Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import org.sonatype.nexus.common.entity.*
- import org.sonatype.nexus.security.*
- import org.sonatype.nexus.security.authz.*
- import org.sonatype.nexus.selector.*
- import com.google.common.collect.ImmutableMap
- // use container.lookup to fetch internal APIs we need to use
- def selectorManager = container.lookup(SelectorManager.class.name)
- def securitySystem = container.lookup(SecuritySystem.class.name)
- def authorizationManager = securitySystem.getAuthorizationManager('default')
- // create content selector (if not already present)
- def selectorConfig = new SelectorConfiguration(
- name: 'mycompany-custom-selector',
- type: 'jexl',
- description: 'selector for my custom package',
- attributes: ['expression': 'coordinate.groupId =^ "com.mycompany"']
- )
- if (selectorManager.browse().find { it -> it.name == selectorConfig.name } == null) {
- selectorManager.create(selectorConfig)
- }
- // create snapshot and release repositories
- def snapshotName = "mycompany-maven-snapshots"
- def releaseName = "mycompany-maven-releases"
- repository.createMavenHosted(snapshotName, 'default', false,
- org.sonatype.nexus.repository.maven.VersionPolicy.SNAPSHOT,
- org.sonatype.nexus.repository.storage.WritePolicy.ALLOW)
- repository.createMavenHosted(releaseName, 'default', false,
- org.sonatype.nexus.repository.maven.VersionPolicy.RELEASE,
- org.sonatype.nexus.repository.storage.WritePolicy.ALLOW_ONCE)
- // create content selector privilege for release repo
- def releaseProperties = ImmutableMap.builder()
- .put("content-selector", selectorConfig.name)
- .put("repository", releaseName)
- .put("actions", "browse,read,edit")
- .build()
- def releasePrivilege = new org.sonatype.nexus.security.privilege.Privilege(
- id: "mycompany-release-priv",
- version: '',
- name: "mycompany-release-priv",
- description: "Content Selector Release privilege",
- type: "repository-content-selector",
- properties: releaseProperties
- )
- authorizationManager.addPrivilege(releasePrivilege)
- // create content selector privilege for snapshot repo
- def snapshotProperties = ImmutableMap.builder()
- .put("content-selector", selectorConfig.name)
- .put("repository", snapshotName)
- .put("actions", "browse,read,edit")
- .build()
- def snapshotPrivilege = new org.sonatype.nexus.security.privilege.Privilege(
- id: "mycompany-snapshot-priv",
- version: '',
- name: "mycompany-snapshot-priv",
- description: "Content Selector Snapshot privilege",
- type: "repository-content-selector",
- properties: snapshotProperties
- )
- authorizationManager.addPrivilege(snapshotPrivilege)
- // create a role with the snapshot and release privileges
- def role = new org.sonatype.nexus.security.role.Role(
- roleId: "mycompany-role",
- source: "Nexus",
- name: "mycompany-role",
- description: "My Company Role",
- readOnly: false,
- privileges: [ snapshotPrivilege.id, releasePrivilege.id ],
- roles: []
- )
- authorizationManager.addRole(role)
- // add a local user account with the role
- security.addUser("devuser",
- "Delilah", "Developer",
- "companydev@mycompany.com", true,
- "devpassword", [ role.roleId ])
Add Comment
Please, Sign In to add comment