* Fix NPE on webdav.

* Fix authorization on webdav.
* Fix http request context and path info for webdav.



git-svn-id: https://svn.apache.org/repos/asf/maven/archiva/trunk@464672 13f79535-47bb-0310-9956-ffa450edef68

3 files changed, 89 insertions, 6 deletions

diff --git a/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryAccess.java b/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryAccess.java
index 91e1e97aa..1eade2b46 100644
--- a/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryAccess.java
+++ b/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryAccess.java
@@ -114,6 +114,7 @@ public class RepositoryAccess
         catch ( ConfigurationStoreException e )
         {
             // TODO: should be a more pretty error to user. ;-)
+            // TODO: can we determine if the incoming request is a real user, or just maven-wagon?
 
             throw new ServletException( "Unable to obtain configuration.", e );
         }
@@ -179,8 +180,6 @@ public class RepositoryAccess
                 permission = ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD;
             }
             
-            permission += "-" + repoconfig.getId();
-
             boolean isAuthorized = securitySystem.isAuthorized( securitySession, permission, repoconfig.getId() );
 
             if ( !isAuthorized )
@@ -200,10 +199,18 @@ public class RepositoryAccess
 
         RepositoryMapping repo = getRepositoryMapping( repoconfig );
 
-        response.setHeader( "Server",
-                            getServletContext().getServerInfo() + " Archiva : " + DAVUtilities.SERVLET_SIGNATURE );
+        String serverInfo = "";
+        if ( getServletContext() != null )
+        {
+            if ( StringUtils.isNotEmpty( getServletContext().getServerInfo() ) )
+            {
+                serverInfo = getServletContext().getServerInfo();
+            }
+        }
+        
+        response.setHeader( "Server", serverInfo + " Archiva : " + DAVUtilities.SERVLET_SIGNATURE );
 
-        DAVTransaction transaction = new DAVTransaction( request, response );
+        DAVTransaction transaction = new DAVTransaction( new RepositoryRequest( request, repoconfig.getId() ), response );
         try
         {
             repo.getDavProcessor().process( transaction );
diff --git a/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryMapping.java b/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryMapping.java
index 3e4123955..587b88359 100644
--- a/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryMapping.java
+++ b/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryMapping.java
@@ -45,7 +45,7 @@ public class RepositoryMapping implements DAVListener
         this.repositoryConfiguration = repoConfig;
         File repoDir = new File(repositoryConfiguration.getDirectory());
         this.davRepository = new DAVRepository( repoDir );
-        this.davProcessor = new DAVProcessor(this.davRepository);
+        this.davProcessor = new DAVProcessor( this.davRepository );
         this.davRepository.addListener(this);
     }
     
diff --git a/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryRequest.java b/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryRequest.java
new file mode 100644
index 000000000..b3677a29a
--- /dev/null
+++ b/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryRequest.java
@@ -0,0 +1,76 @@
+package org.apache.maven.archiva.web.servlet.repository;
+
+/*
+ * Copyright 2001-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import it.could.webdav.DAVTransaction;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
+
+/**
+ * RepositoryRequest 
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public class RepositoryRequest
+    extends HttpServletRequestWrapper
+{
+    private String repoId;
+
+    public RepositoryRequest( HttpServletRequest request, String repoid )
+    {
+        super( request );
+        this.repoId = "";
+        
+        if(repoid != null) {
+            this.repoId = repoid;
+        }
+    }
+
+    /**
+     * Adjust the path info value to remove reference to repoId.
+     * This is done to satisfy the needs of {@link DAVTransaction}
+     */
+    public String getPathInfo()
+    {
+        String pathInfo = super.getPathInfo();
+
+        if ( pathInfo == null )
+        {
+            return "";
+        }
+
+        if ( ( pathInfo.length() > 1 ) && ( pathInfo.charAt( 0 ) == '/' ) )
+        {
+            pathInfo = pathInfo.substring( 1 );
+        }
+
+        if ( pathInfo.startsWith( repoId ) )
+        {
+            pathInfo = pathInfo.substring( repoId.length() );
+        }
+
+        return pathInfo;
+    }
+
+    public String getServletPath()
+    {
+        return super.getServletPath() + "/" + this.repoId;
+    }
+    
+}