summaryrefslogtreecommitdiffstats
path: root/archiva-modules/archiva-web
diff options
context:
space:
mode:
authorMaria Odea B. Ching <oching@apache.org>2009-08-13 07:16:35 +0000
committerMaria Odea B. Ching <oching@apache.org>2009-08-13 07:16:35 +0000
commit8b3037bfdcb777f02fd75505e61d4706f903834d (patch)
treef25abc1df559303dc2f47a02ecad3b82d884fa35 /archiva-modules/archiva-web
parentd150a6ed98445bdaa6fa1ac8e511658193a02057 (diff)
downloadarchiva-8b3037bfdcb777f02fd75505e61d4706f903834d.tar.gz
archiva-8b3037bfdcb777f02fd75505e61d4706f903834d.zip
[MRM-1232] Unable to get artifacts from repositories which requires Repository Manager role using repository group
o if at least one unauthorizeddavexception exists in the compiled errors from the repositories in the group, send back a 401 error to force maven to send attach credentials to the request o added tests git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@803795 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'archiva-modules/archiva-web')
-rw-r--r--archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/maven/archiva/webdav/ArchivaDavResourceFactory.java46
-rw-r--r--archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/maven/archiva/webdav/ArchivaDavResourceFactoryTest.java366
2 files changed, 400 insertions, 12 deletions
diff --git a/archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/maven/archiva/webdav/ArchivaDavResourceFactory.java b/archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/maven/archiva/webdav/ArchivaDavResourceFactory.java
index a7e853224..7d912ab35 100644
--- a/archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/maven/archiva/webdav/ArchivaDavResourceFactory.java
+++ b/archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/maven/archiva/webdav/ArchivaDavResourceFactory.java
@@ -336,13 +336,12 @@ public class ArchivaDavResourceFactory
String activePrincipal, List<String> resourcesInAbsolutePath )
throws DavException
{
- DavResource resource = null;
- DavException storedException = null;
+ DavResource resource = null;
+ List<DavException> storedExceptions = new ArrayList<DavException>();
for ( String repositoryId : repositories )
{
ManagedRepositoryContent managedRepository = null;
-
try
{
managedRepository = repositoryFactory.getManagedRepositoryContent( repositoryId );
@@ -373,16 +372,25 @@ public class ArchivaDavResourceFactory
resourcesInAbsolutePath.add( new File( managedRepository.getRepoRoot(), logicalResource ).getAbsolutePath() );
}
catch ( DavException e )
- {
- storedException = e;
+ {
+ storedExceptions.add( e );
}
}
if ( resource == null )
- {
- if ( storedException != null )
- {
- throw storedException;
+ {
+ if ( !storedExceptions.isEmpty() )
+ {
+ // MRM-1232
+ for( DavException e : storedExceptions )
+ {
+ if( 401 == e.getErrorCode() )
+ {
+ throw e;
+ }
+ }
+
+ throw new DavException( HttpServletResponse.SC_NOT_FOUND );
}
else
{
@@ -404,8 +412,7 @@ public class ArchivaDavResourceFactory
{
path = path.substring( 1 );
}
- LogicalResource logicalResource = new LogicalResource( path );
-
+ LogicalResource logicalResource = new LogicalResource( path );
File resourceFile = new File( managedRepository.getRepoRoot(), path );
resource =
new ArchivaDavResource( resourceFile.getAbsolutePath(), path,
@@ -915,7 +922,7 @@ public class ArchivaDavResourceFactory
return resource;
}
- private String getActivePrincipal( DavServletRequest request )
+ protected String getActivePrincipal( DavServletRequest request )
{
User sessionUser = httpAuth.getSessionUser( request.getSession() );
return sessionUser != null ? sessionUser.getUsername() : UserManager.GUEST_USERNAME;
@@ -1035,4 +1042,19 @@ public class ArchivaDavResourceFactory
{
this.scheduler = scheduler;
}
+
+ public void setArchivaConfiguration( ArchivaConfiguration archivaConfiguration )
+ {
+ this.archivaConfiguration = archivaConfiguration;
+ }
+
+ public void setRepositoryFactory( RepositoryContentFactory repositoryFactory )
+ {
+ this.repositoryFactory = repositoryFactory;
+ }
+
+ public void setRepositoryRequest( RepositoryRequest repositoryRequest )
+ {
+ this.repositoryRequest = repositoryRequest;
+ }
}
diff --git a/archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/maven/archiva/webdav/ArchivaDavResourceFactoryTest.java b/archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/maven/archiva/webdav/ArchivaDavResourceFactoryTest.java
new file mode 100644
