Search in sources :

Example 1 with UserManager

use of org.apache.archiva.redback.users.UserManager in project archiva by apache.

the class DefaultRedbackRuntimeConfigurationService method getUserManagerImplementationInformations.

@Override
public List<UserManagerImplementationInformation> getUserManagerImplementationInformations() throws ArchivaRestServiceException {
    Map<String, UserManager> beans = applicationContext.getBeansOfType(UserManager.class);
    if (beans.isEmpty()) {
        return Collections.emptyList();
    }
    List<UserManagerImplementationInformation> informations = new ArrayList<>(beans.size());
    for (Map.Entry<String, UserManager> entry : beans.entrySet()) {
        UserManager userManager = applicationContext.getBean(entry.getKey(), UserManager.class);
        if (userManager.isFinalImplementation()) {
            UserManagerImplementationInformation information = new UserManagerImplementationInformation();
            information.setBeanId(StringUtils.substringAfter(entry.getKey(), "#"));
            information.setDescriptionKey(userManager.getDescriptionKey());
            information.setReadOnly(userManager.isReadOnly());
            informations.add(information);
        }
    }
    return informations;
}
Also used : UserManagerImplementationInformation(org.apache.archiva.rest.api.model.UserManagerImplementationInformation) UserManager(org.apache.archiva.redback.users.UserManager) ArrayList(java.util.ArrayList) Map(java.util.Map)

Example 2 with UserManager

use of org.apache.archiva.redback.users.UserManager in project archiva by apache.

the class ArchivaServletAuthenticatorTest method testIsAuthorizedUserHasNoWriteAccess.

@Test
public void testIsAuthorizedUserHasNoWriteAccess() throws Exception {
    createUser(USER_ALPACA, "Al 'Archiva' Paca");
    assignRepositoryObserverRole(USER_ALPACA, "corporate");
    // httpServletRequestControl.expectAndReturn( request.getRemoteAddr(), "192.168.111.111" );
    EasyMock.expect(request.getRemoteAddr()).andReturn("192.168.111.111");
    UserManager userManager = securitySystem.getUserManager();
    User user = userManager.findUser(USER_ALPACA);
    AuthenticationResult result = new AuthenticationResult(true, USER_ALPACA, null);
    SecuritySession session = new DefaultSecuritySession(result, user);
    httpServletRequestControl.replay();
    try {
        servletAuth.isAuthorized(request, session, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD);
        fail("UnauthorizedException should have been thrown.");
    } catch (UnauthorizedException e) {
        assertEquals("Access denied for repository corporate", e.getMessage());
    }
    httpServletRequestControl.verify();
    restoreGuestInitialValues(USER_ALPACA);
}
Also used : User(org.apache.archiva.redback.users.User) UserManager(org.apache.archiva.redback.users.UserManager) SecuritySession(org.apache.archiva.redback.system.SecuritySession) DefaultSecuritySession(org.apache.archiva.redback.system.DefaultSecuritySession) UnauthorizedException(org.apache.archiva.redback.authorization.UnauthorizedException) DefaultSecuritySession(org.apache.archiva.redback.system.DefaultSecuritySession) AuthenticationResult(org.apache.archiva.redback.authentication.AuthenticationResult) Test(org.junit.Test)

Example 3 with UserManager

use of org.apache.archiva.redback.users.UserManager in project archiva by apache.

the class ArchivaServletAuthenticatorTest method testIsAuthorizedUserHasReadAccess.

@Test
public void testIsAuthorizedUserHasReadAccess() throws Exception {
    createUser(USER_ALPACA, "Al 'Archiva' Paca");
    assignRepositoryObserverRole(USER_ALPACA, "corporate");
    UserManager userManager = securitySystem.getUserManager();
    User user = userManager.findUser(USER_ALPACA);
    AuthenticationResult result = new AuthenticationResult(true, USER_ALPACA, null);
    SecuritySession session = new DefaultSecuritySession(result, user);
    boolean isAuthorized = servletAuth.isAuthorized(request, session, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS);
    assertTrue(isAuthorized);
    restoreGuestInitialValues(USER_ALPACA);
}
Also used : User(org.apache.archiva.redback.users.User) UserManager(org.apache.archiva.redback.users.UserManager) SecuritySession(org.apache.archiva.redback.system.SecuritySession) DefaultSecuritySession(org.apache.archiva.redback.system.DefaultSecuritySession) DefaultSecuritySession(org.apache.archiva.redback.system.DefaultSecuritySession) AuthenticationResult(org.apache.archiva.redback.authentication.AuthenticationResult) Test(org.junit.Test)

