diff options
author | Maria Odea B. Ching <oching@apache.org> | 2009-02-20 08:50:35 +0000 |
---|---|---|
committer | Maria Odea B. Ching <oching@apache.org> | 2009-02-20 08:50:35 +0000 |
commit | 0cecbab8be9eacccf01bb4dc096a643aaad45da5 (patch) | |
tree | 78dc90e579fc10afffeb5ab6a1772aadce2a7827 /archiva-modules/archiva-web/archiva-security | |
parent | 48e96d554fa626f031aa0cc88dfb0b15270eeb08 (diff) | |
download | archiva-0cecbab8be9eacccf01bb4dc096a643aaad45da5.tar.gz archiva-0cecbab8be9eacccf01bb4dc096a643aaad45da5.zip |
[MRM-913]
submitted by Jevica Arianne Zurbano
o patch does the following:
- deletes artifacts
- cleans up database
- executes scan to reflect changes when browsing repository
- updates metadata
- updates audit.log
- 'Delete Artifact' added in navigation and is displayed for users with repository manager role
- only allows manager of the repository to delete artifacts from it
o additional tweaks to the submitted patch:
- removed catch for NPE in DeleteArtifactAction
- migrated jsps & action class to struts 2
- moved invocation of cleanup consumers in DeleteArtifactAction to DatabaseConsumers (added new method for this in DatabaseConsumers)
- applied formatting
git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@746183 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'archiva-modules/archiva-web/archiva-security')
3 files changed, 76 insertions, 0 deletions
diff --git a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java index ca471b4b4..842a5e647 100644 --- a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java +++ b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java @@ -20,13 +20,19 @@ package org.apache.maven.archiva.security; */ import java.util.ArrayList; +import java.util.Collection; +import java.util.Iterator; import java.util.List; import org.apache.maven.archiva.configuration.ArchivaConfiguration; import org.apache.maven.archiva.configuration.ManagedRepositoryConfiguration; +import org.apache.maven.archiva.security.ArchivaRoleConstants; import org.codehaus.plexus.redback.authentication.AuthenticationResult; import org.codehaus.plexus.redback.authorization.AuthorizationException; import org.codehaus.plexus.redback.rbac.RBACManager; +import org.codehaus.plexus.redback.rbac.RbacObjectNotFoundException; +import org.codehaus.plexus.redback.rbac.RbacManagerException; +import org.codehaus.plexus.redback.rbac.Role; import org.codehaus.plexus.redback.role.RoleManager; import org.codehaus.plexus.redback.role.RoleManagerException; import org.codehaus.plexus.redback.system.DefaultSecuritySession; @@ -161,4 +167,47 @@ public class DefaultUserRepositories throw new ArchivaSecurityException( e.getMessage() ); } } + + public boolean isAuthorizedToDeleteArtifacts( String principal, String repoId ) + throws RbacManagerException, RbacObjectNotFoundException + { + boolean isAuthorized = false; + String delimiter = " - "; + + try + { + Collection roleList = rbacManager.getEffectivelyAssignedRoles( principal ); + + Iterator it = roleList.iterator(); + + while ( it.hasNext() ) + { + Role role = (Role) it.next(); + + String roleName = role.getName(); + + if ( roleName.startsWith( ArchivaRoleConstants.REPOSITORY_MANAGER_ROLE_PREFIX ) ) + { + int delimiterIndex = roleName.indexOf( delimiter ); + String resourceName = roleName.substring( delimiterIndex + delimiter.length() ); + + if ( resourceName.equals( repoId ) ) + { + isAuthorized = true; + break; + } + } + } + } + catch ( RbacObjectNotFoundException e ) + { + throw new RbacObjectNotFoundException( "Unable to find user " + principal + "" ); + } + catch ( RbacManagerException e ) + { + throw new RbacManagerException( "Unable to get roles for user " + principal + "" ); + } + + return isAuthorized; + } } diff --git a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/UserRepositories.java b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/UserRepositories.java index 3b6f68f34..9b3840ac6 100644 --- a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/UserRepositories.java +++ b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/UserRepositories.java @@ -19,6 +19,9 @@ package org.apache.maven.archiva.security; * under the License. */ +import org.codehaus.plexus.redback.rbac.RbacObjectNotFoundException; +import org.codehaus.plexus.redback.rbac.RbacManagerException; + import java.util.List; /** @@ -60,5 +63,17 @@ public interface UserRepositories */ public boolean isAuthorizedToUploadArtifacts( String principal, String repoId) throws PrincipalNotFoundException, ArchivaSecurityException; + + /** + * Check if user is authorized to delete artifacts in the repository. + * + * @param principal + * @param repoId + * @return + * @throws RbacManagerException + * @throws RbacObjectNotFoundException + */ + public boolean isAuthorizedToDeleteArtifacts( String principal, String repoId ) + throws RbacManagerException, RbacObjectNotFoundException; } diff --git a/archiva-modules/archiva-web/archiva-security/src/main/resources/META-INF/redback/redback.xml b/archiva-modules/archiva-web/archiva-security/src/main/resources/META-INF/redback/redback.xml index 4a12cb481..df72885d1 100644 --- a/archiva-modules/archiva-web/archiva-security/src/main/resources/META-INF/redback/redback.xml +++ b/archiva-modules/archiva-web/archiva-security/src/main/resources/META-INF/redback/redback.xml @@ -25,6 +25,11 @@ <name>archiva-run-indexer</name> <description>Run Archiva Indexer</description> </operation> + <operation> + <id>archiva-delete-artifact</id> + <name>archiva-delete-artifact</name> + <description>Delete Artifact</description> + </operation> <operation> <id>archiva-access-reports</id> <name>archiva-access-reports</name> @@ -180,6 +185,13 @@ <namePrefix>Repository Manager</namePrefix> <assignable>true</assignable> <permissions> + <permission> + <id>archiva-delete-artifact</id> + <name>Delete Artifact</name> + <operation>archiva-delete-artifact</operation> + <resource>global</resource> + <permanent>true</permanent> + </permission> <permission> <id>archiva-edit-repository</id> <name>Archiva Edit Repository</name> |