From: Brett Porter <brett@apache.org>
Date: Wed, 18 Mar 2009 06:15:36 +0000 (+0000)
Subject: [MRM-1133] delete artifact role not added on upgrade from previous version
X-Git-Tag: archiva-1.2~29
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=e000da9c296a4461029ca0e56accde416e712fdc;p=archiva.git

[MRM-1133] delete artifact role not added on upgrade from previous version


git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@755486 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/archiva-modules/archiva-web/archiva-security/src/main/resources/META-INF/redback/redback.xml b/archiva-modules/archiva-web/archiva-security/src/main/resources/META-INF/redback/redback.xml
index 9714e146d..afdf9ad7a 100644
--- a/archiva-modules/archiva-web/archiva-security/src/main/resources/META-INF/redback/redback.xml
+++ b/archiva-modules/archiva-web/archiva-security/src/main/resources/META-INF/redback/redback.xml
@@ -196,8 +196,7 @@
               <id>archiva-delete-artifact</id>
               <name>Delete Artifact</name>
               <operation>archiva-delete-artifact</operation>
-              <resource>global</resource>
-              <permanent>true</permanent>
+              <resource>${resource}</resource>
             </permission>
             <permission>
               <id>archiva-edit-repository</id>
diff --git a/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/DeleteArtifactAction.java b/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/DeleteArtifactAction.java
index e20e0b70a..f571b4fc2 100644
--- a/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/DeleteArtifactAction.java
+++ b/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/DeleteArtifactAction.java
@@ -54,7 +54,10 @@ import org.apache.maven.archiva.repository.RepositoryException;
 import org.apache.maven.archiva.repository.RepositoryNotFoundException;
 import org.apache.maven.archiva.repository.ManagedRepositoryContent;
 import org.apache.maven.archiva.repository.RepositoryContentFactory;
+import org.apache.maven.archiva.security.AccessDeniedException;
+import org.apache.maven.archiva.security.ArchivaSecurityException;
 import org.apache.maven.archiva.security.ArchivaXworkUser;
+import org.apache.maven.archiva.security.PrincipalNotFoundException;
 import org.apache.maven.archiva.security.UserRepositories;
 import org.codehaus.plexus.redback.rbac.RbacManagerException;
 
@@ -186,7 +189,7 @@ public class DeleteArtifactAction
 
     public void prepare()
     {
-        managedRepos = new ArrayList<String>( configuration.getConfiguration().getManagedRepositoriesAsMap().keySet() );
+        managedRepos = getManagableRepos();
     }
 
     public String input()
@@ -412,6 +415,28 @@ public class DeleteArtifactAction
         this.auditListeners.remove( listener );
     }
 
+    private List<String> getManagableRepos()
+    {
+        try
+        {
+            return userRepositories.getManagableRepositoryIds( getPrincipal() );
+        }
+        catch ( PrincipalNotFoundException e )
+        {
+            log.warn( e.getMessage(), e );
+        }
+        catch ( AccessDeniedException e )
+        {
+            log.warn( e.getMessage(), e );
+            // TODO: pass this onto the screen.
+        }
+        catch ( ArchivaSecurityException e )
+        {
+            log.warn( e.getMessage(), e );
+        }
+        return Collections.emptyList();
+    }
+
     private void triggerAuditEvent( String user, String repositoryId, String resource, String action )
     {
         AuditEvent event = new AuditEvent( repositoryId, user, resource, action );
diff --git a/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/startup/SecuritySynchronization.java b/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/startup/SecuritySynchronization.java
index 346773abd..d3a920305 100644
--- a/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/startup/SecuritySynchronization.java
+++ b/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/startup/SecuritySynchronization.java
@@ -102,6 +102,11 @@ public class SecuritySynchronization
                     roleManager.createTemplatedRole( ArchivaRoleConstants.TEMPLATE_REPOSITORY_OBSERVER,
                                                      repoConfig.getId() );
                 }
+                else
+                {
+                    roleManager.verifyTemplatedRole( ArchivaRoleConstants.TEMPLATE_REPOSITORY_OBSERVER,
+                                                     repoConfig.getId() );
+                }
 
                 if ( !roleManager.templatedRoleExists( ArchivaRoleConstants.TEMPLATE_REPOSITORY_MANAGER,
                                                        repoConfig.getId() ) )
@@ -109,6 +114,11 @@ public class SecuritySynchronization
                     roleManager.createTemplatedRole( ArchivaRoleConstants.TEMPLATE_REPOSITORY_MANAGER,
                                                      repoConfig.getId() );
                 }
+                else
+                {
+                    roleManager.verifyTemplatedRole( ArchivaRoleConstants.TEMPLATE_REPOSITORY_MANAGER,
+                                                     repoConfig.getId() );
+                }
             }
             catch ( RoleManagerException e )
             {