Example 4 with UserManager

use of org.apache.archiva.redback.users.UserManager in project archiva by apache.

the class ArchivaServletAuthenticatorTest method testIsAuthorizedUserHasNoReadAccess.

@Test
public void testIsAuthorizedUserHasNoReadAccess() throws Exception {
    createUser(USER_ALPACA, "Al 'Archiva' Paca");
    UserManager userManager = securitySystem.getUserManager();
    User user = userManager.findUser(USER_ALPACA);
    AuthenticationResult result = new AuthenticationResult(true, USER_ALPACA, null);
    SecuritySession session = new DefaultSecuritySession(result, user);
    try {
        servletAuth.isAuthorized(request, session, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS);
        fail("UnauthorizedException should have been thrown.");
    } catch (UnauthorizedException e) {
        assertEquals("Access denied for repository corporate", e.getMessage());
    }
    restoreGuestInitialValues(USER_ALPACA);
}
Also used : User(org.apache.archiva.redback.users.User) UserManager(org.apache.archiva.redback.users.UserManager) SecuritySession(org.apache.archiva.redback.system.SecuritySession) DefaultSecuritySession(org.apache.archiva.redback.system.DefaultSecuritySession) UnauthorizedException(org.apache.archiva.redback.authorization.UnauthorizedException) DefaultSecuritySession(org.apache.archiva.redback.system.DefaultSecuritySession) AuthenticationResult(org.apache.archiva.redback.authentication.AuthenticationResult) Test(org.junit.Test)

Example 5 with UserManager

use of org.apache.archiva.redback.users.UserManager in project archiva by apache.

the class AbstractSecurityTest method createUser.

protected User createUser(String principal, String fullname) throws UserManagerException {
    UserManager userManager = securitySystem.getUserManager();
    User user = userManager.createUser(principal, fullname, principal + "@testable.archiva.apache.org");
    securitySystem.getPolicy().setEnabled(false);
    userManager.addUser(user);
    securitySystem.getPolicy().setEnabled(true);
    return user;
}
Also used : User(org.apache.archiva.redback.users.User) UserManager(org.apache.archiva.redback.users.UserManager)

Aggregations

UserManager (org.apache.archiva.redback.users.UserManager)15 User (org.apache.archiva.redback.users.User)11 RepositoryAdminException (org.apache.archiva.admin.model.RepositoryAdminException)7 AbstractUserManager (org.apache.archiva.redback.users.AbstractUserManager)7 UserNotFoundException (org.apache.archiva.redback.users.UserNotFoundException)7 UserManagerException (org.apache.archiva.redback.users.UserManagerException)6 AuthenticationResult (org.apache.archiva.redback.authentication.AuthenticationResult)5 DefaultSecuritySession (org.apache.archiva.redback.system.DefaultSecuritySession)4 SecuritySession (org.apache.archiva.redback.system.SecuritySession)4 Test (org.junit.Test)4 ArrayList (java.util.ArrayList)3 UnauthorizedException (org.apache.archiva.redback.authorization.UnauthorizedException)2 Map (java.util.Map)1 PostConstruct (javax.annotation.PostConstruct)1 AuthenticationException (org.apache.archiva.redback.authentication.AuthenticationException)1 AuthenticationFailureCause (org.apache.archiva.redback.authentication.AuthenticationFailureCause)1 PasswordBasedAuthenticationDataSource (org.apache.archiva.redback.authentication.PasswordBasedAuthenticationDataSource)1 AccountLockedException (org.apache.archiva.redback.policy.AccountLockedException)1 MustChangePasswordException (org.apache.archiva.redback.policy.MustChangePasswordException)1 PasswordEncoder (org.apache.archiva.redback.policy.PasswordEncoder)1