Author: jmcconnell
Date: Tue Sep 12 11:44:16 2006
New Revision: 442672
URL: http://svn.apache.org/viewvc?view=rev&rev=442672
Log:
moderately working authz on many of the important jsp pages and improvements in
the corresponding actions
Modified:
maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/AbstractConfigureRepositoryAction.java
maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/NewUserAction.java
maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/UserManagementAction.java
maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/util/DefaultRoleManager.java
maven/archiva/trunk/archiva-webapp/src/main/resources/xwork.xml
maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/admin/index.jsp
maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp
maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/loginRegister.jsp
maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/user.jsp
Modified:
maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/AbstractConfigureRepositoryAction.java
URL:
http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/AbstractConfigureRepositoryAction.java?view=diff&rev=442672&r1=442671&r2=442672
==============================================================================
---
maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/AbstractConfigureRepositoryAction.java
(original)
+++
maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/AbstractConfigureRepositoryAction.java
Tue Sep 12 11:44:16 2006
@@ -98,7 +98,7 @@
{
addRepository();
- roleManager.addRepository( getRepoId() );
+ roleManager.addRepository( repository.getId() );
configurationStore.storeConfiguration( configuration );
Modified:
maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/NewUserAction.java
URL:
http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/NewUserAction.java?view=diff&rev=442672&r1=442671&r2=442672
==============================================================================
---
maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/NewUserAction.java
(original)
+++
maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/NewUserAction.java
Tue Sep 12 11:44:16 2006
@@ -115,6 +115,7 @@
}
roleManager.addUser( user.getPrincipal().toString() );
+ addActionMessage( "user " + username + " was successfully
registered!");
}
if ( hasActionErrors() )
Modified:
maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/UserManagementAction.java
URL:
http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/UserManagementAction.java?view=diff&rev=442672&r1=442671&r2=442672
==============================================================================
---
maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/UserManagementAction.java
(original)
+++
maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/UserManagementAction.java
Tue Sep 12 11:44:16 2006
@@ -106,7 +106,7 @@
// for displaying the potential repositories to be displayed, remove
the global resource
// from the list
resources = rbacManager.getAllResources();
- resources.remove( rbacManager.getGlobalResource() );
+ //resources.remove( rbacManager.getGlobalResource() );
// check if the user has any roles assigned to them, and populate the
lists for
// rendering assign and remove roles links
Modified:
maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/util/DefaultRoleManager.java
URL:
http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/util/DefaultRoleManager.java?view=diff&rev=442672&r1=442671&r2=442672
==============================================================================
---
maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/util/DefaultRoleManager.java
(original)
+++
maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/util/DefaultRoleManager.java
Tue Sep 12 11:44:16 2006
@@ -112,6 +112,12 @@
manager.saveOperation( operation );
}
+ if ( !manager.operationExists( "grant-roles" ) )
+ {
+ Operation operation = manager.createOperation( "grant-roles" );
+ manager.saveOperation( operation );
+ }
+
if ( !manager.operationExists( "remove-roles" ) )
{
Operation operation = manager.createOperation( "remove-roles" );
@@ -150,12 +156,20 @@
manager.savePermission( editAllUsers );
}
+ if ( !manager.permissionExists( "Grant Roles" ) )
+ {
+ Permission granRoles = manager.createPermission( "Grant
Roles", "grant-roles",
+
manager.getGlobalResource().getIdentifier() );
+
+ manager.savePermission( granRoles );
+ }
+
if ( !manager.permissionExists( "Remove Roles" ) )
{
- Permission editAllUsers = manager.createPermission( "Remove
Roles", "remove-roles",
+ Permission removeRoles = manager.createPermission( "Remove
Roles", "remove-roles",
manager.getGlobalResource().getIdentifier() );
- manager.savePermission( editAllUsers );
+ manager.savePermission( removeRoles );
}
if ( !manager.permissionExists( "Regenerate Index" ) )
@@ -171,6 +185,7 @@
