config.getConfiguration().addRemoteRepository( repoConfig );
- CacheManager.getInstance().clearAll();
-
}
@After
<artifactId>derby</artifactId>
<scope>test</scope>
</dependency>
+ <dependency>
+ <groupId>com.google.guava</groupId>
+ <artifactId>guava</artifactId>
+ <scope>test</scope>
+ </dependency>
</dependencies>
</project>
/**
* @version
- * @plexus.component role="org.apache.maven.archiva.security.ServletAuthenticator" role-hint="default"
+ * plexus.component role="org.apache.maven.archiva.security.ServletAuthenticator" role-hint="default"
*/
@Service("servletAuthenticator")
public class ArchivaServletAuthenticator
private Logger log = LoggerFactory.getLogger( ArchivaServletAuthenticator.class );
/**
- * @plexus.requirement
+ * plexus.requirement
*/
@Inject
private SecuritySystem securitySystem;
}
+ public SecuritySystem getSecuritySystem()
+ {
+ return securitySystem;
+ }
+ public void setSecuritySystem( SecuritySystem securitySystem )
+ {
+ this.securitySystem = securitySystem;
+ }
}
* DefaultUserRepositories
*
* @version $Id$
- * @plexus.component role="org.apache.maven.archiva.security.UserRepositories" role-hint="default"
+ * plexus.component role="org.apache.maven.archiva.security.UserRepositories" role-hint="default"
*/
@Service("userRepositories")
public class DefaultUserRepositories
implements UserRepositories
{
/**
- * @plexus.requirement
+ * plexus.requirement
*/
@Inject
private SecuritySystem securitySystem;
/**
- * @plexus.requirement role-hint="default"
+ * plexus.requirement role-hint="default"
*/
@Inject
private RoleManager roleManager;
/**
- * @plexus.requirement
+ * plexus.requirement
*/
@Inject
private ArchivaConfiguration archivaConfiguration;
* under the License.
*/
+import com.google.common.collect.Lists;
import junit.framework.TestCase;
+import net.sf.ehcache.CacheManager;
import org.apache.commons.io.FileUtils;
import org.apache.maven.archiva.configuration.ArchivaConfiguration;
import org.apache.maven.archiva.configuration.ManagedRepositoryConfiguration;
import org.codehaus.plexus.redback.rbac.RBACManager;
+import org.codehaus.plexus.redback.rbac.RbacObjectNotFoundException;
+import org.codehaus.plexus.redback.rbac.UserAssignment;
import org.codehaus.plexus.redback.role.RoleManager;
import org.codehaus.plexus.redback.system.SecuritySystem;
import org.codehaus.plexus.redback.users.User;
import org.codehaus.plexus.redback.users.UserManager;
import org.junit.Before;
import org.junit.runner.RunWith;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
public abstract class AbstractSecurityTest
extends TestCase
{
+
+ protected Logger log = LoggerFactory.getLogger( getClass() );
+
protected static final String USER_GUEST = "guest";
protected static final String USER_ADMIN = "admin";
@Inject
@Named( value = "rBACManager#memory" )
- private RBACManager rbacManager;
+ protected RBACManager rbacManager;
@Inject
protected RoleManager roleManager;
User guestUser = createUser( USER_GUEST, "Guest User" );
roleManager.assignRole( ArchivaRoleConstants.TEMPLATE_GUEST, guestUser.getPrincipal().toString() );
}
+
+ protected void restoreGuestInitialValues( String userId )
+ throws Exception
+ {
+ UserAssignment userAssignment = null;
+ try
+ {
+ userAssignment = rbacManager.getUserAssignment( userId );
+ }
+ catch ( RbacObjectNotFoundException e )
+ {
+ log.info( "ignore RbacObjectNotFoundException for id {} during restoreGuestInitialValues", userId );
+ return;
+ }
+ userAssignment.setRoleNames( Lists.newArrayList( "Guest" ) );
+ rbacManager.saveUserAssignment( userAssignment );
+ CacheManager.getInstance().clearAll();
+ }
}
* under the License.
