import org.apache.archiva.redback.users.UserManager;
import org.apache.archiva.redback.keys.KeyManager;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.RbacManagerException;
import javax.xml.stream.XMLStreamException;
import java.io.File;
import org.apache.archiva.redback.keys.AuthenticationKey;
import org.apache.archiva.redback.keys.KeyManager;
+import org.apache.archiva.redback.rbac.Operation;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.Role;
import org.apache.archiva.redback.users.UserManager;
import org.apache.archiva.redback.keys.KeyManagerException;
import org.codehaus.plexus.redback.keys.jdo.AuthenticationKeyDatabase;
import org.codehaus.plexus.redback.keys.jdo.io.stax.RedbackKeyManagementJdoStaxReader;
import org.codehaus.plexus.redback.keys.jdo.io.stax.RedbackKeyManagementJdoStaxWriter;
-import org.codehaus.plexus.redback.rbac.Operation;
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.Resource;
-import org.codehaus.plexus.redback.rbac.Role;
-import org.codehaus.plexus.redback.rbac.UserAssignment;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.UserAssignment;
import org.codehaus.plexus.redback.rbac.jdo.RbacDatabase;
import org.codehaus.plexus.redback.rbac.jdo.io.stax.RbacJdoModelStaxReader;
import org.codehaus.plexus.redback.rbac.jdo.io.stax.RbacJdoModelStaxWriter;
import org.apache.archiva.redback.common.jdo.UserConfigurableJdoFactory;
import org.apache.archiva.redback.keys.AuthenticationKey;
import org.apache.archiva.redback.keys.KeyManager;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.UserAssignment;
import org.apache.archiva.redback.users.UserManager;
import org.apache.commons.lang.SystemUtils;
import org.apache.archiva.redback.keys.KeyManagerException;
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.Role;
-import org.codehaus.plexus.redback.rbac.UserAssignment;
+import org.apache.archiva.redback.rbac.RbacManagerException;
import org.codehaus.plexus.redback.tests.utils.RBACDefaults;
import org.apache.archiva.redback.users.User;
import org.codehaus.plexus.util.FileUtils;
* under the License.
*/
+import org.apache.archiva.redback.rbac.RBACManager;
import org.apache.archiva.redback.users.UserNotFoundException;
import org.apache.commons.lang.StringUtils;
import org.apache.archiva.redback.authentication.PasswordBasedAuthenticationDataSource;
import org.apache.archiva.redback.configuration.UserConfiguration;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.Role;
import org.codehaus.plexus.redback.role.RoleManager;
import org.codehaus.plexus.redback.role.RoleManagerException;
import org.codehaus.plexus.redback.system.SecuritySession;
* under the License.
*/
+import org.apache.archiva.redback.rbac.RbacManagerException;
import org.apache.archiva.redback.users.UserNotFoundException;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.UserAssignment;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.UserAssignment;
import org.codehaus.plexus.redback.system.check.EnvironmentCheck;
import org.apache.archiva.redback.users.User;
import org.apache.archiva.redback.users.UserManager;
import java.util.ArrayList;
import java.util.List;
-import org.codehaus.plexus.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Resource;
/**
* SecureActionBundle:
* under the License.
*/
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.Role;
/**
* EditRoleDetails - Existing user Role Details.
* specific language governing permissions and limitations
* under the License.
*/
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.UserAssignment;
import org.apache.archiva.redback.users.UserManager;
import org.apache.commons.lang.StringEscapeUtils;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.Role;
-import org.codehaus.plexus.redback.rbac.UserAssignment;
import org.codehaus.plexus.redback.system.SecuritySystem;
import org.apache.archiva.redback.users.User;
import org.codehaus.redback.integration.util.RoleSorter;
import java.util.Comparator;
-import org.codehaus.plexus.redback.rbac.Operation;
+import org.apache.archiva.redback.rbac.Operation;
/**
* OperationSorter
import java.util.Comparator;
-import org.codehaus.plexus.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.Permission;
/**
* PermissionSorter
import java.util.Comparator;
-import org.codehaus.plexus.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Resource;
/**
* ResourceSorter
import java.util.Comparator;
-import org.codehaus.plexus.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.Role;
/**
* RoleSorter
import java.util.Comparator;
-import org.codehaus.plexus.redback.rbac.TemplatedRole;
+import org.apache.archiva.redback.rbac.TemplatedRole;
/**
* TemplatedRoleSorter
import org.apache.archiva.redback.policy.AccountLockedException;
import org.apache.archiva.redback.policy.UserSecurityPolicy;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.UserAssignment;
import org.apache.archiva.redback.users.User;
import org.apache.archiva.redback.users.UserNotFoundException;
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.UserAssignment;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.RbacManagerException;
import org.apache.archiva.redback.users.UserManager;
import org.jsecurity.authc.AuthenticationException;
import org.jsecurity.authc.AuthenticationInfo;
import junit.framework.TestCase;
import org.apache.archiva.redback.policy.UserSecurityPolicy;
+import org.apache.archiva.redback.rbac.Role;
import org.apache.archiva.redback.users.User;
-import org.codehaus.plexus.redback.rbac.Operation;
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.Resource;
-import org.codehaus.plexus.redback.rbac.Role;
-import org.codehaus.plexus.redback.rbac.UserAssignment;
+import org.apache.archiva.redback.rbac.Operation;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.UserAssignment;
import org.apache.archiva.redback.users.UserManager;
import org.jsecurity.authc.IncorrectCredentialsException;
import org.jsecurity.authc.UsernamePasswordToken;
// no op
}
- public Operation( org.codehaus.plexus.redback.rbac.Operation operation )
+ public Operation( org.apache.archiva.redback.rbac.Operation operation )
{
this.name = operation.getName();
this.description = operation.getDescription();
// no op
}
- public Permission( org.codehaus.plexus.redback.rbac.Permission permission )
+ public Permission( org.apache.archiva.redback.rbac.Permission permission )
{
this.name = permission.getName();
this.description = permission.getDescription();
// no op
}
- public Resource( org.codehaus.plexus.redback.rbac.Resource resource )
+ public Resource( org.apache.archiva.redback.rbac.Resource resource )
{
this.identifier = resource.getIdentifier();
this.pattern = resource.isPattern();
this.name = name;
}
- public Role( org.codehaus.plexus.redback.rbac.Role role )
+ public Role( org.apache.archiva.redback.rbac.Role role )
{
this.name = role.getName();
this.description = role.getDescription();
}
else
{
- for ( org.codehaus.plexus.redback.rbac.Permission p : role.getPermissions() )
+ for ( org.apache.archiva.redback.rbac.Permission p : role.getPermissions() )
{
this.permissions.add( new Permission( p ) );
}
* under the License.
*/
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.UserAssignment;
import org.apache.archiva.redback.users.User;
import org.apache.archiva.redback.users.UserManager;
import org.apache.archiva.redback.users.UserNotFoundException;
import org.apache.commons.lang.StringUtils;
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.Resource;
-import org.codehaus.plexus.redback.rbac.UserAssignment;
import org.codehaus.plexus.redback.role.RoleManager;
import org.codehaus.plexus.redback.role.RoleManagerException;
import org.codehaus.plexus.redback.role.model.ModelApplication;
}
try
{
- List<org.codehaus.plexus.redback.rbac.Role> roles =
+ List<org.apache.archiva.redback.rbac.Role> roles =
filterAssignableRoles( rbacManager.getEffectivelyAssignedRoles( username ) );
List<Role> effectivelyAssignedRoles = new ArrayList<Role>( roles.size() );
- for ( org.codehaus.plexus.redback.rbac.Role r : roles )
+ for ( org.apache.archiva.redback.rbac.Role r : roles )
{
effectivelyAssignedRoles.add( new Role( r ) );
}
{
try
{
- List<org.codehaus.plexus.redback.rbac.Role> roles = rbacManager.getAllRoles();
+ List<org.apache.archiva.redback.rbac.Role> roles = rbacManager.getAllRoles();
if ( roles == null )
{
List<Role> res = new ArrayList<Role>( roles.size() );
- for ( org.codehaus.plexus.redback.rbac.Role r : roles )
+ for ( org.apache.archiva.redback.rbac.Role r : roles )
{
res.add( new Role( r ) );
}
{
try
{
- List<org.codehaus.plexus.redback.rbac.Role> roles = rbacManager.getAllRoles();
+ List<org.apache.archiva.redback.rbac.Role> roles = rbacManager.getAllRoles();
if ( roles == null )
{
List<Role> res = new ArrayList<Role>( roles.size() );
- for ( org.codehaus.plexus.redback.rbac.Role r : roles )
+ for ( org.apache.archiva.redback.rbac.Role r : roles )
{
res.add( getRole( r.getName() ) );
}
}
}
- private List<org.codehaus.plexus.redback.rbac.Role> filterAssignableRoles(
- Collection<org.codehaus.plexus.redback.rbac.Role> roles )
+ private List<org.apache.archiva.redback.rbac.Role> filterAssignableRoles(
+ Collection<org.apache.archiva.redback.rbac.Role> roles )
{
- List<org.codehaus.plexus.redback.rbac.Role> assignableRoles =
- new ArrayList<org.codehaus.plexus.redback.rbac.Role>( roles.size() );
- for ( org.codehaus.plexus.redback.rbac.Role r : roles )
+ List<org.apache.archiva.redback.rbac.Role> assignableRoles =
+ new ArrayList<org.apache.archiva.redback.rbac.Role>( roles.size() );
+ for ( org.apache.archiva.redback.rbac.Role r : roles )
{
if ( r.isAssignable() )
{
{
try
{
- org.codehaus.plexus.redback.rbac.Role rbacRole = rbacManager.getRole( roleName );
+ org.apache.archiva.redback.rbac.Role rbacRole = rbacManager.getRole( roleName );
Role role = new Role( rbacRole );
- Map<String, org.codehaus.plexus.redback.rbac.Role> parentRoles = rbacManager.getParentRoles( rbacRole );
+ Map<String, org.apache.archiva.redback.rbac.Role> parentRoles = rbacManager.getParentRoles( rbacRole );
for ( String parentRoleName : parentRoles.keySet() )
{
role.getParentRoleNames().add( parentRoleName );
{
try
{
- org.codehaus.plexus.redback.rbac.Role rbacRole = rbacManager.getRole( roleName );
+ org.apache.archiva.redback.rbac.Role rbacRole = rbacManager.getRole( roleName );
rbacRole.setDescription( description );
rbacManager.saveRole( rbacRole );
}
rbacManager.saveUserAssignment( assignment );
}
- List<org.codehaus.plexus.redback.rbac.Role> allRoles =
+ List<org.apache.archiva.redback.rbac.Role> allRoles =
filterRolesForCurrentUserAccess( rbacManager.getAllRoles() );
List<ModelApplication> modelApplications = roleManager.getModel().getApplications();
applicationRoles.setDescription( modelApplication.getDescription() );
applicationRoles.setName( modelApplication.getId() );
- Collection<org.codehaus.plexus.redback.rbac.Role> appRoles =
+ Collection<org.apache.archiva.redback.rbac.Role> appRoles =
filterApplicationRoles( modelApplication, allRoles, modelApplication.getTemplates() );
applicationRoles.setGlobalRoles( toRoleNames( appRoles ) );
// Internal methods
//----------------------------------------------------------------
- private org.codehaus.plexus.redback.rbac.Role isInList( String roleName,
- Collection<org.codehaus.plexus.redback.rbac.Role> roles )
+ private org.apache.archiva.redback.rbac.Role isInList( String roleName,
+ Collection<org.apache.archiva.redback.rbac.Role> roles )
{
- for ( org.codehaus.plexus.redback.rbac.Role role : roles )
+ for ( org.apache.archiva.redback.rbac.Role role : roles )
{
if ( roleName.equals( role.getName() ) )
{
return null;
}
- private Collection<org.codehaus.plexus.redback.rbac.Role> filterApplicationRoles( ModelApplication application,
- List<org.codehaus.plexus.redback.rbac.Role> allRoles,
+ private Collection<org.apache.archiva.redback.rbac.Role> filterApplicationRoles( ModelApplication application,
+ List<org.apache.archiva.redback.rbac.Role> allRoles,
List<ModelTemplate> applicationTemplates )
{
- Set<org.codehaus.plexus.redback.rbac.Role> applicationRoles =
- new HashSet<org.codehaus.plexus.redback.rbac.Role>();
+ Set<org.apache.archiva.redback.rbac.Role> applicationRoles =
+ new HashSet<org.apache.archiva.redback.rbac.Role>();
List<ModelRole> roles = application.getRoles();
for ( ModelRole modelRole : roles )
{
- org.codehaus.plexus.redback.rbac.Role r = isInList( modelRole.getName(), allRoles );
+ org.apache.archiva.redback.rbac.Role r = isInList( modelRole.getName(), allRoles );
if ( r != null )
{
applicationRoles.add( r );
for ( ModelTemplate modelTemplate : applicationTemplates )
{
- for ( org.codehaus.plexus.redback.rbac.Role r : allRoles )
+ for ( org.apache.archiva.redback.rbac.Role r : allRoles )
{
if ( StringUtils.startsWith( r.getName(),
modelTemplate.getNamePrefix() + modelTemplate.getDelimiter() ) )
return false;
}
- private List<String> toRoleNames( Collection<org.codehaus.plexus.redback.rbac.Role> roles )
+ private List<String> toRoleNames( Collection<org.apache.archiva.redback.rbac.Role> roles )
{
List<String> names = new ArrayList<String>( roles.size() );
- for ( org.codehaus.plexus.redback.rbac.Role r : roles )
+ for ( org.apache.archiva.redback.rbac.Role r : roles )
{
names.add( r.getName() );
}
}
private Set<String> discoverResources( List<ModelTemplate> applicationTemplates,
- Collection<org.codehaus.plexus.redback.rbac.Role> roles )
+ Collection<org.apache.archiva.redback.rbac.Role> roles )
{
Set<String> resources = new HashSet<String>();
for ( ModelTemplate modelTemplate : applicationTemplates )
{
- for ( org.codehaus.plexus.redback.rbac.Role role : roles )
+ for ( org.apache.archiva.redback.rbac.Role role : roles )
{
String roleName = role.getName();
if ( roleName.startsWith( modelTemplate.getNamePrefix() ) )
*
* @param roleList
* @return
- * @throws org.codehaus.plexus.redback.rbac.RbacManagerException
+ * @throws org.apache.archiva.redback.rbac.RbacManagerException
*
*/
- protected List<org.codehaus.plexus.redback.rbac.Role> filterRolesForCurrentUserAccess(
- List<org.codehaus.plexus.redback.rbac.Role> roleList )
+ protected List<org.apache.archiva.redback.rbac.Role> filterRolesForCurrentUserAccess(
+ List<org.apache.archiva.redback.rbac.Role> roleList )
throws RedbackServiceException
{
RedbackRequestInformation redbackRequestInformation = RedbackAuthenticationThreadLocal.get();
}
String currentUser = redbackRequestInformation.getUser().getUsername();
- List<org.codehaus.plexus.redback.rbac.Role> filteredRoleList =
- new ArrayList<org.codehaus.plexus.redback.rbac.Role>();
+ List<org.apache.archiva.redback.rbac.Role> filteredRoleList =
+ new ArrayList<org.apache.archiva.redback.rbac.Role>();
try
{
Map<String, List<Permission>> assignedPermissionMap = rbacManager.getAssignedPermissionMap( currentUser );
// we should have a list of resourceGrants now, this will provide us with the information necessary to restrict
// the role list
- for ( org.codehaus.plexus.redback.rbac.Role role : roleList )
+ for ( org.apache.archiva.redback.rbac.Role role : roleList )
{
int delimiterIndex = role.getName().indexOf( delimiter );
for ( String resourceIdentifier : resourceGrants )
import org.apache.archiva.redback.keys.AuthenticationKey;
import org.apache.archiva.redback.policy.AccountLockedException;
import org.apache.archiva.redback.policy.MustChangePasswordException;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.UserAssignment;
import org.apache.archiva.redback.users.UserManager;
import org.apache.archiva.redback.users.UserNotFoundException;
import org.apache.commons.lang.StringUtils;
import org.apache.archiva.redback.keys.KeyNotFoundException;
import org.apache.archiva.redback.policy.PasswordEncoder;
import org.apache.archiva.redback.policy.UserSecurityPolicy;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.RbacObjectNotFoundException;
-import org.codehaus.plexus.redback.rbac.UserAssignment;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.RbacObjectNotFoundException;
import org.codehaus.plexus.redback.role.RoleManager;
import org.codehaus.plexus.redback.role.RoleManagerException;
import org.codehaus.plexus.redback.system.SecuritySystem;
{
try
{
- Set<org.codehaus.plexus.redback.rbac.Permission> permissions =
+ Set<org.apache.archiva.redback.rbac.Permission> permissions =
rbacManager.getAssignedPermissions( userName );
// FIXME return guest permissions !!
List<Permission> userPermissions = new ArrayList<Permission>( permissions.size() );
- for ( org.codehaus.plexus.redback.rbac.Permission p : permissions )
+ for ( org.apache.archiva.redback.rbac.Permission p : permissions )
{
Permission permission = new Permission();
permission.setName( p.getName() );
* under the License.
*/
+import org.apache.archiva.redback.rbac.RBACManager;
import org.apache.archiva.redback.users.UserManager;
import org.apache.archiva.redback.configuration.UserConfiguration;
-import org.codehaus.plexus.redback.rbac.RBACManager;
import org.codehaus.plexus.redback.role.RoleManager;
import org.codehaus.redback.rest.api.services.UserService;
* under the License.
*/
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Role;
import org.apache.archiva.redback.users.User;
import org.apache.archiva.redback.policy.PasswordRuleViolationException;
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.Resource;
-import org.codehaus.plexus.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.RbacManagerException;
import org.codehaus.plexus.redback.system.SecuritySystem;
import org.codehaus.plexus.util.StringUtils;
import org.codehaus.redback.integration.model.UserCredentials;
*
* @param roleList
* @return
- * @throws org.codehaus.plexus.redback.rbac.RbacManagerException
+ * @throws org.apache.archiva.redback.rbac.RbacManagerException
*
*/
protected List<Role> filterRolesForCurrentUserAccess( List<Role> roleList )
* under the License.
*/
-import org.codehaus.plexus.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Resource;
import org.codehaus.plexus.redback.struts2.action.AbstractSecurityAction;
import org.codehaus.redback.integration.interceptor.SecureActionBundle;
import org.codehaus.redback.integration.interceptor.SecureActionException;
* under the License.
