git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@1133448 13f79535-47bb-0310-9956-ffa450edef68tags/archiva-1.4-M1
@@ -159,8 +159,6 @@ public class HttpProxyTransferTest | |||
config.getConfiguration().addRemoteRepository( repoConfig ); | |||
CacheManager.getInstance().clearAll(); | |||
} | |||
@After |
@@ -84,5 +84,10 @@ | |||
<artifactId>derby</artifactId> | |||
<scope>test</scope> | |||
</dependency> | |||
<dependency> | |||
<groupId>com.google.guava</groupId> | |||
<artifactId>guava</artifactId> | |||
<scope>test</scope> | |||
</dependency> | |||
</dependencies> | |||
</project> |
@@ -40,7 +40,7 @@ import org.springframework.stereotype.Service; | |||
/** | |||
* @version | |||
* @plexus.component role="org.apache.maven.archiva.security.ServletAuthenticator" role-hint="default" | |||
* plexus.component role="org.apache.maven.archiva.security.ServletAuthenticator" role-hint="default" | |||
*/ | |||
@Service("servletAuthenticator") | |||
public class ArchivaServletAuthenticator | |||
@@ -49,7 +49,7 @@ public class ArchivaServletAuthenticator | |||
private Logger log = LoggerFactory.getLogger( ArchivaServletAuthenticator.class ); | |||
/** | |||
* @plexus.requirement | |||
* plexus.requirement | |||
*/ | |||
@Inject | |||
private SecuritySystem securitySystem; | |||
@@ -119,5 +119,13 @@ public class ArchivaServletAuthenticator | |||
} | |||
public SecuritySystem getSecuritySystem() | |||
{ | |||
return securitySystem; | |||
} | |||
public void setSecuritySystem( SecuritySystem securitySystem ) | |||
{ | |||
this.securitySystem = securitySystem; | |||
} | |||
} |
@@ -43,26 +43,26 @@ import javax.inject.Inject; | |||
* DefaultUserRepositories | |||
* | |||
* @version $Id$ | |||
* @plexus.component role="org.apache.maven.archiva.security.UserRepositories" role-hint="default" | |||
* plexus.component role="org.apache.maven.archiva.security.UserRepositories" role-hint="default" | |||
*/ | |||
@Service("userRepositories") | |||
public class DefaultUserRepositories | |||
implements UserRepositories | |||
{ | |||
/** | |||
* @plexus.requirement | |||
* plexus.requirement | |||
*/ | |||
@Inject | |||
private SecuritySystem securitySystem; | |||
/** | |||
* @plexus.requirement role-hint="default" | |||
* plexus.requirement role-hint="default" | |||
*/ | |||
@Inject | |||
private RoleManager roleManager; | |||
/** | |||
* @plexus.requirement | |||
* plexus.requirement | |||
*/ | |||
@Inject | |||
private ArchivaConfiguration archivaConfiguration; |
@@ -19,17 +19,23 @@ package org.apache.maven.archiva.security; | |||
* under the License. | |||
*/ | |||
import com.google.common.collect.Lists; | |||
import junit.framework.TestCase; | |||
import net.sf.ehcache.CacheManager; | |||
import org.apache.commons.io.FileUtils; | |||
import org.apache.maven.archiva.configuration.ArchivaConfiguration; | |||
import org.apache.maven.archiva.configuration.ManagedRepositoryConfiguration; | |||
import org.codehaus.plexus.redback.rbac.RBACManager; | |||
import org.codehaus.plexus.redback.rbac.RbacObjectNotFoundException; | |||
import org.codehaus.plexus.redback.rbac.UserAssignment; | |||
import org.codehaus.plexus.redback.role.RoleManager; | |||
import org.codehaus.plexus.redback.system.SecuritySystem; | |||
import org.codehaus.plexus.redback.users.User; | |||
import org.codehaus.plexus.redback.users.UserManager; | |||
import org.junit.Before; | |||
import org.junit.runner.RunWith; | |||
import org.slf4j.Logger; | |||
import org.slf4j.LoggerFactory; | |||
import org.springframework.test.context.ContextConfiguration; | |||
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; | |||
@@ -47,6 +53,9 @@ import java.io.File; | |||
public abstract class AbstractSecurityTest | |||
extends TestCase | |||
{ | |||
protected Logger log = LoggerFactory.getLogger( getClass() ); | |||
protected static final String USER_GUEST = "guest"; | |||
protected static final String USER_ADMIN = "admin"; | |||
@@ -59,7 +68,7 @@ public abstract class AbstractSecurityTest | |||
@Inject | |||
@Named( value = "rBACManager#memory" ) | |||
private RBACManager rbacManager; | |||
protected RBACManager rbacManager; | |||
@Inject | |||
protected RoleManager roleManager; | |||
@@ -132,4 +141,22 @@ public abstract class AbstractSecurityTest | |||
