Merged 5.0.N (5.0.3) to HEAD (5.1/Cloud)

108605: MNT-14413: Merged 5.0.1 (5.0.1.4) to 5.0.N (5.0.3)
      108254: MNT-14366 : Re-created user does not have access to his existing workflows
         - get owner property from initiatorhome nodeRef if initiator nodeRef no longer exists,
      108318: MNT-14366 : Re-created user does not have access to his existing workflows
         - fix for failed tests,
      108467: MNT-14366 : Re-created user does not have access to his existing workflows
         - test to check functionality is working 


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@108616 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261

config/alfresco/public-services-security-context.xml

@@ -939,6 +939,7 @@
       <property name="personService"><ref bean="personService"/></property>
       <property name="authorityService"><ref bean="authorityService"/></property>
       <property name="workflowService"><ref bean="workflowServiceImpl" /></property>
+      <property name="nodeService"><ref bean="nodeService"></ref></property>
     </bean>
 
     <!-- ============= -->

source/java/org/alfresco/service/cmr/workflow/WorkflowPermissionInterceptor.java

@@ -29,9 +29,11 @@ import java.util.Set;
 import org.alfresco.model.ContentModel;
 import org.alfresco.repo.security.authentication.AuthenticationUtil;
 import org.alfresco.repo.security.permissions.AccessDeniedException;
+import org.alfresco.repo.workflow.WorkflowConstants;
 import org.alfresco.repo.workflow.WorkflowModel;
 import org.alfresco.repo.workflow.activiti.ActivitiConstants;
 import org.alfresco.service.cmr.repository.NodeRef;
+import org.alfresco.service.cmr.repository.NodeService;
 import org.alfresco.service.cmr.security.AuthorityService;
 import org.alfresco.service.cmr.security.PersonService;
 import org.alfresco.service.namespace.QName;
@@ -43,6 +45,7 @@ public class WorkflowPermissionInterceptor implements MethodInterceptor
     private PersonService personService;
     private AuthorityService authorityService;
     private WorkflowService workflowService;
+    private NodeService nodeService;
 
     @Override
     public Object invoke(MethodInvocation invocation) throws Throwable
@@ -137,6 +140,16 @@ public class WorkflowPermissionInterceptor implements MethodInterceptor
         Map<QName, Serializable> props = wt.getProperties();
 
         String ownerName = (String) props.get(ContentModel.PROP_OWNER);
+		//fix for MNT-14366; if owner value can't be found on workflow properties because initiator nodeRef no longer exists
+		//get owner from initiatorhome nodeRef owner property
+        if (ownerName == null)
+        {
+            NodeRef initiatorHomeNodeRef = (NodeRef)props.get( QName.createQName("", WorkflowConstants.PROP_INITIATOR_HOME));
+            if (initiatorHomeNodeRef != null )
+            {
+                ownerName = (String)nodeService.getProperty(initiatorHomeNodeRef, ContentModel.PROP_OWNER);
+            }
+        }
         if (userName != null && userName.equalsIgnoreCase(ownerName))
         {
             return true;
@@ -274,4 +287,9 @@ public class WorkflowPermissionInterceptor implements MethodInterceptor
     {
         this.workflowService = workflowService;
     }
+    
+    public void setNodeService(NodeService nodeService)
+    {
+        this.nodeService = nodeService;
+    }
 }

source/test-java/org/alfresco/repo/security/person/TestPersonManager.java

@@ -77,6 +77,20 @@ public class TestPersonManager
         }, AuthenticationUtil.getSystemUserName());
     }
     
+    public void deletePerson(final String userName)
+    {
+        AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Void>()
+        {
+            public Void doWork() throws Exception
+            {
+                personService.deletePerson(userName);
+                return null;
+            }
+        }, AuthenticationUtil.getSystemUserName());
+        people.remove(userName);
+        AuthenticationUtil.clearCurrentSecurityContext();
+    }
+
     private NodeRef makePersonNode(String userName)
     {
         PropertyMap personProps = makePersonProperties(userName);

source/test-java/org/alfresco/repo/workflow/activiti/ActivitiWorkflowServiceIntegrationTest.java

@@ -44,6 +44,7 @@ import org.alfresco.service.cmr.workflow.WorkflowTaskQuery;
 import org.alfresco.service.cmr.workflow.WorkflowTaskState;
 import org.alfresco.service.namespace.NamespaceService;
 import org.alfresco.service.namespace.QName;
+import org.alfresco.util.GUID;
 
 /**
  * @author Nick Smith
@@ -51,6 +52,8 @@ import org.alfresco.service.namespace.QName;
  */
 public class ActivitiWorkflowServiceIntegrationTest extends AbstractWorkflowServiceIntegrationTest
 {
+    private final static String USER_RECREATED = "WFUserRecreated" + GUID.generate();
+    
     public void testOutcome() throws Exception
     {
         WorkflowDefinition definition = deployDefinition("alfresco/workflow/review.bpmn20.xml");
@@ -354,6 +357,44 @@ public class ActivitiWorkflowServiceIntegrationTest extends AbstractWorkflowServ
         assertEquals("Assign listener was not triggered", new Double(1), assignment1);
     }
     
+    /**
+     * Test for MNT-14366
+     */
+    public void testWorkflowRecreatedUser()
+    {
+        WorkflowDefinition definition = deployDefinition("alfresco/workflow/review.bpmn20.xml");
+        
+        personManager.createPerson(USER_RECREATED);
+        personManager.setUser(USER_RECREATED);
+        
+        //create an workfow as USER_RECREATED
+        Map<QName, Serializable> params = new HashMap<QName, Serializable>();
+        Serializable wfPackage = workflowService.createPackage(null);
+        params.put(WorkflowModel.ASSOC_PACKAGE, wfPackage);
+        NodeRef assignee = personManager.get(USER2);
+        params.put(WorkflowModel.ASSOC_ASSIGNEE, assignee);  // task instance field
+        WorkflowPath path = workflowService.startWorkflow(definition.getId(), params);
+        String instanceId = path.getInstance().getId();
+        
+        //check if workflow owner property value is the same as initiator username
+        WorkflowTask startTask = workflowService.getStartTask(instanceId);
+        String owner = (String)startTask.getProperties().get(ContentModel.PROP_OWNER);
+        assertEquals(owner, USER_RECREATED);
+
+        //delete and recreate user
+        personManager.deletePerson(USER_RECREATED);
+        personManager.createPerson(USER_RECREATED);
+        personManager.setUser(USER_RECREATED);
+
+        //check workflow owner after user deletion and recreation
+        startTask = workflowService.getStartTask(instanceId);
+        owner = (String)startTask.getProperties().get(ContentModel.PROP_OWNER);
+        //owner is now null as nodeRef pointed by initiator property no longer exists;
+        //user has access to wokflow because owner value is extracted after fix from initiatorhome noderef
+        assertNull(owner);        
+        workflowService.endTask(startTask.getId(), null);
+    }
+    
     protected String getLongString(int numberOfCharacters) {
         StringBuffer stringBuffer = new StringBuffer();
         for(int i=0; i<numberOfCharacters/10;i++) {