*/
-import javax.inject.Inject;
-import javax.servlet.http.HttpServletRequest;
-
+import com.google.common.collect.Lists;
+import net.sf.ehcache.CacheManager;
import org.codehaus.plexus.redback.authentication.AuthenticationException;
import org.codehaus.plexus.redback.authentication.AuthenticationResult;
import org.codehaus.plexus.redback.authorization.UnauthorizedException;
+import org.codehaus.plexus.redback.rbac.UserAssignment;
import org.codehaus.plexus.redback.system.DefaultSecuritySession;
import org.codehaus.plexus.redback.system.SecuritySession;
import org.codehaus.plexus.redback.users.User;
import org.codehaus.plexus.redback.users.UserManager;
-
import org.easymock.MockControl;
import org.junit.Before;
import org.junit.Test;
+import javax.inject.Inject;
+import javax.inject.Named;
+import javax.servlet.http.HttpServletRequest;
+import java.util.Arrays;
+
/**
* ArchivaServletAuthenticatorTest
- *
- * @version
*/
public class ArchivaServletAuthenticatorTest
extends AbstractSecurityTest
{
@Inject
+ @Named( value = "servletAuthenticator#test" )
private ServletAuthenticator servletAuth;
private MockControl httpServletRequestControl;
servletAuth.isAuthorized( request, session, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD );
assertTrue( isAuthorized );
+
+ restoreGuestInitialValues( USER_ALPACA );
}
@Test
}
httpServletRequestControl.verify();
+
+ restoreGuestInitialValues( USER_ALPACA );
}
@Test
servletAuth.isAuthorized( request, session, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS );
assertTrue( isAuthorized );
+
+ restoreGuestInitialValues( USER_ALPACA );
}
@Test
{
assertEquals( "Access denied for repository corporate", e.getMessage() );
}
+
+ restoreGuestInitialValues( USER_ALPACA );
}
@Test
servletAuth.isAuthorized( USER_GUEST, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD );
assertTrue( isAuthorized );
+
+ // cleanup previously add karma
+ restoreGuestInitialValues(USER_GUEST);
+
}
@Test
boolean isAuthorized =
servletAuth.isAuthorized( USER_GUEST, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD );
assertFalse( isAuthorized );
+
+ // cleanup previously add karma
+ restoreGuestInitialValues(USER_GUEST);
+
}
@Test
servletAuth.isAuthorized( USER_GUEST, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS );
assertTrue( isAuthorized );
+
+ // cleanup previously add karma
+ restoreGuestInitialValues(USER_GUEST);
}
@Test
assertFalse( isAuthorized );
}
+
}
import java.util.List;
import org.apache.commons.lang.StringUtils;
+import org.junit.Before;
import org.junit.Test;
/**
*/
public class DefaultUserRepositoriesTest
extends AbstractSecurityTest
-{
- protected String getPlexusConfigLocation()
+{
+
+
+ @Before
+ public void setUp() throws Exception
{
- return "org/apache/maven/archiva/security/DefaultUserRepositoriesTest.xml";
+ super.setUp();
+ restoreGuestInitialValues( USER_ALPACA );
+ restoreGuestInitialValues( USER_GUEST );
+ restoreGuestInitialValues( USER_ADMIN );
}
@Test
<bean name="roleManager" class="org.codehaus.plexus.redback.role.DefaultRoleManager">
<property name="rbacManager" ref="rBACManager#memory"/>
+ <property name="modelProcessor" ref="roleModelProcessor"/>
+ <property name="templateProcessor" ref="roleTemplateProcessor#test"/>
</bean>
<bean name="rBACManager#cached" class="org.codehaus.plexus.redback.rbac.cached.CachedRbacManager">
<property name="rbacImpl" ref="rBACManager#memory"/>
</bean>
- <!--
+ <bean name="roleModelProcessor" class="org.codehaus.plexus.redback.role.processor.DefaultRoleModelProcessor">
+ <property name="rbacManager" ref="rBACManager#memory"/>
+ </bean>
+ <alias name="roleModelProcessor" alias="roleModelProcessor#test"/>
- <component>
- <role>org.codehaus.plexus.redback.role.processor.RoleModelProcessor</role>
- <role-hint>default</role-hint>
- <implementation>org.codehaus.plexus.redback.role.processor.DefaultRoleModelProcessor</implementation>
- <description>DefaultRoleModelProcessor: inserts the components of the model that can be populated into the rbac manager</description>
- <requirements>
- <requirement>
- <role>org.codehaus.plexus.redback.rbac.RBACManager</role>
- <role-hint>memory</role-hint>
- <field-name>rbacManager</field-name>
- </requirement>
- </requirements>
- </component>
+ <bean name="roleTemplateProcessor" class="org.codehaus.plexus.redback.role.template.DefaultRoleTemplateProcessor">
+ <property name="rbacManager" ref="rBACManager#memory"/>
+ </bean>
- <component>
- <role>org.codehaus.plexus.redback.role.template.RoleTemplateProcessor</role>
- <role-hint>default</role-hint>
- <implementation>org.codehaus.plexus.redback.role.template.DefaultRoleTemplateProcessor</implementation>
- <description>DefaultRoleTemplateProcessor: inserts the components of a template into the rbac manager</description>
- <requirements>
- <requirement>
- <role>org.codehaus.plexus.redback.rbac.RBACManager</role>
- <role-hint>memory</role-hint>
- <field-name>rbacManager</field-name>
- </requirement>
- </requirements>
- </component>
+ <alias name="roleTemplateProcessor" alias="roleTemplateProcessor#test"/>
+
+ <bean name="servletAuthenticator" class="org.apache.maven.archiva.security.ArchivaServletAuthenticator">
+ <property name="securitySystem" ref="securitySystem#testable"/>
+ </bean>
+
+ <alias name="servletAuthenticator" alias="servletAuthenticator#test"/>
+
+ <!--
<component>
<role>org.apache.maven.archiva.configuration.ArchivaConfiguration</role>
</component>
- ignored ??
-
- <component>
- <role>org.apache.maven.archiva.security.ServletAuthenticator</role>
- <role-hint>default</role-hint>
- <implementation>org.apache.maven.archiva.security.ArchivaServletAuthenticator</implementation>
- <description>ArchivaServletAuthenticator</description>
- <requirements>
- <requirement>
- <role>org.codehaus.plexus.redback.system.SecuritySystem</role>
- <role-hint>testable</role-hint>
- <field-name>securitySystem</field-name>
- </requirement>
- </requirements>
- </component>
-
partially configured
<component>
</dependency>
+ <dependency>
+ <groupId>com.google.guava</groupId>
+ <artifactId>guava</artifactId>
+ <version>r09</version>
+ </dependency>
<dependency>
<groupId>stax</groupId>
<artifactId>stax</artifactId>
projects / archiva.git / commitdiff