index 000000000..d96ce80e2
--- /dev/null
+++ b/archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/maven/archiva/webdav/ArchivaDavResourceFactoryTest.java
@@ -0,0 +1,366 @@
+package org.apache.maven.archiva.webdav;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import java.io.File;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.jackrabbit.webdav.DavException;
+import org.apache.jackrabbit.webdav.DavResourceLocator;
+import org.apache.jackrabbit.webdav.DavServletRequest;
+import org.apache.jackrabbit.webdav.DavServletResponse;
+import org.apache.maven.archiva.configuration.ArchivaConfiguration;
+import org.apache.maven.archiva.configuration.Configuration;
+import org.apache.maven.archiva.configuration.ManagedRepositoryConfiguration;
+import org.apache.maven.archiva.configuration.RepositoryGroupConfiguration;
+import org.apache.maven.archiva.repository.ManagedRepositoryContent;
+import org.apache.maven.archiva.repository.RepositoryContentFactory;
+import org.apache.maven.archiva.repository.content.ManagedDefaultRepositoryContent;
+import org.apache.maven.archiva.repository.content.RepositoryRequest;
+import org.codehaus.plexus.spring.PlexusInSpringTestCase;
+import org.easymock.MockControl;
+import org.easymock.classextension.MockClassControl;
+
+/**
+ * ArchivaDavResourceFactoryTest
+ */
+public class ArchivaDavResourceFactoryTest
+ extends PlexusInSpringTestCase
+{
+ private static final String RELEASES_REPO = "releases";
+
+ private static final String INTERNAL_REPO = "internal";
+
+ private static final String LOCAL_MIRROR_REPO = "local-mirror";
+
+ private static final String LOCAL_REPO_GROUP = "local";
+
+ private OverridingArchivaDavResourceFactory resourceFactory;
+
+ private MockControl requestControl;
+
+ private DavServletRequest request;
+
+ private MockControl repoRequestControl;
+
+ private RepositoryRequest repoRequest;
+
+ private DavServletResponse response;
+
+ private MockControl archivaConfigurationControl;
+
+ private ArchivaConfiguration archivaConfiguration;
+
+ private Configuration config;
+
+ private MockControl repoContentFactoryControl;
+
+ private RepositoryContentFactory repoFactory;
+
+ public void setUp()
+ throws Exception
+ {
+ super.setUp();
+
+ requestControl = MockControl.createControl( DavServletRequest.class );
+
+ request = (DavServletRequest) requestControl.getMock();
+
+ archivaConfigurationControl = MockControl.createControl( ArchivaConfiguration.class );
+
+ archivaConfiguration = (ArchivaConfiguration) archivaConfigurationControl.getMock();
+
+ config = new Configuration();
+ config.addManagedRepository( createManagedRepository(
+ RELEASES_REPO,
+ new File( getBasedir(), "target/test-classes/releases" ).getPath() ) );
+ config.addManagedRepository( createManagedRepository(
+ INTERNAL_REPO,
+ new File( getBasedir(), "target/test-classes/internal" ).getPath() ) );
+
+ RepositoryGroupConfiguration repoGroupConfig = new RepositoryGroupConfiguration();
+ repoGroupConfig.setId( LOCAL_REPO_GROUP );
+ repoGroupConfig.addRepository( RELEASES_REPO );
+ repoGroupConfig.addRepository( INTERNAL_REPO );
+
+ config.addRepositoryGroup( repoGroupConfig );
+
+ repoContentFactoryControl = MockClassControl.createControl( RepositoryContentFactory.class );
+ repoFactory = (RepositoryContentFactory) repoContentFactoryControl.getMock();
+
+ repoRequestControl = MockClassControl.createControl( RepositoryRequest.class );
+ repoRequest = (RepositoryRequest) repoRequestControl.getMock();
+
+ resourceFactory = new OverridingArchivaDavResourceFactory();
+ resourceFactory.setArchivaConfiguration( archivaConfiguration );
+ resourceFactory.setRepositoryFactory( repoFactory );
+ resourceFactory.setRepositoryRequest( repoRequest );
+ }
+
+ private ManagedRepositoryConfiguration createManagedRepository( String id, String location )
+ {
+ ManagedRepositoryConfiguration repoConfig = new ManagedRepositoryConfiguration();
+ repoConfig.setId( id );
+ repoConfig.setName( id );
+ repoConfig.setLocation( location );
+
+ return repoConfig;
+ }
+
+ private ManagedRepositoryContent createManagedRepositoryContent( String repoId )
+ {
+ ManagedRepositoryContent repoContent = new ManagedDefaultRepositoryContent();
+ repoContent.setRepository( config.findManagedRepositoryById( repoId ) );
+
+ return repoContent;
+ }
+
+ public void tearDown()
+ throws Exception
+ {
+ super.tearDown();
+ }
+
