View Javadoc
1   package org.apache.archiva.webdav;
2   
3   /*
4    * Licensed to the Apache Software Foundation (ASF) under one
5    * or more contributor license agreements.  See the NOTICE file
6    * distributed with this work for additional information
7    * regarding copyright ownership.  The ASF licenses this file
8    * to you under the Apache License, Version 2.0 (the
9    * "License"); you may not use this file except in compliance
10   * with the License.  You may obtain a copy of the License at
11   *
12   *  http://www.apache.org/licenses/LICENSE-2.0
13   *
14   * Unless required by applicable law or agreed to in writing,
15   * software distributed under the License is distributed on an
16   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17   * KIND, either express or implied.  See the License for the
18   * specific language governing permissions and limitations
19   * under the License.
20   */
21  
22  import org.apache.archiva.redback.authentication.AuthenticationException;
23  import org.apache.archiva.redback.keys.KeyManager;
24  import org.apache.archiva.redback.policy.AccountLockedException;
25  import org.apache.archiva.redback.policy.UserSecurityPolicy;
26  import org.apache.archiva.redback.users.UserManager;
27  import org.apache.archiva.redback.authentication.AuthenticationDataSource;
28  import org.apache.archiva.redback.authentication.AuthenticationResult;
29  import org.apache.archiva.redback.authorization.AuthorizationException;
30  import org.apache.archiva.redback.authorization.AuthorizationResult;
31  import org.apache.archiva.redback.keys.memory.MemoryKeyManager;
32  import org.apache.archiva.redback.policy.DefaultUserSecurityPolicy;
33  import org.apache.archiva.redback.system.DefaultSecuritySession;
34  import org.apache.archiva.redback.system.DefaultSecuritySystem;
35  import org.apache.archiva.redback.system.SecuritySession;
36  import org.apache.archiva.redback.system.SecuritySystem;
37  import org.apache.archiva.redback.users.UserNotFoundException;
38  import org.apache.archiva.redback.users.memory.MemoryUserManager;
39  import org.springframework.stereotype.Service;
40  
41  /**
42   * BypassSecuritySystem - used to bypass the security system for testing reasons and allow
43   * for every request to respond as success / true. 
44   *
45   *
46   */
47  @Service("securitySystem#bypass")
48  public class BypassSecuritySystem
49      extends DefaultSecuritySystem
50      implements SecuritySystem
51  {
52      private KeyManager bypassKeyManager;
53      private UserSecurityPolicy bypassPolicy;
54      private UserManager bypassUserManager;
55      
56      public BypassSecuritySystem()
57      {
58          bypassKeyManager = new MemoryKeyManager();
59          bypassPolicy = new DefaultUserSecurityPolicy();
60          bypassUserManager = new MemoryUserManager();
61      }
62      
63      @Override
64      public SecuritySession authenticate( AuthenticationDataSource source )
65          throws AuthenticationException, UserNotFoundException, AccountLockedException
66      {
67          AuthenticationResult result = new AuthenticationResult( true, source.getUsername(), null );
68          return new DefaultSecuritySession( result );
69      }
70  
71      @Override
72      public AuthorizationResult authorize( SecuritySession session, String permission )
73          throws AuthorizationException
74      {
75          return new AuthorizationResult( true, session.getUser(), null );
76      }
77  
78      @Override
79      public AuthorizationResult authorize( SecuritySession session, String permission, String resource )
80          throws AuthorizationException
81      {
82          return new AuthorizationResult( true, session.getUser(), null );
83      }
84  
85  
86  
87      @Override
88      public String getAuthenticatorId()
89      {
90          return "bypass-authenticator";
91      }
92  
93      @Override
94      public String getAuthorizerId()
95      {
96          return "bypass-authorizer";
97      }
98  
99      @Override
100     public KeyManager getKeyManager()
101     {
102         return bypassKeyManager;
103     }
104 
105     @Override
106     public UserSecurityPolicy getPolicy()
107     {
108         return bypassPolicy;
109     }
110 
111     @Override
112     public String getUserManagementId()
113     {
114         return "bypass-managementid";
115     }
116 
117     @Override
118     public UserManager getUserManager()
119     {
120         return bypassUserManager;
121     }
122 
123     @Override
124     public boolean isAuthenticated( AuthenticationDataSource source )
125         throws AuthenticationException, UserNotFoundException, AccountLockedException
126     {
127         // Always true
128         return true;
129     }
130 
131     @Override
132     public boolean isAuthorized( SecuritySession session, String permission )
133         throws AuthorizationException
134     {
135         // Always true
136         return true;
137     }
138 
139     @Override
140     public boolean isAuthorized( SecuritySession session, String permission, String resource )
141         throws AuthorizationException
142     {
143         // Always true
144         return true;
145     }
146 
147     @Override
148     public boolean userManagerReadOnly()
149     {
150         return true;
151     }
152 }