diff options
Diffstat (limited to 'archiva-modules/archiva-web')
7 files changed, 104 insertions, 59 deletions
diff --git a/archiva-modules/archiva-web/archiva-security/pom.xml b/archiva-modules/archiva-web/archiva-security/pom.xml index b8092f9de..510fda073 100644 --- a/archiva-modules/archiva-web/archiva-security/pom.xml +++ b/archiva-modules/archiva-web/archiva-security/pom.xml @@ -84,5 +84,10 @@ <artifactId>derby</artifactId> <scope>test</scope> </dependency> + <dependency> + <groupId>com.google.guava</groupId> + <artifactId>guava</artifactId> + <scope>test</scope> + </dependency> </dependencies> </project> diff --git a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaServletAuthenticator.java b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaServletAuthenticator.java index 6180f75d9..a73c9e4a6 100644 --- a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaServletAuthenticator.java +++ b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaServletAuthenticator.java @@ -40,7 +40,7 @@ import org.springframework.stereotype.Service; /** * @version - * @plexus.component role="org.apache.maven.archiva.security.ServletAuthenticator" role-hint="default" + * plexus.component role="org.apache.maven.archiva.security.ServletAuthenticator" role-hint="default" */ @Service("servletAuthenticator") public class ArchivaServletAuthenticator @@ -49,7 +49,7 @@ public class ArchivaServletAuthenticator private Logger log = LoggerFactory.getLogger( ArchivaServletAuthenticator.class ); /** - * @plexus.requirement + * plexus.requirement */ @Inject private SecuritySystem securitySystem; @@ -119,5 +119,13 @@ public class ArchivaServletAuthenticator } + public SecuritySystem getSecuritySystem() + { + return securitySystem; + } + public void setSecuritySystem( SecuritySystem securitySystem ) + { + this.securitySystem = securitySystem; + } } diff --git a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java index 36e3d7992..88a28e2ac 100644 --- a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java +++ b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java @@ -43,26 +43,26 @@ import javax.inject.Inject; * DefaultUserRepositories * * @version $Id$ - * @plexus.component role="org.apache.maven.archiva.security.UserRepositories" role-hint="default" + * plexus.component role="org.apache.maven.archiva.security.UserRepositories" role-hint="default" */ @Service("userRepositories") public class DefaultUserRepositories implements UserRepositories { /** - * @plexus.requirement + * plexus.requirement */ @Inject private SecuritySystem securitySystem; /** - * @plexus.requirement role-hint="default" + * plexus.requirement role-hint="default" */ @Inject private RoleManager roleManager; /** - * @plexus.requirement + * plexus.requirement */ @Inject private ArchivaConfiguration archivaConfiguration; diff --git a/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/AbstractSecurityTest.java b/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/AbstractSecurityTest.java index 15eba1e26..84d6b8c51 100644 --- a/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/AbstractSecurityTest.java +++ b/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/AbstractSecurityTest.java @@ -19,17 +19,23 @@ package org.apache.maven.archiva.security; * under the License. */ +import com.google.common.collect.Lists; import junit.framework.TestCase; +import net.sf.ehcache.CacheManager; import org.apache.commons.io.FileUtils; import org.apache.maven.archiva.configuration.ArchivaConfiguration; import org.apache.maven.archiva.configuration.ManagedRepositoryConfiguration; import org.codehaus.plexus.redback.rbac.RBACManager; +import org.codehaus.plexus.redback.rbac.RbacObjectNotFoundException; +import org.codehaus.plexus.redback.rbac.UserAssignment; import org.codehaus.plexus.redback.role.RoleManager; import org.codehaus.plexus.redback.system.SecuritySystem; import org.codehaus.plexus.redback.users.User; import org.codehaus.plexus.redback.users.UserManager; import org.junit.Before; import org.junit.runner.RunWith; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; @@ -47,6 +53,9 @@ import java.io.File; public abstract class AbstractSecurityTest extends TestCase { + + protected Logger log = LoggerFactory.getLogger( getClass() ); + protected static final String USER_GUEST = "guest"; protected static final String USER_ADMIN = "admin"; @@ -59,7 +68,7 @@ public abstract class AbstractSecurityTest @Inject @Named( value = "rBACManager#memory" ) - private RBACManager rbacManager; + protected RBACManager rbacManager; @Inject protected RoleManager roleManager; @@ -132,4 +141,22 @@ public abstract class AbstractSecurityTest User guestUser = createUser( USER_GUEST, "Guest User" ); roleManager.assignRole( ArchivaRoleConstants.TEMPLATE_GUEST, guestUser.getPrincipal().toString() ); } + + protected void restoreGuestInitialValues( String userId ) + throws Exception + { + UserAssignment userAssignment = null; + try + { + userAssignment = rbacManager.getUserAssignment( userId ); + } + catch ( RbacObjectNotFoundException e ) + { + log.info( "ignore RbacObjectNotFoundException for id {} during restoreGuestInitialValues", userId ); + return; + } + userAssignment.setRoleNames( Lists.newArrayList( "Guest" ) ); + rbacManager.saveUserAssignment( userAssignment ); + CacheManager.getInstance().clearAll(); + } } diff --git a/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/ArchivaServletAuthenticatorTest.java b/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/ArchivaServletAuthenticatorTest.java index 7a0ec20d1..a24bb8228 100644 --- a/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/ArchivaServletAuthenticatorTest.java +++ b/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/ArchivaServletAuthenticatorTest.java @@ -19,30 +19,33 @@ package org.apache.maven.archiva.security; * under the License. */ -import javax.inject.Inject; -import javax.servlet.http.HttpServletRequest; - +import com.google.common.collect.Lists; +import net.sf.ehcache.CacheManager; import org.codehaus.plexus.redback.authentication.AuthenticationException; import org.codehaus.plexus.redback.authentication.AuthenticationResult; import org.codehaus.plexus.redback.authorization.UnauthorizedException; +import org.codehaus.plexus.redback.rbac.UserAssignment; import org.codehaus.plexus.redback.system.DefaultSecuritySession; import org.codehaus.plexus.redback.system.SecuritySession; import org.codehaus.plexus.redback.users.User; import org.codehaus.plexus.redback.users.UserManager; - import org.easymock.MockControl; import org.junit.Before; import org.junit.Test; +import javax.inject.Inject; +import javax.inject.Named; +import javax.servlet.http.HttpServletRequest; +import java.util.Arrays; + /** * ArchivaServletAuthenticatorTest - * - * @version */ public class ArchivaServletAuthenticatorTest extends AbstractSecurityTest { @Inject + @Named( value = "servletAuthenticator#test" ) private ServletAuthenticator servletAuth; private MockControl httpServletRequestControl; @@ -116,6 +119,8 @@ public class ArchivaServletAuthenticatorTest servletAuth.isAuthorized( request, session, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD ); assertTrue( isAuthorized ); + + restoreGuestInitialValues( USER_ALPACA ); } @Test @@ -148,6 +153,8 @@ public class ArchivaServletAuthenticatorTest } httpServletRequestControl.verify(); + + restoreGuestInitialValues( USER_ALPACA ); } @Test @@ -168,6 +175,8 @@ public class ArchivaServletAuthenticatorTest servletAuth.isAuthorized( request, session, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS ); assertTrue( isAuthorized ); + + restoreGuestInitialValues( USER_ALPACA ); } @Test @@ -191,6 +200,8 @@ public class ArchivaServletAuthenticatorTest { assertEquals( "Access denied for repository corporate", e.getMessage() ); } + + restoreGuestInitialValues( USER_ALPACA ); } @Test @@ -202,6 +213,10 @@ public class ArchivaServletAuthenticatorTest servletAuth.isAuthorized( USER_GUEST, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD ); assertTrue( isAuthorized ); + + // cleanup previously add karma + restoreGuestInitialValues(USER_GUEST); + } @Test @@ -213,6 +228,10 @@ public class ArchivaServletAuthenticatorTest boolean isAuthorized = servletAuth.isAuthorized( USER_GUEST, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD ); assertFalse( isAuthorized ); + + // cleanup previously add karma + restoreGuestInitialValues(USER_GUEST); + } @Test @@ -225,6 +244,9 @@ public class ArchivaServletAuthenticatorTest servletAuth.isAuthorized( USER_GUEST, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS ); assertTrue( isAuthorized ); + + // cleanup previously add karma + restoreGuestInitialValues(USER_GUEST); } @Test @@ -236,4 +258,5 @@ public class ArchivaServletAuthenticatorTest assertFalse( isAuthorized ); } + } diff --git a/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/DefaultUserRepositoriesTest.java