[MRM-1736] map roles to ldap groups

git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@1460935 13f79535-47bb-0310-9956-ffa450edef68

6 files changed, 129 insertions, 9 deletions

diff --git a/archiva-modules/archiva-base/archiva-configuration/src/main/mdo/configuration.mdo b/archiva-modules/archiva-base/archiva-configuration/src/main/mdo/configuration.mdo
index 6c0516661..55ffc242a 100644
--- a/archiva-modules/archiva-base/archiva-configuration/src/main/mdo/configuration.mdo
+++ b/archiva-modules/archiva-base/archiva-configuration/src/main/mdo/configuration.mdo
@@ -1513,6 +1513,15 @@
           </association>
         </field>
         <field>
+          <name>ldapGroupMappings</name>
+          <description>LdapGroupMappings</description>
+          <version>1.4.0+</version>
+          <association>
+            <type>LdapGroupMapping</type>
+            <multiplicity>*</multiplicity>
+          </association>
+        </field>
+        <field>
           <name>configurationProperties</name>
           <description>extra properties for redback configuration. String/String</description>
           <version>1.4.0+</version>
@@ -1673,6 +1682,29 @@
       </fields>
     </class>
 
+    <class>
+      <name>LdapGroupMapping</name>
+      <version>1.4.0+</version>
+      <description>configuration of a LDAP group to Archiva roles</description>
+      <fields>
+        <field>
+          <name>group</name>
+          <description>LDAP Group</description>
+          <version>1.4.0+</version>
+          <type>String</type>
+        </field>
+        <field>
+          <name>roleNames</name>
+          <version>1.4.0+</version>
+          <description>Archiva roles.</description>
+          <association>
+            <type>String</type>
+            <multiplicity>*</multiplicity>
+          </association>
+        </field>
+      </fields>
+    </class>
+
   </classes>
 </model>
 
diff --git a/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-api/src/main/java/org/apache/archiva/admin/model/beans/RedbackRuntimeConfiguration.java b/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-api/src/main/java/org/apache/archiva/admin/model/beans/RedbackRuntimeConfiguration.java
index 99c8b893b..7e9cf66cb 100644
--- a/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-api/src/main/java/org/apache/archiva/admin/model/beans/RedbackRuntimeConfiguration.java
+++ b/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-api/src/main/java/org/apache/archiva/admin/model/beans/RedbackRuntimeConfiguration.java
@@ -67,6 +67,11 @@ public class RedbackRuntimeConfiguration
 
     private CacheConfiguration usersCacheConfiguration;
 
+    /**
+     * Field ldapGroupMappings.
+     */
+    private List<LdapGroupMapping> ldapGroupMappings;
+
     public RedbackRuntimeConfiguration()
     {
         // no op
@@ -170,6 +175,16 @@ public class RedbackRuntimeConfiguration
         this.rbacManagerImpls = rbacManagerImpls;
     }
 
+    public List<LdapGroupMapping> getLdapGroupMappings()
+    {
+        return ldapGroupMappings;
+    }
+
+    public void setLdapGroupMappings( List<LdapGroupMapping> ldapGroupMappings )
+    {
+        this.ldapGroupMappings = ldapGroupMappings;
+    }
+
     @Override
     public String toString()
     {
diff --git a/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/java/org/apache/archiva/admin/repository/runtime/DefaultRedbackRuntimeConfigurationAdmin.java b/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/java/org/apache/archiva/admin/repository/runtime/DefaultRedbackRuntimeConfigurationAdmin.java
index 1a2481398..834b50556 100644
--- a/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/java/org/apache/archiva/admin/repository/runtime/DefaultRedbackRuntimeConfigurationAdmin.java
+++ b/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/java/org/apache/archiva/admin/repository/runtime/DefaultRedbackRuntimeConfigurationAdmin.java
@@ -22,12 +22,11 @@ import net.sf.beanlib.provider.replicator.BeanReplicator;
 import org.apache.archiva.admin.model.RepositoryAdminException;
 import org.apache.archiva.admin.model.beans.CacheConfiguration;
 import org.apache.archiva.admin.model.beans.LdapConfiguration;
+import org.apache.archiva.admin.model.beans.LdapGroupMapping;
 import org.apache.archiva.admin.model.beans.RedbackRuntimeConfiguration;
 import org.apache.archiva.admin.model.runtime.RedbackRuntimeConfigurationAdmin;
 import org.apache.archiva.configuration.ArchivaConfiguration;
 import org.apache.archiva.configuration.Configuration;
-import org.apache.archiva.configuration.ConfigurationEvent;
-import org.apache.archiva.configuration.ConfigurationListener;
 import org.apache.archiva.configuration.IndeterminateConfigurationException;
 import org.apache.archiva.redback.components.cache.Cache;
 import org.apache.archiva.redback.components.registry.RegistryException;
@@ -42,6 +41,7 @@ import org.springframework.stereotype.Service;
 import javax.annotation.PostConstruct;
 import javax.inject.Inject;
 import javax.inject.Named;
+import java.util.ArrayList;
 import java.util.Collection;
 import java.util.HashMap;
 import java.util.HashSet;
@@ -53,7 +53,7 @@ import java.util.Set;
  * @author Olivier Lamy
  * @since 1.4-M4
  */
-@Service("userConfiguration#archiva")
+@Service( "redbackRuntimeConfigurationAdmin#default" )
 public class DefaultRedbackRuntimeConfigurationAdmin
     implements RedbackRuntimeConfigurationAdmin, UserConfiguration
 {
@@ -64,11 +64,11 @@ public class DefaultRedbackRuntimeConfigurationAdmin
     private ArchivaConfiguration archivaConfiguration;
 
