+++ /dev/null
-package org.apache.maven.archiva.web;
-
-/*
- * Copyright 2001-2006 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-import org.codehaus.plexus.security.user.User;
-
-/**
- * ArchivaDefaults
- *
- * NOTE: this is targeted for removal with the forth coming rbac role templating
- *
- * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
- * @version $Id$
- */
-public interface ArchivaDefaults
-{
- public static final String ROLE = ArchivaDefaults.class.getName();
-
- public static final String GUEST_USERNAME = "guest";
-
- public static final String CONFIGURATION_EDIT_OPERATION = "edit-configuration";
-
- public static final String CONFIGURATION_EDIT_PERMISSION = "Edit Configuration";
-
- public static final String INDEX_REGENERATE_OPERATION = "regenerate-index";
-
- public static final String INDEX_REGENERATE_PERMISSION = "Regenerate Index";
-
- public static final String INDEX_RUN_OPERATION = "run-indexer";
-
- public static final String INDEX_RUN_PERMISSION = "Run Indexer";
-
- public static final String REPORTS_ACCESS_OPERATION = "access-reports";
-
- public static final String REPORTS_ACCESS_PERMISSION = "Access Reports";
-
- public static final String REPORTS_GENERATE_OPERATION = "generate-reports";
-
- public static final String REPORTS_GENERATE_PERMISSION = "Generate Reports";
-
- public static final String REPOSITORY_ACCESS = "Access Repository";
-
- public static final String REPOSITORY_ACCESS_OPERATION = "read-repository";
-
- public static final String REPOSITORY_ADD_OPERATION = "add-repository";
-
- public static final String REPOSITORY_ADD_PERMISSION = "Add Repository";
-
- public static final String REPOSITORY_DELETE = "Delete Repository";
-
- public static final String REPOSITORY_DELETE_OPERATION = "delete-repository";
-
- public static final String REPOSITORY_EDIT = "Edit Repository";
-
- public static final String REPOSITORY_EDIT_OPERATION = "edit-repository";
-
- public static final String REPOSITORY_MANAGER = "Repository Manager";
-
- public static final String REPOSITORY_OBSERVER = "Repository Observer";
-
- public static final String REPOSITORY_UPLOAD = "Repository Upload";
-
- public static final String REPOSITORY_UPLOAD_OPERATION = "upload-repository";
-
- public static final String ROLES_GRANT_OPERATION = "grant-roles";
-
- public static final String ROLES_GRANT_PERMISSION = "Grant Roles";
-
- public static final String ROLES_REMOVE_OPERATION = "remove-roles";
-
- public static final String ROLES_REMOVE_PERMISSION = "Remove Roles";
-
- public static final String SYSTEM_ADMINISTRATOR = "System Administrator";
-
- public static final String USER_ADMINISTRATOR = "User Administrator";
-
- public static final String USER_EDIT_OPERATION = "edit-user";
-
- public static final String USERS_EDIT_ALL_OPERATION = "edit-all-users";
-
- public static final String USERS_EDIT_ALL_PERMISSION = "Edit All Users";
-
- public void ensureDefaultsExist();
- public User getGuestUser();
-}
--- /dev/null
+package org.apache.maven.archiva.web;
+
+/*
+ * Copyright 2001-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.codehaus.plexus.security.user.User;
+
+/**
+ * ArchivaSecurityDefaults
+ *
+ * NOTE: this is targeted for removal with the forth coming rbac role templating
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public interface ArchivaSecurityDefaults
+{
+ public static final String ROLE = ArchivaSecurityDefaults.class.getName();
+
+ public static final String GUEST_USERNAME = "guest";
+
+ public static final String CONFIGURATION_EDIT_OPERATION = "edit-configuration";
