]> source.dussan.org Git - archiva.git/commitdiff
package move to o.a.a.r module redback-authorization-rbac
authorOlivier Lamy <olamy@apache.org>
Sat, 7 Apr 2012 22:49:09 +0000 (22:49 +0000)
committerOlivier Lamy <olamy@apache.org>
Sat, 7 Apr 2012 22:49:09 +0000 (22:49 +0000)
git-svn-id: https://svn.apache.org/repos/asf/archiva/redback/redback-core/trunk@1310901 13f79535-47bb-0310-9956-ffa450edef68

redback-rbac/redback-authorization-rbac/src/main/java/org/apache/archiva/redback/authorization/rbac/RbacAuthorizer.java [new file with mode: 0644]
redback-rbac/redback-authorization-rbac/src/main/java/org/apache/archiva/redback/authorization/rbac/evaluator/DefaultPermissionEvaluator.java [new file with mode: 0644]
redback-rbac/redback-authorization-rbac/src/main/java/org/apache/archiva/redback/authorization/rbac/evaluator/PermissionEvaluationException.java [new file with mode: 0644]
redback-rbac/redback-authorization-rbac/src/main/java/org/apache/archiva/redback/authorization/rbac/evaluator/PermissionEvaluator.java [new file with mode: 0644]
redback-rbac/redback-authorization-rbac/src/main/java/org/codehaus/plexus/redback/authorization/rbac/RbacAuthorizer.java [deleted file]
redback-rbac/redback-authorization-rbac/src/main/java/org/codehaus/plexus/redback/authorization/rbac/evaluator/DefaultPermissionEvaluator.java [deleted file]
redback-rbac/redback-authorization-rbac/src/main/java/org/codehaus/plexus/redback/authorization/rbac/evaluator/PermissionEvaluationException.java [deleted file]
redback-rbac/redback-authorization-rbac/src/main/java/org/codehaus/plexus/redback/authorization/rbac/evaluator/PermissionEvaluator.java [deleted file]
redback-rbac/redback-authorization-rbac/src/main/resources/META-INF/spring-context.xml
redback-rbac/redback-authorization-rbac/src/test/java/org/apache/archiva/redback/authorization/rbac/evaluator/PermissionEvaluatorTest.java [new file with mode: 0644]
redback-rbac/redback-authorization-rbac/src/test/java/org/codehaus/plexus/redback/authorization/rbac/evaluator/PermissionEvaluatorTest.java [deleted file]

diff --git a/redback-rbac/redback-authorization-rbac/src/main/java/org/apache/archiva/redback/authorization/rbac/RbacAuthorizer.java b/redback-rbac/redback-authorization-rbac/src/main/java/org/apache/archiva/redback/authorization/rbac/RbacAuthorizer.java
new file mode 100644 (file)
index 0000000..896ade5
--- /dev/null
@@ -0,0 +1,189 @@
+package org.apache.archiva.redback.authorization.rbac;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.users.UserNotFoundException;
+import org.apache.archiva.redback.authorization.AuthorizationDataSource;
+import org.apache.archiva.redback.authorization.AuthorizationException;
+import org.apache.archiva.redback.authorization.AuthorizationResult;
+import org.apache.archiva.redback.authorization.Authorizer;
+import org.apache.archiva.redback.authorization.NotAuthorizedException;
+import org.apache.archiva.redback.authorization.rbac.evaluator.PermissionEvaluationException;
+import org.apache.archiva.redback.authorization.rbac.evaluator.PermissionEvaluator;
+import org.apache.archiva.redback.rbac.RbacObjectNotFoundException;
+import org.apache.archiva.redback.users.User;
+import org.apache.archiva.redback.users.UserManager;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Service;
+
+import javax.inject.Inject;
+import javax.inject.Named;
+import java.util.Arrays;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * RbacAuthorizer:
+ *
+ * @author Jesse McConnell <jmcconnell@apache.org>
+ * @version $Id$
+ */
+@Service( "authorizer#rbac" )
+public class RbacAuthorizer
+    implements Authorizer
+{
+    private Logger log = LoggerFactory.getLogger( getClass() );
+
+    @Inject
+    @Named( value = "rBACManager#cached" )
+    private RBACManager manager;
+
+    @Inject
+    @Named( value = "userManager#configurable" )
+    private UserManager userManager;
+
+    @Inject
+    private PermissionEvaluator evaluator;
+
+    public String getId()
+    {
+        return "RBAC Authorizer - " + this.getClass().getName();
+    }
+
+    /**
+     * @param source
+     * @return
+     * @throws AuthorizationException
+     */
+    public AuthorizationResult isAuthorized( AuthorizationDataSource source )
+        throws AuthorizationException
