</dependency>
<dependency>
<groupId>org.codehaus.plexus.security</groupId>
- <artifactId>plexus-security-authentication-provider-memory</artifactId>
+ <artifactId>plexus-security-authentication-provider-user-manager</artifactId>
<version>1.0-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.codehaus.plexus.security</groupId>
- <artifactId>plexus-security-user-management-provider-memory</artifactId>
+ <artifactId>plexus-security-user-management-api</artifactId>
<version>1.0-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.codehaus.plexus.security</groupId>
- <artifactId>plexus-security-authorization-rbac-store-memory</artifactId>
+ <artifactId>plexus-security-user-management-provider-jdo</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </dependency>
+ <dependency>
+ <groupId>org.codehaus.plexus.security</groupId>
+ <artifactId>plexus-security-authorization-rbac-store-jdo</artifactId>
<version>1.0-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.codehaus.plexus.security</groupId>
<artifactId>plexus-security-authorization-rbac-authorizer</artifactId>
<version>1.0-SNAPSHOT</version>
+ </dependency>
+ <dependency>
+ <groupId>org.codehaus.plexus</groupId>
+ <artifactId>plexus-jdo2</artifactId>
+ <version>1.0-alpha-7-SNAPSHOT</version>
+ <exclusions>
+ <exclusion>
+ <groupId>xerces</groupId>
+ <artifactId>xercesImpl</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>xerces</groupId>
+ <artifactId>xmlParserAPIs</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.codehaus.plexus</groupId>
+ <artifactId>plexus-utils</artifactId>
+ <version>1.2</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.derby</groupId>
+ <artifactId>derby</artifactId>
+ <version>10.1.2.1</version>
+ </dependency>
+ <dependency>
+ <groupId>jpox</groupId>
+ <artifactId>jpox</artifactId>
+ <version>1.1.1</version>
+ <exclusions>
+ <!-- targeting JDK 1.4 we don't need this -->
+ <exclusion>
+ <groupId>javax.sql</groupId>
+ <artifactId>jdbc-stdext</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
</dependencies>
<build>
* limitations under the License.
*/
-import com.opensymphony.xwork.ActionSupport;
import org.apache.maven.archiva.proxy.ProxyException;
import org.apache.maven.archiva.proxy.ProxyManager;
import org.apache.maven.wagon.ResourceDoesNotExistException;
+import org.codehaus.plexus.xwork.action.PlexusActionSupport;
import java.io.File;
import java.io.FileInputStream;
* @plexus.component role="com.opensymphony.xwork.Action" role-hint="proxyAction"
*/
public class ProxyAction
- extends ActionSupport
+ extends PlexusActionSupport
{
/**
* @plexus.requirement
import org.apache.maven.archiva.reporting.ReportingStoreException;
import org.apache.maven.artifact.repository.ArtifactRepository;
import org.apache.maven.artifact.resolver.filter.ArtifactFilter;
+import org.codehaus.plexus.xwork.action.PlexusActionSupport;
import java.util.ArrayList;
import java.util.Iterator;
* @plexus.component role="com.opensymphony.xwork.Action" role-hint="reportsAction"
*/
public class ReportsAction
- extends ActionSupport
+ extends PlexusActionSupport
implements Preparable
{
/**
* limitations under the License.
*/
-import com.opensymphony.xwork.ActionSupport;
import org.apache.lucene.index.Term;
import org.apache.lucene.queryParser.MultiFieldQueryParser;
import org.apache.lucene.queryParser.ParseException;
import org.apache.maven.archiva.indexer.lucene.LuceneQuery;
import org.apache.maven.archiva.indexer.lucene.LuceneRepositoryArtifactIndex;
import org.apache.maven.archiva.indexer.record.StandardIndexRecordFields;
+import org.codehaus.plexus.xwork.action.PlexusActionSupport;
import java.io.File;
import java.net.MalformedURLException;
* @plexus.component role="com.opensymphony.xwork.Action" role-hint="searchAction"
*/
public class SearchAction
- extends ActionSupport
+ extends PlexusActionSupport
{
/**
* Query string.
* limitations under the License.
*/
-import com.opensymphony.xwork.ActionSupport;
import org.apache.lucene.index.Term;
import org.apache.lucene.search.TermQuery;
import org.apache.maven.archiva.configuration.Configuration;
import org.apache.maven.project.ProjectBuildingException;
import org.codehaus.plexus.util.StringUtils;
import org.codehaus.plexus.util.xml.pull.XmlPullParserException;
+import org.codehaus.plexus.xwork.action.PlexusActionSupport;
import java.io.File;
import java.io.IOException;
* @plexus.component role="com.opensymphony.xwork.Action" role-hint="showArtifactAction"
*/
public class ShowArtifactAction
- extends ActionSupport
+ extends PlexusActionSupport
{
/**
* @plexus.requirement
* limitations under the License.
*/
-import com.opensymphony.xwork.ActionSupport;
import com.opensymphony.xwork.ModelDriven;
import com.opensymphony.xwork.Preparable;
import org.apache.maven.archiva.configuration.AbstractRepositoryConfiguration;
import org.apache.maven.archiva.configuration.ConfigurationStore;
import org.apache.maven.archiva.configuration.ConfigurationStoreException;
import org.apache.maven.archiva.configuration.InvalidConfigurationException;
+import org.apache.maven.archiva.web.util.RoleManager;
+import org.codehaus.plexus.xwork.action.PlexusActionSupport;
import java.io.IOException;
* @author <a href="mailto:brett@apache.org">Brett Porter</a>
*/
public abstract class AbstractConfigureRepositoryAction
- extends ActionSupport
+ extends PlexusActionSupport
implements ModelDriven, Preparable
{
/**
*/
private ConfigurationStore configurationStore;
+ /**
+ * @plexus.requirement
+ */
+ protected RoleManager roleManager;
+
/**
* The repository.
*/
{
addRepository();
+ roleManager.addRepository( getRepoId() );
+
configurationStore.storeConfiguration( configuration );
// TODO: do we need to check if indexing is needed?
* limitations under the License.
*/
-import com.opensymphony.xwork.ActionSupport;
import com.opensymphony.xwork.ModelDriven;
import com.opensymphony.xwork.Preparable;
import org.apache.maven.archiva.configuration.Configuration;
import org.apache.maven.archiva.configuration.InvalidConfigurationException;
import org.apache.maven.archiva.indexer.RepositoryIndexException;
import org.apache.maven.archiva.indexer.RepositoryIndexSearchException;
+import org.codehaus.plexus.xwork.action.PlexusActionSupport;
import java.io.File;
import java.io.IOException;
* @plexus.component role="com.opensymphony.xwork.Action" role-hint="configureAction"
*/
public class ConfigureAction
- extends ActionSupport
+ extends PlexusActionSupport
implements ModelDriven, Preparable
{
/**
--- /dev/null
+package org.apache.maven.archiva.web.action.admin;
+
+
+/*
+ * Copyright 2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.codehaus.plexus.security.system.SecuritySystem;
+import org.codehaus.plexus.security.user.User;
+import org.codehaus.plexus.security.user.UserManager;
+import org.codehaus.plexus.security.user.policy.PasswordRuleViolationException;
+import org.codehaus.plexus.security.user.policy.PasswordRuleViolations;
+import org.codehaus.plexus.util.StringUtils;
+import org.codehaus.plexus.xwork.action.PlexusActionSupport;
+import org.apache.maven.archiva.web.util.RoleManager;
+
+import java.util.Iterator;
+import java.util.List;
+
+/**
+ * LoginAction:
+ *
+ * @author Jesse McConnell <jmcconnell@apache.org>
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id:$
+ * @plexus.component role="com.opensymphony.xwork.Action"
+ * role-hint="newUser"
+ */
+public class NewUserAction
+ extends PlexusActionSupport
+{
+
+ /**
+ * @plexus.requirement
+ */
+ private SecuritySystem securitySystem;
+
+ /**
+ * @plexus.requirement
+ */
+ private RoleManager roleManager;
+
+ private String username;
+
+ private String password;
+
+ private String passwordConfirm;
+
+ private String email;
+
+ private String fullName;
+
+ public String createUser()
+ {
+ // TODO: use commons-validator for these fields.