+
+ public static final String CONFIGURATION_EDIT_PERMISSION = "Edit Configuration";
+
+ public static final String INDEX_REGENERATE_OPERATION = "regenerate-index";
+
+ public static final String INDEX_REGENERATE_PERMISSION = "Regenerate Index";
+
+ public static final String INDEX_RUN_OPERATION = "run-indexer";
+
+ public static final String INDEX_RUN_PERMISSION = "Run Indexer";
+
+ public static final String REPORTS_ACCESS_OPERATION = "access-reports";
+
+ public static final String REPORTS_ACCESS_PERMISSION = "Access Reports";
+
+ public static final String REPORTS_GENERATE_OPERATION = "generate-reports";
+
+ public static final String REPORTS_GENERATE_PERMISSION = "Generate Reports";
+
+ public static final String REPOSITORY_ACCESS = "Access Repository";
+
+ public static final String REPOSITORY_ACCESS_OPERATION = "read-repository";
+
+ public static final String REPOSITORY_ADD_OPERATION = "add-repository";
+
+ public static final String REPOSITORY_ADD_PERMISSION = "Add Repository";
+
+ public static final String REPOSITORY_DELETE = "Delete Repository";
+
+ public static final String REPOSITORY_DELETE_OPERATION = "delete-repository";
+
+ public static final String REPOSITORY_EDIT = "Edit Repository";
+
+ public static final String REPOSITORY_EDIT_OPERATION = "edit-repository";
+
+ public static final String REPOSITORY_MANAGER = "Repository Manager";
+
+ public static final String REPOSITORY_OBSERVER = "Repository Observer";
+
+ public static final String REPOSITORY_UPLOAD = "Repository Upload";
+
+ public static final String REPOSITORY_UPLOAD_OPERATION = "upload-repository";
+
+ public static final String ROLES_GRANT_OPERATION = "grant-roles";
+
+ public static final String ROLES_GRANT_PERMISSION = "Grant Roles";
+
+ public static final String ROLES_REMOVE_OPERATION = "remove-roles";
+
+ public static final String ROLES_REMOVE_PERMISSION = "Remove Roles";
+
+ public static final String SYSTEM_ADMINISTRATOR = "System Administrator";
+
+ public static final String USER_ADMINISTRATOR = "User Administrator";
+
+ public static final String USER_EDIT_OPERATION = "edit-user";
+
+ public static final String USERS_EDIT_ALL_OPERATION = "edit-all-users";
+
+ public static final String USERS_EDIT_ALL_PERMISSION = "Edit All Users";
+
+ public void ensureDefaultsExist();
+ public User getGuestUser();
+}
+++ /dev/null
-package org.apache.maven.archiva.web;
-
-/*
- * Copyright 2001-2006 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-import org.codehaus.plexus.logging.AbstractLogEnabled;
-import org.codehaus.plexus.personality.plexus.lifecycle.phase.Initializable;
-import org.codehaus.plexus.personality.plexus.lifecycle.phase.InitializationException;
-import org.codehaus.plexus.security.rbac.Operation;
-import org.codehaus.plexus.security.rbac.Permission;
-import org.codehaus.plexus.security.rbac.RBACManager;
-import org.codehaus.plexus.security.rbac.RbacObjectNotFoundException;
-import org.codehaus.plexus.security.rbac.Role;
-import org.codehaus.plexus.security.user.User;
-import org.codehaus.plexus.security.user.UserManager;
-import org.codehaus.plexus.security.user.UserNotFoundException;
-import org.codehaus.plexus.security.policy.UserSecurityPolicy;
-
-/**
- * DefaultArchivaDefaults
- *
- * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
- * @version $Id$
- * @plexus.component role="org.apache.maven.archiva.web.ArchivaDefaults"
- */
-public class DefaultArchivaDefaults
- extends AbstractLogEnabled
- implements ArchivaDefaults, Initializable