+    {
+        Object principal = source.getPrincipal();
+        Object operation = source.getPermission();
+        Object resource = source.getResource();
+
+        try
+        {
+            if ( principal != null )
+            {
+                // Set permissions = manager.getAssignedPermissions( principal.toString(), operation );
+                Map<String, List<Permission>> permissionMap = manager.getAssignedPermissionMap( principal.toString() );
+
+                if ( permissionMap.keySet().contains( operation.toString() ) )
+                {
+                    for ( Permission permission : permissionMap.get( operation.toString() ) )
+                    {
+                        if ( log.isDebugEnabled() )
+                        {
+                            log.debug( "checking permission {} for operation {} resource {}",
+                                       Arrays.asList( permission != null ? permission.getName() : "null", operation,
+                                                      resource ).toArray() );
+                        }
+                        if ( evaluator.evaluate( permission, operation, resource, principal ) )
+                        {
+                            return new AuthorizationResult( true, permission, null );
+                        }
+                    }
+
+                    log.debug( "no permission found for operation {} resource {}", operation.toString(), resource );
+                }
+                else
+                {
+                    log.debug( "permission map does not contain operation: {}", operation.toString() );
+                }
+            }
+            // check if guest user is enabled, if so check the global permissions
+            User guest = userManager.getGuestUser();
+
+            if ( !guest.isLocked() )
+            {
+                // Set permissions = manager.getAssignedPermissions( principal.toString(), operation );
+                Map<String, List<Permission>> permissionMap =
+                    manager.getAssignedPermissionMap( guest.getPrincipal().toString() );
+
+                if ( permissionMap.keySet().contains( operation.toString() ) )
+                {
+                    for ( Permission permission : permissionMap.get( operation.toString() ) )
+                    {
+                        log.debug( "checking permission {}", permission.getName() );
+
+                        if ( evaluator.evaluate( permission, operation, resource, guest.getPrincipal() ) )
+                        {
+                            return new AuthorizationResult( true, permission, null );
+                        }
+                    }
+                }
+            }
+
+            return new AuthorizationResult( false, null, new NotAuthorizedException( "no matching permissions" ) );
+        }
+        catch ( PermissionEvaluationException pe )
+        {
+            return new AuthorizationResult( false, null, pe );
+        }
+        catch ( RbacObjectNotFoundException nfe )
+        {
+            return new AuthorizationResult( false, null, nfe );
+        }
+        catch ( UserNotFoundException ne )
+        {
+            return new AuthorizationResult( false, null,
+                                            new NotAuthorizedException( "no matching permissions, guest not found" ) );
+        }
+        catch ( RbacManagerException rme )
+        {
+            return new AuthorizationResult( false, null, rme );
+        }
+    }
+
+    public RBACManager getManager()
+    {
+        return manager;
+    }
+
+    public void setManager( RBACManager manager )
+    {
+        this.manager = manager;
+    }
+
+    public UserManager getUserManager()
+    {
+        return userManager;
+    }
+
+    public void setUserManager( UserManager userManager )
+    {
+        this.userManager = userManager;
+    }
+
+    public PermissionEvaluator getEvaluator()
+    {
+        return evaluator;
+    }
+
+    public void setEvaluator( PermissionEvaluator evaluator )
+    {
+        this.evaluator = evaluator;
+    }
+}
diff --git a/redback-rbac/redback-authorization-rbac/src/main/java/org/apache/archiva/redback/authorization/rbac/evaluator/DefaultPermissionEvaluator.java b/redback-rbac/redback-authorization-rbac/src/main/java/org/apache/archiva/redback/authorization/rbac/evaluator/DefaultPermissionEvaluator.java