+
+ if ( StringUtils.isEmpty( username ) )
+ {
+ addActionError( "User Name is required." );
+ }
+
+ if ( StringUtils.isEmpty( fullName ) )
+ {
+ addActionError( "Full Name is required." );
+ }
+
+ if ( StringUtils.isEmpty( email ) )
+ {
+ addActionError( "Email Address is required." );
+ }
+
+ // TODO: Validate Email Address (use commons-validator)
+
+ if ( StringUtils.equals( password, passwordConfirm ) )
+ {
+ addActionError( "Passwords do not match." );
+ }
+
+ UserManager um = securitySystem.getUserManager();
+
+ User user = um.createUser( username, fullName, email );
+
+ user.setPassword( password );
+
+ try
+ {
+ um.addUser( user );
+ }
+ catch ( PasswordRuleViolationException e )
+ {
+ PasswordRuleViolations violations = e.getViolations();
+ List violationList = violations.getLocalizedViolations();
+ Iterator it = violationList.iterator();
+ while ( it.hasNext() )
+ {
+ addActionError( (String) it.next() );
+ }
+ }
+
+ if ( hasActionErrors() )
+ {
+ return ERROR;
+ }
+
+ roleManager.addUser( user.getPrincipal().toString() );
+
+ return SUCCESS;
+ }
+
+ public String getUsername()
+ {
+ return username;
+ }
+
+ public void setUsername( String username )
+ {
+ this.username = username;
+ }
+
+ public String getPassword()
+ {
+ return password;
+ }
+
+ public void setPassword( String password )
+ {
+ this.password = password;
+ }
+
+ public String getEmail()
+ {
+ return email;
+ }
+
+ public void setEmail( String email )
+ {
+ this.email = email;
+ }
+
+ public String getFullName()
+ {
+ return fullName;
+ }
+
+ public void setFullName( String fullName )
+ {
+ this.fullName = fullName;
+ }
+
+ public String getPasswordConfirm()
+ {
+ return passwordConfirm;
+ }
+
+ public void setPasswordConfirm( String passwordConfirm )
+ {
+ this.passwordConfirm = passwordConfirm;
+ }
+}
* limitations under the License.
*/
-import com.opensymphony.xwork.ActionSupport;
import org.apache.maven.archiva.scheduler.RepositoryTaskScheduler;
import org.apache.maven.archiva.scheduler.TaskExecutionException;
+import org.codehaus.plexus.xwork.action.PlexusActionSupport;
/**
* Configures the application.
* @plexus.component role="com.opensymphony.xwork.Action" role-hint="runRepositoryTaskAction"
*/
public class RunRepositoryTaskAction
- extends ActionSupport
+ extends PlexusActionSupport
{
/**
* @plexus.requirement
--- /dev/null
+package org.apache.maven.archiva.web.action.admin;
+
+
+/*
+ * Copyright 2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import com.opensymphony.xwork.ModelDriven;
+import com.opensymphony.xwork.Preparable;
+import org.codehaus.plexus.security.rbac.RBACManager;
+import org.codehaus.plexus.security.user.User;
+import org.codehaus.plexus.security.user.UserManager;
+import org.codehaus.plexus.xwork.action.PlexusActionSupport;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * LoginAction:
+ *
+ * @author Jesse McConnell <jmcconnell@apache.org>
+ * @version $Id:$
+ * @plexus.component role="com.opensymphony.xwork.Action"
+ * role-hint="userManagement"
+ */
+public class UserManagementAction
+ extends PlexusActionSupport
+ implements ModelDriven, Preparable
+{
+
+ /**
+ * @plexus.requirement
+ */
+ private UserManager userManager;
+
+ /**
+ * @plexus.requirement
+ */
+ private RBACManager rbacManager;
+
+ private User user;
+
+ private String username;
+
+ private String principal;
+
+ private List availableRoles;
+
+ private List assignedRoles;
+
+ private List resources;
+
+ private String resourceName;
+
+ public void prepare()
+ throws Exception
+ {
+ if ( username == null )
+ {
+ username = ( (User) session.get( "user" ) ).getUsername();
+ user = userManager.findUser( username );
+ }
+ else
+ {
+ user = userManager.findUser( username );
+ }
+
+ resources = rbacManager.getAllResources();
+
+ availableRoles = rbacManager.getAllAssignableRoles();
+
+ principal = ( (User) session.get( "user" ) ).getPrincipal().toString();
+
+ if ( principal != null && rbacManager.userAssignmentExists( principal ) )
+ {
+ getLogger().info( "recovering assigned roles" );
+ assignedRoles = new ArrayList( rbacManager.getAssignedRoles( principal ) );
+ availableRoles = new ArrayList( rbacManager.getUnassignedRoles( principal ) );
+ }
+ else
+ {
+ getLogger().info( "new assigned roles" );
+ assignedRoles = new ArrayList();
+ availableRoles = rbacManager.getAllAssignableRoles();
+
+ }
+
+ getLogger().info( "assigned roles: " + assignedRoles.size() );
+ getLogger().info( "available roles: " + availableRoles.size() );
+ }
+
+ public String save()
+ throws Exception
+ {
+ User temp = userManager.findUser( username );
+
+ temp.setEmail( user.getEmail() );
+ temp.setFullName( user.getFullName() );
+ temp.setLocked( user.isLocked() );
+
+ userManager.updateUser( temp );
+
+ return SUCCESS;
+ }
+
+ public Object getModel()
+ {
+ return user;
+ }
+
+ public String getUsername()
+ {
+ return username;
+ }
+
+ public void setUsername( String username )
+ {
+ this.username = username;
+ }
+
+ public User getUser()
+ {
+ return user;
+ }
+
+ public String getPrincipal()
+ {
+ return principal;
+ }
+
+ public void setPrincipal( String principal )
+ {
+ this.principal = principal;
+ }
+
+ public List getAvailableRoles()
+ {
+ return availableRoles;
+ }
+
+ public void setAvailableRoles( List availableRoles )
+ {
+ this.availableRoles = availableRoles;
+ }
+
+ public List getAssignedRoles()
+ {
+ return assignedRoles;
+ }
+
+ public void setAssignedRoles( List assignedRoles )
+ {
+ this.assignedRoles = assignedRoles;
+ }
+
+ public List getResources()
+ {
+ return resources;
+ }
+
+ public void setResources( List resources )
+ {
+ this.resources = resources;
+ }
+
+ public String getResourceName()
+ {
+ return resourceName;
+ }
+
+ public void setResourceName( String resourceName )
+ {
+ this.resourceName = resourceName;
+ }
+}
import com.opensymphony.xwork.interceptor.Interceptor;
import org.apache.maven.archiva.configuration.Configuration;
import org.apache.maven.archiva.configuration.ConfigurationStore;
+import org.apache.maven.archiva.web.util.RoleManager;
import org.codehaus.plexus.logging.AbstractLogEnabled;
/**
*/
private ConfigurationStore configurationStore;
+ /**
+ * @plexus.requirement
+ */
+ private RoleManager roleManager;
+
+ /**
+ *
+ * @param actionInvocation
+ * @return
+ * @throws Exception
+ */
public String intercept( ActionInvocation actionInvocation )
throws Exception
{
--- /dev/null
+package org.apache.maven.archiva.web.util;
+
+/*
+* Copyright 2005 The Apache Software Foundation.