-{
- /**
- * @plexus.requirement
- */
- private RBACManager rbacManager;
-
- /**
- * @plexus.requirement
- */
- private UserManager userManager;
-
- /**
- * @plexus.requirement
- */
- private UserSecurityPolicy securityPolicy;
-
- private boolean initialized = false;
-
- private User guestUser;
-
- public void ensureDefaultsExist()
- {
- if ( initialized )
- {
- return;
- }
-
- ensureOperationsExist();
- ensurePermissionsExist();
- ensureRolesExist();
- ensureUsersExist();
-
- initialized = true;
- }
-
- private void ensureOperationExists( String operationName )
- {
- if ( !rbacManager.operationExists( operationName ) )
- {
- Operation operation = rbacManager.createOperation( operationName );
- rbacManager.saveOperation( operation );
- }
- }
-
- private void ensureOperationsExist()
- {
- ensureOperationExists( REPOSITORY_ADD_OPERATION );
- ensureOperationExists( REPOSITORY_EDIT_OPERATION );
- ensureOperationExists( REPOSITORY_DELETE_OPERATION );
- ensureOperationExists( CONFIGURATION_EDIT_OPERATION );
- ensureOperationExists( INDEX_RUN_OPERATION );
- ensureOperationExists( INDEX_REGENERATE_OPERATION );
- ensureOperationExists( REPORTS_ACCESS_OPERATION );
- ensureOperationExists( REPORTS_GENERATE_OPERATION );
- ensureOperationExists( USER_EDIT_OPERATION );
- ensureOperationExists( USERS_EDIT_ALL_OPERATION );
- ensureOperationExists( ROLES_GRANT_OPERATION );
- ensureOperationExists( ROLES_REMOVE_OPERATION );
- ensureOperationExists( REPOSITORY_ACCESS_OPERATION );
- ensureOperationExists( REPOSITORY_UPLOAD_OPERATION );
- }
-
- private void ensurePermissionExists( String permissionName, String operationName, String resourceIdentifier )
- {
- if ( !rbacManager.permissionExists( permissionName ) )
- {
- Permission editConfiguration = rbacManager.createPermission( permissionName, operationName,
- resourceIdentifier );
- rbacManager.savePermission( editConfiguration );
- }
- }
-
- private void ensurePermissionsExist()
- {
- String globalResource = rbacManager.getGlobalResource().getIdentifier();
-
- ensurePermissionExists( USERS_EDIT_ALL_PERMISSION, USERS_EDIT_ALL_OPERATION, globalResource );
-
- ensurePermissionExists( CONFIGURATION_EDIT_PERMISSION, CONFIGURATION_EDIT_OPERATION, globalResource );
-
- ensurePermissionExists( ROLES_GRANT_PERMISSION, ROLES_GRANT_OPERATION, globalResource );
- ensurePermissionExists( ROLES_REMOVE_PERMISSION, ROLES_REMOVE_OPERATION, globalResource );
-
- ensurePermissionExists( REPORTS_ACCESS_PERMISSION, REPORTS_ACCESS_OPERATION, globalResource );
- ensurePermissionExists( REPORTS_GENERATE_PERMISSION, REPORTS_GENERATE_OPERATION, globalResource );
-
- ensurePermissionExists( INDEX_RUN_PERMISSION, INDEX_RUN_OPERATION, globalResource );
- ensurePermissionExists( INDEX_REGENERATE_PERMISSION, INDEX_REGENERATE_OPERATION, globalResource );
-
- ensurePermissionExists( REPOSITORY_ADD_PERMISSION, REPOSITORY_ADD_OPERATION, globalResource );
- ensurePermissionExists( REPOSITORY_ACCESS, "access-repository", globalResource );
- ensurePermissionExists( REPOSITORY_UPLOAD, REPOSITORY_UPLOAD_OPERATION, globalResource );
- }
-
- private void ensureRolesExist()
- {
- try
- {
- if ( !rbacManager.roleExists( USER_ADMINISTRATOR ) )
- {
- Role userAdmin = rbacManager.createRole( USER_ADMINISTRATOR );
- userAdmin.addPermission( rbacManager.getPermission( USERS_EDIT_ALL_PERMISSION ) );
- userAdmin.addPermission( rbacManager.getPermission( ROLES_REMOVE_PERMISSION ) );
- userAdmin.addPermission( rbacManager.getPermission( ROLES_GRANT_PERMISSION ) );