*/
+import org.apache.archiva.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.UserAssignment;
import org.apache.archiva.redback.users.User;
import org.apache.archiva.redback.users.UserNotFoundException;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.RbacObjectNotFoundException;
-import org.codehaus.plexus.redback.rbac.Resource;
-import org.codehaus.plexus.redback.rbac.Role;
-import org.codehaus.plexus.redback.rbac.UserAssignment;
+import org.apache.archiva.redback.rbac.RbacManagerException;
import org.codehaus.plexus.redback.role.RoleManager;
import org.codehaus.plexus.redback.role.model.ModelApplication;
import org.codehaus.plexus.redback.struts2.action.AbstractUserCredentialsAction;
* Duplicate role assignment needs to be taken care of.
*
* @throws RbacManagerException
- * @throws RbacObjectNotFoundException
+ * @throws org.apache.archiva.redback.rbac.RbacObjectNotFoundException
*/
@SuppressWarnings( "unchecked" )
public String show()
*/
import com.opensymphony.xwork2.Preparable;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.Resource;
import org.apache.commons.lang.StringUtils;
import org.apache.archiva.redback.keys.KeyManager;
import org.apache.archiva.redback.management.DataManagementTool;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.Resource;
import org.codehaus.plexus.redback.struts2.action.AbstractSecurityAction;
import org.apache.archiva.redback.users.UserManager;
import org.codehaus.redback.integration.interceptor.SecureAction;
* under the License.
*/
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.UserAssignment;
import org.apache.archiva.redback.users.User;
import org.apache.commons.lang.StringEscapeUtils;
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.Resource;
-import org.codehaus.plexus.redback.rbac.Role;
-import org.codehaus.plexus.redback.rbac.UserAssignment;
import org.codehaus.plexus.redback.struts2.action.AbstractUserCredentialsAction;
import org.codehaus.plexus.redback.struts2.action.AuditEvent;
import org.apache.archiva.redback.users.UserManager;
* under the License.
*/
-import org.codehaus.plexus.redback.rbac.Operation;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Operation;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.Resource;
import org.codehaus.plexus.redback.struts2.action.RedbackActionSupport;
import org.codehaus.redback.integration.interceptor.SecureActionBundle;
import org.codehaus.redback.integration.interceptor.SecureActionException;
* under the License.
*/
-import org.codehaus.plexus.redback.rbac.Operation;
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Operation;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.RbacManagerException;
import org.codehaus.plexus.redback.struts2.action.RedbackActionSupport;
import org.codehaus.plexus.util.StringUtils;
import org.codehaus.redback.integration.interceptor.SecureActionBundle;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts2.ServletActionContext;
-import org.codehaus.plexus.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Resource;
import org.codehaus.plexus.redback.struts2.action.AbstractSecurityAction;
import org.codehaus.redback.integration.interceptor.SecureActionBundle;
import org.codehaus.redback.integration.interceptor.SecureActionException;
* under the License.
*/
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.RbacManagerException;
import org.codehaus.plexus.redback.struts2.action.AbstractSecurityAction;
import org.codehaus.redback.integration.interceptor.SecureActionBundle;
import org.codehaus.redback.integration.interceptor.SecureActionException;
* under the License.
*/
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.Resource;
-import org.codehaus.plexus.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.RBACManager;
import org.codehaus.plexus.redback.struts2.action.AbstractSecurityAction;
import org.codehaus.plexus.redback.struts2.action.AuditEvent;
import org.codehaus.plexus.util.StringUtils;
* under the License.
*/
-import org.codehaus.plexus.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Resource;
import org.codehaus.plexus.redback.role.RoleManager;
import org.codehaus.plexus.redback.role.model.RedbackRoleModel;
import org.codehaus.plexus.redback.struts2.action.AbstractSecurityAction;
* under the License.
*/
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.Resource;
-import org.codehaus.plexus.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.RbacManagerException;
import org.codehaus.plexus.redback.struts2.action.AbstractUserCredentialsAction;
import org.codehaus.redback.integration.interceptor.SecureActionBundle;
import org.codehaus.redback.integration.interceptor.SecureActionException;
* under the License.
*/
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.Resource;
import org.apache.commons.beanutils.PropertyUtils;
import org.apache.commons.lang.StringEscapeUtils;
import org.apache.commons.lang.StringUtils;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.Resource;
import org.codehaus.plexus.redback.struts2.action.AbstractSecurityAction;
import org.codehaus.plexus.redback.system.SecuritySystem;
import org.codehaus.plexus.registry.Registry;
import java.util.Arrays;
import org.apache.archiva.redback.policy.UserSecurityPolicy;
-import org.codehaus.plexus.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Resource;
import org.codehaus.plexus.redback.struts2.action.AbstractUserCredentialsAction;
import org.codehaus.plexus.redback.struts2.action.AuditEvent;
import org.apache.archiva.redback.users.User;
* under the License.
*/
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.RbacObjectInvalidException;
+import org.apache.archiva.redback.rbac.Resource;
import org.apache.archiva.redback.users.User;
import org.apache.archiva.redback.users.UserManager;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.RbacObjectInvalidException;
-import org.codehaus.plexus.redback.rbac.RbacObjectNotFoundException;
-import org.codehaus.plexus.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.RbacObjectNotFoundException;
import org.codehaus.plexus.redback.struts2.action.AbstractSecurityAction;
import org.codehaus.plexus.redback.struts2.action.AuditEvent;
import org.codehaus.plexus.redback.struts2.action.CancellableAction;
*/
import org.apache.archiva.redback.policy.PasswordEncoder;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.Resource;
import org.apache.archiva.redback.users.User;
import org.apache.archiva.redback.users.UserNotFoundException;
import org.apache.commons.lang.StringEscapeUtils;
import org.apache.archiva.redback.policy.PasswordRuleViolationException;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.Resource;
-import org.codehaus.plexus.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.Role;
import org.codehaus.plexus.redback.struts2.action.AuditEvent;
import org.codehaus.plexus.redback.struts2.action.CancellableAction;
import org.codehaus.plexus.redback.system.DefaultSecuritySession;
private RBACManager rbacManager;
/**
- * A List of {@link org.codehaus.plexus.redback.rbac.Role} objects.
+ * A List of {@link org.apache.archiva.redback.rbac.Role} objects.
*/
private List<Role> effectivelyAssignedRoles;
* under the License.
*/
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.RbacObjectNotFoundException;
+import org.apache.archiva.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.UserAssignment;
import org.apache.archiva.redback.users.User;
import org.apache.commons.lang.StringEscapeUtils;
import org.apache.struts2.ServletActionContext;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.RbacObjectNotFoundException;
-import org.codehaus.plexus.redback.rbac.Resource;
-import org.codehaus.plexus.redback.rbac.Role;
-import org.codehaus.plexus.redback.rbac.UserAssignment;
+import org.apache.archiva.redback.rbac.RBACManager;
import org.codehaus.plexus.redback.struts2.action.AbstractSecurityAction;
import org.codehaus.plexus.redback.system.SecuritySystem;
import org.apache.archiva.redback.users.UserManager;
* under the License.
*/
-import org.codehaus.plexus.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.Role;
import org.codehaus.plexus.redback.role.model.ModelApplication;
import org.codehaus.plexus.redback.role.model.ModelRole;
import org.codehaus.plexus.redback.role.model.ModelTemplate;
import net.sf.ehcache.CacheManager;
import org.apache.archiva.redback.policy.AccountLockedException;
import org.apache.archiva.redback.policy.MustChangePasswordException;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.RbacObjectInvalidException;
import org.apache.archiva.redback.users.UserManager;
import org.apache.struts2.StrutsSpringTestCase;
import org.apache.archiva.redback.authentication.AuthenticationException;
import org.apache.archiva.redback.authentication.PasswordBasedAuthenticationDataSource;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.RbacObjectInvalidException;
-import org.codehaus.plexus.redback.rbac.UserAssignment;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.UserAssignment;
import org.codehaus.plexus.redback.role.RoleManager;
import org.codehaus.plexus.redback.struts2.action.AbstractUserCredentialsAction;
import org.codehaus.plexus.redback.system.SecuritySession;
import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionProxy;
import org.apache.archiva.redback.authentication.AuthenticationException;
+import org.apache.archiva.redback.rbac.RbacObjectInvalidException;
+import org.apache.archiva.redback.rbac.Role;
import org.apache.archiva.redback.users.UserNotFoundException;
import org.apache.archiva.redback.authorization.AuthorizationResult;
import org.apache.archiva.redback.policy.AccountLockedException;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.RbacObjectInvalidException;
-import org.codehaus.plexus.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.RbacManagerException;
import org.codehaus.plexus.redback.struts2.model.ApplicationRoleDetails;
import org.codehaus.plexus.redback.struts2.model.ApplicationRoleDetails.RoleTableCell;
import org.codehaus.redback.integration.interceptor.SecureActionBundle;
import com.opensymphony.xwork2.Action;
import org.apache.archiva.redback.authentication.AuthenticationException;
import org.apache.archiva.redback.policy.AccountLockedException;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.RbacObjectInvalidException;
+import org.apache.archiva.redback.rbac.Role;
import org.apache.archiva.redback.users.User;
import org.apache.archiva.redback.users.UserNotFoundException;
import org.apache.archiva.redback.authentication.AuthenticationResult;
import org.apache.archiva.redback.policy.MustChangePasswordException;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.RbacObjectInvalidException;
-import org.codehaus.plexus.redback.rbac.RbacObjectNotFoundException;
-import org.codehaus.plexus.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.RbacObjectNotFoundException;
import org.codehaus.plexus.redback.system.DefaultSecuritySession;
import org.codehaus.plexus.redback.system.SecuritySession;
import org.codehaus.plexus.redback.system.SecuritySystemConstants;
<component-set>
<components>
<component>
- <role>org.codehaus.plexus.redback.rbac.RBACManager</role>
+ <role>org.apache.archiva.redback.rbac.RBACManager</role>
<role-hint>cached</role-hint>
<implementation>org.codehaus.plexus.redback.rbac.cached.CachedRbacManager</implementation>
<description>CachedRbacManager is a wrapped RBACManager with caching.</description>
<requirements>
<requirement>
- <role>org.codehaus.plexus.redback.rbac.RBACManager</role>
+ <role>org.apache.archiva.redback.rbac.RBACManager</role>
<role-hint>memory</role-hint>
<field-name>rbacImpl</field-name>
</requirement>
<component-set>
<components>
<component>
- <role>org.codehaus.plexus.redback.rbac.RBACManager</role>
+ <role>org.apache.archiva.redback.rbac.RBACManager</role>
<role-hint>cached</role-hint>
<implementation>org.codehaus.plexus.redback.rbac.cached.CachedRbacManager</implementation>
<description>CachedRbacManager is a wrapped RBACManager with caching.</description>
<requirements>
<requirement>
- <role>org.codehaus.plexus.redback.rbac.RBACManager</role>
+ <role>org.apache.archiva.redback.rbac.RBACManager</role>
<role-hint>memory</role-hint>
<field-name>rbacImpl</field-name>
</requirement>
<!--
<component>
- <role>org.codehaus.plexus.redback.rbac.RBACManager</role>
+ <role>org.apache.archiva.redback.rbac.RBACManager</role>
<role-hint>cached</role-hint>
<implementation>org.codehaus.plexus.redback.rbac.cached.CachedRbacManager</implementation>
<description>CachedRbacManager is a wrapped RBACManager with caching.</description>
<requirements>
<requirement>
- <role>org.codehaus.plexus.redback.rbac.RBACManager</role>
+ <role>org.apache.archiva.redback.rbac.RBACManager</role>
<role-hint>memory</role-hint>
<field-name>rbacImpl</field-name>
</requirement>
* under the License.
*/
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.RbacManagerException;
import org.apache.archiva.redback.users.UserNotFoundException;
import org.apache.archiva.redback.authorization.AuthorizationDataSource;
import org.apache.archiva.redback.authorization.AuthorizationException;
import org.apache.archiva.redback.authorization.NotAuthorizedException;
import org.codehaus.plexus.redback.authorization.rbac.evaluator.PermissionEvaluationException;
import org.codehaus.plexus.redback.authorization.rbac.evaluator.PermissionEvaluator;
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.RbacObjectNotFoundException;
+import org.apache.archiva.redback.rbac.RbacObjectNotFoundException;
import org.apache.archiva.redback.users.User;
import org.apache.archiva.redback.users.UserManager;
import org.slf4j.Logger;
* under the License.
*/
+import org.apache.archiva.redback.rbac.Resource;
import org.apache.archiva.redback.users.UserManager;
import org.apache.archiva.redback.users.UserNotFoundException;
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Permission;
import org.springframework.stereotype.Service;
import javax.inject.Inject;
* under the License.
*/
-import org.codehaus.plexus.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.Permission;
/**
*/
import junit.framework.TestCase;
-import org.codehaus.plexus.redback.rbac.Operation;
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.Operation;
+import org.apache.archiva.redback.rbac.Resource;
import org.codehaus.plexus.redback.rbac.memory.MemoryOperation;
import org.codehaus.plexus.redback.rbac.memory.MemoryPermission;
import org.codehaus.plexus.redback.rbac.memory.MemoryResource;
--- /dev/null
+package org.apache.archiva.redback.rbac;
+
+/*
+ * Copyright 2001-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.codehaus.plexus.util.CollectionUtils;
+import org.codehaus.plexus.util.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.annotation.PostConstruct;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+/**
+ * AbstractRBACManager
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public abstract class AbstractRBACManager
+ implements RBACManager
+{
+ protected Logger log = LoggerFactory.getLogger( getClass() );
+
+ private List<RBACManagerListener> listeners = new ArrayList<RBACManagerListener>( 0 );
+
+ private Resource globalResource;
+
+ @PostConstruct
+ public void initialize()
+ {
+ //no op
+ }
+
+ public void addListener( RBACManagerListener listener )
+ {
+ if ( !listeners.contains( listener ) )
+ {
+ listeners.add( listener );
+ }
+ }
+
+ public void removeListener( RBACManagerListener listener )
+ {
+ listeners.remove( listener );
+ }
+
+ public void fireRbacInit( boolean freshdb )
+ {
+ Iterator<RBACManagerListener> it = listeners.iterator();
+ while ( it.hasNext() )
+ {
+ RBACManagerListener listener = it.next();
+ try
+ {
+ listener.rbacInit( freshdb );
+ }
+ catch ( Exception e )
+ {
+ log.warn( "Unable to trigger .rbacInit( boolean ) to " + listener.getClass().getName(), e );
+ }
+ }
+ }
+
+ public void fireRbacRoleSaved( Role role )
+ {
+ Iterator<RBACManagerListener> it = listeners.iterator();
+ while ( it.hasNext() )
+ {
+ RBACManagerListener listener = it.next();
+ try
+ {
+ listener.rbacRoleSaved( role );
+ }
+ catch ( Exception e )
+ {
+ log.warn( "Unable to trigger .rbacRoleSaved( Role ) to " + listener.getClass().getName(), e );
+ }
+ }
+ }
+
+ public void fireRbacRoleRemoved( Role role )
+ {
+ Iterator<RBACManagerListener> it = listeners.iterator();
+ while ( it.hasNext() )
+ {
+ RBACManagerListener listener = it.next();
+ try
+ {
+ listener.rbacRoleRemoved( role );
+ }
+ catch ( Exception e )
+ {
+ log.warn( "Unable to trigger .rbacRoleRemoved( Role ) to " + listener.getClass().getName(), e );
+ }
+ }
+ }
+
+ public void fireRbacPermissionSaved( Permission permission )
+ {
+ Iterator<RBACManagerListener> it = listeners.iterator();
+ while ( it.hasNext() )
+ {
+ RBACManagerListener listener = it.next();
+ try
+ {
+ listener.rbacPermissionSaved( permission );
+ }
+ catch ( Exception e )
+ {
+ log.warn( "Unable to trigger .rbacPermissionSaved( Permission ) to " + listener.getClass().getName(),
+ e );
+ }
+ }
+ }
+
+ public void fireRbacPermissionRemoved( Permission permission )
+ {
+ Iterator<RBACManagerListener> it = listeners.iterator();
+ while ( it.hasNext() )
+ {
+ RBACManagerListener listener = it.next();
+ try
+ {
+ listener.rbacPermissionRemoved( permission );
+ }
+ catch ( Exception e )
+ {
+ log.warn( "Unable to trigger .rbacPermissionRemoved( Permission ) to " + listener.getClass().getName(),
+ e );
+ }
+ }
+ }
+
+ public void fireRbacUserAssignmentSaved( UserAssignment userAssignment )
+ {
+ Iterator<RBACManagerListener> it = listeners.iterator();
+ while ( it.hasNext() )
+ {
+ RBACManagerListener listener = it.next();
+ try
+ {
+ listener.rbacUserAssignmentSaved( userAssignment );
+ }
+ catch ( Exception e )
+ {
+ log.warn(
+ "Unable to trigger .rbacUserAssignmentSaved( UserAssignment ) to " + listener.getClass().getName(),
+ e );
+ }
+ }
+ }
+
+ public void fireRbacUserAssignmentRemoved( UserAssignment userAssignment )
+ {
+ Iterator<RBACManagerListener> it = listeners.iterator();
+ while ( it.hasNext() )
+ {
+ RBACManagerListener listener = it.next();
+ try
+ {
+ listener.rbacUserAssignmentRemoved( userAssignment );
+ }
+ catch ( Exception e )
+ {
+ log.warn( "Unable to trigger .rbacUserAssignmentRemoved( UserAssignment ) to "
+ + listener.getClass().getName(), e );
+ }
+ }
+ }
+
+ public void removeRole( String roleName )
+ throws RbacObjectNotFoundException, RbacManagerException
+ {
+ removeRole( getRole( roleName ) );
+ }
+
+ public void removePermission( String permissionName )
+ throws RbacObjectNotFoundException, RbacManagerException
+ {
+ removePermission( getPermission( permissionName ) );
+ }
+
+ public void removeOperation( String operationName )
+ throws RbacObjectNotFoundException, RbacManagerException
+ {
+ removeOperation( getOperation( operationName ) );
+ }
+
+ public void removeResource( String resourceIdentifier )
+ throws RbacObjectNotFoundException, RbacManagerException
+ {
+ removeResource( getResource( resourceIdentifier ) );
+ }
+
+ public void removeUserAssignment( String principal )
+ throws RbacObjectNotFoundException, RbacManagerException
+ {
+ removeUserAssignment( getUserAssignment( principal ) );
+ }
+
+ public boolean resourceExists( Resource resource )
+ {
+ try
+ {
+ return getAllResources().contains( resource );
+ }
+ catch ( RbacManagerException e )
+ {
+ return false;
+ }
+ }
+
+ public boolean resourceExists( String identifier )
+ {
+ try
+ {
+ for ( Resource resource : getAllResources() )
+ {
+ if ( StringUtils.equals( resource.getIdentifier(), identifier ) )
+ {
+ return true;
+ }
+ }
+ }
+ catch ( RbacManagerException e )
+ {
+ return false;
+ }
+
+ return false;
+ }
+
+ public boolean operationExists( Operation operation )
+ {
+ try
+ {
+ return getAllOperations().contains( operation );
+ }
+ catch ( RbacManagerException e )
+ {
+ return false;
+ }
+ }
+
+ public boolean operationExists( String name )
+ {
+ try
+ {
+ for ( Operation operation : getAllOperations() )
+ {
+ if ( StringUtils.equals( operation.getName(), name ) )
+ {
+ return true;
+ }
+ }
+ }
+ catch ( RbacManagerException e )
+ {
+ return false;
+ }
+
+ return false;
+ }
+
+ public boolean permissionExists( Permission permission )
+ {
+ try
+ {
+ return getAllPermissions().contains( permission );
+ }
+ catch ( RbacManagerException e )
+ {
+ return false;
+ }
+ }
+
+ public boolean permissionExists( String name )
+ {
+ try
+ {
+ for ( Permission permission : getAllPermissions() )
+ {
+ if ( StringUtils.equals( permission.getName(), name ) )
+ {
+ return true;
+ }
+ }
+ }
+ catch ( RbacManagerException e )
+ {
+ return false;
+ }
+
+ return false;
+ }
+
+ public boolean roleExists( Role role )
+ {
+ try
+ {
+ return getAllRoles().contains( role );
+ }
+ catch ( RbacManagerException e )
+ {
+ return false;
+ }
+ }
+
+ public boolean roleExists( String name )
+ {
+ try
+ {
+ for ( Role role : getAllRoles() )
+ {
+ if ( StringUtils.equals( role.getName(), name ) )
+ {
+ return true;
+ }
+ }
+ }
+ catch ( RbacManagerException e )
+ {
+ return false;
+ }
+
+ return false;
+ }
+
+ public boolean userAssignmentExists( String principal )
+ {
+ try
+ {
+ for ( UserAssignment assignment : getAllUserAssignments() )
+ {
+ if ( StringUtils.equals( assignment.getPrincipal(), principal ) )
+ {
+ return true;
+ }
+ }
+ }
+ catch ( RbacManagerException e )
+ {
+ return false;
+ }
+
+ return false;
+ }
+
+ public boolean userAssignmentExists( UserAssignment assignment )
+ {
+ try
+ {
+ return getAllUserAssignments().contains( assignment );
+ }
+ catch ( RbacManagerException e )
+ {
+ return false;
+ }
+ }
+
+ /**
+ * returns a set of all permissions that are in all active roles for a given
+ * principal
+ *
+ * @param principal
+ * @return
+ * @throws RbacObjectNotFoundException
+ * @throws RbacManagerException
+ */
+ public Set<Permission> getAssignedPermissions( String principal )
+ throws RbacObjectNotFoundException, RbacManagerException
+ {
+
+ UserAssignment ua = getUserAssignment( principal );
+
+ Set<Permission> permissionSet = new HashSet<Permission>();
+
+ if ( ua.getRoleNames() != null )
+ {
+ boolean childRoleNamesUpdated = false;
+
+ Iterator<String> it = ua.getRoleNames().listIterator();
+ while ( it.hasNext() )
+ {
+ String roleName = it.next();
+ try
+ {
+ Role role = getRole( roleName );
+ gatherUniquePermissions( role, permissionSet );
+ }
+ catch ( RbacObjectNotFoundException e )
+ {
+ // Found a bad role name. remove it!