+ // MRM-1232 - Unable to get artifacts from repositories which requires Repository Manager role using repository group
+ public void testRepositoryGroupFirstRepositoryRequiresAuthentication()
+ throws Exception
+ {
+ DavResourceLocator locator =
+ new ArchivaDavResourceLocator( "", "/org/apache/archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar",
+ LOCAL_REPO_GROUP, new ArchivaDavLocatorFactory() );
+
+ ManagedRepositoryContent internalRepo = createManagedRepositoryContent( INTERNAL_REPO );
+
+ try
+ {
+ archivaConfigurationControl.expectAndReturn( archivaConfiguration.getConfiguration(), config );
+ requestControl.expectAndReturn( request.getMethod(), "GET", 2 );
+ repoContentFactoryControl.expectAndReturn( repoFactory.getManagedRepositoryContent( RELEASES_REPO ),
+ createManagedRepositoryContent( RELEASES_REPO ) );
+ requestControl.expectAndReturn( request.getRemoteAddr(), "http://localhost:8080", 2 );
+ requestControl.expectAndReturn( request.getDavSession(), new ArchivaDavSession(), 2 );
+ repoRequestControl.expectAndReturn(
+ repoRequest.isSupportFile( "archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar" ),
+ false );
+ repoRequestControl.expectAndReturn(
+ repoRequest.isDefault( "archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar" ),
+ false );
+ repoRequestControl.expectAndReturn(
+ repoRequest.toArtifactReference( "archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar" ),
+ null );
+ repoRequestControl.expectAndReturn(
+ repoRequest.toNativePath(
+ "archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar",
+ internalRepo ),
+ new File(
+ config.findManagedRepositoryById( INTERNAL_REPO ).getLocation(),
+ "target/test-classes/internal/org/apache/archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar" ).getPath() );
+ repoContentFactoryControl.expectAndReturn( repoFactory.getManagedRepositoryContent( INTERNAL_REPO ),
+ internalRepo );
+
+ archivaConfigurationControl.replay();
+ requestControl.replay();
+ repoContentFactoryControl.replay();
+ repoRequestControl.replay();
+
+ resourceFactory.createResource( locator, request, response );
+
+ archivaConfigurationControl.verify();
+ requestControl.verify();
+ repoContentFactoryControl.verify();
+ repoRequestControl.verify();
+
+ fail( "A DavException with 401 error code should have been thrown." );
+ }
+ catch ( DavException e )
+ {
+ assertEquals( 401, e.getErrorCode() );
+ }
+ }
+
+ public void testRepositoryGroupLastRepositoryRequiresAuthentication()
+ throws Exception
+ {
+ DavResourceLocator locator =
+ new ArchivaDavResourceLocator( "", "/org/apache/archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar",
+ LOCAL_REPO_GROUP, new ArchivaDavLocatorFactory() );
+
+ List<RepositoryGroupConfiguration> repoGroups = new ArrayList<RepositoryGroupConfiguration>();
+ RepositoryGroupConfiguration repoGroup = new RepositoryGroupConfiguration();
+ repoGroup.setId( LOCAL_REPO_GROUP );
+ repoGroup.addRepository( INTERNAL_REPO );
+ repoGroup.addRepository( RELEASES_REPO );
+
+ repoGroups.add( repoGroup );
+
+ config.setRepositoryGroups( repoGroups );
+
+ ManagedRepositoryContent internalRepo = createManagedRepositoryContent( INTERNAL_REPO );
+
+ try
+ {
+ archivaConfigurationControl.expectAndReturn( archivaConfiguration.getConfiguration(), config );
+ requestControl.expectAndReturn( request.getMethod(), "GET", 2 );
+ repoContentFactoryControl.expectAndReturn( repoFactory.getManagedRepositoryContent( INTERNAL_REPO ),
+ internalRepo );
+ repoContentFactoryControl.expectAndReturn( repoFactory.getManagedRepositoryContent( RELEASES_REPO ),
+ createManagedRepositoryContent( RELEASES_REPO ) );
+ requestControl.expectAndReturn( request.getRemoteAddr(), "http://localhost:8080", 2 );
+ requestControl.expectAndReturn( request.getDavSession(), new ArchivaDavSession(), 2 );
+ repoRequestControl.expectAndReturn(
+ repoRequest.isSupportFile( "archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar" ),
+ false );
+ repoRequestControl.expectAndReturn(
+ repoRequest.isDefault( "archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar" ),
+ false );
+ repoRequestControl.expectAndReturn(
+ repoRequest.toArtifactReference( "archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar" ),
+ null );
+ repoRequestControl.expectAndReturn(
+ repoRequest.toNativePath(
+ "archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar",
+ internalRepo ),
+ new File(
+ config.findManagedRepositoryById( INTERNAL_REPO ).getLocation(),
