This is an automated email from the ASF dual-hosted git repository. martin_s pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/archiva-redback-core.git
commit ce77438066bcffb0a69eb6c405062a7198d6d36c Author: Martin Stockhammer <[email protected]> AuthorDate: Fri Nov 15 17:43:14 2019 +0100 Switching from plexus graph to archiva graph component --- redback-rbac/pom.xml | 23 ++ redback-rbac/redback-rbac-model/pom.xml | 6 +- .../redback-rbac-cached/pom.xml | 6 +- .../redback-rbac-ldap/pom.xml | 9 +- .../redback-rbac-memory/pom.xml | 6 +- redback-rbac/redback-rbac-role-manager/pom.xml | 18 +- .../role/processor/DefaultRoleModelProcessor.java | 11 +- .../archiva/redback/role/util/RoleModelUtils.java | 112 ++++-- .../role/validator/DefaultRoleModelValidator.java | 414 ++++++++------------- .../role/validator/RoleModelValidatorTest.java | 4 +- .../src/test/resources/log4j2-test.xml | 36 ++ 11 files changed, 312 insertions(+), 333 deletions(-) diff --git a/redback-rbac/pom.xml b/redback-rbac/pom.xml index 8543109..852b7a2 100644 --- a/redback-rbac/pom.xml +++ b/redback-rbac/pom.xml @@ -38,6 +38,12 @@ </modules> <dependencies> + + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + </dependency> + <dependency> <groupId>org.junit.platform</groupId> <artifactId>junit-platform-launcher</artifactId> @@ -58,5 +64,22 @@ <artifactId>junit-vintage-engine</artifactId> <scope>test</scope> </dependency> + + <dependency> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-core</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-slf4j-impl</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-jcl</artifactId> + <scope>test</scope> + </dependency> + </dependencies> </project> diff --git a/redback-rbac/redback-rbac-model/pom.xml b/redback-rbac/redback-rbac-model/pom.xml index 3f4bf48..b5e8e4b 100644 --- a/redback-rbac/redback-rbac-model/pom.xml +++ b/redback-rbac/redback-rbac-model/pom.xml @@ -44,10 +44,6 @@ <artifactId>commons-collections4</artifactId> </dependency> <dependency> - <groupId>org.codehaus.plexus</groupId> - <artifactId>plexus-utils</artifactId> - </dependency> - <dependency> <groupId>org.slf4j</groupId> <artifactId>slf4j-api</artifactId> </dependency> @@ -58,7 +54,7 @@ </dependency> <dependency> <groupId>javax.annotation</groupId> - <artifactId>jsr250-api</artifactId> + <artifactId>javax.annotation-api</artifactId> </dependency> </dependencies> diff --git a/redback-rbac/redback-rbac-providers/redback-rbac-cached/pom.xml b/redback-rbac/redback-rbac-providers/redback-rbac-cached/pom.xml index b063716..0833f2d 100644 --- a/redback-rbac/redback-rbac-providers/redback-rbac-cached/pom.xml +++ b/redback-rbac/redback-rbac-providers/redback-rbac-cached/pom.xml @@ -85,11 +85,7 @@ <artifactId>hsqldb</artifactId> <scope>test</scope> </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-simple</artifactId> - <scope>test</scope> - </dependency> + </dependencies> </project> diff --git a/redback-rbac/redback-rbac-providers/redback-rbac-ldap/pom.xml b/redback-rbac/redback-rbac-providers/redback-rbac-ldap/pom.xml index 0547ccc..0d65781 100644 --- a/redback-rbac/redback-rbac-providers/redback-rbac-ldap/pom.xml +++ b/redback-rbac/redback-rbac-providers/redback-rbac-ldap/pom.xml @@ -94,13 +94,8 @@ <scope>test</scope> </dependency> <dependency> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-simple</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.archiva.redback.components</groupId> - <artifactId>spring-apacheds</artifactId> + <groupId>org.apache.archiva.components</groupId> + <artifactId>archiva-components-spring-apacheds</artifactId> <scope>test</scope> </dependency> </dependencies> diff --git a/redback-rbac/redback-rbac-providers/redback-rbac-memory/pom.xml b/redback-rbac/redback-rbac-providers/redback-rbac-memory/pom.xml index 4deb3ee..1ae227e 100644 --- a/redback-rbac/redback-rbac-providers/redback-rbac-memory/pom.xml +++ b/redback-rbac/redback-rbac-providers/redback-rbac-memory/pom.xml @@ -64,11 +64,7 @@ <artifactId>hsqldb</artifactId> <scope>test</scope> </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-simple</artifactId> - <scope>test</scope> - </dependency> + </dependencies> </project> diff --git a/redback-rbac/redback-rbac-role-manager/pom.xml b/redback-rbac/redback-rbac-role-manager/pom.xml index 42d0617..9d02910 100644 --- a/redback-rbac/redback-rbac-role-manager/pom.xml +++ b/redback-rbac/redback-rbac-role-manager/pom.xml @@ -35,6 +35,11 @@ <dependencies> <dependency> + <groupId>org.apache.archiva.components</groupId> + <artifactId>archiva-components-graph</artifactId> + <version>3.0-SNAPSHOT</version> + </dependency> + <dependency> <groupId>net.java.dev.stax-utils</groupId> <artifactId>stax-utils</artifactId> <version>20060502</version> @@ -77,16 +82,8 @@ <artifactId>redback-rbac-cached</artifactId> <scope>test</scope> </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-simple</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>jul-to-slf4j</artifactId> - <scope>test</scope> - </dependency> + + <dependency> <groupId>org.hsqldb</groupId> <artifactId>hsqldb</artifactId> @@ -102,6 +99,7 @@ <artifactId>spring-test</artifactId> <scope>test</scope> </dependency> + </dependencies> <build> diff --git a/redback-rbac/redback-rbac-role-manager/src/main/java/org/apache/archiva/redback/role/processor/DefaultRoleModelProcessor.java b/redback-rbac/redback-rbac-role-manager/src/main/java/org/apache/archiva/redback/role/processor/DefaultRoleModelProcessor.java index 3fdfdee..203bfc7 100644 --- a/redback-rbac/redback-rbac-role-manager/src/main/java/org/apache/archiva/redback/role/processor/DefaultRoleModelProcessor.java +++ b/redback-rbac/redback-rbac-role-manager/src/main/java/org/apache/archiva/redback/role/processor/DefaultRoleModelProcessor.java @@ -34,7 +34,6 @@ import org.apache.archiva.redback.role.model.ModelRole; import org.apache.archiva.redback.role.model.RedbackRoleModel; import org.apache.archiva.redback.role.util.RoleModelUtils; import org.apache.commons.lang3.time.StopWatch; -import org.codehaus.plexus.util.dag.CycleDetectedException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.stereotype.Service; @@ -157,15 +156,7 @@ public class DefaultRoleModelProcessor StopWatch stopWatch = new StopWatch(); stopWatch.reset(); stopWatch.start(); - List<String> sortedGraph; - try - { - sortedGraph = RoleModelUtils.reverseTopologicalSortedRoleList( model ); - } - catch ( CycleDetectedException e ) - { - throw new RoleManagerException( "cycle detected: this should have been caught in validation", e ); - } + List<String> sortedGraph = RoleModelUtils.reverseTopologicalSortedRoleList(model); List<? extends Role> allRoles; try diff --git a/redback-rbac/redback-rbac-role-manager/src/main/java/org/apache/archiva/redback/role/util/RoleModelUtils.java b/redback-rbac/redback-rbac-role-manager/src/main/java/org/apache/archiva/redback/role/util/RoleModelUtils.java index 6ab6e40..645cdcc 100644 --- a/redback-rbac/redback-rbac-role-manager/src/main/java/org/apache/archiva/redback/role/util/RoleModelUtils.java +++ b/redback-rbac/redback-rbac-role-manager/src/main/java/org/apache/archiva/redback/role/util/RoleModelUtils.java @@ -19,19 +19,25 @@ package org.apache.archiva.redback.role.util; * under the License. */ +import org.apache.archiva.components.graph.api.Category; +import org.apache.archiva.components.graph.api.RelationType; +import org.apache.archiva.components.graph.base.SimpleGraph; +import org.apache.archiva.components.graph.base.SimpleNode; +import org.apache.archiva.components.graph.util.Traversal; import org.apache.archiva.redback.role.model.ModelApplication; import org.apache.archiva.redback.role.model.ModelOperation; import org.apache.archiva.redback.role.model.ModelResource; import org.apache.archiva.redback.role.model.ModelRole; import org.apache.archiva.redback.role.model.ModelTemplate; import org.apache.archiva.redback.role.model.RedbackRoleModel; -import org.codehaus.plexus.util.dag.CycleDetectedException; -import org.codehaus.plexus.util.dag.DAG; -import org.codehaus.plexus.util.dag.TopologicalSorter; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import java.util.ArrayList; +import java.util.Collections; import java.util.LinkedList; import java.util.List; +import java.util.stream.Collectors; /** * RoleModelUtils: @@ -41,7 +47,17 @@ import java.util.List; */ public class RoleModelUtils { + public enum RoleType implements Category { + ROLE,TEMPLATE + } + + public enum RoleRelation implements RelationType { + ROLE_TO_ROLE,ROLE_TO_TEMPLATE,TEMPLATE_TO_ROLE,TEMPLATE_TO_TEMPLATE; + } + public static final String ROOT = ":archiva:node:root"; + + private static final Logger log = LoggerFactory.getLogger(RoleModelUtils.class); public static List<ModelRole> getRoles( RedbackRoleModel model ) { @@ -229,24 +245,36 @@ public class RoleModelUtils } @SuppressWarnings( "unchecked" ) - public static DAG generateRoleGraph( RedbackRoleModel model ) - throws CycleDetectedException + public static SimpleGraph generateRoleGraph(RedbackRoleModel model ) + { - DAG roleGraph = new DAG(); + SimpleGraph roleGraph = new SimpleGraph(); + SimpleNode rootNode = roleGraph.addNode(ROOT, ROOT); + + log.debug("Created