continuum-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jmcconn...@apache.org
Subject svn commit: r503818 - in /maven/continuum/trunk: continuum-core/src/main/java/org/apache/maven/continuum/core/action/ continuum-core/src/test/resources/org/apache/maven/continuum/ continuum-security/src/main/java/org/apache/maven/continuum/security/ co...
Date Mon, 05 Feb 2007 19:02:24 GMT
Author: jmcconnell
Date: Mon Feb  5 11:02:24 2007
New Revision: 503818

URL: http://svn.apache.org/viewvc?view=rev&rev=503818
Log:
added restrictive role granting functionality and the Project Group Administrator role.  If
you are a PGA for a project then you have the ability to assign those roles associated with
that project group to other users

Added:
    maven/continuum/trunk/continuum-security/src/main/java/org/apache/maven/continuum/security/profile/ProjectGroupAdministratorDynamicRoleProfile.java
  (with props)
Modified:
    maven/continuum/trunk/continuum-core/src/main/java/org/apache/maven/continuum/core/action/AddAssignableRolesAction.java
    maven/continuum/trunk/continuum-core/src/test/resources/org/apache/maven/continuum/DefaultContinuumTest.xml
    maven/continuum/trunk/continuum-security/src/main/java/org/apache/maven/continuum/security/ContinuumRoleConstants.java
    maven/continuum/trunk/continuum-security/src/main/java/org/apache/maven/continuum/security/profile/ProjectGroupDeveloperDynamicRoleProfile.java
    maven/continuum/trunk/continuum-security/src/main/resources/META-INF/plexus/components.xml

Modified: maven/continuum/trunk/continuum-core/src/main/java/org/apache/maven/continuum/core/action/AddAssignableRolesAction.java
URL: http://svn.apache.org/viewvc/maven/continuum/trunk/continuum-core/src/main/java/org/apache/maven/continuum/core/action/AddAssignableRolesAction.java?view=diff&rev=503818&r1=503817&r2=503818
==============================================================================
--- maven/continuum/trunk/continuum-core/src/main/java/org/apache/maven/continuum/core/action/AddAssignableRolesAction.java
(original)
+++ maven/continuum/trunk/continuum-core/src/main/java/org/apache/maven/continuum/core/action/AddAssignableRolesAction.java
Mon Feb  5 11:02:24 2007
@@ -60,6 +60,8 @@
 
         try
         {
+            Role administrator = roleManager.getDynamicRole( "continuum-group-project-administrator",
projectGroup.getName() );
+
             Role developer = roleManager.getDynamicRole( "continuum-group-developer", projectGroup.getName()
);
 
             Role user = roleManager.getDynamicRole( "continuum-group-user", projectGroup.getName()
);

Modified: maven/continuum/trunk/continuum-core/src/test/resources/org/apache/maven/continuum/DefaultContinuumTest.xml
URL: http://svn.apache.org/viewvc/maven/continuum/trunk/continuum-core/src/test/resources/org/apache/maven/continuum/DefaultContinuumTest.xml?view=diff&rev=503818&r1=503817&r2=503818
==============================================================================
--- maven/continuum/trunk/continuum-core/src/test/resources/org/apache/maven/continuum/DefaultContinuumTest.xml
(original)
+++ maven/continuum/trunk/continuum-core/src/test/resources/org/apache/maven/continuum/DefaultContinuumTest.xml
Mon Feb  5 11:02:24 2007
@@ -55,6 +55,17 @@
     -->
     <component>
       <role>org.codehaus.plexus.rbac.profile.DynamicRoleProfile</role>
+      <role-hint>continuum-group-project-administrator</role-hint>
+      <implementation>org.apache.maven.continuum.security.profile.ProjectGroupAdministratorDynamicRoleProfile</implementation>
+      <requirements>
+        <requirement>
+          <role>org.codehaus.plexus.security.rbac.RBACManager</role>
+          <role-hint>memory</role-hint>
+        </requirement>
+      </requirements>
+    </component>
+    <component>
+      <role>org.codehaus.plexus.rbac.profile.DynamicRoleProfile</role>
       <role-hint>continuum-group-developer</role-hint>
       <implementation>org.apache.maven.continuum.security.profile.ProjectGroupDeveloperDynamicRoleProfile</implementation>
       <requirements>

Modified: maven/continuum/trunk/continuum-security/src/main/java/org/apache/maven/continuum/security/ContinuumRoleConstants.java
URL: http://svn.apache.org/viewvc/maven/continuum/trunk/continuum-security/src/main/java/org/apache/maven/continuum/security/ContinuumRoleConstants.java?view=diff&rev=503818&r1=503817&r2=503818
==============================================================================
--- maven/continuum/trunk/continuum-security/src/main/java/org/apache/maven/continuum/security/ContinuumRoleConstants.java
(original)
+++ maven/continuum/trunk/continuum-security/src/main/java/org/apache/maven/continuum/security/ContinuumRoleConstants.java
Mon Feb  5 11:02:24 2007
@@ -36,6 +36,7 @@
     public static final String GUEST_ROLE = "Guest";
 