b/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/DefaultUserRepositoriesTest.java index d314e1c37..bc11b9436 100644 --- a/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/DefaultUserRepositoriesTest.java +++ b/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/DefaultUserRepositoriesTest.java @@ -22,6 +22,7 @@ package org.apache.maven.archiva.security; import java.util.List; import org.apache.commons.lang.StringUtils; +import org.junit.Before; import org.junit.Test; /** @@ -31,10 +32,16 @@ import org.junit.Test; */ public class DefaultUserRepositoriesTest extends AbstractSecurityTest -{ - protected String getPlexusConfigLocation() +{ + + + @Before + public void setUp() throws Exception { - return "org/apache/maven/archiva/security/DefaultUserRepositoriesTest.xml"; + super.setUp(); + restoreGuestInitialValues( USER_ALPACA ); + restoreGuestInitialValues( USER_GUEST ); + restoreGuestInitialValues( USER_ADMIN ); } @Test diff --git a/archiva-modules/archiva-web/archiva-security/src/test/resources/spring-context.xml b/archiva-modules/archiva-web/archiva-security/src/test/resources/spring-context.xml index 30e0cbd56..44e71526c 100644 --- a/archiva-modules/archiva-web/archiva-security/src/test/resources/spring-context.xml +++ b/archiva-modules/archiva-web/archiva-security/src/test/resources/spring-context.xml @@ -52,42 +52,33 @@ <bean name="roleManager" class="org.codehaus.plexus.redback.role.DefaultRoleManager"> <property name="rbacManager" ref="rBACManager#memory"/> + <property name="modelProcessor" ref="roleModelProcessor"/> + <property name="templateProcessor" ref="roleTemplateProcessor#test"/> </bean> <bean name="rBACManager#cached" class="org.codehaus.plexus.redback.rbac.cached.CachedRbacManager"> <property name="rbacImpl" ref="rBACManager#memory"/> </bean> - <!-- + <bean name="roleModelProcessor" class="org.codehaus.plexus.redback.role.processor.DefaultRoleModelProcessor"> + <property name="rbacManager" ref="rBACManager#memory"/> + </bean> + <alias name="roleModelProcessor" alias="roleModelProcessor#test"/> - <component> - <role>org.codehaus.plexus.redback.role.processor.RoleModelProcessor</role> - <role-hint>default</role-hint> - <implementation>org.codehaus.plexus.redback.role.processor.DefaultRoleModelProcessor</implementation> - <description>DefaultRoleModelProcessor: inserts the components of the model that can be populated into the rbac manager</description> - <requirements> - <requirement> - <role>org.codehaus.plexus.redback.rbac.RBACManager</role> - <role-hint>memory</role-hint> - <field-name>rbacManager</field-name> - </requirement> - </requirements> - </component> + <bean name="roleTemplateProcessor" class="org.codehaus.plexus.redback.role.template.DefaultRoleTemplateProcessor"> + <property name="rbacManager" ref="rBACManager#memory"/> + </bean> - <component> - <role>org.codehaus.plexus.redback.role.template.RoleTemplateProcessor</role> - <role-hint>default</role-hint> - <implementation>org.codehaus.plexus.redback.role.template.DefaultRoleTemplateProcessor</implementation> - <description>DefaultRoleTemplateProcessor: inserts the components of a template into the rbac manager</description> - <requirements> - <requirement> - <role>org.codehaus.plexus.redback.rbac.RBACManager</role> - <role-hint>memory</role-hint> - <field-name>rbacManager</field-name> - </requirement> - </requirements> - </component> + <alias name="roleTemplateProcessor" alias="roleTemplateProcessor#test"/> + + <bean name="servletAuthenticator" class="org.apache.maven.archiva.security.ArchivaServletAuthenticator"> + <property name="securitySystem" ref="securitySystem#testable"/> + </bean> + + <alias name="servletAuthenticator" alias="servletAuthenticator#test"/> + + <!-- <component> <role>org.apache.maven.archiva.configuration.ArchivaConfiguration</role> @@ -113,22 +104,6 @@ </component> - ignored ?? - - <component> - <role>org.apache.maven.archiva.security.ServletAuthenticator</role> - <role-hint>default</role-hint> - <implementation>org.apache.maven.archiva.security.ArchivaServletAuthenticator</implementation> - <description>ArchivaServletAuthenticator</description> - <requirements> - <requirement> - <role>org.codehaus.plexus.redback.system.SecuritySystem</role> - <role-hint>testable</role-hint> - <field-name>securitySystem</field-name> - </requirement> - </requirements> - </component> - partially configured <component> |