+ it.remove();
+ childRoleNamesUpdated = true;
+ }
+ }
+
+ if ( childRoleNamesUpdated )
+ {
+ saveUserAssignment( ua );
+ }
+ }
+
+ return permissionSet;
+ }
+
+ /**
+ * returns a map of assigned permissions keyed off of operations
+ *
+ * @param principal
+ * @return
+ * @throws RbacObjectNotFoundException
+ * @throws RbacManagerException
+ */
+ public Map<String, List<Permission>> getAssignedPermissionMap( String principal )
+ throws RbacObjectNotFoundException, RbacManagerException
+ {
+ return getPermissionMapByOperation( getAssignedPermissions( principal ) );
+ }
+
+ private Map<String, List<Permission>> getPermissionMapByOperation( Collection<Permission> permissions )
+ {
+ Map<String, List<Permission>> userPermMap = new HashMap<String, List<Permission>>();
+
+ for ( Permission permission : permissions )
+ {
+ List<Permission> permList = userPermMap.get( permission.getOperation().getName() );
+
+ if ( permList != null )
+ {
+ permList.add( permission );
+ }
+ else
+ {
+ List<Permission> newPermList = new ArrayList<Permission>( permissions.size() );
+ newPermList.add( permission );
+ userPermMap.put( permission.getOperation().getName(), newPermList );
+ }
+ }
+
+ return userPermMap;
+ }
+
+ private void gatherUniquePermissions( Role role, Collection<Permission> coll )
+ throws RbacManagerException
+ {
+ if ( role.getPermissions() != null )
+ {
+ for ( Permission permission : role.getPermissions() )
+ {
+ if ( !coll.contains( permission ) )
+ {
+ coll.add( permission );
+ }
+ }
+ }
+
+ if ( role.hasChildRoles() )
+ {
+ Map<String, Role> childRoles = getChildRoles( role );
+ Iterator<Role> it = childRoles.values().iterator();
+ while ( it.hasNext() )
+ {
+ Role child = it.next();
+ gatherUniquePermissions( child, coll );
+ }
+ }
+ }
+
+ public List<Role> getAllAssignableRoles()
+ throws RbacManagerException, RbacObjectNotFoundException
+ {
+ List<Role> assignableRoles = new ArrayList<Role>();
+
+ for ( Role r : getAllRoles() )
+ {
+ Role role = getRole( r.getName() );
+ if ( role.isAssignable() )
+ {
+ assignableRoles.add( role );
+ }
+ }
+
+ return assignableRoles;
+ }
+
+ /**
+ * returns the active roles for a given principal
+ * <p/>
+ * NOTE: roles that are returned might have have roles themselves, if
+ * you just want all permissions then use {@link #getAssignedPermissions(String principal)}
+ *
+ * @param principal
+ * @return
+ * @throws RbacObjectNotFoundException
+ * @throws RbacManagerException
+ */
+ public Collection<Role> getAssignedRoles( String principal )
+ throws RbacObjectNotFoundException, RbacManagerException
+ {
+ UserAssignment ua = getUserAssignment( principal );
+
+ return getAssignedRoles( ua );
+ }
+
+ /**
+ * returns only the roles that are assigned, not the roles that might be child roles of the
+ * assigned roles.
+ *
+ * @param ua
+ * @return
+ * @throws RbacObjectNotFoundException
+ * @throws RbacManagerException
+ */
+ public Collection<Role> getAssignedRoles( UserAssignment ua )
+ throws RbacObjectNotFoundException, RbacManagerException
+ {
+ Set<Role> roleSet = new HashSet<Role>();
+
+ if ( ua.getRoleNames() != null )
+ {
+ boolean childRoleNamesUpdated = false;
+
+ Iterator<String> it = ua.getRoleNames().listIterator();
+ while ( it.hasNext() )
+ {
+ String roleName = it.next();
+ try
+ {
+ Role role = getRole( roleName );
+
+ if ( !roleSet.contains( role ) )
+ {
+ roleSet.add( role );
+ }
+ }
+ catch ( RbacObjectNotFoundException e )
+ {
+ // Found a bad role name. remove it!
+ it.remove();
+ childRoleNamesUpdated = true;
+ }
+ }
+
+ if ( childRoleNamesUpdated )
+ {
+ saveUserAssignment( ua );
+ }
+ }
+
+ return roleSet;
+ }
+
+ /**
+ * get all of the roles that the give role has as a child into a set
+ *
+ * @param role
+ * @param roleSet
+ * @throws RbacObjectNotFoundException
+ * @throws RbacManagerException
+ */
+ private void gatherEffectiveRoles( Role role, Set<Role> roleSet )
+ throws RbacObjectNotFoundException, RbacManagerException
+ {
+ if ( role.hasChildRoles() )
+ {
+ for ( String roleName : role.getChildRoleNames() )
+ {
+ try
+ {
+ Role crole = getRole( roleName );
+
+ if ( !roleSet.contains( crole ) )
+ {
+ gatherEffectiveRoles( crole, roleSet );
+ }
+ }
+ catch ( RbacObjectNotFoundException e )
+ {
+ // the client application might not manage role clean up totally correctly so we want to notify
+ // of a child role issue and offer a clean up process at some point
+ log.warn( "dangling child role: " + roleName + " on " + role.getName() );
+ }
+ }
+ }
+
+ if ( !roleSet.contains( role ) )
+ {
+ roleSet.add( role );
+ }
+ }
+
+ public Collection<Role> getEffectivelyAssignedRoles( String principal )
+ throws RbacObjectNotFoundException, RbacManagerException
+ {
+ UserAssignment ua = getUserAssignment( principal );
+
+ return getEffectivelyAssignedRoles( ua );
+ }
+
+ public Collection<Role> getEffectivelyAssignedRoles( UserAssignment ua )
+ throws RbacObjectNotFoundException, RbacManagerException
+ {
+ Set<Role> roleSet = new HashSet<Role>();
+
+ if ( ua != null && ua.getRoleNames() != null )
+ {
+ boolean childRoleNamesUpdated = false;
+
+ Iterator<String> it = ua.getRoleNames().listIterator();
+ while ( it.hasNext() )
+ {
+ String roleName = it.next();
+ try
+ {
+ Role role = getRole( roleName );
+
+ gatherEffectiveRoles( role, roleSet );
+ }
+ catch ( RbacObjectNotFoundException e )
+ {
+ // Found a bad role name. remove it!
+ it.remove();
+ childRoleNamesUpdated = true;
+ }
+ }
+
+ if ( childRoleNamesUpdated )
+ {
+ saveUserAssignment( ua );
+ }
+ }
+ return roleSet;
+ }
+
+ /**
+ * @param principal
+ * @return
+ * @throws RbacManagerException
+ * @throws RbacObjectNotFoundException
+ */
+ @SuppressWarnings( "unchecked" )
+ public Collection<Role> getEffectivelyUnassignedRoles( String principal )
+ throws RbacManagerException, RbacObjectNotFoundException
+ {
+ Collection<Role> assignedRoles = getEffectivelyAssignedRoles( principal );
+ List<Role> allRoles = getAllAssignableRoles();
+
+ log.debug( "UR: assigned {}", assignedRoles.size() );
+ log.debug( "UR: available {}", allRoles.size() );
+
+ return CollectionUtils.subtract( allRoles, assignedRoles );
+ }
+
+
+ /**
+ * @param principal
+ * @return
+ * @throws RbacManagerException
+ * @throws RbacObjectNotFoundException
+ */
+ @SuppressWarnings( "unchecked" )
+ public Collection<Role> getUnassignedRoles( String principal )
+ throws RbacManagerException, RbacObjectNotFoundException
+ {
+ Collection<Role> assignedRoles = getAssignedRoles( principal );
+ List<Role> allRoles = getAllAssignableRoles();
+
+ log.debug( "UR: assigned {}", assignedRoles.size() );
+ log.debug( "UR: available {}", allRoles.size() );
+
+ return CollectionUtils.subtract( allRoles, assignedRoles );
+ }
+
+ public Resource getGlobalResource()
+ throws RbacManagerException
+ {
+ if ( globalResource == null )
+ {
+ globalResource = createResource( Resource.GLOBAL );
+ globalResource.setPermanent( true );
+ globalResource = saveResource( globalResource );
+ }
+ return globalResource;
+ }
+
+ public void addChildRole( Role role, Role childRole )
+ throws RbacObjectInvalidException, RbacManagerException
+ {
+ saveRole( childRole );
+ role.addChildRoleName( childRole.getName() );
+ }
+
+ public Map<String, Role> getChildRoles( Role role )
+ throws RbacManagerException
+ {
+ Map<String, Role> childRoles = new HashMap<String, Role>();
+
+ boolean childRoleNamesUpdated = false;
+
+ Iterator<String> it = role.getChildRoleNames().listIterator();
+ while ( it.hasNext() )
+ {
+ String roleName = (String) it.next();
+ try
+ {
+ Role child = getRole( roleName );
+ childRoles.put( child.getName(), child );
+ }
+ catch ( RbacObjectNotFoundException e )
+ {
+ // Found a bad roleName! - remove it.
+ it.remove();
+ childRoleNamesUpdated = true;
+ }
+ }
+
+ if ( childRoleNamesUpdated )
+ {
+ saveRole( role );
+ }
+
+ return childRoles;
+ }
+
+ public Map<String, Role> getParentRoles( Role role )
+ throws RbacManagerException
+ {
+ Map<String, Role> parentRoles = new HashMap<String, Role>();
+
+ for ( Role r : getAllRoles() )
+ {
+ if ( !r.getName().equals( role.getName() ) )
+ {
+ Set<Role> effectiveRoles = getEffectiveRoles( r );
+ for ( Role currentRole : effectiveRoles )
+ {
+ if ( currentRole.getName().equals( role.getName() ) )
+ {
+ if ( !parentRoles.containsKey( r.getName() ) )
+ {
+ parentRoles.put( r.getName(), r );
+ }
+ }
+ }
+ }
+ }
+ return parentRoles;
+ }
+
+ public Set<Role> getEffectiveRoles( Role role )
+ throws RbacObjectNotFoundException, RbacManagerException
+ {
+ Set<Role> roleSet = new HashSet<Role>();
+ gatherEffectiveRoles( role, roleSet );
+
+ return roleSet;
+ }
+
+ public Map<String, Role> getRoles( Collection<String> roleNames )
+ throws RbacObjectNotFoundException, RbacManagerException
+ {
+ Map<String, Role> roleMap = new HashMap<String, Role>();
+
+ for ( String roleName : roleNames )
+ {
+ Role child = getRole( roleName );
+ roleMap.put( child.getName(), child );
+ }
+
+ return roleMap;
+ }
+}
--- /dev/null
+package org.apache.archiva.redback.rbac;
+
+/*
+ * Copyright 2001-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * AbstractRole useful for common logic that implementors can use.
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public abstract class AbstractRole
+ implements Role
+{
+
+ public boolean hasChildRoles()
+ {
+ return ( getChildRoleNames() != null ) && !getChildRoleNames().isEmpty();
+ }
+}
--- /dev/null
+package org.apache.archiva.redback.rbac;
+
+import java.util.List;
+
+/*
+ * Copyright 2001-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * AbstractUserAssignment useful for common logic that implementors can use.
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public abstract class AbstractUserAssignment
+ implements UserAssignment
+{
+
+ public void addRoleName( Role role )
+ {
+ addRoleName( role.getName() );
+ }
+
+ public void addRoleName( String roleName )
+ {
+ List<String> names = getRoleNames();
+ if ( !names.contains( roleName ) )
+ {
+ names.add( roleName );
+ }
+ setRoleNames( names );
+ }
+
+ public void removeRoleName( Role role )
+ {
+ removeRoleName( role.getName() );
+ }
+
+ public void removeRoleName( String roleName )
+ {
+ getRoleNames().remove( roleName );
+ }
+}
--- /dev/null
+package org.apache.archiva.redback.rbac;
+
+/*
+ * Copyright 2001-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * Operation
+ * <p/>
+ * In RBAC the operation is an action or functionality that can be linked with a
+ * particular resource into an assignable Permission. Operations don't exist outside
+ * Permissions.
+ *
+ * @author Jesse McConnell <jmcconnell@apache.org>
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public interface Operation
+{
+
+
+ /**
+ * Long description of an operation.
+ *
+ * @return String
+ */
+ String getDescription();
+
+ /**
+ * name of the operation that is used in the act of authorization
+ * <p/>
+ * 'modify-foo', 'change-password'
+ * <p/>
+ * NOTE: This field is considered the Primary Key for this object.
+ *
+ * @return the name of the operation.
+ */
+ String getName();
+
+ /**
+ * @param description
+ */
+ void setDescription( String description );
+
+ /**
+ * Set name of the operation that is used in the act of authorization
+ * <p/>
+ * 'modify-foo', 'change-password'
+ * <p/>
+ * NOTE: This field is considered the Primary Key for this object.
+ *
+ * @param name
+ */
+ void setName( String name );
+
+ /**
+ * Test to see if the object is a permanent object or not.
+ *
+ * @return true if the object is permanent.
+ */
+ boolean isPermanent();
+
+ /**
+ * Set flag indicating if the object is a permanent object or not.
+ *
+ * @param permanent true if the object is permanent.
+ */
+ void setPermanent( boolean permanent );
+}
\ No newline at end of file
--- /dev/null
+package org.apache.archiva.redback.rbac;
+
+/*
+ * Copyright 2001-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * Permission
+ * <p/>
+ * A permission is the wrapper for an operation and a resource effectively saying
+ * that the operation is authorized for that resource.
+ * <p/>
+ * P(Operation, Resource)
+ *
+ * @author Jesse McConnell <jmcconnell@apache.org>
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public interface Permission
+{
+
+ /**
+ * Long description of the Permission
+ */
+ String getDescription();
+
+ /**
+ * Get the short name of the permission.
+ * <p/>
+ * NOTE: This field is considered the Primary Key for this object.
+ *
+ * @return the short name for this permission.
+ */
+ String getName();
+
+ /**
+ * Operation that this permission is authorizing
+ */
+ Operation getOperation();
+
+ /**
+ * This is the resource associated with this permission.
+ * <p/>
+ * Implementors must always supply a Resource.
+ *
+ * @return the Resource.
+ */
+ Resource getResource();
+
+ /**
+ * Set null
+ *
+ * @param description
+ */
+ void setDescription( String description );
+
+ /**
+ * Set the short name for this permission.
+ *
+ * @param name
+ */
+ void setName( String name );
+
+ /**
+ * Set null
+ *
+ * @param operation
+ */
+ void setOperation( Operation operation );
+
+ /**
+ * @param resource
+ */
+ void setResource( Resource resource );
+
+ /**
+ * Test to see if the object is a permanent object or not.
+ *
+ * @return true if the object is permanent.
+ */
+ boolean isPermanent();
+
+ /**
+ * Set flag indicating if the object is a permanent object or not.
+ *
+ * @param permanent true if the object is permanent.