new file mode 100644 (file)
index 0000000..9947ea8
--- /dev/null
@@ -0,0 +1,106 @@
+package org.apache.archiva.redback.authorization.rbac.evaluator;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import org.apache.archiva.redback.rbac.Resource;
+import org.apache.archiva.redback.users.UserManager;
+import org.apache.archiva.redback.users.UserNotFoundException;
+import org.apache.archiva.redback.rbac.Permission;
+import org.springframework.stereotype.Service;
+
+import javax.inject.Inject;
+import javax.inject.Named;
+
+/**
+ * DefaultPermissionEvaluator:
+ * <p/>
+ * Currently only one expression is available for evaluation, ${username} will be replaced with the username
+ * of the person making the authorization check
+ *
+ * @author Jesse McConnell <jesse@codehaus.org>
+ * @version $Id$
+ */
+@Service("permissionEvaluator")
+public class DefaultPermissionEvaluator
+    implements PermissionEvaluator
+{
+    @Inject
+    @Named(value="userManager#configurable")
+    private UserManager userManager;
+
+    public boolean evaluate( Permission permission, Object operation, Object resource, Object principal )
+        throws PermissionEvaluationException
+    {
+        String permissionResource = permission.getResource().getIdentifier();
+
+        // expression evaluation checking
+        if ( permissionResource.startsWith( "${" ) )
+        {
+            String tempStr = permissionResource.substring( 2, permissionResource.indexOf( '}' ) );
+
+            if ( "username".equals( tempStr ) )
+            {
+                try
+                {
+                    permissionResource = userManager.findUser( principal.toString() ).getUsername();
+                }
+                catch ( UserNotFoundException ne )
+                {
+                    throw new PermissionEvaluationException( "unable to locate user to retrieve username", ne );
+                }
+            }
+        }
+
+        // check if this permission applies to the operation at all
+        if ( permission.getOperation().getName().equals( operation.toString() ) )
+        {
+            // check if it is a global resource, if it is then since the operations match we return true
+            if ( Resource.GLOBAL.equals( permission.getResource().getIdentifier() ) )
+            {
+                return true;
+            }
+
+            // if we are not checking a specific resource, the operation is enough
+            if ( resource == null )
+            {
+                return true;
+            }
+            
+            // check if the resource identifier of the permission matches the resource we are checking against
+            // if it does then return true
+            if ( permissionResource.equals( resource.toString() ) )
+            {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    public UserManager getUserManager()
+    {
+        return userManager;
+    }
+
+    public void setUserManager( UserManager userManager )
+    {
+        this.userManager = userManager;
+    }
+}
diff --git a/redback-rbac/redback-authorization-rbac/src/main/java/org/apache/archiva/redback/authorization/rbac/evaluator/PermissionEvaluationException.java b/redback-rbac/redback-authorization-rbac/src/main/java/org/apache/archiva/redback/authorization/rbac/evaluator/PermissionEvaluationException.java
new file mode 100644 (file)
index 0000000..6b0380f
--- /dev/null
@@ -0,0 +1,41 @@
+package org.apache.archiva.redback.authorization.rbac.evaluator;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * PermissionEvaluationException:
+ *
+ * @author Jesse McConnell <jmcconnell@apache.org>
+ * @version $Id$
+ */
+public class PermissionEvaluationException
+    extends Exception
+{
+    public PermissionEvaluationException( String string )
+    {
+        super( string );
+    }
+
+    public PermissionEvaluationException( String string, Throwable throwable )
+    {
+        super( string, throwable );
+    }
+
+}
diff --git a/redback-rbac/redback-authorization-rbac/src/main/java/org/apache/archiva/redback/authorization/rbac/evaluator/PermissionEvaluator.java b/redback-rbac/redback-authorization-rbac/src/main/java/org/apache/archiva/redback/authorization/rbac/evaluator/PermissionEvaluator.java