graph with root {}", rootNode); for ( ModelApplication application : model.getApplications() ) { + log.debug("Application {}", application.getId()); for ( ModelRole role : application.getRoles() ) { - roleGraph.addVertex( role.getId() ); + final String roleId = role.getId(); + SimpleNode roleNode = roleGraph.addNode(roleId, roleId); + roleNode.addCategory(RoleType.ROLE); + if (role.getParentRoles()==null || role.getParentRoles().size()==0) { + // We add it to the root node only, if it has no parent roles + roleGraph.addEdge("root:" + roleId, "root -> " + roleId, rootNode, roleNode); + } if ( role.getChildRoles() != null ) { for ( String childRole : role.getChildRoles() ) { - roleGraph.addVertex( childRole ); + SimpleNode childNode = roleGraph.addNode(childRole, childRole); + childNode.addCategory(RoleType.ROLE); + roleGraph.addEdge( RoleRelation.ROLE_TO_ROLE, roleId+":"+childRole, + roleId+" -> "+childRole, roleNode, childNode ); - roleGraph.addEdge( role.getId(), childRole ); } } @@ -254,9 +282,10 @@ public class RoleModelUtils { for ( String parentRole : role.getParentRoles() ) { - roleGraph.addVertex( parentRole ); - - roleGraph.addEdge( parentRole, role.getId() ); + SimpleNode parentNode = roleGraph.addNode( parentRole, parentRole ); + parentNode.addCategory(RoleType.ROLE); + roleGraph.addEdge( RoleRelation.ROLE_TO_ROLE, parentRole+":"+roleId, + parentRole + " -> "+ roleId, parentNode, roleNode); } } } @@ -266,24 +295,31 @@ public class RoleModelUtils } @SuppressWarnings( "unchecked" ) - public static DAG generateTemplateGraph( RedbackRoleModel model ) - throws CycleDetectedException + public static SimpleGraph generateTemplateGraph( RedbackRoleModel model ) + { - DAG templateGraph = generateRoleGraph( model ); + SimpleGraph templateGraph = generateRoleGraph( model ); + SimpleNode rootNode = templateGraph.getNode(ROOT); for ( ModelApplication application : model.getApplications() ) { for ( ModelTemplate template : application.getTemplates() ) { - templateGraph.addVertex( template.getId() ); + final String templId = template.getId(); + SimpleNode templateNode = templateGraph.addNode(templId, templId); + templateNode.addCategory(RoleType.TEMPLATE); + if ((template.getParentRoles() == null || template.getParentRoles().size()==0) + && ( template.getParentTemplates() == null || template.getParentTemplates().size()==0) ) { + templateGraph.addEdge("root:" + templId, "root -> " + templId, rootNode, templateNode); + } if ( template.getChildRoles() != null ) { for ( String childRole : template.getChildRoles() ) { - templateGraph.addVertex( childRole ); - - templateGraph.addEdge( template.getId(), childRole ); + SimpleNode childNode = templateGraph.addNode(childRole, childRole); + childNode.addCategory(RoleType.ROLE); + templateGraph.addEdge( RoleRelation.TEMPLATE_TO_ROLE, templId+":"+childNode, templId+" -> "+childNode, templateNode, childNode ); } } @@ -291,9 +327,10 @@ public class RoleModelUtils { for ( String parentRole : template.getParentRoles() ) { - templateGraph.addVertex( parentRole ); - - templateGraph.addEdge( parentRole, template.getId() ); + SimpleNode parentNode = templateGraph.addNode(parentRole, parentRole); + parentNode.addCategory(RoleType.ROLE); + templateGraph.addEdge( RoleRelation.ROLE_TO_TEMPLATE, parentRole+":"+templId, + parentRole+" -> "+templId, parentNode, templateNode); } } @@ -301,9 +338,10 @@ public class RoleModelUtils { for ( String childTemplate : template.getChildTemplates() ) { - templateGraph.addVertex( childTemplate ); - - templateGraph.addEdge( template.getId(), childTemplate ); + SimpleNode childTemplNode = templateGraph.addNode(childTemplate, childTemplate); + childTemplNode.addCategory(RoleType.TEMPLATE); + templateGraph.addEdge( RoleRelation.TEMPLATE_TO_TEMPLATE, templId+":"+childTemplate, + templId+" -> "+childTemplate, templateNode, childTemplNode); } } @@ -311,9 +349,11 @@ public class RoleModelUtils { for ( String parentTemplate : template.getParentTemplates() ) { - templateGraph.addVertex( parentTemplate ); - - templateGraph.addEdge( parentTemplate, template.getId() ); + SimpleNode parentTemplNode = templateGraph.addNode( parentTemplate, parentTemplate ); + parentTemplNode.addCategory(RoleType.TEMPLATE); + templateGraph.addEdge( RoleRelation.TEMPLATE_TO_TEMPLATE, + parentTemplate+":"+templId, parentTemplate+" -> "+templId, + parentTemplNode, templateNode); } } } @@ -324,18 +364,12 @@ public class RoleModelUtils @SuppressWarnings( "unchecked" ) public static List<String> reverseTopologicalSortedRoleList( RedbackRoleModel model ) - throws CycleDetectedException { - LinkedList<String> sortedGraph = - (LinkedList<String>) TopologicalSorter.sort( RoleModelUtils.generateRoleGraph( model ) ); - List<String> resortedGraph = new LinkedList<String>(); - - while ( !sortedGraph.isEmpty() ) - { - resortedGraph.add( sortedGraph.removeLast() ); - } - - return resortedGraph; + SimpleGraph graph = generateRoleGraph(model); + List<String> sortedGraph = Traversal.topologialSort(graph.getNode(ROOT)).stream().map(n -> n.getId()) + .filter(id -> !ROOT.equals(id)).collect(Collectors.toList()); + Collections.reverse(sortedGraph); + return sortedGraph; } } diff --git a/redback-rbac/redback-rbac-role-manager/src/main/java/org/apache/archiva/redback/role/validator/DefaultRoleModelValidator.java b/redback-rbac/redback-rbac-role-manager/src/main/java/org/apache/archiva/redback/role/validator/DefaultRoleModelValidator.java index 272285f..6745659 100644 --- a/redback-rbac/redback-rbac-role-manager/src/main/java/org/apache/archiva/redback/role/validator/DefaultRoleModelValidator.java +++ b/redback-rbac/redback-rbac-role-manager/src/main/java/org/apache/archiva/redback/role/validator/DefaultRoleModelValidator.java @@ -19,16 +19,14 @@ package org.apache.archiva.redback.role.validator; * under the License. */ +import org.apache.archiva.components.graph.base.SimpleGraph; +import org.apache.archiva.components.graph.base.SimpleNode; +import org.apache.archiva.components.graph.util.Traversal; import org.apache.archiva.redback.role.RoleManagerException; -import org.apache.archiva.redback.role.model.ModelApplication; -import org.apache.archiva.redback.role.model.ModelOperation; -import org.apache.archiva.redback.role.model.ModelPermission; -import org.apache.archiva.redback.role.model.ModelResource; -import org.apache.archiva.redback.role.model.ModelRole; -import org.apache.archiva.redback.role.model.ModelTemplate; -import org.apache.archiva.redback.role.model.RedbackRoleModel; +import org.apache.archiva.redback.role.model.*; import org.apache.archiva.redback.role.util.RoleModelUtils; -import org.codehaus.plexus.util.dag.CycleDetectedException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import org.springframework.stereotype.Service; import java.util.ArrayList; @@ -38,51 +36,45 @@ import java.util.List; * DefaultRoleModelValidator: validates completeness of the model * * @author: Jesse McConnell - * */ -@Service( "roleModelValidator" ) +@Service("roleModelValidator") public class DefaultRoleModelValidator - implements RoleModelValidator -{ + implements RoleModelValidator { + + private static final Logger log = LoggerFactory.getLogger(DefaultRoleModelValidator.class); + private List<String> validationErrors; - public boolean validate( RedbackRoleModel model ) - throws RoleManagerException - { + public boolean validate(RedbackRoleModel model) + throws RoleManagerException { validationErrors = null; - validateRequiredStructure( model ); - validateResourceClosure( model ); - validateOperationClosure( model ); - validateChildRoleClosure( model ); - validateParentRoleClosure( model ); - validateTemplateClosure( model ); - validateNoRoleCycles( model ); - validateNoTemplateCycles( model ); - - if ( validationErrors == null ) - { + validateRequiredStructure(model); + validateResourceClosure(model); + validateOperationClosure(model); + validateChildRoleClosure(model); + validateParentRoleClosure(model); + validateTemplateClosure(model); + validateNoRoleCycles(model); + validateNoTemplateCycles(model); + + if (validationErrors == null) { return true; - } - else - { + } else { return false; } } - public List<String> getValidationErrors() - { + public List<String> getValidationErrors() { return validationErrors; } - private void addValidationError( String error ) - { - if ( validationErrors == null ) - { - validationErrors = new ArrayList<String>( 0 ); + private void addValidationError(String error) { + if (validationErrors == null) { + validationErrors = new ArrayList<String>(0); } - validationErrors.add( error ); + validationErrors.add(error); } /** @@ -91,125 +83,97 @@ public class DefaultRoleModelValidator * * @param model */ - @SuppressWarnings( "unchecked" ) - private void validateRequiredStructure( RedbackRoleModel model ) - { + @SuppressWarnings("unchecked") + private void validateRequiredStructure(RedbackRoleModel model) { // validate model has name - for ( ModelApplication application : model.getApplications() ) - { - if ( application.getId() == null ) - { - addValidationError( "model is missing application name" ); + for (ModelApplication application : model.getApplications()) { + if (application.getId() == null) { + addValidationError("model is missing application name"); } // validate model has version - if ( application.getVersion() == null ) - { - addValidationError( application.getId() + " is missing version" ); + if (application.getVersion() == null) { + addValidationError(application.getId() + " is missing version"); } // validate resource bits - for ( ModelResource resource : application.getResources() ) - { - if ( resource.getName() == null ) - { - addValidationError( resource.toString() + " missing name" ); + for (ModelResource resource : application.getResources()) { + if (resource.getName() == null) { + addValidationError(resource.toString() + " missing name"); } - if ( resource.getId() == null ) - { - addValidationError( resource.toString() + " missing id" ); + if (resource.getId() == null) { + addValidationError(resource.toString() + " missing id"); } } // validate the operations - for ( ModelOperation operation : application.getOperations() ) - { - if ( operation.getName() == null ) - { - addValidationError( operation.toString() + " missing name" ); + for (ModelOperation operation : application.getOperations()) { + if (operation.getName() == null) { + addValidationError(operation.toString() + " missing name"); } - if ( operation.getId() == null ) - { - addValidationError( operation.toString() + " missing id" ); + if (operation.getId() == null) { + addValidationError(operation.toString() + " missing id"); } } - for ( ModelRole role : application.getRoles() ) - { - if ( role.getId() == null ) - { - addValidationError( role.toString() + " missing id" ); + for (ModelRole role : application.getRoles()) { + if (role.getId() == null) { + addValidationError(role.toString() + " missing id"); } - if ( role.getName() == null ) - { - addValidationError( role.toString() + " missing name" ); + if (role.getName() == null) { + addValidationError(role.toString() + " missing name"); } - if ( role.getPermissions() != null ) - { - for ( ModelPermission permission : role.getPermissions() ) - { - if ( permission.getName() == null ) - { - addValidationError( permission.toString() + " missing name" ); + if (role.getPermissions() != null) { + for (ModelPermission permission : role.getPermissions()) { + if (permission.getName() == null) { + addValidationError(permission.toString() + " missing name"); } - if ( permission.getId() == null ) - { - addValidationError( permission.toString() + " missing id" ); + if (permission.getId() == null) { + addValidationError(permission.toString() + " missing id"); } - if ( permission.getOperation() == null ) - { - addValidationError( permission.toString() + " missing operations" ); + if (permission.getOperation() == null) { + addValidationError(permission.toString() + " missing operations"); } - if ( permission.getResource() == null ) - { - addValidationError( permission.toString() + " missing resource" ); + if (permission.getResource() == null) { + addValidationError(permission.toString() + " missing resource"); } } } } - for ( ModelTemplate template : application.getTemplates() ) - { - if ( template.getId() == null ) - { - addValidationError( template.toString() + " missing id" ); + for (ModelTemplate template : application.getTemplates()) { + if (template.getId() == null) { + addValidationError(template.toString() + " missing id"); } - if ( template.getNamePrefix() == null ) - { - addValidationError( template.toString() + " missing name prefix" ); + if (template.getNamePrefix() == null) { + addValidationError(template.toString() + " missing name prefix"); } - if ( template.getPermissions() != null ) - { - for ( ModelPermission permission : template.getPermissions() ) - { - if ( permission.getName() == null ) - { - addValidationError( permission.toString() + " missing name" ); + if (template.getPermissions() != null) { + for (ModelPermission permission : template.getPermissions()) { + if (permission.getName() == null) { + addValidationError(permission.toString() + " missing name"); } - if ( permission.getId() == null ) - { - addValidationError( permission.toString() + " missing id" ); + if (permission.getId() == null) { + addValidationError(permission.toString() + " missing id"); } - if ( permission.getOperation() == null ) - { - addValidationError( permission.toString() + " missing operations" ); + if (permission.getOperation() == null) { + addValidationError(permission.toString() + " missing operations"); } - if ( permission.getResource() == null ) - { - addValidationError( permission.toString() + " missing resource" ); + if (permission.getResource() == null) { + addValidationError(permission.toString() + " missing resource"); } } } @@ -222,39 +186,29 @@ public class DefaultRoleModelValidator * * @param model */ - private void validateOperationClosure( RedbackRoleModel model ) - { - List<String> operationIdList = RoleModelUtils.getOperationIdList( model ); + private void validateOperationClosure(RedbackRoleModel model) { + List<String> operationIdList = RoleModelUtils.getOperationIdList(model); // check the operations in role permissions - for ( ModelApplication application : model.getApplications() ) - { - for ( ModelRole role : application.getRoles() ) - { - if ( role.getPermissions() != null ) - { - for ( ModelPermission permission : role.getPermissions() ) - { - if ( !operationIdList.contains( permission.getOperation() ) ) - { - addValidationError( "missing operation: " + permission.getOperation() + " in permission " - + permission.getId() ); + for (ModelApplication application : model.getApplications()) { + for (ModelRole role : application.getRoles()) { + if (role.getPermissions() != null) { + for (ModelPermission permission : role.getPermissions()) { + if (!operationIdList.contains(permission.getOperation())) { + addValidationError("missing operation: " + permission.getOperation() + " in permission " + + permission.getId()); } } } } // check the operations in template permissions - for ( ModelTemplate template : application.getTemplates() ) - { - if ( template.getPermissions() != null ) - { - for ( ModelPermission permission : template.getPermissions() ) - { - if ( !operationIdList.contains( permission.getOperation() ) ) - { - addValidationError( "missing operation: " + permission.getOperation() + " in permission " - + permission.getId() ); + for (ModelTemplate template : application.getTemplates()) { + if (template.getPermissions() != null) { + for (ModelPermission permission : template.getPermissions()) { + if (!operationIdList.contains(permission.getOperation())) { + addValidationError("missing operation: " + permission.getOperation() + " in permission " + + permission.getId()); } } } @@ -262,21 +216,15 @@ public class DefaultRoleModelValidator } } - private void validateResourceClosure( RedbackRoleModel model ) - { - List<String> resourceIdList = RoleModelUtils.getResourceIdList( model ); - for ( ModelApplication application : model.getApplications() ) - { - for ( ModelRole role : application.getRoles() ) - { - if ( role.getPermissions() != null ) - { - for ( ModelPermission permission : role.getPermissions() ) - { - if ( !resourceIdList.contains( permission.getResource() ) ) - { - addValidationError( "missing operation: " + permission.getResource() + " in permission " - + permission.getId() ); + private void validateResourceClosure(RedbackRoleModel model) { + List<String> resourceIdList = RoleModelUtils.getResourceIdList(model); + for (ModelApplication application : model.getApplications()) { + for (ModelRole role : application.getRoles()) { + if (role.getPermissions() != null) { + for (ModelPermission permission : role.getPermissions()) { + if (!resourceIdList.contains(permission.getResource())) { + addValidationError("missing operation: " + permission.getResource() + " in permission " + + permission.getId()); } } } @@ -284,36 +232,26 @@ public class DefaultRoleModelValidator } } - private void validateChildRoleClosure( RedbackRoleModel model ) - { - List<String> roleIdList = RoleModelUtils.getRoleIdList( model ); - for ( ModelApplication application : model.getApplications() ) - { - for ( ModelRole role : application.getRoles() ) - { - if ( role.getChildRoles() != null ) - { - for ( String childRoleId : role.getChildRoles() ) - { - if ( !roleIdList.contains( childRoleId ) ) - { + private void validateChildRoleClosure(RedbackRoleModel model) { + List<String> roleIdList = RoleModelUtils.getRoleIdList(model); + for (ModelApplication application : model.getApplications()) { + for (ModelRole role : application.getRoles()) { + if (role.getChildRoles() != null) { + for (String childRoleId : role.getChildRoles()) { + if (!roleIdList.contains(childRoleId)) { addValidationError( - "missing role id: " + childRoleId + " in child roles of role " + role.getId() ); + "missing role id: " + childRoleId + " in child roles of role " + role.getId()); } } } } - for ( ModelTemplate template : application.getTemplates() ) - { - if ( template.getChildRoles() != null ) - { - for ( String childRoleId : template.getChildRoles() ) - { - if ( !roleIdList.contains( childRoleId ) ) - { + for (ModelTemplate template : application.getTemplates()) { + if (template.getChildRoles() != null) { + for (String childRoleId : template.getChildRoles()) { + if (!roleIdList.contains(childRoleId)) { addValidationError( - "missing role id: " + childRoleId + " in child roles of template " + template.getId() ); + "missing role id: " + childRoleId + " in child roles of template " + template.getId()); } } } @@ -321,38 +259,28 @@ public class DefaultRoleModelValidator } } - @SuppressWarnings( "unchecked" ) - private void validateParentRoleClosure( RedbackRoleModel model ) - { - List roleIdList = RoleModelUtils.getRoleIdList( model ); - - for ( ModelApplication application : model.getApplications() ) - { - for ( ModelRole role : application.getRoles() ) - { - if ( role.getParentRoles() != null ) - { - for ( String parentRoleId : role.getParentRoles() ) - { - if ( !roleIdList.contains( parentRoleId ) ) - { + @SuppressWarnings("unchecked") + private void validateParentRoleClosure(RedbackRoleModel model) { + List roleIdList = RoleModelUtils.getRoleIdList(model); + + for (ModelApplication application : model.getApplications()) { + for (ModelRole role : application.getRoles()) { + if (role.getParentRoles() != null) { + for (String parentRoleId : role.getParentRoles()) { + if (!roleIdList.contains(parentRoleId)) { addValidationError( - "missing role id: " + parentRoleId + " in parent roles of role " + role.getId() ); + "missing role id: " + parentRoleId + " in parent roles of role " + role.getId()); } } } } - for ( ModelTemplate template : application.getTemplates() ) - { - if ( template.getParentRoles() != null ) - { - for ( String parentRoleId : template.getParentRoles() ) - { - if ( !roleIdList.contains( parentRoleId ) ) - { - addValidationError( "missing role id: " + parentRoleId + " in parent roles of template " - + template.getId() ); + for (ModelTemplate template : application.getTemplates()) { + if (template.getParentRoles() != null) { + for (String parentRoleId : template.getParentRoles()) { + if (!roleIdList.contains(parentRoleId)) { + addValidationError("missing role id: " + parentRoleId + " in parent roles of template " + + template.getId()); } } } @@ -360,50 +288,38 @@ public class DefaultRoleModelValidator } } - private void validateTemplateClosure( RedbackRoleModel model ) - { - List templateIdList = RoleModelUtils.getTemplateIdList( model ); + private void validateTemplateClosure(RedbackRoleModel model) { + List templateIdList = RoleModelUtils.getTemplateIdList(model); // template name prefix must be unique List<String> templateNamePrefixList = new ArrayList<String>(); - for ( ModelApplication application : model.getApplications() ) - { - for ( ModelTemplate template : application.getTemplates() ) - { - if ( template.getParentTemplates() != null ) - { - for ( String parentTemplateId : template.getParentTemplates() ) - { - if ( !templateIdList.contains( parentTemplateId ) ) - { + for (ModelApplication application : model.getApplications()) { + for (ModelTemplate template : application.getTemplates()) { + if (template.getParentTemplates() != null) { + for (String parentTemplateId : template.getParentTemplates()) { + if (!templateIdList.contains(parentTemplateId)) { addValidationError( - "missing template id: " + parentTemplateId + " in parent templates of template " - + template.getId() ); + "missing template id: " + parentTemplateId + " in parent templates of template " + + template.getId()); } } } - if ( template.getChildTemplates() != null ) - { - for ( String childTemplateId : template.getChildTemplates() ) - { - if ( !templateIdList.contains( childTemplateId ) ) - { + if (template.getChildTemplates() != null) { + for (String childTemplateId : template.getChildTemplates()) { + if (!templateIdList.contains(childTemplateId)) { addValidationError( - "missing template id: " + childTemplateId + " in child templates of template " - + template.getId() ); + "missing template id: " + childTemplateId + " in child templates of template " + + template.getId()); } } } - if ( !templateNamePrefixList.contains( template.getNamePrefix() ) ) - { - templateNamePrefixList.add( template.getNamePrefix() ); - } - else - { - addValidationError( "duplicate name prefix detected: " + template.getNamePrefix() ); + if (!templateNamePrefixList.contains(template.getNamePrefix())) { + templateNamePrefixList.add(template.getNamePrefix()); + } else { + addValidationError("duplicate name prefix detected: " + template.getNamePrefix()); } } } @@ -414,15 +330,14 @@ public class DefaultRoleModelValidator * * @param model */ - private void validateNoRoleCycles( RedbackRoleModel model ) - { - try - { - RoleModelUtils.generateRoleGraph( model ); - } - catch ( CycleDetectedException e ) - { - addValidationError( "cycle detected: " + e.getMessage() ); + private void validateNoRoleCycles(RedbackRoleModel model) { + log.debug("Validating cycles in role model"); + SimpleGraph graph = RoleModelUtils.generateRoleGraph(model); + SimpleNode rootNode = graph.getNode(RoleModelUtils.ROOT); + SimpleNode n; + if ((n = Traversal.findFirstCycleNode(rootNode))!