From: Olivier Lamy Date: Sat, 5 Nov 2011 09:07:59 +0000 (+0000) Subject: check first if the request is .indexer browsing to not iterate over repositories... X-Git-Tag: archiva-1.4-M2~147 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=f0a3cbb41647ff35207f4b47c9b77a2f0382ca27;p=archiva.git check first if the request is .indexer browsing to not iterate over repositories (ie normal process) git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@1197905 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/archiva/webdav/ArchivaDavResourceFactory.java b/archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/archiva/webdav/ArchivaDavResourceFactory.java index 0dbe1f350..e374d504b 100644 --- a/archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/archiva/webdav/ArchivaDavResourceFactory.java +++ b/archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/archiva/webdav/ArchivaDavResourceFactory.java @@ -92,6 +92,7 @@ import javax.annotation.PostConstruct; import javax.inject.Inject; import javax.inject.Named; import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; import java.io.File; import java.io.FileNotFoundException; import java.io.FileReader; @@ -939,143 +940,120 @@ public class ArchivaDavResourceFactory if ( allow ) { - for ( String repository : repositories ) - { - ManagedRepositoryContent managedRepository = null; + // remove last / + String pathInfo = StringUtils.removeEnd( request.getPathInfo(), "/" ); + if ( StringUtils.endsWith( pathInfo, "/.indexer" ) ) + { try { - managedRepository = repositoryFactory.getManagedRepositoryContent( repository ); + File mergedRepoDir = buildMergedIndexDirectory( repositories, activePrincipal, request ); + mergedRepositoryContents.add( mergedRepoDir ); + } - catch ( RepositoryNotFoundException e ) + catch ( RepositoryAdminException e ) { - throw new DavException( HttpServletResponse.SC_INTERNAL_SERVER_ERROR, - "Invalid managed repository <" + repository + ">: " + e.getMessage() ); + throw new DavException( 500, e ); } - catch ( RepositoryException e ) + catch ( IndexMergerException e ) { - throw new DavException( HttpServletResponse.SC_INTERNAL_SERVER_ERROR, - "Invalid managed repository <" + repository + ">: " + e.getMessage() ); + throw new DavException( 500, e ); } - File resourceFile = new File( managedRepository.getRepoRoot(), logicalResource.getPath() ); - if ( resourceFile.exists() ) + } + else + { + for ( String repository : repositories ) { - // in case of group displaying index directory doesn't have sense !! - String repoIndexDirectory = managedRepository.getRepository().getIndexDirectory(); - if ( StringUtils.isNotEmpty( repoIndexDirectory ) ) + ManagedRepositoryContent managedRepository = null; + + try { - if ( !new File( repoIndexDirectory ).isAbsolute() ) - { - repoIndexDirectory = new File( managedRepository.getRepository().getLocation(), - StringUtils.isEmpty( repoIndexDirectory ) - ? ".indexer" - : repoIndexDirectory ).getAbsolutePath(); - } + managedRepository = repositoryFactory.getManagedRepositoryContent( repository ); + } + catch ( RepositoryNotFoundException e ) + { + throw new DavException( HttpServletResponse.SC_INTERNAL_SERVER_ERROR, + "Invalid managed repository <" + repository + ">: " + e.getMessage() ); } - if ( StringUtils.isEmpty( repoIndexDirectory ) ) + catch ( RepositoryException e ) { - repoIndexDirectory = - new File( managedRepository.getRepository().getLocation(), ".indexer" ).getAbsolutePath(); + throw new DavException( HttpServletResponse.SC_INTERNAL_SERVER_ERROR, + "Invalid managed repository <" + repository + ">: " + e.getMessage() ); } - if ( !StringUtils.equals( FilenameUtils.normalize( repoIndexDirectory ), - FilenameUtils.normalize( resourceFile.getAbsolutePath() ) ) ) + File resourceFile = new File( managedRepository.getRepoRoot(), logicalResource.getPath() ); + if ( resourceFile.exists() ) { - // for prompted authentication - if ( httpAuth.getSecuritySession( request.getSession( true ) ) != null ) + // in case of group displaying index directory doesn't have sense !! + String repoIndexDirectory = managedRepository.getRepository().getIndexDirectory(); + if ( StringUtils.isNotEmpty( repoIndexDirectory ) ) { - try + if ( !new File( repoIndexDirectory ).isAbsolute() ) { - if ( isAuthorized( request, repository ) ) - { - mergedRepositoryContents.add( resourceFile ); - log.debug( "Repository '{}' accessed by '{}'", repository, activePrincipal ); - } - } - catch ( DavException