Examples with UserAssignment org.apache.archiva.redback.rbac.UserAssignment used on opensource projects

Example 1 with UserAssignment

use of org.apache.archiva.redback.rbac.UserAssignment in project archiva by apache.

the class ArchivaLockedAdminEnvironmentCheck method validateEnvironment.

/**
 * This environment check will unlock system administrator accounts that are locked on the restart of the
 * application when the environment checks are processed.
 *
 * @param violations
 */
@Override
public void validateEnvironment(List<String> violations) {
    if (!checked) {
        for (UserManager userManager : userManagers) {
            if (userManager.isReadOnly()) {
                continue;
            }
            List<String> roles = new ArrayList<>();
            roles.add(RedbackRoleConstants.SYSTEM_ADMINISTRATOR_ROLE);
            List<UserAssignment> systemAdminstrators;
            try {
                systemAdminstrators = rbacManager.getUserAssignmentsForRoles(roles);
                for (UserAssignment userAssignment : systemAdminstrators) {
                    try {
                        User admin = userManager.findUser(userAssignment.getPrincipal());
                        if (admin.isLocked()) {
                            log.info("Unlocking system administrator: {}", admin.getUsername());
                            admin.setLocked(false);
                            userManager.updateUser(admin);
                        }
                    } catch (UserNotFoundException ne) {
                        log.warn("Dangling UserAssignment -> {}", userAssignment.getPrincipal());
                    } catch (UserManagerException e) {
                        log.warn("fail to find user {} for admin unlock check: {}", userAssignment.getPrincipal(), e.getMessage());
                    }
                }
            } catch (RbacManagerException e) {
                log.warn("Exception when checking for locked admin user: {}", e.getMessage(), e);
            }
            checked = true;
        }
    }
}

Example 2 with UserAssignment

use of org.apache.archiva.redback.rbac.UserAssignment in project archiva by apache.

the class ArchivaRbacManager method getUserAssignmentsForRoles.

@Override
public List<UserAssignment> getUserAssignmentsForRoles(Collection<String> roleNames) throws RbacManagerException {
    List<UserAssignment> allUserAssignments = new ArrayList<>();
    boolean allFailed = true;
    Exception lastException = null;
    for (RBACManager rbacManager : rbacManagersPerId.values()) {
        try {
            List<UserAssignment> userAssignments = rbacManager.getUserAssignmentsForRoles(roleNames);
            allUserAssignments.addAll(userAssignments);
            allFailed = false;
        } catch (Exception e) {
            lastException = e;
        }
    }
    if (lastException != null && allFailed) {
        throw new RbacManagerException(lastException.getMessage(), lastException);
    }
    return allUserAssignments;
}

Example 3 with UserAssignment

use of org.apache.archiva.redback.rbac.UserAssignment in project archiva by apache.

the class ArchivaRbacManager method getAllUserAssignments.

@Override
public List<UserAssignment> getAllUserAssignments() throws RbacManagerException {
    Map<String, UserAssignment> allUserAssignments = new HashMap<>();
    boolean allFailed = true;
    Exception lastException = null;
    for (RBACManager rbacManager : rbacManagersPerId.values()) {
        try {
            List<UserAssignment> userAssignments = rbacManager.getAllUserAssignments();
            for (UserAssignment ua : userAssignments) {
                UserAssignment userAssignment = allUserAssignments.get(ua.getPrincipal());
                if (userAssignment != null) {
                    for (String roleName : ua.getRoleNames()) {
                        userAssignment.addRoleName(roleName);
                    }
                }
                allUserAssignments.put(ua.getPrincipal(), ua);
            }
            allFailed = false;
        } catch (Exception e) {
            lastException = e;
        }
    }
    if (lastException != null && allFailed) {
        throw new RbacManagerException(lastException.getMessage(), lastException);
    }
    return new ArrayList<>(allUserAssignments.values());
}

Example 4 with UserAssignment

use of org.apache.archiva.redback.rbac.UserAssignment in project archiva by apache.

the class ArchivaRbacManager method getUserAssignment.

@Override
public UserAssignment getUserAssignment(String principal) throws RbacObjectNotFoundException, RbacManagerException {
    UserAssignment el = userAssignmentsCache.get(principal);
    if (el != null) {
        return el;
    }
    UserAssignment ua = null;
    Exception lastException = null;
    for (RBACManager rbacManager : rbacManagersPerId.values()) {
        try {
            if (ua == null) {
                ua = rbacManager.getUserAssignment(principal);
            } else {
                UserAssignment userAssignment = rbacManager.getUserAssignment(principal);
                if (userAssignment != null) {
                    for (String roleName : userAssignment.getRoleNames()) {
                        ua.addRoleName(roleName);
                    }
                }
            }
        } catch (Exception e) {
            lastException = e;
        }
    }
    if (ua != null) {
        userAssignmentsCache.put(principal, ua);
        return ua;
    }
    if (lastException != null) {
        throw new RbacManagerException(lastException.getMessage(), lastException);
    }
    return null;
}

Example 5 with UserAssignment

use of org.apache.archiva.redback.rbac.UserAssignment in project archiva by apache.

the class SecuritySynchronization method assignRepositoryObserverToGuestUser.

private void assignRepositoryObserverToGuestUser(List<ManagedRepositoryConfiguration> repos) {
    for (ManagedRepositoryConfiguration repoConfig : repos) {
        String repoId = repoConfig.getId();
        String principal = UserManager.GUEST_USERNAME;
        try {
            UserAssignment ua;
            if (rbacManager.userAssignmentExists(principal)) {
                ua = rbacManager.getUserAssignment(principal);
            } else {
                ua = rbacManager.createUserAssignment(principal);
            }
            ua.addRoleName(ArchivaRoleConstants.toRepositoryObserverRoleName(repoId));
            rbacManager.saveUserAssignment(ua);
        } catch (RbacManagerException e) {
            log.warn("Unable to add role [{}] to {} user.", ArchivaRoleConstants.toRepositoryObserverRoleName(repoId), principal, e);
        }
    }
}