+ */
+ void setPermanent( boolean permanent );
+}
\ No newline at end of file
--- /dev/null
+package org.apache.archiva.redback.rbac;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import java.util.Collection;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+/**
+ * RBACManager
+ *
+ * @author Jesse McConnell <jmcconnell@apache.org>
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ * @todo expand on javadoc
+ */
+public interface RBACManager
+{
+
+ void addListener( RBACManagerListener listener );
+
+ void removeListener( RBACManagerListener listener );
+
+ // ------------------------------------------------------------------
+ // Role Methods
+ // ------------------------------------------------------------------
+
+ /**
+ * Creates an implementation specific {@link Role}, or return an existing {@link Role}, depending
+ * on the provided <code>name</code> parameter.
+ * <p/>
+ * Note: Be sure to use {@link #saveRole(Role)} in order to persist any changes to the Role.
+ *
+ * @param name the name.
+ * @return the new {@link Role} object.
+ */
+ Role createRole( String name );
+
+ /**
+ * Tests for the existence of a Role.
+ *
+ * @return true if role exists in store.
+ * @throws RbacManagerException
+ */
+ boolean roleExists( String name );
+
+ boolean roleExists( Role role );
+
+ Role saveRole( Role role )
+ throws RbacObjectInvalidException, RbacManagerException;
+
+ void saveRoles( Collection<Role> roles )
+ throws RbacObjectInvalidException, RbacManagerException;
+
+ /**
+ * @param roleName
+ * @return
+ * @throws RbacObjectNotFoundException
+ * @throws RbacManagerException
+ */
+ Role getRole( String roleName )
+ throws RbacObjectNotFoundException, RbacManagerException;
+
+ Map<String, Role> getRoles( Collection<String> roleNames )
+ throws RbacObjectNotFoundException, RbacManagerException;
+
+ void addChildRole( Role role, Role childRole )
+ throws RbacObjectInvalidException, RbacManagerException;
+
+ Map<String, Role> getChildRoles( Role role )
+ throws RbacManagerException;
+
+ Map<String, Role> getParentRoles( Role role )
+ throws RbacManagerException;
+
+ /**
+ * Method getRoles
+ */
+ List<Role> getAllRoles()
+ throws RbacManagerException;
+
+ /**
+ * Method getEffectiveRoles
+ */
+ Set<Role> getEffectiveRoles( Role role )
+ throws RbacObjectNotFoundException, RbacManagerException;
+
+ /**
+ * Method removeRole
+ *
+ * @param role
+ */
+ void removeRole( Role role )
+ throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException;
+
+ /**
+ * Method removeRole
+ *
+ * @param roleName
+ */
+ void removeRole( String roleName )
+ throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException;
+
+ // ------------------------------------------------------------------
+ // Permission Methods
+ // ------------------------------------------------------------------
+
+ /**
+ * Creates an implementation specific {@link Permission}, or return an existing {@link Permission}, depending
+ * on the provided <code>name</code> parameter.
+ * <p/>
+ * Note: Be sure to use {@link #savePermission(Permission)} in order to persist any changes to the Role.
+ *
+ * @param name the name.
+ * @return the new Permission.
+ * @throws RbacManagerException
+ */
+ Permission createPermission( String name )
+ throws RbacManagerException;
+
+ /**
+ * Creates an implementation specific {@link Permission} with specified {@link Operation},
+ * and {@link Resource} identifiers.
+ * <p/>
+ * Note: Be sure to use {@link #savePermission(Permission)} in order to persist any changes to the Role.
+ *
+ * @param name the name.
+ * @param operationName the {@link Operation#setName(String)} value
+ * @param resourceIdentifier the {@link Resource#setIdentifier(String)} value
+ * @return the new Permission.
+ * @throws RbacManagerException
+ */
+ Permission createPermission( String name, String operationName, String resourceIdentifier )
+ throws RbacManagerException;
+
+ /**
+ * Tests for the existence of a permission.
+ *
+ * @param name the name to test for.
+ * @return true if permission exists.
+ * @throws RbacManagerException
+ */
+ boolean permissionExists( String name );
+
+ boolean permissionExists( Permission permission );
+
+ Permission savePermission( Permission permission )
+ throws RbacObjectInvalidException, RbacManagerException;
+
+ Permission getPermission( String permissionName )
+ throws RbacObjectNotFoundException, RbacManagerException;
+
+ List<Permission> getAllPermissions()
+ throws RbacManagerException;
+
+ void removePermission( Permission permission )
+ throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException;
+
+ void removePermission( String permissionName )
+ throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException;
+
+ // ------------------------------------------------------------------
+ // Operation Methods
+ // ------------------------------------------------------------------
+
+ /**
+ * Creates an implementation specific {@link Operation}, or return an existing {@link Operation}, depending
+ * on the provided <code>name</code> parameter.
+ * <p/>
+ * Note: Be sure to use {@link #saveOperation(Operation)} in order to persist any changes to the Role.
+ *
+ * @param name the name.
+ * @return the new Operation.
+ * @throws RbacManagerException
+ */
+ Operation createOperation( String name )
+ throws RbacManagerException;
+
+ boolean operationExists( String name );
+
+ boolean operationExists( Operation operation );
+
+ /**
+ * Save the new or existing operation to the store.
+ *
+ * @param operation the operation to save (new or existing)
+ * @return the Operation that was saved.
+ * @throws RbacObjectInvalidException
+ * @throws RbacManagerException
+ */
+ Operation saveOperation( Operation operation )
+ throws RbacObjectInvalidException, RbacManagerException;
+
+ Operation getOperation( String operationName )
+ throws RbacObjectNotFoundException, RbacManagerException;
+
+ List<Operation> getAllOperations()
+ throws RbacManagerException;
+
+ void removeOperation( Operation operation )
+ throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException;
+
+ void removeOperation( String operationName )
+ throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException;
+
+ // ------------------------------------------------------------------
+ // Resource Methods
+ // ------------------------------------------------------------------
+
+ /**
+ * Creates an implementation specific {@link Resource}, or return an existing {@link Resource}, depending
+ * on the provided <code>identifier</code> parameter.
+ * <p/>
+ * Note: Be sure to use {@link #saveResource(Resource)} in order to persist any changes to the Role.
+ *
+ * @param identifier the identifier.
+ * @return the new Resource.
+ * @throws RbacManagerException
+ */
+ Resource createResource( String identifier )
+ throws RbacManagerException;
+
+ boolean resourceExists( String identifier );
+
+ boolean resourceExists( Resource resource );
+
+ Resource saveResource( Resource resource )
+ throws RbacObjectInvalidException, RbacManagerException;
+
+ Resource getResource( String resourceIdentifier )
+ throws RbacObjectNotFoundException, RbacManagerException;
+
+ List<Resource> getAllResources()
+ throws RbacManagerException;
+
+ void removeResource( Resource resource )
+ throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException;
+
+ void removeResource( String resourceIdentifier )
+ throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException;
+
+ // ------------------------------------------------------------------
+ // UserAssignment Methods
+ // ------------------------------------------------------------------
+
+ /**
+ * Creates an implementation specific {@link UserAssignment}, or return an existing {@link UserAssignment},
+ * depending on the provided <code>identifier</code> parameter.
+ * <p/>
+ * Note: Be sure to use {@link #saveUserAssignment(UserAssignment)} in order to persist any changes to the Role.
+ *
+ * @param principal the principal reference to the user.
+ * @return the new UserAssignment object.
+ * @throws RbacManagerException
+ */
+ UserAssignment createUserAssignment( String principal )
+ throws RbacManagerException;
+
+ boolean userAssignmentExists( String principal );
+
+ boolean userAssignmentExists( UserAssignment assignment );
+
+ /**
+ * Method saveUserAssignment
+ *
+ * @param userAssignment
+ */
+ UserAssignment saveUserAssignment( UserAssignment userAssignment )
+ throws RbacObjectInvalidException, RbacManagerException;
+
+ UserAssignment getUserAssignment( String principal )
+ throws RbacObjectNotFoundException, RbacManagerException;
+
+ /**
+ * Method getAssignments
+ */
+ List<UserAssignment> getAllUserAssignments()
+ throws RbacManagerException;
+
+ /**
+ * Method getUserAssignmentsForRoless
+ */
+ List<UserAssignment> getUserAssignmentsForRoles( Collection<String> roleNames )
+ throws RbacManagerException;
+
+ /**
+ * Method removeAssignment
+ *
+ * @param userAssignment
+ */
+ void removeUserAssignment( UserAssignment userAssignment )
+ throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException;
+
+ /**
+ * Method removeAssignment
+ *
+ * @param principal
+ */
+ void removeUserAssignment( String principal )
+ throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException;
+
+ // ------------------------------------------------------------------
+ // UserAssignment Utility Methods
+ // ------------------------------------------------------------------
+
+ /**
+ * returns the active roles for a given principal
+ * <p/>
+ * NOTE: roles that are returned might have have roles themselves, if
+ * you just want all permissions then use {@link #getAssignedPermissions(String principal)}
+ *
+ * @param principal
+ * @return Collection of {@link Role} objects.
+ * @throws RbacObjectNotFoundException
+ * @throws RbacManagerException
+ */
+ Collection<Role> getAssignedRoles( String principal )
+ throws RbacObjectNotFoundException, RbacManagerException;
+
+ /**
+ * Get the Collection of {@link Role} objects for this UserAssignment.
+ *
+ * @param userAssignment
+ * @return Collection of {@link Role} objects for the provided UserAssignment.
+ */
+ Collection<Role> getAssignedRoles( UserAssignment userAssignment )
+ throws RbacObjectNotFoundException, RbacManagerException;
+
+ /**
+ * Get a list of all assignable roles that are currently not effectively assigned to the specific user,
+ * meaning, not a child of any already granted role
+ *
+ * @param principal
+ * @return
+ * @throws RbacManagerException
+ * @throws RbacObjectNotFoundException
+ */
+ Collection<Role> getEffectivelyUnassignedRoles( String principal )
+ throws RbacManagerException, RbacObjectNotFoundException;
+
+ /**
+ * Get a list of the effectively assigned roles to the specified user, this includes child roles
+ *
+ * @param principal
+ * @return
+ * @throws RbacObjectNotFoundException
+ * @throws RbacManagerException
+ */
+ Collection<Role> getEffectivelyAssignedRoles( String principal )
+ throws RbacObjectNotFoundException, RbacManagerException;
+
+ /**
+ * Get a list of all assignable roles that are currently not assigned to the specific user.
+ *
+ * @param principal
+ * @return
+ * @throws RbacManagerException
+ * @throws RbacObjectNotFoundException
+ */
+ Collection<Role> getUnassignedRoles( String principal )
+ throws RbacManagerException, RbacObjectNotFoundException;
+
+ /**
+ * returns a set of all permissions that are in all active roles for a given
+ * principal
+ *
+ * @param principal
+ * @return
+ * @throws RbacObjectNotFoundException
+ * @throws RbacManagerException
+ */
+ Set<Permission> getAssignedPermissions( String principal )
+ throws RbacObjectNotFoundException, RbacManagerException;
+
+ /**
+ * returns a map of assigned permissions keyed off of operation with a list value of Permissions
+ *
+ * @param principal
+ * @return
+ * @throws RbacObjectNotFoundException
+ * @throws RbacManagerException
+ */
+ Map<String, List<Permission>> getAssignedPermissionMap( String principal )
+ throws RbacObjectNotFoundException, RbacManagerException;
+
+ /**
+ * returns a list of all assignable roles
+ *
+ * @return
+ * @throws RbacManagerException
+ * @throws RbacObjectNotFoundException
+ */
+ List<Role> getAllAssignableRoles()
+ throws RbacManagerException, RbacObjectNotFoundException;
+
+ /**
+ * returns the global resource object
+ *
+ * @return
+ * @throws RbacManagerException
+ */
+ Resource getGlobalResource()
+ throws RbacManagerException;
+
+ void eraseDatabase();
+}
\ No newline at end of file
--- /dev/null
+package org.apache.archiva.redback.rbac;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * RBACManagerListener
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public interface RBACManagerListener
+{
+ public void rbacInit( boolean freshdb );
+
+ public void rbacRoleSaved( Role role );
+
+ public void rbacRoleRemoved( Role role );
+
+ public void rbacPermissionSaved( Permission permission );
+
+ public void rbacPermissionRemoved( Permission permission );
+
+ public void rbacUserAssignmentSaved( UserAssignment userAssignment );
+
+ public void rbacUserAssignmentRemoved( UserAssignment userAssignment );
+}
--- /dev/null
+package org.apache.archiva.redback.rbac;
+
+/*
+ * Copyright 2001-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.codehaus.plexus.util.StringUtils;
+
+/**
+ * RBACObjectAssertions
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public class RBACObjectAssertions
+{
+ public static void assertValid( Role role )
+ throws RbacObjectInvalidException
+ {
+ assertValid( null, role );
+ }
+
+ public static void assertValid( String scope, Role role )
+ throws RbacObjectInvalidException
+ {
+ if ( role == null )
+ {
+ throw new RbacObjectInvalidException( scope, "Null Role object is invalid." );
+ }
+
+ if ( StringUtils.isEmpty( role.getName() ) )
+ {
+ throw new RbacObjectInvalidException( scope, "Role.name must not be empty." );
+ }
+
+ if ( role.getPermissions() != null )
+ {
+ int i = 0;
+ for ( Permission perm : role.getPermissions() )
+ {
+ assertValid( "Role.permissions[" + i + "]", perm );
+ i++;
+ }
+ }
+ }
+
+ public static void assertValid( Permission permission )
+ throws RbacObjectInvalidException
+ {
+ assertValid( null, permission );
+ }
+
+ public static void assertValid( String scope, Permission permission )
+ throws RbacObjectInvalidException
+ {
+ if ( permission == null )
+ {
+ throw new RbacObjectInvalidException( scope, "Null Permission object is invalid." );
+ }
+
+ if ( StringUtils.isEmpty( permission.getName() ) )
+ {
+ throw new RbacObjectInvalidException( scope, "Permission.name must not be empty." );
+ }
+
+ assertValid( "Permission.operation", permission.getOperation() );
+ assertValid( "Permission.resource", permission.getResource() );
+
+ }
+
+ public static void assertValid( Operation operation )
+ throws RbacObjectInvalidException
+ {
+ assertValid( null, operation );
+ }
+
+ public static void assertValid( String scope, Operation operation )
+ throws RbacObjectInvalidException
+ {
+ if ( operation == null )
+ {
+ throw new RbacObjectInvalidException( scope, "Null Operation object is invalid." );
+ }
+
+ if ( StringUtils.isEmpty( operation.getName() ) )
+ {
+ throw new RbacObjectInvalidException( scope, "Operation.name must not be empty." );
+ }
+ }
+
+ public static void assertValid( Resource resource )
+ throws RbacObjectInvalidException
+ {
+ assertValid( null, resource );
+ }
+
+ public static void assertValid( String scope, Resource resource )
+ throws RbacObjectInvalidException
+ {
+ if ( resource == null )
+ {
+ throw new RbacObjectInvalidException( scope, "Null Resource object is invalid." );
+ }
+
+ if ( StringUtils.isEmpty( resource.getIdentifier() ) )
+ {
+ throw new RbacObjectInvalidException( scope, "Resource.identifier must not be empty." );
+ }
+ }
+
+ public static void assertValid( UserAssignment assignment )
+ throws RbacObjectInvalidException
+ {
+ assertValid( null, assignment );
+ }
+
+ public static void assertValid( String scope, UserAssignment assignment )
+ throws RbacObjectInvalidException
+ {
+ if ( assignment == null )
+ {
+ throw new RbacObjectInvalidException( scope, "Null UserAssigment object is invalid." );
+ }
+
+ if ( StringUtils.isEmpty( assignment.getPrincipal() ) )
+ {
+ throw new RbacObjectInvalidException( scope, "UserAssigment.principal cannot be empty." );
+ }
+
+ if ( assignment.getRoleNames() == null )
+ {
+ throw new RbacObjectInvalidException( scope, "UserAssignment.roles cannot be null." );
+ }
+
+ /* I don't believe this assertion is valid, a person should be able to be stripped of all roles.
+ -- jesse
+ if ( assignment.getRoleNames().isEmpty() )
+ {
+ throw new RbacObjectInvalidException( scope, "UserAssignment.roles cannot be empty." );
+ }
+ */
+ int i = 0;
+ for ( String name : assignment.getRoleNames() )
+ {
+ if ( StringUtils.isEmpty( name ) )
+ {
+ throw new RbacObjectInvalidException( scope, "UserAssignment.rolename[" + i + "] cannot be empty." );
+ }
+ i++;
+ }
+ }
+
+}
--- /dev/null
+package org.apache.archiva.redback.rbac;
+
+/*
+ * Copyright 2001-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * RbacManagerException used by {@link RBACManager} methods to indicate
+ * a fundamental persistence or store issue.
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public class RbacManagerException
+ extends Exception
+{
+ public RbacManagerException()
+ {
+ super();
+ }
+
+ public RbacManagerException( String message, Throwable cause )
+ {
+ super( message, cause );
+ }
+
+ public RbacManagerException( String message )
+ {
+ super( message );
+ }
+
+ public RbacManagerException( Throwable cause )
+ {
+ super( cause );
+ }
+
+}
--- /dev/null
+package org.apache.archiva.redback.rbac;
+
+/*
+ * Copyright 2001-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * RbacObjectInvalidException
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public class RbacObjectInvalidException
+ extends RbacManagerException
+{
+
+ public RbacObjectInvalidException()
+ {
+ super();
+ }
+
+ public RbacObjectInvalidException( String message, Throwable cause )
+ {
+ super( message, cause );
+ }
+
+ public RbacObjectInvalidException( String message )
+ {
+ super( message );
+ }
+
+ public RbacObjectInvalidException( String scope, String message )
+ {
+ super( ( ( scope != null ) ? scope + ": " : "" ) + message );
+ }
+
+ public RbacObjectInvalidException( Throwable cause )
+ {
+ super( cause );
+ }
+}
--- /dev/null
+package org.apache.archiva.redback.rbac;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * RbacObjectNotFoundException used by {@link RBACManager} methods to identify
+ * when a RBAC Object Was Not Found.
