Merge remote-tracking branch 'origin/master' into s3-scraper-fix

nexus-client-core-testsuite/src/test/java/org/sonatype/nexus/client/testsuite/UserIT.java

@@ -0,0 +1,48 @@
+/*
+ * Sonatype Nexus (TM) Open Source Version
+ * Copyright (c) 2007-2012 Sonatype, Inc.
+ * All rights reserved. Includes the third-party code listed at http://links.sonatype.com/products/nexus/oss/attributions.
+ *
+ * This program and the accompanying materials are made available under the terms of the Eclipse Public License Version 1.0,
+ * which accompanies this distribution and is available at http://www.eclipse.org/legal/epl-v10.html.
+ *
+ * Sonatype Nexus (TM) Professional Version is available from Sonatype, Inc. "Sonatype" and "Sonatype Nexus" are trademarks
+ * of Sonatype, Inc. Apache Maven is a trademark of the Apache Software Foundation. M2eclipse is a trademark of the
+ * Eclipse Foundation. All other trademarks are the property of their respective owners.
+ */
+package org.sonatype.nexus.client.testsuite;
+
+import static org.hamcrest.Matchers.notNullValue;
+import static org.hamcrest.core.Is.is;
+import static org.junit.Assert.assertThat;
+
+import org.junit.Test;
+import org.sonatype.nexus.client.core.NexusClient;
+import org.sonatype.nexus.client.core.subsystem.security.Users;
+
+/**
+ * @since 2.5
+ */
+public class UserIT
+    extends NexusClientITSupport
+{
+
+    public UserIT( final String nexusBundleCoordinates )
+    {
+        super( nexusBundleCoordinates );
+    }
+
+    /**
+     * Related to NEXUS-5037 ensure that html escaped passwords(specifically quote character in this case) can be used as credentials.
+     */
+    @Test
+    public void testUserWithSingleQuotePassword()
+    {
+        Users users = client().getSubsystem( Users.class );
+        String password = "\"";
+        users.create( "test" ).withPassword( password ).withRole( "nx-admin" ).withEmail( "no@where.com" ).save();
+        NexusClient client = createNexusClient( nexus(), "test", password );
+        //will fail if can't authenticate
+        assertThat( client.getNexusStatus(), is( notNullValue() ) );
+    }
+}

nexus-core/src/main/java/org/sonatype/nexus/maven/tasks/DefaultReleaseRemover.java

@@ -186,7 +186,7 @@ private void removeReleasesFromMavenRepository( final MavenRepository repository
 
         ctxMain.getContext().put( DeleteOperation.DELETE_OPERATION_CTX_KEY, DeleteOperation.MOVE_TO_TRASH );
 
-        ctxMain.getProcessors().add( new ReleaseRemovalWalkerProcessor( repository, request, result ) );
+        ctxMain.getProcessors().add( new ReleaseRemovalWalkerProcessor( repository, request, result, repositoryTarget ) );
 
         walker.walk( ctxMain );
 
@@ -238,14 +238,18 @@ private class ReleaseRemovalWalkerProcessor
 
         private final ReleaseRemovalResult result;
 
+        private final Target repositoryTarget;
+
         private int deletedFiles = 0;
 
         private ReleaseRemovalWalkerProcessor( final MavenRepository repository,
-                                               final ReleaseRemovalRequest request, final ReleaseRemovalResult result )
+                                               final ReleaseRemovalRequest request, final ReleaseRemovalResult result,
+                                               final Target repositoryTarget )
         {
             this.repository = repository;
             this.request = request;
             this.result = result;
+            this.repositoryTarget = repositoryTarget;
         }
 
         @Override
@@ -287,7 +291,8 @@ private void doOnCollectionExit( final WalkerContext context, final StorageColle
                     if ( gav != null )
                     {
                         addCollectionToContext( context, coll );
-                        addStorageFileItemToMap( deletableVersionsAndFiles, gav, (StorageFileItem) item );
+
+                        maybeAddStorageFileItemToMap( gav, (StorageFileItem) item );
                     }
                 }
             }
@@ -298,6 +303,22 @@ private void doOnCollectionExit( final WalkerContext context, final StorageColle
             }
         }
 
