Source code

001package org.apache.archiva.redback.integration.checks.security;
002
003/*
004 * Licensed to the Apache Software Foundation (ASF) under one
005 * or more contributor license agreements.  See the NOTICE file
006 * distributed with this work for additional information
007 * regarding copyright ownership.  The ASF licenses this file
008 * to you under the Apache License, Version 2.0 (the
009 * "License"); you may not use this file except in compliance
010 * with the License.  You may obtain a copy of the License at
011 *
012 * http://www.apache.org/licenses/LICENSE-2.0
013 *
014 * Unless required by applicable law or agreed to in writing,
015 * software distributed under the License is distributed on an
016 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
017 * KIND, either express or implied.  See the License for the
018 * specific language governing permissions and limitations
019 * under the License.
020 */
021
022import org.apache.archiva.redback.authentication.PasswordBasedAuthenticationDataSource;
023import org.apache.archiva.redback.configuration.UserConfiguration;
024import org.apache.archiva.redback.configuration.UserConfigurationKeys;
025import org.apache.archiva.redback.rbac.RBACManager;
026import org.apache.archiva.redback.role.RoleManager;
027import org.apache.archiva.redback.role.RoleManagerException;
028import org.apache.archiva.redback.system.SecuritySession;
029import org.apache.archiva.redback.system.SecuritySystem;
030import org.apache.archiva.redback.system.check.EnvironmentCheck;
031import org.apache.archiva.redback.users.User;
032import org.apache.archiva.redback.users.UserManager;
033import org.apache.archiva.redback.users.UserManagerException;
034import org.apache.archiva.redback.users.UserNotFoundException;
035import org.apache.commons.io.IOUtils;
036import org.apache.commons.lang3.StringUtils;
037import org.slf4j.Logger;
038import org.slf4j.LoggerFactory;
039import org.springframework.stereotype.Service;
040
041import javax.inject.Inject;
042import javax.inject.Named;
043import java.io.InputStream;
044import java.nio.file.Files;
045import java.nio.file.Path;
046import java.nio.file.Paths;
047import java.util.Date;
048import java.util.List;
049import java.util.Properties;
050
051/**
052 * @author Olivier Lamy
053 * @since 2.0
054 */
055@Service("environmentCheck#adminAutoCreateCheck")
056public class AdminAutoCreateCheck
057    implements EnvironmentCheck
058{
059
060    private Logger log = LoggerFactory.getLogger( getClass() );
061
062    public static final String FORCE_ADMIN_FILE_PATH = "redback.admin.creation.file";
063
064    public static final String ADMIN_FULL_NAME_KEY = "redback.admin.fullname";
065
066    public static final String ADMIN_EMAIL_KEY = "redback.admin.email";
067
068    public static final String ADMIN_PASSWORD_KEY = "redback.admin.password";
069
070    @Inject
071    @Named(value = "userManager#default")
072    private UserManager userManager;
073
074    @Inject
075    @Named(value = "userConfiguration#default")
076    private UserConfiguration config;
077
078    @Inject
079    protected SecuritySystem securitySystem;
080
081    @Inject
082    private RoleManager roleManager;
083
084    @Inject
085    @Named(value = "rbacManager#default")
086    private RBACManager rbacManager;
087
088    public void validateEnvironment( List<String> violations )
089    {
090        try
091        {
092            User user = userManager.findUser( getAdminUid() );
093            if ( user == null )
094            {
095                useForceAdminCreationFile();
096            }
097        }
098        catch ( UserNotFoundException e )
099        {
100            useForceAdminCreationFile();
101        }
102        catch ( UserManagerException e )
103        {
104            useForceAdminCreationFile();
105        }
106    }
107
108    private void useForceAdminCreationFile()
109    {
110        try
111        {
112            String forceAdminFilePath = System.getProperty( FORCE_ADMIN_FILE_PATH );
113            if ( StringUtils.isBlank( forceAdminFilePath ) )
114            {
115                log.info( "{} system props is empty don't use an auto creation admin ", FORCE_ADMIN_FILE_PATH );
116                return;
117            }
118            Path file = Paths.get( forceAdminFilePath );
119            if ( !Files.exists(file) )
120            {
121                log.warn( "file set in sysprops {} not exists skip admin auto creation", FORCE_ADMIN_FILE_PATH );
122                return;
123            }
124            log.debug( "user {} not found try auto creation", getAdminUid() );
125            Properties properties = new Properties();
126            InputStream fis = Files.newInputStream(file);
127            try
128            {
129                properties.load( fis );
130            }
131            catch ( Exception e )
132            {
133                log.warn( "error loading properties from file {} skip admin auto creation", forceAdminFilePath );
134                return;
135            }
136            finally
137            {
138                IOUtils.closeQuietly( fis );
139            }
140
141            // ensure we have all properties
142            String password = properties.getProperty( ADMIN_PASSWORD_KEY );
143            String email = properties.getProperty( ADMIN_EMAIL_KEY );
144            String fullName = properties.getProperty( ADMIN_FULL_NAME_KEY );
145
146            if ( StringUtils.isBlank( password ) )
147            {
148                log.warn( "property {} not set skip auto admin creation", ADMIN_PASSWORD_KEY );
149                return;
150            }
151
152            if ( StringUtils.isBlank( email ) )
153            {
154                log.warn( "property not set skip auto admin creation", ADMIN_EMAIL_KEY );
155                return;
156            }
157
158            if ( StringUtils.isBlank( fullName ) )
159            {
160                log.warn( "property {} not set skip auto admin creation", ADMIN_FULL_NAME_KEY );
161                return;
162            }
163
164            User u = userManager.createUser( getAdminUid(), fullName, email );
165
166            u.setPassword( password );
167            u.setLocked( false );
168            u.setPasswordChangeRequired( false );
169            u.setPermanent( true );
170            u.setValidated( true );
171
172            u = userManager.addUser( u );
173            u.setPassword( password );
174
175            PasswordBasedAuthenticationDataSource authdatasource = new PasswordBasedAuthenticationDataSource();
176            authdatasource.setPrincipal( u.getUsername() );
177            authdatasource.setPassword( u.getPassword() );
178            SecuritySession securitySession = securitySystem.authenticate( authdatasource );
179            if ( securitySession.getAuthenticationResult().isAuthenticated() )
180            {
181                // good add various tokens.
182                u = securitySession.getUser();
183                u.setLastLoginDate( new Date() );
184                u.setPassword( null );
185                securitySystem.getUserManager().updateUser( u );
186            }
187            assignAdminRole( u );
188
189        }
190        catch ( Exception e )
191        {
192            log.warn( "failed to automatically create an admin account {}", e.getMessage(), e );
193        }
194    }
195
196    private void assignAdminRole( User user )
197        throws RoleManagerException
198    {
199        roleManager.assignRole( "system-administrator", user.getUsername() );
200    }
201
202    private String getAdminUid()
203    {
204        return config.getString( UserConfigurationKeys.DEFAULT_ADMIN );
205    }
206}