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public class RbacObjectNotFoundException
+ extends RbacManagerException
+{
+ private Object object;
+
+ public RbacObjectNotFoundException()
+ {
+ super();
+ }
+
+ public RbacObjectNotFoundException( String message, Throwable cause )
+ {
+ super( message, cause );
+ }
+
+ public RbacObjectNotFoundException( String message, Throwable cause, Object object )
+ {
+ super( message, cause );
+ this.object = object;
+ }
+
+ public RbacObjectNotFoundException( String message )
+ {
+ super( message );
+ }
+
+ public RbacObjectNotFoundException( String message, Object object )
+ {
+ super( message );
+ this.object = object;
+ }
+
+ public RbacObjectNotFoundException( Throwable cause )
+ {
+ super( cause );
+ }
+
+ public Object getObject()
+ {
+ return object;
+ }
+}
--- /dev/null
+package org.apache.archiva.redback.rbac;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * RbacPermanentException - tossed when a forbidden action against a permanent RBAC Object occurs.
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public class RbacPermanentException
+ extends RbacManagerException
+{
+ public RbacPermanentException()
+ {
+ super();
+ }
+
+ public RbacPermanentException( String message, Throwable cause )
+ {
+ super( message, cause );
+ }
+
+ public RbacPermanentException( String message )
+ {
+ super( message );
+ }
+
+ public RbacPermanentException( Throwable cause )
+ {
+ super( cause );
+ }
+}
--- /dev/null
+package org.apache.archiva.redback.rbac;
+
+/*
+ * Copyright 2001-2004 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * Exception thrown when there is a RBAC security violation.
+ */
+public class RbacSecurityViolation extends Exception
+{
+ public RbacSecurityViolation( String name )
+ {
+ super( name );
+ }
+}
--- /dev/null
+package org.apache.archiva.redback.rbac;
+
+/*
+ * Copyright 2001-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * Resource
+ *
+ * Resources are things that can be paired up with operations inside of a
+ * permission.
+ *
+ * Rbac doesn't strictly specify what a resource (or Object) is, so there are a
+ * couple of variations planned for resources.
+ *
+ * Initially the resource is simply a string representaton of whatever you desire
+ * to match up to an operation. Eventually we want to support different types of
+ * expression evaluation for these resources, like a tuple resource. *-* where
+ * wildcards can be used on the resource definition to streamline the assigning of
+ * permissions for _large_ sets of things.
+ *
+ * @author Jesse McConnell <jmcconnell@apache.org>
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public interface Resource
+{
+ /**
+ * Resource identifier refering to all objects.
+ */
+ public static final String GLOBAL = "*";
+
+ /**
+ * Resource identifier refering to no objects.
+ */
+ public static final String NULL = "-";
+
+ /**
+ * Get The string identifier for an operation.
+ *
+ * NOTE: This field is considered the Primary Key for this object.
+ */
+ public String getIdentifier();
+
+ /**
+ * true if the identifer is a pattern that is to be evaluated, for
+ * example x.* could match x.a or x.b and x.** could match x.foo
+ *
+ * Jesse: See {@link #setPattern(boolean)}
+ *
+ */
+ public boolean isPattern();
+
+ /**
+ * Set The string identifier for an operation.
+ *
+ * NOTE: This field is considered the Primary Key for this object.
+ *
+ * @param identifier
+ */
+ public void setIdentifier( String identifier );
+
+ /**
+ * true if the identifer is a pattern that is to be evaluated, for
+ * example x.* could match x.a or x.b and x.** could match x.foo
+ *
+ * TODO is this even a good idea?
+ * TODO we could look for a character like '*' or a string starting with "%/" to indicate if this is a pattern or not.
+ *
+ * @param pattern
+ */
+ public void setPattern( boolean pattern );
+
+ /**
+ * Test to see if the object is a permanent object or not.
+ *
+ * @return true if the object is permanent.
+ */
+ public boolean isPermanent();
+
+ /**
+ * Set flag indicating if the object is a permanent object or not.
+ *
+ * @param permanent true if the object is permanent.
+ */
+ public void setPermanent( boolean permanent );
+}
\ No newline at end of file
--- /dev/null
+package org.apache.archiva.redback.rbac;
+
+/*
+ * Copyright 2001-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import java.util.List;
+
+/**
+ * Role
+ * <p/>
+ * A role is assignable to a user and effectively grants that user all of the
+ * permissions that are present in that role. A role can also contain other roles
+ * which add the permissions in those roles to the available permissions for authorization.
+ * <p/>
+ * A role can contain any number of permissions
+ * A role can contain any number of other roles
+ * A role can be assigned to any number of users
+ *
+ * @author Jesse McConnell <jmcconnell@apache.org>
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public interface Role
+{
+
+ /**
+ * Method addPermission
+ *
+ * @param permission
+ */
+ void addPermission( Permission permission );
+
+ /**
+ * Method addChildRoleName
+ *
+ * @param name the name of the child role.
+ */
+ void addChildRoleName( String name );
+
+ /**
+ * Method getChildRoleNames
+ */
+ List<String> getChildRoleNames();
+
+ /**
+ * Convienence method to see if Role has Child Roles.
+ *
+ * @return true if child roles exists and has any roles being tracked.
+ */
+ boolean hasChildRoles();
+
+ /**
+ * Long description of the role.
+ */
+ String getDescription();
+
+ /**
+ * Get the name.
+ * <p/>
+ * NOTE: This field is considered the Primary Key for this object.
+ */
+ String getName();
+
+ /**
+ * Method getPermissions
+ */
+ List<Permission> getPermissions();
+
+ /**
+ * true if this role is available to be assigned to a user
+ */
+ boolean isAssignable();
+
+ /**
+ * Method removePermission
+ *
+ * @param permission
+ */
+ void removePermission( Permission permission );
+
+ /**
+ * true if this role is available to be assigned to a user
+ *
+ * @param assignable
+ */
+ void setAssignable( boolean assignable );
+
+ /**
+ * The names of the roles that will inherit the permissions of this role
+ *
+ * @param names the list of names of other roles.
+ */
+ void setChildRoleNames( List<String> names );
+
+ /**
+ * Set the Description
+ *
+ * @param description
+ */
+ void setDescription( String description );
+
+ /**
+ * Set Name
+ * <p/>
+ * NOTE: This field is considered the Primary Key for this object.
+ *
+ * @param name
+ */
+ void setName( String name );
+
+ /**
+ * Set Permissions
+ *
+ * @param permissions
+ */
+ void setPermissions( List<Permission> permissions );
+
+ /**
+ * Test to see if the object is a permanent object or not.
+ *
+ * @return true if the object is permanent.
+ */
+ boolean isPermanent();
+
+ /**
+ * Set flag indicating if the object is a permanent object or not.
+ *
+ * @param permanent true if the object is permanent.
+ */
+ void setPermanent( boolean permanent );
+}
\ No newline at end of file
--- /dev/null
+package org.apache.archiva.redback.rbac;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+/**
+ * TemplatedRole
+ *
+ * @author <a href="hisidro@exist.com">Henry Isidro</a>
+ */
+public class TemplatedRole
+{
+ private Role role;
+
+ private String templateNamePrefix;
+
+ private String delimiter;
+
+ public TemplatedRole(Role role, String templateNamePrefix, String delimeter)
+ {
+ this.role = role;
+ this.templateNamePrefix = templateNamePrefix;
+ this.delimiter = delimeter;
+ }
+
+ public String getResource()
+ {
+ int index = role.getName().indexOf( getDelimiter() );
+
+ return role.getName().substring( index + 3);
+ }
+
+ public Role getRole()
+ {
+ return role;
+ }
+
+ public void setRole( Role role )
+ {
+ this.role = role;
+ }
+
+ public String getTemplateNamePrefix()
+ {
+ return templateNamePrefix;
+ }
+
+ public void setTemplateNamePrefix( String templateNamePrefix )
+ {
+ this.templateNamePrefix = templateNamePrefix;
+ }
+
+ public String getDelimiter()
+ {
+ return delimiter;
+ }
+
+ public void setDelimiter( String delimiter )
+ {
+ this.delimiter = delimiter;
+ }
+
+ public String getName()
+ {
+ return this.role.getName();
+ }
+
+ public void setName( String name )
+ {
+ this.role.setName( name );
+ }
+}
--- /dev/null
+package org.apache.archiva.redback.rbac;
+
+import java.util.List;
+
+/*
+ * Copyright 2001-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * UserAssignment - This the mapping object that takes the principal for a user and associates it with a
+ * set of Roles.
+ *
+ * This is the many to many mapping object needed by persistence stores.
+ *
+ * @author Jesse McConnell <jmcconnell@apache.org>
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ * @todo expand on javadoc
+ */
+public interface UserAssignment
+{
+
+
+ /**
+ * The principal for the User that the set of roles is associated with.
+ *
+ * NOTE: This field is considered the Primary Key for this object.
+ *
+ * @return the principal for the User.
+ */
+ String getPrincipal();
+
+ /**
+ * Get the roles for this user.
+ *
+ * @return List of <{@link String}> objects representing the Role Names.
+ */
+ List<String> getRoleNames();
+
+ /**
+ * Add a rolename to this assignment.
+ *
+ * @param role the role.
+ */
+ void addRoleName( Role role );
+
+ /**
+ * Add a rolename to this assignment.
+ *
+ * @param roleName the role name.
+ */
+ void addRoleName( String roleName );
+
+ /**
+ * Remove a rolename from this assignment.
+ *
+ * @param role the role who's name is to be removed.
+ */
+ void removeRoleName( Role role );
+
+ /**
+ * Remove a role name from this assignment.
+ *
+ * @param roleName the role name to be removed.
+ */
+ void removeRoleName( String roleName );
+
+ /**
+ * Set the user principal object for this association.
+ *
+ * NOTE: This field is considered the Primary Key for this object.
+ *
+ * @param principal
+ */
+ void setPrincipal( String principal );
+
+ /**
+ * Set the roles names for this user.
+ *
+ * @param roles the List of <{@link String}> objects representing the Role Names.
+ */
+ void setRoleNames( List<String> roles );
+
+ /**
+ * Test to see if the object is a permanent object or not.
+ *
+ * @return true if the object is permanent.
+ */
+ boolean isPermanent();
+
+ /**
+ * Set flag indicating if the object is a permanent object or not.
+ *
+ * @param permanent true if the object is permanent.
+ */
+ void setPermanent( boolean permanent );
+}
\ No newline at end of file
+++ /dev/null
-package org.codehaus.plexus.redback.rbac;
-
-/*
- * Copyright 2001-2006 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-import org.codehaus.plexus.util.CollectionUtils;
-import org.codehaus.plexus.util.StringUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import javax.annotation.PostConstruct;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-/**
- * AbstractRBACManager
- *
- * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
- * @version $Id$
- */
-public abstract class AbstractRBACManager
- implements RBACManager
-{
- protected Logger log = LoggerFactory.getLogger( getClass() );
-
- private List<RBACManagerListener> listeners = new ArrayList<RBACManagerListener>( 0 );
-
- private Resource globalResource;
-
- @PostConstruct
- public void initialize()
- {
- //no op
- }
-
- public void addListener( RBACManagerListener listener )
- {
- if ( !listeners.contains( listener ) )
- {
- listeners.add( listener );
- }
- }
-
- public void removeListener( RBACManagerListener listener )
- {
- listeners.remove( listener );
- }
-
- public void fireRbacInit( boolean freshdb )
- {
- Iterator<RBACManagerListener> it = listeners.iterator();
- while ( it.hasNext() )
- {
- RBACManagerListener listener = it.next();
- try
- {
- listener.rbacInit( freshdb );
- }
- catch ( Exception e )
- {
- log.warn( "Unable to trigger .rbacInit( boolean ) to " + listener.getClass().getName(), e );
- }
- }
- }
-
- public void fireRbacRoleSaved( Role role )
- {
- Iterator<RBACManagerListener> it = listeners.iterator();
- while ( it.hasNext() )
- {
- RBACManagerListener listener = it.next();
- try
- {
- listener.rbacRoleSaved( role );
- }
- catch ( Exception e )
- {
- log.warn( "Unable to trigger .rbacRoleSaved( Role ) to " + listener.getClass().getName(), e );
- }
- }
- }
-
- public void fireRbacRoleRemoved( Role role )
- {
- Iterator<RBACManagerListener> it = listeners.iterator();
- while ( it.hasNext() )
- {
- RBACManagerListener listener = it.next();
- try
- {
- listener.rbacRoleRemoved( role );
- }
- catch ( Exception e )
- {
- log.warn( "Unable to trigger .rbacRoleRemoved( Role ) to " + listener.getClass().getName(), e );
- }
- }
- }
-
- public void fireRbacPermissionSaved( Permission permission )
- {
- Iterator<RBACManagerListener> it = listeners.iterator();
- while ( it.hasNext() )
- {
- RBACManagerListener listener = it.next();
- try
- {
- listener.rbacPermissionSaved( permission );
- }
- catch ( Exception e )
- {
- log.warn( "Unable to trigger .rbacPermissionSaved( Permission ) to " + listener.getClass().getName(),
- e );
- }
- }
- }
-
- public void fireRbacPermissionRemoved( Permission permission )
- {
- Iterator<RBACManagerListener> it = listeners.iterator();
- while ( it.hasNext() )
- {
- RBACManagerListener listener = it.next();
- try
- {
- listener.rbacPermissionRemoved( permission );
- }
- catch ( Exception e )
- {
- log.warn( "Unable to trigger .rbacPermissionRemoved( Permission ) to " + listener.getClass().getName(),
- e );
- }
- }
- }
-
- public void fireRbacUserAssignmentSaved( UserAssignment userAssignment )
- {
- Iterator<RBACManagerListener> it = listeners.iterator();
- while ( it.hasNext() )
- {
- RBACManagerListener listener = it.next();
- try
- {
- listener.rbacUserAssignmentSaved( userAssignment );
- }
- catch ( Exception e )
- {
- log.warn(
- "Unable to trigger .rbacUserAssignmentSaved( UserAssignment ) to " + listener.getClass().getName(),
- e );
- }
- }
- }
-
- public void fireRbacUserAssignmentRemoved( UserAssignment userAssignment )
- {
- Iterator<RBACManagerListener> it = listeners.iterator();
- while ( it.hasNext() )
- {
- RBACManagerListener listener = it.next();
- try
- {
- listener.rbacUserAssignmentRemoved( userAssignment );
- }
- catch ( Exception e )
- {
- log.warn( "Unable to trigger .rbacUserAssignmentRemoved( UserAssignment ) to "
- + listener.getClass().getName(), e );
- }
- }
- }
-
- public void removeRole( String roleName )
- throws RbacObjectNotFoundException, RbacManagerException
- {
- removeRole( getRole( roleName ) );
- }
-
- public void removePermission( String permissionName )
- throws RbacObjectNotFoundException, RbacManagerException
- {
- removePermission( getPermission( permissionName ) );
- }
-
- public void removeOperation( String operationName )
- throws RbacObjectNotFoundException, RbacManagerException
- {
- removeOperation( getOperation( operationName ) );
- }
-
- public void removeResource( String resourceIdentifier )
- throws RbacObjectNotFoundException, RbacManagerException
- {
- removeResource( getResource( resourceIdentifier ) );
- }
-
- public void removeUserAssignment( String principal )
- throws RbacObjectNotFoundException, RbacManagerException
- {
- removeUserAssignment( getUserAssignment( principal ) );
- }
-
- public boolean resourceExists( Resource resource )
- {
- try
- {
- return getAllResources().contains( resource );
- }
- catch ( RbacManagerException e )
- {
- return false;
- }
- }
-
- public boolean resourceExists( String identifier )
- {
- try
- {
- for ( Resource resource : getAllResources() )
- {
- if ( StringUtils.equals( resource.getIdentifier(), identifier ) )
- {
- return true;
- }
- }
- }
- catch ( RbacManagerException e )
- {
- return false;
- }
-
- return false;
- }
-
- public boolean operationExists( Operation operation )
- {
- try
- {
- return getAllOperations().contains( operation );
- }
- catch ( RbacManagerException e )
- {
- return false;
- }
- }
-
- public boolean operationExists( String name )
- {
- try
- {
- for ( Operation operation : getAllOperations() )
- {
- if ( StringUtils.equals( operation.getName(), name ) )
- {
- return true;
- }
- }
- }
- catch ( RbacManagerException e )
- {
- return false;
- }
-
- return false;
- }
-
- public boolean permissionExists( Permission permission )
- {
- try
- {
- return getAllPermissions().contains( permission );
- }
- catch ( RbacManagerException e )
- {
- return false;
- }
- }
-
- public boolean permissionExists( String name )
- {
- try
- {
- for ( Permission permission : getAllPermissions() )
- {
- if ( StringUtils.equals( permission.getName(), name ) )
- {
- return true;
- }
- }
- }
- catch ( RbacManagerException e )
- {
- return false;
- }
-
- return false;
- }
-
- public boolean roleExists( Role role )
- {
- try
- {
- return getAllRoles().contains( role );
- }
- catch ( RbacManagerException e )
- {
- return false;
- }
- }
-
- public boolean roleExists( String name )
- {
- try
- {
- for ( Role role : getAllRoles() )
- {
- if ( StringUtils.equals( role.getName(), name ) )
- {
- return true;
- }
- }
- }
- catch ( RbacManagerException e )
- {
- return false;
- }
-
- return false;
- }
-
- public boolean userAssignmentExists( String principal )
- {
- try
- {
- for ( UserAssignment assignment : getAllUserAssignments() )
- {
- if ( StringUtils.equals( assignment.getPrincipal(), principal ) )
- {
- return true;
- }
- }
- }
- catch ( RbacManagerException e )
- {
- return false;
- }
-
- return false;
- }
-
- public boolean userAssignmentExists( UserAssignment assignment )
- {
- try
- {
- return getAllUserAssignments().contains( assignment );
- }
- catch ( RbacManagerException e )
- {
- return false;
- }
- }
-
- /**
- * returns a set of all permissions that are in all active roles for a given
- * principal
- *
- * @param principal
- * @return
- * @throws RbacObjectNotFoundException
- * @throws RbacManagerException
- */
- public Set<Permission> getAssignedPermissions( String principal )
- throws RbacObjectNotFoundException, RbacManagerException
- {
-
- UserAssignment ua = getUserAssignment( principal );
-
- Set<Permission> permissionSet = new HashSet<Permission>();
-
- if ( ua.getRoleNames() != null )
- {
- boolean childRoleNamesUpdated = false;
-
- Iterator<String> it = ua.getRoleNames().listIterator();
- while ( it.hasNext() )
- {
- String roleName = it.next();
- try
- {
- Role role = getRole( roleName );
- gatherUniquePermissions( role, permissionSet );
- }
- catch ( RbacObjectNotFoundException e )
- {
- // Found a bad role name. remove it!