new file mode 100644 (file)
index 0000000..f642315
--- /dev/null
@@ -0,0 +1,35 @@
+package org.apache.archiva.redback.authorization.rbac.evaluator;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import org.apache.archiva.redback.rbac.Permission;
+
+
+/**
+ * PermissionEvaluator:
+ *
+ * @author Jesse McConnell <jmcconnell@apache.org>
+ * @version $Id$
+ */
+public interface PermissionEvaluator
+{
+    boolean evaluate( Permission permission, Object operation, Object resource, Object principal )
+        throws PermissionEvaluationException;
+}
diff --git a/redback-rbac/redback-authorization-rbac/src/main/java/org/codehaus/plexus/redback/authorization/rbac/RbacAuthorizer.java b/redback-rbac/redback-authorization-rbac/src/main/java/org/codehaus/plexus/redback/authorization/rbac/RbacAuthorizer.java
deleted file mode 100644 (file)
index f39a219..0000000
+++ /dev/null
@@ -1,189 +0,0 @@
-package org.codehaus.plexus.redback.authorization.rbac;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-import org.apache.archiva.redback.rbac.Permission;
-import org.apache.archiva.redback.rbac.RBACManager;
-import org.apache.archiva.redback.rbac.RbacManagerException;
-import org.apache.archiva.redback.users.UserNotFoundException;
-import org.apache.archiva.redback.authorization.AuthorizationDataSource;
-import org.apache.archiva.redback.authorization.AuthorizationException;
-import org.apache.archiva.redback.authorization.AuthorizationResult;
-import org.apache.archiva.redback.authorization.Authorizer;
-import org.apache.archiva.redback.authorization.NotAuthorizedException;
-import org.codehaus.plexus.redback.authorization.rbac.evaluator.PermissionEvaluationException;
-import org.codehaus.plexus.redback.authorization.rbac.evaluator.PermissionEvaluator;
-import org.apache.archiva.redback.rbac.RbacObjectNotFoundException;
-import org.apache.archiva.redback.users.User;
-import org.apache.archiva.redback.users.UserManager;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.stereotype.Service;
-
-import javax.inject.Inject;
-import javax.inject.Named;
-import java.util.Arrays;
-import java.util.List;
-import java.util.Map;
-
-/**
- * RbacAuthorizer:
- *
- * @author Jesse McConnell <jmcconnell@apache.org>
- * @version $Id$
- */
-@Service( "authorizer#rbac" )
-public class RbacAuthorizer
-    implements Authorizer
-{
-    private Logger log = LoggerFactory.getLogger( getClass() );
-
-    @Inject
-    @Named( value = "rBACManager#cached" )
-    private RBACManager manager;
-
-    @Inject
-    @Named( value = "userManager#configurable" )
-    private UserManager userManager;
-
-    @Inject
-    private PermissionEvaluator evaluator;
-
-    public String getId()
-    {
-        return "RBAC Authorizer - " + this.getClass().getName();
-    }
-
-    /**
-     * @param source
-     * @return
-     * @throws AuthorizationException
-     */
-    public AuthorizationResult isAuthorized( AuthorizationDataSource source )
-        throws AuthorizationException
-    {
-        Object principal = source.getPrincipal();
-        Object operation = source.getPermission();
-        Object resource = source.getResource();
-
-        try
-        {
-            if ( principal != null )
-            {
-                // Set permissions = manager.getAssignedPermissions( principal.toString(), operation );
-                Map<String, List<Permission>> permissionMap = manager.getAssignedPermissionMap( principal.toString() );
-
-                if ( permissionMap.keySet().contains( operation.toString() ) )
-                {
-                    for ( Permission permission : permissionMap.get( operation.toString() ) )
-                    {
-                        if ( log.isDebugEnabled() )
-                        {
-                            log.debug( "checking permission {} for operation {} resource {}",
-                                       Arrays.asList( permission != null ? permission.getName() : "null", operation,
-                                                      resource ).toArray() );
-                        }
-                        if ( evaluator.evaluate( permission, operation, resource, principal ) )