     @Inject
-    @Named(value = "userConfiguration#redback")
-    UserConfiguration userConfiguration;
+    @Named( value = "userConfiguration#redback" )
+    private UserConfiguration userConfiguration;
 
     @Inject
-    @Named(value = "cache#users")
+    @Named( value = "cache#users" )
     private Cache usersCache;
 
     @PostConstruct
@@ -149,6 +149,31 @@ public class DefaultRedbackRuntimeConfigurationAdmin
                     userConfiguration.getBoolean( UserConfigurationKeys.LDAP_BIND_AUTHENTICATOR_ENABLED, false );
                 ldapConfiguration.setBindAuthenticatorEnabled( ldapBindAuthenticatorEnabled );
 
+                // LDAP groups mapping reading !!
+                // UserConfigurationKeys.LDAP_GROUPS_ROLE_START_KEY
+                // userConfiguration.getKeys()
+
+                Collection<String> keys = userConfiguration.getKeys();
+
+                List<LdapGroupMapping> ldapGroupMappings = new ArrayList<LdapGroupMapping>();
+
+                for ( String key : keys )
+                {
+                    if ( key.startsWith( UserConfigurationKeys.LDAP_GROUPS_ROLE_START_KEY ) )
+                    {
+                        String group =
+                            StringUtils.substringAfter( key, UserConfigurationKeys.LDAP_GROUPS_ROLE_START_KEY );
+                        String val = userConfiguration.getConcatenatedList( key, "" );
+                        if ( !StringUtils.isEmpty( val ) )
+                        {
+                            String[] roles = StringUtils.split( val, ',' );
+                            ldapGroupMappings.add( new LdapGroupMapping( group, roles ) );
+                        }
+                    }
+                }
+
+                redbackRuntimeConfiguration.setLdapGroupMappings( ldapGroupMappings );
+
                 redbackRuntimeConfiguration.setMigratedFromRedbackConfiguration( true );
 
                 updateRedbackRuntimeConfiguration( redbackRuntimeConfiguration );
@@ -300,6 +325,20 @@ public class DefaultRedbackRuntimeConfigurationAdmin
             redbackRuntimeConfiguration.setUsersCacheConfiguration( new CacheConfiguration() );
         }
 
+        List<org.apache.archiva.configuration.LdapGroupMapping> mappings = runtimeConfiguration.getLdapGroupMappings();
+
+        if ( mappings != null && mappings.size() > 0 )
+        {
+            List<LdapGroupMapping> ldapGroupMappings = new ArrayList<LdapGroupMapping>( mappings.size() );
+
+            for ( org.apache.archiva.configuration.LdapGroupMapping mapping : mappings )
+            {
+                ldapGroupMappings.add( new LdapGroupMapping( mapping.getGroup(), mapping.getRoleNames() ) );
+            }
+
+            redbackRuntimeConfiguration.setLdapGroupMappings( ldapGroupMappings );
+        }
+
         cleanupProperties( redbackRuntimeConfiguration );
 
         return redbackRuntimeConfiguration;
@@ -359,10 +398,30 @@ public class DefaultRedbackRuntimeConfigurationAdmin
             new BeanReplicator().replicateBean( archivaRuntimeConfiguration.getUsersCacheConfiguration(),
                                                 org.apache.archiva.configuration.CacheConfiguration.class ) );
 
