mirrors
/
archiva
miroir de https://github.com/apache/archiva.git
Suivre 1
Ajouter aux favoris 0
Bifurcation 0
Code Tickets 0 Versions 70 Wiki Activité
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.
8703 Révisions
73 Branches
Aborescence: 78413e37c4
Branches Tags
${ item.name }
Créer la branche ${ searchTerm }
de '78413e37c4'
${ noResults }
archiva/archiva-modules/archiva-web/archiva-rest/archiva-rest-services/src/main/java/org/apache/archiva/rest/v2/svc/maven/DefaultMavenManagedReposito...

DefaultMavenManagedRepositoryService.java 18KB
Brut Annotations Historique

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388 
  1. package org.apache.archiva.rest.v2.svc.maven;

  2. /*

  3.  * Licensed to the Apache Software Foundation (ASF) under one

  4.  * or more contributor license agreements.  See the NOTICE file

  5.  * distributed with this work for additional information

  6.  * regarding copyright ownership.  The ASF licenses this file

  7.  * to you under the Apache License, Version 2.0 (the

  8.  * "License"); you may not use this file except in compliance

  9.  * with the License.  You may obtain a copy of the License at

  10.  *

  11.  * http://www.apache.org/licenses/LICENSE-2.0

  12.  * Unless required by applicable law or agreed to in writing,

  13.  * software distributed under the License is distributed on an

  14.  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY

  15.  * KIND, either express or implied.  See the License for the

  16.  * specific language governing permissions and limitations

  17.  * under the License.

  18.  */

  19. 

  20. import org.apache.archiva.admin.model.AuditInformation;

  21. import org.apache.archiva.admin.model.RepositoryAdminException;

  22. import org.apache.archiva.admin.model.managed.ManagedRepositoryAdmin;

  23. import org.apache.archiva.components.rest.model.PagedResult;

  24. import org.apache.archiva.components.rest.util.QueryHelper;

  25. import org.apache.archiva.redback.authentication.AuthenticationResult;

  26. import org.apache.archiva.redback.authorization.AuthorizationException;

  27. import org.apache.archiva.redback.rest.services.RedbackAuthenticationThreadLocal;

  28. import org.apache.archiva.redback.rest.services.RedbackRequestInformation;

  29. import org.apache.archiva.redback.system.DefaultSecuritySession;

  30. import org.apache.archiva.redback.system.SecuritySession;

  31. import org.apache.archiva.redback.system.SecuritySystem;

  32. import org.apache.archiva.redback.users.User;

  33. import org.apache.archiva.redback.users.UserManagerException;

  34. import org.apache.archiva.redback.users.UserNotFoundException;

  35. import org.apache.archiva.repository.ManagedRepository;

  36. import org.apache.archiva.repository.ReleaseScheme;

  37. import org.apache.archiva.repository.Repository;

  38. import org.apache.archiva.repository.RepositoryRegistry;

  39. import org.apache.archiva.repository.RepositoryType;

  40. import org.apache.archiva.repository.content.ContentItem;

  41. import org.apache.archiva.repository.content.LayoutException;

  42. import org.apache.archiva.repository.storage.fs.FsStorageUtil;

  43. import org.apache.archiva.rest.api.v2.model.FileInfo;

  44. import org.apache.archiva.rest.api.v2.model.MavenManagedRepository;

  45. import org.apache.archiva.rest.api.v2.model.MavenManagedRepositoryUpdate;

  46. import org.apache.archiva.rest.api.v2.svc.ArchivaRestServiceException;

  47. import org.apache.archiva.rest.api.v2.svc.ErrorKeys;

  48. import org.apache.archiva.rest.api.v2.svc.ErrorMessage;

  49. import org.apache.archiva.rest.api.v2.svc.maven.MavenManagedRepositoryService;

  50. import org.apache.archiva.security.common.ArchivaRoleConstants;

  51. import org.apache.commons.lang3.StringUtils;

  52. import org.slf4j.Logger;

  53. import org.slf4j.LoggerFactory;

  54. import org.springframework.stereotype.Service;

  55. 