- it.remove();
- childRoleNamesUpdated = true;
- }
- }
-
- if ( childRoleNamesUpdated )
- {
- saveUserAssignment( ua );
- }
- }
-
- return permissionSet;
- }
-
- /**
- * returns a map of assigned permissions keyed off of operations
- *
- * @param principal
- * @return
- * @throws RbacObjectNotFoundException
- * @throws RbacManagerException
- */
- public Map<String, List<Permission>> getAssignedPermissionMap( String principal )
- throws RbacObjectNotFoundException, RbacManagerException
- {
- return getPermissionMapByOperation( getAssignedPermissions( principal ) );
- }
-
- private Map<String, List<Permission>> getPermissionMapByOperation( Collection<Permission> permissions )
- {
- Map<String, List<Permission>> userPermMap = new HashMap<String, List<Permission>>();
-
- for ( Permission permission : permissions )
- {
- List<Permission> permList = userPermMap.get( permission.getOperation().getName() );
-
- if ( permList != null )
- {
- permList.add( permission );
- }
- else
- {
- List<Permission> newPermList = new ArrayList<Permission>( permissions.size() );
- newPermList.add( permission );
- userPermMap.put( permission.getOperation().getName(), newPermList );
- }
- }
-
- return userPermMap;
- }
-
- private void gatherUniquePermissions( Role role, Collection<Permission> coll )
- throws RbacManagerException
- {
- if ( role.getPermissions() != null )
- {
- for ( Permission permission : role.getPermissions() )
- {
- if ( !coll.contains( permission ) )
- {
- coll.add( permission );
- }
- }
- }
-
- if ( role.hasChildRoles() )
- {
- Map<String, Role> childRoles = getChildRoles( role );
- Iterator<Role> it = childRoles.values().iterator();
- while ( it.hasNext() )
- {
- Role child = it.next();
- gatherUniquePermissions( child, coll );
- }
- }
- }
-
- public List<Role> getAllAssignableRoles()
- throws RbacManagerException, RbacObjectNotFoundException
- {
- List<Role> assignableRoles = new ArrayList<Role>();
-
- for ( Role r : getAllRoles() )
- {
- Role role = getRole( r.getName() );
- if ( role.isAssignable() )
- {
- assignableRoles.add( role );
- }
- }
-
- return assignableRoles;
- }
-
- /**
- * returns the active roles for a given principal
- * <p/>
- * NOTE: roles that are returned might have have roles themselves, if
- * you just want all permissions then use {@link #getAssignedPermissions(String principal)}
- *
- * @param principal
- * @return
- * @throws RbacObjectNotFoundException
- * @throws RbacManagerException
- */
- public Collection<Role> getAssignedRoles( String principal )
- throws RbacObjectNotFoundException, RbacManagerException
- {
- UserAssignment ua = getUserAssignment( principal );
-
- return getAssignedRoles( ua );
- }
-
- /**
- * returns only the roles that are assigned, not the roles that might be child roles of the
- * assigned roles.
- *
- * @param ua
- * @return
- * @throws RbacObjectNotFoundException
- * @throws RbacManagerException
- */
- public Collection<Role> getAssignedRoles( UserAssignment ua )
- throws RbacObjectNotFoundException, RbacManagerException
- {
- Set<Role> roleSet = new HashSet<Role>();
-
- if ( ua.getRoleNames() != null )
- {
- boolean childRoleNamesUpdated = false;
-
- Iterator<String> it = ua.getRoleNames().listIterator();
- while ( it.hasNext() )
- {
- String roleName = it.next();
- try
- {
- Role role = getRole( roleName );
-
- if ( !roleSet.contains( role ) )
- {
- roleSet.add( role );
- }
- }
- catch ( RbacObjectNotFoundException e )
- {
- // Found a bad role name. remove it!
- it.remove();
- childRoleNamesUpdated = true;
- }
- }
-
- if ( childRoleNamesUpdated )
- {
- saveUserAssignment( ua );
- }
- }
-
- return roleSet;
- }
-
- /**
- * get all of the roles that the give role has as a child into a set
- *
- * @param role
- * @param roleSet
- * @throws RbacObjectNotFoundException
- * @throws RbacManagerException
- */
- private void gatherEffectiveRoles( Role role, Set<Role> roleSet )
- throws RbacObjectNotFoundException, RbacManagerException
- {
- if ( role.hasChildRoles() )
- {
- for ( String roleName : role.getChildRoleNames() )
- {
- try
- {
- Role crole = getRole( roleName );
-
- if ( !roleSet.contains( crole ) )
- {
- gatherEffectiveRoles( crole, roleSet );
- }
- }
- catch ( RbacObjectNotFoundException e )
- {
- // the client application might not manage role clean up totally correctly so we want to notify
- // of a child role issue and offer a clean up process at some point
- log.warn( "dangling child role: " + roleName + " on " + role.getName() );
- }
- }
- }
-
- if ( !roleSet.contains( role ) )
- {
- roleSet.add( role );
- }
- }
-
- public Collection<Role> getEffectivelyAssignedRoles( String principal )
- throws RbacObjectNotFoundException, RbacManagerException
- {
- UserAssignment ua = getUserAssignment( principal );
-
- return getEffectivelyAssignedRoles( ua );
- }
-
- public Collection<Role> getEffectivelyAssignedRoles( UserAssignment ua )
- throws RbacObjectNotFoundException, RbacManagerException
- {
- Set<Role> roleSet = new HashSet<Role>();
-
- if ( ua != null && ua.getRoleNames() != null )
- {
- boolean childRoleNamesUpdated = false;
-
- Iterator<String> it = ua.getRoleNames().listIterator();
- while ( it.hasNext() )
- {
- String roleName = it.next();
- try
- {
- Role role = getRole( roleName );
-
- gatherEffectiveRoles( role, roleSet );
- }
- catch ( RbacObjectNotFoundException e )
- {
- // Found a bad role name. remove it!
- it.remove();
- childRoleNamesUpdated = true;
- }
- }
-
- if ( childRoleNamesUpdated )
- {
- saveUserAssignment( ua );
- }
- }
- return roleSet;
- }
-
- /**
- * @param principal
- * @return
- * @throws RbacManagerException
- * @throws RbacObjectNotFoundException
- */
- @SuppressWarnings( "unchecked" )
- public Collection<Role> getEffectivelyUnassignedRoles( String principal )
- throws RbacManagerException, RbacObjectNotFoundException
- {
- Collection<Role> assignedRoles = getEffectivelyAssignedRoles( principal );
- List<Role> allRoles = getAllAssignableRoles();
-
- log.debug( "UR: assigned {}", assignedRoles.size() );
- log.debug( "UR: available {}", allRoles.size() );
-
- return CollectionUtils.subtract( allRoles, assignedRoles );
- }
-
-
- /**
- * @param principal
- * @return
- * @throws RbacManagerException
- * @throws RbacObjectNotFoundException
- */
- @SuppressWarnings( "unchecked" )
- public Collection<Role> getUnassignedRoles( String principal )
- throws RbacManagerException, RbacObjectNotFoundException
- {
- Collection<Role> assignedRoles = getAssignedRoles( principal );
- List<Role> allRoles = getAllAssignableRoles();
-
- log.debug( "UR: assigned {}", assignedRoles.size() );
- log.debug( "UR: available {}", allRoles.size() );
-
- return CollectionUtils.subtract( allRoles, assignedRoles );
- }
-
- public Resource getGlobalResource()
- throws RbacManagerException
- {
- if ( globalResource == null )
- {
- globalResource = createResource( Resource.GLOBAL );
- globalResource.setPermanent( true );
- globalResource = saveResource( globalResource );
- }
- return globalResource;
- }
-
- public void addChildRole( Role role, Role childRole )
- throws RbacObjectInvalidException, RbacManagerException
- {
- saveRole( childRole );
- role.addChildRoleName( childRole.getName() );
- }
-
- public Map<String, Role> getChildRoles( Role role )
- throws RbacManagerException
- {
- Map<String, Role> childRoles = new HashMap<String, Role>();
-
- boolean childRoleNamesUpdated = false;
-
- Iterator<String> it = role.getChildRoleNames().listIterator();
- while ( it.hasNext() )
- {
- String roleName = (String) it.next();
- try
- {
- Role child = getRole( roleName );
- childRoles.put( child.getName(), child );
- }
- catch ( RbacObjectNotFoundException e )
- {
- // Found a bad roleName! - remove it.
- it.remove();
- childRoleNamesUpdated = true;
- }
- }
-
- if ( childRoleNamesUpdated )
- {
- saveRole( role );
- }
-
- return childRoles;
- }
-
- public Map<String, Role> getParentRoles( Role role )
- throws RbacManagerException
- {
- Map<String, Role> parentRoles = new HashMap<String, Role>();
-
- for ( Role r : getAllRoles() )
- {
- if ( !r.getName().equals( role.getName() ) )
- {
- Set<Role> effectiveRoles = getEffectiveRoles( r );
- for ( Role currentRole : effectiveRoles )
- {
- if ( currentRole.getName().equals( role.getName() ) )
- {
- if ( !parentRoles.containsKey( r.getName() ) )
- {
- parentRoles.put( r.getName(), r );
- }
- }
- }
- }
- }
- return parentRoles;
- }
-
- public Set<Role> getEffectiveRoles( Role role )
- throws RbacObjectNotFoundException, RbacManagerException
- {
- Set<Role> roleSet = new HashSet<Role>();
- gatherEffectiveRoles( role, roleSet );
-
- return roleSet;
- }
-
- public Map<String, Role> getRoles( Collection<String> roleNames )
- throws RbacObjectNotFoundException, RbacManagerException
- {
- Map<String, Role> roleMap = new HashMap<String, Role>();
-
- for ( String roleName : roleNames )
- {
- Role child = getRole( roleName );
- roleMap.put( child.getName(), child );
- }
-
- return roleMap;
- }
-}
+++ /dev/null
-package org.codehaus.plexus.redback.rbac;
-
-/*
- * Copyright 2001-2006 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/**
- * AbstractRole useful for common logic that implementors can use.
- *
- * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
- * @version $Id$
- */
-public abstract class AbstractRole
- implements Role
-{
-
- public boolean hasChildRoles()
- {
- return ( getChildRoleNames() != null ) && !getChildRoleNames().isEmpty();
- }
-}
+++ /dev/null
-package org.codehaus.plexus.redback.rbac;
-
-import java.util.List;
-
-/*
- * Copyright 2001-2006 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/**
- * AbstractUserAssignment useful for common logic that implementors can use.
- *
- * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
- * @version $Id$
- */
-public abstract class AbstractUserAssignment
- implements UserAssignment
-{
-
- public void addRoleName( Role role )
- {
- addRoleName( role.getName() );
- }
-
- public void addRoleName( String roleName )
- {
- List<String> names = getRoleNames();
- if ( !names.contains( roleName ) )
- {
- names.add( roleName );
- }
- setRoleNames( names );
- }
-
- public void removeRoleName( Role role )
- {
- removeRoleName( role.getName() );
- }
-
- public void removeRoleName( String roleName )
- {
- getRoleNames().remove( roleName );
- }
-}
+++ /dev/null
-package org.codehaus.plexus.redback.rbac;
-
-/*
- * Copyright 2001-2006 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/**
- * Operation
- * <p/>
- * In RBAC the operation is an action or functionality that can be linked with a
- * particular resource into an assignable Permission. Operations don't exist outside
- * Permissions.
- *
- * @author Jesse McConnell <jmcconnell@apache.org>
- * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
- * @version $Id$
- */
-public interface Operation
-{
-
-
- /**
- * Long description of an operation.
- *
- * @return String
- */
- String getDescription();
-
- /**
- * name of the operation that is used in the act of authorization
- * <p/>
- * 'modify-foo', 'change-password'
- * <p/>
- * NOTE: This field is considered the Primary Key for this object.
- *
- * @return the name of the operation.
- */
- String getName();
-
- /**
- * @param description
- */
- void setDescription( String description );
-
- /**
- * Set name of the operation that is used in the act of authorization
- * <p/>
- * 'modify-foo', 'change-password'
- * <p/>
- * NOTE: This field is considered the Primary Key for this object.
- *
- * @param name
- */
- void setName( String name );
-
- /**
- * Test to see if the object is a permanent object or not.
- *
- * @return true if the object is permanent.
- */
- boolean isPermanent();
-
- /**
- * Set flag indicating if the object is a permanent object or not.
- *
- * @param permanent true if the object is permanent.
- */
- void setPermanent( boolean permanent );
-}
\ No newline at end of file
+++ /dev/null
-package org.codehaus.plexus.redback.rbac;
-
-/*
- * Copyright 2001-2006 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/**
- * Permission
- * <p/>
- * A permission is the wrapper for an operation and a resource effectively saying
- * that the operation is authorized for that resource.
- * <p/>
- * P(Operation, Resource)
- *
- * @author Jesse McConnell <jmcconnell@apache.org>
- * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
- * @version $Id$
- */
-public interface Permission
-{
-
- /**
- * Long description of the Permission
- */
- String getDescription();
-
- /**
- * Get the short name of the permission.
- * <p/>
- * NOTE: This field is considered the Primary Key for this object.
- *
- * @return the short name for this permission.
- */
- String getName();
-
- /**
- * Operation that this permission is authorizing
- */
- Operation getOperation();
-
- /**
- * This is the resource associated with this permission.
- * <p/>
- * Implementors must always supply a Resource.
- *
- * @return the Resource.
- */
- Resource getResource();
-
- /**
- * Set null
- *
- * @param description
- */
- void setDescription( String description );
-
- /**
- * Set the short name for this permission.
- *
- * @param name
- */
- void setName( String name );
-
- /**
- * Set null
- *
- * @param operation
- */
- void setOperation( Operation operation );
-
- /**
- * @param resource
- */
- void setResource( Resource resource );
-
- /**
- * Test to see if the object is a permanent object or not.
- *
- * @return true if the object is permanent.
- */
- boolean isPermanent();
-
- /**
- * Set flag indicating if the object is a permanent object or not.
- *
- * @param permanent true if the object is permanent.
- */
- void setPermanent( boolean permanent );
-}
\ No newline at end of file
+++ /dev/null
-package org.codehaus.plexus.redback.rbac;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-import java.util.Collection;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-/**
- * RBACManager
- *
- * @author Jesse McConnell <jmcconnell@apache.org>
- * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
- * @version $Id$
- * @todo expand on javadoc
- */
-public interface RBACManager
-{
-
- void addListener( RBACManagerListener listener );
-
- void removeListener( RBACManagerListener listener );
-
- // ------------------------------------------------------------------
- // Role Methods
- // ------------------------------------------------------------------
-
- /**
- * Creates an implementation specific {@link Role}, or return an existing {@link Role}, depending
- * on the provided <code>name</code> parameter.
- * <p/>
- * Note: Be sure to use {@link #saveRole(Role)} in order to persist any changes to the Role.
- *
- * @param name the name.
- * @return the new {@link Role} object.
- */
- Role createRole( String name );
-
- /**
- * Tests for the existence of a Role.
- *
- * @return true if role exists in store.
- * @throws RbacManagerException
- */
- boolean roleExists( String name );
-
- boolean roleExists( Role role );
-
- Role saveRole( Role role )
- throws RbacObjectInvalidException, RbacManagerException;
-
- void saveRoles( Collection<Role> roles )
- throws RbacObjectInvalidException, RbacManagerException;
-
- /**
- * @param roleName
- * @return
- * @throws RbacObjectNotFoundException
- * @throws RbacManagerException
- */
- Role getRole( String roleName )
- throws RbacObjectNotFoundException, RbacManagerException;
-
- Map<String, Role> getRoles( Collection<String> roleNames )
- throws RbacObjectNotFoundException, RbacManagerException;
-
- void addChildRole( Role role, Role childRole )
- throws RbacObjectInvalidException, RbacManagerException;
-
- Map<String, Role> getChildRoles( Role role )
- throws RbacManagerException;
-
- Map<String, Role> getParentRoles( Role role )
- throws RbacManagerException;
-
- /**
- * Method getRoles
- */
- List<Role> getAllRoles()
- throws RbacManagerException;
-
- /**
- * Method getEffectiveRoles
- */
- Set<Role> getEffectiveRoles( Role role )
- throws RbacObjectNotFoundException, RbacManagerException;
-
- /**
- * Method removeRole
- *
- * @param role
- */
- void removeRole( Role role )
- throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException;
-
- /**
- * Method removeRole
- *
- * @param roleName
- */
- void removeRole( String roleName )
- throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException;
-
- // ------------------------------------------------------------------
- // Permission Methods
- // ------------------------------------------------------------------
-
- /**
- * Creates an implementation specific {@link Permission}, or return an existing {@link Permission}, depending
- * on the provided <code>name</code> parameter.
- * <p/>
- * Note: Be sure to use {@link #savePermission(Permission)} in order to persist any changes to the Role.
- *
- * @param name the name.
- * @return the new Permission.
- * @throws RbacManagerException
- */
- Permission createPermission( String name )
- throws RbacManagerException;
-
- /**
- * Creates an implementation specific {@link Permission} with specified {@link Operation},
- * and {@link Resource} identifiers.
- * <p/>
- * Note: Be sure to use {@link #savePermission(Permission)} in order to persist any changes to the Role.
- *
- * @param name the name.
- * @param operationName the {@link Operation#setName(String)} value
- * @param resourceIdentifier the {@link Resource#setIdentifier(String)} value
- * @return the new Permission.
- * @throws RbacManagerException
- */
- Permission createPermission( String name, String operationName, String resourceIdentifier )
- throws RbacManagerException;
-
- /**
- * Tests for the existence of a permission.
- *
- * @param name the name to test for.
- * @return true if permission exists.
- * @throws RbacManagerException
- */
- boolean permissionExists( String name );
-
- boolean permissionExists( Permission permission );
-
- Permission savePermission( Permission permission )
- throws RbacObjectInvalidException, RbacManagerException;
-
- Permission getPermission( String permissionName )
- throws RbacObjectNotFoundException, RbacManagerException;
-
- List<Permission> getAllPermissions()
- throws RbacManagerException;
-
- void removePermission( Permission permission )
- throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException;
-
- void removePermission( String permissionName )
- throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException;
-
- // ------------------------------------------------------------------
- // Operation Methods
- // ------------------------------------------------------------------
-
- /**
- * Creates an implementation specific {@link Operation}, or return an existing {@link Operation}, depending
- * on the provided <code>name</code> parameter.
- * <p/>
- * Note: Be sure to use {@link #saveOperation(Operation)} in order to persist any changes to the Role.
- *
- * @param name the name.
- * @return the new Operation.