+        /**
+         * Compare the item path to the RepositoryTarget(if it is declared) and only include files that match that pattern.
+         * While the walker itself handles GAV paths, this ensures that we also respect patterns with file-level granularity.
+         */
+        private void maybeAddStorageFileItemToMap( final Gav gav, final StorageFileItem item )
+        {
+            if ( repositoryTarget != null && !repositoryTarget.isPathContained(
+                item.getRepositoryItemUid().getRepository().getRepositoryContentClass(), item
+                .getPath() ) )
+            {
+                getLogger().debug( "Excluding file: {} from deletion due to repositoryTarget: {}.", item.getName(), repositoryTarget.getName() );
+                return;
+            }
+            addStorageFileItemToMap( deletableVersionsAndFiles, gav, (StorageFileItem) item );
+        }
+
         /**
          * Store visited collections so we can later determine if we need to delete them.
          */

nexus-core/src/main/java/org/sonatype/nexus/maven/tasks/DefaultSnapshotRemover.java

@@ -606,9 +606,12 @@ && releaseExistsForSnapshot( gav, item.getItemContext() ) )
                         }
                         catch ( ItemNotFoundException e )
                         {
-                            if ( getLogger().isDebugEnabled() )
+                            // NEXUS-5682 Since checksum files are no longer physically represented on the file system,
+                            // it is expected that they will generate ItemNotFoundException. Log at trace level only for
+                            // diagnostic purposes.
+                            if ( getLogger().isTraceEnabled() )
                             {
-                                getLogger().debug( "Could not delete file:", e );
+                                getLogger().trace( "Could not delete file:", e );
                             }
                         }
                         catch ( Exception e )

nexus-core/src/test/java/org/sonatype/nexus/maven/tasks/DefaultReleaseRemoverIT.java

@@ -12,11 +12,15 @@
  */
 package org.sonatype.nexus.maven.tasks;
 
+import static org.hamcrest.CoreMatchers.containsString;
 import static org.hamcrest.CoreMatchers.is;
 import static org.hamcrest.CoreMatchers.notNullValue;
 import static org.hamcrest.CoreMatchers.nullValue;
+import static org.hamcrest.collection.IsCollectionWithSize.hasSize;
 import static org.junit.Assert.assertThat;
 
+import java.util.Collection;
+
 import com.google.common.collect.Lists;
 import org.junit.Assert;
 import org.junit.Rule;
@@ -26,6 +30,7 @@
 import org.sonatype.nexus.proxy.ItemNotFoundException;
 import org.sonatype.nexus.proxy.ResourceStoreRequest;
 import org.sonatype.nexus.proxy.access.OpenAccessManager;
+import org.sonatype.nexus.proxy.item.StorageCollectionItem;
 import org.sonatype.nexus.proxy.item.StorageItem;
 import org.sonatype.nexus.proxy.maven.maven2.Maven2ContentClass;
 import org.sonatype.nexus.proxy.target.Target;
@@ -60,12 +65,12 @@ public void testDeletionOfReleases()
         ReleaseRemovalResult releaseRemovalResult =
             releaseRemover.removeReleases( new ReleaseRemovalRequest( releases.getId(), 2, "" ) );
         // pom + jar + sha1 for both
-        assertThat( releaseRemovalResult.getDeletedFileCount(), is( 4 ) );
+        assertThat( releaseRemovalResult.getDeletedFileCount(), is( 6 ) );
         assertThat( releaseRemovalResult.isSuccessful(), is( true ) );
         StorageItem item = null;
         try
         {
-            releases.retrieveItem( new ResourceStoreRequest( "org/sonatype/test/1.0" ) );
+            item = releases.retrieveItem( new ResourceStoreRequest( "org/sonatype/test/1.0" ) );
         }
         catch ( ItemNotFoundException e )
         {
@@ -88,7 +93,7 @@ public void testDeletionOfReleasesWithTarget()
         targetRegistry.commitChanges();
         ReleaseRemovalResult releaseRemovalResult =
             releaseRemover.removeReleases( new ReleaseRemovalRequest( releases.getId(), 2, "test" ) );
-        assertThat( releaseRemovalResult.getDeletedFileCount(), is( 4 ) );
+        assertThat( releaseRemovalResult.getDeletedFileCount(), is( 6 ) );
         assertThat( releaseRemovalResult.isSuccessful(), is( true ) );
     }
 
