Fix authority-related bugs

- migration patch uses non-public authority service
- root authority query ignores deleted nodes
- avoid exception for getContainingAuthorities("System")
- update unit test to cope with corrected EMAIL_CONTRIBUTORS group and slight difference in behaviour with root authorities

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@14609 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261

config/alfresco/patch/patch-services-context.xml

@@ -1796,7 +1796,7 @@
         <property name="fixesToSchema"><value>2012</value></property>
         <property name="targetSchema"><value>2013</value></property>
         <property name="authorityService">
-            <ref bean="AuthorityService" />
+            <ref bean="authorityService" />
         </property>
         <property name="userBootstrap">
             <ref bean="userBootstrap" />

source/java/org/alfresco/repo/domain/hibernate/Node.hbm.xml

@@ -787,6 +787,7 @@
          s.protocol = :storeProtocol AND
          s.identifier = :storeIdentifier AND
          n.type_qname_id = :nodeTypeQNameID AND
+         n.node_deleted = :isDeleted AND
          a.child_node_id IS NULL
    </sql-query>    
 

source/java/org/alfresco/repo/node/db/hibernate/HibernateNodeDaoServiceImpl.java

@@ -2787,7 +2787,8 @@ public class HibernateNodeDaoServiceImpl extends HibernateDaoSupport implements
                         HibernateNodeDaoServiceImpl.QUERY_GET_NODES_WITHOUT_PARENT_ASSOCS_OF_TYPE).setString(
                         "storeProtocol", storeRef.getProtocol()).setString("storeIdentifier", storeRef.getIdentifier())
                         .setLong("nodeTypeQNameID", qnameDAO.getOrCreateQName(nodeTypeQName).getFirst()).setLong(
-                                "assocTypeQNameID", qnameDAO.getOrCreateQName(assocTypeQName).getFirst());
+                                "assocTypeQNameID", qnameDAO.getOrCreateQName(assocTypeQName).getFirst()).setBoolean(
+                                "isDeleted", false);
                 DirtySessionMethodInterceptor.setQueryFlushMode(session, query);
                 return query.scroll(ScrollMode.FORWARD_ONLY);
             }

source/java/org/alfresco/repo/security/authority/AuthorityDAOImpl.java

@@ -122,9 +122,11 @@ public class AuthorityDAOImpl implements AuthorityDAO
             throw new UnknownAuthorityException("An authority was not found for " + parentName);
         }
         AuthorityType authorityType = AuthorityType.getAuthorityType(childName);
-        if (!authorityType.equals(AuthorityType.USER) && !authorityType.equals(AuthorityType.GROUP))
+        if (!authorityType.equals(AuthorityType.USER) && !authorityType.equals(AuthorityType.GROUP)
+                && !(authorityType.equals(AuthorityType.ROLE) && AuthorityType.getAuthorityType(parentName).equals(
+                        AuthorityType.ROLE)))
         {
-            throw new AlfrescoRuntimeException("Authorities of the type " + AuthorityType.getAuthorityType(childName)
+            throw new AlfrescoRuntimeException("Authorities of the type " + authorityType
                     + " may not be added to other authorities");
         }
         NodeRef childRef = getAuthorityOrNull(childName);
@@ -308,7 +310,8 @@ public class AuthorityDAOImpl implements AuthorityDAO
     private void findAuthorities(AuthorityType type, String name, Set<String> authorities, boolean parents,
             boolean recursive)
     {
-        if (AuthorityType.getAuthorityType(name).equals(AuthorityType.GUEST))
+        AuthorityType localType = AuthorityType.getAuthorityType(name); 
+        if (localType.equals(AuthorityType.GUEST))
         {
             // Nothing to do
         }
@@ -316,13 +319,16 @@ public class AuthorityDAOImpl implements AuthorityDAO
         {
             NodeRef ref = getAuthorityOrNull(name);
 
-            if (ref == null)
+            if (ref != null)
             {
+                findAuthorities(type, null, ref, authorities, parents, recursive, false);
+            }
+            else if (!localType.equals(AuthorityType.USER))
+            {
+                // Don't worry about missing person objects. It might be the system user or a user yet to be
+                // auto-created
                 throw new UnknownAuthorityException("An authority was not found for " + name);
             }
-
-            findAuthorities(type, null, ref, authorities, parents, recursive, false);
-
         }
     }
 

source/java/org/alfresco/repo/security/authority/AuthorityServiceTest.java

@@ -215,7 +215,7 @@ public class AuthorityServiceTest extends TestCase
         authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
         assertTrue(authorityService.hasAdminAuthority());
         assertTrue(pubAuthorityService.hasAdminAuthority());
-        assertEquals(3, authorityService.getAuthorities().size());
+        assertEquals(4, authorityService.getAuthorities().size());
     }
 
     public void testAuthorities()
@@ -613,7 +613,9 @@ public class AuthorityServiceTest extends TestCase
         pubAuthorityService.addAuthority(auth3, auth2);
 
         assertEquals(7, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
-        assertEquals(4, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
+        
+        // Number of root authorities has been reduced since auth2 is no longer an orphan
+        assertEquals(3, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
         // The next call looks for people not users :-)
         checkAuthorityCollectionSize(3, pubAuthorityService.getAllAuthorities(AuthorityType.USER), AuthorityType.USER);
         assertEquals(4, pubAuthorityService.getContainingAuthorities(null, "andy", false).size());