  56. import javax.servlet.http.HttpServletResponse;

  57. import javax.ws.rs.core.Context;

  58. import javax.ws.rs.core.Response;

  59. import javax.ws.rs.core.UriInfo;

  60. import java.io.IOException;

  61. import java.util.Collection;

  62. import java.util.Comparator;

  63. import java.util.List;

  64. import java.util.function.Predicate;

  65. import java.util.stream.Collectors;

  66. 

  67. import static org.apache.archiva.security.common.ArchivaRoleConstants.OPERATION_READ_REPOSITORY;

  68. import static org.apache.archiva.security.common.ArchivaRoleConstants.OPERATION_ADD_ARTIFACT;

  69. 

  70. /**

  71.  * @author Martin Stockhammer <martin_s@apache.org>

  72.  */

  73. @Service("v2.managedMavenRepositoryService#rest")

  74. public class DefaultMavenManagedRepositoryService implements MavenManagedRepositoryService

  75. {

  76.     @Context

  77.     HttpServletResponse httpServletResponse;

  78. 

  79.     @Context

  80.     UriInfo uriInfo;

  81. 

  82.     private static final Logger log = LoggerFactory.getLogger( DefaultMavenManagedRepositoryService.class );

  83.     private static final QueryHelper<ManagedRepository> QUERY_HELPER = new QueryHelper<>( new String[]{"id", "name"} );

  84.     static

  85.     {

  86.         QUERY_HELPER.addStringFilter( "id", ManagedRepository::getId );

  87.         QUERY_HELPER.addStringFilter( "name", ManagedRepository::getName );

  88.         QUERY_HELPER.addStringFilter( "location", (r)  -> r.getLocation().toString() );

  89.         QUERY_HELPER.addBooleanFilter( "snapshot", (r) -> r.getActiveReleaseSchemes( ).contains( ReleaseScheme.SNAPSHOT ) );

  90.         QUERY_HELPER.addBooleanFilter( "release", (r) -> r.getActiveReleaseSchemes().contains( ReleaseScheme.RELEASE ));

  91.         QUERY_HELPER.addNullsafeFieldComparator( "id", ManagedRepository::getId );

  92.         QUERY_HELPER.addNullsafeFieldComparator( "name", ManagedRepository::getName );

  93.     }

  94. 

  95.     private final ManagedRepositoryAdmin managedRepositoryAdmin;

  96.     private final RepositoryRegistry repositoryRegistry;

  97.     private final SecuritySystem securitySystem;

  98. 

  99.     public DefaultMavenManagedRepositoryService( SecuritySystem securitySystem,

  100.                                                  RepositoryRegistry repositoryRegistry,

  101.                                                  ManagedRepositoryAdmin managedRepositoryAdmin )

  102.     {

  103.         this.securitySystem = securitySystem;

  104.         this.repositoryRegistry = repositoryRegistry;

  105.         this.managedRepositoryAdmin = managedRepositoryAdmin;

  106.     }

  107. 

  108.     protected AuditInformation getAuditInformation( )

  109.     {

  110.         RedbackRequestInformation redbackRequestInformation = RedbackAuthenticationThreadLocal.get( );

  111.         User user;

  112.         String remoteAddr;

  113.         if (redbackRequestInformation==null) {

  114.             user = null;

  115.             remoteAddr = null;

  116.         } else

  117.         {

  118.             user = redbackRequestInformation.getUser( );

  119.             remoteAddr = redbackRequestInformation.getRemoteAddr( );

  120.         }

  121.         return new AuditInformation( user, remoteAddr );

  122.     }

  123. 

  124.     @Override

  125.     public PagedResult<MavenManagedRepository> getManagedRepositories( final String searchTerm, final Integer offset,

  126.                                                                        final Integer limit, final List<String> orderBy,

  127.                                                                        final String order ) throws ArchivaRestServiceException

  128.     {

  129.         try

  130.         {

  131.             Collection<ManagedRepository> repos = repositoryRegistry.getManagedRepositories( );

  132.             final Predicate<ManagedRepository> queryFilter = QUERY_HELPER.getQueryFilter( searchTerm ).and( r -> r.getType() == RepositoryType.MAVEN );

  133.             final Comparator<ManagedRepository> comparator = QUERY_HELPER.getComparator( orderBy, order );

  134.             int totalCount = Math.toIntExact( repos.stream( ).filter( queryFilter ).count( ) );

  135.             return PagedResult.of( totalCount, offset, limit, repos.stream( ).filter( queryFilter ).sorted( comparator )

  136.                 .map( MavenManagedRepository::of ).skip( offset ).limit( limit ).collect( Collectors.toList( ) ) );

  137.         }

  138.         catch (ArithmeticException e) {

  139.             log.error( "Invalid number of repositories detected." );

  140.             throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.INVALID_RESULT_SET_ERROR ) );

  141.         }

  142.     }

  143. 

