o added action class & jsp file for audit log report o implement security restriction git-svn-id: https://svn.apache.org/repos/asf/archiva/branches/MRM-1296@888768 13f79535-47bb-0310-9956-ffa450edef68MRM-1296
@@ -65,6 +65,8 @@ public class ArchivaRoleConstants | |||
public static final String OPERATION_REPOSITORY_UPLOAD = "archiva-upload-repository"; | |||
public static final String OPERATION_REPOSITORY_DELETE = "archiva-delete-artifact"; | |||
public static final String OPERATION_VIEW_AUDIT_LOG = "archiva-view-audit-logs"; | |||
// Role templates | |||
public static final String TEMPLATE_REPOSITORY_MANAGER = "archiva-repository-manager"; |
@@ -65,6 +65,11 @@ | |||
<name>archiva-access-repository</name> | |||
<description>Access Archiva Repository</description> | |||
</operation> | |||
<operation> | |||
<id>archiva-view-audit-logs</id> | |||
<name>archiva-view-audit-logs</name> | |||
<description>View Archiva Audit Logs</description> | |||
</operation> | |||
<operation> | |||
<id>archiva-guest</id> | |||
<name>archiva-guest</name> | |||
@@ -219,6 +224,12 @@ | |||
<operation>archiva-upload-repository</operation> | |||
<resource>${resource}</resource> | |||
</permission> | |||
<permission> | |||
<id>archiva-view-audit-logs</id> | |||
<name>Archiva View Audit Logs</name> | |||
<operation>archiva-view-audit-logs</operation> | |||
<resource>${resource}</resource> | |||
</permission> | |||
</permissions> | |||
<childTemplates> | |||
<childTemplate>archiva-repository-observer</childTemplate> |
@@ -0,0 +1,159 @@ | |||
package org.apache.maven.archiva.web.action.reports; | |||
/* | |||
* Licensed to the Apache Software Foundation (ASF) under one | |||
* or more contributor license agreements. See the NOTICE file | |||
* distributed with this work for additional information | |||
* regarding copyright ownership. The ASF licenses this file | |||
* to you under the Apache License, Version 2.0 (the | |||
* "License"); you may not use this file except in compliance | |||
* with the License. You may obtain a copy of the License at | |||
* | |||
* http://www.apache.org/licenses/LICENSE-2.0 | |||
* | |||
* Unless required by applicable law or agreed to in writing, | |||
* software distributed under the License is distributed on an | |||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | |||
* KIND, either express or implied. See the License for the | |||
* specific language governing permissions and limitations | |||
* under the License. | |||
*/ | |||
import java.util.ArrayList; | |||
import java.util.Collections; | |||
import java.util.List; | |||
import javax.servlet.http.HttpServletRequest; | |||
import org.apache.maven.archiva.security.AccessDeniedException; | |||
import org.apache.maven.archiva.security.ArchivaSecurityException; | |||
import org.apache.maven.archiva.security.PrincipalNotFoundException; | |||
import org.apache.maven.archiva.security.UserRepositories; | |||
import org.apache.maven.archiva.web.action.PlexusActionSupport; | |||
import org.apache.struts2.interceptor.ServletRequestAware; | |||
import org.codehaus.redback.integration.interceptor.SecureAction; | |||
import org.codehaus.redback.integration.interceptor.SecureActionBundle; | |||
import org.codehaus.redback.integration.interceptor.SecureActionException; | |||
import com.opensymphony.xwork2.Preparable; | |||
/** | |||
* @plexus.component role="com.opensymphony.xwork2.Action" role-hint="viewAuditLogReport" instantiation-strategy="per-lookup" | |||
*/ | |||
public class ViewAuditLogReportAction | |||
extends PlexusActionSupport | |||
implements SecureAction, ServletRequestAware, Preparable | |||
{ | |||
protected HttpServletRequest request; | |||
/** | |||
* @plexus.requirement | |||
*/ | |||
private UserRepositories userRepositories; | |||
private String repository; | |||
private List<String> repositories; | |||
private String groupId; | |||
private String artifactId; | |||
private int rowCount = 30; | |||
public int getRowCount() | |||
{ | |||
return rowCount; | |||
} | |||
public void setRowCount( int rowCount ) | |||
{ | |||
this.rowCount = rowCount; | |||
} | |||
public SecureActionBundle getSecureActionBundle() | |||
throws SecureActionException | |||
{ | |||
return null; | |||
} | |||
public void setServletRequest( HttpServletRequest request ) | |||
{ | |||
this.request = request; | |||
} | |||
public void prepare() | |||
throws Exception | |||
{ | |||
repositories = getObservableRepositories(); | |||
} | |||
public String execute() | |||
throws Exception | |||
{ | |||
return SUCCESS; | |||
} | |||
private List<String> getObservableRepositories() | |||
{ | |||
try | |||
{ | |||
return userRepositories.getObservableRepositoryIds( getPrincipal() ); | |||
} | |||
catch ( PrincipalNotFoundException e ) | |||
{ | |||
log.warn( e.getMessage(), e ); | |||
} | |||
catch ( AccessDeniedException e ) | |||
{ | |||
log.warn( e.getMessage(), e ); | |||
} | |||
catch ( ArchivaSecurityException e ) | |||
{ | |||
log.warn( e.getMessage(), e ); | |||
} | |||
return Collections.emptyList(); | |||
} | |||
public String getRepository() | |||
{ | |||
return repository; | |||
} | |||
public void setRepository( String repository ) | |||
{ | |||
this.repository = repository; | |||
} | |||
