Source code

001package org.apache.archiva.redback.integration.checks.security;
002
003/*
004 * Licensed to the Apache Software Foundation (ASF) under one
005 * or more contributor license agreements.  See the NOTICE file
006 * distributed with this work for additional information
007 * regarding copyright ownership.  The ASF licenses this file
008 * to you under the Apache License, Version 2.0 (the
009 * "License"); you may not use this file except in compliance
010 * with the License.  You may obtain a copy of the License at
011 *
012 * http://www.apache.org/licenses/LICENSE-2.0
013 *
014 * Unless required by applicable law or agreed to in writing,
015 * software distributed under the License is distributed on an
016 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
017 * KIND, either express or implied.  See the License for the
018 * specific language governing permissions and limitations
019 * under the License.
020 */
021
022import org.apache.archiva.redback.configuration.UserConfiguration;
023import org.apache.archiva.redback.configuration.UserConfigurationKeys;
024import org.apache.archiva.redback.policy.UserSecurityPolicy;
025import org.apache.archiva.redback.role.RoleManager;
026import org.apache.archiva.redback.role.RoleManagerException;
027import org.apache.archiva.redback.system.SecuritySystem;
028import org.apache.archiva.redback.system.check.EnvironmentCheck;
029import org.apache.archiva.redback.users.User;
030import org.apache.archiva.redback.users.UserManager;
031import org.apache.archiva.redback.users.UserManagerException;
032import org.springframework.stereotype.Service;
033
034import javax.inject.Inject;
035import javax.inject.Named;
036import java.util.List;
037
038/**
039 * RequiredRolesEnvironmentCheck:
040 *
041 * @author: Jesse McConnell
042 */
043@Service("environmentCheck#guest-user-check")
044public class GuestUserEnvironmentCheck
045    implements EnvironmentCheck
046{
047
048    @Inject
049    private RoleManager roleManager;
050
051    @Inject
052    private SecuritySystem securitySystem;
053
054    @Inject
055    @Named(value = "userConfiguration#default")
056    private UserConfiguration config;
057
058    /**
059     * boolean detailing if this environment check has been executed
060     */
061    private boolean checked = false;
062
063    /**
064     * @param violations
065     */
066    public void validateEnvironment( List<String> violations )
067    {
068        if ( !checked )
069        {
070            UserManager userManager = securitySystem.getUserManager();
071            UserSecurityPolicy policy = securitySystem.getPolicy();
072
073            User guest = null;
074            try
075            {
076                guest = userManager.getGuestUser();
077            }
078            catch ( UserManagerException e )
079            {
080                policy.setEnabled( false );
081                try
082                {
083                    guest = userManager.createGuestUser();
084                }
085                catch ( UserManagerException ume )
086                {
087                    violations.add( "unable to initialize guest user properly: " + ume.getMessage() );
088                    checked = true;
089                    return;
090                }
091                policy.setEnabled( true );
092            }
093
094            if ( guest != null )
095            {
096
097                try
098                {
099                    roleManager.assignRole( config.getString( UserConfigurationKeys.DEFAULT_GUEST_ROLE_ID, "guest" ),
100                                            guest.getUsername() );
101                }
102                catch ( RoleManagerException rpe )
103                {
104                    violations.add( "unable to initialize guest user properly: " + rpe.getMessage() );
105                }
106            }
107            else
108            {
109                violations.add( "cannot find neither create guest user" );
110            }
111            checked = true;
112        }
113    }
114}