View Javadoc

1   package org.apache.maven.archiva.security;
2   
3   /*
4    * Licensed to the Apache Software Foundation (ASF) under one
5    * or more contributor license agreements.  See the NOTICE file
6    * distributed with this work for additional information
7    * regarding copyright ownership.  The ASF licenses this file
8    * to you under the Apache License, Version 2.0 (the
9    * "License"); you may not use this file except in compliance
10   * with the License.  You may obtain a copy of the License at
11   *
12   *  http://www.apache.org/licenses/LICENSE-2.0
13   *
14   * Unless required by applicable law or agreed to in writing,
15   * software distributed under the License is distributed on an
16   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17   * KIND, either express or implied.  See the License for the
18   * specific language governing permissions and limitations
19   * under the License.
20   */
21  
22  import java.io.File;
23  
24  import org.apache.commons.io.FileUtils;
25  import org.apache.maven.archiva.configuration.ArchivaConfiguration;
26  import org.apache.maven.archiva.configuration.ManagedRepositoryConfiguration;
27  import org.codehaus.plexus.redback.rbac.RBACManager;
28  import org.codehaus.plexus.redback.role.RoleManager;
29  import org.codehaus.plexus.redback.system.SecuritySystem;
30  import org.codehaus.plexus.redback.users.User;
31  import org.codehaus.plexus.redback.users.UserManager;
32  import org.codehaus.plexus.spring.PlexusInSpringTestCase;
33  
34  /**
35   * AbstractSecurityTest 
36   *
37   * @version $Id: AbstractSecurityTest
38   */
39  public abstract class AbstractSecurityTest
40      extends PlexusInSpringTestCase
41  {
42      protected static final String USER_GUEST = "guest";
43  
44      protected static final String USER_ADMIN = "admin";
45  
46      protected static final String USER_ALPACA = "alpaca";
47  
48      protected SecuritySystem securitySystem;
49  
50      private RBACManager rbacManager;
51  
52      protected RoleManager roleManager;
53  
54      private ArchivaConfiguration archivaConfiguration;
55  
56      protected UserRepositories userRepos;
57  
58      protected void setupRepository( String repoId )
59          throws Exception
60      {
61          // Add repo to configuration.
62          ManagedRepositoryConfiguration repoConfig = new ManagedRepositoryConfiguration();
63          repoConfig.setId( repoId );
64          repoConfig.setName( "Testable repo <" + repoId + ">" );
65          repoConfig.setLocation( getTestPath( "target/test-repo/" + repoId ) );
66          archivaConfiguration.getConfiguration().addManagedRepository( repoConfig );
67  
68          // Add repo roles to security.
69          userRepos.createMissingRepositoryRoles( repoId );
70      }
71  
72      protected void assignRepositoryObserverRole( String principal, String repoId )
73          throws Exception
74      {
75          roleManager.assignTemplatedRole( ArchivaRoleConstants.TEMPLATE_REPOSITORY_OBSERVER, repoId, principal );
76      }
77  
78      protected User createUser( String principal, String fullname )
79      {
80          UserManager userManager = securitySystem.getUserManager();
81  
82          User user = userManager.createUser( principal, fullname, principal + "@testable.archiva.apache.org" );
83          securitySystem.getPolicy().setEnabled( false );
84          userManager.addUser( user );
85          securitySystem.getPolicy().setEnabled( true );
86  
87          return user;
88      }
89  
90      @Override
91      public void setUp()
92          throws Exception
93      {
94          super.setUp();
95  
96          File srcConfig = getTestFile( "src/test/resources/repository-archiva.xml" );
97          File destConfig = getTestFile( "target/test-conf/archiva.xml" );
98  
99          destConfig.getParentFile().mkdirs();
100         destConfig.delete();
101 
102         FileUtils.copyFile( srcConfig, destConfig );
103 
104         securitySystem = (SecuritySystem) lookup( SecuritySystem.class, "testable" );
105         rbacManager = (RBACManager) lookup( RBACManager.class, "memory" );
106         roleManager = (RoleManager) lookup( RoleManager.class, "default" );
107         userRepos = (UserRepositories) lookup( UserRepositories.class, "default" );
108         archivaConfiguration = (ArchivaConfiguration) lookup( ArchivaConfiguration.class );
109 
110         // Some basic asserts.
111         assertNotNull( securitySystem );
112         assertNotNull( rbacManager );
113         assertNotNull( roleManager );
114         assertNotNull( userRepos );
115         assertNotNull( archivaConfiguration );
116 
117         // Setup Admin User.
118         User adminUser = createUser( USER_ADMIN, "Admin User" );
119         roleManager.assignRole( ArchivaRoleConstants.TEMPLATE_SYSTEM_ADMIN, adminUser.getPrincipal().toString() );
120 
121         // Setup Guest User.
122         User guestUser = createUser( USER_GUEST, "Guest User" );
123         roleManager.assignRole( ArchivaRoleConstants.TEMPLATE_GUEST, guestUser.getPrincipal().toString() );
124     }
125 }