Adding restricted view for user managable repositories

Adds additional rest method to list the repositories where the user has manage permissions. Restricts the view for uploads to only managable repositories.
author: Martin Stockhammer <m.stockhammer@web.de> 2016-09-14 21:49:30 +0200
committer: Martin Stockhammer <m.stockhammer@web.de> 2016-09-14 21:49:30 +0200
commit: de3eb83242b42d75546670e8859cdb1f59fe4fa6 (patch)
tree: 047a0d2cebc7262b765a4e09eb7fc665d3948241
parent: d01764bed989abc53c20cb79723e59ae390f454a (diff)
download: archiva-de3eb83242b42d75546670e8859cdb1f59fe4fa6.tar.gz
archiva-de3eb83242b42d75546670e8859cdb1f59fe4fa6.zip
6 files changed, 48 insertions, 1 deletions
diff --git a/archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/main/java/org/apache/archiva/rest/api/services/BrowseService.java b/archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/main/java/org/apache/archiva/rest/api/services/BrowseService.java
index 777d15d90..cdb99eb38 100644
--- a/archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/main/java/org/apache/archiva/rest/api/services/BrowseService.java
+++ b/archiva-modules/archiva-web/archiva-rest/archiva-rest-api/src/main/java/org/apache/archiva/rest/api/services/BrowseService.java
@@ -102,6 +102,16 @@ public interface BrowseService
         throws ArchivaRestServiceException;
 
     /**
+     * @return List of repositories current user can manage
+     */
+    @Path("userManagableRepositories")
+    @GET
+    @Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
+    @RedbackAuthorization(noPermission = true, noRestriction = true)
+    List<ManagedRepository> getUserManagableRepositories()
+            throws ArchivaRestServiceException;
+
+    /**
      * return the dependency Tree for an artifacts
      * <b>the List result has only one entry</b>
      */
diff --git a/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/java/org/apache/archiva/rest/services/DefaultBrowseService.java b/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/java/org/apache/archiva/rest/services/DefaultBrowseService.java
index 5e5a4654b..682c367bb 100644
--- a/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/java/org/apache/archiva/rest/services/DefaultBrowseService.java
+++ b/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/java/org/apache/archiva/rest/services/DefaultBrowseService.java
@@ -508,6 +508,19 @@ public class DefaultBrowseService
     }
 
     @Override
+    public List<ManagedRepository> getUserManagableRepositories() throws ArchivaRestServiceException {
+        try
+        {
+            return userRepositories.getManagableRepositories( getPrincipal() );
+        }
+        catch ( ArchivaSecurityException e )
+        {
+            throw new ArchivaRestServiceException( "repositories.read.managable.error",
+                    Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(), e );
+        }
+    }
+
+    @Override
     public List<Artifact> getDependees( String groupId, String artifactId, String version, String repositoryId )
         throws ArchivaRestServiceException
     {
diff --git a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/DefaultUserRepositories.java b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/DefaultUserRepositories.java
index 91ff5ea07..4679bc733 100644
--- a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/DefaultUserRepositories.java
+++ b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/DefaultUserRepositories.java
@@ -99,6 +99,11 @@ public class DefaultUserRepositories
         return getAccessibleRepositories( principal, ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS );
     }
 
+    @Override
+    public List<ManagedRepository> getManagableRepositories(String principal) throws ArchivaSecurityException, AccessDeniedException, PrincipalNotFoundException {
+        return getAccessibleRepositories( principal, ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD );
+    }
+
     private List<ManagedRepository> getAccessibleRepositories( String principal, String operation )
         throws ArchivaSecurityException, AccessDeniedException, PrincipalNotFoundException
     {
diff --git a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/UserRepositories.java b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/UserRepositories.java
index 6e3881218..493eeced7 100644
--- a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/UserRepositories.java
+++ b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/archiva/security/UserRepositories.java
@@ -98,5 +98,19 @@ public interface UserRepositories
      */
     List<ManagedRepository> getAccessibleRepositories( String principal )
             throws ArchivaSecurityException, AccessDeniedException, PrincipalNotFoundException;
+
+    /**
+     *
+     * Returns a list of repositories for which the user has the manager role.
+     *
+     * @param principal
+     * @since 2.2.2
+     * @return
+     * @throws ArchivaSecurityException
+     * @throws AccessDeniedException
+     * @throws PrincipalNotFoundException
+     */
+    List<ManagedRepository> getManagableRepositories( String principal )
+            throws ArchivaSecurityException, AccessDeniedException, PrincipalNotFoundException;
     
 }
diff --git a/archiva-modules/archiva-web/archiva-web-common/src/test/java/org/apache/archiva/security/UserRepositoriesStub.java b/archiva-modules/archiva-web/archiva-web-common/src/test/java/org/apache/archiva/security/UserRepositoriesStub.java
index 485d4a718..3cd2dad11 100644
--- a/archiva-modules/archiva-web/archiva-web-common/src/test/java/org/apache/archiva/security/UserRepositoriesStub.java
+++ b/archiva-modules/archiva-web/archiva-web-common/src/test/java/org/apache/archiva/security/UserRepositoriesStub.java
@@ -88,4 +88,9 @@ public class UserRepositoriesStub
     {
         return Collections.emptyList();
     }
+
+    @Override
+    public List<ManagedRepository> getManagableRepositories(String principal) throws ArchivaSecurityException, AccessDeniedException, PrincipalNotFoundException {
+        return Collections.emptyList();
+    }
 }
diff --git a/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/artifacts-management.js b/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/artifacts-management.js
index e87ec5691..aa96a8339 100644
--- a/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/artifacts-management.js
+++ b/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/artifacts-management.js
@@ -86,7 +86,7 @@ define("archiva.artifacts-management",["jquery","i18n","utils","jquery.tmpl","kn
         dataType: 'json',
         success: function(data) {
           mainContent.html($("#file-upload-screen").html());
-          $.ajax("restServices/archivaServices/browseService/userRepositories", {
+          $.ajax("restServices/archivaServices/browseService/userManagableRepositories", {
               type: "GET",
               dataType: 'json',
               success: function(data) {
author	Martin Stockhammer <m.stockhammer@web.de>	2016-09-14 21:49:30 +0200
committer	Martin Stockhammer <m.stockhammer@web.de>	2016-09-14 21:49:30 +0200
commit	de3eb83242b42d75546670e8859cdb1f59fe4fa6 (patch)
tree	047a0d2cebc7262b765a4e09eb7fc665d3948241
parent	d01764bed989abc53c20cb79723e59ae390f454a (diff)
download	archiva-de3eb83242b42d75546670e8859cdb1f59fe4fa6.tar.gz archiva-de3eb83242b42d75546670e8859cdb1f59fe4fa6.zip