<name>Archiva Web :: Security Configuration</name>
<dependencies>
<dependency>
- <groupId>org.codehaus.plexus.security</groupId>
- <artifactId>plexus-security-rbac-profile</artifactId>
+ <groupId>org.codehaus.plexus.redback</groupId>
+ <artifactId>redback-rbac-role-manager</artifactId>
</dependency>
<dependency>
- <groupId>org.codehaus.plexus.security</groupId>
- <artifactId>plexus-security-system</artifactId>
+ <groupId>org.codehaus.plexus.redback</groupId>
+ <artifactId>redback-rbac-memory</artifactId>
+ <scope>test</scope>
</dependency>
<dependency>
- <groupId>org.codehaus.plexus</groupId>
- <artifactId>plexus-component-api</artifactId>
+ <groupId>org.codehaus.plexus.redback</groupId>
+ <artifactId>redback-xwork-integration</artifactId>
+ <scope>test</scope>
</dependency>
</dependencies>
- <build>
- <plugins>
- <plugin>
- <groupId>org.codehaus.plexus</groupId>
- <artifactId>plexus-maven-plugin</artifactId>
- <executions>
- <execution>
- <id>merge</id>
- <goals>
- <goal>merge-descriptors</goal>
- </goals>
- <configuration>
- <descriptors>
- <descriptor>${basedir}/src/main/resources/META-INF/plexus/components.xml</descriptor>
- <descriptor>${project.build.directory}/generated-resources/plexus/META-INF/plexus/components.xml</descriptor>
- </descriptors>
- </configuration>
- </execution>
- </executions>
- </plugin>
- </plugins>
- </build>
</project>
+++ /dev/null
-package org.apache.maven.archiva.security;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-import org.codehaus.plexus.rbac.profile.AbstractRoleProfile;
-
-import java.util.ArrayList;
-import java.util.List;
-
-/**
- * @todo why does this need to be created in the client app?
- * @todo composition instead of inheritence?
- * @plexus.component role="org.codehaus.plexus.rbac.profile.RoleProfile" role-hint="archiva-guest"
- */
-public class ArchivaGuestRoleProfile
- extends AbstractRoleProfile
-{
- public String getRoleName()
- {
- return ArchivaRoleConstants.GUEST_ROLE;
- }
-
- public List getOperations()
- {
- List operations = new ArrayList();
- operations.add( ArchivaRoleConstants.OPERATION_ACTIVE_GUEST );
- return operations;
- }
-
- public boolean isAssignable()
- {
- return false;
- }
-}
+++ /dev/null
-package org.apache.maven.archiva.security;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-import org.codehaus.plexus.rbac.profile.DefaultRoleProfileManager;
-import org.codehaus.plexus.rbac.profile.RoleProfileException;
-
-/**
- * Role profile manager.
- *
- * Role Structures are laid out as documented http://docs.codehaus.org/display/MAVENUSER/Archiva+Security+Roles
- *
- * @author Brett Porter
- * @todo composition over inheritence?
- * @plexus.component role="org.codehaus.plexus.rbac.profile.RoleProfileManager" role-hint="archiva"
- */
-public class ArchivaRoleProfileManager
- extends DefaultRoleProfileManager
-{
- public void initialize()
- throws RoleProfileException
- {
- getRole( "global-repository-manager" );
- getRole( "global-repository-observer" );
-
- mergeRoleProfiles( "system-administrator", "archiva-system-administrator" );
- mergeRoleProfiles( "user-administrator", "archiva-user-administrator" );
- mergeRoleProfiles( "guest", "archiva-guest" );
- setInitialized( true ); //todo remove the initialization idea from profile managers
- }
-}
+++ /dev/null
-package org.apache.maven.archiva.security;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-import org.codehaus.plexus.rbac.profile.AbstractRoleProfile;
-
-import java.util.ArrayList;
-import java.util.List;
-
-/**
- * @todo why does this need to be created in the client app?
- * @todo composition instead of inheritence?
- * @plexus.component role="org.codehaus.plexus.rbac.profile.RoleProfile" role-hint="archiva-system-administrator"
- */
-public class ArchivaSystemAdministratorRoleProfile
- extends AbstractRoleProfile
-{
- public String getRoleName()
- {
- return ArchivaRoleConstants.SYSTEM_ADMINISTRATOR_ROLE;
- }
-
- public List getOperations()
- {
- List operations = new ArrayList();
- operations.add( ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION );
- operations.add( ArchivaRoleConstants.OPERATION_MANAGE_USERS );
- operations.add( ArchivaRoleConstants.OPERATION_RUN_INDEXER );
- operations.add( ArchivaRoleConstants.OPERATION_REGENERATE_INDEX );
- operations.add( ArchivaRoleConstants.OPERATION_ACCESS_REPORT ); // TODO: does this need to be templated?
- // we don't add access/upload repository operations. This isn't a sys-admin function, and we don't want to
- // encourage the use of the sys admin role for such operations. They can grant it as necessary.
- return operations;
- }
-
-
- public List getChildRoles()
- {
- List childRoles = new ArrayList();
- childRoles.add( ArchivaRoleConstants.GLOBAL_REPOSITORY_MANAGER_ROLE );
- return childRoles;
- }
-
- public boolean isAssignable()
- {
- return false;
- }
-}
+++ /dev/null
-package org.apache.maven.archiva.security;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-import org.codehaus.plexus.rbac.profile.AbstractRoleProfile;
-
-import java.util.ArrayList;
-import java.util.List;
-
-/**
- * @todo why does this need to be created in the client app?
- * @todo composition instead of inheritence?
- * @plexus.component role="org.codehaus.plexus.rbac.profile.RoleProfile" role-hint="archiva-user-administrator"
- */
-public class ArchivaUserAdministratorRoleProfile
- extends AbstractRoleProfile
-{
- public String getRoleName()
- {
- return ArchivaRoleConstants.USER_ADMINISTRATOR_ROLE;
- }
-
- public List getOperations()
- {
- List operations = new ArrayList();
- operations.add( ArchivaRoleConstants.OPERATION_MANAGE_USERS );
- return operations;
- }
-
- public boolean isAssignable()
- {
- return false;
- }
-}
+++ /dev/null
-package org.apache.maven.archiva.security;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-import org.codehaus.plexus.rbac.profile.AbstractRoleProfile;
-
-import java.util.ArrayList;
-import java.util.List;
-
-/**
- * @plexus.component role="org.codehaus.plexus.rbac.profile.RoleProfile"
- * role-hint="global-repository-manager"
- */
-public class GlobalRepositoryManagerRoleProfile
- extends AbstractRoleProfile
-{
- /**
- * Create the Role name for a Repository Observer, using the provided repository id.
