositoryContent;
452 managedRepositoryContent = repositoryFactory.getManagedRepositoryContent( repositoryId );
454 catch ( RepositoryNotFoundException e )
456 throw new DavException( HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e );
458 catch ( RepositoryException e )
460 throw new DavException( HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e );
465 ManagedRepository managedRepository = managedRepositoryAdmin.getManagedRepository( repositoryId );
466 DavResource updatedResource =
467 processRepository( request, archivaLocator, activePrincipal, managedRepositoryContent,
469 if ( resource == null )
471 resource = updatedResource;
474 String logicalResource = getLogicalResource( archivaLocator, null, false );
475 if ( logicalResource.endsWith( "/" ) )
477 logicalResource = logicalResource.substring( 1 );
479 resourcesInAbsolutePath.add(
480 new File( managedRepositoryContent.getRepoRoot(), logicalResource ).getAbsolutePath() );
482 catch ( DavException e )
484 storedExceptions.add( e );
486 catch ( RepositoryAdminException e )
488 storedExceptions.add( new DavException( HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e ) );
492 if ( resource == null )
494 if ( !storedExceptions.isEmpty() )
497 for ( DavException e : storedExceptions )
499 if ( 401 == e.getErrorCode() )
505 throw new DavException( HttpServletResponse.SC_NOT_FOUND );
509 throw new DavException( HttpServletResponse.SC_NOT_FOUND );
515 private String getLogicalResource( ArchivaDavResourceLocator archivaLocator, ManagedRepository managedRepository,
516 boolean useOrigResourcePath )
518 // FIXME remove this hack
519 // but currently managedRepository can be null in case of group
520 String layout = managedRepository == null ? new ManagedRepository( ).getLayout() : managedRepository.getLayout();
521 RepositoryStorage repositoryStorage =
522 this.applicationContext.getBean( "repositoryStorage#" + layout, RepositoryStorage.class );
523 String path = repositoryStorage.getFilePath(
524 useOrigResourcePath ? archivaLocator.getOrigResourcePath() : archivaLocator.getResourcePath(), managedRepository );
525 log.debug( "found path {} for resourcePath: '{}' with managedRepo '{}' and layout '{}'", path,
526 archivaLocator.getResourcePath(), managedRepository == null ? "null" : managedRepository.getId(), layout );
530 private DavResource processRepository( final DavServletRequest request, ArchivaDavResourceLocator archivaLocator,
531 String activePrincipal, ManagedRepositoryContent managedRepositoryContent,
532 ManagedRepository managedRepository )
535 DavResource resource = null;
536 if ( isAuthorized( request, managedRepositoryContent.getId() ) )
538 String path = getLogicalResource( archivaLocator, managedRepository, false );
539 if ( path.startsWith( "/" ) )
541 path = path.substring( 1 );
543 LogicalResource logicalResource = new LogicalResource( path );
544 File resourceFile = new File( managedRepositoryContent.getRepoRoot(), path );
546 new ArchivaDavResource( resourceFile.getAbsolutePath(), path, managedRepositoryContent.getRepository(),
547 request.getRemoteAddr(), activePrincipal, request.getDavSession(),
548 archivaLocator, this, mimeTypes, auditListeners, scheduler );
550 if ( WebdavMethodUtil.isReadMethod( request.getMethod() ) )
552 if ( archivaLocator.getHref( false ).endsWith( "/" ) && !resourceFile.isDirectory() )
554 // force a resource not found
555 throw new DavException( HttpServletResponse.SC_NOT_FOUND, "Resource does not exist" );
559 if ( !resource.isCollection() )
561 boolean previouslyExisted = resourceFile.exists();
563 // Attempt to fetch the resource from any defined proxy.
565 fetchContentFromProxies( managedRepositoryContent, request, logicalResource );
567 // At this point the incoming request can either be in default or
568 // legacy layout format.
571 // Perform an adjustment of the resource to the managed
572 // repository expected path.