Role userAdmin = manager.createRole( "User Administrator" );
userAdmin.addPermission( manager.getPermission( "Edit All
Users" ) );
userAdmin.addPermission( manager.getPermission( "Remove Roles"
) );
+ userAdmin.addPermission( manager.getPermission( "Grant Roles"
) );
userAdmin.setAssignable( true );
manager.saveRole( userAdmin );
}
@@ -178,7 +193,7 @@
if ( !manager.roleExists( "System Administrator" ) )
{
Role admin = manager.createRole( "System Administrator" );
- admin.addChildRole( manager.getRole( "User Administrator" ) );
+ admin.addChildRoleName( manager.getRole( "User Administrator"
).getName() );
admin.addPermission( manager.getPermission( "Edit
Configuration" ) );
admin.addPermission( manager.getPermission( "Run Indexer" ) );
admin.addPermission( manager.getPermission( "Add Repository" )
);
@@ -250,7 +265,7 @@
regenReports = manager.savePermission( regenReports );
// make the roles
- Role repositoryObserver = manager.createRole( "Repository Manager
- " + repositoryName );
+ Role repositoryObserver = manager.createRole( "Repository Observer
- " + repositoryName );
repositoryObserver.addPermission( editRepo );
repositoryObserver.setAssignable( true );
repositoryObserver = manager.saveRole( repositoryObserver );
@@ -259,7 +274,7 @@
repositoryManager.addPermission( editRepo );
repositoryManager.addPermission( deleteRepo );
repositoryManager.addPermission( regenReports );
- repositoryManager.addChildRole( repositoryObserver );
+ repositoryManager.addChildRoleName( repositoryObserver.getName() );
repositoryManager.setAssignable( true );
manager.saveRole( repositoryManager );
Modified: maven/archiva/trunk/archiva-webapp/src/main/resources/xwork.xml
URL:
http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-webapp/src/main/resources/xwork.xml?view=diff&rev=442672&r1=442671&r2=442672
==============================================================================
--- maven/archiva/trunk/archiva-webapp/src/main/resources/xwork.xml (original)
+++ maven/archiva/trunk/archiva-webapp/src/main/resources/xwork.xml Tue Sep 12
11:44:16 2006
@@ -238,7 +238,7 @@
</action>
- <action name="user" class="userManagement">
+ <action name="user" class="userManagement" method="display">
<result name="success">/WEB-INF/jsp/user.jsp</result>
</action>
Modified:
maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/admin/index.jsp
URL:
http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/admin/index.jsp?view=diff&rev=442672&r1=442671&r2=442672
==============================================================================
---
maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/admin/index.jsp
(original)
+++
maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/admin/index.jsp
Tue Sep 12 11:44:16 2006
@@ -97,11 +97,14 @@
<c:forEach items="${repositories}" var="repository" varStatus="i">
<div>
<div style="float: right">
- <%-- TODO replace with icons --%>
- <a href="<ww:url action="editRepository" method="input"><ww:param
name="repoId" value="%{'${repository.id}'}" /></ww:url>">Edit
- Repository</a> | <a
- href="<ww:url action="deleteRepository" method="input"><ww:param
name="repoId" value="%{'${repository.id}'}" /></ww:url>">Delete
- Repository</a>
+ <ww:url id="editRepositoryUrl" action="editRepository" method="input">
+ <ww:param name="repoId" value="%{'${repository.id}'}" />
+ </ww:url>
+ <ww:url id="deleteRepositoryUrl" action="deleteRepository"
method="input">
+ <ww:param name="repoId" value="%{'${repository.id}'}" />
+ </ww:url>
+ <%-- TODO replace with icons --%>
+ <pss:ifAuthorized permission="edit-repository"
resource="${repository.id}"><ww:a href="%{editRepositoryUrl}">Edit
Repository</ww:a></pss:ifAuthorized> | <pss:ifAuthorized
permission="delete-repository" resource="${repository.id}"><ww:a
href="%{deleteRepositoryUrl}">Delete Repository</ww:a></pss:ifAuthorized>
</div>
<h3>${repository.name}</h3>
<table class="infoTable">
Modified:
maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp
URL:
http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp?view=diff&rev=442672&r1=442671&r2=442672
==============================================================================
---
maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp
(original)
+++
maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp
Tue Sep 12 11:44:16 2006
@@ -107,39 +107,45 @@
<my:currentWWUrl action="browse" namespace="/">Browse</my:currentWWUrl>
</li>
</ul>
- <h5>Manage</h5>
- <ul>
- <li class="none">
- <my:currentWWUrl action="reports"
namespace="/admin">Reports</my:currentWWUrl>
- </li>
-
- <%-- TODO
- <li class="none">
- <a href="#">Synchronisation</a>
- </li>
- --%>
-
- <li class="expanded">
- <my:currentWWUrl action="index"
namespace="/admin">Administration</my:currentWWUrl>
- <ul>
+ <pss:ifAnyAuthorized
permissions="edit-all-users,get-reports,edit-configuration">
+ <h5>Manage</h5>
+ <ul>