- * @throws RbacManagerException
- */
- Operation createOperation( String name )
- throws RbacManagerException;
-
- boolean operationExists( String name );
-
- boolean operationExists( Operation operation );
-
- /**
- * Save the new or existing operation to the store.
- *
- * @param operation the operation to save (new or existing)
- * @return the Operation that was saved.
- * @throws RbacObjectInvalidException
- * @throws RbacManagerException
- */
- Operation saveOperation( Operation operation )
- throws RbacObjectInvalidException, RbacManagerException;
-
- Operation getOperation( String operationName )
- throws RbacObjectNotFoundException, RbacManagerException;
-
- List<Operation> getAllOperations()
- throws RbacManagerException;
-
- void removeOperation( Operation operation )
- throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException;
-
- void removeOperation( String operationName )
- throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException;
-
- // ------------------------------------------------------------------
- // Resource Methods
- // ------------------------------------------------------------------
-
- /**
- * Creates an implementation specific {@link Resource}, or return an existing {@link Resource}, depending
- * on the provided <code>identifier</code> parameter.
- * <p/>
- * Note: Be sure to use {@link #saveResource(Resource)} in order to persist any changes to the Role.
- *
- * @param identifier the identifier.
- * @return the new Resource.
- * @throws RbacManagerException
- */
- Resource createResource( String identifier )
- throws RbacManagerException;
-
- boolean resourceExists( String identifier );
-
- boolean resourceExists( Resource resource );
-
- Resource saveResource( Resource resource )
- throws RbacObjectInvalidException, RbacManagerException;
-
- Resource getResource( String resourceIdentifier )
- throws RbacObjectNotFoundException, RbacManagerException;
-
- List<Resource> getAllResources()
- throws RbacManagerException;
-
- void removeResource( Resource resource )
- throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException;
-
- void removeResource( String resourceIdentifier )
- throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException;
-
- // ------------------------------------------------------------------
- // UserAssignment Methods
- // ------------------------------------------------------------------
-
- /**
- * Creates an implementation specific {@link UserAssignment}, or return an existing {@link UserAssignment},
- * depending on the provided <code>identifier</code> parameter.
- * <p/>
- * Note: Be sure to use {@link #saveUserAssignment(UserAssignment)} in order to persist any changes to the Role.
- *
- * @param principal the principal reference to the user.
- * @return the new UserAssignment object.
- * @throws RbacManagerException
- */
- UserAssignment createUserAssignment( String principal )
- throws RbacManagerException;
-
- boolean userAssignmentExists( String principal );
-
- boolean userAssignmentExists( UserAssignment assignment );
-
- /**
- * Method saveUserAssignment
- *
- * @param userAssignment
- */
- UserAssignment saveUserAssignment( UserAssignment userAssignment )
- throws RbacObjectInvalidException, RbacManagerException;
-
- UserAssignment getUserAssignment( String principal )
- throws RbacObjectNotFoundException, RbacManagerException;
-
- /**
- * Method getAssignments
- */
- List<UserAssignment> getAllUserAssignments()
- throws RbacManagerException;
-
- /**
- * Method getUserAssignmentsForRoless
- */
- List<UserAssignment> getUserAssignmentsForRoles( Collection<String> roleNames )
- throws RbacManagerException;
-
- /**
- * Method removeAssignment
- *
- * @param userAssignment
- */
- void removeUserAssignment( UserAssignment userAssignment )
- throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException;
-
- /**
- * Method removeAssignment
- *
- * @param principal
- */
- void removeUserAssignment( String principal )
- throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException;
-
- // ------------------------------------------------------------------
- // UserAssignment Utility Methods
- // ------------------------------------------------------------------
-
- /**
- * returns the active roles for a given principal
- * <p/>
- * NOTE: roles that are returned might have have roles themselves, if
- * you just want all permissions then use {@link #getAssignedPermissions(String principal)}
- *
- * @param principal
- * @return Collection of {@link Role} objects.
- * @throws RbacObjectNotFoundException
- * @throws RbacManagerException
- */
- Collection<Role> getAssignedRoles( String principal )
- throws RbacObjectNotFoundException, RbacManagerException;
-
- /**
- * Get the Collection of {@link Role} objects for this UserAssignment.
- *
- * @param userAssignment
- * @return Collection of {@link Role} objects for the provided UserAssignment.
- */
- Collection<Role> getAssignedRoles( UserAssignment userAssignment )
- throws RbacObjectNotFoundException, RbacManagerException;
-
- /**
- * Get a list of all assignable roles that are currently not effectively assigned to the specific user,
- * meaning, not a child of any already granted role
- *
- * @param principal
- * @return
- * @throws RbacManagerException
- * @throws RbacObjectNotFoundException
- */
- Collection<Role> getEffectivelyUnassignedRoles( String principal )
- throws RbacManagerException, RbacObjectNotFoundException;
-
- /**
- * Get a list of the effectively assigned roles to the specified user, this includes child roles
- *
- * @param principal
- * @return
- * @throws RbacObjectNotFoundException
- * @throws RbacManagerException
- */
- Collection<Role> getEffectivelyAssignedRoles( String principal )
- throws RbacObjectNotFoundException, RbacManagerException;
-
- /**
- * Get a list of all assignable roles that are currently not assigned to the specific user.
- *
- * @param principal
- * @return
- * @throws RbacManagerException
- * @throws RbacObjectNotFoundException
- */
- Collection<Role> getUnassignedRoles( String principal )
- throws RbacManagerException, RbacObjectNotFoundException;
-
- /**
- * returns a set of all permissions that are in all active roles for a given
- * principal
- *
- * @param principal
- * @return
- * @throws RbacObjectNotFoundException
- * @throws RbacManagerException
- */
- Set<Permission> getAssignedPermissions( String principal )
- throws RbacObjectNotFoundException, RbacManagerException;
-
- /**
- * returns a map of assigned permissions keyed off of operation with a list value of Permissions
- *
- * @param principal
- * @return
- * @throws RbacObjectNotFoundException
- * @throws RbacManagerException
- */
- Map<String, List<Permission>> getAssignedPermissionMap( String principal )
- throws RbacObjectNotFoundException, RbacManagerException;
-
- /**
- * returns a list of all assignable roles
- *
- * @return
- * @throws RbacManagerException
- * @throws RbacObjectNotFoundException
- */
- List<Role> getAllAssignableRoles()
- throws RbacManagerException, RbacObjectNotFoundException;
-
- /**
- * returns the global resource object
- *
- * @return
- * @throws RbacManagerException
- */
- Resource getGlobalResource()
- throws RbacManagerException;
-
- void eraseDatabase();
-}
\ No newline at end of file
+++ /dev/null
-package org.codehaus.plexus.redback.rbac;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-/**
- * RBACManagerListener
- *
- * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
- * @version $Id$
- */
-public interface RBACManagerListener
-{
- public void rbacInit( boolean freshdb );
-
- public void rbacRoleSaved( Role role );
-
- public void rbacRoleRemoved( Role role );
-
- public void rbacPermissionSaved( Permission permission );
-
- public void rbacPermissionRemoved( Permission permission );
-
- public void rbacUserAssignmentSaved( UserAssignment userAssignment );
-
- public void rbacUserAssignmentRemoved( UserAssignment userAssignment );
-}
+++ /dev/null
-package org.codehaus.plexus.redback.rbac;
-
-/*
- * Copyright 2001-2006 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-import org.codehaus.plexus.util.StringUtils;
-
-/**
- * RBACObjectAssertions
- *
- * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
- * @version $Id$
- */
-public class RBACObjectAssertions
-{
- public static void assertValid( Role role )
- throws RbacObjectInvalidException
- {
- assertValid( null, role );
- }
-
- public static void assertValid( String scope, Role role )
- throws RbacObjectInvalidException
- {
- if ( role == null )
- {
- throw new RbacObjectInvalidException( scope, "Null Role object is invalid." );
- }
-
- if ( StringUtils.isEmpty( role.getName() ) )
- {
- throw new RbacObjectInvalidException( scope, "Role.name must not be empty." );
- }
-
- if ( role.getPermissions() != null )
- {
- int i = 0;
- for ( Permission perm : role.getPermissions() )
- {
- assertValid( "Role.permissions[" + i + "]", perm );
- i++;
- }
- }
- }
-
- public static void assertValid( Permission permission )
- throws RbacObjectInvalidException
- {
- assertValid( null, permission );
- }
-
- public static void assertValid( String scope, Permission permission )
- throws RbacObjectInvalidException
- {
- if ( permission == null )
- {
- throw new RbacObjectInvalidException( scope, "Null Permission object is invalid." );
- }
-
- if ( StringUtils.isEmpty( permission.getName() ) )
- {
- throw new RbacObjectInvalidException( scope, "Permission.name must not be empty." );
- }
-
- assertValid( "Permission.operation", permission.getOperation() );
- assertValid( "Permission.resource", permission.getResource() );
-
- }
-
- public static void assertValid( Operation operation )
- throws RbacObjectInvalidException
- {
- assertValid( null, operation );
- }
-
- public static void assertValid( String scope, Operation operation )
- throws RbacObjectInvalidException
- {
- if ( operation == null )
- {
- throw new RbacObjectInvalidException( scope, "Null Operation object is invalid." );
- }
-
- if ( StringUtils.isEmpty( operation.getName() ) )
- {
- throw new RbacObjectInvalidException( scope, "Operation.name must not be empty." );
- }
- }
-
- public static void assertValid( Resource resource )
- throws RbacObjectInvalidException
- {
- assertValid( null, resource );
- }
-
- public static void assertValid( String scope, Resource resource )
- throws RbacObjectInvalidException
- {
- if ( resource == null )
- {
- throw new RbacObjectInvalidException( scope, "Null Resource object is invalid." );
- }
-
- if ( StringUtils.isEmpty( resource.getIdentifier() ) )
- {
- throw new RbacObjectInvalidException( scope, "Resource.identifier must not be empty." );
- }
- }
-
- public static void assertValid( UserAssignment assignment )
- throws RbacObjectInvalidException
- {
- assertValid( null, assignment );
- }
-
- public static void assertValid( String scope, UserAssignment assignment )
- throws RbacObjectInvalidException
- {
- if ( assignment == null )
- {
- throw new RbacObjectInvalidException( scope, "Null UserAssigment object is invalid." );
- }
-
- if ( StringUtils.isEmpty( assignment.getPrincipal() ) )
- {
- throw new RbacObjectInvalidException( scope, "UserAssigment.principal cannot be empty." );
- }
-
- if ( assignment.getRoleNames() == null )
- {
- throw new RbacObjectInvalidException( scope, "UserAssignment.roles cannot be null." );
- }
-
- /* I don't believe this assertion is valid, a person should be able to be stripped of all roles.
- -- jesse
- if ( assignment.getRoleNames().isEmpty() )
- {
- throw new RbacObjectInvalidException( scope, "UserAssignment.roles cannot be empty." );
- }
- */
- int i = 0;
- for ( String name : assignment.getRoleNames() )
- {
- if ( StringUtils.isEmpty( name ) )
- {
- throw new RbacObjectInvalidException( scope, "UserAssignment.rolename[" + i + "] cannot be empty." );
- }
- i++;
- }
- }
-
-}
+++ /dev/null
-package org.codehaus.plexus.redback.rbac;
-
-/*
- * Copyright 2001-2006 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/**
- * RbacManagerException used by {@link RBACManager} methods to indicate
- * a fundamental persistence or store issue.
- *
- * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
- * @version $Id$
- */
-public class RbacManagerException
- extends Exception
-{
- public RbacManagerException()
- {
- super();
- }
-
- public RbacManagerException( String message, Throwable cause )
- {
- super( message, cause );
- }
-
- public RbacManagerException( String message )
- {
- super( message );
- }
-
- public RbacManagerException( Throwable cause )
- {
- super( cause );
- }
-
-}
+++ /dev/null
-package org.codehaus.plexus.redback.rbac;
-
-/*
- * Copyright 2001-2006 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/**
- * RbacObjectInvalidException
- *
- * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
- * @version $Id$
- */
-public class RbacObjectInvalidException
- extends RbacManagerException
-{
-
- public RbacObjectInvalidException()
- {
- super();
- }
-
- public RbacObjectInvalidException( String message, Throwable cause )
- {
- super( message, cause );
- }
-
- public RbacObjectInvalidException( String message )
- {
- super( message );
- }
-
- public RbacObjectInvalidException( String scope, String message )
- {
- super( ( ( scope != null ) ? scope + ": " : "" ) + message );
- }
-
- public RbacObjectInvalidException( Throwable cause )
- {
- super( cause );
- }
-}
+++ /dev/null
-package org.codehaus.plexus.redback.rbac;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-/**
- * RbacObjectNotFoundException used by {@link RBACManager} methods to identify
- * when a RBAC Object Was Not Found.
- *
- * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
- * @version $Id$
- */
-public class RbacObjectNotFoundException
- extends RbacManagerException
-{
- private Object object;
-
- public RbacObjectNotFoundException()
- {
- super();
- }
-
- public RbacObjectNotFoundException( String message, Throwable cause )
- {
- super( message, cause );
- }
-
- public RbacObjectNotFoundException( String message, Throwable cause, Object object )
- {
- super( message, cause );
- this.object = object;
- }
-
- public RbacObjectNotFoundException( String message )
- {
- super( message );
- }
-
- public RbacObjectNotFoundException( String message, Object object )
- {
- super( message );
- this.object = object;
- }
-
- public RbacObjectNotFoundException( Throwable cause )
- {
- super( cause );
- }
-
- public Object getObject()
- {
- return object;
- }
-}
+++ /dev/null
-package org.codehaus.plexus.redback.rbac;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-/**
- * RbacPermanentException - tossed when a forbidden action against a permanent RBAC Object occurs.
- *
- * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
- * @version $Id$
- */
-public class RbacPermanentException
- extends RbacManagerException
-{
- public RbacPermanentException()
- {
- super();
- }
-
- public RbacPermanentException( String message, Throwable cause )
- {
- super( message, cause );
- }
-
- public RbacPermanentException( String message )
- {
- super( message );
- }
-
- public RbacPermanentException( Throwable cause )
- {
- super( cause );
- }
-}
+++ /dev/null
-package org.codehaus.plexus.redback.rbac;
-
-/*
- * Copyright 2001-2004 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/**
- * Exception thrown when there is a RBAC security violation.
- */
-public class RbacSecurityViolation extends Exception
-{
- public RbacSecurityViolation( String name )
- {
- super( name );
- }
-}
+++ /dev/null
-package org.codehaus.plexus.redback.rbac;
-
-/*
- * Copyright 2001-2006 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/**
- * Resource
- *
- * Resources are things that can be paired up with operations inside of a
- * permission.
- *
- * Rbac doesn't strictly specify what a resource (or Object) is, so there are a
- * couple of variations planned for resources.
- *
- * Initially the resource is simply a string representaton of whatever you desire
- * to match up to an operation. Eventually we want to support different types of
- * expression evaluation for these resources, like a tuple resource. *-* where
- * wildcards can be used on the resource definition to streamline the assigning of
- * permissions for _large_ sets of things.
- *
- * @author Jesse McConnell <jmcconnell@apache.org>
- * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
- * @version $Id$
- */
-public interface Resource
-{
- /**
- * Resource identifier refering to all objects.
- */
- public static final String GLOBAL = "*";
-
- /**
- * Resource identifier refering to no objects.
- */
- public static final String NULL = "-";
-
- /**
- * Get The string identifier for an operation.
- *
- * NOTE: This field is considered the Primary Key for this object.
- */
- public String getIdentifier();
-
- /**
- * true if the identifer is a pattern that is to be evaluated, for
- * example x.* could match x.a or x.b and x.** could match x.foo
- *
- * Jesse: See {@link #setPattern(boolean)}
- *
- */
- public boolean isPattern();
-
- /**
- * Set The string identifier for an operation.
- *
- * NOTE: This field is considered the Primary Key for this object.
- *
- * @param identifier
- */
- public void setIdentifier( String identifier );
-
- /**
- * true if the identifer is a pattern that is to be evaluated, for
- * example x.* could match x.a or x.b and x.** could match x.foo
- *
- * TODO is this even a good idea?
- * TODO we could look for a character like '*' or a string starting with "%/" to indicate if this is a pattern or not.
- *
- * @param pattern
- */
- public void setPattern( boolean pattern );
-
- /**
- * Test to see if the object is a permanent object or not.
- *
- * @return true if the object is permanent.
- */
- public boolean isPermanent();
-
- /**
- * Set flag indicating if the object is a permanent object or not.
- *
- * @param permanent true if the object is permanent.
- */
- public void setPermanent( boolean permanent );
-}
\ No newline at end of file
+++ /dev/null
-package org.codehaus.plexus.redback.rbac;
-
-/*
- * Copyright 2001-2006 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-import java.util.List;
-
-/**
- * Role
- * <p/>
- * A role is assignable to a user and effectively grants that user all of the
- * permissions that are present in that role. A role can also contain other roles
- * which add the permissions in those roles to the available permissions for authorization.
- * <p/>
- * A role can contain any number of permissions
- * A role can contain any number of other roles
- * A role can be assigned to any number of users
- *
- * @author Jesse McConnell <jmcconnell@apache.org>
- * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
- * @version $Id$
- */
-public interface Role
-{
-
- /**
- * Method addPermission
- *
- * @param permission
- */
- void addPermission( Permission permission );
-
- /**
- * Method addChildRoleName
- *
- * @param name the name of the child role.
- */
- void addChildRoleName( String name );
-
- /**
- * Method getChildRoleNames
- */
- List<String> getChildRoleNames();
-
- /**
- * Convienence method to see if Role has Child Roles.
- *
- * @return true if child roles exists and has any roles being tracked.
- */
- boolean hasChildRoles();
-
- /**
- * Long description of the role.
- */
- String getDescription();
-
- /**
- * Get the name.
- * <p/>
- * NOTE: This field is considered the Primary Key for this object.
- */
- String getName();
-
- /**
- * Method getPermissions
- */
- List<Permission> getPermissions();
-
- /**
- * true if this role is available to be assigned to a user
- */
- boolean isAssignable();
-
- /**
- * Method removePermission
- *
- * @param permission
- */
- void removePermission( Permission permission );
-
- /**
- * true if this role is available to be assigned to a user
- *
- * @param assignable
- */
- void setAssignable( boolean assignable );
-
- /**
- * The names of the roles that will inherit the permissions of this role
- *
- * @param names the list of names of other roles.
- */
- void setChildRoleNames( List<String> names );
-
- /**
- * Set the Description
- *
- * @param description
- */
- void setDescription( String description );
-
- /**
- * Set Name
- * <p/>
- * NOTE: This field is considered the Primary Key for this object.