-                        {
-                            return new AuthorizationResult( true, permission, null );
-                        }
-                    }
-
-                    log.debug( "no permission found for operation {} resource {}", operation.toString(), resource );
-                }
-                else
-                {
-                    log.debug( "permission map does not contain operation: {}", operation.toString() );
-                }
-            }
-            // check if guest user is enabled, if so check the global permissions
-            User guest = userManager.getGuestUser();
-
-            if ( !guest.isLocked() )
-            {
-                // Set permissions = manager.getAssignedPermissions( principal.toString(), operation );
-                Map<String, List<Permission>> permissionMap =
-                    manager.getAssignedPermissionMap( guest.getPrincipal().toString() );
-
-                if ( permissionMap.keySet().contains( operation.toString() ) )
-                {
-                    for ( Permission permission : permissionMap.get( operation.toString() ) )
-                    {
-                        log.debug( "checking permission {}", permission.getName() );
-
-                        if ( evaluator.evaluate( permission, operation, resource, guest.getPrincipal() ) )
-                        {
-                            return new AuthorizationResult( true, permission, null );
-                        }
-                    }
-                }
-            }
-
-            return new AuthorizationResult( false, null, new NotAuthorizedException( "no matching permissions" ) );
-        }
-        catch ( PermissionEvaluationException pe )
-        {
-            return new AuthorizationResult( false, null, pe );
-        }
-        catch ( RbacObjectNotFoundException nfe )
-        {
-            return new AuthorizationResult( false, null, nfe );
-        }
-        catch ( UserNotFoundException ne )
-        {
-            return new AuthorizationResult( false, null,
-                                            new NotAuthorizedException( "no matching permissions, guest not found" ) );
-        }
-        catch ( RbacManagerException rme )
-        {
-            return new AuthorizationResult( false, null, rme );
-        }
-    }
-
-    public RBACManager getManager()
-    {
-        return manager;
-    }
-
-    public void setManager( RBACManager manager )
-    {
-        this.manager = manager;
-    }
-
-    public UserManager getUserManager()
-    {
-        return userManager;
-    }
-
-    public void setUserManager( UserManager userManager )
-    {
-        this.userManager = userManager;
-    }
-
-    public PermissionEvaluator getEvaluator()
-    {
-        return evaluator;
-    }
-
-    public void setEvaluator( PermissionEvaluator evaluator )
-    {
-        this.evaluator = evaluator;
-    }
-}
diff --git a/redback-rbac/redback-authorization-rbac/src/main/java/org/codehaus/plexus/redback/authorization/rbac/evaluator/DefaultPermissionEvaluator.java b/redback-rbac/redback-authorization-rbac/src/main/java/org/codehaus/plexus/redback/authorization/rbac/evaluator/DefaultPermissionEvaluator.java
deleted file mode 100644 (file)
index 39ab53c..0000000
+++ /dev/null
@@ -1,106 +0,0 @@
-package org.codehaus.plexus.redback.authorization.rbac.evaluator;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-import org.apache.archiva.redback.rbac.Resource;
-import org.apache.archiva.redback.users.UserManager;
-import org.apache.archiva.redback.users.UserNotFoundException;
-import org.apache.archiva.redback.rbac.Permission;
-import org.springframework.stereotype.Service;
-
-import javax.inject.Inject;
-import javax.inject.Named;
-
-/**
- * DefaultPermissionEvaluator:
- * <p/>
- * Currently only one expression is available for evaluation, ${username} will be replaced with the username
- * of the person making the authorization check
- *
- * @author Jesse McConnell <jesse@codehaus.org>
- * @version $Id$
- */
-@Service("permissionEvaluator")
-public class DefaultPermissionEvaluator
-    implements PermissionEvaluator
-{
-    @Inject
-    @Named(value="userManager#configurable")
-    private UserManager userManager;
-