- *
- * @param repoId the repository id
- */
- public String getRoleName( )
- {
- return ArchivaRoleConstants.GLOBAL_REPOSITORY_MANAGER_ROLE;
- }
-
- public boolean isAssignable()
- {
- return true;
- }
-
- public List getOperations()
- {
- List operations = new ArrayList();
- operations.add( ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION );
- operations.add( ArchivaRoleConstants.OPERATION_ADD_REPOSITORY );
- operations.add( ArchivaRoleConstants.OPERATION_EDIT_REPOSITORY );
- operations.add( ArchivaRoleConstants.OPERATION_DELETE_REPOSITORY );
- return operations;
- }
-
- public List getChildRoles()
- {
- List childRoles = new ArrayList();
- childRoles.add( ArchivaRoleConstants.GLOBAL_REPOSITORY_OBSERVER_ROLE );
- return childRoles;
- }
-
-
-
-
-}
+++ /dev/null
-package org.apache.maven.archiva.security;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-import org.codehaus.plexus.rbac.profile.AbstractRoleProfile;
-
-import java.util.ArrayList;
-import java.util.List;
-
-/**
- * @plexus.component role="org.codehaus.plexus.rbac.profile.RoleProfile"
- * role-hint="global-repository-observer"
- */
-public class GlobalRepositoryObserverRoleProfile
- extends AbstractRoleProfile
-{
- /**
- * Create the Role name for a Repository Observer, using the provided repository id.
- *
- * @param repoId the repository id
- */
- public String getRoleName( )
- {
- return ArchivaRoleConstants.GLOBAL_REPOSITORY_OBSERVER_ROLE;
- }
-
- public boolean isAssignable()
- {
- return true;
- }
-
- public List getOperations()
- {
- List operations = new ArrayList();
- operations.add( ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS );
- return operations;
- }
-}
+++ /dev/null
-package org.apache.maven.archiva.security;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-import org.codehaus.plexus.rbac.profile.AbstractDynamicRoleProfile;
-import org.codehaus.plexus.rbac.profile.RoleProfileException;
-import org.codehaus.plexus.security.rbac.RbacManagerException;
-import org.codehaus.plexus.security.rbac.RbacObjectNotFoundException;
-import org.codehaus.plexus.security.rbac.Role;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
-/**
- * @plexus.component role="org.codehaus.plexus.rbac.profile.DynamicRoleProfile"
- * role-hint="archiva-repository-manager"
- */
-public class RepositoryManagerDynamicRoleProfile
- extends AbstractDynamicRoleProfile
-{
- /**
- * Create the Role name for a Repository Manager, using the provided repository id.
- *
- * @param repoId the repository id
- */
- public String getRoleName( String repoId )
- {
- return ArchivaRoleConstants.REPOSITORY_MANAGER_ROLE_PREFIX + ArchivaRoleConstants.DELIMITER + repoId;
- }
-
- public List getOperations()
- {
- List operations = new ArrayList();
-
- operations.add( ArchivaRoleConstants.OPERATION_EDIT_REPOSITORY );
- operations.add( ArchivaRoleConstants.OPERATION_DELETE_REPOSITORY );
- operations.add( ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS );
- operations.add( ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD );
- return operations;
- }
-
- public boolean isAssignable()
- {
- return true;
- }
-
-}
-
+++ /dev/null
-package org.apache.maven.archiva.security;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-import org.codehaus.plexus.rbac.profile.AbstractDynamicRoleProfile;
-import org.codehaus.plexus.rbac.profile.RoleProfileException;
-import org.codehaus.plexus.security.rbac.RbacManagerException;
-import org.codehaus.plexus.security.rbac.RbacObjectNotFoundException;
-import org.codehaus.plexus.security.rbac.Role;
-
-import java.util.ArrayList;
-import java.util.List;
-
-/**
- * @plexus.component role="org.codehaus.plexus.rbac.profile.DynamicRoleProfile"
- * role-hint="archiva-repository-observer"
- */
-public class RepositoryObserverDynamicRoleProfile
- extends AbstractDynamicRoleProfile
-{
- /**
- * Create the Role name for a Repository Observer, using the provided repository id.
- *
- * @param repoId the repository id
- */
- public String getRoleName( String repoId )
- {
- return ArchivaRoleConstants.REPOSITORY_OBSERVER_ROLE_PREFIX + ArchivaRoleConstants.DELIMITER + repoId;
- }
-
- public List getOperations()
- {
- List operations = new ArrayList();
- operations.add( ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS );
- return operations;
- }
-
- public boolean isAssignable()
- {
- return true;
- }
-
-}
+++ /dev/null
-package org.apache.maven.archiva.security;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-import org.codehaus.plexus.logging.AbstractLogEnabled;
-import org.codehaus.plexus.rbac.profile.RoleProfileException;
-import org.codehaus.plexus.rbac.profile.RoleProfileManager;
-import org.codehaus.plexus.security.system.check.EnvironmentCheck;
-
-import java.util.List;
-
-/**
- * @plexus.component role="org.codehaus.plexus.security.system.check.EnvironmentCheck"
- * role-hint="archiva-role-profile-check"
- * @todo isn't this standard? Shouldn't it be something initializable so it doesn't need to be checked all the time?
- */
-public class RoleProfileEnvironmentCheck
- extends AbstractLogEnabled
- implements EnvironmentCheck
-{
- /**
- * @plexus.requirement role-hint="archiva"
- */
- private RoleProfileManager roleProfileManager;
-
- public void validateEnvironment( List list )
- {
- try
- {
- if ( !roleProfileManager.isInitialized() )
- {
- roleProfileManager.initialize();
- }
- }
- catch ( RoleProfileException rpe )
- {
- list.add( "error inititalizing the role manager: " + rpe.getMessage() );
- }
- }
-}
+++ /dev/null
-<?xml version="1.0" encoding="ISO-8859-1"?>
-<!--
- ~ Licensed to the Apache Software Foundation (ASF) under one
- ~ or more contributor license agreements. See the NOTICE file
- ~ distributed with this work for additional information
- ~ regarding copyright ownership. The ASF licenses this file
- ~ to you under the Apache License, Version 2.0 (the
- ~ "License"); you may not use this file except in compliance
- ~ with the License. You may obtain a copy of the License at
- ~
- ~ http://www.apache.org/licenses/LICENSE-2.0
- ~
- ~ Unless required by applicable law or agreed to in writing,
- ~ software distributed under the License is distributed on an
- ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- ~ KIND, either express or implied. See the License for the
- ~ specific language governing permissions and limitations
- ~ under the License.