User guestUser = createUser( USER_GUEST, "Guest User" ); | |||
roleManager.assignRole( ArchivaRoleConstants.TEMPLATE_GUEST, guestUser.getPrincipal().toString() ); | |||
} | |||
protected void restoreGuestInitialValues( String userId ) | |||
throws Exception | |||
{ | |||
UserAssignment userAssignment = null; | |||
try | |||
{ | |||
userAssignment = rbacManager.getUserAssignment( userId ); | |||
} | |||
catch ( RbacObjectNotFoundException e ) | |||
{ | |||
log.info( "ignore RbacObjectNotFoundException for id {} during restoreGuestInitialValues", userId ); | |||
return; | |||
} | |||
userAssignment.setRoleNames( Lists.newArrayList( "Guest" ) ); | |||
rbacManager.saveUserAssignment( userAssignment ); | |||
CacheManager.getInstance().clearAll(); | |||
} | |||
} |
@@ -19,30 +19,33 @@ package org.apache.maven.archiva.security; | |||
* under the License. | |||
*/ | |||
import javax.inject.Inject; | |||
import javax.servlet.http.HttpServletRequest; | |||
import com.google.common.collect.Lists; | |||
import net.sf.ehcache.CacheManager; | |||
import org.codehaus.plexus.redback.authentication.AuthenticationException; | |||
import org.codehaus.plexus.redback.authentication.AuthenticationResult; | |||
import org.codehaus.plexus.redback.authorization.UnauthorizedException; | |||
import org.codehaus.plexus.redback.rbac.UserAssignment; | |||
import org.codehaus.plexus.redback.system.DefaultSecuritySession; | |||
import org.codehaus.plexus.redback.system.SecuritySession; | |||
import org.codehaus.plexus.redback.users.User; | |||
import org.codehaus.plexus.redback.users.UserManager; | |||
import org.easymock.MockControl; | |||
import org.junit.Before; | |||
import org.junit.Test; | |||
import javax.inject.Inject; | |||
import javax.inject.Named; | |||
import javax.servlet.http.HttpServletRequest; | |||
import java.util.Arrays; | |||
/** | |||
* ArchivaServletAuthenticatorTest | |||
* | |||
* @version | |||
*/ | |||
public class ArchivaServletAuthenticatorTest | |||
extends AbstractSecurityTest | |||
{ | |||
@Inject | |||
@Named( value = "servletAuthenticator#test" ) | |||
private ServletAuthenticator servletAuth; | |||
private MockControl httpServletRequestControl; | |||
@@ -116,6 +119,8 @@ public class ArchivaServletAuthenticatorTest | |||
servletAuth.isAuthorized( request, session, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD ); | |||
assertTrue( isAuthorized ); | |||
restoreGuestInitialValues( USER_ALPACA ); | |||
} | |||
@Test | |||
@@ -148,6 +153,8 @@ public class ArchivaServletAuthenticatorTest | |||
} | |||
httpServletRequestControl.verify(); | |||
restoreGuestInitialValues( USER_ALPACA ); | |||
} | |||
@Test | |||
@@ -168,6 +175,8 @@ public class ArchivaServletAuthenticatorTest | |||
servletAuth.isAuthorized( request, session, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS ); | |||
assertTrue( isAuthorized ); | |||
restoreGuestInitialValues( USER_ALPACA ); | |||
} | |||
@Test | |||
@@ -191,6 +200,8 @@ public class ArchivaServletAuthenticatorTest | |||
{ | |||
assertEquals( "Access denied for repository corporate", e.getMessage() ); | |||
} | |||
restoreGuestInitialValues( USER_ALPACA ); | |||
} | |||
@Test | |||
@@ -202,6 +213,10 @@ public class ArchivaServletAuthenticatorTest | |||
servletAuth.isAuthorized( USER_GUEST, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD ); | |||
assertTrue( isAuthorized ); | |||
// cleanup previously add karma | |||
restoreGuestInitialValues(USER_GUEST); | |||
} | |||
@Test | |||
@@ -213,6 +228,10 @@ public class ArchivaServletAuthenticatorTest | |||
boolean isAuthorized = | |||
servletAuth.isAuthorized( USER_GUEST, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD ); | |||
assertFalse( isAuthorized ); | |||
// cleanup previously add karma | |||
restoreGuestInitialValues(USER_GUEST); | |||
} | |||
@Test | |||
@@ -225,6 +244,9 @@ public class ArchivaServletAuthenticatorTest | |||
servletAuth.isAuthorized( USER_GUEST, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS ); | |||
assertTrue( isAuthorized ); | |||
// cleanup previously add karma | |||
restoreGuestInitialValues(USER_GUEST); | |||
} | |||
@Test | |||
@@ -236,4 +258,5 @@ public class ArchivaServletAuthenticatorTest | |||
assertFalse( isAuthorized ); | |||
} | |||
} |
@@ -22,6 +22,7 @@ package org.apache.maven.archiva.security; | |||