-    public boolean evaluate( Permission permission, Object operation, Object resource, Object principal )
-        throws PermissionEvaluationException
-    {
-        String permissionResource = permission.getResource().getIdentifier();
-
-        // expression evaluation checking
-        if ( permissionResource.startsWith( "${" ) )
-        {
-            String tempStr = permissionResource.substring( 2, permissionResource.indexOf( '}' ) );
-
-            if ( "username".equals( tempStr ) )
-            {
-                try
-                {
-                    permissionResource = userManager.findUser( principal.toString() ).getUsername();
-                }
-                catch ( UserNotFoundException ne )
-                {
-                    throw new PermissionEvaluationException( "unable to locate user to retrieve username", ne );
-                }
-            }
-        }
-
-        // check if this permission applies to the operation at all
-        if ( permission.getOperation().getName().equals( operation.toString() ) )
-        {
-            // check if it is a global resource, if it is then since the operations match we return true
-            if ( Resource.GLOBAL.equals( permission.getResource().getIdentifier() ) )
-            {
-                return true;
-            }
-
-            // if we are not checking a specific resource, the operation is enough
-            if ( resource == null )
-            {
-                return true;
-            }
-            
-            // check if the resource identifier of the permission matches the resource we are checking against
-            // if it does then return true
-            if ( permissionResource.equals( resource.toString() ) )
-            {
-                return true;
-            }
-        }
-
-        return false;
-    }
-
-    public UserManager getUserManager()
-    {
-        return userManager;
-    }
-
-    public void setUserManager( UserManager userManager )
-    {
-        this.userManager = userManager;
-    }
-}
diff --git a/redback-rbac/redback-authorization-rbac/src/main/java/org/codehaus/plexus/redback/authorization/rbac/evaluator/PermissionEvaluationException.java b/redback-rbac/redback-authorization-rbac/src/main/java/org/codehaus/plexus/redback/authorization/rbac/evaluator/PermissionEvaluationException.java
deleted file mode 100644 (file)
index 92e7652..0000000
+++ /dev/null
@@ -1,41 +0,0 @@
-package org.codehaus.plexus.redback.authorization.rbac.evaluator;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-/**
- * PermissionEvaluationException:
- *
- * @author Jesse McConnell <jmcconnell@apache.org>
- * @version $Id$
- */
-public class PermissionEvaluationException
-    extends Exception
-{
-    public PermissionEvaluationException( String string )
-    {
-        super( string );
-    }
-
-    public PermissionEvaluationException( String string, Throwable throwable )
-    {
-        super( string, throwable );
-    }
-
-}
diff --git a/redback-rbac/redback-authorization-rbac/src/main/java/org/codehaus/plexus/redback/authorization/rbac/evaluator/PermissionEvaluator.java b/redback-rbac/redback-authorization-rbac/src/main/java/org/codehaus/plexus/redback/authorization/rbac/evaluator/PermissionEvaluator.java
deleted file mode 100644 (file)
index 922be0c..0000000
+++ /dev/null
@@ -1,35 +0,0 @@
-package org.codehaus.plexus.redback.authorization.rbac.evaluator;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-import org.apache.archiva.redback.rbac.Permission;
-
-
-/**
- * PermissionEvaluator:
- *
- * @author Jesse McConnell <jmcconnell@apache.org>
- * @version $Id$
- */
-public interface PermissionEvaluator
-{
-    boolean evaluate( Permission permission, Object operation, Object resource, Object principal )
-        throws PermissionEvaluationException;
-}
index 26062d5fcb399f9d17a5e3f59da12153df1a1bc8..9a306403a5a3788091b2d66a35a3b143853f809e 100644 (file)
@@ -29,6 +29,6 @@
 
   <context:annotation-config />
   <context:component-scan 
-    base-package="org.codehaus.plexus.redback.authorization.rbac"/>
+    base-package="org.apache.archiva.redback.authorization.rbac"/>
  
 </beans>
\ No newline at end of file
