Updating permissions for v2 rest service

author: Martin Stockhammer <martin_s@apache.org> 2021-12-19 20:21:12 +0100
committer: Martin Stockhammer <martin_s@apache.org> 2021-12-19 20:21:12 +0100
commit: 55b1e5d09f280f5747c1ba04517fbc233bed5d97 (patch)
tree: 91b61ce7f12330246cb9693c1911261448da7b81 /archiva-modules/archiva-web/archiva-webdav/src
parent: 5e8ae2434d547387b85d4822d49d37a78ad2bd20 (diff)
download: archiva-55b1e5d09f280f5747c1ba04517fbc233bed5d97.tar.gz
archiva-55b1e5d09f280f5747c1ba04517fbc233bed5d97.zip
2 files changed, 13 insertions, 13 deletions
diff --git a/archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/archiva/webdav/util/WebdavMethodUtil.java b/archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/archiva/webdav/util/WebdavMethodUtil.java
index cf1a9fd55..ce0675048 100644
--- a/archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/archiva/webdav/util/WebdavMethodUtil.java
+++ b/archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/archiva/webdav/util/WebdavMethodUtil.java
@@ -53,15 +53,15 @@ public class WebdavMethodUtil
         }
         if ( READ_METHODS.contains( method.toUpperCase( Locale.US ) ) )
         {
-            return ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS;
+            return ArchivaRoleConstants.OPERATION_READ_REPOSITORY;
         }
         else if ( "DELETE".equals( method.toUpperCase( Locale.US ) ) )
         {
-            return ArchivaRoleConstants.OPERATION_REPOSITORY_DELETE;
+            return ArchivaRoleConstants.OPERATION_DELETE_ARTIFACT;
         }
         else
         {
-            return ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD;
+            return ArchivaRoleConstants.OPERATION_ADD_ARTIFACT;
         }
     }
 
diff --git a/archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/archiva/webdav/RepositoryServletSecurityTest.java b/archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/archiva/webdav/RepositoryServletSecurityTest.java
index a73b2f448..6713786ed 100644
--- a/archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/archiva/webdav/RepositoryServletSecurityTest.java
+++ b/archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/archiva/webdav/RepositoryServletSecurityTest.java
@@ -265,7 +265,7 @@ public class RepositoryServletSecurityTest
                                      EasyMock.anyObject( AuthenticationResult.class ) );
         EasyMock.expectLastCall().andThrow( new AuthenticationException( "Authentication error" ) );
 
-        servletAuth.isAuthorized( "guest", "internal", ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD );
+        servletAuth.isAuthorized( "guest", "internal", ArchivaRoleConstants.OPERATION_ADD_ARTIFACT );
 
         EasyMock.expectLastCall().andThrow( new UnauthorizedException( "'guest' has no write access to repository" ) );
 
@@ -313,7 +313,7 @@ public class RepositoryServletSecurityTest
             new AuthenticationException( "Authentication error" ) );
 
         EasyMock.expect( servletAuth.isAuthorized( "guest", "internal",
-                                                   ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD ) ).andReturn(
+                                                   ArchivaRoleConstants.OPERATION_ADD_ARTIFACT ) ).andReturn(
             true );
 
         // ArchivaDavResourceFactory#isAuthorized()
@@ -332,7 +332,7 @@ public class RepositoryServletSecurityTest
 
         // check if guest has write access
         EasyMock.expect( servletAuth.isAuthorized( "guest", "internal",
-                                                   ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD ) ).andReturn(
+                                                   ArchivaRoleConstants.OPERATION_ADD_ARTIFACT ) ).andReturn(
             true );
 
         httpAuthControl.replay();
@@ -399,7 +399,7 @@ public class RepositoryServletSecurityTest
 