@@ -122,4 +127,30 @@ public void testDeletionOfReleasesWithMissingTarget()
         thrown.expect( IllegalStateException.class );
         releaseRemover.removeReleases( new ReleaseRemovalRequest( releases.getId(), 2, "test" ) );
     }
+
+
+    @Test
+    public void testDeletionOfReleasesExceptForSources()
+        throws Exception
+    {
+        fillInRepo();
+        releases.setAccessManager( new OpenAccessManager() );
+        ReleaseRemovalResult releaseRemovalResult =
+            releaseRemover.removeReleases( new ReleaseRemovalRequest( releases.getId(), 2, "3" ) );
+        // pom + jar + sha1 for both, but sources jar and associated sha1 should be left alone
+        assertThat( releaseRemovalResult.getDeletedFileCount(), is( 4 ) );
+        assertThat( releaseRemovalResult.isSuccessful(), is( true ) );
+        StorageItem item = releases.retrieveItem( new ResourceStoreRequest( "org/sonatype/test/1.0" ) );
+        assertThat( item, notNullValue() );
+        StorageCollectionItem coll = (StorageCollectionItem) item;
+        Collection<StorageItem> storageItems = releases.list( false, coll );
+        assertThat(storageItems, hasSize(2));
+        for ( StorageItem storageItem : storageItems )
+        {
+            assertThat(storageItem.getName(), containsString( "sources" ));
+        }
+
+        item = releases.retrieveItem( new ResourceStoreRequest( "org/sonatype/test/1.0.1" ));
+        assertThat( item, notNullValue());
+    }
 }

nexus-core/src/test/resources/reposes/releases/org/sonatype/test/1.0.1/test-1.0.1-sources.jar.sha1

@@ -0,0 +1 @@
+4bc91382f9f7f7a2300b8038892b143475e62b47

nexus-core/src/test/resources/reposes/releases/org/sonatype/test/1.0/test-1.0-sources.jar.sha1

@@ -0,0 +1 @@
+4bc91382f9f7f7a2300b8038892b143475e62b47

nexus-core/src/test/resources/reposes/releases/org/sonatype/test/2.1000.9999/test-2.1000.9999-sources.jar.sha1

@@ -0,0 +1 @@
+4bc91382f9f7f7a2300b8038892b143475e62b47

nexus-runtime-platform/pom.xml

@@ -19,7 +19,7 @@
   <parent>
     <groupId>org.sonatype.forge</groupId>
     <artifactId>forge-parent</artifactId>
-    <version>32</version>
+    <version>35</version>
   </parent>
 
   <!--

plugin-parent/pom.xml

@@ -20,7 +20,7 @@
   <parent>
     <groupId>org.sonatype.forge</groupId>
     <artifactId>forge-parent</artifactId>
-    <version>34</version>
+    <version>35</version>
   </parent>
 
   <groupId>org.sonatype.nexus</groupId>

plugins/nexus-ui-extjs3-plugin/src/main/java/org/sonatype/nexus/plugins/ui/rest/IndexRedirectingPlexusResource.java

@@ -12,6 +12,7 @@
  */
 package org.sonatype.nexus.plugins.ui.rest;
 
+import javax.enterprise.inject.Typed;
 import javax.inject.Inject;
 import javax.inject.Named;
 import javax.inject.Singleton;
@@ -30,6 +31,7 @@
  */
 @Named( "IndexRedirectingPlexusResource" )
 @Singleton
+@Typed( ManagedPlexusResource.class )
 public class IndexRedirectingPlexusResource
     extends AbstractNexusPlexusResource
     implements ManagedPlexusResource

plugins/nexus-ui-extjs3-plugin/src/main/java/org/sonatype/nexus/plugins/ui/rest/IndexTemplatePlexusResource.java

@@ -18,6 +18,8 @@
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
+
+import javax.enterprise.inject.Typed;
 import javax.inject.Inject;
 import javax.inject.Named;
 import javax.inject.Singleton;
@@ -51,6 +53,7 @@
 
