Adding restricted view for user managable repositories

Adds additional rest method to list the repositories where the user
has manage permissions.
Restricts the view for uploads to only managable repositories.

diff --git a/archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/main/java/org/apache/archiva/rest/api/services/BrowseService.java b/archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/main/java/org/apache/archiva/rest/api/services/BrowseService.java
index 777d15d90fcd2d0f9b060042c6e4b6158a962e4c..cdb99eb384a9b5ea24f4b04ea0725323e32fe2ff 100644 (file)
--- a/archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/main/java/org/apache/archiva/rest/api/services/BrowseService.java
+++ b/archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/main/java/org/apache/archiva/rest/api/services/BrowseService.java
@@ -101,6 +101,16 @@ public interface BrowseService
     List<ManagedRepository> getUserRepositories()
         throws ArchivaRestServiceException;
 
+    /**
+     * @return List of repositories current user can manage
+     */
+    @Path("userManagableRepositories")
+    @GET
+    @Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
+    @RedbackAuthorization(noPermission = true, noRestriction = true)
+    List<ManagedRepository> getUserManagableRepositories()
+            throws ArchivaRestServiceException;
+
     /**
      * return the dependency Tree for an artifacts
      * <b>the List result has only one entry</b>

diff --git a/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/java/org/apache/archiva/rest/services/DefaultBrowseService.java b/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/java/org/apache/archiva/rest/services/DefaultBrowseService.java
index 5e5a4654b56bb6ab4ee3691da96c4fe285be4b68..682c367bb98ded30c2a9db6feb8ec9dda8796e10 100644 (file)
--- a/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/java/org/apache/archiva/rest/services/DefaultBrowseService.java
+++ b/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/java/org/apache/archiva/rest/services/DefaultBrowseService.java
@@ -507,6 +507,19 @@ public class DefaultBrowseService
         }
     }
 
+    @Override
+    public List<ManagedRepository> getUserManagableRepositories() throws ArchivaRestServiceException {
+        try
+        {
+            return userRepositories.getManagableRepositories( getPrincipal() );
+        }
+        catch ( ArchivaSecurityException e )
+        {
+            throw new ArchivaRestServiceException( "repositories.read.managable.error",
+                    Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(), e );
+        }
+    }
+
     @Override
     public List<Artifact> getDependees( String groupId, String artifactId, String version, String repositoryId )
         throws ArchivaRestServiceException

diff --git a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/DefaultUserRepositories.java b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/DefaultUserRepositories.java
index 91ff5ea070816bad4d49e3ec9b325569788829d2..4679bc733827e3a4a028df278aa123aa4492184b 100644 (file)
--- a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/DefaultUserRepositories.java
+++ b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/DefaultUserRepositories.java
@@ -99,6 +99,11 @@ public class DefaultUserRepositories
         return getAccessibleRepositories( principal, ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS );
     }
 
+    @Override
+    public List<ManagedRepository> getManagableRepositories(String principal) throws ArchivaSecurityException, AccessDeniedException, PrincipalNotFoundException {
+        return getAccessibleRepositories( principal, ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD );
+    }
+
     private List<ManagedRepository> getAccessibleRepositories( String principal, String operation )
         throws ArchivaSecurityException, AccessDeniedException, PrincipalNotFoundException
     {

diff --git a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/UserRepositories.java b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/UserRepositories.java
index 6e3881218f86d900fe07c689252b38690fc18cf1..493eeced7fdf837ffff6f493f24411aef96910e8 100644 (file)
--- a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/UserRepositories.java
+++ b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/UserRepositories.java
@@ -98,5 +98,19 @@ public interface UserRepositories
      */
     List<ManagedRepository> getAccessibleRepositories( String principal )
             throws ArchivaSecurityException, AccessDeniedException, PrincipalNotFoundException;
+
+    /**
+     *
+     * Returns a list of repositories for which the user has the manager role.
+     *
+     * @param principal
+     * @since 2.2.2
+     * @return
+     * @throws ArchivaSecurityException
+     * @throws AccessDeniedException
+     * @throws PrincipalNotFoundException
+     */
+    List<ManagedRepository> getManagableRepositories( String principal )
+            throws ArchivaSecurityException, AccessDeniedException, PrincipalNotFoundException;
     
 }

diff --git a/archiva-modules/archiva-web/archiva-web-common/src/test/java/org/apache/archiva/security/UserRepositoriesStub.java b/archiva-modules/archiva-web/archiva-web-common/src/test/java/org/apache/archiva/security/UserRepositoriesStub.java
index 485d4a7186070c28257990f96535952e7e6ae3cb..3cd2dad116f05ee8d355011260d5bd7b6b2ee7af 100644 (file)
--- a/archiva-modules/archiva-web/archiva-web-common/src/test/java/org/apache/archiva/security/UserRepositoriesStub.java
+++ b/archiva-modules/archiva-web/archiva-web-common/src/test/java/org/apache/archiva/security/UserRepositoriesStub.java
@@ -88,4 +88,9 @@ public class UserRepositoriesStub
     {
         return Collections.emptyList();
     }
+
+    @Override
+    public List<ManagedRepository> getManagableRepositories(String principal) throws ArchivaSecurityException, AccessDeniedException, PrincipalNotFoundException {
+        return Collections.emptyList();
+    }
 }

diff --git a/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/artifacts-management.js b/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/artifacts-management.js
index e87ec569153e4d556a5bd307e564c4dc60380b07..aa96a8339fa04f255d4cd316f98344ca06175c4a 100644 (file)
--- a/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/artifacts-management.js
+++ b/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/artifacts-management.js
@@ -86,7 +86,7 @@ define("archiva.artifacts-management",["jquery","i18n","utils","jquery.tmpl","kn
         dataType: 'json',
         success: function(data) {
           mainContent.html($("#file-upload-screen").html());
-          $.ajax("restServices/archivaServices/browseService/userRepositories", {
+          $.ajax("restServices/archivaServices/browseService/userManagableRepositories", {
               type: "GET",
               dataType: 'json',
               success: function(data) {