archiva-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From och...@apache.org
Subject svn commit: r636284 - in /maven/archiva/trunk/archiva-web: archiva-security/src/main/java/org/apache/maven/archiva/security/ archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/ archiva-webapp/src/main/resources/ archiva-webapp/src/main/we...
Date Wed, 12 Mar 2008 11:41:56 GMT
Author: oching
Date: Wed Mar 12 04:41:48 2008
New Revision: 636284

URL: http://svn.apache.org/viewvc?rev=636284&view=rev
Log:
[MRM-216]
-copy temporary upload file to the target repository
-added check if user has upload permission to the repository

Modified:
    maven/archiva/trunk/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java
    maven/archiva/trunk/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/UserRepositories.java
    maven/archiva/trunk/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/UploadAction.java
    maven/archiva/trunk/archiva-web/archiva-webapp/src/main/resources/xwork.xml
    maven/archiva/trunk/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/upload.jsp

Modified: maven/archiva/trunk/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java
URL: http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java?rev=636284&r1=636283&r2=636284&view=diff
==============================================================================
--- maven/archiva/trunk/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java
(original)
+++ maven/archiva/trunk/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java
Wed Mar 12 04:41:48 2008
@@ -36,13 +36,11 @@
 import org.codehaus.plexus.redback.users.UserNotFoundException;
 
 /**
- * DefaultUserRepositories 
- *
+ * DefaultUserRepositories
+ * 
  * @author <a href="mailto:joakime@apache.org">Joakim Erdfelt</a>
  * @version $Id$
- * 
- * @plexus.component role="org.apache.maven.archiva.security.UserRepositories"
- *                   role-hint="default"
+ * @plexus.component role="org.apache.maven.archiva.security.UserRepositories" role-hint="default"
  */
 public class DefaultUserRepositories
     implements UserRepositories
@@ -61,12 +59,12 @@
      * @plexus.requirement role-hint="default"
      */
     private RoleManager roleManager;
-    
+
     /**
      * @plexus.requirement
      */
     private ArchivaConfiguration archivaConfiguration;
-    
+
     public List<String> getObservableRepositoryIds( String principal )
         throws PrincipalNotFoundException, AccessDeniedException, ArchivaSecurityException
     {
@@ -79,20 +77,22 @@
             {
                 throw new AccessDeniedException( "User " + principal + "(" + user.getFullName()
+ ") is locked." );
             }
-            
+
             AuthenticationResult authn = new AuthenticationResult( true, principal, null
);
             SecuritySession securitySession = new DefaultSecuritySession( authn, user );
-            
+
             List<String> repoIds = new ArrayList<String>();
 
-            List<ManagedRepositoryConfiguration> repos = archivaConfiguration.getConfiguration().getManagedRepositories();
-            
+            List<ManagedRepositoryConfiguration> repos =
+                archivaConfiguration.getConfiguration().getManagedRepositories();
+
             for ( ManagedRepositoryConfiguration repo : repos )
             {
                 try
                 {
                     String repoId = repo.getId();
-                    if ( securitySystem.isAuthorized( securitySession, ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS,
repoId ) )
+                    if ( securitySystem.isAuthorized( securitySession,
+                                                      ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS,
repoId ) )
                     {
                         repoIds.add( repoId );
                     }
@@ -102,7 +102,7 @@
                     // swallow.
                 }
             }
-            
+
             return repoIds;
         }
         catch ( UserNotFoundException e )
@@ -128,8 +128,38 @@
         }
         catch ( RoleManagerException e )
         {
-            throw new ArchivaSecurityException( "Unable to create roles for configured repositories:
" + e.getMessage(),
+            throw new ArchivaSecurityException(
+                                                "Unable to create roles for configured repositories:
" + e.getMessage(),
                                                 e );
+        }
+    }
+
+    public boolean isAuthorizedToUploadArtifacts( String principal, String repoId )
+        throws PrincipalNotFoundException, ArchivaSecurityException
+    {
+        try
+        {
+            User user = securitySystem.getUserManager().findUser( principal );
+
+            if ( user.isLocked() )
+            {
+                throw new AccessDeniedException( "User " + principal + "(" + user.getFullName()
+ ") is locked." );
+            }
+
+            AuthenticationResult authn = new AuthenticationResult( true, principal, null
);
+            SecuritySession securitySession = new DefaultSecuritySession( authn, user );
+
+            return securitySystem.isAuthorized( securitySession, ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD,
+                                                repoId );
+
+        }
+        catch ( UserNotFoundException e )
+        {
+            throw new PrincipalNotFoundException( "Unable to find principal " + principal
+ "" );
+        }
+        catch ( AuthorizationException e )
+        {
+            throw new ArchivaSecurityException( e.getMessage() );
         }
     }
 }

