Author: rfscholte
Date: Wed Jan 30 20:55:18 2013
New Revision: 1440665
URL: http://svn.apache.org/viewvc?rev=1440665&view=rev
Log:
[MPH-91] No deep copy of effective-settings, causing passwords to be
anonymized during further executions
Added:
maven/plugins/trunk/maven-help-plugin/src/it/effective-settings_deep-clone/
maven/plugins/trunk/maven-help-plugin/src/it/effective-settings_deep-clone/
invoker.properties
maven/plugins/trunk/maven-help-plugin/src/it/effective-settings_deep-clone/
pom.xml
maven/plugins/trunk/maven-help-plugin/src/it/effective-settings_deep-clone/
verify.groovy Modified:
maven/plugins/trunk/maven-help-plugin/src/it/settings.xml
maven/plugins/trunk/maven-help-plugin/src/main/java/org/apache/maven/plugin
s/help/EffectiveSettingsMojo.java
Added:
maven/plugins/trunk/maven-help-plugin/src/it/effective-settings_deep-clone/
invoker.properties URL:
http://svn.apache.org/viewvc/maven/plugins/trunk/maven-help-plugin/src/it/e
ffective-settings_deep-clone/invoker.properties?rev=1440665&view=auto
===========================================================================
=== ---
maven/plugins/trunk/maven-help-plugin/src/it/effective-settings_deep-clone/
invoker.properties (added) +++
maven/plugins/trunk/maven-help-plugin/src/it/effective-settings_deep-clone/
invoker.properties Wed Jan 30 20:55:18 2013 @@ -0,0 +1 @@
+invoker.goals =
${project.groupId}:${project.artifactId}:${project.version}:effective-setti
ngs validate
Added:
maven/plugins/trunk/maven-help-plugin/src/it/effective-settings_deep-clone/
pom.xml URL:
http://svn.apache.org/viewvc/maven/plugins/trunk/maven-help-plugin/src/it/e
ffective-settings_deep-clone/pom.xml?rev=1440665&view=auto
===========================================================================
=== ---
maven/plugins/trunk/maven-help-plugin/src/it/effective-settings_deep-clone/
pom.xml (added) +++
maven/plugins/trunk/maven-help-plugin/src/it/effective-settings_deep-clone/
pom.xml Wed Jan 30 20:55:18 2013 @@ -0,0 +1,71 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+
+<project>
+ <modelVersion>4.0.0</modelVersion>
+
+ <groupId>org.apache.maven.its.help</groupId>
+ <artifactId>effective-settings_deep-clone</artifactId>
+ <version>1.0-SNAPSHOT</version>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-help-plugin</artifactId>
+ <version>@project.version@</version>
+ <executions>
+ <execution>
+ <id>proxy-password</id>
+ <phase>validate</phase>
+ <goals>
+ <goal>evaluate</goal>
+ </goals>
+ <configuration>
+ <expression>settings.proxies[0].password</expression>
+ </configuration>
+ </execution>
+ <execution>
+ <id>server-password</id>
+ <phase>validate</phase>
+ <goals>
+ <goal>evaluate</goal>
+ </goals>
+ <configuration>
+ <expression>settings.servers[0].password</expression>
+ </configuration>
+ </execution>
+ <execution>
+ <id>server-passphrase</id>
+ <phase>validate</phase>
+ <goals>
+ <goal>evaluate</goal>
+ </goals>
+ <configuration>
+ <expression>settings.servers[0].passphrase</expression>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+
+</project>
Added:
maven/plugins/trunk/maven-help-plugin/src/it/effective-settings_deep-clone/
verify.groovy URL:
http://svn.apache.org/viewvc/maven/plugins/trunk/maven-help-plugin/src/it/e
ffective-settings_deep-clone/verify.groovy?rev=1440665&view=auto
===========================================================================
=== ---
maven/plugins/trunk/maven-help-plugin/src/it/effective-settings_deep-clone/
verify.groovy (added) +++
maven/plugins/trunk/maven-help-plugin/src/it/effective-settings_deep-clone/
verify.groovy Wed Jan 30 20:55:18 2013 @@ -0,0 +1,28 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+def buildLog = new File(basedir, 'build.log');
+assert buildLog.exists()
+
+// for effective-settings call
+assert 3 == buildLog.text.count('***')
+
+// for evaluate calls
+assert buildLog.text.contains('proxy-password')
+assert buildLog.text.contains('server-password')
+assert buildLog.text.contains('server-passphrase')
Modified: maven/plugins/trunk/maven-help-plugin/src/it/settings.xml
URL:
http://svn.apache.org/viewvc/maven/plugins/trunk/maven-help-plugin/src/it/s
ettings.xml?rev=1440665&r1=1440664&r2=1440665&view=diff
===========================================================================
=== --- maven/plugins/trunk/maven-help-plugin/src/it/settings.xml
(original)
+++ maven/plugins/trunk/maven-help-plugin/src/it/settings.xml Wed Jan 30
20:55:18 2013 @@ -20,6 +20,22 @@ under the License.