- -->
-
-<component-set>
- <components>
- <!-- TODO: wouldn't need to redeclare if it was composition -->
- <!-- TODO: why is the container a requirement? -->
- <component>
- <role>org.codehaus.plexus.rbac.profile.RoleProfileManager</role>
- <role-hint>archiva</role-hint>
- <implementation>org.apache.maven.archiva.security.ArchivaRoleProfileManager</implementation>
- <requirements>
- <requirement>
- <role>org.codehaus.plexus.PlexusContainer</role>
- <field-name>container</field-name>
- </requirement>
- <requirement>
- <role>org.codehaus.plexus.rbac.profile.RoleProfile</role>
- <field-name>knownRoleProfiles</field-name>
- </requirement>
- <requirement>
- <role>org.codehaus.plexus.rbac.profile.DynamicRoleProfile</role>
- <field-name>knownDynamicRoleProfiles</field-name>
- </requirement>
- </requirements>
- </component>
- <component>
- <role>org.codehaus.plexus.rbac.profile.RoleProfile</role>
- <role-hint>archiva-system-administrator</role-hint>
- <implementation>org.apache.maven.archiva.security.ArchivaSystemAdministratorRoleProfile</implementation>
- <requirements>
- <requirement>
- <role>org.codehaus.plexus.security.rbac.RBACManager</role>
- <role-hint>cached</role-hint>
- </requirement>
- <requirement>
- <role>org.codehaus.plexus.PlexusContainer</role>
- <field-name>container</field-name>
- </requirement>
- </requirements>
- </component>
- <component>
- <role>org.codehaus.plexus.rbac.profile.RoleProfile</role>
- <role-hint>archiva-user-administrator</role-hint>
- <implementation>org.apache.maven.archiva.security.ArchivaUserAdministratorRoleProfile</implementation>
- <requirements>
- <requirement>
- <role>org.codehaus.plexus.security.rbac.RBACManager</role>
- <role-hint>cached</role-hint>
- </requirement>
- <requirement>
- <role>org.codehaus.plexus.PlexusContainer</role>
- <field-name>container</field-name>
- </requirement>
- </requirements>
- </component>
- <component>
- <role>org.codehaus.plexus.rbac.profile.RoleProfile</role>
- <role-hint>archiva-guest</role-hint>
- <implementation>org.apache.maven.archiva.security.ArchivaGuestRoleProfile</implementation>
- <requirements>
- <requirement>
- <role>org.codehaus.plexus.security.rbac.RBACManager</role>
- <role-hint>cached</role-hint>
- </requirement>
- <requirement>
- <role>org.codehaus.plexus.PlexusContainer</role>
- <field-name>container</field-name>
- </requirement>
- </requirements>
- </component>
- <component>
- <role>org.codehaus.plexus.rbac.profile.RoleProfile</role>
- <role-hint>global-repository-manager</role-hint>
- <implementation>org.apache.maven.archiva.security.GlobalRepositoryManagerRoleProfile</implementation>
- <requirements>
- <requirement>
- <role>org.codehaus.plexus.security.rbac.RBACManager</role>
- <role-hint>cached</role-hint>
- </requirement>
- <requirement>
- <role>org.codehaus.plexus.PlexusContainer</role>
- <field-name>container</field-name>
- </requirement>
- </requirements>
- </component>
- <component>
- <role>org.codehaus.plexus.rbac.profile.RoleProfile</role>
- <role-hint>global-repository-observer</role-hint>
- <implementation>org.apache.maven.archiva.security.GlobalRepositoryObserverRoleProfile</implementation>
- <requirements>
- <requirement>
- <role>org.codehaus.plexus.security.rbac.RBACManager</role>
- <role-hint>cached</role-hint>
- </requirement>
- <requirement>
- <role>org.codehaus.plexus.PlexusContainer</role>
- <field-name>container</field-name>
- </requirement>
- </requirements>
- </component>
- <component>
- <role>org.codehaus.plexus.rbac.profile.DynamicRoleProfile</role>
- <role-hint>archiva-repository-manager</role-hint>
- <implementation>org.apache.maven.archiva.security.RepositoryManagerDynamicRoleProfile</implementation>
- <requirements>
- <requirement>
- <role>org.codehaus.plexus.security.rbac.RBACManager</role>
- <role-hint>cached</role-hint>
- </requirement>
- </requirements>
- </component>
- <component>
- <role>org.codehaus.plexus.rbac.profile.DynamicRoleProfile</role>
- <role-hint>archiva-repository-observer</role-hint>
- <implementation>org.apache.maven.archiva.security.RepositoryObserverDynamicRoleProfile</implementation>
- <requirements>
- <requirement>
- <role>org.codehaus.plexus.security.rbac.RBACManager</role>
- <role-hint>cached</role-hint>
- </requirement>
- </requirements>
- </component>
- </components>
-</component-set>
<name>archiva-upload-repository</name>
<description>Upload Archiva Repository</description>
</operation>
+ <operation>
+ <id>archiva-access-repository</id>
+ <name>archiva-access-repository</name>
+ <description>Access Archiva Repository</description>
+ </operation>
<operation>
<id>archiva-guest</id>
<name>archiva-guest</name>
- <description>Upload Archiva Repository</description>
+ <description>Active Archiva Guest</description>
</operation>
</operations>
<roles>
<permanent>true</permanent>
</permission>
<permission>
- <id>archiva-access-report</id>
- <name>archiva-access-report</name>
- <operation>archiva-access-report</operation>
+ <id>archiva-access-reports</id>
+ <name>archiva-access-reports</name>
+ <operation>archiva-access-reports</operation>
<resource>global</resource>
<permanent>true</permanent>
</permission>
--- /dev/null
+package org.apache.maven.archiva.security;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import org.codehaus.plexus.PlexusTestCase;
+import org.codehaus.plexus.redback.role.RoleManager;
+
+/**
+ * RoleProfilesTest
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id: RoleManagerTest.java 4330 2007-05-10 17:28:56Z jmcconnell $
+ */
+public class RoleManagerTest
+ extends PlexusTestCase
+{
+ /**
+ * @plexus.requirement role-hint="default"
+ */
+ RoleManager roleManager;
+
+ protected void setUp()
+ throws Exception
+ {
+ super.setUp();
+
+ roleManager = (RoleManager) lookup( RoleManager.ROLE, "default" );
+ }
+
+ public void testExpectedRoles()
+ throws Exception
+ {
+ assertNotNull( roleManager );
+
+ assertTrue( roleManager.roleExists( "system-administrator" ) );
+ assertTrue( roleManager.roleExists( "user-administrator" ) );
+ assertTrue( roleManager.roleExists( "archiva-global-repository-observer" ) );
+ assertTrue( roleManager.roleExists( "archiva-guest" ) );
+ assertTrue( roleManager.roleExists( "guest" ) );
+ }
+}
--- /dev/null
+<?xml version="1.0" ?>
+<component-set>
+ <components>
+ <component>
+ <role>org.codehaus.plexus.redback.role.RoleManager</role>
+ <role-hint>default</role-hint>
+ <implementation>org.codehaus.plexus.redback.role.DefaultRoleManager</implementation>
+ <description>RoleProfileManager:</description>
+ <requirements>
+ <requirement>
+ <role>org.codehaus.plexus.redback.role.merger.RoleModelMerger</role>
+ <role-hint>default</role-hint>
+ <field-name>modelMerger</field-name>
+ </requirement>
+ <requirement>
+ <role>org.codehaus.plexus.redback.role.validator.RoleModelValidator</role>
+ <role-hint>default</role-hint>
+ <field-name>modelValidator</field-name>
+ </requirement>
+ <requirement>
