From de3eb83242b42d75546670e8859cdb1f59fe4fa6 Mon Sep 17 00:00:00 2001
From: Martin Stockhammer <m.stockhammer@web.de>
Date: Wed, 14 Sep 2016 21:49:30 +0200
Subject: [PATCH] Adding restricted view for user managable repositories

Adds additional rest method to list the repositories where the user
has manage permissions.
Restricts the view for uploads to only managable repositories.
---
 .../archiva/rest/api/services/BrowseService.java   | 10 ++++++++++
 .../rest/services/DefaultBrowseService.java        | 13 +++++++++++++
 .../archiva/security/DefaultUserRepositories.java  |  5 +++++
 .../apache/archiva/security/UserRepositories.java  | 14 ++++++++++++++
 .../archiva/security/UserRepositoriesStub.java     |  5 +++++
 .../main/webapp/js/archiva/artifacts-management.js |  2 +-
 6 files changed, 48 insertions(+), 1 deletion(-)

diff --git a/archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/main/java/org/apache/archiva/rest/api/services/BrowseService.java b/archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/main/java/org/apache/archiva/rest/api/services/BrowseService.java
index 777d15d90..cdb99eb38 100644
--- a/archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/main/java/org/apache/archiva/rest/api/services/BrowseService.java
+++ b/archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/main/java/org/apache/archiva/rest/api/services/BrowseService.java
@@ -101,6 +101,16 @@ public interface BrowseService
     List<ManagedRepository> getUserRepositories()
         throws ArchivaRestServiceException;
 
+    /**
+     * @return List of repositories current user can manage
+     */
+    @Path("userManagableRepositories")
+    @GET
+    @Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
+    @RedbackAuthorization(noPermission = true, noRestriction = true)
+    List<ManagedRepository> getUserManagableRepositories()
+            throws ArchivaRestServiceException;
+
     /**
      * return the dependency Tree for an artifacts
      * <b>the List result has only one entry</b>
diff --git a/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/java/org/apache/archiva/rest/services/DefaultBrowseService.java b/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/java/org/apache/archiva/rest/services/DefaultBrowseService.java
index 5e5a4654b..682c367bb 100644
--- a/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/java/org/apache/archiva/rest/services/DefaultBrowseService.java
+++ b/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/java/org/apache/archiva/rest/services/DefaultBrowseService.java
@@ -507,6 +507,19 @@ public class DefaultBrowseService
         }
     }
 
+    @Override
+    public List<ManagedRepository> getUserManagableRepositories() throws ArchivaRestServiceException {
+        try
+        {
+            return userRepositories.getManagableRepositories( getPrincipal() );
+        }
+        catch ( ArchivaSecurityException e )
+        {
+            throw new ArchivaRestServiceException( "repositories.read.managable.error",
+                    Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(), e );
+        }
+    }
+
     @Override
     public List<Artifact> getDependees( String groupId, String artifactId, String version, String repositoryId )
         throws ArchivaRestServiceException
diff --git a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/DefaultUserRepositories.java b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/DefaultUserRepositories.java
index 91ff5ea07..4679bc733 100644
--- a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/DefaultUserRepositories.java
+++ b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/DefaultUserRepositories.java
@@ -99,6 +99,11 @@ public class DefaultUserRepositories
         return getAccessibleRepositories( principal, ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS );
     }
 
+    @Override
+    public List<ManagedRepository> getManagableRepositories(String principal) throws ArchivaSecurityException, AccessDeniedException, PrincipalNotFoundException {
+        return getAccessibleRepositories( principal, ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD );
+    }
+
     private List<ManagedRepository> getAccessibleRepositories( String principal, String operation )
         throws ArchivaSecurityException, AccessDeniedException, PrincipalNotFoundException
     {
diff --git a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/UserRepositories.java b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/UserRepositories.java
index 6e3881218..493eeced7 100644
--- a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/UserRepositories.java
+++ b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/UserRepositories.java
@@ -98,5 +98,19 @@ public interface UserRepositories
      */
     List<ManagedRepository> getAccessibleRepositories( String principal )
             throws ArchivaSecurityException, AccessDeniedException, PrincipalNotFoundException;
+
+    /**
+     *
+     * Returns a list of repositories for which the user has the manager role.
+     *
+     * @param principal
+     * @since 2.2.2
+     * @return
+     * @throws ArchivaSecurityException
+     * @throws AccessDeniedException
+     * @throws PrincipalNotFoundException
+     */
+    List<ManagedRepository> getManagableRepositories( String principal )
+            throws ArchivaSecurityException, AccessDeniedException, PrincipalNotFoundException;
     
 }
diff --git a/archiva-modules/archiva-web/archiva-web-common/src/test/java/org/apache/archiva/security/UserRepositoriesStub.java b/archiva-modules/archiva-web/archiva-web-common/src/test/java/org/apache/archiva/security/UserRepositoriesStub.java
index 485d4a718..3cd2dad11 100644
--- a/archiva-modules/archiva-web/archiva-web-common/src/test/java/org/apache/archiva/security/UserRepositoriesStub.java
+++ b/archiva-modules/archiva-web/archiva-web-common/src/test/java/org/apache/archiva/security/UserRepositoriesStub.java
@@ -88,4 +88,9 @@ public class UserRepositoriesStub
     {
         return Collections.emptyList();
     }
+
+    @Override
+    public List<ManagedRepository> getManagableRepositories(String principal) throws ArchivaSecurityException, AccessDeniedException, PrincipalNotFoundException {
+        return Collections.emptyList();
+    }
 }
diff --git a/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/artifacts-management.js b/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/artifacts-management.js
index e87ec5691..aa96a8339 100644
--- a/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/artifacts-management.js
+++ b/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/artifacts-management.js
@@ -86,7 +86,7 @@ define("archiva.artifacts-management",["jquery","i18n","utils","jquery.tmpl","kn
         dataType: 'json',
         success: function(data) {
           mainContent.html($("#file-upload-screen").html());
-          $.ajax("restServices/archivaServices/browseService/userRepositories", {
+          $.ajax("restServices/archivaServices/browseService/userManagableRepositories", {
               type: "GET",
               dataType: 'json',
               success: function(data) {
-- 
2.39.5