+ "target/test-classes/internal/org/apache/archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar" ).getPath() );
+
+ archivaConfigurationControl.replay();
+ requestControl.replay();
+ repoContentFactoryControl.replay();
+ repoRequestControl.replay();
+
+ resourceFactory.createResource( locator, request, response );
+
+ archivaConfigurationControl.verify();
+ requestControl.verify();
+ repoContentFactoryControl.verify();
+ repoRequestControl.verify();
+
+ fail( "A DavException with 401 error code should have been thrown." );
+ }
+ catch ( DavException e )
+ {
+ assertEquals( 401, e.getErrorCode() );
+ }
+ }
+
+ public void testRepositoryGroupArtifactDoesNotExistInAnyOfTheReposAuthenticationDisabled()
+ throws Exception
+ {
+ DavResourceLocator locator =
+ new ArchivaDavResourceLocator( "", "/org/apache/archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar",
+ LOCAL_REPO_GROUP, new ArchivaDavLocatorFactory() );
+
+ config.addManagedRepository( createManagedRepository( LOCAL_MIRROR_REPO,
+ new File( getBasedir(),
+ "target/test-classes/local-mirror" ).getPath() ) );
+
+ List<RepositoryGroupConfiguration> repoGroups = new ArrayList<RepositoryGroupConfiguration>();
+ RepositoryGroupConfiguration repoGroup = new RepositoryGroupConfiguration();
+ repoGroup.setId( LOCAL_REPO_GROUP );
+ repoGroup.addRepository( INTERNAL_REPO );
+ repoGroup.addRepository( LOCAL_MIRROR_REPO );
+
+ repoGroups.add( repoGroup );
+
+ config.setRepositoryGroups( repoGroups );
+
+ ManagedRepositoryContent internalRepo = createManagedRepositoryContent( INTERNAL_REPO );
+ ManagedRepositoryContent localMirrorRepo = createManagedRepositoryContent( LOCAL_MIRROR_REPO );
+
+ try
+ {
+ archivaConfigurationControl.expectAndReturn( archivaConfiguration.getConfiguration(), config );
+ requestControl.expectAndReturn( request.getMethod(), "GET", 4 );
+ repoContentFactoryControl.expectAndReturn( repoFactory.getManagedRepositoryContent( INTERNAL_REPO ),
+ internalRepo );
+ repoContentFactoryControl.expectAndReturn( repoFactory.getManagedRepositoryContent( LOCAL_MIRROR_REPO ),
+ localMirrorRepo );
+ requestControl.expectAndReturn( request.getRemoteAddr(), "http://localhost:8080", 4 );
+ requestControl.expectAndReturn( request.getDavSession(), new ArchivaDavSession(), 4 );
+ repoRequestControl.expectAndReturn(
+ repoRequest.isSupportFile( "archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar" ),
+ false, 2 );
+ repoRequestControl.expectAndReturn(
+ repoRequest.isDefault( "archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar" ),
+ false, 2 );
+ repoRequestControl.expectAndReturn(
+ repoRequest.toArtifactReference( "archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar" ),
+ null, 2 );
+ repoRequestControl.expectAndReturn(
+ repoRequest.toNativePath(
+ "archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar",
+ internalRepo ),
+ new File(
+ config.findManagedRepositoryById( INTERNAL_REPO ).getLocation(),
+ "target/test-classes/internal/org/apache/archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar" ).getPath() );
+
+ repoRequestControl.expectAndReturn(
+ repoRequest.toNativePath(
+ "archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar",
+ localMirrorRepo ),
+ new File(
+ config.findManagedRepositoryById( LOCAL_MIRROR_REPO ).getLocation(),
+ "target/test-classes/internal/org/apache/archiva/archiva/1.2-SNAPSHOT/archiva-1.2-SNAPSHOT.jar" ).getPath() );
+
+ archivaConfigurationControl.replay();
+ requestControl.replay();
+ repoContentFactoryControl.replay();
+ repoRequestControl.replay();
+
+ resourceFactory.createResource( locator, request, response );
+
+ archivaConfigurationControl.verify();
+ requestControl.verify();
+ repoContentFactoryControl.verify();
+ repoRequestControl.verify();
+
+ fail( "A DavException with 404 error code should have been thrown." );
+ }
+ catch ( DavException e )
+ {
+ assertEquals( 404, e.getErrorCode() );
+ }
+ }
+
+ class OverridingArchivaDavResourceFactory
+ extends ArchivaDavResourceFactory
+ {
+ protected boolean isAuthorized( DavServletRequest request, String repositoryId )
+ throws DavException
+ {
+ if ( RELEASES_REPO.equals( repositoryId ) )
+ {
+ throw new UnauthorizedDavException( repositoryId,
+ "You are not authenticated and authorized to access any repository." );
+ }
+ else
+ {
+ return true;
+ }
+ }
+
+ protected String getActivePrincipal( DavServletRequest request )
+ {
+ return "guest";
+ }
+ }
+}