From 588e0208d073a2e9fa8d0c274a618a3e4f532065 Mon Sep 17 00:00:00 2001 From: "Maria Odea B. Ching" Date: Thu, 4 Sep 2008 04:17:44 +0000 Subject: [PATCH] merged -r691581 (MRM-915 and MRM-926: get the default guest users from redback config files instead of the hardcoded constant value) from trunk git-svn-id: https://svn.apache.org/repos/asf/archiva/branches@691868 13f79535-47bb-0310-9956-ffa450edef68 --- .../archiva/security/ArchivaXworkUser.java | 34 +++++++++++++++---- .../archiva/web/action/BrowseAction.java | 7 +++- .../archiva/web/action/SearchAction.java | 7 +++- .../web/action/ShowArtifactAction.java | 7 +++- .../archiva/web/action/UploadAction.java | 7 +++- .../maven/archiva/web/rss/RssFeedServlet.java | 8 +++-- .../archiva/webdav/ArchivaDavResource.java | 11 +++--- .../webdav/ArchivaDavResourceFactory.java | 21 +++++++----- .../maven/archiva/webdav/DavResourceTest.java | 11 +++--- .../archiva/webdav/RepositoryServletTest.xml | 4 +++ 10 files changed, 88 insertions(+), 29 deletions(-) diff --git a/archiva-1.1.x/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaXworkUser.java b/archiva-1.1.x/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaXworkUser.java index 4189392e6..4c07a0cf4 100644 --- a/archiva-1.1.x/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaXworkUser.java +++ b/archiva-1.1.x/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaXworkUser.java @@ -19,27 +19,38 @@ package org.apache.maven.archiva.security; * under the License. */ -import java.util.HashMap; import java.util.Map; import org.apache.maven.archiva.security.ArchivaRoleConstants; import org.codehaus.plexus.redback.system.SecuritySession; import org.codehaus.plexus.redback.system.SecuritySystemConstants; import org.codehaus.plexus.redback.users.User; +import org.codehaus.plexus.registry.Registry; /** * ArchivaXworkUser * * @author Joakim Erdfelt * @version $Id$ + * + * @plexus.component role="org.apache.maven.archiva.security.ArchivaXworkUser" */ public class ArchivaXworkUser { - public static String getActivePrincipal( Map sessionMap ) - { + /** + * @plexus.requirement role-hint="commons-configuration" + */ + private Registry registry; + + private static final String KEY = "org.codehaus.plexus.redback"; + + private static String guest; + + public String getActivePrincipal( Map sessionMap ) + { if ( sessionMap == null ) { - return ArchivaRoleConstants.PRINCIPAL_GUEST; + return getGuest(); } SecuritySession securitySession = @@ -52,15 +63,26 @@ public class ArchivaXworkUser if ( securitySession == null ) { - return ArchivaRoleConstants.PRINCIPAL_GUEST; + return getGuest(); } User user = securitySession.getUser(); if ( user == null ) { - return ArchivaRoleConstants.PRINCIPAL_GUEST; + return getGuest(); } return (String) user.getPrincipal(); + } + + public String getGuest() + { + if( guest == null || "".equals( guest ) ) + { + Registry subset = registry.getSubset( KEY ); + guest = subset.getString( "redback.default.guest", ArchivaRoleConstants.PRINCIPAL_GUEST ); + } + + return guest; } } diff --git a/archiva-1.1.x/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/BrowseAction.java b/archiva-1.1.x/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/BrowseAction.java index 7dee82270..92b4c8c91 100644 --- a/archiva-1.1.x/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/BrowseAction.java +++ b/archiva-1.1.x/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/BrowseAction.java @@ -52,6 +52,11 @@ public class BrowseAction */ private UserRepositories userRepositories; + /** + * @plexus.requirement + */ + private ArchivaXworkUser archivaXworkUser; + private BrowsingResults results; private String groupId; @@ -121,7 +126,7 @@ public class BrowseAction private String getPrincipal() { - return ArchivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() ); + return archivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() ); } private List getObservableRepos() diff --git a/archiva-1.1.x/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/SearchAction.java b/archiva-1.1.x/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/SearchAction.java index 39c3bb361..795d3712c 100644 --- a/archiva-1.1.x/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/SearchAction.java +++ b/archiva-1.1.x/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/SearchAction.java @@ -75,6 +75,11 @@ public class SearchAction */ private UserRepositories userRepositories; + /** + * @plexus.requirement + */ + private ArchivaXworkUser archivaXworkUser; + private static final String RESULTS = "results"; private static final String ARTIFACT = "artifact"; @@ -195,7 +200,7 @@ public class SearchAction private String getPrincipal() { - return ArchivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() ); + return archivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() ); } private List getObservableRepos() diff --git a/archiva-1.1.x/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/ShowArtifactAction.java b/archiva-1.1.x/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/ShowArtifactAction.java index 97dca610e..a402515c3 100644 --- a/archiva-1.1.x/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/ShowArtifactAction.java +++ b/archiva-1.1.x/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/ShowArtifactAction.java @@ -59,6 +59,11 @@ public class ShowArtifactAction * @plexus.requirement */ private UserRepositories userRepositories; + + /** + * @plexus.requirement + */ + private ArchivaXworkUser archivaXworkUser; /* .