- userAdmin.setAssignable( true );
- rbacManager.saveRole( userAdmin );
- }
-
- if ( !rbacManager.roleExists( SYSTEM_ADMINISTRATOR ) )
- {
- Role admin = rbacManager.createRole( SYSTEM_ADMINISTRATOR );
- admin.addChildRoleName( rbacManager.getRole( USER_ADMINISTRATOR ).getName() );
- admin.addPermission( rbacManager.getPermission( CONFIGURATION_EDIT_PERMISSION ) );
- admin.addPermission( rbacManager.getPermission( INDEX_RUN_PERMISSION ) );
- admin.addPermission( rbacManager.getPermission( REPOSITORY_ADD_PERMISSION ) );
- admin.addPermission( rbacManager.getPermission( REPORTS_ACCESS_PERMISSION ) );
- admin.addPermission( rbacManager.getPermission( REPORTS_GENERATE_PERMISSION ) );
- admin.addPermission( rbacManager.getPermission( INDEX_REGENERATE_PERMISSION ) );
- admin.setAssignable( true );
- rbacManager.saveRole( admin );
- }
- }
- catch ( RbacObjectNotFoundException ne )
- {
- getLogger().fatalError( "Unable to initialize Roles!", ne );
- throw new RuntimeException( "All Mandatory Defaults do not Exist!" );
- }
- }
-
- public void ensureUsersExist()
- {
- if( !userManager.userExists( GUEST_USERNAME ))
- {
- securityPolicy.setEnabled( false );
- this.guestUser = userManager.createUser( GUEST_USERNAME, "Guest User", "" );
- this.guestUser = userManager.addUser( this.guestUser );
- securityPolicy.setEnabled( true );
- }
- else
- {
- try
- {
- this.guestUser = userManager.findUser( GUEST_USERNAME );
- }
- catch ( UserNotFoundException e )
- {
- throw new RuntimeException( "Unable to find user '" + GUEST_USERNAME + "'", e );
- }
- }
- }
-
- public User getGuestUser()
- {
- return this.guestUser;
- }
-
- public void initialize()
- throws InitializationException
- {
- ensureDefaultsExist();
- }
-}
--- /dev/null
+package org.apache.maven.archiva.web;
+
+/*
+ * Copyright 2001-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.codehaus.plexus.logging.AbstractLogEnabled;
+import org.codehaus.plexus.personality.plexus.lifecycle.phase.Initializable;
+import org.codehaus.plexus.personality.plexus.lifecycle.phase.InitializationException;
+import org.codehaus.plexus.security.rbac.Operation;
+import org.codehaus.plexus.security.rbac.Permission;
+import org.codehaus.plexus.security.rbac.RBACManager;
+import org.codehaus.plexus.security.rbac.RbacObjectNotFoundException;
+import org.codehaus.plexus.security.rbac.Role;
+import org.codehaus.plexus.security.user.User;
+import org.codehaus.plexus.security.user.UserManager;
+import org.codehaus.plexus.security.user.UserNotFoundException;
+import org.codehaus.plexus.security.policy.UserSecurityPolicy;
+
+/**
+ * DefaultArchivaSecurityDefaults
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ * @plexus.component role="org.apache.maven.archiva.web.ArchivaSecurityDefaults"
+ */
+public class DefaultArchivaSecurityDefaults
+ extends AbstractLogEnabled
+ implements ArchivaSecurityDefaults, Initializable
+{
+ /**
+ * @plexus.requirement
+ */
+ private RBACManager rbacManager;
+
+ /**
+ * @plexus.requirement
+ */
+ private UserManager userManager;
+
+ /**
+ * @plexus.requirement
+ */
+ private UserSecurityPolicy securityPolicy;
+
+ private boolean initialized = false;
+
+ private User guestUser;
+
+ public void ensureDefaultsExist()
+ {
+ if ( initialized )
+ {
+ return;
+ }
+
+ ensureOperationsExist();
+ ensurePermissionsExist();
+ ensureRolesExist();
+ ensureUsersExist();
+
+ initialized = true;
+ }
+
+ private void ensureOperationExists( String operationName )
+ {
+ if ( !rbacManager.operationExists( operationName ) )
+ {
