Author: jmcconnell
Date: Wed Feb 28 12:51:27 2007
New Revision: 512961
URL: http://svn.apache.org/viewvc?view=rev&rev=512961
Log:
added a Global Repository Manager role
Added:
maven/archiva/trunk/archiva-security/src/main/java/org/apache/maven/archiva/security/GlobalRepositoryManagerRoleProfile.java
(with props)
Modified:
maven/archiva/trunk/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaRoleConstants.java
maven/archiva/trunk/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaSystemAdministratorRoleProfile.java
maven/archiva/trunk/archiva-security/src/main/java/org/apache/maven/archiva/security/RepositoryManagerDynamicRoleProfile.java
Modified:
maven/archiva/trunk/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaRoleConstants.java
URL:
http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaRoleConstants.java?view=diff&rev=512961&r1=512960&r2=512961
==============================================================================
---
maven/archiva/trunk/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaRoleConstants.java
(original)
+++
maven/archiva/trunk/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaRoleConstants.java
Wed Feb 28 12:51:27 2007
@@ -27,6 +27,8 @@
public static final String SYSTEM_ADMINISTRATOR_ROLE = "System
Administrator";
public static final String USER_ADMINISTRATOR_ROLE = "User Administrator";
+
+ public static final String GLOBAL_REPOSITORY_MANAGER_ROLE = "Global
Repository Manager";
public static final String REGISTERED_USER_ROLE = "Registered User";
Modified:
maven/archiva/trunk/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaSystemAdministratorRoleProfile.java
URL:
http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaSystemAdministratorRoleProfile.java?view=diff&rev=512961&r1=512960&r2=512961
==============================================================================
---
maven/archiva/trunk/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaSystemAdministratorRoleProfile.java
(original)
+++
maven/archiva/trunk/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaSystemAdministratorRoleProfile.java
Wed Feb 28 12:51:27 2007
@@ -46,12 +46,17 @@
operations.add( ArchivaRoleConstants.OPERATION_RUN_INDEXER );
operations.add( ArchivaRoleConstants.OPERATION_REGENERATE_INDEX );
operations.add( ArchivaRoleConstants.OPERATION_ACCESS_REPORT ); //
TODO: does this need to be templated?
- operations.add( ArchivaRoleConstants.OPERATION_ADD_REPOSITORY );
- operations.add( ArchivaRoleConstants.OPERATION_EDIT_REPOSITORY );
- operations.add( ArchivaRoleConstants.OPERATION_DELETE_REPOSITORY );
// we don't add access/upload repository operations. This isn't a
sys-admin function, and we don't want to
// encourage the use of the sys admin role for such operations. They
can grant it as necessary.
return operations;
+ }
+
+
+ public List getChildRoles()
+ {
+ List childRoles = new ArrayList();
+ childRoles.add( ArchivaRoleConstants.GLOBAL_REPOSITORY_MANAGER_ROLE );
+ return childRoles;
}
public boolean isAssignable()
Added:
maven/archiva/trunk/archiva-security/src/main/java/org/apache/maven/archiva/security/GlobalRepositoryManagerRoleProfile.java
URL:
http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-security/src/main/java/org/apache/maven/archiva/security/GlobalRepositoryManagerRoleProfile.java?view=auto&rev=512961
==============================================================================
---
maven/archiva/trunk/archiva-security/src/main/java/org/apache/maven/archiva/security/GlobalRepositoryManagerRoleProfile.java
(added)
+++
maven/archiva/trunk/archiva-security/src/main/java/org/apache/maven/archiva/security/GlobalRepositoryManagerRoleProfile.java
Wed Feb 28 12:51:27 2007
@@ -0,0 +1,57 @@
+package org.apache.maven.archiva.security;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import org.codehaus.plexus.rbac.profile.AbstractRoleProfile;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * @plexus.component role="org.codehaus.plexus.rbac.profile.RoleProfile"
+ * role-hint="archiva-repository-administrator"
+ */
+public class GlobalRepositoryManagerRoleProfile
+ extends AbstractRoleProfile
+{
+ /**
+ * Create the Role name for a Repository Observer, using the provided
repository id.
+ *
+ * @param repoId the repository id
+ */
+ public String getRoleName( )
+ {
+ return ArchivaRoleConstants.GLOBAL_REPOSITORY_MANAGER_ROLE;
+ }
+
+ public boolean isAssignable()
+ {
+ return true;
+ }
+
+ public List getOperations()
+ {
+ List operations = new ArrayList();
+ operations.add( ArchivaRoleConstants.OPERATION_ADD_REPOSITORY );
+ operations.add( ArchivaRoleConstants.OPERATION_EDIT_REPOSITORY );
+ operations.add( ArchivaRoleConstants.OPERATION_DELETE_REPOSITORY );
+ return operations;
+ }
+}
Propchange:
maven/archiva/trunk/archiva-security/src/main/java/org/apache/maven/archiva/security/GlobalRepositoryManagerRoleProfile.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified:
maven/archiva/trunk/archiva-security/src/main/java/org/apache/maven/archiva/security/RepositoryManagerDynamicRoleProfile.java
URL:
http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-security/src/main/java/org/apache/maven/archiva/security/RepositoryManagerDynamicRoleProfile.java?view=diff&rev=512961&r1=512960&r2=512961
==============================================================================
---
maven/archiva/trunk/archiva-security/src/main/java/org/apache/maven/archiva/security/RepositoryManagerDynamicRoleProfile.java
(original)
+++
maven/archiva/trunk/archiva-security/src/main/java/org/apache/maven/archiva/security/RepositoryManagerDynamicRoleProfile.java
Wed Feb 28 12:51:27 2007
@@ -20,6 +20,10 @@
*/
import org.codehaus.plexus.rbac.profile.AbstractDynamicRoleProfile;
+import org.codehaus.plexus.rbac.profile.RoleProfileException;
+import org.codehaus.plexus.security.rbac.RbacManagerException;
+import org.codehaus.plexus.security.rbac.RbacObjectNotFoundException;
+import org.codehaus.plexus.security.rbac.Role;
import java.util.ArrayList;
import java.util.Collections;
@@ -70,6 +74,37 @@
public boolean isAssignable()
{
return true;
+ }
+
+ public Role getRole( String resource )
+ throws RoleProfileException
+ {
+ try
+ {
+ if ( rbacManager.roleExists( getRoleName( resource ) ) )
+ {
+ return rbacManager.getRole( getRoleName( resource ) );
+ }
+ else
+ {
+ // first time assign the role to the group administrator since
they need the access
+ Role newRole = generateRole( resource );
+
+ Role repoAdmin = rbacManager.getRole(
ArchivaRoleConstants.GLOBAL_REPOSITORY_MANAGER_ROLE );
+ repoAdmin.addChildRoleName( newRole.getName() );
+ rbacManager.saveRole( repoAdmin );
+
+ return newRole;
+ }
+ }
+ catch ( RbacObjectNotFoundException ne )
+ {
+ throw new RoleProfileException( "unable to get role", ne );
+ }
+ catch ( RbacManagerException e )
+ {
+ throw new RoleProfileException( "system error with rbac manager",
e );
+ }
}
}