  144.     @Override

  145.     public MavenManagedRepository getManagedRepository( String repositoryId ) throws ArchivaRestServiceException

  146.     {

  147.         ManagedRepository repo = repositoryRegistry.getManagedRepository( repositoryId );

  148.         if (repo==null) {

  149.             throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.REPOSITORY_NOT_FOUND, repositoryId ), 404 );

  150.         }

  151.         if (repo.getType()!=RepositoryType.MAVEN) {

  152.             throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.REPOSITORY_WRONG_TYPE, repositoryId, repo.getType().name() ), 404 );

  153.         }

  154.         return MavenManagedRepository.of( repo );

  155.     }

  156. 

  157.     @Override

  158.     public Response deleteManagedRepository( String repositoryId, Boolean deleteContent ) throws ArchivaRestServiceException

  159.     {

  160.         MavenManagedRepository repo = getManagedRepository( repositoryId );

  161.         if (repo != null)

  162.         {

  163.             try

  164.             {

  165.                 managedRepositoryAdmin.deleteManagedRepository( repositoryId, getAuditInformation( ), deleteContent );

  166.                 return Response.ok( ).build( );

  167.             }

  168.             catch ( RepositoryAdminException e )

  169.             {

  170.                 throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.REPOSITORY_DELETE_FAILED, e.getMessage( ) ) );

  171.             }

  172.         } else {

  173.             throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.REPOSITORY_NOT_FOUND, repositoryId ), 404 );

  174.         }

  175.     }

  176. 

  177.     private org.apache.archiva.admin.model.beans.ManagedRepository convert(MavenManagedRepository repository) {

  178.         org.apache.archiva.admin.model.beans.ManagedRepository repoBean = new org.apache.archiva.admin.model.beans.ManagedRepository( );

  179.         repoBean.setId( repository.getId( ) );

  180.         repoBean.setName( repository.getName() );

  181.         repoBean.setDescription( repository.getDescription() );

  182.         repoBean.setBlockRedeployments( repository.isBlocksRedeployments() );

  183.         repoBean.setCronExpression( repository.getSchedulingDefinition() );

  184.         repoBean.setLocation( repository.getLocation() );

  185.         repoBean.setReleases( repository.getReleaseSchemes().contains( ReleaseScheme.RELEASE.name() ) );

  186.         repoBean.setSnapshots( repository.getReleaseSchemes().contains( ReleaseScheme.SNAPSHOT.name() ) );

  187.         repoBean.setScanned( repository.isScanned() );

  188.         repoBean.setDeleteReleasedSnapshots( repository.isDeleteSnapshotsOfRelease() );

  189.         repoBean.setSkipPackedIndexCreation( repository.isSkipPackedIndexCreation() );

  190.         repoBean.setRetentionCount( repository.getRetentionCount() );

  191.         repoBean.setRetentionPeriod( repository.getRetentionPeriod().getDays() );

  192.         repoBean.setIndexDirectory( repository.getIndexPath() );

  193.         repoBean.setPackedIndexDirectory( repository.getPackedIndexPath() );

  194.         repoBean.setLayout( repository.getLayout() );

  195.         repoBean.setType( RepositoryType.MAVEN.name( ) );

  196.         return repoBean;

  197.     }

  198. 