+ Operation operation = rbacManager.createOperation( operationName );
+ rbacManager.saveOperation( operation );
+ }
+ }
+
+ private void ensureOperationsExist()
+ {
+ ensureOperationExists( REPOSITORY_ADD_OPERATION );
+ ensureOperationExists( REPOSITORY_EDIT_OPERATION );
+ ensureOperationExists( REPOSITORY_DELETE_OPERATION );
+ ensureOperationExists( CONFIGURATION_EDIT_OPERATION );
+ ensureOperationExists( INDEX_RUN_OPERATION );
+ ensureOperationExists( INDEX_REGENERATE_OPERATION );
+ ensureOperationExists( REPORTS_ACCESS_OPERATION );
+ ensureOperationExists( REPORTS_GENERATE_OPERATION );
+ ensureOperationExists( USER_EDIT_OPERATION );
+ ensureOperationExists( USERS_EDIT_ALL_OPERATION );
+ ensureOperationExists( ROLES_GRANT_OPERATION );
+ ensureOperationExists( ROLES_REMOVE_OPERATION );
+ ensureOperationExists( REPOSITORY_ACCESS_OPERATION );
+ ensureOperationExists( REPOSITORY_UPLOAD_OPERATION );
+ }
+
+ private void ensurePermissionExists( String permissionName, String operationName, String resourceIdentifier )
+ {
+ if ( !rbacManager.permissionExists( permissionName ) )
+ {
+ Permission editConfiguration = rbacManager.createPermission( permissionName, operationName,
+ resourceIdentifier );
+ rbacManager.savePermission( editConfiguration );
+ }
+ }
+
+ private void ensurePermissionsExist()
+ {
+ String globalResource = rbacManager.getGlobalResource().getIdentifier();
+
+ ensurePermissionExists( USERS_EDIT_ALL_PERMISSION, USERS_EDIT_ALL_OPERATION, globalResource );
+
+ ensurePermissionExists( CONFIGURATION_EDIT_PERMISSION, CONFIGURATION_EDIT_OPERATION, globalResource );
+
+ ensurePermissionExists( ROLES_GRANT_PERMISSION, ROLES_GRANT_OPERATION, globalResource );
+ ensurePermissionExists( ROLES_REMOVE_PERMISSION, ROLES_REMOVE_OPERATION, globalResource );
+
+ ensurePermissionExists( REPORTS_ACCESS_PERMISSION, REPORTS_ACCESS_OPERATION, globalResource );
+ ensurePermissionExists( REPORTS_GENERATE_PERMISSION, REPORTS_GENERATE_OPERATION, globalResource );
+
+ ensurePermissionExists( INDEX_RUN_PERMISSION, INDEX_RUN_OPERATION, globalResource );
+ ensurePermissionExists( INDEX_REGENERATE_PERMISSION, INDEX_REGENERATE_OPERATION, globalResource );
+
+ ensurePermissionExists( REPOSITORY_ADD_PERMISSION, REPOSITORY_ADD_OPERATION, globalResource );
+ ensurePermissionExists( REPOSITORY_ACCESS, "access-repository", globalResource );
+ ensurePermissionExists( REPOSITORY_UPLOAD, REPOSITORY_UPLOAD_OPERATION, globalResource );
+ }
+
+ private void ensureRolesExist()
+ {
+ try
+ {
+ if ( !rbacManager.roleExists( USER_ADMINISTRATOR ) )
+ {
+ Role userAdmin = rbacManager.createRole( USER_ADMINISTRATOR );
+ userAdmin.addPermission( rbacManager.getPermission( USERS_EDIT_ALL_PERMISSION ) );
+ userAdmin.addPermission( rbacManager.getPermission( ROLES_REMOVE_PERMISSION ) );
+ userAdmin.addPermission( rbacManager.getPermission( ROLES_GRANT_PERMISSION ) );
+ userAdmin.setAssignable( true );
+ rbacManager.saveRole( userAdmin );
+ }
+
+ if ( !rbacManager.roleExists( SYSTEM_ADMINISTRATOR ) )
+ {
+ Role admin = rbacManager.createRole( SYSTEM_ADMINISTRATOR );
+ admin.addChildRoleName( rbacManager.getRole( USER_ADMINISTRATOR ).getName() );
+ admin.addPermission( rbacManager.getPermission( CONFIGURATION_EDIT_PERMISSION ) );
+ admin.addPermission( rbacManager.getPermission( INDEX_RUN_PERMISSION ) );
+ admin.addPermission( rbacManager.getPermission( REPOSITORY_ADD_PERMISSION ) );
+ admin.addPermission( rbacManager.getPermission( REPORTS_ACCESS_PERMISSION ) );
+ admin.addPermission( rbacManager.getPermission( REPORTS_GENERATE_PERMISSION ) );
