@Override
public ManagedGroupIds getManagedGroupIds() {
final ManagedGroupIds managedGroupIds = new ManagedGroupIds();
for (final Target target : this.targetRegistry.getTargetsForContentClass(M2_CONTENT_CLASS)) {
final String id = target.getId();
if (id.startsWith(GIDM_ID_PREFIX)) {
final String groupId = id.substring(GIDM_ID_PREFIX.length());
final ManagedGroupId managedGroupId = createManagedGroupId(groupId);
managedGroupIds.addManagedGroupId(managedGroupId);
}
}
return managedGroupIds;
}
protected RepositoryTargetResource getNexusToRestResource(Target target, Request request) {
RepositoryTargetResource resource = new RepositoryTargetResource();
resource.setId(target.getId());
resource.setName(target.getName());
resource.setResourceURI(request.getResourceRef().getPath());
resource.setContentClass(target.getContentClass().getId());
List<String> patterns = new ArrayList<String>(target.getPatternTexts());
for (String pattern : patterns) {
resource.addPattern(pattern);
}
return resource;
}
/** Logic shared when adding new managed GroupIds and Repositories. */
protected void addRepositoryForGroupId(
String groupId,
ManagedRepository repository,
Target managedTarget,
AuthorizationManager authorizationManager,
Set<String> deployerPrivs,
Set<String> readOnlyPrivs,
Map<String, Privilege> existingPrivs)
throws InvalidConfigurationException {
final Logger logger = this.getLogger();
for (final String method : PRIVILEGE_METHODS) {
final String name = createPrivilegeName(repository, groupId, method);
// Check for existing priv before creating a new one
Privilege priv = existingPrivs.get(name);
if (priv == null) {
priv = new Privilege();
logger.info("Creating new privilege: " + name);
} else {
logger.info("Updating existing privilege: " + name);
}
priv.setName(name);
priv.setDescription(priv.getName());
priv.setType(TargetPrivilegeDescriptor.TYPE);
priv.addProperty(ApplicationPrivilegeMethodPropertyDescriptor.ID, method);
priv.addProperty(TargetPrivilegeRepositoryTargetPropertyDescriptor.ID, managedTarget.getId());
priv.addProperty(TargetPrivilegeRepositoryPropertyDescriptor.ID, repository.getId());
// Store, capturing updated reference
priv = authorizationManager.addPrivilege(priv);
// Build up the priv lists
if (DEPLOYER_METHODS.contains(method)) {
deployerPrivs.add(priv.getId());
}
if (READONLY_METHODS.contains(method)) {
readOnlyPrivs.add(priv.getId());
}
}
}
@Override
public void addManagedGroupId(String groupId)
throws ConfigurationException, IOException, NoSuchAuthorizationManagerException,
NoSuchRoleException {
final Logger logger = this.getLogger();
// Validate the groupId and convert it to a repo target pattern
final String targetPattern = groupIdToTargetPattern(groupId);
// Get or Create the Target and persist the changes
final String targetId = GIDM_ID_PREFIX + groupId;
Target managedTarget = this.targetRegistry.getRepositoryTarget(targetId);
if (managedTarget == null) {
// Just using the name as the id ... hope thats ok!
managedTarget =
new Target(
targetId,
GIDM_NAME_PREFIX + groupId,
M2_CONTENT_CLASS,
Collections.singleton(targetPattern));
logger.info("Created new repository target: " + managedTarget.getName());
} else {
final Set<String> patternTexts = managedTarget.getPatternTexts();
patternTexts.clear();
patternTexts.add(targetPattern);
logger.info("Updated existing repository target: " + managedTarget.getName());
}
this.targetRegistry.addRepositoryTarget(managedTarget);
final AuthorizationManager authorizationManager =
this.securitySystem.getAuthorizationManager(SECURITY_CONTEXT);
// Get or Create the deployer and readonly Roles, need these here to add the privs to them as
// they are created in the next step
final Role deployerRole = getOrCreateRole(authorizationManager, groupId, DEPLOYER_ROLE_SUFFIX);
final Set<String> deployerPrivs = deployerRole.getPrivileges();
deployerPrivs.clear();
final Role readOnlyRole = getOrCreateRole(authorizationManager, groupId, READONLY_ROLE_SUFFIX);
final Set<String> readOnlyPrivs = readOnlyRole.getPrivileges();
readOnlyPrivs.clear();
// Assumes priv name is unique
final Map<String, Privilege> existingPrivs = new HashMap<String, Privilege>();
for (final Privilege priv : authorizationManager.listPrivileges()) {
existingPrivs.put(priv.getName(), priv);
}
/*
* Adds create/read privs for each managed repository
*/
final ManagedRepositories managedRepositoriesObj = this.getManagedRepositories();
for (final ManagedRepository repository : managedRepositoriesObj.getManagedRepositories()) {
addRepositoryForGroupId(
groupId,
repository,
managedTarget,
authorizationManager,
deployerPrivs,
readOnlyPrivs,
existingPrivs);
}
// Add the roles
authorizationManager.updateRole(deployerRole);
authorizationManager.updateRole(readOnlyRole);
this.nexusConfiguration.saveConfiguration();
}