\ Input Parameters \.________________________________________ */ @@ -179,7 +184,7 @@ public class ShowArtifactAction private String getPrincipal() { - return ArchivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() ); + return archivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() ); } private List getObservableRepos() diff --git a/archiva-1.1.x/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/UploadAction.java b/archiva-1.1.x/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/UploadAction.java index c539f1962..cb8bcfe48 100644 --- a/archiva-1.1.x/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/UploadAction.java +++ b/archiva-1.1.x/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/UploadAction.java @@ -86,6 +86,11 @@ public class UploadAction * @plexus.requirement */ private RepositoryContentConsumers consumers; + + /** + * @plexus.requirement + */ + private ArchivaXworkUser archivaXworkUser; /** * The groupId of the artifact to be deployed. @@ -456,7 +461,7 @@ public class UploadAction private String getPrincipal() { - return ArchivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() ); + return archivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() ); } private void copyFile( File sourceFile, File targetPath, String targetFilename ) diff --git a/archiva-1.1.x/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/rss/RssFeedServlet.java b/archiva-1.1.x/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/rss/RssFeedServlet.java index 82c1a6348..89570523a 100644 --- a/archiva-1.1.x/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/rss/RssFeedServlet.java +++ b/archiva-1.1.x/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/rss/RssFeedServlet.java @@ -40,6 +40,7 @@ import org.apache.maven.archiva.database.ArchivaDatabaseException; import org.apache.maven.archiva.security.AccessDeniedException; import org.apache.maven.archiva.security.ArchivaRoleConstants; import org.apache.maven.archiva.security.ArchivaSecurityException; +import org.apache.maven.archiva.security.ArchivaXworkUser; import org.apache.maven.archiva.security.PrincipalNotFoundException; import org.apache.maven.archiva.security.ServletAuthenticator; import org.apache.maven.archiva.security.UserRepositories; @@ -90,6 +91,8 @@ public class RssFeedServlet private ServletAuthenticator servletAuth; private HttpAuthenticator httpAuth; + + private ArchivaXworkUser archivaXworkUser; public void init( javax.servlet.ServletConfig servletConfig ) throws ServletException @@ -102,6 +105,7 @@ public class RssFeedServlet (ServletAuthenticator) wac.getBean( PlexusToSpringUtils.buildSpringId( ServletAuthenticator.class.getName() ) ); httpAuth = (HttpAuthenticator) wac.getBean( PlexusToSpringUtils.buildSpringId( HttpAuthenticator.ROLE, "basic" ) ); + archivaXworkUser = (ArchivaXworkUser) wac.getBean( PlexusToSpringUtils.buildSpringId( ArchivaXworkUser.class ) ); } public void doGet( HttpServletRequest req, HttpServletResponse res ) @@ -269,7 +273,7 @@ public class RssFeedServlet if ( usernamePassword == null || usernamePassword.trim().equals( "" ) ) { - repoIds = getObservableRepos( ArchivaRoleConstants.PRINCIPAL_GUEST ); + repoIds = getObservableRepos( archivaXworkUser.getGuest() ); } else { @@ -279,7 +283,7 @@ public class RssFeedServlet } else { - repoIds = getObservableRepos( ArchivaRoleConstants.PRINCIPAL_GUEST ); + repoIds = getObservableRepos( archivaXworkUser.getGuest() ); } } else diff --git a/archiva-1.1.x/archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/maven/archiva/webdav/ArchivaDavResource.java b/archiva-1.1.x/archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/maven/archiva/webdav/ArchivaDavResource.java index 0472b7f68..fb47038b3 100644 --- a/archiva-1.1.x/archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/maven/archiva/webdav/ArchivaDavResource.java +++ b/archiva-1.1.x/archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/maven/archiva/webdav/ArchivaDavResource.java @@ -97,17 +97,20 @@ public class ArchivaDavResource private final MimeTypes mimeTypes; private List auditListeners; + + private ArchivaXworkUser archivaXworkUser; public ArchivaDavResource( String localResource, String