From 659fa128b8f90629e383a55e9bb8e0ab76dcb6da Mon Sep 17 00:00:00 2001 From: Olivier Lamy Date: Thu, 21 Feb 2013 14:36:05 +0000 Subject: [PATCH] really chain of rbac manager git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@1448652 13f79535-47bb-0310-9956-ffa450edef68 --- ...ultRedbackRuntimeConfigurationService.java | 5 + .../web/security/ArchivaRbacManager.java | 560 ++++++++++++++++-- 2 files changed, 530 insertions(+), 35 deletions(-) diff --git a/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/java/org/apache/archiva/rest/services/DefaultRedbackRuntimeConfigurationService.java b/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/java/org/apache/archiva/rest/services/DefaultRedbackRuntimeConfigurationService.java index 9bb8bffd4..5c4368e62 100644 --- a/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/java/org/apache/archiva/rest/services/DefaultRedbackRuntimeConfigurationService.java +++ b/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/java/org/apache/archiva/rest/services/DefaultRedbackRuntimeConfigurationService.java @@ -33,6 +33,7 @@ import org.apache.archiva.redback.components.cache.Cache; import org.apache.archiva.redback.policy.CookieSettings; import org.apache.archiva.redback.policy.PasswordRule; import org.apache.archiva.redback.rbac.RBACManager; +import org.apache.archiva.redback.role.RoleManager; import org.apache.archiva.redback.users.UserManager; import org.apache.archiva.rest.api.model.RBACManagerImplementationInformation; import org.apache.archiva.rest.api.model.RedbackImplementationsInformations; @@ -74,6 +75,9 @@ public class DefaultRedbackRuntimeConfigurationService @Named( value = "rbacManager#default" ) private RBACManager rbacManager; + @Inject + private RoleManager roleManager; + @Inject private ApplicationContext applicationContext; @@ -136,6 +140,7 @@ public class DefaultRedbackRuntimeConfigurationService log.info( "rbac manager changed to {} so reload it", redbackRuntimeConfiguration.getRbacManagerImpls() ); rbacManager.initialize(); + roleManager.initialize(); } ldapConnectionFactory.initialize(); diff --git a/archiva-modules/archiva-web/archiva-web-common/src/main/java/org/apache/archiva/web/security/ArchivaRbacManager.java b/archiva-modules/archiva-web/archiva-web-common/src/main/java/org/apache/archiva/web/security/ArchivaRbacManager.java index 84af9c165..f2e21d133 100644 --- a/archiva-modules/archiva-web/archiva-web-common/src/main/java/org/apache/archiva/web/security/ArchivaRbacManager.java +++ b/archiva-modules/archiva-web/archiva-web-common/src/main/java/org/apache/archiva/web/security/ArchivaRbacManager.java @@ -35,7 +35,9 @@ import org.springframework.context.ApplicationContext; import org.springframework.stereotype.Service; import javax.inject.Inject; +import java.util.ArrayList; import java.util.Collection; +import java.util.HashMap; import java.util.LinkedHashMap; import java.util.List; import java.util.Map; @@ -105,41 +107,130 @@ public class ArchivaRbacManager public Role saveRole( Role role ) throws RbacObjectInvalidException, RbacManagerException { - return getRbacManagerForWrite().saveRole( role ); + Exception lastException = null; + boolean allFailed = true; + for ( RBACManager rbacManager : rbacManagersPerId.values() ) + { + try + { + role = rbacManager.saveRole( role ); + allFailed = false; + } + catch ( Exception e ) + { + lastException = e; + } + } + if ( lastException != null && allFailed ) + { + throw new RbacManagerException( lastException.getMessage(), lastException ); + } + return role; } public void saveRoles( Collection roles ) throws RbacObjectInvalidException, RbacManagerException { - getRbacManagerForWrite().saveRoles( roles ); + Exception lastException = null; + boolean allFailed = true; + for ( RBACManager rbacManager : rbacManagersPerId.values() ) + { + try + { + rbacManager.saveRoles( roles ); + allFailed = false; + } + catch ( Exception e ) + { + lastException = e; + } + } + if ( lastException != null && allFailed ) + { + throw new RbacManagerException( lastException.getMessage(), lastException ); + } } public Role getRole( String roleName ) throws RbacObjectNotFoundException, RbacManagerException { + Exception lastException = null; for ( RBACManager rbacManager : rbacManagersPerId.values() ) { - Role role = rbacManager.getRole( roleName ); - if ( role != null ) + try + { + Role role = rbacManager.getRole( roleName ); + if ( role != null ) + { + return role; + } + } + catch ( Exception e ) { - return role; + lastException = e; } } log.debug( "cannot find role for name: ‘{}", roleName ); + if ( lastException != null ) + { + throw new RbacManagerException( lastException.getMessage(), lastException ); + } return null; } public List getAllRoles() throws RbacManagerException { - // iterate and aggregate results ? - return getRbacManagerForWrite().getAllRoles(); + Map allRoles = new HashMap(); + boolean allFailed = true; + Exception lastException = null; + for ( RBACManager rbacManager : rbacManagersPerId.values() ) + { + try + { + List roles = rbacManager.getAllRoles(); + for ( Role role : roles ) + { + allRoles.put( role.getName(), role ); + } + allFailed = false; + } + catch ( Exception e ) + { + lastException = e; + } + } + + if ( lastException != null && allFailed ) + { + throw new RbacManagerException( lastException.getMessage(), lastException ); + } + + return new ArrayList( allRoles.values() ); } public void removeRole( Role role ) throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException { - getRbacManagerForWrite().removeRole( role ); + boolean allFailed = true; + Exception lastException = null; + for ( RBACManager rbacManager : rbacManagersPerId.values() ) + { + try + { + rbacManager.removeRole( role ); + allFailed = false; + } + catch ( Exception e ) + { + lastException = e; + } + } + + if ( lastException != null && allFailed ) + { + throw new RbacManagerException( lastException.getMessage(), lastException ); + } } public Permission createPermission( String name ) @@ -157,25 +248,108 @@ public class ArchivaRbacManager public Permission savePermission( Permission permission ) throws RbacObjectInvalidException, RbacManagerException { - return getRbacManagerForWrite().savePermission( permission ); + boolean allFailed = true; + Exception lastException = null; + for ( RBACManager rbacManager : rbacManagersPerId.values() ) + { + try + { + permission = rbacManager.savePermission( permission ); + allFailed = false; + } + catch ( Exception e ) + { + lastException = e; + } + } + + if ( lastException != null && allFailed ) + { + throw new RbacManagerException( lastException.getMessage(), lastException ); + } + + return permission; } public Permission getPermission( String permissionName ) throws RbacObjectNotFoundException, RbacManagerException { - return getRbacManagerForWrite().getPermission( permissionName ); + Exception lastException = null; + for ( RBACManager rbacManager : rbacManagersPerId.values() ) + { + try + { + Permission p = rbacManager.getPermission( permissionName ); + if ( p != null ) + { + return p; + } + } + catch ( Exception e ) + { + lastException = e; + } + } + + if ( lastException != null ) + { + throw new RbacManagerException( lastException.getMessage(), lastException ); + } + return null; } public List getAllPermissions() throws RbacManagerException { - return getRbacManagerForWrite().getAllPermissions(); + Map allPermissions = new HashMap(); + boolean allFailed = true; + Exception lastException = null; + for ( RBACManager rbacManager : rbacManagersPerId.values() ) + { + try + { + List permissions = rbacManager.getAllPermissions(); + for ( Permission p : permissions ) + { + allPermissions.put( p.getName(), p ); + } + allFailed = false; + } + catch ( Exception e ) + { + lastException = e; + } + } + + if ( lastException != null && allFailed ) + { + throw new RbacManagerException( lastException.getMessage(), lastException ); + } + return new ArrayList( allPermissions.values() ); } public void removePermission( Permission permission ) throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException { - getRbacManagerForWrite().removePermission( permission ); + boolean allFailed = true; + Exception lastException = null; + for ( RBACManager rbacManager : rbacManagersPerId.values() ) + { + try + { + rbacManager.removePermission( permission ); + allFailed = false; + } + catch ( Exception e ) + { + lastException = e; + } + } + + if ( lastException != null && allFailed ) + { + throw new RbacManagerException( lastException.getMessage(), lastException ); + } } public Operation createOperation( String name ) @@ -187,25 +361,107 @@ public class ArchivaRbacManager public Operation saveOperation( Operation operation ) throws RbacObjectInvalidException, RbacManagerException { - return getRbacManagerForWrite().saveOperation( operation ); + boolean allFailed = true; + Exception lastException = null; + for ( RBACManager rbacManager : rbacManagersPerId.values() ) + { + try + { + operation = rbacManager.saveOperation( operation ); + allFailed = false; + } + catch ( Exception e ) + { + lastException = e; + } + } + + if ( lastException != null && allFailed ) + { + throw new RbacManagerException( lastException.getMessage(), lastException ); + } + return operation; } public Operation getOperation( String operationName ) throws RbacObjectNotFoundException, RbacManagerException { - return getRbacManagerForWrite().getOperation( operationName ); + Exception lastException = null; + for ( RBACManager rbacManager : rbacManagersPerId.values() ) + { + try + { + Operation o = rbacManager.getOperation( operationName ); + if ( o != null ) + { + return o; + } + } + catch ( Exception e ) + { + lastException = e; + } + } + + if ( lastException != null ) + { + throw new RbacManagerException( lastException.getMessage(), lastException ); + } + return null; } public List getAllOperations() throws RbacManagerException { - return getRbacManagerForWrite().getAllOperations(); + Map allOperations = new HashMap(); + boolean allFailed = true; + Exception lastException = null; + for ( RBACManager rbacManager : rbacManagersPerId.values() ) + { + try + { + List operations = rbacManager.getAllOperations(); + for ( Operation o : operations ) + { + allOperations.put( o.getName(), o ); + } + allFailed = false; + } + catch ( Exception e ) + { + lastException = e; + } + } + + if ( lastException != null && allFailed ) + { + throw new RbacManagerException( lastException.getMessage(), lastException ); + } + return new ArrayList( allOperations.values() ); } public void removeOperation( Operation operation ) throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException { - getRbacManagerForWrite().removeOperation( operation ); + boolean allFailed = true; + Exception lastException = null; + for ( RBACManager rbacManager : rbacManagersPerId.values() ) + { + try + { + rbacManager.removeOperation( operation ); + allFailed = false; + } + catch ( Exception e ) + { + lastException = e; + } + } + + if ( lastException != null && allFailed ) + { + throw new RbacManagerException( lastException.getMessage(), lastException ); + } } public Resource createResource( String identifier ) @@ -217,25 +473,109 @@ public class ArchivaRbacManager public Resource saveResource( Resource resource ) throws RbacObjectInvalidException, RbacManagerException { - return getRbacManagerForWrite().saveResource( resource ); + boolean allFailed = true; + Exception lastException = null; + for ( RBACManager rbacManager : rbacManagersPerId.values() ) + { + try + { + resource = rbacManager.saveResource( resource ); + + allFailed = false; + } + catch ( Exception e ) + { + lastException = e; + } + } + + if ( lastException != null && allFailed ) + { + throw new RbacManagerException( lastException.getMessage(), lastException ); + } + return resource; } public Resource getResource( String resourceIdentifier ) throws RbacObjectNotFoundException, RbacManagerException { - return getRbacManagerForWrite().getResource( resourceIdentifier ); + + Exception lastException = null; + for ( RBACManager rbacManager : rbacManagersPerId.values() ) + { + try + { + Resource r = rbacManager.getResource( resourceIdentifier ); + if ( r != null ) + { + return r; + } + } + catch ( Exception e ) + { + lastException = e; + } + } + + if ( lastException != null ) + { + throw new RbacManagerException( lastException.getMessage(), lastException ); + } + return null; } public List getAllResources() throws RbacManagerException { - return getRbacManagerForWrite().getAllResources(); + Map allResources = new HashMap(); + boolean allFailed = true; + Exception lastException = null; + for ( RBACManager rbacManager : rbacManagersPerId.values() ) + { + try + { + List resources = rbacManager.getAllResources(); + for ( Resource r : resources ) + { + allResources.put( r.getIdentifier(), r ); + } + allFailed = false; + } + catch ( Exception e ) + { + lastException = e; + } + } + + if ( lastException != null && allFailed ) + { + throw new RbacManagerException( lastException.getMessage(), lastException ); + } + return new ArrayList( allResources.values() ); } public void removeResource( Resource resource ) throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException { - getRbacManagerForWrite().removeResource( resource ); + boolean allFailed = true; + Exception lastException = null; + for ( RBACManager rbacManager : rbacManagersPerId.values() ) + { + try + { + rbacManager.removeResource( resource ); + allFailed = false; + } + catch ( Exception e ) + { + lastException = e; + } + } + + if ( lastException != null && allFailed ) + { + throw new RbacManagerException( lastException.getMessage(), lastException ); + } } public UserAssignment createUserAssignment( String principal ) @@ -247,61 +587,211 @@ public class ArchivaRbacManager public UserAssignment saveUserAssignment( UserAssignment userAssignment ) throws RbacObjectInvalidException, RbacManagerException { - return getRbacManagerForWrite().saveUserAssignment( userAssignment ); + boolean allFailed = true; + Exception lastException = null; + for ( RBACManager rbacManager : rbacManagersPerId.values() ) + { + try + { + userAssignment = rbacManager.saveUserAssignment( userAssignment ); + allFailed = false; + } + catch ( Exception e ) + { + lastException = e; + } + } + + if ( lastException != null && allFailed ) + { + throw new RbacManagerException( lastException.getMessage(), lastException ); + } + return userAssignment; } public UserAssignment getUserAssignment( String principal ) throws RbacObjectNotFoundException, RbacManagerException { - return getRbacManagerForWrite().getUserAssignment( principal ); + + Exception lastException = null; + for ( RBACManager rbacManager : rbacManagersPerId.values() ) + { + try + { + UserAssignment ua = rbacManager.getUserAssignment( principal ); + if ( ua != null ) + { + return ua; + } + } + catch ( Exception e ) + { + lastException = e; + } + } + + if ( lastException != null ) + { + throw new RbacManagerException( lastException.getMessage(), lastException ); + } + return null; } @Override public boolean userAssignmentExists( String principal ) { - return getRbacManagerForWrite().userAssignmentExists( principal ); + + for ( RBACManager rbacManager : rbacManagersPerId.values() ) + { + try + { + boolean exists = rbacManager.userAssignmentExists( principal ); + if ( exists ) + { + return true; + } + } + catch ( Exception e ) + { + // no op + } + } + + return false; } @Override public boolean userAssignmentExists( UserAssignment assignment ) { - return getRbacManagerForWrite().userAssignmentExists( assignment ); + for ( RBACManager rbacManager : rbacManagersPerId.values() ) + { + try + { + boolean exists = rbacManager.userAssignmentExists( assignment ); + if ( exists ) + { + return true; + } + } + catch ( Exception e ) + { + // no op + } + } + + return false; } public List getAllUserAssignments() throws RbacManagerException { - // iterate - return getRbacManagerForWrite().getAllUserAssignments(); + Map allUserAssignments = new HashMap(); + boolean allFailed = true; + Exception lastException = null; + for ( RBACManager rbacManager : rbacManagersPerId.values() ) + { + try + { + List userAssignments = rbacManager.getAllUserAssignments(); + for ( UserAssignment ua : userAssignments ) + { + allUserAssignments.put( ua.getPrincipal(), ua ); + } + allFailed = false; + } + catch ( Exception e ) + { + lastException = e; + } + } + + if ( lastException != null && allFailed ) + { + throw new RbacManagerException( lastException.getMessage(), lastException ); + } + return new ArrayList( allUserAssignments.values() ); } public List getUserAssignmentsForRoles( Collection roleNames ) throws RbacManagerException { - // iterate ? - return getRbacManagerForWrite().getUserAssignmentsForRoles( roleNames ); + List allUserAssignments = new ArrayList(); + boolean allFailed = true; + Exception lastException = null; + for ( RBACManager rbacManager : rbacManagersPerId.values() ) + { + try + { + List userAssignments = rbacManager.getUserAssignmentsForRoles( roleNames ); + + allUserAssignments.addAll( userAssignments ); + + allFailed = false; + } + catch ( Exception e ) + { + lastException = e; + } + } + + if ( lastException != null && allFailed ) + { + throw new RbacManagerException( lastException.getMessage(), lastException ); + } + return allUserAssignments; } public void removeUserAssignment( UserAssignment userAssignment ) throws RbacObjectNotFoundException, RbacObjectInvalidException, RbacManagerException { - getRbacManagerForWrite().removeUserAssignment( userAssignment ); + boolean allFailed = true; + Exception lastException = null; + for ( RBACManager rbacManager : rbacManagersPerId.values() ) + { + try + { + rbacManager.removeUserAssignment( userAssignment ); + allFailed = false; + } + catch ( Exception e ) + { + lastException = e; + } + } + + if ( lastException != null && allFailed ) + { + throw new RbacManagerException( lastException.getMessage(), lastException ); + } } @Override public boolean roleExists( String name ) throws RbacManagerException { - boolean exists = false; - for ( RBACManager manager : rbacManagersPerId.values() ) + boolean allFailed = true; + Exception lastException = null; + for ( RBACManager rbacManager : rbacManagersPerId.values() ) { - exists = manager.roleExists( name ); - if ( exists ) + try + { + boolean exists = rbacManager.roleExists( name ); + if ( exists ) + { + return true; + } + } + catch ( Exception e ) { - return true; + lastException = e; } } - return exists; + + if ( lastException != null && allFailed ) + { + throw new RbacManagerException( lastException.getMessage(), lastException ); + } + return false; } @Override -- 2.39.5