     // roles
+    public static final String CONTINUUM_PROJECT_ADMINISTRATOR_ROLE_PREFIX = "Project Administrator";
     public static final String CONTINUUM_PROJECT_DEVELOPER_ROLE_PREFIX = "Project Developer";
     public static final String CONTINUUM_PROJECT_USER_ROLE_PREFIX = "Project User";
 
@@ -67,5 +68,9 @@
     public static final String CONTINUUM_ADD_PROJECT_NOTIFIER_OPERATION = "continuum-add-project-notifier";
     public static final String CONTINUUM_REMOVE_PROJECT_NOTIFIER_OPERATION = "continuum-remove-project-notifier";
     public static final String CONTINUUM_MODIFY_PROJECT_NOTIFIER_OPERATION = "continuum-modify-project-notifier";
+
+    // operations against user assignment.
+    public static final String USER_MANAGEMENT_ROLE_GRANT_OPERATION = "user-management-role-grant";
+    public static final String USER_MANAGEMENT_USER_ROLE_OPERATION = "user-management-user-role";
 
 }

Added: maven/continuum/trunk/continuum-security/src/main/java/org/apache/maven/continuum/security/profile/ProjectGroupAdministratorDynamicRoleProfile.java
URL: http://svn.apache.org/viewvc/maven/continuum/trunk/continuum-security/src/main/java/org/apache/maven/continuum/security/profile/ProjectGroupAdministratorDynamicRoleProfile.java?view=auto&rev=503818
==============================================================================
--- maven/continuum/trunk/continuum-security/src/main/java/org/apache/maven/continuum/security/profile/ProjectGroupAdministratorDynamicRoleProfile.java
(added)
+++ maven/continuum/trunk/continuum-security/src/main/java/org/apache/maven/continuum/security/profile/ProjectGroupAdministratorDynamicRoleProfile.java
Mon Feb  5 11:02:24 2007
@@ -0,0 +1,107 @@
+package org.apache.maven.continuum.security.profile;
+
+import org.codehaus.plexus.rbac.profile.AbstractDynamicRoleProfile;
+import org.codehaus.plexus.rbac.profile.RoleProfileException;
+import org.codehaus.plexus.security.rbac.Role;
+import org.codehaus.plexus.security.rbac.RbacObjectNotFoundException;
+import org.codehaus.plexus.security.rbac.RbacManagerException;
+import org.apache.maven.continuum.security.ContinuumRoleConstants;
+
+import java.util.List;
+import java.util.ArrayList;
+import java.util.Collections;
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * ProjectGroupDeveloperDynamicRoleProfile:
+ *
+ * @author: Jesse McConnell <jmcconnell@apache.org>
+ * @version: $ID:$
+ *
+ * @plexus.component
+ *   role="org.codehaus.plexus.rbac.profile.RoleProfile"
+ *   role-hint="continuum-group-project-administrator"
+ */
+public class ProjectGroupAdministratorDynamicRoleProfile
+    extends AbstractDynamicRoleProfile
+{
+
+
+    public String getRoleName( String string )
+    {
+        return ContinuumRoleConstants.CONTINUUM_PROJECT_ADMINISTRATOR_ROLE_PREFIX + ContinuumRoleConstants.DELIMITER
+ string;
+    }
+
+    public List getOperations()
+    {
+        List operations = new ArrayList();
+        operations.add( ContinuumRoleConstants.USER_MANAGEMENT_ROLE_GRANT_OPERATION );
+        return operations;
+    }
+
+    public List getGlobalOperations()
+    {
+        List operations = new ArrayList();
+        operations.add( ContinuumRoleConstants.CONTINUUM_MANAGE_USERS );
+        operations.add( ContinuumRoleConstants.USER_MANAGEMENT_USER_ROLE_OPERATION );
+        return operations;
+    }
+
+
+    public List getDynamicChildRoles( String string )
+    {
+        return Collections.singletonList( ContinuumRoleConstants.CONTINUUM_PROJECT_DEVELOPER_ROLE_PREFIX
+ ContinuumRoleConstants.DELIMITER + string );
+    }
+
+
+    public boolean isAssignable()
+    {
+        return true;
+    }
+
+
+    public Role getRole( String resource )
+         throws RoleProfileException
+    {
+         try
+         {
+             if ( rbacManager.roleExists( getRoleName( resource ) ) )
+             {
+                 return rbacManager.getRole( getRoleName( resource ) );
+             }
+             else
+             {
+                 // first time assign the role to the group administrator since they need
the access
+                 Role newRole = generateRole( resource );
+
+                 Role groupAdmin = rbacManager.getRole( ContinuumRoleConstants.GROUP_ADMINISTRATOR_ROLE
);
+                 groupAdmin.addChildRoleName( newRole.getName() );
+                 rbacManager.saveRole( groupAdmin );
+
+                 return newRole;
+             }
+         }
+         catch ( RbacObjectNotFoundException ne )
+         {
+             throw new RoleProfileException( "unable to get role", ne );
+         }
+         catch ( RbacManagerException e )
+         {
+             throw new RoleProfileException( "system error with rbac manager", e );
+         }
+      }
+}