e ) - { - // TODO: review exception handling - if ( log.isDebugEnabled() ) - { - log.debug( - "Skipping repository '" + managedRepository + "' for user '" + activePrincipal - + "': " + e.getMessage() ); - } + repoIndexDirectory = new File( managedRepository.getRepository().getLocation(), + StringUtils.isEmpty( repoIndexDirectory ) + ? ".indexer" + : repoIndexDirectory ).getAbsolutePath(); } - } - else + if ( StringUtils.isEmpty( repoIndexDirectory ) ) { - // for the current user logged in - try + repoIndexDirectory = new File( managedRepository.getRepository().getLocation(), + ".indexer" ).getAbsolutePath(); + } + + if ( !StringUtils.equals( FilenameUtils.normalize( repoIndexDirectory ), + FilenameUtils.normalize( resourceFile.getAbsolutePath() ) ) ) + { + // for prompted authentication + if ( httpAuth.getSecuritySession( request.getSession( true ) ) != null ) { - if ( servletAuth.isAuthorized( activePrincipal, repository, - WebdavMethodUtil.getMethodPermission( - request.getMethod() ) ) ) + try { - mergedRepositoryContents.add( resourceFile ); - log.debug( "Repository '{}' accessed by '{}'", repository, activePrincipal ); + if ( isAuthorized( request, repository ) ) + { + mergedRepositoryContents.add( resourceFile ); + log.debug( "Repository '{}' accessed by '{}'", repository, activePrincipal ); + } } - } - catch ( UnauthorizedException e ) - { - // TODO: review exception handling - if ( log.isDebugEnabled() ) + catch ( DavException e ) { - log.debug( - "Skipping repository '" + managedRepository + "' for user '" + activePrincipal - + "': " + e.getMessage() ); + // TODO: review exception handling + if ( log.isDebugEnabled() ) + { + log.debug( "Skipping repository '" + managedRepository + "' for user '" + + activePrincipal + "': " + e.getMessage() ); + } } + } - } - } - } - } - // remove last / - String pathInfo = StringUtils.removeEnd( request.getPathInfo(), "/" ); - if ( StringUtils.endsWith( path, ".indexer" ) ) - { - try - { - Set authzRepos = new HashSet(); - for ( String repository : repositories ) - { - try - { - if ( servletAuth.isAuthorized( activePrincipal, repository, - WebdavMethodUtil.getMethodPermission( - request.getMethod() ) ) ) - { - authzRepos.add( repository ); - authzRepos.addAll( this.repositorySearch.getRemoteIndexingContextIds( repository ) ); - } - } - catch ( UnauthorizedException e ) - { - // TODO: review exception handling - if ( log.isDebugEnabled() ) + else { - log.debug( - "Skipping repository '" + repository + "' for user '" + activePrincipal + "': " - + e.getMessage() ); + // for the current user logged in + try + { + if ( servletAuth.isAuthorized( activePrincipal, repository, + WebdavMethodUtil.getMethodPermission( + request.getMethod() ) ) ) + { + mergedRepositoryContents.add( resourceFile ); + log.debug( "Repository '{}' accessed by '{}'", repository, activePrincipal ); + } + } + catch ( UnauthorizedException e ) + { + // TODO: review exception handling + if ( log.isDebugEnabled() ) + { + log.debug( "Skipping repository '" + managedRepository + "' for user '" + + activePrincipal + "': " + e.getMessage() ); + } + } } } } - - File mergedRepoDir = indexMerger.buildMergedIndex( authzRepos, true ); - mergedRepositoryContents.add( mergedRepoDir ); - - } - catch ( RepositoryAdminException e ) - { - throw new DavException( 500, e ); - } - catch ( IndexMergerException e ) - { - throw new DavException( 500, e ); } - } } else @@ -1202,6 +1180,39 @@ public class ArchivaDavResourceFactory } } + protected File buildMergedIndexDirectory( List repositories, String activePrincipal, + DavServletRequest request ) + throws RepositoryAdminException, IndexMergerException + { + + Set authzRepos = new HashSet(); + for ( String repository : repositories ) + { + try + { + if ( servletAuth.isAuthorized( activePrincipal, repository, + WebdavMethodUtil.getMethodPermission( request.getMethod() ) ) ) + { + authzRepos.add( repository ); + authzRepos.addAll( this.repositorySearch.getRemoteIndexingContextIds( repository ) ); + } + } + catch ( UnauthorizedException e ) + { + // TODO: review exception handling + if ( log.isDebugEnabled() ) + { + log.debug( "Skipping repository '" + repository + "' for user '" + activePrincipal + "': " + + e.getMessage() ); + } + } + } + + File mergedRepoDir = indexMerger.buildMergedIndex( authzRepos, true ); + return mergedRepoDir; + } + + public void setServletAuth( ServletAuthenticator servletAuth ) { this.servletAuth = servletAuth;