inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Improvement to fix and encapsulate the test for user writes to preferences. Also switched around the test so the fastest and most likely to succeed tests go first.

Browse Source 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@41852 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Kevin Roast
2012-09-21 09:42:16 +00:00
parent 7df2b91486
commit 0dbc461fad
2 changed files with 66 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
config/alfresco/preference-service-context.xml
View File

@@ -38,14 +38,15 @@
<!-- Preference service implemenation bean --> <!-- Preference service implemenation bean -->
<bean id="preferenceService" class="org.alfresco.repo.preference.PreferenceServiceImpl"> <bean id="preferenceService" class="org.alfresco.repo.preference.PreferenceServiceImpl">
<property name="nodeService" ref="NodeService"/> <property name="nodeService" ref="NodeService"/>
<property name="contentService" ref="ContentService"/> <property name="contentService" ref="ContentService"/>
<property name="personService" ref="PersonService"/> <property name="personService" ref="PersonService"/>
<property name="permissionService" ref="PermissionService"/> <property name="permissionService" ref="PermissionService"/>
<property name="authenticationContext" ref="authenticationContext"/> <property name="authenticationContext" ref="authenticationContext"/>
</bean> <property name="authorityService" ref="AuthorityService"/>
</bean>
<bean id="preferenceServiceScript" parent="baseJavaScriptExtension" class="org.alfresco.repo.preference.script.ScriptPreferenceService"> <bean id="preferenceServiceScript" parent="baseJavaScriptExtension" class="org.alfresco.repo.preference.script.ScriptPreferenceService">
<property name="extensionName"> <property name="extensionName">
<value>preferenceService</value> <value>preferenceService</value>
</property> </property>