+ admin.addPermission( rbacManager.getPermission( INDEX_REGENERATE_PERMISSION ) );
+ admin.setAssignable( true );
+ rbacManager.saveRole( admin );
+ }
+ }
+ catch ( RbacObjectNotFoundException ne )
+ {
+ getLogger().fatalError( "Unable to initialize Roles!", ne );
+ throw new RuntimeException( "All Mandatory Defaults do not Exist!" );
+ }
+ }
+
+ public void ensureUsersExist()
+ {
+ if( !userManager.userExists( GUEST_USERNAME ))
+ {
+ securityPolicy.setEnabled( false );
+ this.guestUser = userManager.createUser( GUEST_USERNAME, "Guest User", "" );
+ this.guestUser = userManager.addUser( this.guestUser );
+ securityPolicy.setEnabled( true );
+ }
+ else
+ {
+ try
+ {
+ this.guestUser = userManager.findUser( GUEST_USERNAME );
+ }
+ catch ( UserNotFoundException e )
+ {
+ throw new RuntimeException( "Unable to find user '" + GUEST_USERNAME + "'", e );
+ }
+ }
+ }
+
+ public User getGuestUser()
+ {
+ return this.guestUser;
+ }
+
+ public void initialize()
+ throws InitializationException
+ {
+ ensureDefaultsExist();
+ }
+}
import org.apache.maven.archiva.configuration.ConfigurationStore;
import org.apache.maven.archiva.configuration.ConfigurationStoreException;
import org.apache.maven.archiva.web.util.RoleManager;
-import org.apache.maven.archiva.web.ArchivaDefaults;
import org.codehaus.plexus.logging.AbstractLogEnabled;
import org.codehaus.plexus.security.rbac.RBACManager;
*/
private RBACManager rbacManager;
- /**
- * @plexus.requirement
- */
- private ArchivaDefaults archivaDefaults;
-
/**
*
* @param actionInvocation
public String intercept( ActionInvocation actionInvocation )
throws Exception
{
- archivaDefaults.ensureDefaultsExist();
ensureRepoRolesExist();
// determine if we need an admin account made
import org.apache.maven.archiva.configuration.ConfigurationStore;
import org.apache.maven.archiva.configuration.ConfigurationStoreException;
import org.apache.maven.archiva.configuration.RepositoryConfiguration;
-import org.apache.maven.archiva.web.ArchivaDefaults;
+import org.apache.maven.archiva.web.ArchivaSecurityDefaults;
import org.apache.maven.archiva.web.servlet.AbstractPlexusServlet;
import org.codehaus.plexus.security.authentication.AuthenticationException;
import org.codehaus.plexus.security.authentication.AuthenticationResult;
/**
* RepositoryAccess - access read/write to the repository.
*
- * @plexus.component role="org.apache.maven.archiva.web.servlet.PlexusServlet"
+ * @plexus.component role="org.apache.maven.archiva.web.servlet.PlexusServlet"
* role-hint="repositoryAccess"
*
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
/**
* @plexus.requirement
*/
- private ArchivaDefaults archiva;
+ private ArchivaSecurityDefaults archivaSecurity;
/**
* List of request methods that fall into the category of 'access' or 'read' of a repository.
AuthenticationResult result;
try
{
- result = httpAuth.getAuthenticationResult( request, response, archiva.getGuestUser().getPrincipal()
+ result = httpAuth.getAuthenticationResult( request, response, archivaSecurity.getGuestUser().getPrincipal()
.toString() );
if ( !result.isAuthenticated() )
SecuritySession securitySession = httpAuth.getSecuritySession();
try
{
- String permission = ArchivaDefaults.REPOSITORY_ACCESS;
+ String permission = ArchivaSecurityDefaults.REPOSITORY_ACCESS;
if ( isWriteRequest )
{
- permission = ArchivaDefaults.REPOSITORY_UPLOAD;
+ permission = ArchivaSecurityDefaults.REPOSITORY_UPLOAD;
}
permission += " - " + repoconfig.getId();
* limitations under the License.