import java.util.List; | |||
import org.apache.commons.lang.StringUtils; | |||
import org.junit.Before; | |||
import org.junit.Test; | |||
/** | |||
@@ -31,10 +32,16 @@ import org.junit.Test; | |||
*/ | |||
public class DefaultUserRepositoriesTest | |||
extends AbstractSecurityTest | |||
{ | |||
protected String getPlexusConfigLocation() | |||
{ | |||
@Before | |||
public void setUp() throws Exception | |||
{ | |||
return "org/apache/maven/archiva/security/DefaultUserRepositoriesTest.xml"; | |||
super.setUp(); | |||
restoreGuestInitialValues( USER_ALPACA ); | |||
restoreGuestInitialValues( USER_GUEST ); | |||
restoreGuestInitialValues( USER_ADMIN ); | |||
} | |||
@Test |
@@ -52,42 +52,33 @@ | |||
<bean name="roleManager" class="org.codehaus.plexus.redback.role.DefaultRoleManager"> | |||
<property name="rbacManager" ref="rBACManager#memory"/> | |||
<property name="modelProcessor" ref="roleModelProcessor"/> | |||
<property name="templateProcessor" ref="roleTemplateProcessor#test"/> | |||
</bean> | |||
<bean name="rBACManager#cached" class="org.codehaus.plexus.redback.rbac.cached.CachedRbacManager"> | |||
<property name="rbacImpl" ref="rBACManager#memory"/> | |||
</bean> | |||
<!-- | |||
<bean name="roleModelProcessor" class="org.codehaus.plexus.redback.role.processor.DefaultRoleModelProcessor"> | |||
<property name="rbacManager" ref="rBACManager#memory"/> | |||
</bean> | |||
<alias name="roleModelProcessor" alias="roleModelProcessor#test"/> | |||
<component> | |||
<role>org.codehaus.plexus.redback.role.processor.RoleModelProcessor</role> | |||
<role-hint>default</role-hint> | |||
<implementation>org.codehaus.plexus.redback.role.processor.DefaultRoleModelProcessor</implementation> | |||
<description>DefaultRoleModelProcessor: inserts the components of the model that can be populated into the rbac manager</description> | |||
<requirements> | |||
<requirement> | |||
<role>org.codehaus.plexus.redback.rbac.RBACManager</role> | |||
<role-hint>memory</role-hint> | |||
<field-name>rbacManager</field-name> | |||
</requirement> | |||
</requirements> | |||
</component> | |||
<bean name="roleTemplateProcessor" class="org.codehaus.plexus.redback.role.template.DefaultRoleTemplateProcessor"> | |||
<property name="rbacManager" ref="rBACManager#memory"/> | |||
</bean> | |||
<component> | |||
<role>org.codehaus.plexus.redback.role.template.RoleTemplateProcessor</role> | |||
<role-hint>default</role-hint> | |||
<implementation>org.codehaus.plexus.redback.role.template.DefaultRoleTemplateProcessor</implementation> | |||
<description>DefaultRoleTemplateProcessor: inserts the components of a template into the rbac manager</description> | |||
<requirements> | |||
<requirement> | |||
<role>org.codehaus.plexus.redback.rbac.RBACManager</role> | |||
<role-hint>memory</role-hint> | |||
<field-name>rbacManager</field-name> | |||
</requirement> | |||
</requirements> | |||
</component> | |||
<alias name="roleTemplateProcessor" alias="roleTemplateProcessor#test"/> | |||
<bean name="servletAuthenticator" class="org.apache.maven.archiva.security.ArchivaServletAuthenticator"> | |||
<property name="securitySystem" ref="securitySystem#testable"/> | |||
</bean> | |||
<alias name="servletAuthenticator" alias="servletAuthenticator#test"/> | |||
<!-- | |||
<component> | |||
<role>org.apache.maven.archiva.configuration.ArchivaConfiguration</role> | |||
@@ -113,22 +104,6 @@ | |||
</component> | |||
ignored ?? | |||
<component> | |||
<role>org.apache.maven.archiva.security.ServletAuthenticator</role> | |||
<role-hint>default</role-hint> | |||
<implementation>org.apache.maven.archiva.security.ArchivaServletAuthenticator</implementation> | |||
<description>ArchivaServletAuthenticator</description> | |||
<requirements> | |||
<requirement> | |||
<role>org.codehaus.plexus.redback.system.SecuritySystem</role> | |||
<role-hint>testable</role-hint> | |||
<field-name>securitySystem</field-name> | |||
</requirement> | |||
</requirements> | |||
</component> | |||
partially configured | |||
<component> |
@@ -398,6 +398,11 @@ | |||
</dependency> | |||
<dependency> | |||
<groupId>com.google.guava</groupId> | |||
<artifactId>guava</artifactId> | |||
<version>r09</version> | |||
</dependency> | |||
<dependency> | |||
<groupId>stax</groupId> | |||
<artifactId>stax</artifactId> |