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+
+import org.codehaus.plexus.personality.plexus.lifecycle.phase.Initializable;
+import org.codehaus.plexus.personality.plexus.lifecycle.phase.InitializationException;
+import org.codehaus.plexus.security.rbac.Operation;
+import org.codehaus.plexus.security.rbac.Permission;
+import org.codehaus.plexus.security.rbac.RBACManager;
+import org.codehaus.plexus.security.rbac.RbacObjectNotFoundException;
+import org.codehaus.plexus.security.rbac.RbacStoreException;
+import org.codehaus.plexus.security.rbac.Resource;
+import org.codehaus.plexus.security.rbac.Role;
+import org.codehaus.plexus.security.rbac.UserAssignment;
+
+/**
+ * DefaultRoleManager:
+ *
+ * @author Jesse McConnell <jmcconnell@apache.org>
+ * @version $Id:$
+ * @plexus.component role="org.apache.maven.archiva.web.util.RoleManager"
+ * role-hint="default"
+ */
+public class DefaultRoleManager
+ implements RoleManager, Initializable
+{
+
+ /**
+ * @plexus.requirement
+ */
+ private RBACManager manager;
+
+ private boolean initialized;
+
+ public void initialize()
+ throws InitializationException
+ {
+
+ // initialize the operations
+
+ if ( !manager.operationExists( "add-repository" ) )
+ {
+ Operation operation = manager.createOperation( "add-repository" );
+ manager.saveOperation( operation );
+ }
+
+ if ( !manager.operationExists( "edit-repository" ) )
+ {
+ Operation operation = manager.createOperation( "edit-repository" );
+ manager.saveOperation( operation );
+ }
+
+ if ( !manager.operationExists( "delete-repository" ) )
+ {
+ Operation operation = manager.createOperation( "delete-repository" );
+ manager.saveOperation( operation );
+ }
+
+ if ( !manager.operationExists( "edit-configuration" ) )
+ {
+ Operation operation = manager.createOperation( "edit-configuration" );
+ manager.saveOperation( operation );
+ }
+
+ if ( !manager.operationExists( "run-indexer" ) )
+ {
+ Operation operation = manager.createOperation( "run-indexer" );
+ manager.saveOperation( operation );
+ }
+
+ if ( !manager.operationExists( "regenerate-index" ) )
+ {
+ Operation operation = manager.createOperation( "regenerate-index" );
+ manager.saveOperation( operation );
+ }
+
+ if ( !manager.operationExists( "get-reports" ) )
+ {
+ Operation operation = manager.createOperation( "get-reports" );
+ manager.saveOperation( operation );
+ }
+
+ if ( !manager.operationExists( "regenerate-reports" ) )
+ {
+ Operation operation = manager.createOperation( "regenerate-reports" );
+ manager.saveOperation( operation );
+ }
+
+ if ( !manager.operationExists( "edit-user" ) )
+ {
+ Operation operation = manager.createOperation( "edit-user" );
+ manager.saveOperation( operation );
+ }
+
+ if ( !manager.operationExists( "edit-all-users" ) )
+ {
+ Operation operation = manager.createOperation( "edit-all-users" );
+ manager.saveOperation( operation );
+ }
+
+ if ( !manager.operationExists( "remove-roles" ) )
+ {
+ Operation operation = manager.createOperation( "remove-roles" );
+ manager.saveOperation( operation );
+ }
+
+ try
+ {
+ if ( !manager.permissionExists( "Edit Configuration" ) )
+ {
+ Permission editConfiguration =
+ manager.createPermission( "Edit Configuration", "edit-configuration", manager.getGlobalResource().getIdentifier() );
+ manager.savePermission( editConfiguration );
+ }
+
+ if ( !manager.permissionExists( "Run Indexer" ) )
+ {
+ Permission runIndexer = manager.createPermission( "Run Indexer", "run-indexer", manager.getGlobalResource().getIdentifier() );
+
+ manager.savePermission( runIndexer );
+ }
+
+ if ( !manager.permissionExists( "Add Repository" ) )
+ {
+ Permission runIndexer = manager.createPermission( "Add Repository", "add-repository", manager.getGlobalResource().getIdentifier() );
+ manager.savePermission( runIndexer );
+ }
+
+ if ( !manager.permissionExists( "Edit All Users" ) )
+ {
+ Permission editAllUsers = manager.createPermission( "Edit All Users", "edit-all-users", manager.getGlobalResource().getIdentifier() );
+
+ manager.savePermission( editAllUsers );
+ }
+
+ if ( !manager.permissionExists( "Remove Roles" ) )
+ {
+ Permission editAllUsers = manager.createPermission( "Remove Roles", "remove-roles", manager.getGlobalResource().getIdentifier() );
+
+ manager.savePermission( editAllUsers );
+ }
+
+
+ if ( !manager.permissionExists( "Regenerate Index" ) )
+ {
+ Permission regenIndex = manager.createPermission( "Regenerate Index", "regenerate-index", manager.getGlobalResource().getIdentifier() );
+
+ manager.savePermission( regenIndex );
+ }
+
+ if ( !manager.roleExists( "User Administrator" ) )
+ {
+ Role userAdmin = manager.createRole( "User Administrator" );
+ userAdmin.addPermission( manager.getPermission( "Edit All Users" ) );
+ userAdmin.addPermission( manager.getPermission( "Remove Roles" ) );
+ userAdmin.setAssignable( true );
+ manager.saveRole( userAdmin );
+ }
+
+ if ( !manager.roleExists( "System Administrator" ) )
+ {
+ Role admin = manager.createRole( "System Administrator" );
+ admin.addChildRole( manager.getRole( "User Administrator" ) ) ;
+ admin.addPermission( manager.getPermission( "Edit Configuration" ) );
+ admin.addPermission( manager.getPermission( "Run Indexer" ) );
+ admin.addPermission( manager.getPermission( "Add Repository") );
+ admin.addPermission( manager.getPermission( "Regenerate Index" ) );
+ admin.setAssignable( true );
+ manager.saveRole( admin );
+ }
+
+
+
+ }
+ catch ( RbacObjectNotFoundException ne )
+ {
+ throw new InitializationException( "error in role initialization", ne );
+ }
+
+ initialized = true;
+ }
+
+ public void addUser( String principal )
+ throws RbacStoreException
+ {
+ try
+ {
+ // make the resource
+ Resource usernameResource = manager.createResource( principal );
+ manager.saveResource( usernameResource );
+
+ Permission editUser = manager.createPermission( "Edit Myself" );
+ editUser.setOperation( manager.getOperation( "edit-user" ) );
+ editUser.setResource( manager.getResource( principal ) );
+ editUser = manager.savePermission( editUser );
+
+ // todo this one role a user will go away when we have expressions in the resources
+ Role userRole = manager.createRole( "Personal Role - " + principal );
+ userRole.addPermission( editUser );
+ userRole = manager.saveRole( userRole );
+
+ UserAssignment assignment = manager.createUserAssignment( principal );
+ assignment.addRole( userRole );
+ manager.saveUserAssignment( assignment );
+
+ }
+ catch ( RbacObjectNotFoundException ne )
+ {
+ throw new RbacStoreException( "rbac object not found in repo role creation", ne );
+ }
+ }
+
+ public void addRepository( String repositoryName )
+ throws RbacStoreException
+ {
+ try
+ {
+ // make the resource
+ Resource repoResource = manager.createResource( repositoryName );
+ repoResource = manager.saveResource( repoResource );
+
+ // make the permissions
+ Permission editRepo = manager.createPermission( "Edit Repository - " + repositoryName );
+ editRepo.setOperation( manager.getOperation( "edit-repository" ) );
+ editRepo.setResource( repoResource );