+ <role>org.codehaus.plexus.redback.role.processor.RoleModelProcessor</role>
+ <role-hint>default</role-hint>
+ <field-name>modelProcessor</field-name>
+ </requirement>
+ <requirement>
+ <role>org.codehaus.plexus.redback.role.template.RoleTemplateProcessor</role>
+ <role-hint>default</role-hint>
+ <field-name>templateProcessor</field-name>
+ </requirement>
+ <requirement>
+ <role>org.codehaus.plexus.redback.rbac.RBACManager</role>
+ <role-hint>memory</role-hint>
+ <field-name>rbacManager</field-name>
+ </requirement>
+ </requirements>
+ </component>
+ <component>
+ <role>org.codehaus.plexus.redback.role.processor.RoleModelProcessor</role>
+ <role-hint>default</role-hint>
+ <implementation>org.codehaus.plexus.redback.role.processor.DefaultRoleModelProcessor</implementation>
+ <description>DefaultRoleModelProcessor: inserts the components of the model that can be populated into the rbac manager</description>
+ <requirements>
+ <requirement>
+ <role>org.codehaus.plexus.redback.rbac.RBACManager</role>
+ <role-hint>memory</role-hint>
+ <field-name>rbacManager</field-name>
+ </requirement>
+ </requirements>
+ </component>
+ <component>
+ <role>org.codehaus.plexus.redback.role.template.RoleTemplateProcessor</role>
+ <role-hint>default</role-hint>
+ <implementation>org.codehaus.plexus.redback.role.template.DefaultRoleTemplateProcessor</implementation>
+ <description>DefaultRoleTemplateProcessor: inserts the components of a template into the rbac manager</description>
+ <requirements>
+ <requirement>
+ <role>org.codehaus.plexus.redback.rbac.RBACManager</role>
+ <role-hint>memory</role-hint>
+ <field-name>rbacManager</field-name>
+ </requirement>
+ </requirements>
+ </component>
+ </components>
+</component-set>
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
- -->
+ -->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
</dependency>
<!-- Plexus Security Dependencies -->
<dependency>
- <groupId>org.codehaus.plexus.security</groupId>
- <artifactId>plexus-security-ui-web</artifactId>
+ <groupId>org.codehaus.plexus.redback</groupId>
+ <artifactId>redback-xwork-content</artifactId>
<type>war</type>
<scope>runtime</scope>
</dependency>
<dependency>
- <groupId>org.codehaus.plexus.security</groupId>
- <artifactId>plexus-security-ui-web-taglib</artifactId>
+ <groupId>org.codehaus.plexus.redback</groupId>
+ <artifactId>redback-xwork-integration</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.codehaus.plexus.redback</groupId>
+ <artifactId>redback-taglib</artifactId>
</dependency>
<!-- Other dependencies -->
<dependency>
<includes>
<!-- TODO: META-INF shouldn't be required, seems to be an issue with the current war plugin -->
<include>META-INF</include>
- <include>images/pss</include>
+ <include>images/redback</include>
<!-- Images from other wars -->
- <include>template/pss</include>
+ <include>template/redback</include>
<!-- Templates from other wars -->
<include>WEB-INF/classes</include>
<!-- Classes and Resources from other wars -->
<!-- Database location configured in application.xml -->
<include>WEB-INF/logs</include>
<!-- Log file location specified in application.xml -->
- <include>pss</include>
+ <include>redback</include>
<!-- plexus-security css and javascript -->
- <include>css/pss</include>
- <include>WEB-INF/jsp/pss</include>
+ <include>css/redback</include>
+ <include>WEB-INF/jsp/redback</include>
<!-- plexus-security jsps -->
- <include>WEB-INF/template/pss</include>
+ <include>WEB-INF/template/redback</include>
<!-- plexus-security xwork templates -->
<include>WEB-INF/logs</include>
<!-- Directory created by jetty:run -->
import org.apache.maven.archiva.reporting.ReportingManager;
import org.apache.maven.archiva.security.ArchivaRoleConstants;
-import org.codehaus.plexus.security.rbac.Resource;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureAction;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureActionBundle;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureActionException;
+import org.codehaus.plexus.redback.rbac.Resource;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureAction;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureActionBundle;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureActionException;
import org.codehaus.plexus.xwork.action.PlexusActionSupport;
import java.util.ArrayList;
import org.apache.maven.archiva.indexer.RepositoryIndexException;
import org.apache.maven.archiva.indexer.RepositoryIndexSearchException;
import org.apache.maven.archiva.security.ArchivaRoleConstants;
+import org.codehaus.plexus.redback.rbac.Resource;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureAction;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureActionBundle;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureActionException;
import org.codehaus.plexus.registry.RegistryException;
import org.codehaus.plexus.scheduler.CronExpressionValidator;
-import org.codehaus.plexus.security.rbac.Resource;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureAction;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureActionBundle;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureActionException;
import org.codehaus.plexus.xwork.action.PlexusActionSupport;
import java.io.IOException;
import org.apache.maven.archiva.scheduled.tasks.ArchivaTask;
import org.apache.maven.archiva.scheduled.tasks.RepositoryTask;
import org.apache.maven.archiva.security.ArchivaRoleConstants;
-import org.codehaus.plexus.security.rbac.Resource;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureAction;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureActionBundle;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureActionException;
+import org.codehaus.plexus.redback.rbac.Resource;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureAction;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureActionBundle;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureActionException;
import org.codehaus.plexus.taskqueue.TaskQueueException;
import org.codehaus.plexus.xwork.action.PlexusActionSupport;
import org.apache.maven.shared.app.company.CompanyPomHandler;
import org.apache.maven.shared.app.configuration.Configuration;
import org.apache.maven.shared.app.configuration.MavenAppConfiguration;
+import org.codehaus.plexus.redback.rbac.Resource;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureAction;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureActionBundle;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureActionException;
import org.codehaus.plexus.registry.RegistryException;
-import org.codehaus.plexus.security.rbac.Resource;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureAction;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureActionBundle;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureActionException;
import java.io.IOException;
import org.apache.maven.shared.app.configuration.CompanyPom;
