1 package org.apache.archiva.web.security;
3 * Licensed to the Apache Software Foundation (ASF) under one
4 * or more contributor license agreements. See the NOTICE file
5 * distributed with this work for additional information
6 * regarding copyright ownership. The ASF licenses this file
7 * to you under the Apache License, Version 2.0 (the
8 * "License"); you may not use this file except in compliance
9 * with the License. You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing,
14 * software distributed under the License is distributed on an
15 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16 * KIND, either express or implied. See the License for the
17 * specific language governing permissions and limitations
21 import org.apache.archiva.admin.model.RepositoryAdminException;
22 import org.apache.archiva.admin.model.runtime.RedbackRuntimeConfigurationAdmin;
23 import org.apache.archiva.redback.components.cache.Cache;
24 import org.apache.archiva.redback.rbac.AbstractRBACManager;
25 import org.apache.archiva.redback.rbac.Operation;
26 import org.apache.archiva.redback.rbac.Permission;
27 import org.apache.archiva.redback.rbac.RBACManager;
28 import org.apache.archiva.redback.rbac.RbacManagerException;
29 import org.apache.archiva.redback.rbac.RbacObjectInvalidException;
30 import org.apache.archiva.redback.rbac.RbacObjectNotFoundException;
31 import org.apache.archiva.redback.rbac.Resource;
32 import org.apache.archiva.redback.rbac.Role;
33 import org.apache.archiva.redback.rbac.UserAssignment;
34 import org.springframework.context.ApplicationContext;
35 import org.springframework.stereotype.Service;
37 import javax.inject.Inject;
38 import javax.inject.Named;
39 import java.util.ArrayList;
40 import java.util.Collection;
41 import java.util.HashMap;
42 import java.util.LinkedHashMap;
43 import java.util.List;
48 * @author Olivier Lamy
51 @Service( "rbacManager#archiva" )
52 public class ArchivaRbacManager
53 extends AbstractRBACManager
54 implements RBACManager
57 private Map<String, RBACManager> rbacManagersPerId;
60 private ApplicationContext applicationContext;
63 private RedbackRuntimeConfigurationAdmin redbackRuntimeConfigurationAdmin;
66 @Named( value = "cache#operations" )
67 private Cache<String, Operation> operationsCache;
70 @Named( value = "cache#permissions" )
71 private Cache<String, Permission> permissionsCache;
74 @Named( value = "cache#resources" )
75 private Cache<String, Resource> resourcesCache;
78 @Named( value = "cache#roles" )
79 private Cache<String, Role> rolesCache;
82 @Named( value = "cache#userAssignments" )
83 private Cache<String, UserAssignment> userAssignmentsCache;
86 @Named( value = "cache#userPermissions" )
87 private Cache<String, Map<String, List<Permission>>> userPermissionsCache;
90 @Named( value = "cache#effectiveRoleSet" )
91 private Cache<String, Set<Role>> effectiveRoleSetCache;
94 public void initialize()
98 List<String> rbacManagerIds =
99 redbackRuntimeConfigurationAdmin.getRedbackRuntimeConfiguration().getRbacManagerImpls();
103 if ( rbacManagerIds.isEmpty() )
105 rbacManagerIds.add( RedbackRuntimeConfigurationAdmin.DEFAULT_RBAC_MANAGER_IMPL );
108 log.info( "use rbacManagerIds: '{}'", rbacManagerIds );
110 this.rbacManagersPerId = new LinkedHashMap<>( rbacManagerIds.size() );
112 for ( String id : rbacManagerIds )
114 RBACManager rbacManager = applicationContext.getBean( "rbacManager#" + id, RBACManager.class );
116 rbacManagersPerId.put( id, rbacManager );
120 catch ( RepositoryAdminException e )
123 log.error( e.getMessage(), e );
124 throw new RuntimeException( e.getMessage(), e );
128 private void clearCaches() {
129 resourcesCache.clear();
130 operationsCache.clear();
131 permissionsCache.clear();
133 userAssignmentsCache.clear();
134 userPermissionsCache.clear();
135 effectiveRoleSetCache.clear();
138 protected RBACManager getRbacManagerForWrite()
140 for ( RBACManager rbacManager : this.rbacManagersPerId.values() )
142 if ( !rbacManager.isReadOnly() )
144 log.debug("Writable Rbac manager {}", rbacManager.getDescriptionKey());
148 return this.rbacManagersPerId.isEmpty() ? applicationContext.getBean(
149 "rbacManager#" + RedbackRuntimeConfigurationAdmin.DEFAULT_RBAC_MANAGER_IMPL, RBACManager.class ) //
150 : this.rbacManagersPerId.values().iterator().next();
154 public Role createRole( String name )
156 return getRbacManagerForWrite().createRole( name );
160 public Role saveRole( Role role )
161 throws RbacObjectInvalidException, RbacManagerException
163 Exception lastException = null;
164 boolean allFailed = true;
165 for ( RBACManager rbacManager : rbacManagersPerId.values() )
169 if ( !rbacManager.isReadOnly() )
171 role = rbacManager.saveRole( role );
175 catch ( Exception e )