  199.     @Override

  200.     public MavenManagedRepository addManagedRepository( MavenManagedRepository managedRepository ) throws ArchivaRestServiceException

  201.     {

  202.         final String repoId = managedRepository.getId( );

  203.         if ( StringUtils.isEmpty( repoId ) ) {

  204.             throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.REPOSITORY_INVALID_ID, repoId ), 422 );

  205.         }

  206.         Repository repo = repositoryRegistry.getRepository( repoId );

  207.         if (repo!=null) {

  208.             httpServletResponse.setHeader( "Location", uriInfo.getAbsolutePathBuilder( ).path( repoId ).build( ).toString( ) );

  209.             throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.REPOSITORY_ID_EXISTS, repoId ), 303 );

  210.         }

  211.         try

  212.         {

  213.             managedRepositoryAdmin.addManagedRepository( convert( managedRepository ), managedRepository.isHasStagingRepository(), getAuditInformation() );

  214.             httpServletResponse.setStatus( 201 );

  215.             return MavenManagedRepository.of( repositoryRegistry.getManagedRepository( repoId ) );

  216.         }

  217.         catch ( RepositoryAdminException e )

  218.         {

  219.             throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.REPOSITORY_ADMIN_ERROR, e.getMessage( ) ) );

  220.         }

  221.     }

  222. 

  223.     @Override

  224.     public MavenManagedRepository updateManagedRepository( final String repositoryId, final MavenManagedRepositoryUpdate managedRepository ) throws ArchivaRestServiceException

  225.     {

  226.         org.apache.archiva.admin.model.beans.ManagedRepository repo = convert( managedRepository );

  227.         try

  228.         {

  229.             managedRepositoryAdmin.updateManagedRepository( repo, managedRepository.isHasStagingRepository( ), getAuditInformation( ), managedRepository.isResetStats( ) );

  230.             ManagedRepository newRepo = repositoryRegistry.getManagedRepository( managedRepository.getId( ) );

  231.             if (newRepo==null) {

  232.                 throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.REPOSITORY_UPDATE_FAILED, repositoryId ) );

  233.             }

  234.             return MavenManagedRepository.of( newRepo );

  235.         }

  236.         catch ( RepositoryAdminException e )

  237.         {

  238.             throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.REPOSITORY_ADMIN_ERROR, e.getMessage( ) ) );

  239.         }

  240.     }

  241. 

  242.     @Override

  243.     public FileInfo getFileStatus( String repositoryId, String fileLocation ) throws ArchivaRestServiceException

  244.     {

  245.         ManagedRepository repo = repositoryRegistry.getManagedRepository( repositoryId );

  246.         if (repo==null) {

  247.             throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.REPOSITORY_NOT_FOUND, repositoryId ), 404 );

  248.         }

  249.         try

  250.         {

  251.             ContentItem contentItem = repo.getContent( ).toItem( fileLocation );

  252.             if (contentItem.getAsset( ).exists( ))  {

  253.                 return FileInfo.of( contentItem.getAsset( ) );

  254.             } else {

  255.                 throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.ARTIFACT_NOT_FOUND, repositoryId, fileLocation ), 404 );

  256.             }

  257.         }

  258.         catch ( LayoutException e )

  259.         {

  260.             throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.REPOSITORY_LAYOUT_ERROR, e.getMessage( ) ) );

  261.         }

  262.     }

  263. 

  264.     @Override

  265.     public Response copyArtifact( String srcRepositoryId, String dstRepositoryId,

  266.                                   String path ) throws ArchivaRestServiceException

  267.     {

  268.         final AuditInformation auditInformation = getAuditInformation( );

  269.         final String userName = auditInformation.getUser( ).getUsername( );

  270.         if ( StringUtils.isEmpty( userName ) )

  271.         {

  272.             httpServletResponse.setHeader( "WWW-Authenticate", "Bearer realm=\"archiva\"" );

  273.             throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.NOT_AUTHENTICATED ), 401 );

  274.         }

  275.         ManagedRepository srcRepo = repositoryRegistry.getManagedRepository( srcRepositoryId );

  276.         if (srcRepo==null) {

  277.             throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.REPOSITORY_NOT_FOUND, srcRepositoryId ), 404 );

  278.         }

  279.         ManagedRepository dstRepo = repositoryRegistry.getManagedRepository( dstRepositoryId );

  280.         if (dstRepo==null) {

  281.             throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.REPOSITORY_NOT_FOUND, dstRepositoryId ), 404 );

  282.         }

  283.         checkAuthority( auditInformation.getUser().getUsername(), srcRepositoryId, dstRepositoryId );

  284.         try

  285.         {

  286.             ContentItem srcItem = srcRepo.getContent( ).toItem( path );

  287.             ContentItem dstItem = dstRepo.getContent( ).toItem( path );

  288.             if (!srcItem.getAsset().exists()){

  289.                 throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.ARTIFACT_NOT_FOUND, srcRepositoryId, path ), 404 );