import org.apache.maven.shared.app.configuration.Configuration;
import org.apache.maven.shared.app.configuration.MavenAppConfiguration;
-import org.codehaus.plexus.security.rbac.Resource;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureAction;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureActionBundle;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureActionException;
+import org.codehaus.plexus.redback.rbac.Resource;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureAction;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureActionBundle;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureActionException;
import java.io.IOException;
import org.apache.maven.archiva.security.ArchivaRoleConstants;
import org.codehaus.plexus.personality.plexus.lifecycle.phase.Initializable;
import org.codehaus.plexus.personality.plexus.lifecycle.phase.InitializationException;
+import org.codehaus.plexus.redback.rbac.Resource;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureAction;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureActionBundle;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureActionException;
import org.codehaus.plexus.registry.RegistryException;
-import org.codehaus.plexus.security.rbac.Resource;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureAction;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureActionBundle;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureActionException;
import org.codehaus.plexus.xwork.action.PlexusActionSupport;
import java.io.IOException;
import org.apache.maven.archiva.configuration.RepositoryConfiguration;
import org.apache.maven.archiva.security.ArchivaRoleConstants;
import org.apache.maven.archiva.web.action.admin.repositories.AdminRepositoryConfiguration;
-import org.codehaus.plexus.security.rbac.Resource;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureAction;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureActionBundle;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureActionException;
+import org.codehaus.plexus.redback.rbac.Resource;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureAction;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureActionBundle;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureActionException;
import org.codehaus.plexus.xwork.action.PlexusActionSupport;
import java.util.ArrayList;
import org.apache.maven.archiva.database.updater.DatabaseConsumers;
import org.apache.maven.archiva.security.ArchivaRoleConstants;
import org.apache.maven.archiva.web.action.admin.scanning.AdminRepositoryConsumerComparator;
-import org.codehaus.plexus.security.rbac.Resource;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureAction;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureActionBundle;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureActionException;
+import org.codehaus.plexus.redback.rbac.Resource;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureAction;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureActionBundle;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureActionException;
import org.codehaus.plexus.xwork.action.PlexusActionSupport;
import java.util.Collections;
import org.apache.maven.archiva.configuration.NetworkProxyConfiguration;
import org.apache.maven.archiva.configuration.functors.NetworkProxySelectionPredicate;
import org.apache.maven.archiva.security.ArchivaRoleConstants;
+import org.codehaus.plexus.redback.rbac.Resource;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureAction;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureActionBundle;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureActionException;
import org.codehaus.plexus.registry.RegistryException;
-import org.codehaus.plexus.security.rbac.Resource;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureAction;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureActionBundle;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureActionException;
import org.codehaus.plexus.xwork.action.PlexusActionSupport;
/**
import org.apache.maven.archiva.configuration.ArchivaConfiguration;
import org.apache.maven.archiva.security.ArchivaRoleConstants;
-import org.codehaus.plexus.security.rbac.Resource;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureAction;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureActionBundle;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureActionException;
+import org.codehaus.plexus.redback.rbac.Resource;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureAction;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureActionBundle;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureActionException;
import org.codehaus.plexus.xwork.action.PlexusActionSupport;
import java.util.List;
import org.apache.maven.archiva.configuration.InvalidConfigurationException;
import org.apache.maven.archiva.configuration.RepositoryConfiguration;
import org.apache.maven.archiva.security.ArchivaRoleConstants;
-import org.codehaus.plexus.rbac.profile.RoleProfileException;
-import org.codehaus.plexus.rbac.profile.RoleProfileManager;
+import org.codehaus.plexus.redback.authorization.AuthorizationException;
+import org.codehaus.plexus.redback.authorization.AuthorizationResult;
+import org.codehaus.plexus.redback.rbac.Resource;
+import org.codehaus.plexus.redback.role.RoleManager;
+import org.codehaus.plexus.redback.role.RoleManagerException;
+import org.codehaus.plexus.redback.system.SecuritySession;
+import org.codehaus.plexus.redback.system.SecuritySystem;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureAction;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureActionBundle;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureActionException;
import org.codehaus.plexus.registry.RegistryException;
-import org.codehaus.plexus.security.authorization.AuthorizationException;
-import org.codehaus.plexus.security.authorization.AuthorizationResult;
-import org.codehaus.plexus.security.rbac.RbacManagerException;
-import org.codehaus.plexus.security.rbac.Resource;
-import org.codehaus.plexus.security.system.SecuritySession;
-import org.codehaus.plexus.security.system.SecuritySystem;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureAction;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureActionBundle;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureActionException;
import org.codehaus.plexus.xwork.action.PlexusActionSupport;
import java.io.File;
implements Preparable, SecureAction
{
/**
- * @plexus.requirement role-hint="archiva"
+ * @plexus.requirement role-hint="default"
*/
- private RoleProfileManager roleProfileManager;
+ private RoleManager roleManager;
/**
* @plexus.requirement
{
addActionError( "Unable to delete repository: " + e.getMessage() );
}
- catch ( RoleProfileException e )
+ catch ( RoleManagerException e )
{