+ editRepo = manager.savePermission( editRepo );
+
+ Permission deleteRepo = manager.createPermission( "Delete Repository - " + repositoryName );
+ deleteRepo.setOperation( manager.getOperation( "delete-repository" ) );
+ deleteRepo.setResource( repoResource );
+ deleteRepo = manager.savePermission( deleteRepo );
+
+ Permission getReports =
+ manager.createPermission( "Get Reports - " + repositoryName );
+ getReports.setOperation( manager.getOperation( "get-reports" ) );
+ getReports.setResource( repoResource );
+ getReports = manager.savePermission( getReports );
+
+ Permission regenReports = manager.createPermission( "Regenerate Reports - " + repositoryName );
+ regenReports.setOperation( manager.getOperation( "regenerate-reports" ) );
+ regenReports.setResource( repoResource );
+ regenReports = manager.savePermission( regenReports );
+
+ // make the roles
+ Role repositoryObserver = manager.createRole( "Repository Manager - " + repositoryName );
+ repositoryObserver.addPermission( editRepo );
+ repositoryObserver.setAssignable( true );
+ repositoryObserver = manager.saveRole( repositoryObserver );
+
+ Role repositoryManager = manager.createRole( "Repository Manager - " + repositoryName );
+ repositoryManager.addPermission( editRepo );
+ repositoryManager.addPermission( deleteRepo );
+ repositoryManager.addPermission( regenReports );
+ repositoryManager.addChildRole( repositoryObserver );
+ repositoryManager.setAssignable( true );
+ manager.saveRole( repositoryManager );
+
+ }
+ catch ( RbacObjectNotFoundException ne )
+ {
+ throw new RbacStoreException( "rbac object not found in repo role creation", ne );
+ }
+ }
+
+ public boolean isInitialized()
+ {
+ return initialized;
+ }
+
+ public void setInitialized( boolean initialized )
+ {
+ this.initialized = initialized;
+ }
+}
--- /dev/null
+package org.apache.maven.archiva.web.util;
+
+import org.codehaus.plexus.security.rbac.RbacStoreException;
+
+/*
+ * Copyright 2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * RoleManager:
+ *
+ * @author Jesse McConnell <jmcconnell@apache.org>
+ * @version $Id:$
+ *
+ */
+public interface RoleManager
+{
+ public static final String ROLE = RoleManager.class.getName();
+
+ public void addRepository( String repositoryName )
+ throws RbacStoreException;
+
+ public void addUser( String principal )
+ throws RbacStoreException;
+
+ public boolean isInitialized();
+}
<hierarchy>org.apache.maven</hierarchy>
<level>DEBUG</level>
</level>
+ <level>
+ <hierarchy>org.codehaus.plexus.security</hierarchy>
+ <level>INFO</level>
+ </level>
</levels>
</configuration>
</component>
<!-- plexus security components -->
- <component>
+ <component>
<role>org.codehaus.plexus.security.system.SecuritySystem</role>
<implementation>org.codehaus.plexus.security.system.DefaultSecuritySystem</implementation>
<role-hint>default</role-hint>
<requirements>
<requirement>
<role>org.codehaus.plexus.security.authentication.Authenticator</role>
- <role-hint>memory</role-hint>
+ <role-hint>user-manager</role-hint>
</requirement>
<requirement>
<role>org.codehaus.plexus.security.authorization.Authorizer</role>
</requirement>
<requirement>
<role>org.codehaus.plexus.security.user.UserManager</role>
- <role-hint>memory</role-hint>
+ <role-hint>jdo</role-hint>
</requirement>
</requirements>
</component>
<implementation>org.codehaus.plexus.security.authorization.rbac.RbacAuthorizer</implementation>
<requirements>
<requirement>
- <role>org.codehaus.plexus.security.authorization.rbac.store.RbacStore</role>
- <role-hint>memory</role-hint>
+ <role>org.codehaus.plexus.security.rbac.RBACManager</role>
+ <role-hint>jdo</role-hint>
+ </requirement>
+ <requirement>
+ <role>org.codehaus.plexus.security.authorization.rbac.evaluator.PermissionEvaluator</role>
+ <role-hint>default</role-hint>
</requirement>
</requirements>
</component>
+ <component>
+ <role>org.codehaus.plexus.jdo.JdoFactory</role>
+ <implementation>org.codehaus.plexus.jdo.DefaultConfigurableJdoFactory</implementation>
+ <configuration>
+
+ <!-- HSQLDB Configuration -->
+ <!--
+ NOTE: NO NOT USE THIS CONFIGURATION FOR A PRODUCTION SYSTEM.
+ HSQLDB keeps all data in memory at all times.
+
+ NOTE: JPOX 1.1.1 won't create the tables on start
+ http://www.jpox.org/servlet/jira/browse/CORE-2946
+ -->
+ <!--
+ <driverName>org.hsqldb.jdbcDriver</driverName>
+ <url>jdbc:hsqldb:mem:test</url>
+ <userName>sa</userName>
+ <password></password>
+ -->
+
+ <!-- Apache Derby Configuration -->
+ <driverName>org.apache.derby.jdbc.EmbeddedDriver</driverName>
+ <url>jdbc:derby:${plexus.home}/database;create=true</url>
+ <userName>sa</userName>
+ <password></password>
+
+ <!-- Postgresql Configuration -->
+ <!--
+ <driverName>org.postgresql.Driver</driverName>
+ <url>jdbc:postgresql://localhost/continuum</url>
+ <userName>username</userName>
+ <password></password>
+ -->
+
+ <!-- JPOX and JDO configuration -->
+ <persistenceManagerFactoryClass>org.jpox.PersistenceManagerFactoryImpl</persistenceManagerFactoryClass>
+ <otherProperties>
+ <property>
+ <name>org.jpox.autoCreateSchema</name>
+ <value>true</value>
+ </property>
+ <property>
+ <name>org.jpox.autoStartMechanism</name>
+ <value>SchemaTable</value>
+ </property>
+ <property>
+ <name>org.jpox.autoStartMechanismMode</name>
+ <value>Ignored</value>
+ </property>
+ <property>
+ <name>org.jpox.validateTables</name>
+ <value>false</value>
+ </property>
+ <property>
+ <name>org.jpox.validateConstraints</name>
+ <value>false</value>
+ </property>
+ <property>
+ <name>org.jpox.transactionIsolation</name>
+ <value>READ_UNCOMMITTED</value>
+ </property>
+ <property>
+ <name>org.jpox.poid.transactionIsolation</name>
+ <value>READ_UNCOMMITTED</value>
+ </property>
+ </otherProperties>
+ </configuration>
+ </component>
+
</components>
<!-- Override default configuration of components -->
</action>
<!-- plexus security actions -->
- <action name="login" class="session" method="login">
- <result name="input">/WEB-INF/jsp/login.jsp</result>
+ <action name="login" class="plexusSecurityLogin" method="login">
+ <result name="input">/WEB-INF/jsp/loginRegister.jsp</result>
<result name="success" type="redirect-action">browse</result>
</action>
- <action name="logout" class="session" method="logout">
- <result>/WEB-INF/jsp/logout.jsp</result>
+ <action name="logout" class="plexusSecurityLogin" method="logout">
+ <result name="success">/WEB-INF/jsp/logout.jsp</result>
</action>
- <action name="register" class="registerUser" method="createUser">
- <result name="input">/WEB-INF/jsp/register.jsp</result>
+ <action name="register" class="newUser" method="createUser">
<result name="success" type="redirect-action">login</result>
</action>
</package>
<result name="wait" type="redirect">/admin/reports.action?reportGroup=${reportGroup}&repositoryId=${repositoryId}&filter=${filter}</result>
<result name="success" type="redirect">/admin/reports.action?reportGroup=${reportGroup}&repositoryId=${repositoryId}&filter=${filter}</result>
</action>
+
+
+ <action name="user" class="userManagement">
+ <result name="success">/WEB-INF/jsp/user.jsp</result>