diff --git a/redback-rbac/redback-authorization-rbac/src/test/java/org/apache/archiva/redback/authorization/rbac/evaluator/PermissionEvaluatorTest.java b/redback-rbac/redback-authorization-rbac/src/test/java/org/apache/archiva/redback/authorization/rbac/evaluator/PermissionEvaluatorTest.java
new file mode 100644 (file)
index 0000000..ef67897
--- /dev/null
@@ -0,0 +1,68 @@
+package org.apache.archiva.redback.authorization.rbac.evaluator;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import junit.framework.TestCase;
+import org.apache.archiva.redback.authorization.rbac.evaluator.PermissionEvaluationException;
+import org.apache.archiva.redback.authorization.rbac.evaluator.PermissionEvaluator;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.Operation;
+import org.apache.archiva.redback.rbac.Resource;
+import org.codehaus.plexus.redback.rbac.memory.MemoryOperation;
+import org.codehaus.plexus.redback.rbac.memory.MemoryPermission;
+import org.codehaus.plexus.redback.rbac.memory.MemoryResource;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import javax.inject.Inject;
+
+@RunWith( SpringJUnit4ClassRunner.class )
+@ContextConfiguration( locations = { "classpath*:/META-INF/spring-context.xml", "classpath*:/spring-context.xml" } )
+public class PermissionEvaluatorTest
+    extends TestCase
+{
+
+    @Inject
+    PermissionEvaluator permissionEvaluator;
+
+    @Test
+    public void testNullResource()
+        throws PermissionEvaluationException
+    {
+        // null resources should be considered as matching if any resource is obtained.
+        // we do this instead of using "global" as that is the inverse - you are allocated global rights,
+        // which is right to everything. null is the right to anything.
+
+        Resource resource = new MemoryResource();
+        resource.setIdentifier( "Resource" );
+
+        Operation operation = new MemoryOperation();
+        operation.setName( "Operation" );
+
+        Permission permission = new MemoryPermission();
+        permission.setName( "Permission" );
+        permission.setOperation( operation );
+        permission.setResource( resource );
+
+        assertTrue( permissionEvaluator.evaluate( permission, "Operation", null, "brett" ) );
+    }
+}
diff --git a/redback-rbac/redback-authorization-rbac/src/test/java/org/codehaus/plexus/redback/authorization/rbac/evaluator/PermissionEvaluatorTest.java b/redback-rbac/redback-authorization-rbac/src/test/java/org/codehaus/plexus/redback/authorization/rbac/evaluator/PermissionEvaluatorTest.java
deleted file mode 100644 (file)
index d96636d..0000000
+++ /dev/null
@@ -1,66 +0,0 @@
-package org.codehaus.plexus.redback.authorization.rbac.evaluator;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-import junit.framework.TestCase;
-import org.apache.archiva.redback.rbac.Permission;
-import org.apache.archiva.redback.rbac.Operation;
-import org.apache.archiva.redback.rbac.Resource;
-import org.codehaus.plexus.redback.rbac.memory.MemoryOperation;
-import org.codehaus.plexus.redback.rbac.memory.MemoryPermission;
-import org.codehaus.plexus.redback.rbac.memory.MemoryResource;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-
-import javax.inject.Inject;
-
-@RunWith( SpringJUnit4ClassRunner.class )
-@ContextConfiguration( locations = { "classpath*:/META-INF/spring-context.xml", "classpath*:/spring-context.xml" } )
-public class PermissionEvaluatorTest
-    extends TestCase
-{
-
-    @Inject
-    PermissionEvaluator permissionEvaluator;
-
-    @Test
-    public void testNullResource()
-        throws PermissionEvaluationException
-    {
-        // null resources should be considered as matching if any resource is obtained.
-        // we do this instead of using "global" as that is the inverse - you are allocated global rights,
-        // which is right to everything. null is the right to anything.
-
-        Resource resource = new MemoryResource();
-        resource.setIdentifier( "Resource" );
-
-        Operation operation = new MemoryOperation();
-        operation.setName( "Operation" );
-
-        Permission permission = new MemoryPermission();
-        permission.setName( "Permission" );
-        permission.setOperation( operation );
-        permission.setResource( resource );
-
-        assertTrue( permissionEvaluator.evaluate( permission, "Operation", null, "brett" ) );
-    }
-}