addActionError( "Unable to delete repository: " + e.getMessage() );
}
{
addActionError( "Unable to delete repository: " + e.getMessage() );
}
- catch ( RbacManagerException e )
- {
- addActionError( "Unable to delete repository: " + e.getMessage() );
- }
catch ( RegistryException e )
{
addActionError( "Unable to delete repository: " + e.getMessage() );
{
addActionError( "I/O Exception: " + e.getMessage() );
}
- catch ( RoleProfileException e )
+ catch ( RoleManagerException e )
{
- addActionError( "Role Profile Exception: " + e.getMessage() );
+ addActionError( "Role Manager Exception: " + e.getMessage() );
}
catch ( InvalidConfigurationException e )
{
addActionError( "Invalid Configuration Exception: " + e.getMessage() );
}
- catch ( RbacManagerException e )
- {
- addActionError( "RBAC Manager Exception: " + e.getMessage() );
- }
catch ( RegistryException e )
{
addActionError( "Configuration Registry Exception: " + e.getMessage() );
}
private void addRepository( AdminRepositoryConfiguration repository )
- throws IOException, RoleProfileException
+ throws IOException, RoleManagerException
{
getLogger().info( ".addRepository(" + repository + ")" );
archivaConfiguration.getConfiguration().addRepository( repository );
// TODO: double check these are configured on start up
- roleProfileManager.getDynamicRole( "archiva-repository-manager", repository.getId() );
+ roleManager.createTemplatedRole( "archiva-repository-manager", repository.getId() );
+
+ roleManager.createTemplatedRole( "archiva-repository-observer", repository.getId() );
- roleProfileManager.getDynamicRole( "archiva-repository-observer", repository.getId() );
}
private boolean operationAllowed( String permission, String repoid )
}
private void removeRepositoryRoles( RepositoryConfiguration existingRepository )
- throws RoleProfileException
+ throws RoleManagerException
{
- roleProfileManager.deleteDynamicRole( "archiva-repository-manager", existingRepository.getId() );
- roleProfileManager.deleteDynamicRole( "archiva-repository-observer", existingRepository.getId() );
+ roleManager.removeTemplatedRole( "archiva-repository-manager", existingRepository.getId() );
+ roleManager.removeTemplatedRole( "archiva-repository-observer", existingRepository.getId() );
getLogger().info( "removed user roles associated with repository " + existingRepository.getId() );
}
private String saveConfiguration()
- throws IOException, InvalidConfigurationException, RbacManagerException, RoleProfileException,
- RegistryException
+ throws IOException, InvalidConfigurationException, RegistryException
{
getLogger().info( ".saveConfiguration()" );
import org.apache.maven.archiva.configuration.functors.RepositoryConfigurationComparator;
import org.apache.maven.archiva.security.ArchivaRoleConstants;
import org.apache.maven.archiva.web.util.ContextUtils;
-import org.codehaus.plexus.security.rbac.Resource;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureAction;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureActionBundle;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureActionException;
+import org.codehaus.plexus.redback.rbac.Resource;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureAction;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureActionBundle;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureActionException;
import org.codehaus.plexus.xwork.action.PlexusActionSupport;
import java.util.ArrayList;
import org.apache.maven.archiva.configuration.functors.FiletypeToMapClosure;
import org.apache.maven.archiva.repository.scanner.RepositoryContentConsumers;
import org.apache.maven.archiva.security.ArchivaRoleConstants;
+import org.codehaus.plexus.redback.rbac.Resource;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureAction;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureActionBundle;
+import org.codehaus.plexus.redback.xwork.interceptor.SecureActionException;
import org.codehaus.plexus.registry.RegistryException;
-import org.codehaus.plexus.security.rbac.Resource;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureAction;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureActionBundle;
-import org.codehaus.plexus.security.ui.web.interceptor.SecureActionException;
import org.codehaus.plexus.xwork.action.PlexusActionSupport;
import java.util.ArrayList;
import org.apache.maven.archiva.database.ObjectNotFoundException;
import org.apache.maven.archiva.model.ArchivaRepository;
import org.codehaus.plexus.logging.AbstractLogEnabled;
-import org.codehaus.plexus.rbac.profile.RoleProfileException;
-import org.codehaus.plexus.rbac.profile.RoleProfileManager;
-import org.codehaus.plexus.security.system.check.EnvironmentCheck;
+import org.codehaus.plexus.redback.role.RoleManager;
+import org.codehaus.plexus.redback.role.RoleManagerException;
+import org.codehaus.plexus.redback.system.check.EnvironmentCheck;
import java.util.Iterator;
import java.util.List;
private ArchivaDAO dao;
/**
- * @plexus.requirement role-hint="archiva"
+ * @plexus.requirement role-hint="default"
*/
- private RoleProfileManager roleProfileManager;
+ private RoleManager roleManager;
private boolean checked;
{
ArchivaRepository repository = (ArchivaRepository) it.next();
- roleProfileManager.getDynamicRole( "archiva-repository-manager", repository.getId() );
+ if ( !roleManager.templatedRoleExists( "archiva-repository-manager", repository.getId() ) )
+ {
+ roleManager.createTemplatedRole( "archiva-repository-manager", repository.getId() );
+ }
- roleProfileManager.getDynamicRole( "archiva-repository-observer", repository.getId() );
+ if ( !roleManager.templatedRoleExists( "archiva-repository-observer", repository.getId() ) )
+ {
+ roleManager.createTemplatedRole( "archiva-repository-observer", repository.getId() );
+ }
}
}
}
- catch ( RoleProfileException rpe )
+ catch ( RoleManagerException rpe )
{
list.add( this.getClass().getName() + "error initializing roles: " + rpe.getMessage() );
getLogger().info( "error initializing roles", rpe );
import org.apache.maven.archiva.database.ObjectNotFoundException;
import org.apache.maven.archiva.model.ArchivaRepository;
import org.apache.maven.archiva.security.ArchivaRoleConstants;
+import org.codehaus.plexus.redback.authentication.AuthenticationException;
+import org.codehaus.plexus.redback.authentication.AuthenticationResult;
+import org.codehaus.plexus.redback.authorization.AuthorizationException;
+import org.codehaus.plexus.redback.authorization.AuthorizationResult;
+import org.codehaus.plexus.redback.policy.AccountLockedException;
+import org.codehaus.plexus.redback.policy.MustChangePasswordException;
+import org.codehaus.plexus.redback.system.SecuritySession;
+import org.codehaus.plexus.redback.system.SecuritySystem;
+import org.codehaus.plexus.redback.xwork.filter.authentication.HttpAuthenticator;
import org.codehaus.plexus.registry.Registry;
import org.codehaus.plexus.registry.RegistryListener;
