summaryrefslogtreecommitdiffstats
path: root/archiva-modules/archiva-web/archiva-security
diff options
context:
space:
mode:
authorMaria Odea B. Ching <oching@apache.org>2009-02-20 08:50:35 +0000
committerMaria Odea B. Ching <oching@apache.org>2009-02-20 08:50:35 +0000
commit0cecbab8be9eacccf01bb4dc096a643aaad45da5 (patch)
tree78dc90e579fc10afffeb5ab6a1772aadce2a7827 /archiva-modules/archiva-web/archiva-security
parent48e96d554fa626f031aa0cc88dfb0b15270eeb08 (diff)
downloadarchiva-0cecbab8be9eacccf01bb4dc096a643aaad45da5.tar.gz
archiva-0cecbab8be9eacccf01bb4dc096a643aaad45da5.zip
[MRM-913]
submitted by Jevica Arianne Zurbano o patch does the following: - deletes artifacts - cleans up database - executes scan to reflect changes when browsing repository - updates metadata - updates audit.log - 'Delete Artifact' added in navigation and is displayed for users with repository manager role - only allows manager of the repository to delete artifacts from it o additional tweaks to the submitted patch: - removed catch for NPE in DeleteArtifactAction - migrated jsps & action class to struts 2 - moved invocation of cleanup consumers in DeleteArtifactAction to DatabaseConsumers (added new method for this in DatabaseConsumers) - applied formatting git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@746183 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'archiva-modules/archiva-web/archiva-security')
-rw-r--r--archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java49
-rw-r--r--archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/UserRepositories.java15
-rw-r--r--archiva-modules/archiva-web/archiva-security/src/main/resources/META-INF/redback/redback.xml12
3 files changed, 76 insertions, 0 deletions
diff --git a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java
index ca471b4b4..842a5e647 100644
--- a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java
+++ b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java
@@ -20,13 +20,19 @@ package org.apache.maven.archiva.security;
*/
import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Iterator;
import java.util.List;
import org.apache.maven.archiva.configuration.ArchivaConfiguration;
import org.apache.maven.archiva.configuration.ManagedRepositoryConfiguration;
+import org.apache.maven.archiva.security.ArchivaRoleConstants;
import org.codehaus.plexus.redback.authentication.AuthenticationResult;
import org.codehaus.plexus.redback.authorization.AuthorizationException;
import org.codehaus.plexus.redback.rbac.RBACManager;
+import org.codehaus.plexus.redback.rbac.RbacObjectNotFoundException;
+import org.codehaus.plexus.redback.rbac.RbacManagerException;
+import org.codehaus.plexus.redback.rbac.Role;
import org.codehaus.plexus.redback.role.RoleManager;
import org.codehaus.plexus.redback.role.RoleManagerException;
import org.codehaus.plexus.redback.system.DefaultSecuritySession;
@@ -161,4 +167,47 @@ public class DefaultUserRepositories
throw new ArchivaSecurityException( e.getMessage() );
}
}
+
+ public boolean isAuthorizedToDeleteArtifacts( String principal, String repoId )
+ throws RbacManagerException, RbacObjectNotFoundException
+ {
+ boolean isAuthorized = false;
+ String delimiter = " - ";
+
+ try
+ {
+ Collection roleList = rbacManager.getEffectivelyAssignedRoles( principal );
+
+ Iterator it = roleList.iterator();
+
+ while ( it.hasNext() )
+ {
+ Role role = (Role) it.next();
+
+ String roleName = role.getName();
+
+ if ( roleName.startsWith( ArchivaRoleConstants.REPOSITORY_MANAGER_ROLE_PREFIX ) )
+ {
+ int delimiterIndex = roleName.indexOf( delimiter );
+ String resourceName = roleName.substring( delimiterIndex + delimiter.length() );
+
+ if ( resourceName.equals( repoId ) )
+ {
+ isAuthorized = true;
+ break;
+ }
+ }
+ }
+ }
+ catch ( RbacObjectNotFoundException e )
+ {
+ throw new RbacObjectNotFoundException( "Unable to find user " + principal + "" );
+ }
+ catch ( RbacManagerException e )
+ {
+ throw new RbacManagerException( "Unable to get roles for user " + principal + "" );
+ }
+
+ return isAuthorized;
+ }
}
diff --git a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/UserRepositories.java b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/UserRepositories.java
index 3b6f68f34..9b3840ac6 100644
--- a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/UserRepositories.java
+++ b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/UserRepositories.java
@@ -19,6 +19,9 @@ package org.apache.maven.archiva.security;
* under the License.
*/
+import org.codehaus.plexus.redback.rbac.RbacObjectNotFoundException;
+import org.codehaus.plexus.redback.rbac.RbacManagerException;
+
import java.util.List;
/**
@@ -60,5 +63,17 @@ public interface UserRepositories
*/
public boolean isAuthorizedToUploadArtifacts( String principal, String repoId)
throws PrincipalNotFoundException, ArchivaSecurityException;
+
+ /**
+ * Check if user is authorized to delete artifacts in the repository.
+ *
+ * @param principal
+ * @param repoId
+ * @return
+ * @throws RbacManagerException
+ * @throws RbacObjectNotFoundException
+ */
+ public boolean isAuthorizedToDeleteArtifacts( String principal, String repoId )
+ throws RbacManagerException, RbacObjectNotFoundException;
}
diff --git a/archiva-modules/archiva-web/archiva-security/src/main/resources/META-INF/redback/redback.xml b/archiva-modules/archiva-web/archiva-security/src/main/resources/META-INF/redback/redback.xml
index 4a12cb481..df72885d1 100644
--- a/archiva-modules/archiva-web/archiva-security/src/main/resources/META-INF/redback/redback.xml
+++ b/archiva-modules/archiva-web/archiva-security/src/main/resources/META-INF/redback/redback.xml
@@ -25,6 +25,11 @@
<name>archiva-run-indexer</name>
<description>Run Archiva Indexer</description>
</operation>
+ <operation>
+ <id>archiva-delete-artifact</id>
+ <name>archiva-delete-artifact</name>
+ <description>Delete Artifact</description>
+ </operation>
<operation>
<id>archiva-access-reports</id>
<name>archiva-access-reports</name>
@@ -180,6 +185,13 @@
<namePrefix>Repository Manager</namePrefix>
<assignable>true</assignable>
<permissions>
+ <permission>
+ <id>archiva-delete-artifact</id>
+ <name>Delete Artifact</name>
+ <operation>archiva-delete-artifact</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
<permission>
<id>archiva-edit-repository</id>
<name>Archiva Edit Repository</name>