180 if ( lastException != null && allFailed )
182 throw new RbacManagerException( lastException.getMessage(), lastException );
188 public void saveRoles( Collection<Role> roles )
189 throws RbacObjectInvalidException, RbacManagerException
191 Exception lastException = null;
192 boolean allFailed = true;
193 for ( RBACManager rbacManager : rbacManagersPerId.values() )
197 if ( !rbacManager.isReadOnly() )
199 rbacManager.saveRoles( roles );
203 catch ( Exception e )
208 if ( lastException != null && allFailed )
210 throw new RbacManagerException( lastException.getMessage(), lastException );
215 public Role getRole( String roleName )
216 throws RbacObjectNotFoundException, RbacManagerException
219 Role el = rolesCache.get( roleName );
225 Exception lastException = null;
226 for ( RBACManager rbacManager : rbacManagersPerId.values() )
230 Role role = rbacManager.getRole( roleName );
233 rolesCache.put( role.getName(), role );
237 catch ( Exception e )
242 log.debug( "cannot find role for name: ‘{}", roleName );
243 if ( lastException != null )
245 throw new RbacManagerException( lastException.getMessage(), lastException );
251 public List<Role> getAllRoles()
252 throws RbacManagerException
254 Map<String, Role> allRoles = new HashMap<>();
255 boolean allFailed = true;
256 Exception lastException = null;
257 for ( RBACManager rbacManager : rbacManagersPerId.values() )
261 List<Role> roles = rbacManager.getAllRoles();
262 for ( Role role : roles )
264 allRoles.put( role.getName(), role );
268 catch ( Exception e )
274 if ( lastException != null && allFailed )
276 throw new RbacManagerException( lastException.getMessage(), lastException );
279 return new ArrayList<>( allRoles.values() );
283 public void removeRole( Role role )
284 throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException
286 boolean allFailed = true;
287 Exception lastException = null;
288 for ( RBACManager rbacManager : rbacManagersPerId.values() )
292 rbacManager.removeRole( role );
293 rolesCache.remove( role.getName() );
296 catch ( Exception e )
302 if ( lastException != null && allFailed )
304 throw new RbacManagerException( lastException.getMessage(), lastException );
309 public Permission createPermission( String name )
310 throws RbacManagerException
312 return getRbacManagerForWrite().createPermission( name );
316 public Permission createPermission( String name, String operationName, String resourceIdentifier )
317 throws RbacManagerException
319 return getRbacManagerForWrite().createPermission( name, operationName, resourceIdentifier );
323 public Permission savePermission( Permission permission )
324 throws RbacObjectInvalidException, RbacManagerException
326 boolean allFailed = true;
327 Exception lastException = null;
328 for ( RBACManager rbacManager : rbacManagersPerId.values() )
332 if ( rbacManager.isReadOnly() )
334 permission = rbacManager.savePermission( permission );
338 catch ( Exception e )
344 if ( lastException != null && allFailed )
346 throw new RbacManagerException( lastException.getMessage(), lastException );
353 public Permission getPermission( String permissionName )
354 throws RbacObjectNotFoundException, RbacManagerException
357 Permission el = permissionsCache.get( permissionName );
363 Exception lastException = null;
364 for ( RBACManager rbacManager : rbacManagersPerId.values() )
368 Permission p = rbacManager.getPermission( permissionName );
371 permissionsCache.put( permissionName, p );
375 catch ( Exception e )
381 if ( lastException != null )
383 throw new RbacManagerException( lastException.getMessage(), lastException );
389 public List<Permission> getAllPermissions()
390 throws RbacManagerException
392 Map<String, Permission> allPermissions = new HashMap<>();
393 boolean allFailed = true;
394 Exception lastException = null;
395 for ( RBACManager rbacManager : rbacManagersPerId.values() )
399 List<Permission> permissions = rbacManager.getAllPermissions();
400 for ( Permission p : permissions )
402 allPermissions.put( p.getName(), p );
406 catch ( Exception e )
412 if ( lastException != null && allFailed )
414 throw new RbacManagerException( lastException.getMessage(), lastException );
416 return new ArrayList<>( allPermissions.values() );
420 public void removePermission( Permission permission )
421 throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException
423 boolean allFailed = true;
424 Exception lastException = null;
425 for ( RBACManager rbacManager : rbacManagersPerId.values() )
429 rbacManager.removePermission( permission );
430 permissionsCache.remove( permission.getName() );
433 catch ( Exception e )
439 if ( lastException != null && allFailed )
441 throw new RbacManagerException( lastException.getMessage(), lastException );
