From bdabf612a2621150779efee7d69b7e800d19cdfb Mon Sep 17 00:00:00 2001 From: Olivier Lamy Date: Tue, 26 Mar 2013 00:07:15 +0000 Subject: [MRM-1736] map roles to ldap groups git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@1460935 13f79535-47bb-0310-9956-ffa450edef68 --- .../src/main/mdo/configuration.mdo | 32 ++++++++ .../model/beans/RedbackRuntimeConfiguration.java | 15 ++++ .../DefaultRedbackRuntimeConfigurationAdmin.java | 85 ++++++++++++++++++++-- .../src/main/resources/META-INF/spring-context.xml | 2 +- .../src/main/webapp/WEB-INF/applicationContext.xml | 2 + .../src/main/webapp/js/archiva/general-admin.js | 2 +- 6 files changed, 129 insertions(+), 9 deletions(-) (limited to 'archiva-modules') diff --git a/archiva-modules/archiva-base/archiva-configuration/src/main/mdo/configuration.mdo b/archiva-modules/archiva-base/archiva-configuration/src/main/mdo/configuration.mdo index 6c0516661..55ffc242a 100644 --- a/archiva-modules/archiva-base/archiva-configuration/src/main/mdo/configuration.mdo +++ b/archiva-modules/archiva-base/archiva-configuration/src/main/mdo/configuration.mdo @@ -1512,6 +1512,15 @@ LdapConfiguration + + ldapGroupMappings + LdapGroupMappings + 1.4.0+ + + LdapGroupMapping + * + + configurationProperties extra properties for redback configuration. String/String @@ -1673,6 +1682,29 @@ + + LdapGroupMapping + 1.4.0+ + configuration of a LDAP group to Archiva roles + + + group + LDAP Group + 1.4.0+ + String + + + roleNames + 1.4.0+ + Archiva roles. + + String + * + + + + + diff --git a/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-api/src/main/java/org/apache/archiva/admin/model/beans/RedbackRuntimeConfiguration.java b/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-api/src/main/java/org/apache/archiva/admin/model/beans/RedbackRuntimeConfiguration.java index 99c8b893b..7e9cf66cb 100644 --- a/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-api/src/main/java/org/apache/archiva/admin/model/beans/RedbackRuntimeConfiguration.java +++ b/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-api/src/main/java/org/apache/archiva/admin/model/beans/RedbackRuntimeConfiguration.java @@ -67,6 +67,11 @@ public class RedbackRuntimeConfiguration private CacheConfiguration usersCacheConfiguration; + /** + * Field ldapGroupMappings. + */ + private List ldapGroupMappings; + public RedbackRuntimeConfiguration() { // no op @@ -170,6 +175,16 @@ public class RedbackRuntimeConfiguration this.rbacManagerImpls = rbacManagerImpls; } + public List getLdapGroupMappings() + { + return ldapGroupMappings; + } + + public void setLdapGroupMappings( List ldapGroupMappings ) + { + this.ldapGroupMappings = ldapGroupMappings; + } + @Override public String toString() { diff --git a/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/java/org/apache/archiva/admin/repository/runtime/DefaultRedbackRuntimeConfigurationAdmin.java b/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/java/org/apache/archiva/admin/repository/runtime/DefaultRedbackRuntimeConfigurationAdmin.java index 1a2481398..834b50556 100644 --- a/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/java/org/apache/archiva/admin/repository/runtime/DefaultRedbackRuntimeConfigurationAdmin.java +++ b/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/java/org/apache/archiva/admin/repository/runtime/DefaultRedbackRuntimeConfigurationAdmin.java @@ -22,12 +22,11 @@ import net.sf.beanlib.provider.replicator.BeanReplicator; import org.apache.archiva.admin.model.RepositoryAdminException; import org.apache.archiva.admin.model.beans.CacheConfiguration; import org.apache.archiva.admin.model.beans.LdapConfiguration; +import org.apache.archiva.admin.model.beans.LdapGroupMapping; import org.apache.archiva.admin.model.beans.RedbackRuntimeConfiguration; import org.apache.archiva.admin.model.runtime.RedbackRuntimeConfigurationAdmin; import org.apache.archiva.configuration.ArchivaConfiguration; import org.apache.archiva.configuration.Configuration; -import org.apache.archiva.configuration.ConfigurationEvent; -import org.apache.archiva.configuration.ConfigurationListener; import org.apache.archiva.configuration.IndeterminateConfigurationException; import org.apache.archiva.redback.components.cache.Cache; import org.apache.archiva.redback.components.registry.RegistryException; @@ -42,6 +41,7 @@ import org.springframework.stereotype.Service; import javax.annotation.PostConstruct; import javax.inject.Inject; import javax.inject.Named; +import java.util.ArrayList; import java.util.Collection; import java.util.HashMap; import java.util.HashSet; @@ -53,7 +53,7 @@ import java.util.Set; * @author Olivier Lamy * @since 1.4-M4 */ -@Service("userConfiguration#archiva") +@Service( "redbackRuntimeConfigurationAdmin#default" ) public class DefaultRedbackRuntimeConfigurationAdmin implements RedbackRuntimeConfigurationAdmin, UserConfiguration { @@ -64,11 +64,11 @@ public class DefaultRedbackRuntimeConfigurationAdmin private ArchivaConfiguration