573 String localResourcePath =
574 repositoryRequest.toNativePath( logicalResource.getPath(), managedRepositoryContent );
575 resourceFile = new File( managedRepositoryContent.getRepoRoot(), localResourcePath );
577 new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource.getPath(),
578 managedRepositoryContent.getRepository(),
579 request.getRemoteAddr(), activePrincipal,
580 request.getDavSession(), archivaLocator, this, mimeTypes,
581 auditListeners, scheduler );
583 catch ( LayoutException e )
585 if ( !resourceFile.exists() )
587 throw new DavException( HttpServletResponse.SC_NOT_FOUND, e );
593 String event = ( previouslyExisted ? AuditEvent.MODIFY_FILE : AuditEvent.CREATE_FILE )
596 log.debug( "Proxied artifact '{}' in repository '{}' (current user '{}')",
597 resourceFile.getName(), managedRepositoryContent.getId(), activePrincipal );
599 triggerAuditEvent( request.getRemoteAddr(), archivaLocator.getRepositoryId(),
600 logicalResource.getPath(), event, activePrincipal );
603 if ( !resourceFile.exists() )
605 throw new DavException( HttpServletResponse.SC_NOT_FOUND, "Resource does not exist" );
611 if ( request.getMethod().equals( HTTP_PUT_METHOD ) )
613 String resourcePath = logicalResource.getPath();
615 // check if target repo is enabled for releases
616 // we suppose that release-artifacts can be deployed only to repos enabled for releases
617 if ( managedRepositoryContent.getRepository().isReleases() && !repositoryRequest.isMetadata(
618 resourcePath ) && !repositoryRequest.isSupportFile( resourcePath ) )
620 ArtifactReference artifact = null;
623 artifact = managedRepositoryContent.toArtifactReference( resourcePath );
625 if ( !VersionUtil.isSnapshot( artifact.getVersion() ) )
627 // check if artifact already exists and if artifact re-deployment to the repository is allowed
628 if ( managedRepositoryContent.hasContent( artifact )
629 && managedRepositoryContent.getRepository().isBlockRedeployments() )
631 log.warn( "Overwriting released artifacts in repository '{}' is not allowed.",
632 managedRepositoryContent.getId() );
633 throw new DavException( HttpServletResponse.SC_CONFLICT,
634 "Overwriting released artifacts is not allowed." );
638 catch ( LayoutException e )
640 log.warn( "Artifact path '{}' is invalid.", resourcePath );
645 * Create parent directories that don't exist when writing a file This actually makes this
646 * implementation not compliant to the WebDAV RFC - but we have enough knowledge about how the
647 * collection is being used to do this reasonably and some versions of Maven's WebDAV don't correctly
648 * create the collections themselves.
