MT fixes to provide initial support for tenant-specific guests

- explicit guest access is required, such as "guest@tenant1" (note: implicit/anonymous guest access can only login to the default domain) - also fixes issue with "Show All" users, when logged in as a tenant admin git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@7748 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-07-24 17:32:48 +00:00 · 2008-01-03 15:06:07 +00:00
parent 1ddcbd15f1
commit 0a7fef92aa
8 changed files with 84 additions and 32 deletions
--- a/source/java/org/alfresco/repo/security/permissions/impl/PermissionServiceImpl.java
+++ b/source/java/org/alfresco/repo/security/permissions/impl/PermissionServiceImpl.java
@@ -433,7 +433,15 @@ public class PermissionServiceImpl implements PermissionServiceSPI, Initializing
        }
        // TODO: Refactor and use the authentication service for this.
        User user = (User) auth.getPrincipal();
-        auths.add(user.getUsername());
+        
+        String username = user.getUsername();
+        auths.add(username);
+        
+        if (tenantService.getBaseNameUser(username).equalsIgnoreCase(PermissionService.GUEST_AUTHORITY))
+        {
+        	auths.add(PermissionService.GUEST_AUTHORITY);
+        }
+        
        for (GrantedAuthority authority : auth.getAuthorities())
        {
            auths.add(authority.getAuthority());
@@ -444,7 +452,7 @@ public class PermissionServiceImpl implements PermissionServiceSPI, Initializing
            {
                for (DynamicAuthority da : dynamicAuthorities)
                {
-                    if (da.hasAuthority(nodeRef, user.getUsername()))
+                    if (da.hasAuthority(nodeRef, username))
                    {
                        auths.add(da.getAuthority());
                    }