archivaConfiguration; @Inject - @Named(value = "userConfiguration#redback") - UserConfiguration userConfiguration; + @Named( value = "userConfiguration#redback" ) + private UserConfiguration userConfiguration; @Inject - @Named(value = "cache#users") + @Named( value = "cache#users" ) private Cache usersCache; @PostConstruct @@ -149,6 +149,31 @@ public class DefaultRedbackRuntimeConfigurationAdmin userConfiguration.getBoolean( UserConfigurationKeys.LDAP_BIND_AUTHENTICATOR_ENABLED, false ); ldapConfiguration.setBindAuthenticatorEnabled( ldapBindAuthenticatorEnabled ); + // LDAP groups mapping reading !! + // UserConfigurationKeys.LDAP_GROUPS_ROLE_START_KEY + // userConfiguration.getKeys() + + Collection keys = userConfiguration.getKeys(); + + List ldapGroupMappings = new ArrayList(); + + for ( String key : keys ) + { + if ( key.startsWith( UserConfigurationKeys.LDAP_GROUPS_ROLE_START_KEY ) ) + { + String group = + StringUtils.substringAfter( key, UserConfigurationKeys.LDAP_GROUPS_ROLE_START_KEY ); + String val = userConfiguration.getConcatenatedList( key, "" ); + if ( !StringUtils.isEmpty( val ) ) + { + String[] roles = StringUtils.split( val, ',' ); + ldapGroupMappings.add( new LdapGroupMapping( group, roles ) ); + } + } + } + + redbackRuntimeConfiguration.setLdapGroupMappings( ldapGroupMappings ); + redbackRuntimeConfiguration.setMigratedFromRedbackConfiguration( true ); updateRedbackRuntimeConfiguration( redbackRuntimeConfiguration ); @@ -300,6 +325,20 @@ public class DefaultRedbackRuntimeConfigurationAdmin redbackRuntimeConfiguration.setUsersCacheConfiguration( new CacheConfiguration() ); } + List mappings = runtimeConfiguration.getLdapGroupMappings(); + + if ( mappings != null && mappings.size() > 0 ) + { + List ldapGroupMappings = new ArrayList( mappings.size() ); + + for ( org.apache.archiva.configuration.LdapGroupMapping mapping : mappings ) + { + ldapGroupMappings.add( new LdapGroupMapping( mapping.getGroup(), mapping.getRoleNames() ) ); + } + + redbackRuntimeConfiguration.setLdapGroupMappings( ldapGroupMappings ); + } + cleanupProperties( redbackRuntimeConfiguration ); return redbackRuntimeConfiguration; @@ -359,10 +398,30 @@ public class DefaultRedbackRuntimeConfigurationAdmin new BeanReplicator().replicateBean( archivaRuntimeConfiguration.getUsersCacheConfiguration(), org.apache.archiva.configuration.CacheConfiguration.class ) ); + List ldapGroupMappings = archivaRuntimeConfiguration.getLdapGroupMappings(); + + if ( ldapGroupMappings != null && ldapGroupMappings.size() > 0 ) + { + + List mappings = + new ArrayList( ldapGroupMappings.size() ); + + for ( LdapGroupMapping ldapGroupMapping : ldapGroupMappings ) + { + + org.apache.archiva.configuration.LdapGroupMapping mapping = + new org.apache.archiva.configuration.LdapGroupMapping(); + mapping.setGroup( ldapGroupMapping.getGroup() ); + mapping.setRoleNames( new ArrayList( ldapGroupMapping.getRoleNames() ) ); + mappings.add( mapping ); + + } + redbackRuntimeConfiguration.setLdapGroupMappings( mappings ); + } return redbackRuntimeConfiguration; } - // wrapper for UserConfiguration to intercept values (and store it not yet migrated + // wrapper for UserConfiguration to intercept values (and store it not yet migrated) public String getString( String key ) @@ -373,6 +432,18 @@ public class DefaultRedbackRuntimeConfigurationAdmin return getRedbackRuntimeConfiguration().getUserManagerImpls().get( 0 ); } + if ( StringUtils.startsWith( key, UserConfigurationKeys.LDAP_GROUPS_ROLE_START_KEY ) ) + { + RedbackRuntimeConfiguration redbackRuntimeConfiguration = getRedbackRuntimeConfiguration(); + int index = redbackRuntimeConfiguration.getLdapGroupMappings().indexOf( new LdapGroupMapping( + StringUtils.substringAfter( key, UserConfigurationKeys.LDAP_GROUPS_ROLE_START_KEY ) ) ); + if ( index > -1 ) + { + return StringUtils.join( redbackRuntimeConfiguration.getLdapGroupMappings().get( index ).getRoleNames(), + ',' ); + } + } + RedbackRuntimeConfiguration conf = getRedbackRuntimeConfiguration(); if ( conf.getConfigurationProperties().containsKey( key ) ) diff --git a/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/resources/META-INF/spring-context.xml b/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/resources/META-INF/spring-context.xml index 3a9866691..aa4743ccc 100644 --- a/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/resources/META-INF/spring-context.xml +++ b/archiva-modules/archiva-base/archiva-repository-admin/archiva-repository-admin-default/src/main/resources/META-INF/spring-context.xml @@ -31,6 +31,6 @@ - + \ No newline at end of file diff --git a/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/applicationContext.xml b/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/applicationContext.xml index b0659daf8..96f182f0a 100644 --- a/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/applicationContext.xml +++ b/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/applicationContext.xml @@ -45,6 +45,8 @@ + +