651 File rootDirectory = new File( managedRepositoryContent.getRepoRoot() );
652 File destDir = new File( rootDirectory, logicalResource.getPath() ).getParentFile();
654 if ( !destDir.exists() )
657 String relPath = PathUtil.getRelative( rootDirectory.getAbsolutePath(), destDir );
659 log.debug( "Creating destination directory '{}' (current user '{}')", destDir.getName(),
662 triggerAuditEvent( request.getRemoteAddr(), managedRepositoryContent.getId(), relPath,
663 AuditEvent.CREATE_DIR, activePrincipal );
670 public DavResource createResource( final DavResourceLocator locator, final DavSession davSession )
673 ArchivaDavResourceLocator archivaLocator = checkLocatorIsInstanceOfRepositoryLocator( locator );
675 ManagedRepositoryContent managedRepositoryContent;
678 managedRepositoryContent =
679 repositoryFactory.getManagedRepositoryContent( archivaLocator.getRepositoryId() );
681 catch ( RepositoryNotFoundException e )
683 throw new DavException( HttpServletResponse.SC_NOT_FOUND,
684 "Invalid repository: " + archivaLocator.getRepositoryId() );
686 catch ( RepositoryException e )
688 throw new DavException( HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e );
691 DavResource resource = null;
694 String logicalResource = getLogicalResource( archivaLocator, managedRepositoryAdmin.getManagedRepository(
695 archivaLocator.getRepositoryId() ), false );
696 if ( logicalResource.startsWith( "/" ) )
698 logicalResource = logicalResource.substring( 1 );
700 File resourceFile = new File( managedRepositoryContent.getRepoRoot(), logicalResource );
701 resource = new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource,
702 managedRepositoryContent.getRepository(), davSession, archivaLocator,
703 this, mimeTypes, auditListeners, scheduler );
705 resource.addLockManager( lockManager );
707 catch ( RepositoryAdminException e )
709 throw new DavException( HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e );
714 private boolean fetchContentFromProxies( ManagedRepositoryContent managedRepository, DavServletRequest request,
715 LogicalResource resource )
718 String path = resource.getPath();
719 if ( repositoryRequest.isSupportFile( path ) )
721 File proxiedFile = connectors.fetchFromProxies( managedRepository, path );
723 return ( proxiedFile != null );
726 // Is it a Metadata resource?
727 if ( repositoryRequest.isDefault( path ) && repositoryRequest.isMetadata( path ) )
729 return connectors.fetchMetatadaFromProxies( managedRepository, path ) != null;
732 // Is it an Archetype Catalog?
733 if ( repositoryRequest.isArchetypeCatalog( path ) )
735 // FIXME we must implement a merge of remote archetype catalog from remote servers.
736 File proxiedFile = connectors.fetchFromProxies( managedRepository, path );
738 return ( proxiedFile != null );
741 // Not any of the above? Then it's gotta be an artifact reference.
744 // Get the artifact reference in a layout neutral way.
745 ArtifactReference artifact = repositoryRequest.toArtifactReference( path );
747 if ( artifact != null )
749 String repositoryLayout = managedRepository.getRepository().getLayout();
751 RepositoryStorage repositoryStorage =
752 this.applicationContext.getBean( "repositoryStorage#" + repositoryLayout, RepositoryStorage.class );
753 repositoryStorage.applyServerSideRelocation( managedRepository, artifact );
755 File proxiedFile = connectors.fetchFromProxies( managedRepository, artifact );
757 resource.setPath( managedRepository.toPath( artifact ) );
759 log.debug( "Proxied artifact '{}:{}:{}'", artifact.getGroupId(), artifact.getArtifactId(),
760 artifact.getVersion() );
762 return ( proxiedFile != null );
765 catch ( LayoutException e )
769 catch ( ProxyDownloadException e )
771 log.error( e.getMessage(), e );
772 throw new DavException( HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
773 "Unable to fetch artifact resource." );
780 private void triggerAuditEvent( String remoteIP, String repositoryId, String resource, String action,
783 AuditEvent event = new AuditEvent( repositoryId, principal, resource, action );
784 event.setRemoteIP( remoteIP );
786 for ( AuditListener listener : auditListeners )
788 listener.auditEvent( event );
792 public void addAuditListener( AuditListener listener )
794 this.auditListeners.add( listener );
797 public void clearAuditListeners()
799 this.auditListeners.clear();
802 public void removeAuditListener( AuditListener listener )
804 this.auditListeners.remove( listener );
807 private void setHeaders( DavServletResponse response, DavResourceLocator locator, DavResource resource )
809 // [MRM-503] - Metadata file need Pragma:no-cache response
811 if ( locator.getResourcePath().endsWith( "/maven-metadata.xml" )
812 || ( (ArchivaDavResource) resource ).getLocalResource().isDirectory() )
814 response.setHeader( "Pragma", "no-cache" );
815 response.setHeader( "Cache-Control", "no-cache" );
816 response.setDateHeader( "Last-Modified", new Date().getTime() );
818 // if the resource is a directory don't cache it as new groupId deployed will be available
819 // without need of refreshing browser
822 // We need to specify this so connecting wagons can work correctly
823 response.setDateHeader( "Last-Modified", resource.getModificationTime() );
825 // TODO: [MRM-524] determine http caching options for other types of files (artifacts, sha1, md5, snapshots)
828 private ArchivaDavResourceLocator checkLocatorIsInstanceOfRepositoryLocator( DavResourceLocator locator )
831 if ( !( locator instanceof ArchivaDavResourceLocator ) )
833 throw new DavException( HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
834 "Locator does not implement RepositoryLocator" );
838 if ( locator.getResourcePath().startsWith( ArchivaDavResource.HIDDEN_PATH_PREFIX ) )
840 throw new DavException( HttpServletResponse.SC_NOT_FOUND );
843 ArchivaDavResourceLocator archivaLocator = (ArchivaDavResourceLocator) locator;
845 // MRM-419 - Windows Webdav support. Should not 404 if there is no content.
