Re: svn commit: r824677 - in /archiva/trunk/archiva-modules/archiva-web/archiva-webdav/src: main/java/org/apache/maven/archiva/webdav/ test/java/org/apache/maven/archiva/webdav/ test/resources/

[Brett Porter]

On 13/10/2009, at 9:36 PM, och...@apache.org wrote:
-                resource =
-                    processRepositoryGroup( request,  
archivaLocator, repoGroupConfig.getRepositories(),
-                                            activePrincipal,  
resourcesInAbsolutePath );
+                try
+                {
+                    resource =
+                        processRepositoryGroup( request,  
archivaLocator, repoGroupConfig.getRepositories(),
+                                                activePrincipal,  
resourcesInAbsolutePath );
+                }
+                catch ( ReleaseArtifactAlreadyExistsException e )
+                {
+                    throw new DavException 
( HttpServletResponse.SC_CONFLICT );
+                }


it might make more sense just to throw this at the source and  
eliminate the exception, since the result is always the same?
        // MRM-872 : merge all available metadata
        // merge metadata only when requested via the repo group
-        if ( ( repositoryRequest.isMetadata( requestedResource ) ||  
( requestedResource.endsWith( "metadata.xml.sha1" ) ||  
requestedResource.endsWith( "metadata.xml.md5" ) ) )
-            && repoGroupConfig != null )
+        if ( ( repositoryRequest.isMetadata( requestedResource ) ||  
( requestedResource.endsWith( "metadata.xml.sha1" ) ||  
requestedResource.endsWith( "metadata.xml.md5" ) ) ) &&
+            repoGroupConfig != null )

Should this use "isSupportFile" like below? That will cover the two  
metadata checksums

@@ -482,6 +496,35 @@

            if ( request.getMethod().equals( HTTP_PUT_METHOD ) )
            {
+                String resourcePath = logicalResource.getPath();
+
+                // check if target repo is enabled for releases
+                // we suppose that release-artifacts can deployed  
only to repos enabled for releases
+                if ( managedRepository.getRepository().isReleases()  
&& !repositoryRequest.isMetadata( resourcePath ) &&
+                    !repositoryRequest.isSupportFile 
( resourcePath ) )
+                {
+                    ArtifactReference artifact = null;
+                    try
+                    {
+                        artifact =  
managedRepository.toArtifactReference( resourcePath );
+                    }
+                    catch ( LayoutException e )
+                    {
+                        throw new DavException 
( HttpServletResponse.SC_BAD_REQUEST, e );
+                    }
+
+                    if ( !VersionUtil.isSnapshot 
( artifact.getVersion() ) )
+                    {
+                        // check if artifact already exists
+                        if ( managedRepository.hasContent 
( artifact ) )
+                        {
+                            log.warn( "Overwriting released  
artifacts is not allowed." );
+                            throw new  
ReleaseArtifactAlreadyExistsException( managedRepository.getId(),
+ 
                                                                             "Overwriting 
 released artifacts is not allowed." );
+                        }
+                    }
+                }
+

Is it necessarily a bad request if the reference can't be derived, or  
should the check just be skipped?

Also, given this is a point release (1.2.3), I don't think this kind  
of functionality change should be imposed on users - can we offer a  
configuration option?

Cheers,
Brett