446 public Operation createOperation( String name )
447 throws RbacManagerException
449 return getRbacManagerForWrite().createOperation( name );
453 public Operation saveOperation( Operation operation )
454 throws RbacObjectInvalidException, RbacManagerException
456 boolean allFailed = true;
457 Exception lastException = null;
458 for ( RBACManager rbacManager : rbacManagersPerId.values() )
462 if ( !rbacManager.isReadOnly() )
464 operation = rbacManager.saveOperation( operation );
468 catch ( Exception e )
474 if ( lastException != null && allFailed )
476 throw new RbacManagerException( lastException.getMessage(), lastException );
482 public Operation getOperation( String operationName )
483 throws RbacObjectNotFoundException, RbacManagerException
486 Operation el = operationsCache.get( operationName );
492 Exception lastException = null;
493 for ( RBACManager rbacManager : rbacManagersPerId.values() )
497 Operation o = rbacManager.getOperation( operationName );
500 operationsCache.put( operationName, o );
504 catch ( Exception e )
510 if ( lastException != null )
512 throw new RbacManagerException( lastException.getMessage(), lastException );
518 public List<Operation> getAllOperations()
519 throws RbacManagerException
521 Map<String, Operation> allOperations = new HashMap<>();
522 boolean allFailed = true;
523 Exception lastException = null;
524 for ( RBACManager rbacManager : rbacManagersPerId.values() )
528 List<Operation> operations = rbacManager.getAllOperations();
529 for ( Operation o : operations )
531 allOperations.put( o.getName(), o );
535 catch ( Exception e )
541 if ( lastException != null && allFailed )
543 throw new RbacManagerException( lastException.getMessage(), lastException );
545 return new ArrayList<>( allOperations.values() );
549 public void removeOperation( Operation operation )
550 throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException
552 boolean allFailed = true;
553 Exception lastException = null;
554 for ( RBACManager rbacManager : rbacManagersPerId.values() )
558 rbacManager.removeOperation( operation );
559 operationsCache.remove( operation.getName() );
562 catch ( Exception e )
568 if ( lastException != null && allFailed )
570 throw new RbacManagerException( lastException.getMessage(), lastException );
575 public Resource createResource( String identifier )
576 throws RbacManagerException
578 return getRbacManagerForWrite().createResource( identifier );
582 public Resource saveResource( Resource resource )
583 throws RbacObjectInvalidException, RbacManagerException
585 boolean allFailed = true;
586 Exception lastException = null;
587 for ( RBACManager rbacManager : rbacManagersPerId.values() )
591 if ( !rbacManager.isReadOnly() )
593 resource = rbacManager.saveResource( resource );
597 catch ( Exception e )
603 if ( lastException != null && allFailed )
605 throw new RbacManagerException( lastException.getMessage(), lastException );
611 public Resource getResource( String resourceIdentifier )
612 throws RbacObjectNotFoundException, RbacManagerException
615 Resource el = resourcesCache.get( resourceIdentifier );
621 Exception lastException = null;
622 for ( RBACManager rbacManager : rbacManagersPerId.values() )
626 Resource r = rbacManager.getResource( resourceIdentifier );
629 resourcesCache.put( resourceIdentifier, r );
633 catch ( Exception e )
639 if ( lastException != null )
641 throw new RbacManagerException( lastException.getMessage(), lastException );
647 public List<Resource> getAllResources()
648 throws RbacManagerException
650 Map<String, Resource> allResources = new HashMap<>();
651 boolean allFailed = true;
652 Exception lastException = null;
653 for ( RBACManager rbacManager : rbacManagersPerId.values() )
657 List<Resource> resources = rbacManager.getAllResources();
658 for ( Resource r : resources )
660 allResources.put( r.getIdentifier(), r );
664 catch ( Exception e )
670 if ( lastException != null && allFailed )
672 throw new RbacManagerException( lastException.getMessage(), lastException );
674 return new ArrayList<>( allResources.values() );
678 public void removeResource( Resource resource )
679 throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException
681 boolean allFailed = true;
682 Exception lastException = null;
683 for ( RBACManager rbacManager : rbacManagersPerId.values() )
687 rbacManager.removeResource( resource );
688 resourcesCache.remove( resource.getIdentifier() );
691 catch ( Exception e )
697 if ( lastException != null && allFailed )
699 throw new RbacManagerException( lastException.getMessage(), lastException );
704 public UserAssignment createUserAssignment( String principal )
705 throws RbacManagerException