  290.             }

  291.             if (dstItem.getAsset().exists()) {

  292.                 throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.ARTIFACT_EXISTS_AT_DEST, srcRepositoryId, path ), 400 );

  293.             }

  294.             FsStorageUtil.copyAsset( srcItem.getAsset( ), dstItem.getAsset( ), true );

  295.         }

  296.         catch ( LayoutException e )

  297.         {

  298.             throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.REPOSITORY_LAYOUT_ERROR, e.getMessage() ) );

  299.         }

  300.         catch ( IOException e )

  301.         {

  302.             throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.ARTIFACT_COPY_ERROR, e.getMessage() ) );

  303.         }

  304.         return Response.ok( ).build();

  305.     }

  306. 

  307.     private void checkAuthority(final String userName, final String srcRepositoryId, final String dstRepositoryId ) throws ArchivaRestServiceException {

  308.         User user;

  309.         try

  310.         {

  311.             user = securitySystem.getUserManager().findUser( userName );

  312.         }

  313.         catch ( UserNotFoundException e )

  314.         {

  315.             httpServletResponse.setHeader( "WWW-Authenticate", "Bearer realm=\"archiva\"" );

  316.             throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.USER_NOT_FOUND, userName ), 401 );

  317.         }

  318.         catch ( UserManagerException e )

  319.         {

  320.             throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.USER_MANAGER_ERROR, e.getMessage( ) ) );

  321.         }

  322. 

  323.         // check karma on source : read

  324.         AuthenticationResult authn = new AuthenticationResult( true, userName, null );

  325.         SecuritySession securitySession = new DefaultSecuritySession( authn, user );

  326.         try

  327.         {

  328.             boolean authz =

  329.                 securitySystem.isAuthorized( securitySession, OPERATION_READ_REPOSITORY,

  330.                     srcRepositoryId );

  331.             if ( !authz )

  332.             {

  333.                 throw new ArchivaRestServiceException(ErrorMessage.of( ErrorKeys.PERMISSION_REPOSITORY_DENIED, srcRepositoryId, OPERATION_READ_REPOSITORY ), 403);

  334.             }

  335.         }

  336.         catch ( AuthorizationException e )

  337.         {

  338.             log.error( "Error reading permission: {}", e.getMessage(), e );

  339.             throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.AUTHORIZATION_ERROR, e.getMessage() ), 403);

  340.         }

  341. 

  342.         // check karma on target: write

  343.         try

  344.         {

  345.             boolean authz =

  346.                 securitySystem.isAuthorized( securitySession, ArchivaRoleConstants.OPERATION_ADD_ARTIFACT,

  347.                     dstRepositoryId );

  348.             if ( !authz )

  349.             {

  350.                 throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.PERMISSION_REPOSITORY_DENIED, dstRepositoryId, OPERATION_ADD_ARTIFACT ) );

  351.             }

  352.         }

  353.         catch ( AuthorizationException e )

  354.         {

  355.             log.error( "Error reading permission: {}", e.getMessage(), e );

  356.             throw new ArchivaRestServiceException( ErrorMessage.of( ErrorKeys.AUTHORIZATION_ERROR, e.getMessage() ), 403);

  357.         }

  358. 

  359. 

  360.     }

  361. 

  362.     @Override

  363.     public Response deleteArtifact( String repositoryId, String path ) throws ArchivaRestServiceException

  364.     {

  365. 

  366.         return null;

  367.     }

  368. 

  369. 

  370.     @Override

  371.     public Response removeProjectVersion( String repositoryId, String namespace, String projectId, String version ) throws org.apache.archiva.rest.api.services.ArchivaRestServiceException

  372.     {

  373.         return null;

  374.     }

  375. 

  376.     @Override

  377.     public Response deleteProject( String repositoryId, String namespace, String projectId ) throws org.apache.archiva.rest.api.services.ArchivaRestServiceException

  378.     {

  379.         return null;

  380.     }

  381. 

  382.     @Override

  383.     public Response deleteNamespace( String repositoryId, String namespace ) throws org.apache.archiva.rest.api.services.ArchivaRestServiceException

  384.     {

  385.         return null;

  386.     }

  387. 

  388. }