+        List<LdapGroupMapping> ldapGroupMappings = archivaRuntimeConfiguration.getLdapGroupMappings();
+
+        if ( ldapGroupMappings != null && ldapGroupMappings.size() > 0 )
+        {
+
+            List<org.apache.archiva.configuration.LdapGroupMapping> mappings =
+                new ArrayList<org.apache.archiva.configuration.LdapGroupMapping>( ldapGroupMappings.size() );
+
+            for ( LdapGroupMapping ldapGroupMapping : ldapGroupMappings )
+            {
+
+                org.apache.archiva.configuration.LdapGroupMapping mapping =
+                    new org.apache.archiva.configuration.LdapGroupMapping();
+                mapping.setGroup( ldapGroupMapping.getGroup() );
+                mapping.setRoleNames( new ArrayList<String>( ldapGroupMapping.getRoleNames() ) );
+                mappings.add( mapping );
+
+            }
+            redbackRuntimeConfiguration.setLdapGroupMappings( mappings );
+        }
         return redbackRuntimeConfiguration;
     }
 
-    // wrapper for UserConfiguration to intercept values (and store it not yet migrated
+    // wrapper for UserConfiguration to intercept values (and store it not yet migrated)
 
 
     public String getString( String key )
@@ -373,6 +432,18 @@ public class DefaultRedbackRuntimeConfigurationAdmin
             return getRedbackRuntimeConfiguration().getUserManagerImpls().get( 0 );
         }
 
+        if ( StringUtils.startsWith( key, UserConfigurationKeys.LDAP_GROUPS_ROLE_START_KEY ) )
+        {
+            RedbackRuntimeConfiguration redbackRuntimeConfiguration = getRedbackRuntimeConfiguration();
+            int index = redbackRuntimeConfiguration.getLdapGroupMappings().indexOf( new LdapGroupMapping(
+                StringUtils.substringAfter( key, UserConfigurationKeys.LDAP_GROUPS_ROLE_START_KEY ) ) );
+            if ( index > -1 )
+            {
+                return StringUtils.join( redbackRuntimeConfiguration.getLdapGroupMappings().get( index ).getRoleNames(),
+                                         ',' );
+            }
+        }
+
         RedbackRuntimeConfiguration conf = getRedbackRuntimeConfiguration();
 
         if ( conf.getConfigurationProperties().containsKey( key ) )
diff --git a/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/resources/META-INF/spring-context.xml b/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/resources/META-INF/spring-context.xml
index 3a9866691..aa4743ccc 100644
--- a/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/resources/META-INF/spring-context.xml
+++ b/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/resources/META-INF/spring-context.xml
@@ -31,6 +31,6 @@
   <context:component-scan
     base-package="org.apache.archiva.admin.repository"/>
 
-
+  <alias name="redbackRuntimeConfigurationAdmin#default" alias="userConfiguration#archiva"/>
 
 </beans>
\ No newline at end of file
diff --git a/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/applicationContext.xml b/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/applicationContext.xml
index b0659daf8..96f182f0a 100644
--- a/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/applicationContext.xml
+++ b/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/applicationContext.xml
@@ -45,6 +45,8 @@
 
   <alias name="ldapConnectionFactory#archiva" alias="ldapConnectionFactory"/>
   <alias name="ldapConnectionFactory#archiva" alias="ldapConnectionFactory#configurable"/>
+  
+  <alias name="ldapRoleMapperConfiguration#archiva" alias="ldapRoleMapperConfiguration#default"/>
 
 
   <bean id="loggerManager" class="org.codehaus.plexus.logging.slf4j.Slf4jLoggerManager"
diff --git a/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/general-admin.js b/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/general-admin.js
index 5abf1e20d..547254bc4 100644
--- a/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/general-admin.js
+++ b/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/general-admin.js
@@ -1727,7 +1727,7 @@ define("archiva.general-admin",["jquery","i18n","utils","jquery.tmpl","knockout"
 
     addLdapGroupMapping=function(){
       // FIXME validate datas from ldapGroupMapping
-      $.log("addLdapGroupMapping:"+self.newLdapGroupMapping().group());
+      $.log("addLdapGroupMapping:"+self.newLdapGroupMapping().group()+",roles:"+self.newLdapGroupMapping().roleNames().length);
       clearUserMessages();
 
       if (self.newLdapGroupMapping().roleNames().length<1){