Modified: maven/archiva/trunk/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/UserRepositories.java
URL: http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/UserRepositories.java?rev=636284&r1=636283&r2=636284&view=diff
==============================================================================
--- maven/archiva/trunk/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/UserRepositories.java
(original)
+++ maven/archiva/trunk/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/UserRepositories.java
Wed Mar 12 04:41:48 2008
@@ -49,4 +49,17 @@
      */
     public void createMissingRepositoryRoles( String repoId )
         throws ArchivaSecurityException;
+    
+    /**
+     * Check if user is authorized to upload artifacts in the repository.
+     * 
+     * @param principal
+     * @param repoId
+     * @return
+     * @throws PrincipalNotFoundException
+     * @throws ArchivaSecurityException
+     */
+    public boolean isAuthorizedToUploadArtifacts( String principal, String repoId)
+        throws PrincipalNotFoundException, ArchivaSecurityException;
+    
 }

Modified: maven/archiva/trunk/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/UploadAction.java
URL: http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/UploadAction.java?rev=636284&r1=636283&r2=636284&view=diff
==============================================================================
--- maven/archiva/trunk/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/UploadAction.java
(original)
+++ maven/archiva/trunk/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/UploadAction.java
Wed Mar 12 04:41:48 2008
@@ -20,14 +20,24 @@
  */
 
 import org.codehaus.plexus.xwork.action.PlexusActionSupport;
-import org.apache.maven.archiva.configuration.Configuration; 
-// import org.apache.maven.archiva.configuration.ArchivaConfiguration;
-// import org.apache.maven.archiva.configuration.RepositoryConfiguration;
-// import org.apache.maven.archiva.repository.layout.BidirectionalRepositoryLayoutFactory;
-// import org.apache.maven.archiva.repository.layout.BidirectionalRepositoryLayout;
-// import org.apache.maven.archiva.repository.layout.LayoutException;
-import org.apache.maven.archiva.model.ArchivaArtifact;
+import org.apache.maven.archiva.configuration.ArchivaConfiguration;
+import org.apache.maven.archiva.configuration.ManagedRepositoryConfiguration;
+import org.apache.maven.archiva.model.ArtifactReference;
+import org.apache.maven.archiva.repository.ManagedRepositoryContent;
+import org.apache.maven.archiva.repository.RepositoryContentFactory;
+import org.apache.maven.archiva.repository.RepositoryException;
+import org.apache.maven.archiva.repository.RepositoryNotFoundException;
+import org.apache.maven.archiva.security.ArchivaSecurityException;
+import org.apache.maven.archiva.security.ArchivaUser;
+import org.apache.maven.archiva.security.PrincipalNotFoundException;
+import org.apache.maven.archiva.security.UserRepositories;
+
+import com.opensymphony.xwork.Validateable;
+
 import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
+import java.io.IOException;
 
 /**
  * Upload an artifact.
@@ -37,8 +47,8 @@
  */
 public class UploadAction
     extends PlexusActionSupport
+    implements Validateable
 {
-
     private String groupId;
 
     private String artifactId;
@@ -58,13 +68,25 @@
     private String repositoryId;
 
     /**
-     * @plexus.requirement role-hint="default"
+     * @plexus.requirement role-hint="xwork"
+     */
+    private ArchivaUser archivaUser;
+
+    /**
+     * @plexus.requirement
      */
-    // private ArchivaConfiguration configuration;
+    private UserRepositories userRepositories;
+
     /**
      * @plexus.requirement role-hint="default"
      */
-    // private BidirectionalRepositoryLayoutFactory layoutFactory;
+    private ArchivaConfiguration configuration;
+
+    /**
+     * @plexus.requirement
+     */
+    private RepositoryContentFactory repositoryFactory;
+
     public void setUpload( File file )
     {
         this.file = file;
@@ -142,25 +164,124 @@
 
     public String upload()
     {
+        // TODO populate repository id field
+        // TODO form validation
+
         getLogger().debug( "upload" );
-        return SUCCESS;
+        return INPUT;
     }
 
