1 package org.apache.maven.archiva.security;
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22 import java.io.File;
23
24 import org.apache.commons.io.FileUtils;
25 import org.apache.maven.archiva.configuration.ArchivaConfiguration;
26 import org.apache.maven.archiva.configuration.ManagedRepositoryConfiguration;
27 import org.codehaus.plexus.redback.rbac.RBACManager;
28 import org.codehaus.plexus.redback.role.RoleManager;
29 import org.codehaus.plexus.redback.system.SecuritySystem;
30 import org.codehaus.plexus.redback.users.User;
31 import org.codehaus.plexus.redback.users.UserManager;
32 import org.codehaus.plexus.spring.PlexusInSpringTestCase;
33
34
35
36
37
38
39 public abstract class AbstractSecurityTest
40 extends PlexusInSpringTestCase
41 {
42 protected static final String USER_GUEST = "guest";
43
44 protected static final String USER_ADMIN = "admin";
45
46 protected static final String USER_ALPACA = "alpaca";
47
48 protected SecuritySystem securitySystem;
49
50 private RBACManager rbacManager;
51
52 protected RoleManager roleManager;
53
54 private ArchivaConfiguration archivaConfiguration;
55
56 protected UserRepositories userRepos;
57
58 protected void setupRepository( String repoId )
59 throws Exception
60 {
61
62 ManagedRepositoryConfiguration repoConfig = new ManagedRepositoryConfiguration();
63 repoConfig.setId( repoId );
64 repoConfig.setName( "Testable repo <" + repoId + ">" );
65 repoConfig.setLocation( getTestPath( "target/test-repo/" + repoId ) );
66 archivaConfiguration.getConfiguration().addManagedRepository( repoConfig );
67
68
69 userRepos.createMissingRepositoryRoles( repoId );
70 }
71
72 protected void assignRepositoryObserverRole( String principal, String repoId )
73 throws Exception
74 {
75 roleManager.assignTemplatedRole( ArchivaRoleConstants.TEMPLATE_REPOSITORY_OBSERVER, repoId, principal );
76 }
77
78 protected User createUser( String principal, String fullname )
79 {
80 UserManager userManager = securitySystem.getUserManager();
81
82 User user = userManager.createUser( principal, fullname, principal + "@testable.archiva.apache.org" );
83 securitySystem.getPolicy().setEnabled( false );
84 userManager.addUser( user );
85 securitySystem.getPolicy().setEnabled( true );
86
87 return user;
88 }
89
90 @Override
91 public void setUp()
92 throws Exception
93 {
94 super.setUp();
95
96 File srcConfig = getTestFile( "src/test/resources/repository-archiva.xml" );
97 File destConfig = getTestFile( "target/test-conf/archiva.xml" );
98
99 destConfig.getParentFile().mkdirs();
100 destConfig.delete();
101
102 FileUtils.copyFile( srcConfig, destConfig );
103
104 securitySystem = (SecuritySystem) lookup( SecuritySystem.class, "testable" );
105 rbacManager = (RBACManager) lookup( RBACManager.class, "memory" );
106 roleManager = (RoleManager) lookup( RoleManager.class, "default" );
107 userRepos = (UserRepositories) lookup( UserRepositories.class, "default" );
108 archivaConfiguration = (ArchivaConfiguration) lookup( ArchivaConfiguration.class );
109
110
111 assertNotNull( securitySystem );
112 assertNotNull( rbacManager );
113 assertNotNull( roleManager );
114 assertNotNull( userRepos );
115 assertNotNull( archivaConfiguration );
116
117
118 User adminUser = createUser( USER_ADMIN, "Admin User" );
119 roleManager.assignRole( ArchivaRoleConstants.TEMPLATE_SYSTEM_ADMIN, adminUser.getPrincipal().toString() );
120
121
122 User guestUser = createUser( USER_GUEST, "Guest User" );
123 roleManager.assignRole( ArchivaRoleConstants.TEMPLATE_GUEST, guestUser.getPrincipal().toString() );
124 }
125 }