+ </action>
+
+ <!-- plexus security actions -->
+
+ <action name="userDetails" class="plexusSecurityUserManagement" method="save">
+ <result name="success">/WEB-INF/jsp/userDetails.jsp</result>
+ </action>
+
+ <action name="userManagement" class="plexusSecurityUserManagement">
+ <result name="success">/WEB-INF/jsp/findUser.jsp</result>
+ </action>
+
+ <action name="assignRoleToUser" class="plexusSecurityUserAssignment" method="assignRole">
+ <result name="success" type="redirect-action">user</result>
+ </action>
+
+ <action name="removeRoleFromUser" class="plexusSecurityUserAssignment" method="removeRole">
+ <result name="success" type="redirect-action">user</result>
+ </action>
+
+ <action name="permissions" class="plexusSecuritySummary" method="permissionSummary">
+ <result name="success">/WEB-INF/jsp/admin/rbac/permissions.jsp</result>
+ </action>
+
+ <action name="permission" class="plexusSecurityPermission">
+ <interceptor-ref name="paramsPrepareParamsStack"/>
+ <result name="success">/WEB-INF/jsp/admin/rbac/permission.jsp</result>
+ </action>
+
+ <action name="savePermission" class="plexusSecurityPermission" method="save">
+ <interceptor-ref name="paramsPrepareParamsStack"/>
+ <result name="success" type="redirect-action">permissions</result>
+ </action>
+
+ <action name="removePermission" class="plexusSecurityPermission" method="remove">
+ <result name="success" type="redirect-action">permissions</result>
+ </action>
+
+ <action name="operations" class="plexusSecuritySummary" method="operationSummary">
+ <result name="success">/WEB-INF/jsp/admin/rbac/operations.jsp</result>
+ </action>
+
+ <action name="operation" class="plexusSecurityOperation">
+ <interceptor-ref name="paramsPrepareParamsStack"/>
+ <result name="success">/WEB-INF/jsp/admin/rbac/operation.jsp</result>
+ </action>
+
+ <action name="saveOperation" class="plexusSecurityOperation" method="save">
+ <interceptor-ref name="paramsPrepareParamsStack"/>
+ <result name="success" type="redirect-action">operations</result>
+ </action>
+
+ <action name="removeOperation" class="plexusSecurityOperation" method="remove">
+ <result name="success" type="redirect-action">operations</result>
+ </action>
+
+ <action name="resources" class="plexusSecuritySummary" method="resourceSummary">
+ <result name="success">/WEB-INF/jsp/admin/rbac/resources.jsp</result>
+ </action>
+
+ <action name="resource" class="plexusSecurityResource">
+ <interceptor-ref name="paramsPrepareParamsStack"/>
+ <result name="success">/WEB-INF/jsp/admin/rbac/resource.jsp</result>
+ </action>
+
+ <action name="saveResource" class="plexusSecurityResource" method="save">
+ <interceptor-ref name="paramsPrepareParamsStack"/>
+ <result name="success" type="redirect-action">resources</result>
+ </action>
+
+ <action name="removeResource" class="plexusSecurityResource" method="remove">
+ <result name="success">/WEB-INF/jsp/admin/rbac/resources.jsp</result>
+ </action>
+
+ <action name="roles" class="plexusSecuritySummary" method="roleSummary">
+ <result name="success">/WEB-INF/jsp/admin/rbac/roles.jsp</result>
+ </action>
+
+ <action name="role" class="plexusSecurityRole">
+ <interceptor-ref name="paramsPrepareParamsStack"/>
+ <result name="success">/WEB-INF/jsp/admin/rbac/role.jsp</result>
+ </action>
+
+ <action name="saveRole" class="plexusSecurityRole" method="save">
+ <interceptor-ref name="paramsPrepareParamsStack"/>
+ <result name="success" type="redirect-action">roles</result>
+ </action>
+
+ <action name="removeRole" class="plexusSecurityRole" method="remove">
+ <result name="success" type="redirect-action">roles</result>
+ </action>
+
+ <action name="removeAssignedRole" class="plexusSecurityRole" method="removeAssignedRole">
+ <result name="success" type="chain">role</result>
+ </action>
+
+ <action name="removeAssignedPermission" class="plexusSecurityRole" method="removeAssignedPermission">
+ <result name="success" type="chain">role</result>
+ </action>
+
+
+
</package>
</xwork>
<%@ taglib prefix="ww" uri="/webwork" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
+<%@ taglib prefix="pss" uri="plexusSecuritySystem" %>
<html>
<head>
<ww:property value="indexerCronExpression"/>
</td>
<%-- TODO: a "delete index and run now" operation should be here too (really clean, remove deletions that didn't get picked up) --%>
- <td><a href="<ww:url action="runIndexer" />">Run Now</a></td>
+ <td>
+ <pss:ifAuthorized permission="run-indexer">
+ <a href="<ww:url action="runIndexer" />">Run Now</a>
+ </pss:ifAuthorized>
+ </td>
</tr>
</table>
<div>
<div style="float: right">
<%-- TODO replace with icons --%>
- <a href="<ww:url action="addRepository" method="input" />">Add Repository</a></div>
+ <pss:ifAuthorized permission="add-repository">
+ <ww:url id="addRepositoryUrl" action="addRepository" method="input"/>
+ <ww:a href="%{addRepositoryUrl}">Add Repository</ww:a>
+ </pss:ifAuthorized>
+ </div>
<h2>Managed Repositories</h2>
</div>
--- /dev/null
+NOTE: since this is the first application of plexus-security I have these pages here for analyzing the roles
+from rbac.
+
+these will be removed shortly
+
+nada que ver aqui! :P
\ No newline at end of file
--- /dev/null
+<%--
+ ~ Copyright 2005-2006 The Apache Software Foundation.
+ ~
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ --%>
+
+<%@ taglib prefix="ww" uri="/webwork" %>
+
+<html>
+<head>
+ <title>Configuration</title>
+ <ww:head/>
+</head>
+
+<body>
+
+<h1>Operation Modification</h1>
+
+<div id="contentArea">
+
+<ww:actionerror/>
+<ww:form action="saveOperation" method="post">
+ <ww:hidden name="operationName"/>
+
+ <ww:textfield label="name" name="name"/> <br/>
+ <ww:textfield label="description" name="description"/> <br/>
+
+ <ww:submit/>
+</ww:form>
+
+</div>
+</body>
+</html>
\ No newline at end of file
--- /dev/null
+<%--
+ ~ Copyright 2005-2006 The Apache Software Foundation.
+ ~
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ --%>
+
+<%@ taglib prefix="ww" uri="/webwork" %>
+
+<html>
+<head>
+ <title>Configuration</title>
+ <ww:head/>
+</head>
+
+<body>
+
+<h1>Available Operations</h1>
+
+<div id="contentArea">
+
+ <ww:url id="rolesUrl" action="roles"/>
+ <ww:url id="permissionsUrl" action="permissions"/>
+ <ww:url id="operationsUrl" action="operations"/>
+ <ww:url id="resourcesUrl" action="resources"/>
+
+ <p><ww:a href="%{rolesUrl}">Roles</ww:a>|<ww:a href="%{permissionsUrl}">Permissions</ww:a>|<ww:a href="%{operationsUrl}">Operations</ww:a>|<ww:a href="%{resourcesUrl}">Resources</ww:a> </p>
+
+ <ww:actionerror/>
+
+ <ww:iterator id="operation" value="operations">
+ <ww:url id="operationUrl" action="operation">
+ <ww:param name="operationName">${operation.name}</ww:param>
+ </ww:url>
+
+ <ww:a href="%{operationUrl}">${operation.name}</ww:a><br/>
+ </ww:iterator>
+
+ <p>
+ <ww:url id="newOperationUrl" action="operation"/>
+
+ <ww:a href="%{newOperationUrl}">new</ww:a><br/>
+ </p>
+</div>
+ </body>
+</html>
\ No newline at end of file
--- /dev/null
+<%--
+ ~ Copyright 2005-2006 The Apache Software Foundation.