- *
- * @param name
- */
- void setName( String name );
-
- /**
- * Set Permissions
- *
- * @param permissions
- */
- void setPermissions( List<Permission> permissions );
-
- /**
- * Test to see if the object is a permanent object or not.
- *
- * @return true if the object is permanent.
- */
- boolean isPermanent();
-
- /**
- * Set flag indicating if the object is a permanent object or not.
- *
- * @param permanent true if the object is permanent.
- */
- void setPermanent( boolean permanent );
-}
\ No newline at end of file
+++ /dev/null
-package org.codehaus.plexus.redback.rbac;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-
-/**
- * TemplatedRole
- *
- * @author <a href="hisidro@exist.com">Henry Isidro</a>
- */
-public class TemplatedRole
-{
- private Role role;
-
- private String templateNamePrefix;
-
- private String delimiter;
-
- public TemplatedRole(Role role, String templateNamePrefix, String delimeter)
- {
- this.role = role;
- this.templateNamePrefix = templateNamePrefix;
- this.delimiter = delimeter;
- }
-
- public String getResource()
- {
- int index = role.getName().indexOf( getDelimiter() );
-
- return role.getName().substring( index + 3);
- }
-
- public Role getRole()
- {
- return role;
- }
-
- public void setRole( Role role )
- {
- this.role = role;
- }
-
- public String getTemplateNamePrefix()
- {
- return templateNamePrefix;
- }
-
- public void setTemplateNamePrefix( String templateNamePrefix )
- {
- this.templateNamePrefix = templateNamePrefix;
- }
-
- public String getDelimiter()
- {
- return delimiter;
- }
-
- public void setDelimiter( String delimiter )
- {
- this.delimiter = delimiter;
- }
-
- public String getName()
- {
- return this.role.getName();
- }
-
- public void setName( String name )
- {
- this.role.setName( name );
- }
-}
+++ /dev/null
-package org.codehaus.plexus.redback.rbac;
-
-import java.util.List;
-
-/*
- * Copyright 2001-2006 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/**
- * UserAssignment - This the mapping object that takes the principal for a user and associates it with a
- * set of Roles.
- *
- * This is the many to many mapping object needed by persistence stores.
- *
- * @author Jesse McConnell <jmcconnell@apache.org>
- * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
- * @version $Id$
- * @todo expand on javadoc
- */
-public interface UserAssignment
-{
-
-
- /**
- * The principal for the User that the set of roles is associated with.
- *
- * NOTE: This field is considered the Primary Key for this object.
- *
- * @return the principal for the User.
- */
- String getPrincipal();
-
- /**
- * Get the roles for this user.
- *
- * @return List of <{@link String}> objects representing the Role Names.
- */
- List<String> getRoleNames();
-
- /**
- * Add a rolename to this assignment.
- *
- * @param role the role.
- */
- void addRoleName( Role role );
-
- /**
- * Add a rolename to this assignment.
- *
- * @param roleName the role name.
- */
- void addRoleName( String roleName );
-
- /**
- * Remove a rolename from this assignment.
- *
- * @param role the role who's name is to be removed.
- */
- void removeRoleName( Role role );
-
- /**
- * Remove a role name from this assignment.
- *
- * @param roleName the role name to be removed.
- */
- void removeRoleName( String roleName );
-
- /**
- * Set the user principal object for this association.
- *
- * NOTE: This field is considered the Primary Key for this object.
- *
- * @param principal
- */
- void setPrincipal( String principal );
-
- /**
- * Set the roles names for this user.
- *
- * @param roles the List of <{@link String}> objects representing the Role Names.
- */
- void setRoleNames( List<String> roles );
-
- /**
- * Test to see if the object is a permanent object or not.
- *
- * @return true if the object is permanent.
- */
- boolean isPermanent();
-
- /**
- * Set flag indicating if the object is a permanent object or not.
- *
- * @param permanent true if the object is permanent.
- */
- void setPermanent( boolean permanent );
-}
\ No newline at end of file
* under the License.
*/
+import org.apache.archiva.redback.rbac.Operation;
+import org.apache.archiva.redback.rbac.RBACManagerListener;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.RbacObjectInvalidException;
+import org.apache.archiva.redback.rbac.RbacObjectNotFoundException;
+import org.apache.archiva.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.UserAssignment;
import org.codehaus.plexus.cache.Cache;
-import org.codehaus.plexus.redback.rbac.Operation;
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RBACManagerListener;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.RbacObjectInvalidException;
-import org.codehaus.plexus.redback.rbac.RbacObjectNotFoundException;
-import org.codehaus.plexus.redback.rbac.Resource;
-import org.codehaus.plexus.redback.rbac.Role;
-import org.codehaus.plexus.redback.rbac.UserAssignment;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.RBACManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;
}
/**
- * @see org.codehaus.plexus.redback.rbac.RBACManager#getAllAssignableRoles()
+ * @see org.apache.archiva.redback.rbac.RBACManager#getAllAssignableRoles()
*/
public List<Role> getAllAssignableRoles()
throws RbacManagerException, RbacObjectNotFoundException
}
/**
- * @see org.codehaus.plexus.redback.rbac.RBACManager#getAssignedPermissionMap(java.lang.String)
+ * @see org.apache.archiva.redback.rbac.RBACManager#getAssignedPermissionMap(java.lang.String)
*/
@SuppressWarnings( "unchecked" )
public Map getAssignedPermissionMap( String principal )
* under the License.
*/
-import net.sf.ehcache.CacheManager;
-
-import org.codehaus.plexus.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.RBACManager;
import org.codehaus.plexus.redback.tests.AbstractRbacManagerPerformanceTestCase;
import org.junit.After;
import org.junit.Before;
*/
import net.sf.ehcache.CacheManager;
-import org.codehaus.plexus.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.RBACManager;
import org.codehaus.plexus.redback.tests.AbstractRbacManagerTestCase;
import org.junit.Before;
* under the License.
*/
-import org.codehaus.plexus.redback.rbac.AbstractRBACManager;
-import org.codehaus.plexus.redback.rbac.Operation;
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.RBACManagerListener;
-import org.codehaus.plexus.redback.rbac.RBACObjectAssertions;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.RbacObjectInvalidException;
-import org.codehaus.plexus.redback.rbac.RbacObjectNotFoundException;
-import org.codehaus.plexus.redback.rbac.RbacPermanentException;
-import org.codehaus.plexus.redback.rbac.Resource;
-import org.codehaus.plexus.redback.rbac.Role;
-import org.codehaus.plexus.redback.rbac.UserAssignment;
+import org.apache.archiva.redback.rbac.AbstractRBACManager;
+import org.apache.archiva.redback.rbac.Operation;
+import org.apache.archiva.redback.rbac.RBACManagerListener;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.RbacObjectInvalidException;
+import org.apache.archiva.redback.rbac.RbacObjectNotFoundException;
+import org.apache.archiva.redback.rbac.RbacPermanentException;
+import org.apache.archiva.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.UserAssignment;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.RBACObjectAssertions;
import org.springframework.stereotype.Service;
import javax.annotation.PostConstruct;
* under the License.
*/
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.RBACManagerListener;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.RbacObjectNotFoundException;
+import org.apache.archiva.redback.rbac.Role;
import org.codehaus.plexus.jdo.JdoFactory;
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.RBACManagerListener;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.RbacObjectNotFoundException;
-import org.codehaus.plexus.redback.rbac.Role;
import org.codehaus.plexus.util.StringUtils;
import org.springframework.stereotype.Service;
<name>JdoRole</name>
<version>1.0.0+</version>
<interfaces>
- <interface>org.codehaus.plexus.redback.rbac.Role</interface>
+ <interface>org.apache.archiva.redback.rbac.Role</interface>
</interfaces>
- <superClass>org.codehaus.plexus.redback.rbac.AbstractRole</superClass>
+ <superClass>org.apache.archiva.redback.rbac.AbstractRole</superClass>
<fields>
<field jpox.primary-key="true" jpox.value-strategy="off">
<name>name</name>
jpox.dependent="false"
java.generate-break="false"
java.generate-create="false"
- zjava.use-interface="org.codehaus.plexus.redback.rbac.Role">
+ zjava.use-interface="org.apache.archiva.redback.rbac.Role">
<type>String</type>
<multiplicity>*</multiplicity>
</association>
java.init="field"
java.generate-break="false"
java.generate-create="false"
- java.use-interface="org.codehaus.plexus.redback.rbac.Permission">
+ java.use-interface="org.apache.archiva.redback.rbac.Permission">
<type>JdoPermission</type>
<multiplicity>*</multiplicity>
</association>
<name>JdoPermission</name>
<version>1.0.0+</version>
<interfaces>
- <interface>org.codehaus.plexus.redback.rbac.Permission</interface>
+ <interface>org.apache.archiva.redback.rbac.Permission</interface>
</interfaces>
<fields>
<field jpox.primary-key="true" jpox.value-strategy="off">
<version>1.0.0+</version>
<association stash.part="true"
xml.reference="true"
- java.use-interface="org.codehaus.plexus.redback.rbac.Operation"
+ java.use-interface="org.apache.archiva.redback.rbac.Operation"
jpox.dependent="false">
<type>JdoOperation</type>
<multiplicity>1</multiplicity>
<version>1.0.0+</version>
<association stash.part="true"
xml.reference="true"
- java.use-interface="org.codehaus.plexus.redback.rbac.Resource"
+ java.use-interface="org.apache.archiva.redback.rbac.Resource"
jpox.dependent="false">
<type>JdoResource</type>
<multiplicity>1</multiplicity>
<name>JdoOperation</name>
<version>1.0.0+</version>
<interfaces>
- <interface>org.codehaus.plexus.redback.rbac.Operation</interface>
+ <interface>org.apache.archiva.redback.rbac.Operation</interface>
</interfaces>
<fields>
<field jpox.primary-key="true" jpox.value-strategy="off">
In RBAC terms, this is the entity which an operation is associated with that which permissions are based on.
</description>
<interfaces>
- <interface>org.codehaus.plexus.redback.rbac.Resource</interface>
+ <interface>org.apache.archiva.redback.rbac.Resource</interface>
</interfaces>
<fields>
<field jpox.primary-key="true" jpox.value-strategy="off">
<description>binding of a principal to a role</description>
<version>1.0.0+</version>
<interfaces>
- <interface>org.codehaus.plexus.redback.rbac.UserAssignment</interface>
+ <interface>org.apache.archiva.redback.rbac.UserAssignment</interface>
</interfaces>
- <superClass>org.codehaus.plexus.redback.rbac.AbstractUserAssignment</superClass>
+ <superClass>org.apache.archiva.redback.rbac.AbstractUserAssignment</superClass>
<fields>
<field jpox.primary-key="true" jpox.value-strategy="off">
<name>principal</name>
*/
import net.sf.ehcache.CacheManager;
+import org.apache.archiva.redback.rbac.RbacManagerException;
import org.codehaus.plexus.jdo.DefaultConfigurableJdoFactory;
import org.apache.archiva.redback.common.jdo.test.StoreManagerDebug;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.RBACManager;
import org.codehaus.plexus.redback.tests.AbstractRbacManagerTestCase;
import org.jpox.AbstractPersistenceManagerFactory;
import org.jpox.SchemaTool;
import junit.framework.TestCase;
-import org.codehaus.plexus.redback.rbac.Operation;
-import org.codehaus.plexus.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Operation;
+import org.apache.archiva.redback.rbac.Resource;
import org.codehaus.plexus.redback.rbac.jdo.io.stax.RbacJdoModelStaxReader;
import org.codehaus.plexus.redback.rbac.jdo.io.stax.RbacJdoModelStaxWriter;
* under the License.
*/
-import org.codehaus.plexus.redback.rbac.Operation;
+import org.apache.archiva.redback.rbac.Operation;
/**
* MemoryOperation
* under the License.
*/
-import org.codehaus.plexus.redback.rbac.Operation;
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Operation;
+import org.apache.archiva.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Permission;
/**
* MemoryPermission
* under the License.
*/
-import org.codehaus.plexus.redback.rbac.AbstractRBACManager;
-import org.codehaus.plexus.redback.rbac.Operation;
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RBACObjectAssertions;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.RbacObjectInvalidException;
-import org.codehaus.plexus.redback.rbac.RbacObjectNotFoundException;
-import org.codehaus.plexus.redback.rbac.RbacPermanentException;
-import org.codehaus.plexus.redback.rbac.Resource;
-import org.codehaus.plexus.redback.rbac.Role;
-import org.codehaus.plexus.redback.rbac.UserAssignment;
+import org.apache.archiva.redback.rbac.AbstractRBACManager;
+import org.apache.archiva.redback.rbac.Operation;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.RBACObjectAssertions;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.RbacObjectInvalidException;
+import org.apache.archiva.redback.rbac.RbacObjectNotFoundException;
+import org.apache.archiva.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.UserAssignment;
+import org.apache.archiva.redback.rbac.RbacPermanentException;
import org.codehaus.plexus.util.StringUtils;
import org.springframework.stereotype.Service;
* under the License.
*/
-import org.codehaus.plexus.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Resource;
/**
* MemoryResource
* under the License.
*/
-import org.codehaus.plexus.redback.rbac.AbstractRole;
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.AbstractRole;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.Role;
import java.util.ArrayList;
import java.util.List;
* under the License.
*/
-import org.codehaus.plexus.redback.rbac.AbstractUserAssignment;
-import org.codehaus.plexus.redback.rbac.UserAssignment;
+import org.apache.archiva.redback.rbac.AbstractUserAssignment;
+import org.apache.archiva.redback.rbac.UserAssignment;
import java.util.ArrayList;
import java.util.List;
* under the License.
*/
-import net.sf.ehcache.CacheManager;
-
-import org.codehaus.plexus.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.RBACManager;
import org.codehaus.plexus.redback.tests.AbstractRbacManagerTestCase;
import org.junit.Before;
* under the License.
*/
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.UserAssignment;
import org.apache.commons.lang.SystemUtils;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.Resource;
-import org.codehaus.plexus.redback.rbac.Role;
-import org.codehaus.plexus.redback.rbac.UserAssignment;
+import org.apache.archiva.redback.rbac.Resource;
import org.codehaus.plexus.redback.role.model.ModelApplication;
import org.codehaus.plexus.redback.role.model.ModelRole;
import org.codehaus.plexus.redback.role.model.ModelTemplate;
* under the License.
*/
-import org.codehaus.plexus.redback.rbac.Operation;
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.Resource;
-import org.codehaus.plexus.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.Operation;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Role;
import org.codehaus.plexus.redback.role.RoleManagerException;
import org.codehaus.plexus.redback.role.model.ModelApplication;
import org.codehaus.plexus.redback.role.model.ModelOperation;
* under the License.
*/
-import org.codehaus.plexus.redback.rbac.Operation;
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.Resource;
-import org.codehaus.plexus.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.Operation;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.RBACManager;
import org.codehaus.plexus.redback.role.RoleManagerException;
import org.codehaus.plexus.redback.role.model.ModelApplication;
import org.codehaus.plexus.redback.role.model.ModelOperation;
*/
import junit.framework.TestCase;
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.Resource;
-import org.codehaus.plexus.redback.rbac.Role;
-import org.codehaus.plexus.redback.rbac.UserAssignment;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.UserAssignment;
import org.codehaus.plexus.redback.role.model.ModelPermission;
import org.codehaus.plexus.redback.role.model.ModelTemplate;
import org.codehaus.plexus.redback.role.util.RoleModelUtils;
* under the License.
*/
-import net.sf.ehcache.CacheManager;
import org.codehaus.plexus.jdo.DefaultConfigurableJdoFactory;
-import org.codehaus.plexus.redback.rbac.RBACManager;
import org.codehaus.plexus.redback.rbac.jdo.JdoRbacManager;
-import org.codehaus.plexus.redback.rbac.jdo.JdoTool;
-import org.jpox.SchemaTool;
import org.junit.Before;
import org.junit.runner.RunWith;
import org.springframework.test.context.ContextConfiguration;
import javax.inject.Named;
import javax.jdo.PersistenceManager;
import javax.jdo.PersistenceManagerFactory;
-import java.io.File;
-import java.net.URL;
-import java.util.Map;
-import java.util.Properties;
/**
* RoleManagerTest:
*/
import net.sf.ehcache.CacheManager;
-import org.codehaus.plexus.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.RBACManager;
import org.junit.Before;
import javax.inject.Inject;
*/
import junit.framework.TestCase;
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.Role;
import org.codehaus.plexus.redback.role.RoleManagerException;
import org.codehaus.plexus.redback.role.model.RedbackRoleModel;
import org.codehaus.plexus.redback.role.model.io.stax.RedbackRoleModelStaxReader;
*/
import junit.framework.TestCase;
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.Role;
import org.codehaus.plexus.redback.role.model.ModelTemplate;
import org.codehaus.plexus.redback.role.model.RedbackRoleModel;
import org.codehaus.plexus.redback.role.model.io.stax.RedbackRoleModelStaxReader;
* under the License.
*/
import junit.framework.TestCase;
-import org.codehaus.plexus.redback.rbac.Operation;
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.Resource;
-import org.codehaus.plexus.redback.rbac.Role;
-import org.codehaus.plexus.redback.rbac.UserAssignment;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.UserAssignment;
+import org.apache.archiva.redback.rbac.Operation;
import org.codehaus.plexus.redback.tests.utils.RBACDefaults;
import org.junit.Test;
import org.junit.runner.RunWith;
*/
import junit.framework.TestCase;
-import org.codehaus.plexus.redback.rbac.Operation;
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.RbacPermanentException;
-import org.codehaus.plexus.redback.rbac.Resource;
-import org.codehaus.plexus.redback.rbac.Role;
-import org.codehaus.plexus.redback.rbac.UserAssignment;
+import org.apache.archiva.redback.rbac.Operation;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.UserAssignment;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.RbacPermanentException;
import org.codehaus.plexus.redback.tests.utils.RBACDefaults;
import org.junit.Test;
import org.junit.runner.RunWith;
* under the License.
*/
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.RBACManagerListener;
-import org.codehaus.plexus.redback.rbac.Role;
-import org.codehaus.plexus.redback.rbac.UserAssignment;
+import org.apache.archiva.redback.rbac.RBACManagerListener;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.UserAssignment;
import java.util.ArrayList;
import java.util.List;
* limitations under the License.
*/
-import org.codehaus.plexus.redback.rbac.Operation;
-import org.codehaus.plexus.redback.rbac.Permission;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.Operation;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.RbacManagerException;
public class RBACDefaults
{
projects / archiva.git / commitdiff