001package org.apache.archiva.redback.integration.checks.security; 002 003/* 004 * Licensed to the Apache Software Foundation (ASF) under one 005 * or more contributor license agreements. See the NOTICE file 006 * distributed with this work for additional information 007 * regarding copyright ownership. The ASF licenses this file 008 * to you under the Apache License, Version 2.0 (the 009 * "License"); you may not use this file except in compliance 010 * with the License. You may obtain a copy of the License at 011 * 012 * http://www.apache.org/licenses/LICENSE-2.0 013 * 014 * Unless required by applicable law or agreed to in writing, 015 * software distributed under the License is distributed on an 016 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 017 * KIND, either express or implied. See the License for the 018 * specific language governing permissions and limitations 019 * under the License. 020 */ 021 022import org.apache.archiva.redback.configuration.UserConfiguration; 023import org.apache.archiva.redback.configuration.UserConfigurationKeys; 024import org.apache.archiva.redback.policy.UserSecurityPolicy; 025import org.apache.archiva.redback.role.RoleManager; 026import org.apache.archiva.redback.role.RoleManagerException; 027import org.apache.archiva.redback.system.SecuritySystem; 028import org.apache.archiva.redback.system.check.EnvironmentCheck; 029import org.apache.archiva.redback.users.User; 030import org.apache.archiva.redback.users.UserManager; 031import org.apache.archiva.redback.users.UserManagerException; 032import org.springframework.stereotype.Service; 033 034import javax.inject.Inject; 035import javax.inject.Named; 036import java.util.List; 037 038/** 039 * RequiredRolesEnvironmentCheck: 040 * 041 * @author: Jesse McConnell 042 */ 043@Service("environmentCheck#guest-user-check") 044public class GuestUserEnvironmentCheck 045 implements EnvironmentCheck 046{ 047 048 @Inject 049 private RoleManager roleManager; 050 051 @Inject 052 private SecuritySystem securitySystem; 053 054 @Inject 055 @Named(value = "userConfiguration#default") 056 private UserConfiguration config; 057 058 /** 059 * boolean detailing if this environment check has been executed 060 */ 061 private boolean checked = false; 062 063 /** 064 * @param violations 065 */ 066 public void validateEnvironment( List<String> violations ) 067 { 068 if ( !checked ) 069 { 070 UserManager userManager = securitySystem.getUserManager(); 071 UserSecurityPolicy policy = securitySystem.getPolicy(); 072 073 User guest = null; 074 try 075 { 076 guest = userManager.getGuestUser(); 077 } 078 catch ( UserManagerException e ) 079 { 080 policy.setEnabled( false ); 081 try 082 { 083 guest = userManager.createGuestUser(); 084 } 085 catch ( UserManagerException ume ) 086 { 087 violations.add( "unable to initialize guest user properly: " + ume.getMessage() ); 088 checked = true; 089 return; 090 } 091 policy.setEnabled( true ); 092 } 093 094 if ( guest != null ) 095 { 096 097 try 098 { 099 roleManager.assignRole( config.getString( UserConfigurationKeys.DEFAULT_GUEST_ROLE_ID, "guest" ), 100 guest.getUsername() ); 101 } 102 catch ( RoleManagerException rpe ) 103 { 104 violations.add( "unable to initialize guest user properly: " + rpe.getMessage() ); 105 } 106 } 107 else 108 { 109 violations.add( "cannot find neither create guest user" ); 110 } 111 checked = true; 112 } 113 } 114}