 @Named("indexTemplate")
 @Singleton
+@Typed( ManagedPlexusResource.class )
 public class IndexTemplatePlexusResource
     extends AbstractPlexusResource
     implements ManagedPlexusResource

plugins/nexus-ui-extjs3-plugin/src/main/resources/static/js/Sonatype/utils.js

@@ -729,7 +729,7 @@ define('Sonatype/utils',['../extjs', 'Nexus/config', 'Nexus/util/Format', 'Sonat
           }
         },
         start : function() {
-          if (running === null) {
+          if (running === null && !Sonatype.utils.noSessionTimeout) {
             running = Ext.TaskMgr.start(config);
           }
         }};
@@ -833,6 +833,8 @@ define('Sonatype/utils',['../extjs', 'Nexus/config', 'Nexus/util/Format', 'Sonat
 
                 ns.formattedAppName = Ext.namespace('Sonatype.utils').parseFormattedAppName(respObj.data.formattedAppName);
 
+                ns.noSessionTimeout = respObj.data.noSessionTimeout;
+
                 Ext.get('logo').update('<span>' + ns.formattedAppName + '</span>');
 
                 Sonatype.view.headerPanel.doLayout();
@@ -858,6 +860,8 @@ define('Sonatype/utils',['../extjs', 'Nexus/config', 'Nexus/util/Format', 'Sonat
                 Sonatype.user.curr.username = null;
                 Sonatype.user.curr.loggedInUserSource = null;
 
+                // nexusStatus REST call unsuccessful, so we just turn off the ping here
+                ns.noSessionTimeout = true;
               }
 
               var availSvrs = Sonatype.config.installedServers;

plugins/restlet1x/nexus-restlet1x-model/src/main/mdo/vos.xml

@@ -3150,6 +3150,13 @@
           <required>true</required>
           <description>Flag that states if current installed license is a trial license.</description>
         </field>
+        <field>
+          <name>noSessionTimeout</name>
+          <version>1.0.0+</version>
+          <type>boolean</type>
+          <required>true</required>
+          <description>Flag that enables or disables the UI 'pinging' the status resource.</description>
+        </field>
       </fields>
     </class>
 

plugins/restlet1x/nexus-restlet1x-plugin/src/main/java/org/sonatype/nexus/rest/status/StatusPlexusResource.java

@@ -33,6 +33,7 @@
 import org.sonatype.nexus.rest.model.NexusAuthenticationClientPermissions;
 import org.sonatype.nexus.rest.model.StatusResource;
 import org.sonatype.nexus.rest.model.StatusResourceResponse;
+import org.sonatype.nexus.util.SystemPropertiesHelper;
 import org.sonatype.plexus.rest.resource.ManagedPlexusResource;
 import org.sonatype.plexus.rest.resource.PathProtectionDescriptor;
 import org.sonatype.security.rest.authentication.AbstractUIPermissionCalculatingPlexusResource;
@@ -50,6 +51,8 @@ public class StatusPlexusResource
     @Requirement
     private Nexus nexus;
 
+    private boolean noSessionTimeout = SystemPropertiesHelper.getBoolean( "nexus.ui.noSessionTimeout", false );
+
     @Override
     public Object getPayloadInstance()
     {
@@ -148,6 +151,8 @@ public Object get( Context context, Request request, Response response, Variant
 
         resource.setTrialLicense( status.isTrialLicense() );
 
+        resource.setNoSessionTimeout( noSessionTimeout );
+
         StatusResourceResponse result = new StatusResourceResponse();
 
         result.setData( resource );

plugins/restlet1x/nexus-restlet1x-plugin/src/main/java/org/sonatype/security/rest/AbstractSecurityPlexusResource.java

@@ -324,6 +324,7 @@ public void configureXStream( final XStream xstream )
         xstream.registerLocalConverter( UserChangePasswordResource.class, "newPassword", new HtmlUnescapeStringConverter( true ) );
         xstream.registerLocalConverter( RoleResource.class, "id", new HtmlUnescapeStringConverter( true ) );
         xstream.registerLocalConverter( UserResource.class, "userId", new HtmlUnescapeStringConverter( true ) );
+        xstream.registerLocalConverter( UserResource.class, "password", new HtmlUnescapeStringConverter( true ) );
         xstream.registerLocalConverter( RoleAndPrivilegeListResource.class, "id", new HtmlUnescapeStringConverter( true) );
 
         xstream.registerLocalConverter( UserResource.class, "roles", new HtmlUnescapeStringCollectionConverter( "role" ) );

pom.xml

@@ -20,7 +20,7 @@
   <parent>
     <groupId>org.sonatype.forge</groupId>
     <artifactId>forge-parent</artifactId>
-    <version>34</version>
+    <version>35</version>
   </parent>
 
   <groupId>org.sonatype.nexus</groupId>