+ ~
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ --%>
+
+<%@ taglib prefix="ww" uri="/webwork" %>
+
+<html>
+<head>
+ <title>Configuration</title>
+ <ww:head/>
+</head>
+
+<body>
+
+<h1>Permission Modification</h1>
+
+<div id="contentArea">
+
+ <ww:actionerror/>
+ <ww:form action="savePermission" method="post">
+ <ww:hidden name="permissionName"/>
+
+ <ww:textfield label="Name" name="name"/> <br/>
+ <ww:textfield label="Description" name="description"/> <br/>
+ <ww:select label="Operation" name="operationName" list="operations" listKey="name" listValue="name" value="operation.name" emptyOption="true"/> <br/>
+ <br/>
+ <ww:select label="Resource" name="resourceIdentifier" list="resources" listKey="identifier" listValue="identifier" value="resource.identifier" emptyOption="true"/><br/>
+ or<br/>
+ <ww:checkbox label="Is GlobalResource?" name="globalResource"/><br/>
+ <center><ww:submit/></center>
+ </ww:form>
+</div>
+ </body>
+</html>
\ No newline at end of file
--- /dev/null
+<%--
+ ~ Copyright 2005-2006 The Apache Software Foundation.
+ ~
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ --%>
+
+<%@ taglib prefix="ww" uri="/webwork" %>
+
+<html>
+<head>
+ <title>Configuration</title>
+ <ww:head/>
+</head>
+
+<body>
+
+<h1>Available Permissions</h1>
+
+<div id="contentArea">
+ <ww:url id="rolesUrl" action="roles"/>
+ <ww:url id="permissionsUrl" action="permissions"/>
+ <ww:url id="operationsUrl" action="operations"/>
+ <ww:url id="resourcesUrl" action="resources"/>
+
+ <p><ww:a href="%{rolesUrl}">Roles</ww:a>|<ww:a href="%{permissionsUrl}">Permissions</ww:a>|<ww:a href="%{operationsUrl}">Operations</ww:a>|<ww:a href="%{resourcesUrl}">Resources</ww:a> </p>
+
+ <p>
+ Permissions list page
+ </p>
+ <ww:actionerror/>
+
+ <ww:iterator id="permission" value="permissions">
+ <ww:url id="permissionUrl" action="permission">
+ <ww:param name="permissionName">${permission.name}</ww:param>
+ </ww:url>
+
+ <ww:a href="%{permissionUrl}">${permission.name}</ww:a><br/>
+ </ww:iterator>
+
+ <p>
+ <ww:url id="newPermissionUrl" action="permission"/>
+
+ <ww:a href="%{newPermissionUrl}">new</ww:a><br/>
+ </p>
+
+
+</div
+ </body>
+</html>
\ No newline at end of file
--- /dev/null
+<%--
+ ~ Copyright 2005-2006 The Apache Software Foundation.
+ ~
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ --%>
+
+<%@ taglib prefix="ww" uri="/webwork" %>
+
+<html>
+<head>
+ <title>Configuration</title>
+ <ww:head/>
+</head>
+
+<body>
+
+<h1>Resource Modification</h1>
+
+<div id="contentArea">
+
+ <ww:actionerror/>
+ <ww:form action="saveResource" method="post">
+ <ww:hidden name="resourceIdentifier"/>
+
+ <ww:textfield label="identifier" name="identifier"/> <br/>
+
+ <center><ww:submit/></center>
+ </ww:form>
+
+</div>
+ </body>
+</html>
\ No newline at end of file
--- /dev/null
+<%--
+ ~ Copyright 2005-2006 The Apache Software Foundation.
+ ~
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ --%>
+
+<%@ taglib prefix="ww" uri="/webwork" %>
+
+<html>
+<head>
+ <title>Configuration</title>
+ <ww:head/>
+</head>
+
+<body>
+
+<h1>Available Resources</h1>
+
+<div id="contentArea">
+
+ <ww:url id="rolesUrl" action="roles"/>
+ <ww:url id="permissionsUrl" action="permissions"/>
+ <ww:url id="operationsUrl" action="operations"/>
+ <ww:url id="resourcesUrl" action="resources"/>
+
+ <p><ww:a href="%{rolesUrl}">Roles</ww:a>|<ww:a href="%{permissionsUrl}">Permissions</ww:a>|<ww:a href="%{operationsUrl}">Operations</ww:a>|<ww:a href="%{resourcesUrl}">Resources</ww:a> </p>
+
+ <ww:actionerror/>
+
+ <ww:iterator id="resource" value="resources">
+ <ww:url id="resourceUrl" action="resource">
+ <ww:param name="resourceIdentifier">${resource.identifier}</ww:param>
+ </ww:url>
+ <ww:a href="%{resourceUrl}">${resource.identifier}</ww:a><br/>
+ </ww:iterator>
+
+ <p>
+ <ww:url id="newResourceUrl" action="resource"/>
+
+ <ww:a href="%{newResourceUrl}">new</ww:a><br/>
+ </p>
+</div>
+
+ </body>
+</html>
\ No newline at end of file
--- /dev/null
+<%--
+ ~ Copyright 2005-2006 The Apache Software Foundation.
+ ~
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ --%>
+
+<%@ taglib prefix="ww" uri="/webwork" %>
+
+<html>
+<head>
+ <title>Configuration</title>
+ <ww:head/>
+</head>
+
+<body>
+
+<h1>Role Modification</h1>
+
+<div id="contentArea">
+
+<ww:actionerror/>
+<ww:form action="saveRole" method="post">
+ <ww:hidden name="roleName"/>
+
+ <ww:textfield label="name" name="name"/> <br/>
+ <ww:textfield label="description" name="description"/> <br/>
+ <ww:checkbox label="assignable?" name="assignable"/><br/>
+ <br/>
+ Currently Assigned Permissions:<br/>
+ <ww:iterator id="permission" value="permissions">
+ <ww:url id="removeAssignedPermissionUrl" action="removeAssignedPermission">
+ <ww:param name="roleName" value="roleName"/>
+ <ww:param name="removePermissionName">${permission.name}</ww:param>
+ </ww:url>
+ ${permission.name} | <ww:a href="%{removeAssignedPermissionUrl}">remove</ww:a><br/>
+ </ww:iterator>
+ <br/>
+ <ww:select label="add new permission" name="assignPermissionName" list="assignablePermissions" listKey="name" listValue="name" emptyOption="true"/><br/>
+ <br/>
+ Currently Assigned Roles:<br/>
+ <ww:iterator id="arole" value="childRoles.roles">
+ <ww:url id="removeAssignedRoleUrl" action="removeAssignedRole">
+ <ww:param name="roleName" value="roleName"/>
+ <ww:param name="removeRoleName" value="${arole.name}"/>
+ </ww:url>
+ ${arole.name} | <ww:a href="%{removeAssignedRoleUrl}">remove</ww:a><br/>
+ </ww:iterator>
+ <br/>
+ <ww:select label="add sub role" name="assignedRoleName" list="assignableRoles" listKey="name" listValue="name" emptyOption="true"/><br/>
+
+ <p>
+ <ww:submit/>
+ </p>
+</ww:form>
+ </div>
+</body>
+</html>
\ No newline at end of file
--- /dev/null
+<%--
+ ~ Copyright 2005-2006 The Apache Software Foundation.