846 if ( StringUtils.isEmpty( archivaLocator.getRepositoryId() ) )
848 throw new DavException( HttpServletResponse.SC_NO_CONTENT );
850 return archivaLocator;
853 private static class LogicalResource
857 public LogicalResource( String path )
862 public String getPath()
867 public void setPath( String path )
873 protected boolean isAuthorized( DavServletRequest request, String repositoryId )
878 AuthenticationResult result = httpAuth.getAuthenticationResult( request, null );
879 SecuritySession securitySession = httpAuth.getSecuritySession( request.getSession( true ) );
881 return servletAuth.isAuthenticated( request, result ) && servletAuth.isAuthorized( request, securitySession,
883 WebdavMethodUtil.getMethodPermission(
884 request.getMethod() ) );
886 catch ( AuthenticationException e )
888 // safety check for MRM-911
889 String guest = UserManager.GUEST_USERNAME;
892 if ( servletAuth.isAuthorized( guest,
893 ( (ArchivaDavResourceLocator) request.getRequestLocator() ).getRepositoryId(),
894 WebdavMethodUtil.getMethodPermission( request.getMethod() ) ) )
899 catch ( UnauthorizedException ae )
901 throw new UnauthorizedDavException( repositoryId,
902 "You are not authenticated and authorized to access any repository." );
905 throw new UnauthorizedDavException( repositoryId, "You are not authenticated" );
907 catch ( MustChangePasswordException e )
909 throw new UnauthorizedDavException( repositoryId, "You must change your password." );
911 catch ( AccountLockedException e )
913 throw new UnauthorizedDavException( repositoryId, "User account is locked." );
915 catch ( AuthorizationException e )
917 throw new DavException( HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
918 "Fatal Authorization Subsystem Error." );
920 catch ( UnauthorizedException e )
922 throw new UnauthorizedDavException( repositoryId, e.getMessage() );
926 private DavResource getResourceFromGroup( DavServletRequest request, List<String> repositories,
927 ArchivaDavResourceLocator locator,
928 RepositoryGroupConfiguration repositoryGroupConfiguration )
929 throws DavException, RepositoryAdminException
931 List<File> mergedRepositoryContents = new ArrayList<File>();
932 // multiple repo types so we guess they are all the same type
933 // so use the first one
934 // FIXME add a method with group in the repository storage
935 String firstRepoId = repositoryGroupConfiguration.getRepositories().get( 1 );
937 String path = getLogicalResource( locator, managedRepositoryAdmin.getManagedRepository( firstRepoId ), false );
938 if ( path.startsWith( "/" ) )
940 path = path.substring( 1 );
942 LogicalResource logicalResource = new LogicalResource( path );
945 // if the current user logged in has permission to any of the repositories, allow user to
946 // browse the repo group but displaying only the repositories which the user has permission to access.
947 // otherwise, prompt for authentication.