logicalResource, ManagedRepositoryConfiguration repository, DavSession session, ArchivaDavResourceLocator locator, DavResourceFactory factory, MimeTypes mimeTypes, List auditListeners, - RepositoryContentConsumers consumers ) + RepositoryContentConsumers consumers, ArchivaXworkUser archivaXworkUser ) { this.localResource = new File( localResource ); this.logicalResource = logicalResource; this.locator = locator; this.factory = factory; this.session = session; + this.archivaXworkUser = archivaXworkUser; // TODO: push into locator as well as moving any references out of the resource factory this.repository = repository; @@ -121,10 +124,10 @@ public class ArchivaDavResource public ArchivaDavResource( String localResource, String logicalResource, ManagedRepositoryConfiguration repository, String remoteAddr, DavSession session, ArchivaDavResourceLocator locator, DavResourceFactory factory, MimeTypes mimeTypes, List auditListeners, - RepositoryContentConsumers consumers ) + RepositoryContentConsumers consumers, ArchivaXworkUser archivaXworkUser ) { this( localResource, logicalResource, repository, session, locator, factory, mimeTypes, auditListeners, - consumers ); + consumers, archivaXworkUser ); this.remoteAddr = remoteAddr; } @@ -614,7 +617,7 @@ public class ArchivaDavResource private void triggerAuditEvent( String remoteIP, String repositoryId, String resource, String action ) { - String activePrincipal = ArchivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() ); + String activePrincipal = archivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() ); AuditEvent event = new AuditEvent( repositoryId, activePrincipal, resource, action ); event.setRemoteIP( remoteIP ); diff --git a/archiva-1.1.x/archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/maven/archiva/webdav/ArchivaDavResourceFactory.java b/archiva-1.1.x/archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/maven/archiva/webdav/ArchivaDavResourceFactory.java index 0e8277359..c959cc059 100644 --- a/archiva-1.1.x/archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/maven/archiva/webdav/ArchivaDavResourceFactory.java +++ b/archiva-1.1.x/archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/maven/archiva/webdav/ArchivaDavResourceFactory.java @@ -174,6 +174,11 @@ public class ArchivaDavResourceFactory * @plexus.requirement role-hint="md5"; */ private Digester digestMd5; + + /** + * @plexus.requirement + */ + private ArchivaXworkUser archivaXworkUser; public DavResource createResource( final DavResourceLocator locator, final DavServletRequest request, final DavServletResponse response ) @@ -317,7 +322,7 @@ public class ArchivaDavResourceFactory ArchivaDavResource metadataChecksumResource = new ArchivaDavResource( metadataChecksum.getAbsolutePath(), logicalResource.getPath(), null, request.getRemoteAddr(), request.getDavSession(), archivaLocator, this, - mimeTypes, auditListeners, consumers ); + mimeTypes, auditListeners, consumers, archivaXworkUser ); availableResources.add( 0, metadataChecksumResource ); } } @@ -349,7 +354,7 @@ public class ArchivaDavResourceFactory ArchivaDavResource metadataResource = new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource.getPath(), null, request.getRemoteAddr(), request.getDavSession(), archivaLocator, this, - mimeTypes, auditListeners, consumers ); + mimeTypes, auditListeners, consumers, archivaXworkUser ); availableResources.add( 0, metadataResource ); } catch ( RepositoryMetadataException r ) @@ -398,7 +403,7 @@ public class ArchivaDavResourceFactory resource = new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource, managedRepository.getRepository(), davSession, archivaLocator, this, mimeTypes, - auditListeners, consumers ); + auditListeners, consumers, archivaXworkUser ); } resource.addLockManager(lockManager); return resource; @@ -423,7 +428,7 @@ public class ArchivaDavResourceFactory ArchivaDavResource resource = new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource.getPath(), managedRepository.getRepository(), request.getRemoteAddr(), - request.getDavSession(), locator, this, mimeTypes, auditListeners, consumers ); + request.getDavSession(), locator, this, mimeTypes, auditListeners, consumers, archivaXworkUser ); if ( !resource.isCollection() ) { @@ -468,7 +473,7 @@ public class ArchivaDavResourceFactory new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource.getPath(), managedRepository.getRepository(), request.getRemoteAddr(), request.getDavSession(), locator, this, mimeTypes, auditListeners, - consumers ); + consumers, archivaXworkUser ); } } return resource; @@ -497,7 +502,7 @@ public class ArchivaDavResourceFactory return new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource.getPath(), managedRepository.getRepository(), request.getRemoteAddr(), - request.getDavSession(), locator, this, mimeTypes, auditListeners, consumers ); + request.getDavSession(), locator, this, mimeTypes, auditListeners, consumers, archivaXworkUser ); } private boolean fetchContentFromProxies( ManagedRepositoryContent managedRepository, DavServletRequest request, @@ -661,7 +666,7 @@ public class ArchivaDavResourceFactory // TODO: remove? private void triggerAuditEvent( String remoteIP, String repositoryId, String resource, String action ) { - String activePrincipal = ArchivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() ); + String activePrincipal = archivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() ); AuditEvent event = new AuditEvent( repositoryId, activePrincipal, resource, action ); event.setRemoteIP( remoteIP ); @@ -808,7 +813,7 @@ public class ArchivaDavResourceFactory request.getSession().getAttribute( SecuritySystemConstants.SECURITY_SESSION_KEY ) ); } - String activePrincipal = ArchivaXworkUser.getActivePrincipal( sessionMap ); + String activePrincipal = archivaXworkUser.getActivePrincipal( sessionMap ); boolean allow = isAllowedToContinue( request, repositories, activePrincipal ); if( allow ) diff --git a/archiva-1.1.x/archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/maven/archiva/webdav/DavResourceTest.java b/archiva-1.1.x/archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/maven/archiva/webdav/DavResourceTest.java index cbbc8f589..b53007004 100644 --- a/archiva-1.1.x/archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/maven/archiva/webdav/DavResourceTest.java +++ b/archiva-1.1.x/archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/maven/archiva/webdav/DavResourceTest.java @@ -20,7 +20,6 @@ package org.apache.maven.archiva.webdav; */ import java.io.File; -import java.util.List; import org.apache.commons.io.FileUtils; import org.apache.jackrabbit.webdav.DavException; @@ -37,12 +36,11 @@ import org.apache.jackrabbit.webdav.lock.Scope; import org.apache.jackrabbit.webdav.lock.SimpleLockManager; import org.apache.jackrabbit.webdav.lock.Type; import org.apache.maven.archiva.configuration.ManagedRepositoryConfiguration; -import org.apache.maven.archiva.repository.audit.AuditListener; import org.apache.maven.archiva.repository.scanner.RepositoryContentConsumers; +import org.apache.maven.archiva.security.ArchivaXworkUser; import org.apache.maven.archiva.webdav.util.MimeTypes; import org.codehaus.plexus.spring.PlexusInSpringTestCase; import org.codehaus.plexus.spring.PlexusToSpringUtils; -import org.easymock.MockControl; import edu.emory.mathcs.backport.java.util.Collections; @@ -69,6 +67,8 @@ public class DavResourceTest extends PlexusInSpringTestCase private RepositoryContentConsumers consumers; private ManagedRepositoryConfiguration repository = new ManagedRepositoryConfiguration(); + + private ArchivaXworkUser archivaXworkUser; @Override protected void setUp() @@ -87,6 +87,7 @@ public class DavResourceTest extends PlexusInSpringTestCase lockManager = new SimpleLockManager(); resource.addLockManager(lockManager); consumers = new RepositoryContentConsumers(); + archivaXworkUser = (ArchivaXworkUser) getApplicationContext().getBean( PlexusToSpringUtils.buildSpringId( ArchivaXworkUser.class ) ); } @Override @@ -101,7 +102,7 @@ public class DavResourceTest extends PlexusInSpringTestCase private DavResource getDavResource(String logicalPath, File file) { return new ArchivaDavResource( file.getAbsolutePath(), logicalPath, repository, session, resourceLocator, - resourceFactory, mimeTypes, Collections.emptyList(), consumers ); + resourceFactory, mimeTypes, Collections.emptyList(), consumers, archivaXworkUser ); } public void testDeleteNonExistantResourceShould404() @@ -302,7 +303,7 @@ public class DavResourceTest extends PlexusInSpringTestCase public DavResource createResource(DavResourceLocator locator, DavSession session) throws DavException { return new ArchivaDavResource( baseDir.getAbsolutePath(), "/", repository, session, resourceLocator, - resourceFactory, mimeTypes, Collections.emptyList(), consumers ); + resourceFactory, mimeTypes, Collections.emptyList(), consumers, archivaXworkUser ); } } } diff --git a/archiva-1.1.x/archiva-modules/archiva-web/archiva-webdav/src/test/resources/org/apache/maven/archiva/webdav/RepositoryServletTest.xml b/archiva-1.1.x/archiva-modules/archiva-web/archiva-webdav/src/test/resources/org/apache/maven/archiva/webdav/RepositoryServletTest.xml index 83fd2a4e6..c691ee037 100644 --- a/archiva-1.1.x/archiva-modules/archiva-web/archiva-webdav/src/test/resources/org/apache/maven/archiva/webdav/RepositoryServletTest.xml +++ b/archiva-1.1.x/archiva-modules/archiva-web/archiva-webdav/src/test/resources/org/apache/maven/archiva/webdav/RepositoryServletTest.xml @@ -165,6 +165,10 @@ org.codehaus.plexus.digest.Digester md5 digestMd5 + + + org.apache.maven.archiva.security.ArchivaXworkUser + archivaXworkUser -- 2.39.5