-import org.codehaus.plexus.security.authentication.AuthenticationException;
-import org.codehaus.plexus.security.authentication.AuthenticationResult;
-import org.codehaus.plexus.security.authorization.AuthorizationException;
-import org.codehaus.plexus.security.authorization.AuthorizationResult;
-import org.codehaus.plexus.security.policy.AccountLockedException;
-import org.codehaus.plexus.security.policy.MustChangePasswordException;
-import org.codehaus.plexus.security.system.SecuritySession;
-import org.codehaus.plexus.security.system.SecuritySystem;
-import org.codehaus.plexus.security.ui.web.filter.authentication.HttpAuthenticator;
import org.codehaus.plexus.webdav.DavServerComponent;
import org.codehaus.plexus.webdav.DavServerException;
import org.codehaus.plexus.webdav.servlet.DavServerRequest;
<interceptors>
<interceptor name="strange" class="webwork-is-doing-strange-things"/>
<interceptor name="configuration" class="configurationInterceptor"/>
- <interceptor name="pssForceAdminUser" class="pssForceAdminUserInterceptor"/>
- <interceptor name="pssSecureActions" class="pssSecureActionInterceptor"/>
- <interceptor name="pssAutoLogin" class="pssAutoLoginInterceptor"/>
- <interceptor name="pssPolicyEnforcement" class="pssPolicyEnforcementInterceptor"/>
+ <interceptor name="redbackForceAdminUser" class="redbackForceAdminUserInterceptor"/>
+ <interceptor name="redbackSecureActions" class="redbackSecureActionInterceptor"/>
+ <interceptor name="redbackAutoLogin" class="redbackAutoLoginInterceptor"/>
+ <interceptor name="redbackPolicyEnforcement" class="redbackPolicyEnforcementInterceptor"/>
<interceptor name="paramFilter" class="com.opensymphony.xwork.interceptor.ParameterFilterInterceptor" />
<interceptor-stack name="configuredArchivaStack">
- <interceptor-ref name="pssForceAdminUser"/>
- <interceptor-ref name="pssAutoLogin"/>
+ <interceptor-ref name="redbackForceAdminUser"/>
+ <interceptor-ref name="redbackAutoLogin"/>
<interceptor-ref name="defaultStack"/>
<interceptor-ref name="paramFilter">
<param name="blocked">externalResult</param>
</interceptor-ref>
- <interceptor-ref name="pssSecureActions"/>
- <interceptor-ref name="pssPolicyEnforcement"/>
+ <interceptor-ref name="redbackSecureActions"/>
+ <interceptor-ref name="redbackPolicyEnforcement"/>
<interceptor-ref name="configuration"/>
<interceptor-ref name="validation">
<param name="excludeMethods">input,back,cancel,browse</param>
</interceptor-stack>
<interceptor-stack name="unconfiguredArchivaStack">
- <interceptor-ref name="pssForceAdminUser"/>
- <interceptor-ref name="pssAutoLogin"/>
+ <interceptor-ref name="redbackForceAdminUser"/>
+ <interceptor-ref name="redbackAutoLogin"/>
<interceptor-ref name="defaultStack"/>
- <interceptor-ref name="pssPolicyEnforcement"/>
- <interceptor-ref name="pssSecureActions"/>
+ <interceptor-ref name="redbackPolicyEnforcement"/>
+ <interceptor-ref name="redbackSecureActions"/>
<interceptor-ref name="validation">
<param name="excludeMethods">input,back,cancel,browse</param>
</interceptor-ref>
<!-- This is the redirection facility for plexus-security,
allowing plexus-security to call out from its own set of actions
into the application webapp, using global result names. -->
- <action name="pssRedirect" class="pss-redirect" method="redirect">
+ <action name="redbackRedirect" class="redback-redirect" method="redirect">
<result type="redirect-action">browse</result>
</action>
<%@ taglib prefix="ww" uri="/webwork"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
-<%@ taglib prefix="pss" uri="/plexusSecuritySystem"%>
+<%@ taglib prefix="redback" uri="http://plexus.codehaus.org/redback/taglib-1.0" %>
<%@ taglib prefix="archiva" uri="http://maven.apache.org/archiva"%>
<html>
<%@ taglib prefix="ww" uri="/webwork" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
-<%@ taglib prefix="pss" uri="/plexusSecuritySystem" %>
+<%@ taglib prefix="redback" uri="http://plexus.codehaus.org/redback/taglib-1.0" %>
<html>
<head>
<div>
<div style="float: right">
<%-- TODO replace with icons --%>
- <pss:ifAuthorized permission="archiva-manage-configuration">
+ <redback:ifAuthorized permission="archiva-manage-configuration">
<a href="<ww:url action="configure" />">Edit Configuration</a>
- </pss:ifAuthorized>
+ </redback:ifAuthorized>
</div>
<h2>Configuration</h2>
</div>
<table class="infoTable">
<tr>
<td>
- <pss:ifAuthorized permission="archiva-run-indexer">
+ <redback:ifAuthorized permission="archiva-run-indexer">
<a href="<ww:url action="runIndexer" />">Run Now</a>
- </pss:ifAuthorized>
+ </redback:ifAuthorized>
</td>
</tr>
</table>
<%@ taglib prefix="ww" uri="/webwork"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
-<%@ taglib prefix="pss" uri="/plexusSecuritySystem"%>
+<%@ taglib prefix="redback" uri="http://plexus.codehaus.org/redback/taglib-1.0" %>
<%@ taglib prefix="archiva" uri="http://maven.apache.org/archiva"%>
<html>
<div class="admin">
<div class="controls">
-<pss:ifAuthorized
+<redback:ifAuthorized
permission="archiva-manage-configuration">
<ww:url id="addNetworkProxyUrl" action="addNetworkProxy" />
<ww:a href="%{addNetworkProxyUrl}">
<img src="<c:url value="/images/icons/create.png" />" />
Add Network Proxy</ww:a>
-</pss:ifAuthorized></div>
+</redback:ifAuthorized></div>
<h2>Network Proxies</h2>
<c:choose>
<div class="netproxy ${rowColor}">
<div class="controls">
- <pss:ifAnyAuthorized
+ <redback:ifAnyAuthorized
permissions="archiva-manage-configuration">
<ww:url id="editNetworkProxyUrl" action="editNetworkProxy">
<ww:param name="proxyid" value="%{'${proxy.id}'}" />
<ww:a href="%{deleteNetworkProxyUrl}">
<img src="<c:url value="/images/icons/delete.gif" />" />
Delete Network Proxy</ww:a>
- </pss:ifAnyAuthorized></div>
+ </redback:ifAnyAuthorized></div>
<table class="infoTable">
<tr>
<%@ taglib prefix="ww" uri="/webwork" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
-<%@ taglib prefix="pss" uri="/plexusSecuritySystem" %>
+<%@ taglib prefix="redback" uri="http://plexus.codehaus.org/redback/taglib-1.0" %>
<%@ taglib prefix="archiva" uri="http://maven.apache.org/archiva" %>
<html>
<ww:actionmessage />
<div style="float:right">
- <pss:ifAnyAuthorized permissions="archiva-manage-configuration">
+ <redback:ifAnyAuthorized permissions="archiva-manage-configuration">
<ww:url id="addProxyConnectorUrl" action="addProxyConnector" />
<ww:a href="%{addProxyConnectorUrl}" cssClass="create">
<img src="<c:url value="/images/icons/create.png" />" />
Add Proxy Connector
</ww:a>
- </pss:ifAnyAuthorized>
+ </redback:ifAnyAuthorized>
</div>
<h2>Repository Proxy Connectors</h2>
<td class="connector">
<div class="wrap">
<div class="controls">
- <pss:ifAnyAuthorized permissions="archiva-manage-configuration">
+ <redback:ifAnyAuthorized permissions="archiva-manage-configuration">
<ww:url id="editProxyConnectorUrl" action="editProxyConnector">
<ww:param name="target" value="%{'${connector.targetRepoId}'}" />