+ ~
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ --%>
+
+<%@ taglib prefix="ww" uri="/webwork" %>
+
+<html>
+<head>
+ <title>Configuration</title>
+ <ww:head/>
+</head>
+
+<body>
+
+<h1>Available Roles</h1>
+
+<div id="contentArea">
+
+ <body>
+ <ww:url id="rolesUrl" action="roles"/>
+ <ww:url id="permissionsUrl" action="permissions"/>
+ <ww:url id="operationsUrl" action="operations"/>
+ <ww:url id="resourcesUrl" action="resources"/>
+
+ <p><ww:a href="%{rolesUrl}">Roles</ww:a>|<ww:a href="%{permissionsUrl}">Permissions</ww:a>|<ww:a href="%{operationsUrl}">Operations</ww:a>|<ww:a href="%{resourcesUrl}">Resources</ww:a> </p>
+
+ <ww:actionerror/>
+ <ww:iterator id="role" value="roles">
+ <ww:url id="roleUrl" action="role">
+ <ww:param name="roleName">${role.name}</ww:param>
+ </ww:url>
+
+ <ww:a href="%{roleUrl}">${role.name}</ww:a><br/>
+ </ww:iterator>
+
+ <p>
+ <ww:url id="newRoleUrl" action="role"/>
+
+ <ww:a href="%{newRoleUrl}">new</ww:a><br/>
+ </p>
+</div>
+ </body>
+</html>
\ No newline at end of file
\r
<%@ taglib prefix="ww" uri="/webwork" %>\r
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>\r
+<%@ taglib prefix="pss" uri="plexusSecuritySystem" %>\r
\r
<html>\r
<head>\r
<body>\r
\r
<h1>Browse Repository</h1>\r
-\r
<div id="contentArea">\r
<div id="nameColumn">\r
<h2>Groups</h2>\r
</ul>\r
</div>\r
\r
+\r
+\r
<%-- TODO: later, when supported in metadata\r
<div id="categoryColumn">\r
<h2>Category</h2>\r
<%@ taglib uri="/webwork" prefix="ww" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<%@ taglib prefix="my" tagdir="/WEB-INF/tags" %>
+<%@ taglib prefix="pss" uri="plexusSecuritySystem" %>
<html>
<head>
<title>Maven Archiva ::
<div class="xleft">
<ww:url id="loginUrl" action="login" namespace="/"/>
<ww:url id="logoutUrl" action="logout" namespace="/"/>
- <ww:url id="registerUrl" action="register" namespace="/"/>
+ <ww:url id="manageUserUrl" action="user" namespace="/admin"/>
+
<ww:if test="${sessionScope.authStatus != true}">
- <ww:a href="%{loginUrl}">Login</ww:a>
- or
- <ww:a href="%{registerUrl}">Register</ww:a>
+ <ww:a href="%{loginUrl}">Login/Register</ww:a>
+
</ww:if>
<ww:else>
Welcome, <b>${sessionScope.user.username}</b> -
+ <ww:a href="%{manageUserUrl}">Settings</ww:a> -
<ww:a href="%{logoutUrl}">Logout</ww:a>
</ww:else>
</div>
<li class="none">
<my:currentWWUrl action="proxiedRepositories" namespace="/admin">Proxied Repositories</my:currentWWUrl>
</li>
+
<%-- TODO: add back after synced repos are implemented
<li class="none">
<my:currentWWUrl action="syncedRepositories" namespace="/admin">Synced Repositories</my:currentWWUrl>
</li>
--%>
+ <pss:ifAuthorized permission="edit-all-users">
+ <li class="none">
+ <my:currentWWUrl action="userManagement" namespace="/admin">User Management</my:currentWWUrl>
+ </li>
+ </pss:ifAuthorized>
</ul>
</li>
</ul>
--- /dev/null
+<%--
+ ~ Copyright 2005-2006 The Apache Software Foundation.
+ ~
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ --%>
+
+<%@ taglib prefix="ww" uri="/webwork" %>
+<html>
+<head>
+ <title>User Management - Find a User</title>
+ <ww:head />
+</head>
+
+<body>
+
+
+ <h1>User Management</h1>
+
+ <div id="contentArea">
+ <div id="searchBox">
+ <ww:form action="userDetails">
+ <p>
+ <ww:textfield label="Find a user" name="user"/>
+ <ww:submit value="Search"/>
+ </p>
+ </ww:form>
+ </div>
+ </div>
+
+
+
+ <div class="clear">
+ <hr/>
+ </div>
+
+
+</body>
+</html>
\ No newline at end of file
+++ /dev/null
-<%--
- ~ Copyright 2005-2006 The Apache Software Foundation.
- ~
- ~ Licensed under the Apache License, Version 2.0 (the "License");
- ~ you may not use this file except in compliance with the License.
- ~ You may obtain a copy of the License at
- ~
- ~ http://www.apache.org/licenses/LICENSE-2.0
- ~
- ~ Unless required by applicable law or agreed to in writing, software
- ~ distributed under the License is distributed on an "AS IS" BASIS,
- ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- ~ See the License for the specific language governing permissions and
- ~ limitations under the License.
- --%>
-
-<%@ taglib prefix="ww" uri="/webwork" %>
-<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
-
-<html>
-<head>
- <title>Login Page</title>
- <ww:head/>
-</head>
-
-<body>
-
-<h1>Login</h1>
-
-<div id="contentArea">
- <div id="nameColumn">
- <ww:form action="login">
- <table>
- <tr>
- <td>Username:</td>
- <td><ww:textfield name="username"/></td>
- </tr>
- <tr>
- <td>Password:</td>
- <td><ww:password name="password"/></td>
- </tr>
- <tr>
- <td><ww:submit name="Login"/></td>
- <td></td>
- </tr>
- </table>
- </ww:form>
- <p>
- <ww:url id="registerUrl" action="register" namespace="/"/>
-
- New user? - <ww:a href="%{registerUrl}">Register!</ww:a>
- </p>
- </div>
-</div>
-
-</body>
-</html>
--- /dev/null
+<%--
+ ~ Copyright 2005-2006 The Apache Software Foundation.
+ ~
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ --%>
+
+<%@ taglib prefix="ww" uri="/webwork" %>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
+
+<html>
+<head>
+ <title>Login Page</title>
+ <ww:head/>
+</head>
+
+<body>
+
+<div id="contentArea">
+ <div id="searchBox">
+ <div style="float: right">
+ <a href="#">Forgotten your Password?</a>
+
+ </div>
+
+ <h2>Login</h2>
+ <ww:form action="login">
+ <table class="bodyTable">
+ <tr class="a">
+ <th>
+ Username
+ </th>
+ <td>
+ <ww:textfield name="username" size="30"/>
+ </td>
+ </tr>
+ <tr class="b">
+ <th>
+ Password
+ </th>
+ <td>
+ <ww:password name="password" size="20"/>
+
+ </td>
+ </tr>
+ <tr class="a">
+ <td></td>
+ <td>
+ <ww:submit value="Login"/>
+ </td>
+ </tr>
+ </table>
+
+ </ww:form>
+ <h2>Request an Account</h2>
+ <ww:form action="register">
+ <table class="bodyTable">
+ <tr class="b">
+ <th>
+ Username
+ </th>
+ <td>
+ <ww:textfield name="username" size="30"/>
+ </td>
+ </tr>
+ <tr class="a">
+ <th>
+ Password
+ </th>
+ <td>
+ <ww:password name="password" size="20"/>
+
+ </td>
+ </tr>
+ <tr class="b">
+ <th>
+ Confirm Password
+ </th>
+ <td>
+ <ww:password name="confirmPassword" size="20"/>
+ </td>
+
+ </tr>
+ <tr class="a">
+ <th>
+ Full Name
+ </th>
+ <td>
+ <ww:textfield name="fullName" size="30"/>
+ </td>
+ </tr>
+
+ <tr class="b">
+ <th>
+ Email
+ </th>
+ <td>
+ <ww:textfield name="email" size="50 "/>
+ <br></br>
+ <span style="font-size: x-small">(Only administrators will be able to view this, and it will be used to
+ send you information about your project)
+ </span>
+ </td>
+
+ </tr>
+ <tr class="a">
+ <td></td>
+ <td>
+ <ww:submit value="Register"/>
+ </td>
+ </tr>
+ </table>
+ </ww:form>
+
+ </div>
+</div>
+
+
+<div class="clear">
+ <hr/>
+</div>
+
+</body>
+
+</html>
+++ /dev/null
-<%--
- ~ Copyright 2005-2006 The Apache Software Foundation.