-->
<settings>
+ <proxies>
+ <proxy>
+ <id>deep-clone</id>
+ <active>false</active>
+ <password>proxy-password</password>
+ </proxy>
+ </proxies>
+
+ <servers>
+ <server>
+ <id>deep-clone</id>
+ <password>server-password</password>
+ <passphrase>server-passphrase</passphrase>
+ </server>
+ </servers>
+
<profiles>
<profile>
<id>it-repo</id>
Modified:
maven/plugins/trunk/maven-help-plugin/src/main/java/org/apache/maven/plugin
s/help/EffectiveSettingsMojo.java URL:
http://svn.apache.org/viewvc/maven/plugins/trunk/maven-help-plugin/src/main
/java/org/apache/maven/plugins/help/EffectiveSettingsMojo.java?rev=1440665&r
1=1440664&r2=1440665&view=diff
===========================================================================
=== ---
maven/plugins/trunk/maven-help-plugin/src/main/java/org/apache/maven/plugin
s/help/EffectiveSettingsMojo.java (original) +++
maven/plugins/trunk/maven-help-plugin/src/main/java/org/apache/maven/plugin
s/help/EffectiveSettingsMojo.java Wed Jan 30 20:55:18 2013 @@ -27,6
+27,7 @@
import org.apache.maven.settings.Profile
import org.apache.maven.settings.Proxy;
import org.apache.maven.settings.Server;
import org.apache.maven.settings.Settings;
+import org.apache.maven.settings.SettingsUtils;
import org.apache.maven.settings.io.xpp3.SettingsXpp3Writer;
import org.codehaus.plexus.util.StringUtils;
import org.codehaus.plexus.util.xml.PrettyPrintXMLWriter;
@@ -37,6 +38,7 @@ import java.io.IOException;
import java.io.StringWriter;
import java.net.InetAddress;
import java.net.UnknownHostException;
+import java.util.ArrayList;
import java.util.List;
import java.util.Properties;
@@ -142,7 +144,6 @@ public class EffectiveSettingsMojo
*/
private static void hidePasswords( Settings aSettings )
{
- @SuppressWarnings( "unchecked" )
List<Proxy> proxies = aSettings.getProxies();
for ( Proxy proxy : proxies )
{
@@ -152,7 +153,6 @@ public class EffectiveSettingsMojo
}
}
- @SuppressWarnings( "unchecked" )
List<Server> servers = aSettings.getServers();
for ( Server server : servers )
{
@@ -170,10 +170,8 @@ public class EffectiveSettingsMojo
}
/**
- * TODO: should be replaced by SettingsUtils#copySettings() in
2.0.10+.
- *
- * @param settings could be null
- * @return a new instance of settings or null if settings was null.
+ * @param settings could be {@code null}
+ * @return a new instance of settings or {@code null} if settings
was
{@code null}. */
private static Settings copySettings( Settings settings )
{
@@ -181,21 +179,46 @@ public class EffectiveSettingsMojo
{
return null;
}
-
- Settings clone = new Settings();
- clone.setActiveProfiles( settings.getActiveProfiles() );
- clone.setInteractiveMode( settings.isInteractiveMode() );
- clone.setLocalRepository( settings.getLocalRepository() );
- clone.setMirrors( settings.getMirrors() );
- clone.setOffline( settings.isOffline() );
- clone.setPluginGroups( settings.getPluginGroups() );
- clone.setProfiles( settings.getProfiles() );
- clone.setProxies( settings.getProxies() );
- clone.setRuntimeInfo( settings.getRuntimeInfo() );
- clone.setServers( settings.getServers() );
- clone.setSourceLevel( settings.getSourceLevel() );
- clone.setUsePluginRegistry( settings.isUsePluginRegistry() );
-
+
+ // Not a deep copy in M2.2.1 !!!
+ Settings clone = SettingsUtils.copySettings( settings );
+
+ List<Server> clonedServers = new ArrayList<Server>(
settings.getServers().size() ); + for ( Server server :
settings.getServers() )
+ {
+ Server clonedServer = new Server();
+ clonedServer.setConfiguration( server.getConfiguration() );
+ clonedServer.setDirectoryPermissions(
server.getDirectoryPermissions() ); +
clonedServer.setFilePermissions( server.getFilePermissions() ); +
clonedServer.setId( server.getId() );
+ clonedServer.setPassphrase( server.getPassphrase() );
+ clonedServer.setPassword( server.getPassword() );
+ clonedServer.setPrivateKey( server.getPrivateKey() );
+ clonedServer.setSourceLevel( server.getSourceLevel() );
+ clonedServer.setUsername( server.getUsername() );
+
+ clonedServers.add( clonedServer );
+ }
+ clone.setServers( clonedServers );
+
+ List<Proxy> clonedProxies = new ArrayList<Proxy>(
settings.getProxies().size() ); + for( Proxy proxy :
settings.getProxies() )
+ {
+ Proxy clonedProxy = new Proxy();
+ clonedProxy.setActive( proxy.isActive() );
+ clonedProxy.setHost( proxy.getHost() );
+ clonedProxy.setId( proxy.getId() );
+ clonedProxy.setNonProxyHosts( proxy.getNonProxyHosts() );
+ clonedProxy.setPassword( proxy.getPassword() );
+ clonedProxy.setPort( proxy.getPort() );
+ clonedProxy.setProtocol( proxy.getProtocol() );
+ clonedProxy.setSourceLevel( proxy.getSourceLevel() );
+ clonedProxy.setUsername( proxy.getUsername() );
+
+ clonedProxies.add( clonedProxy );
+ }
+ clone.setProxies( clonedProxies );
+
return clone;
}
@@ -238,7 +261,6 @@ public class EffectiveSettingsMojo
*/
private static void cleanSettings( Settings settings )
{
- @SuppressWarnings( "unchecked" )
List<Profile> profiles = settings.getProfiles();
for ( Profile profile : profiles )
{