<ww:param name="source" value="%{'${connector.sourceRepoId}'}" />
<ww:a href="%{deleteProxyConnectorUrl}" cssClass="delete" title="Delete Proxy Connector">
<img src="<c:url value="/images/icons/delete.gif" />" />
</ww:a>
- </pss:ifAnyAuthorized>
+ </redback:ifAnyAuthorized>
</div>
<h4>Proxy Connector</h4>
<%@ taglib prefix="ww" uri="/webwork" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
-<%@ taglib prefix="pss" uri="/plexusSecuritySystem" %>
+<%@ taglib prefix="redback" uri="http://plexus.codehaus.org/redback/taglib-1.0" %>
<%@ taglib prefix="archiva" uri="http://maven.apache.org/archiva" %>
<html>
<div class="admin">
<div class="controls">
- <pss:ifAuthorized permission="archiva-manage-configuration">
+ <redback:ifAuthorized permission="archiva-manage-configuration">
<ww:url id="addRepositoryUrl" action="addRepository"/>
<ww:a href="%{addRepositoryUrl}">
<img src="<c:url value="/images/icons/create.png" />" />
Add Repository</ww:a>
- </pss:ifAuthorized>
+ </redback:ifAuthorized>
</div>
<h2>Local Repositories</h2>
<div class="controls">
<%-- TODO: make some icons --%>
- <pss:ifAnyAuthorized permissions="archiva-manage-configuration">
+ <redback:ifAnyAuthorized permissions="archiva-manage-configuration">
<ww:url id="editRepositoryUrl" action="editRepository">
<ww:param name="repoid" value="%{'${repository.id}'}" />
</ww:url>
<ww:a href="%{deleteRepositoryUrl}">
<img src="<c:url value="/images/icons/delete.gif" />" />
Delete Repository</ww:a>
- </pss:ifAnyAuthorized>
+ </redback:ifAnyAuthorized>
</div>
<div style="float: left">
<th>Stats</th>
<td>
<div style="float: right">
- <pss:ifAuthorized permission="archiva-run-indexer">
+ <redback:ifAuthorized permission="archiva-run-indexer">
<ww:url id="indexRepositoryUrl" action="indexRepository">
<ww:param name="repoid" value="%{'${repository.id}'}" />
</ww:url>
<ww:a href="%{indexRepositoryUrl}">Index Repository</ww:a>
- </pss:ifAuthorized>
+ </redback:ifAuthorized>
</div>
<c:choose>
<c:when test="${empty(repository.stats)}">
<div class="controls">
<%-- TODO: make some icons --%>
- <pss:ifAnyAuthorized permissions="archiva-manage-configuration">
+ <redback:ifAnyAuthorized permissions="archiva-manage-configuration">
<ww:url id="editRepositoryUrl" action="editRepository">
<ww:param name="repoid" value="%{'${repository.id}'}" />
</ww:url>
<ww:a href="%{deleteRepositoryUrl}">
<img src="<c:url value="/images/icons/delete.gif" />" />
Delete Repository</ww:a>
- </pss:ifAnyAuthorized>
+ </redback:ifAnyAuthorized>
</div>
<div style="float: left">
<%@ taglib prefix="ww" uri="/webwork"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
-<%@ taglib prefix="pss" uri="/plexusSecuritySystem"%>
+<%@ taglib prefix="redback" uri="http://plexus.codehaus.org/redback/taglib-1.0" %>
<%@ taglib prefix="archiva" uri="http://maven.apache.org/archiva"%>
<html>
<%@ taglib prefix="ww" uri="/webwork" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
-<%@ taglib prefix="pss" uri="/plexusSecuritySystem" %>
+<%@ taglib prefix="redback" uri="http://plexus.codehaus.org/redback/taglib-1.0" %>
<html>
<head>
<%@ taglib uri="/webwork" prefix="ww" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<%@ taglib prefix="my" tagdir="/WEB-INF/tags" %>
-<%@ taglib prefix="pss" uri="/plexusSecuritySystem" %>
+<%@ taglib prefix="redback" uri="http://plexus.codehaus.org/redback/taglib-1.0" %>
<%@ page import="java.util.Calendar" %>
<html>
<head>
<link rel="stylesheet" href="<c:url value="/css/maven-base.css"/>" type="text/css" media="all"/>
<link rel="stylesheet" href="<c:url value="/css/maven-theme.css"/>" type="text/css" media="all"/>
- <link rel="stylesheet" href="<c:url value="/css/pss/table.css"/>" type="text/css" media="all"/>
+ <link rel="stylesheet" href="<c:url value="/css/redback/table.css"/>" type="text/css" media="all"/>
<link rel="stylesheet" href="<c:url value="/css/site.css"/>" type="text/css" media="all"/>
<link rel="stylesheet" href="<c:url value="/css/print.css"/>" type="text/css" media="print"/>
<link rel="shortcut icon" href="<c:url value="/favicon.ico" />" />
<div id="breadcrumbs">
<div class="xleft">
- <%@ include file="/WEB-INF/jsp/pss/include/securityLinks.jsp" %>
+ <%@ include file="/WEB-INF/jsp/redback/include/securityLinks.jsp" %>
</div>
<div class="xright">
</li>
</ul>
- <pss:ifAnyAuthorized permissions="archiva-manage-users,archiva-access-reports,archiva-manage-configuration">
+ <redback:ifAnyAuthorized permissions="archiva-manage-users,archiva-access-reports,archiva-manage-configuration">
<h5>Manage</h5>
<ul>
- <pss:ifAuthorized permission="archiva-access-reports">
+ <redback:ifAuthorized permission="archiva-access-reports">
<li class="none">
<my:currentWWUrl action="reports" namespace="/admin">Reports</my:currentWWUrl>
</li>
- </pss:ifAuthorized>
+ </redback:ifAuthorized>
<%-- TODO
<li class="none">
<a href="#">Synchronisation</a>
</li>
--%>
- <pss:ifAuthorized permission="archiva-manage-users">
+ <redback:ifAuthorized permission="archiva-manage-users">
<li class="none">
<my:currentWWUrl action="userlist" namespace="/security">User Management</my:currentWWUrl>
</li>
- </pss:ifAuthorized>
- <pss:ifAuthorized permission="archiva-manage-configuration">
+ </redback:ifAuthorized>
+ <redback:ifAuthorized permission="archiva-manage-configuration">
<li class="none">
<my:currentWWUrl action="configureAppearance" namespace="/admin">Appearance</my:currentWWUrl>
</li>
- </pss:ifAuthorized>
+ </redback:ifAuthorized>
<%-- TODO: future options here.
* Repository Statistics.
* Web Services Statistics.
--%>
</ul>
- </pss:ifAnyAuthorized>
+ </redback:ifAnyAuthorized>
- <pss:ifAuthorized permission="archiva-manage-configuration">
+ <redback:ifAuthorized permission="archiva-manage-configuration">
<h5>Administration</h5>
<ul>
<li class="none">
* Web Services (enable / disable), role based?
--%>
</ul>
- </pss:ifAuthorized>
+ </redback:ifAuthorized>
</div>
</div>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
-<%@ taglib prefix="pss" uri="/plexusSecuritySystem" %>
+<%@ taglib prefix="redback" uri="http://plexus.codehaus.org/redback/taglib-1.0" %>
<%@ taglib prefix="my" tagdir="/WEB-INF/tags" %>
<html>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="my" tagdir="/WEB-INF/tags" %>
<%@ taglib prefix="archiva" uri="http://maven.apache.org/archiva" %>
-<%@ taglib prefix="pss" uri="/plexusSecuritySystem" %>
+<%@ taglib prefix="redback" uri="http://plexus.codehaus.org/redback/taglib-1.0" %>
<html>
<head>
</ww:url>
</c:set>
<my:currentWWUrl url="${url}">Mailing Lists</my:currentWWUrl>
- <pss:ifAnyAuthorized permissions="archiva-access-reports">
+ <redback:ifAnyAuthorized permissions="archiva-access-reports">
<c:set var="url">
<ww:url action="showArtifactReports">
<ww:param name="groupId" value="%{groupId}"/>
</ww:url>
</c:set>
<my:currentWWUrl url="${url}">Reports</my:currentWWUrl>
- </pss:ifAnyAuthorized>
+ </redback:ifAnyAuthorized>
</span>
</div>
projects / archiva.git / commitdiff