949 String activePrincipal = getActivePrincipal( request );
951 boolean allow = isAllowedToContinue( request, repositories, activePrincipal );
954 String pathInfo = StringUtils.removeEnd( request.getPathInfo(), "/" );
959 if ( StringUtils.endsWith( pathInfo, repositoryGroupConfiguration.getMergedIndexPath() ) )
962 buildMergedIndexDirectory( repositories, activePrincipal, request, repositoryGroupConfiguration );
963 mergedRepositoryContents.add( mergedRepoDir );
967 if ( StringUtils.equalsIgnoreCase( pathInfo, "/" + repositoryGroupConfiguration.getId() ) )
969 File tmpDirectory = new File( SystemUtils.getJavaIoTmpDir(),
970 repositoryGroupConfiguration.getId() + "/"
971 + repositoryGroupConfiguration.getMergedIndexPath() );
972 if ( !tmpDirectory.exists() )
974 synchronized ( tmpDirectory.getAbsolutePath() )
976 if ( !tmpDirectory.exists() )
978 tmpDirectory.mkdirs();
982 mergedRepositoryContents.add( tmpDirectory.getParentFile() );
984 for ( String repository : repositories )
986 ManagedRepositoryContent managedRepository = null;
990 managedRepository = repositoryFactory.getManagedRepositoryContent( repository );
992 catch ( RepositoryNotFoundException e )
994 throw new DavException( HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
995 "Invalid managed repository <" + repository + ">: " + e.getMessage() );
997 catch ( RepositoryException e )
999 throw new DavException( HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
1000 "Invalid managed repository <" + repository + ">: " + e.getMessage() );
1003 File resourceFile = new File( managedRepository.getRepoRoot(), logicalResource.getPath() );
1004 if ( resourceFile.exists() )
1006 // in case of group displaying index directory doesn't have sense !!
1007 String repoIndexDirectory = managedRepository.getRepository().getIndexDirectory();
1008 if ( StringUtils.isNotEmpty( repoIndexDirectory ) )
1010 if ( !new File( repoIndexDirectory ).isAbsolute() )
1012 repoIndexDirectory = new File( managedRepository.getRepository().getLocation(),
1013 StringUtils.isEmpty( repoIndexDirectory )
1015 : repoIndexDirectory ).getAbsolutePath();
1018 if ( StringUtils.isEmpty( repoIndexDirectory ) )
1020 repoIndexDirectory = new File( managedRepository.getRepository().getLocation(),
1021 ".indexer" ).getAbsolutePath();
1024 if ( !StringUtils.equals( FilenameUtils.normalize( repoIndexDirectory ),
1025 FilenameUtils.normalize( resourceFile.getAbsolutePath() ) ) )
1027 // for prompted authentication
1028 if ( httpAuth.getSecuritySession( request.getSession( true ) ) != null )
1032 if ( isAuthorized( request, repository ) )
1034 mergedRepositoryContents.add( resourceFile );
1035 log.debug( "Repository '{}' accessed by '{}'", repository, activePrincipal );
1038 catch ( DavException e )
1040 // TODO: review exception handling
1042 log.debug( "Skipping repository '{}' for user '{}': {}", managedRepository,
1043 activePrincipal, e.getMessage() );
1050 // for the current user logged in
1053 if ( servletAuth.isAuthorized( activePrincipal, repository,
1054 WebdavMethodUtil.getMethodPermission(
1055 request.getMethod() ) ) )
1057 mergedRepositoryContents.add( resourceFile );
1058 log.debug( "Repository '{}' accessed by '{}'", repository, activePrincipal );
1061 catch ( UnauthorizedException e )
1063 // TODO: review exception handling
1065 log.debug( "Skipping repository '{}' for user '{}': {}", managedRepository,
1066 activePrincipal, e.getMessage() );
1077 throw new UnauthorizedDavException( locator.getRepositoryId(), "User not authorized." );
1080 ArchivaVirtualDavResource resource =
1081 new ArchivaVirtualDavResource( mergedRepositoryContents, logicalResource.getPath(), mimeTypes, locator,
1084 // compatibility with MRM-440 to ensure browsing the repository group works ok
1085 if ( resource.isCollection() && !request.getRequestURI().endsWith( "/" ) )
1087 throw new BrowserRedirectException( resource.getHref() );
1093 protected String getActivePrincipal( DavServletRequest request )
1095 User sessionUser = httpAuth.getSessionUser( request.getSession() );
1096 return sessionUser != null ? sessionUser.getUsername() : UserManager.GUEST_USERNAME;
1100 * Check if the current user is authorized to access any of the repos
1103 * @param repositories
1104 * @param activePrincipal
1107 private boolean isAllowedToContinue( DavServletRequest request, List<String> repositories, String activePrincipal )
1109 // when no repositories configured it's impossible to browse nothing !