- ~
- ~ Licensed under the Apache License, Version 2.0 (the "License");
- ~ you may not use this file except in compliance with the License.
- ~ You may obtain a copy of the License at
- ~
- ~ http://www.apache.org/licenses/LICENSE-2.0
- ~
- ~ Unless required by applicable law or agreed to in writing, software
- ~ distributed under the License is distributed on an "AS IS" BASIS,
- ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- ~ See the License for the specific language governing permissions and
- ~ limitations under the License.
- --%>
-
-<%@ taglib prefix="ww" uri="/webwork" %>
-<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
-
-<html>
-<head>
- <title>Registration Page</title>
- <ww:head/>
-</head>
-
-<body>
-
-<h1>Registration</h1>
-
-<div id="contentArea">
- <div id="nameColumn">
- <ww:form action="register">
- <table>
- <tr>
- <td>Username:</td>
- <td><ww:textfield name="username"/></td>
- </tr>
- <tr>
- <td>Password:</td>
- <td><ww:password name="password"/></td>
- </tr>
- <tr>
- <td>Full Name:</td>
- <td><ww:textfield name="fullName"/></td>
- </tr>
- <tr>
- <td>Email Address:</td>
- <td><ww:textfield name="email"/></td>
- </tr>
- <tr>
- <td><ww:submit name="Register"/></td>
- <td></td>
- </tr>
- </table>
- </ww:form>
- </div>
-</div>
-
-</body>
-</html>
--- /dev/null
+<%--
+ ~ Copyright 2005-2006 The Apache Software Foundation.
+ ~
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ --%>
+
+<%@ taglib prefix="ww" uri="/webwork" %>
+<%@ taglib prefix="pss" uri="plexusSecuritySystem" %>
+<html>
+<head>
+ <title>User Management - Find a User</title>
+ <ww:head />
+</head>
+
+<body>
+
+ <div id="contentArea">
+ <div id="searchBox">
+ <div style="float: right">
+ <pss:ifAnyAuthorized permissions="edit-all-users,edit-user" resource="${username}">
+ <ww:url id="userDetailsUrl" action="userDetails">
+ <ww:param name="username">${username}</ww:param>
+ </ww:url>
+ <ww:a href="%{userDetailsUrl}">Edit details</ww:a>
+ </pss:ifAnyAuthorized>
+ </div>
+
+ <h2>${user.fullName}</h2>
+
+ <table class="bodyTable">
+ <tr class="a">
+ <th>Username</th>
+
+ <td>${user.username}</td>
+ </tr>
+ <tr class="b">
+ <th>Email</th>
+ <td>${user.email}</td>
+ </tr>
+ </table>
+
+ <h2>My Roles</h2>
+
+ <table class="bodyTable">
+ <ww:iterator id="role" value="assignedRoles">
+ <ww:url id="removeAssignedRoleUrl" action="removeRoleFromUser">
+ <ww:param name="principal">${principal}</ww:param>
+ <ww:param name="roleName">${role.name}</ww:param>
+ </ww:url>
+ <tr class="a">
+ <td>
+ <em>${role.name}</em><br/>
+ </td>
+ <td>
+ <ww:a href="%{removeAssignedRoleUrl}">Delete</ww:a>
+ </td>
+ </tr>
+ </ww:iterator>
+ </table>
+
+ <h2>Grant Roles</h2>
+
+ <p>
+ <ww:iterator id="role" value="availableRoles">
+ <ww:url id="addRoleUrl" action="assignRoleToUser">
+ <ww:param name="principal">${sessionScope.user.principal}</ww:param>
+ <ww:param name="roleName">${role.name}</ww:param>
+ </ww:url>
+ <ww:a href="%{addRoleUrl}">${role.name}</ww:a><br/>
+ </ww:iterator>
+ </p>
+
+ <p>
+ This following screen needs have the various roles worked into it.
+ </p>
+
+ <table class="bodyTable">
+ <tr class="b">
+ <td>
+ <input type="radio" checked="checked"></input>
+
+ </td>
+ <td>Administrator</td>
+ <td>
+ <select>
+ <option>(Please Select)</option>
+ <option>System Administrator</option>
+ <option>User Administrator</option>
+ </select>
+ </td>
+ </tr>
+ <tr class="a">
+ <td>
+ <input type="radio"></input>
+ </td>
+ <td>Repository</td>
+
+ <td>
+ <select>
+ <option>(Please Select)</option>
+ <option>manager</option>
+ <option>obverser</option>
+ </select>
+ of
+ <ww:select name="resourceName" list="resources" listKey="identifier" listValue="identifier" headerKey="" headerValue="(Please Select)"/>
+ </td>
+ </tr>
+ <%-- add in for project level security
+ <tr class="b">
+ <td>
+ <input type="radio"></input>
+ </td>
+ <td>Project</td>
+ <td>
+ <select>
+ <option>(Please Select)</option>
+
+ <option>manager</option>
+ <option>obverser</option>
+ </select>
+ of
+ <select>
+ <option>(Please Select)</option>
+ <option>central</option>
+
+ <option>central-plugins</option>
+ <option>All repositories</option>
+ </select>
+ for project group
+ <input type="text" name="projectExpression"></input>
+ <br></br>
+ <span style="font-size: x-small">
+ (eg org.apache.maven gives permissions on that group, and any sugroups)
+ </span>
+
+ </td>
+ </tr>
+ --%>
+ <tr class="a">
+ <td></td>
+ <td>
+ <input type="submit" value="Add Role"></input>
+ </td>
+ <td></td>
+ </tr>
+
+ </table>
+
+ </div>
+ </div>
+
+ <div class="clear">
+ <hr/>
+ </div>
+
+
+</body>
+</html>
\ No newline at end of file
--- /dev/null
+<%--
+ ~ Copyright 2005-2006 The Apache Software Foundation.
+ ~
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ --%>
+
+<%@ taglib prefix="ww" uri="/webwork" %>
+<html>
+<head>
+ <title>User Management - Find a User</title>
+ <ww:head />
+</head>
+
+<body>
+
+ <div id="contentArea">
+ <div id="searchBox">
+ <div style="float: right">
+
+ </div>
+
+ <h2>Modify User Details</h2>
+
+ <ww:form action="userDetails" method="post">
+ <ww:textfield label="Full Name" name="fullName"/>
+ <ww:textfield label="Email Address" name="email"/>
+
+ <ww:checkbox label="Account Locked" name="locked"/>
+
+ <ww:submit/>
+ </ww:form>
+ </div>
+ </div>
+
+
+
+ <div class="clear">
+ <hr/>
+ </div>
+
+</body>
+</html>
\ No newline at end of file
projects / archiva.git / commitdiff