[MRM-1133] delete artifact role not added on upgrade from previous version

git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@755486 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/archiva-modules/archiva-web/archiva-security/src/main/resources/META-INF/redback/redback.xml b/archiva-modules/archiva-web/archiva-security/src/main/resources/META-INF/redback/redback.xml
index 9714e146dc9c11c5a779dd9717af22a87ac6b735..afdf9ad7a4fb53f4e15e4c1427eb4af7365e1f33 100644 (file)
--- a/archiva-modules/archiva-web/archiva-security/src/main/resources/META-INF/redback/redback.xml
+++ b/archiva-modules/archiva-web/archiva-security/src/main/resources/META-INF/redback/redback.xml
@@ -196,8 +196,7 @@
               <id>archiva-delete-artifact</id>
               <name>Delete Artifact</name>
               <operation>archiva-delete-artifact</operation>
-              <resource>global</resource>
-              <permanent>true</permanent>
+              <resource>${resource}</resource>
             </permission>
             <permission>
               <id>archiva-edit-repository</id>

diff --git a/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/DeleteArtifactAction.java b/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/DeleteArtifactAction.java
index e20e0b70a57f1d7f8f5f01f3b1a8d3033960c859..f571b4fc24ff53a963a330b26697be960dc8cd43 100644 (file)
--- a/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/DeleteArtifactAction.java
+++ b/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/DeleteArtifactAction.java
@@ -54,7 +54,10 @@ import org.apache.maven.archiva.repository.RepositoryException;
 import org.apache.maven.archiva.repository.RepositoryNotFoundException;
 import org.apache.maven.archiva.repository.ManagedRepositoryContent;
 import org.apache.maven.archiva.repository.RepositoryContentFactory;
+import org.apache.maven.archiva.security.AccessDeniedException;
+import org.apache.maven.archiva.security.ArchivaSecurityException;
 import org.apache.maven.archiva.security.ArchivaXworkUser;
+import org.apache.maven.archiva.security.PrincipalNotFoundException;
 import org.apache.maven.archiva.security.UserRepositories;
 import org.codehaus.plexus.redback.rbac.RbacManagerException;
 
@@ -186,7 +189,7 @@ public class DeleteArtifactAction
 
     public void prepare()
     {
-        managedRepos = new ArrayList<String>( configuration.getConfiguration().getManagedRepositoriesAsMap().keySet() );
+        managedRepos = getManagableRepos();
     }
 
     public String input()
@@ -412,6 +415,28 @@ public class DeleteArtifactAction
         this.auditListeners.remove( listener );
     }
 
+    private List<String> getManagableRepos()
+    {
+        try
+        {
+            return userRepositories.getManagableRepositoryIds( getPrincipal() );
+        }
+        catch ( PrincipalNotFoundException e )
+        {
+            log.warn( e.getMessage(), e );
+        }
+        catch ( AccessDeniedException e )
+        {
+            log.warn( e.getMessage(), e );
+            // TODO: pass this onto the screen.
+        }
+        catch ( ArchivaSecurityException e )
+        {
+            log.warn( e.getMessage(), e );
+        }
+        return Collections.emptyList();
+    }
+
     private void triggerAuditEvent( String user, String repositoryId, String resource, String action )
     {
         AuditEvent event = new AuditEvent( repositoryId, user, resource, action );

diff --git a/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/startup/SecuritySynchronization.java b/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/startup/SecuritySynchronization.java
index 346773abd0e7a22be0fde683d287981ad8102975..d3a920305b9ff67f3bc27043555fdb56dabe2762 100644 (file)
--- a/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/startup/SecuritySynchronization.java
+++ b/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/startup/SecuritySynchronization.java
@@ -102,6 +102,11 @@ public class SecuritySynchronization
                     roleManager.createTemplatedRole( ArchivaRoleConstants.TEMPLATE_REPOSITORY_OBSERVER,
                                                      repoConfig.getId() );
                 }
+                else
+                {
+                    roleManager.verifyTemplatedRole( ArchivaRoleConstants.TEMPLATE_REPOSITORY_OBSERVER,
+                                                     repoConfig.getId() );
+                }
 
                 if ( !roleManager.templatedRoleExists( ArchivaRoleConstants.TEMPLATE_REPOSITORY_MANAGER,
                                                        repoConfig.getId() ) )
@@ -109,6 +114,11 @@ public class SecuritySynchronization
                     roleManager.createTemplatedRole( ArchivaRoleConstants.TEMPLATE_REPOSITORY_MANAGER,
                                                      repoConfig.getId() );
                 }
+                else
+                {
+                    roleManager.verifyTemplatedRole( ArchivaRoleConstants.TEMPLATE_REPOSITORY_MANAGER,
+                                                     repoConfig.getId() );
+                }
             }
             catch ( RoleManagerException e )
             {