1110 // at least make possible to see nothing :-)
1111 if ( repositories == null || repositories.isEmpty() )
1116 boolean allow = false;
1118 // if securitySession != null, it means that the user was prompted for authentication
1119 if ( httpAuth.getSecuritySession( request.getSession() ) != null )
1121 for ( String repository : repositories )
1125 if ( isAuthorized( request, repository ) )
1131 catch ( DavException e )
1139 for ( String repository : repositories )
1143 if ( servletAuth.isAuthorized( activePrincipal, repository,
1144 WebdavMethodUtil.getMethodPermission( request.getMethod() ) ) )
1150 catch ( UnauthorizedException e )
1160 private File writeMergedMetadataToFile( ArchivaRepositoryMetadata mergedMetadata, String outputFilename )
1161 throws RepositoryMetadataException, DigesterException, IOException
1163 File outputFile = new File( outputFilename );
1164 if ( outputFile.exists() )
1166 FileUtils.deleteQuietly( outputFile );
1169 outputFile.getParentFile().mkdirs();
1170 RepositoryMetadataWriter.write( mergedMetadata, outputFile );
1172 createChecksumFile( outputFilename, digestSha1 );
1173 createChecksumFile( outputFilename, digestMd5 );
1178 private void createChecksumFile( String path, Digester digester )
1179 throws DigesterException, IOException
1181 File checksumFile = new File( path + digester.getFilenameExtension() );
1182 if ( !checksumFile.exists() )
1184 FileUtils.deleteQuietly( checksumFile );
1185 checksum.createChecksum( new File( path ), digester );
1187 else if ( !checksumFile.isFile() )
1189 log.error( "Checksum file is not a file." );
1193 private boolean isProjectReference( String requestedResource )
1197 metadataTools.toVersionedReference( requestedResource );
1200 catch ( RepositoryMetadataException re )
1206 protected File buildMergedIndexDirectory( List<String> repositories, String activePrincipal,
1207 DavServletRequest request,
1208 RepositoryGroupConfiguration repositoryGroupConfiguration )
1214 HttpSession session = request.getSession();
1216 Map<String, TemporaryGroupIndex> temporaryGroupIndexMap =
1217 (Map<String, TemporaryGroupIndex>) session.getAttribute(
1218 TemporaryGroupIndexSessionCleaner.TEMPORARY_INDEX_SESSION_KEY );
1219 if ( temporaryGroupIndexMap == null )
1221 temporaryGroupIndexMap = new HashMap<String, TemporaryGroupIndex>();
1224 TemporaryGroupIndex tmp = temporaryGroupIndexMap.get( repositoryGroupConfiguration.getId() );
1226 if ( tmp != null && tmp.getDirectory() != null && tmp.getDirectory().exists() )
1228 if ( System.currentTimeMillis() - tmp.getCreationTime() > (
1229 repositoryGroupConfiguration.getMergedIndexTtl() * 60 * 1000 ) )
1231 log.debug( MarkerFactory.getMarker( "group.merged.index" ),
1232 "tmp group index '{}' is too old so delete it", repositoryGroupConfiguration.getId() );
1233 indexMerger.cleanTemporaryGroupIndex( tmp );
1237 log.debug( MarkerFactory.getMarker( "group.merged.index" ),
1238 "merged index for group '{}' found in cache", repositoryGroupConfiguration.getId() );
1239 return tmp.getDirectory();
1243 Set<String> authzRepos = new HashSet<String>();