Propchange: maven/continuum/trunk/continuum-security/src/main/java/org/apache/maven/continuum/security/profile/ProjectGroupAdministratorDynamicRoleProfile.java
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: maven/continuum/trunk/continuum-security/src/main/java/org/apache/maven/continuum/security/profile/ProjectGroupDeveloperDynamicRoleProfile.java
URL: http://svn.apache.org/viewvc/maven/continuum/trunk/continuum-security/src/main/java/org/apache/maven/continuum/security/profile/ProjectGroupDeveloperDynamicRoleProfile.java?view=diff&rev=503818&r1=503817&r2=503818
==============================================================================
--- maven/continuum/trunk/continuum-security/src/main/java/org/apache/maven/continuum/security/profile/ProjectGroupDeveloperDynamicRoleProfile.java
(original)
+++ maven/continuum/trunk/continuum-security/src/main/java/org/apache/maven/continuum/security/profile/ProjectGroupDeveloperDynamicRoleProfile.java
Mon Feb  5 11:02:24 2007
@@ -21,10 +21,6 @@
 
 import org.apache.maven.continuum.security.ContinuumRoleConstants;
 import org.codehaus.plexus.rbac.profile.AbstractDynamicRoleProfile;
-import org.codehaus.plexus.rbac.profile.RoleProfileException;
-import org.codehaus.plexus.security.rbac.RbacManagerException;
-import org.codehaus.plexus.security.rbac.RbacObjectNotFoundException;
-import org.codehaus.plexus.security.rbac.Role;
 
 import java.util.ArrayList;
 import java.util.Collections;
@@ -87,35 +83,4 @@
         return true;
     }
 
-
-    public Role getRole( String resource )
-         throws RoleProfileException
-     {
-         try
-         {
-             if ( rbacManager.roleExists( getRoleName( resource ) ) )
-             {
-                 return rbacManager.getRole( getRoleName( resource ) );
-             }
-             else
-             {
-                 // first time assign the role to the system administrator since they need
the access
-                 Role newRole = generateRole( resource );
-
-                 Role groupAdmin = rbacManager.getRole( ContinuumRoleConstants.GROUP_ADMINISTRATOR_ROLE
);
-                 groupAdmin.addChildRoleName( newRole.getName() );
-                 rbacManager.saveRole( groupAdmin );
-
-                 return newRole;
-             }
-         }
-         catch ( RbacObjectNotFoundException ne )
-         {
-             throw new RoleProfileException( "unable to get role", ne );
-         }
-         catch ( RbacManagerException e )
-         {
-             throw new RoleProfileException( "system error with rbac manager", e );
-         }
-      }
 }

Modified: maven/continuum/trunk/continuum-security/src/main/resources/META-INF/plexus/components.xml
URL: http://svn.apache.org/viewvc/maven/continuum/trunk/continuum-security/src/main/resources/META-INF/plexus/components.xml?view=diff&rev=503818&r1=503817&r2=503818
==============================================================================
--- maven/continuum/trunk/continuum-security/src/main/resources/META-INF/plexus/components.xml
(original)
+++ maven/continuum/trunk/continuum-security/src/main/resources/META-INF/plexus/components.xml
Mon Feb  5 11:02:24 2007
@@ -39,6 +39,17 @@
         </requirement>
       </requirements>
     </component>
+     <component>
+      <role>org.codehaus.plexus.rbac.profile.DynamicRoleProfile</role>
+      <role-hint>continuum-group-project-administrator</role-hint>
+      <implementation>org.apache.maven.continuum.security.profile.ProjectGroupAdministratorDynamicRoleProfile</implementation>
+      <requirements>
+        <requirement>
+          <role>org.codehaus.plexus.security.rbac.RBACManager</role>
+          <role-hint>cached</role-hint>
+        </requirement>
+      </requirements>
+    </component>
     <component>
       <role>org.codehaus.plexus.rbac.profile.DynamicRoleProfile</role>
       <role-hint>continuum-group-developer</role-hint>



Mime
View raw message