*/
-import org.apache.maven.archiva.web.ArchivaDefaults;
+import org.apache.maven.archiva.web.ArchivaSecurityDefaults;
import org.codehaus.plexus.personality.plexus.lifecycle.phase.Initializable;
import org.codehaus.plexus.personality.plexus.lifecycle.phase.InitializationException;
import org.codehaus.plexus.security.rbac.Permission;
/**
* @plexus.requirement
*/
- private ArchivaDefaults archivaDefaults;
+ private ArchivaSecurityDefaults archivaSecurity;
private boolean initialized;
public void initialize()
throws InitializationException
{
- archivaDefaults.ensureDefaultsExist();
+ archivaSecurity.ensureDefaultsExist();
initialized = true;
}
throws RbacStoreException
{
UserAssignment assignment = manager.createUserAssignment( principal );
- assignment.addRoleName( ArchivaDefaults.SYSTEM_ADMINISTRATOR );
+ assignment.addRoleName( ArchivaSecurityDefaults.SYSTEM_ADMINISTRATOR );
manager.saveUserAssignment( assignment );
}
repoResource = manager.saveResource( repoResource );
// make the permissions
- Permission editRepo = manager.createPermission( ArchivaDefaults.REPOSITORY_EDIT + " - " + repositoryName );
- editRepo.setOperation( manager.getOperation( ArchivaDefaults.REPOSITORY_EDIT_OPERATION ) );
+ Permission editRepo = manager.createPermission( ArchivaSecurityDefaults.REPOSITORY_EDIT + " - " + repositoryName );
+ editRepo.setOperation( manager.getOperation( ArchivaSecurityDefaults.REPOSITORY_EDIT_OPERATION ) );
editRepo.setResource( repoResource );
editRepo = manager.savePermission( editRepo );
- Permission deleteRepo = manager.createPermission( ArchivaDefaults.REPOSITORY_DELETE + " - " + repositoryName );
- deleteRepo.setOperation( manager.getOperation( ArchivaDefaults.REPOSITORY_DELETE_OPERATION ) );
+ Permission deleteRepo = manager.createPermission( ArchivaSecurityDefaults.REPOSITORY_DELETE + " - " + repositoryName );
+ deleteRepo.setOperation( manager.getOperation( ArchivaSecurityDefaults.REPOSITORY_DELETE_OPERATION ) );
deleteRepo.setResource( repoResource );
deleteRepo = manager.savePermission( deleteRepo );
- Permission accessRepo = manager.createPermission( ArchivaDefaults.REPOSITORY_ACCESS + " - " + repositoryName );
- accessRepo.setOperation( manager.getOperation( ArchivaDefaults.REPOSITORY_ACCESS_OPERATION ) );
+ Permission accessRepo = manager.createPermission( ArchivaSecurityDefaults.REPOSITORY_ACCESS + " - " + repositoryName );
+ accessRepo.setOperation( manager.getOperation( ArchivaSecurityDefaults.REPOSITORY_ACCESS_OPERATION ) );
accessRepo.setResource( repoResource );
accessRepo = manager.savePermission( accessRepo );
- Permission uploadRepo = manager.createPermission( ArchivaDefaults.REPOSITORY_UPLOAD + " - " + repositoryName );
- uploadRepo.setOperation( manager.getOperation( ArchivaDefaults.REPOSITORY_UPLOAD_OPERATION ) );
+ Permission uploadRepo = manager.createPermission( ArchivaSecurityDefaults.REPOSITORY_UPLOAD + " - " + repositoryName );
+ uploadRepo.setOperation( manager.getOperation( ArchivaSecurityDefaults.REPOSITORY_UPLOAD_OPERATION ) );
uploadRepo.setResource( repoResource );
uploadRepo = manager.savePermission( uploadRepo );
// make the roles
Role repositoryObserver = manager.createRole( "Repository Observer - " + repositoryName );
- repositoryObserver.addPermission( manager.getPermission( ArchivaDefaults.REPORTS_ACCESS_PERMISSION ) );
+ repositoryObserver.addPermission( manager.getPermission( ArchivaSecurityDefaults.REPORTS_ACCESS_PERMISSION ) );
repositoryObserver.setAssignable( true );
repositoryObserver = manager.saveRole( repositoryObserver );
repositoryManager.addPermission( deleteRepo );
repositoryManager.addPermission( accessRepo );
repositoryManager.addPermission( uploadRepo );
- repositoryManager.addPermission( manager.getPermission( ArchivaDefaults.REPORTS_GENERATE_PERMISSION ) );
+ repositoryManager.addPermission( manager.getPermission( ArchivaSecurityDefaults.REPORTS_GENERATE_PERMISSION ) );
repositoryManager.addChildRoleName( repositoryObserver.getName() );
repositoryManager.setAssignable( true );
manager.saveRole( repositoryManager );
<component>
<role>org.apache.maven.archiva.scheduler.RepositoryTaskScheduler</role>
</component>
+ <component>
+ <role>org.apache.maven.archiva.web.ArchivaSecurityDefaults</role>
+ </component>
</load-on-start>
</plexus>
projects / archiva.git / commitdiff