707 return getRbacManagerForWrite().createUserAssignment( principal );
711 public UserAssignment saveUserAssignment( UserAssignment userAssignment )
712 throws RbacObjectInvalidException, RbacManagerException
714 boolean allFailed = true;
715 Exception lastException = null;
716 for ( RBACManager rbacManager : rbacManagersPerId.values() )
720 if ( !rbacManager.isReadOnly() )
722 userAssignment = rbacManager.saveUserAssignment( userAssignment );
726 catch ( Exception e )
732 if ( lastException != null && allFailed )
734 throw new RbacManagerException( lastException.getMessage(), lastException );
736 return userAssignment;
740 public UserAssignment getUserAssignment( String principal )
741 throws RbacObjectNotFoundException, RbacManagerException
743 UserAssignment el = userAssignmentsCache.get( principal );
748 UserAssignment ua = null;
749 Exception lastException = null;
750 for ( RBACManager rbacManager : rbacManagersPerId.values() )
756 ua = rbacManager.getUserAssignment( principal );
760 UserAssignment userAssignment = rbacManager.getUserAssignment( principal );
761 if ( userAssignment != null )
763 for ( String roleName : userAssignment.getRoleNames() )
765 ua.addRoleName( roleName );
770 catch ( Exception e )
778 userAssignmentsCache.put( principal, ua );
782 if ( lastException != null )
784 throw new RbacManagerException( lastException.getMessage(), lastException );
790 public boolean userAssignmentExists( String principal )
793 for ( RBACManager rbacManager : rbacManagersPerId.values() )
797 boolean exists = rbacManager.userAssignmentExists( principal );
803 catch ( Exception e )
813 public boolean userAssignmentExists( UserAssignment assignment )
815 for ( RBACManager rbacManager : rbacManagersPerId.values() )
819 boolean exists = rbacManager.userAssignmentExists( assignment );
825 catch ( Exception e )
835 public List<UserAssignment> getAllUserAssignments()
836 throws RbacManagerException
838 Map<String, UserAssignment> allUserAssignments = new HashMap<>();
839 boolean allFailed = true;
840 Exception lastException = null;
841 for ( RBACManager rbacManager : rbacManagersPerId.values() )
845 List<UserAssignment> userAssignments = rbacManager.getAllUserAssignments();
846 for ( UserAssignment ua : userAssignments )
848 UserAssignment userAssignment = allUserAssignments.get( ua.getPrincipal() );
849 if ( userAssignment != null )
851 for ( String roleName : ua.getRoleNames() )
853 userAssignment.addRoleName( roleName );
856 allUserAssignments.put( ua.getPrincipal(), ua );
860 catch ( Exception e )
866 if ( lastException != null && allFailed )
868 throw new RbacManagerException( lastException.getMessage(), lastException );
870 return new ArrayList<>( allUserAssignments.values() );
874 public List<UserAssignment> getUserAssignmentsForRoles( Collection<String> roleNames )
875 throws RbacManagerException
877 List<UserAssignment> allUserAssignments = new ArrayList<>();
878 boolean allFailed = true;
879 Exception lastException = null;
880 for ( RBACManager rbacManager : rbacManagersPerId.values() )
884 List<UserAssignment> userAssignments = rbacManager.getUserAssignmentsForRoles( roleNames );
886 allUserAssignments.addAll( userAssignments );
890 catch ( Exception e )
896 if ( lastException != null && allFailed )
898 throw new RbacManagerException( lastException.getMessage(), lastException );
900 return allUserAssignments;
904 public void removeUserAssignment( UserAssignment userAssignment )
905 throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException
907 boolean allFailed = true;
908 Exception lastException = null;
909 for ( RBACManager rbacManager : rbacManagersPerId.values() )
913 rbacManager.removeUserAssignment( userAssignment );
914 userAssignmentsCache.remove( userAssignment.getPrincipal() );
917 catch ( Exception e )
923 if ( lastException != null && allFailed )
925 throw new RbacManagerException( lastException.getMessage(), lastException );
930 public boolean roleExists( String name )
931 throws RbacManagerException
933 Role r = rolesCache.get( name );
939 boolean allFailed = true;
940 Exception lastException = null;
941 for ( RBACManager rbacManager : rbacManagersPerId.values() )
945 boolean exists = rbacManager.roleExists( name );
951 catch ( Exception e )
957 if ( lastException != null && allFailed )
959 throw new RbacManagerException( lastException.getMessage(), lastException );
965 public boolean roleExists( Role role )
966 throws RbacManagerException
968 return roleExists( role.getName() );
972 public void eraseDatabase()
974 log.warn( "eraseDatabase not implemented" );
978 public boolean isFinalImplementation()
984 public String getDescriptionKey()
986 return "archiva.redback.rbacmanager.archiva";
990 public boolean isReadOnly()
projects / archiva.git / blob