public List<String> getRepositories() | |||
{ | |||
return repositories; | |||
} | |||
public void setRepositories( List<String> repositories ) | |||
{ | |||
this.repositories = repositories; | |||
} | |||
public String getGroupId() | |||
{ | |||
return groupId; | |||
} | |||
public void setGroupId( String groupId ) | |||
{ | |||
this.groupId = groupId; | |||
} | |||
public String getArtifactId() | |||
{ | |||
return artifactId; | |||
} | |||
public void setArtifactId( String artifactId ) | |||
{ | |||
this.artifactId = artifactId; | |||
} | |||
} |
@@ -523,6 +523,16 @@ | |||
</result> | |||
</action> | |||
<!-- audit logs --> | |||
<action name="queryAuditLogReport" class="viewAuditLogReport" method="input"> | |||
<result name="input">/WEB-INF/jsp/reports/auditLogReport.jsp</result> | |||
</action> | |||
<action name="viewAuditLogReport" class="viewAuditLogReport"> | |||
<result name="input">/WEB-INF/jsp/reports/auditLogReport.jsp</result> | |||
<result>/WEB-INF/jsp/reports/auditLogReport.jsp</result> | |||
</action> | |||
</package> | |||
</struts> | |||
@@ -80,7 +80,7 @@ | |||
</li> | |||
</ul> | |||
<redback:ifAnyAuthorized permissions="archiva-upload-repository,archiva-delete-artifact,archiva-manage-users,archiva-access-reports,archiva-manage-configuration"> | |||
<redback:ifAnyAuthorized permissions="archiva-upload-repository,archiva-delete-artifact,archiva-manage-users,archiva-access-reports,archiva-manage-configuration,archiva-view-audit-logs"> | |||
<h5>Manage</h5> | |||
<ul> | |||
<redback:ifAuthorized permission="archiva-access-reports"> | |||
@@ -88,6 +88,11 @@ | |||
<my:currentWWUrl action="pickReport" namespace="/report">Reports</my:currentWWUrl> | |||
</li> | |||
</redback:ifAuthorized> | |||
<redback:ifAuthorized permission="archiva-view-audit-logs"> | |||
<li class="none"> | |||
<my:currentWWUrl action="queryAuditLogReport" namespace="/report">Audit Log Reports</my:currentWWUrl> | |||
</li> | |||
</redback:ifAuthorized> | |||
<redback:ifAuthorized permission="archiva-manage-users"> | |||
<li class="none"> | |||
<my:currentWWUrl action="userlist" namespace="/security">User Management</my:currentWWUrl> | |||
@@ -112,7 +117,7 @@ | |||
<li class="none"> | |||
<my:currentWWUrl action="deleteArtifact" namespace="/">Delete Artifact</my:currentWWUrl> | |||
</li> | |||
</redback:ifAuthorized> | |||
</redback:ifAuthorized> | |||
<%-- TODO: future options here. | |||
* Repository Statistics. | |||
* Web Services Statistics. |
@@ -0,0 +1,88 @@ | |||
<%-- | |||
~ Licensed to the Apache Software Foundation (ASF) under one | |||
~ or more contributor license agreements. See the NOTICE file | |||
~ distributed with this work for additional information | |||
~ regarding copyright ownership. The ASF licenses this file | |||
~ to you under the Apache License, Version 2.0 (the | |||
~ "License"); you may not use this file except in compliance | |||
~ with the License. You may obtain a copy of the License at | |||
~ | |||
~ http://www.apache.org/licenses/LICENSE-2.0 | |||
~ | |||
~ Unless required by applicable law or agreed to in writing, | |||
~ software distributed under the License is distributed on an | |||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | |||
~ KIND, either express or implied. See the License for the | |||
~ specific language governing permissions and limitations | |||
~ under the License. | |||
--%> | |||
<%@ taglib prefix="s" uri="/struts-tags" %> | |||
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %> | |||
<html> | |||
<head> | |||
<title>Audit Log Report</title> | |||
<s:head theme="ajax" /> | |||
<link rel="stylesheet" href="<c:url value='/css/ui.datepicker.css'/>" type="text/css" media="all"/> | |||
<script type="text/javascript" src="<c:url value='/js/jquery/jquery-1.2.6.pack.js'/>"></script> | |||
<script type="text/javascript" src="<c:url value='/js/jquery/ui.datepicker.packed.js'/>"></script> | |||
<script type="text/javascript" charset="utf-8"> | |||
$(document).ready(function() | |||
{ | |||
$('#startDate').datepicker() | |||
$('#endDate').datepicker() | |||
}); | |||
</script> | |||
</head> | |||
<body> | |||
<h1>Audit Log Report</h1> | |||
<div id="contentArea"> | |||
<s:form action="viewAuditLogReport" namespace="/report" validate="false"> | |||
<div id="auditLogReport"> | |||
<s:select label="Repository" name="repository" list="repositories"/> | |||
<s:textfield label="Group ID" id="groupId" name="groupId"/> | |||
<s:textfield label="Artifact ID" id="artifactId" name="artifactId"/> | |||
<s:textfield label="Start Date" id="startDate" name="startDate"/> | |||
<%-- | |||
<script type="text/javascript"> | |||
Calendar.setup({ | |||
inputField : "startDate", | |||
ifFormat : "%Y-%m-%d", | |||
align : "Tl", | |||
singleClick : true | |||
}); | |||
</script> | |||
--%> | |||
<s:textfield label="End Date" id="endDate" name="endDate"/> | |||
<%-- | |||
<script type="text/javascript"> | |||
Calendar.setup({ | |||
inputField : "endDate", | |||
ifFormat : "%Y-%m-%d", | |||
align : "Tl", | |||
singleClick : true | |||
}); | |||
</script> | |||
--%> | |||
<s:textfield label="Row Count" name="rowCount" /> | |||
<s:submit value="View Audit Log"/> | |||
</div> | |||
</s:form> | |||
</div> | |||
</body> | |||
</html> |