1244 for ( String repository : repositories )
1248 if ( servletAuth.isAuthorized( activePrincipal, repository,
1249 WebdavMethodUtil.getMethodPermission( request.getMethod() ) ) )
1251 authzRepos.add( repository );
1252 authzRepos.addAll( this.repositorySearch.getRemoteIndexingContextIds( repository ) );
1255 catch ( UnauthorizedException e )
1257 // TODO: review exception handling
1259 log.debug( "Skipping repository '{}' for user '{}': {}", repository, activePrincipal,
1263 log.info( "generate temporary merged index for repository group '{}' for repositories '{}'",
1264 repositoryGroupConfiguration.getId(), authzRepos );
1265 IndexingContext indexingContext = indexMerger.buildMergedIndex(
1266 new IndexMergerRequest( authzRepos, true, repositoryGroupConfiguration.getId(),
1267 repositoryGroupConfiguration.getMergedIndexPath(),
1268 repositoryGroupConfiguration.getMergedIndexTtl() ) );
1269 File mergedRepoDir = indexingContext.getIndexDirectoryFile();
1270 TemporaryGroupIndex temporaryGroupIndex =
1271 new TemporaryGroupIndex( mergedRepoDir, indexingContext.getId(), repositoryGroupConfiguration.getId(),
1272 repositoryGroupConfiguration.getMergedIndexTtl() ).setCreationTime(
1273 new Date().getTime() );
1274 temporaryGroupIndexMap.put( repositoryGroupConfiguration.getId(), temporaryGroupIndex );
1275 session.setAttribute( TemporaryGroupIndexSessionCleaner.TEMPORARY_INDEX_SESSION_KEY,
1276 temporaryGroupIndexMap );
1277 return mergedRepoDir;
1279 catch ( RepositoryAdminException e )
1281 throw new DavException( HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e );
1283 catch ( IndexMergerException e )
1285 throw new DavException( HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e );
1290 public void setServletAuth( ServletAuthenticator servletAuth )
1292 this.servletAuth = servletAuth;
1295 public void setHttpAuth( HttpAuthenticator httpAuth )
1297 this.httpAuth = httpAuth;
1300 public void setScheduler( RepositoryArchivaTaskScheduler scheduler )
1302 this.scheduler = scheduler;
1305 public void setArchivaConfiguration( ArchivaConfiguration archivaConfiguration )
1307 this.archivaConfiguration = archivaConfiguration;
1310 public void setRepositoryFactory( RepositoryContentFactory repositoryFactory )
1312 this.repositoryFactory = repositoryFactory;
1315 public void setRepositoryRequest( RepositoryRequest repositoryRequest )
1317 this.repositoryRequest = repositoryRequest;
1320 public void setConnectors( RepositoryProxyConnectors connectors )
1322 this.connectors = connectors;
1325 public RemoteRepositoryAdmin getRemoteRepositoryAdmin()
1327 return remoteRepositoryAdmin;
1330 public void setRemoteRepositoryAdmin( RemoteRepositoryAdmin remoteRepositoryAdmin )
1332 this.remoteRepositoryAdmin = remoteRepositoryAdmin;
1335 public ManagedRepositoryAdmin getManagedRepositoryAdmin()
1337 return managedRepositoryAdmin;
1340 public void setManagedRepositoryAdmin( ManagedRepositoryAdmin managedRepositoryAdmin )
1342 this.managedRepositoryAdmin = managedRepositoryAdmin;
projects / archiva.git / blob