         EasyMock.expect(
             servletAuth.isAuthorized( anyObject( HttpServletRequest.class ), eq( session ), eq( "internal" ),
-                                      eq( ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD ) ) ).andThrow(
+                                      eq( ArchivaRoleConstants.OPERATION_ADD_ARTIFACT ) ) ).andThrow(
             new UnauthorizedException( "User not authorized" ) );
         httpAuthControl.replay();
         servletAuthControl.replay();
@@ -473,7 +473,7 @@ public class RepositoryServletSecurityTest
 
         EasyMock.expect(
             servletAuth.isAuthorized( anyObject( HttpServletRequest.class ), eq( session ), eq( "internal" ),
-                                      eq( ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD ) ) ).andReturn( true );
+                                      eq( ArchivaRoleConstants.OPERATION_ADD_ARTIFACT ) ) ).andReturn( true );
 
         httpAuthControl.replay();
         servletAuthControl.replay();
@@ -528,7 +528,7 @@ public class RepositoryServletSecurityTest
             new AuthenticationException( "Authentication error" ) );
 
         EasyMock.expect( servletAuth.isAuthorized( "guest", "internal",
-                                                   ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS ) ).andReturn(
+                                                   ArchivaRoleConstants.OPERATION_READ_REPOSITORY ) ).andReturn(
             true );
 
         // ArchivaDavResourceFactory#isAuthorized()
@@ -547,7 +547,7 @@ public class RepositoryServletSecurityTest
 
         EasyMock.expect(
             servletAuth.isAuthorized( anyObject( HttpServletRequest.class ), eq( session ), eq( "internal" ),
-                                      eq( ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS ) ) ).andReturn( true );
+                                      eq( ArchivaRoleConstants.OPERATION_READ_REPOSITORY ) ) ).andReturn( true );
         httpAuthControl.replay();
         servletAuthControl.replay();
 
@@ -594,7 +594,7 @@ public class RepositoryServletSecurityTest
             new AuthenticationException( "Authentication error" ) );
 
         EasyMock.expect( servletAuth.isAuthorized( "guest", "internal",
-                                                   ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS ) ).andReturn(
+                                                   ArchivaRoleConstants.OPERATION_READ_REPOSITORY ) ).andReturn(
             false );
         httpAuthControl.replay();
         servletAuthControl.replay();
@@ -659,7 +659,7 @@ public class RepositoryServletSecurityTest
 
         EasyMock.expect(
             servletAuth.isAuthorized( anyObject( HttpServletRequest.class ), eq( session ), eq( "internal" ),
-                                      eq( ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS ) ) ).andReturn( true );
+                                      eq( ArchivaRoleConstants.OPERATION_READ_REPOSITORY ) ) ).andReturn( true );
 
         httpAuthControl.replay();
         servletAuthControl.replay();
@@ -726,7 +726,7 @@ public class RepositoryServletSecurityTest
 
         EasyMock.expect(
             servletAuth.isAuthorized( anyObject( HttpServletRequest.class ), eq( session ), eq( "internal" ),
-                                      eq( ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS ) ) ).andThrow(
+                                      eq( ArchivaRoleConstants.OPERATION_READ_REPOSITORY ) ) ).andThrow(
             new UnauthorizedException( "User not authorized to read repository." ) );
         httpAuthControl.replay();
         servletAuthControl.replay();
author	Martin Stockhammer <martin_s@apache.org>	2021-12-19 20:21:12 +0100
committer	Martin Stockhammer <martin_s@apache.org>	2021-12-19 20:21:12 +0100
commit	55b1e5d09f280f5747c1ba04517fbc233bed5d97 (patch)
tree	91b61ce7f12330246cb9693c1911261448da7b81 /archiva-modules/archiva-web/archiva-webdav/src
parent	5e8ae2434d547387b85d4822d49d37a78ad2bd20 (diff)
download	archiva-55b1e5d09f280f5747c1ba04517fbc233bed5d97.tar.gz archiva-55b1e5d09f280f5747c1ba04517fbc233bed5d97.zip