+ <pss:ifAuthorized permission="get-reports">
<li class="none">
- <my:currentWWUrl action="proxiedRepositories"
namespace="/admin">Proxied Repositories</my:currentWWUrl>
+ <my:currentWWUrl action="reports"
namespace="/admin">Reports</my:currentWWUrl>
</li>
-
- <%-- TODO: add back after synced repos are implemented
- <li class="none">
- <my:currentWWUrl action="syncedRepositories"
namespace="/admin">Synced Repositories</my:currentWWUrl>
- </li>
+ </pss:ifAuthorized>
+ <%-- TODO
+ <li class="none">
+ <a href="#">Synchronisation</a>
+ </li>
--%>
- <pss:ifAuthorized permission="edit-all-users">
- <li class="none">
- <my:currentWWUrl action="userManagement" namespace="/admin">User
Management</my:currentWWUrl>
- </li>
- </pss:ifAuthorized>
- </ul>
- </li>
- </ul>
+ <pss:ifAnyAuthorized permissions="edit-configuration,edit-all-users">
+ <li class="expanded">
+ <pss:ifAuthorized permission="edit-all-users">
+ <my:currentWWUrl action="userManagement" namespace="/admin">User
Management</my:currentWWUrl>
+ </pss:ifAuthorized>
+ </li>
+ <li>
+ <pss:ifAuthorized permission="edit-configuration">
+ <my:currentWWUrl action="index"
namespace="/admin">Administration</my:currentWWUrl>
+ </pss:ifAuthorized>
+
+ <ul>
+ <li class="none">
+ <my:currentWWUrl action="proxiedRepositories"
namespace="/admin">Proxied Repositories</my:currentWWUrl>
+ </li>
+ <%-- TODO: add back after synced repos are implemented
+ <li class="none">
+ <my:currentWWUrl action="syncedRepositories"
namespace="/admin">Synced Repositories</my:currentWWUrl>
+ </li>
+ --%>
+ </ul>
+ </li>
+ </pss:ifAnyAuthorized>
+ </ul>
+ </pss:ifAnyAuthorized>
<br/>
</div>
</div>
Modified:
maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/loginRegister.jsp
URL:
http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/loginRegister.jsp?view=diff&rev=442672&r1=442671&r2=442672
==============================================================================
---
maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/loginRegister.jsp
(original)
+++
maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/loginRegister.jsp
Tue Sep 12 11:44:16 2006
@@ -32,6 +32,10 @@
</div>
+ <p>
+ <ww:actionmessage/>
+ </p>
+
<h2>Login</h2>
<ww:form action="login">
<table class="bodyTable">
Modified:
maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/user.jsp
URL:
http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/user.jsp?view=diff&rev=442672&r1=442671&r2=442672
==============================================================================
--- maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/user.jsp
(original)
+++ maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/user.jsp Tue
Sep 12 11:44:16 2006
@@ -53,32 +53,51 @@
<table class="bodyTable">
<ww:iterator id="role" value="assignedRoles">
- <ww:url id="removeAssignedRoleUrl" action="removeRoleFromUser">
- <ww:param
name="principal">${sessionScope.SecuritySessionUser.principal}</ww:param>
- <ww:param
name="roleName">${sessionScope.SecuritySessionUser.name}</ww:param>
- </ww:url>
+
<tr class="a">
<td>
<em>${role.name}</em><br/>
</td>
<td>
- <ww:a href="%{removeAssignedRoleUrl}">Delete</ww:a>
+ <pss:ifAuthorized permission="remove-roles">
+ <ww:url id="removeAssignedRoleUrl"
action="removeRoleFromUser">
+ <ww:param
name="principal">${sessionScope.SecuritySessionUser.principal}</ww:param>
+ <ww:param name="roleName">${role.name}</ww:param>
+ </ww:url>
+ <ww:a href="%{removeAssignedRoleUrl}">Delete</ww:a>
+ </pss:ifAuthorized>
</td>
</tr>
</ww:iterator>
</table>
+ <%-- this is for debug purposes only --%>
+ <div id="sidebar">
+ <ww:iterator id="role" value="availableRoles">
+ <ww:url id="addRoleUrl" action="assignRoleToUser">
+ <ww:param
name="principal">${sessionScope.SecuritySessionUser.principal}</ww:param>
+ <ww:param name="roleName">${role.name}</ww:param>
+ </ww:url>
+ <ww:a href="%{addRoleUrl}">${role.name}</ww:a>
+ <br/>
+ </ww:iterator>
+ </div>
+
<h2>Grant Roles</h2>
<p>
- <ww:iterator id="role" value="availableRoles">
- <ww:url id="addRoleUrl" action="assignRoleToUser">
- <ww:param
name="principal">${sessionScope.SecuritySessionUser.principal}</ww:param>
- <ww:param name="roleName">${role.name}</ww:param>
- </ww:url>
- <ww:a href="%{addRoleUrl}">${role.name}</ww:a><br/>
- </ww:iterator>
+
</p>
+ <pss:ifAuthorized permission="grant-roles">
+ <ww:iterator id="role" value="availableRoles">
+ <ww:url id="addRoleUrl" action="assignRoleToUser">
+ <ww:param
name="principal">${sessionScope.SecuritySessionUser.principal}</ww:param>
+ <ww:param name="roleName">${role.name}</ww:param>
+ </ww:url>
+ <ww:a href="%{addRoleUrl}">${role.name}</ww:a>
+ <br/>
+ </ww:iterator>
+ </pss:ifAuthorized>
<%--
<p>
This following screen needs have the various roles worked into it.
@@ -145,7 +164,7 @@
</td>
</tr>
- --%>
+
<tr class="a">
<td></td>
<td>
@@ -155,7 +174,7 @@
</tr>
</table>
-
+ --%>
</div>
</div>