     public String doUpload()
-    // throws LayoutException
     {
-        // TODO: adapt to changes in RepositoryConfiguration from the MRM-462 branch
-        // RepositoryConfiguration rc = configuration.getConfiguration().findRepositoryById(
repositoryId );
-        // String layout = rc.getLayout();
-        // String url = rc.getUrl();
-        // ArchivaArtifact artifact = new ArchivaArtifact( groupId, artifactId, version,
classifier, packaging );
-        // BidirectionalRepositoryLayout repositoryLayout = layoutFactory.getLayout( layout
);
-
-        // output from getLogger().debug(...) not appearing in logs, so...
-        // System.out.println( "doUpload, file: " + file.getAbsolutePath() );
-        // System.out.println( "doUpload, path: " + repositoryLayout.toPath( artifact ) );
-
-        return SUCCESS;
+        try
+        {
+            ManagedRepositoryConfiguration repoConfig =
+                configuration.getConfiguration().findManagedRepositoryById( repositoryId
);
+
+            ArtifactReference artifactReference = new ArtifactReference();
+            artifactReference.setArtifactId( artifactId );
+            artifactReference.setGroupId( groupId );
+            artifactReference.setVersion( version );
+            artifactReference.setClassifier( classifier );
+            artifactReference.setType( packaging );
+
+            ManagedRepositoryContent repository = repositoryFactory.getManagedRepositoryContent(
repositoryId );
+
+            String artifactPath = repository.toPath( artifactReference );
+
+            int lastIndex = artifactPath.lastIndexOf( '/' );
+
+            File targetPath = new File( repoConfig.getLocation(), artifactPath.substring(
0, lastIndex ) );
+
+            if ( !targetPath.exists() )
+            {
+                targetPath.mkdirs();
+            }
+
+            copyFile( targetPath, artifactPath.substring( lastIndex + 1 ) );
+
+            // 1. check if user has permission to deploy to the repository
+            // - get writable user repositories (need to add new method
+            // for this in DefaultUserRepositories)
+
+            // 2. if user has write permission:
+            // - get repository path (consider the layout -- default or legacy)
+            // - if the artifact is not a pom, create pom file (use ProjectModel400Writer
in archiva-repository-layer)
+            // - create directories in the repository (groupId, artifactId, version)
+            // - re-write uploaded jar file
+            // - write generated pom
+            // - update metadata
+
+            // TODO delete temporary file (upload)
+            // TODO improve action error messages below
+
+            return SUCCESS;
+        }
+        catch ( IOException ie )
+        {
+            addActionError( "Error encountered while uploading file: " + ie.getMessage()
);
+            return ERROR;
+        }
+        catch ( RepositoryNotFoundException re )
+        {
+            addActionError( "Target repository cannot be found: " + re.getMessage() );
+            return ERROR;
+        }
+        catch ( RepositoryException rep )
+        {
+            addActionError( "Repository exception: " + rep.getMessage() );
+            return ERROR;
+        }
+    }
+
+    private String getPrincipal()
+    {
+        return archivaUser.getActivePrincipal();
+    }
+
+    private void copyFile( File targetPath, String artifactFilename )
+        throws IOException
+    {
+        FileOutputStream out = new FileOutputStream( new File( targetPath, artifactFilename
) );
+
+        try
+        {
+            FileInputStream input = new FileInputStream( file );
+            int i = 0;
+            while ( ( i = input.read() ) != -1 )
+            {
+                out.write( i );
+            }
+            out.flush();
+        }
+        finally
+        {
+            out.close();
+        }
+    }
+
+    private void generatePom()
+    {
+        // TODO: use ProjectModel400Writer
+    }
+
+    public void validate()
+    {
+        try
+        {
+            // is this enough check for the repository permission?
+            if ( !userRepositories.isAuthorizedToUploadArtifacts( getPrincipal(), repositoryId
) )
+            {
+                addActionError( "User is not authorized to upload in repository " + repositoryId
);
+            }
+        }
+        catch ( PrincipalNotFoundException pe )
+        {
+            addActionError( pe.getMessage() );
+        }
+        catch ( ArchivaSecurityException ae )
+        {
+            addActionError( ae.getMessage() );
+        }
     }
-    
 }

Modified: maven/archiva/trunk/archiva-web/archiva-webapp/src/main/resources/xwork.xml
URL: http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-web/archiva-webapp/src/main/resources/xwork.xml?rev=636284&r1=636283&r2=636284&view=diff
==============================================================================
--- maven/archiva/trunk/archiva-web/archiva-webapp/src/main/resources/xwork.xml (original)
+++ maven/archiva/trunk/archiva-web/archiva-webapp/src/main/resources/xwork.xml Wed Mar 12
04:41:48 2008
@@ -165,12 +165,9 @@
     </action>
 
     <action name="upload" class="uploadAction" method="upload">
-      <result>/WEB-INF/jsp/upload.jsp</result>
-    </action>
-
-    <action name="doUpload" class="uploadAction" method="doUpload">
       <interceptor-ref name="fileUpload"/>
       <interceptor-ref name="basicStack"/>
+      <result name="input">/WEB-INF/jsp/upload.jsp</result>
       <result name="success">/WEB-INF/jsp/upload.jsp</result>
     </action>
 

Modified: maven/archiva/trunk/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/upload.jsp
URL: http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/upload.jsp?rev=636284&r1=636283&r2=636284&view=diff
==============================================================================
--- maven/archiva/trunk/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/upload.jsp
(original)
+++ maven/archiva/trunk/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/upload.jsp
Wed Mar 12 04:41:48 2008
@@ -32,7 +32,7 @@
 
 <h1>Upload Artifact</h1>
 <div id="contentArea">
-  <ww:form action="doUpload" method="post" enctype="multipart/form-data">
+  <ww:form action="upload!doUpload" method="post" enctype="multipart/form-data">
     <%@ include file="/WEB-INF/jsp/include/uploadForm.jspf" %>
     <ww:submit/>
   </ww:form>



Mime
View raw message