Content Selectors

Content selectors provide a means for you to select specific content from all of your content. The content you select is evaluated against expressions written in CSEL (Content Selector Expression Language). CSEL is a light version of JEXL used to script queries along specific paths and coordinates available to your repository manager formats.

What Happened to JEXL?

We discovered that JEXL based content selectors weren't meeting performance expectations. To address this we introduced CSEL based selectors to support changes coming in future releases. When you upgrade, Nexus Repository will automatically upgrade as many of your existing JEXL selectors to CSEL selectors as possible. Any remaining JEXL selectors will continue to function, but we encourage you to perform an upgrade as soon as possible.

Content selectors allow you to define what content users are allowed to access. You can define, in a simplified example, a selector named "Apache Maven" with a search expression of path =~ "^/org/apache/maven/". This would match all components that start with the designated component path.

Creating a Query

Before you identify user permissions for your selector, create the query first. Click Content Selectors located in Repository, from the Administration menu. Click Create selector to open a new form.

In the Selector ID section enter a Name and (optional) Description of your selector in the corresponding fields. In the Specification section use the Search expression field to build your query using CSEL syntax.

You can preview your selector and what results it will return by clicking the Preview results button. On click, a modal will appear as shown in Figure: “Content Selector Preview Modal”. The Expression field will automatically be filled in with anything you had in the Search expression field. Similarly, any changes to Expression will be saved to the Search expression when you close the preview.

Figure: Content Selector Preview Modal

To see results your selector would find, select a repository or grouping of repositories from the Preview Repository dropdown and click the Preview button. Assets that match will be returned in the space below the filter and can be filtered upon if you wish to check on a specific result. The Name column is also sortable in ascending or descending order. Close returns you to the content selector creation screen.

Once you are satisfied with your fields, click Create selector to create the Content Selector. All saved selector queries you create will be listed in the Content Selectors screen.

Managing Selector Permissions

As part of your security setup, you can create user permissions to manage the filters you built in the Create Selector form. You can add a new privilege that controls operations of readeditdelete or * (all) for components matching that selector. The privilege can even span multiple repositories.

To create a new content selector privilege, click Privileges in the Security section of the Administration panel. Then click the Create Privilege button. Locate and click Repository Content Selector from the list of options in Select Privilege Type. You will see a form that displays the following:

  • Name: Create a name for the content selector privilege.

  • Description: Add a brief description for the privilege.

  • Content Selector: Use this dropdown to select from a list of selectors you created.

  • Repository: Use this dropdown to select from either a range of all repository contents, all repository contents of an individual format, or repositories created by you.

  • Actions: Grant readeditdelete, or * (all) privileges for user access control.

To complete the form, save the new privilege by clicking Create privilege. You can use your new privilege to regulate what permissible data you want the user to access. You could group all related privileges into a role as documented in Roles. Ultimately, you could assign your roles to a user, as mentioned in Users.

A practical example might be where you delegate all control of components in org.apache.maven to a "Maven" team. This way, you would not need to create separate repositories for each logical division of your components.

Content Selector Reference

Below are the allowable attributes for content selectors that define path and format as values supported by Nexus Repository Manager.

AttributeAllowed Values
pathThe path of your repository content
formatThe format of the content for which you query


Content Selector Examples

Valid operators:

  • ==
    Matches text exactly.
    e.g. format == "raw"
     
  • =~
    Matches a Java regular expression pattern.
    e.g. path =~ "^/org/apache/commons/.*"
     
  • =^
    Starts with text.
    e.g. path =^ "/com/example/"

  • and
    Match all expressions.
    e.g. format == "maven2" and path =~ "^/org/apache/commons/.*"
     
  • or
    Match any expression.
    e.g. format == "maven2" or format == "npm"

  • expr )
    Group multiple expressions.
    e.g. format == "npm" or (format == "maven2" and path =~ "^/org/apache/commons/.*")

Usage examples:

Select all raw format content

format == "raw"

Select all maven2 content along a path that starts with org.apache.commons

format == "maven2" and path =~ "^/org/apache/commons/.*"

When writing a content selector, remember that the asset’s path will always begin with a leading slash when the selector is evaluated. This is true even though the leading slash is not displayed when searching or browsing assets.

Remember that to allow proper access when using Tree browsing in the UI, the content selectors need to include permissions for parent directories of the artifacts.  Following along with the apache-commons examples used above, you would want something similar to this: format == "maven2" and path =~ "/|/org/|/org/apache/|/org/apache/commons/.*". Alternatively, if you don't mind users being able to see any directory name (just not the contents), you could use format== "maven2" and path =~".*/|/org/apache/commons.*".