=null) { + log.debug("Adding template cycle validation error for node {}", n.getId()); + addValidationError("Cycle detected at "+n.getId()); } } @@ -430,21 +345,20 @@ public class DefaultRoleModelValidator * We are not allowed to have cycles between template either, this method is to detect and * raise a red flag when that happens. Templates are a bit more complex since they have both * child and parent roles, as well as runtime parent and child templates - * + * <p> * the id should be sufficient to test cycles here even though in runtime the id's do not need to be * unique since it is the binding of a namePrefix and a resource that makes them unique * * @param model */ - private void validateNoTemplateCycles( RedbackRoleModel model ) - { - try - { - RoleModelUtils.generateTemplateGraph( model ); - } - catch ( CycleDetectedException e ) - { - addValidationError( "template cycle detected: " + e.getMessage() ); + private void validateNoTemplateCycles(RedbackRoleModel model) { + log.debug("Validating cycles in role template model "); + SimpleGraph graph = RoleModelUtils.generateTemplateGraph(model); + SimpleNode rootNode = graph.getNode(RoleModelUtils.ROOT); + SimpleNode n; + if ((n = Traversal.findFirstCycleNode(rootNode)) != null) { + log.debug("Adding template cycle validation error for node {}", n.getId()); + addValidationError("Template cycle detected at "+n.getId()); } } } diff --git a/redback-rbac/redback-rbac-role-manager/src/test/java/org/apache/archiva/redback/role/validator/RoleModelValidatorTest.java b/redback-rbac/redback-rbac-role-manager/src/test/java/org/apache/archiva/redback/role/validator/RoleModelValidatorTest.java index e360f64..da97b63 100644 --- a/redback-rbac/redback-rbac-role-manager/src/test/java/org/apache/archiva/redback/role/validator/RoleModelValidatorTest.java +++ b/redback-rbac/redback-rbac-role-manager/src/test/java/org/apache/archiva/redback/role/validator/RoleModelValidatorTest.java @@ -112,9 +112,9 @@ public class RoleModelValidatorTest assertTrue( checkForValidationError( modelValidator.getValidationErrors(), "test-template-missing-child-template" ) ); - assertTrue( checkForValidationError( modelValidator.getValidationErrors(), "cycle detected" ) ); + assertTrue( checkForValidationError( modelValidator.getValidationErrors(), "Cycle detected" ) ); - assertTrue( checkForValidationError( modelValidator.getValidationErrors(), "template cycle detected" ) ); + assertTrue( checkForValidationError( modelValidator.getValidationErrors(), "Template cycle detected" ) ); } diff --git a/redback-rbac/redback-rbac-role-manager/src/test/resources/log4j2-test.xml b/redback-rbac/redback-rbac-role-manager/src/test/resources/log4j2-test.xml new file mode 100644 index 0000000..d54f360 --- /dev/null +++ b/redback-rbac/redback-rbac-role-manager/src/test/resources/log4j2-test.xml @@ -0,0 +1,36 @@ +<?xml version="1.0" encoding="UTF-8" ?> +<!-- + ~ Licensed to the Apache Software Foundation (ASF) under one + ~ or more contributor license agreements. See the NOTICE file + ~ distributed with this work for additional information + ~ regarding copyright ownership. The ASF licenses this file + ~ to you under the Apache License, Version 2.0 (the + ~ "License"); you may not use this file except in compliance + ~ with the License. You may obtain a copy of the License at + ~ + ~ http://www.apache.org/licenses/LICENSE-2.0 + ~ + ~ Unless required by applicable law or agreed to in writing, + ~ software distributed under the License is distributed on an + ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + ~ KIND, either express or implied. See the License for the + ~ specific language governing permissions and limitations + ~ under the License. + --> +<configuration> + <appenders> + <Console name="console" target="SYSTEM_OUT"> + <PatternLayout pattern="%d{HH:mm:ss.SSS} [%t] %-5level %logger{36} - %msg%n"/> + </Console> + </appenders> + <loggers> + <logger name="org.apache.archiva.redback.role" level="info" /> + <logger name="org.apache.archiva.components.graph" level="info" /> + + <root level="error" includeLocation="true"> + <appender-ref ref="console"/> + </root> + </loggers> +</configuration> + +