95
source/java/org/alfresco/repo/preference/PreferenceServiceImpl.java
View File

@@ -38,6 +38,7 @@ import org.alfresco.service.cmr.repository.ContentWriter;
import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService; import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.security.AccessStatus; import org.alfresco.service.cmr.security.AccessStatus;
import org.alfresco.service.cmr.security.AuthorityService;
import org.alfresco.service.cmr.security.PermissionService; import org.alfresco.service.cmr.security.PermissionService;
import org.alfresco.service.cmr.security.PersonService; import org.alfresco.service.cmr.security.PersonService;
import org.json.JSONException; import org.json.JSONException;
@@ -64,6 +65,9 @@ public class PreferenceServiceImpl implements PreferenceService
/** Authentication Service */ /** Authentication Service */
private AuthenticationContext authenticationContext; private AuthenticationContext authenticationContext;
/** Authority Service */
private AuthorityService authorityService;
/** /**
* Set the node service * Set the node service
@@ -114,6 +118,14 @@ public class PreferenceServiceImpl implements PreferenceService
{ {
this.authenticationContext = authenticationContext; this.authenticationContext = authenticationContext;
} }
/**
* @param authorityService the authorityService to set
*/
public void setAuthorityService(AuthorityService authorityService)
{
this.authorityService = authorityService;
}
/** /**
* @see org.alfresco.service.cmr.preference.PreferenceService#getPreferences(java.lang.String) * @see org.alfresco.service.cmr.preference.PreferenceService#getPreferences(java.lang.String)
@@ -134,15 +146,16 @@ public class PreferenceServiceImpl implements PreferenceService
// Get the user node reference // Get the user node reference
NodeRef personNodeRef = this.personService.getPerson(userName); NodeRef personNodeRef = this.personService.getPerson(userName);
if (personNodeRef == null) if (personNodeRef == null)
{ {
throw new AlfrescoRuntimeException("Can not get preferences for " + userName throw new AlfrescoRuntimeException("Could not get preferences for " + userName + " because they do not exist.");
+ " because he/she does not exist.");
} }
String currentUserName = AuthenticationUtil.getFullyAuthenticatedUser(); String currentUserName = AuthenticationUtil.getFullyAuthenticatedUser();
if (authenticationContext.isSystemUserName(currentUserName) == true || userName.equals(currentUserName) == true if (userName.equals(currentUserName) ||
|| AuthenticationUtil.getAdminUserName().equals(currentUserName)) personService.getUserIdentifier(userName).equals(personService.getUserIdentifier(currentUserName)) ||
authenticationContext.isSystemUserName(currentUserName) ||
authorityService.isAdminAuthority(currentUserName))
{ {
try try
{ {
@@ -162,10 +175,10 @@ public class PreferenceServiceImpl implements PreferenceService
Iterator<String> keys = jsonPrefs.keys(); Iterator<String> keys = jsonPrefs.keys();
while (keys.hasNext()) while (keys.hasNext())
{ {
String key = (String) keys.next(); final String key = (String) keys.next();
if (preferenceFilter == null || preferenceFilter.length() == 0 if (preferenceFilter == null || preferenceFilter.length() == 0 ||
|| matchPreferenceNames(key, preferenceFilter) == true) matchPreferenceNames(key, preferenceFilter) == true)
{ {
preferences.put(key, (Serializable) jsonPrefs.get(key)); preferences.put(key, (Serializable) jsonPrefs.get(key));
} }
@@ -228,16 +241,12 @@ public class PreferenceServiceImpl implements PreferenceService
{ {
// Get the user node reference // Get the user node reference
final NodeRef personNodeRef = this.personService.getPerson(userName); final NodeRef personNodeRef = this.personService.getPerson(userName);
if (personNodeRef == null) { throw new AlfrescoRuntimeException("Can not update preferences for " + userName if (personNodeRef == null)
+ " because he/she does not exist."); } {
throw new AlfrescoRuntimeException("Could not update preferences for " + userName + " because they do not exist.");
// Can only set preferences if the currently logged in user matches the }
// user name being updated or
// the user already has write permissions on the person node if (userCanWritePreferences(userName, personNodeRef))
String currentUserName = AuthenticationUtil.getFullyAuthenticatedUser();
if (authenticationContext.isSystemUserName(currentUserName) == true
|| permissionService.hasPermission(personNodeRef, PermissionService.WRITE) == AccessStatus.ALLOWED
|| userName.equals(currentUserName) == true)
{ {
AuthenticationUtil.runAs(new RunAsWork<Object>() AuthenticationUtil.runAs(new RunAsWork<Object>()
{ {
@@ -283,14 +292,13 @@ public class PreferenceServiceImpl implements PreferenceService
return null; return null;
} }
}, AuthenticationUtil.SYSTEM_USER_NAME); }, AuthenticationUtil.SYSTEM_USER_NAME);
} }
else else
{ {
// The current user does not have sufficient permissions to update // The current user does not have sufficient permissions to update
// the preferences for this user // the preferences for this user
throw new UnauthorizedAccessException("The current user " + currentUserName throw new UnauthorizedAccessException("The current user " + AuthenticationUtil.getFullyAuthenticatedUser()
+ " does not have sufficient permissions to update the preferences of the user " + userName); + " does not have sufficient permissions to update the preferences of the user " + userName);
} }
} }
@@ -302,7 +310,7 @@ public class PreferenceServiceImpl implements PreferenceService
{ {
clearPreferences(userName, null); clearPreferences(userName, null);
} }
/** /**
* @see org.alfresco.repo.person.PersonService#clearPreferences(java.lang.String, * @see org.alfresco.repo.person.PersonService#clearPreferences(java.lang.String,
* java.lang.String) * java.lang.String)
@@ -311,16 +319,12 @@ public class PreferenceServiceImpl implements PreferenceService
{ {
// Get the user node reference // Get the user node reference
final NodeRef personNodeRef = this.personService.getPerson(userName); final NodeRef personNodeRef = this.personService.getPerson(userName);
if (personNodeRef == null) { throw new AlfrescoRuntimeException("Can not update preferences for " + userName if (personNodeRef == null)
+ " because he/she does not exist."); } {
throw new AlfrescoRuntimeException("Could not update preferences for " + userName + " because they do not exist.");
// Can only set preferences if the currently logged in user matches the }
// user name being updated or
// the user already has write permissions on the person node if (userCanWritePreferences(userName, personNodeRef))
String currentUserName = AuthenticationUtil.getFullyAuthenticatedUser();
if (authenticationContext.isSystemUserName(currentUserName) == true
|| permissionService.hasPermission(personNodeRef, PermissionService.WRITE) == AccessStatus.ALLOWED
|| userName.equals(currentUserName) == true)
{ {
AuthenticationUtil.runAs(new RunAsWork<Object>() AuthenticationUtil.runAs(new RunAsWork<Object>()
{ {
@@ -347,10 +351,10 @@ public class PreferenceServiceImpl implements PreferenceService
Iterator<String> keys = jsonPrefs.keys(); Iterator<String> keys = jsonPrefs.keys();
while (keys.hasNext()) while (keys.hasNext())
{ {
String key = (String) keys.next(); final String key = (String) keys.next();
if (preferenceFilter == null || preferenceFilter.length() == 0 if (preferenceFilter == null || preferenceFilter.length() == 0 ||
|| matchPreferenceNames(key, preferenceFilter) == true) matchPreferenceNames(key, preferenceFilter) == true)
{ {
removeKeys.add(key); removeKeys.add(key);
} }
@@ -383,9 +387,26 @@ public class PreferenceServiceImpl implements PreferenceService
{ {
// The current user does not have sufficient permissions to update // The current user does not have sufficient permissions to update
// the preferences for this user // the preferences for this user
throw new UnauthorizedAccessException("The current user " + currentUserName throw new UnauthorizedAccessException("The current user " + AuthenticationUtil.getFullyAuthenticatedUser()
+ " does not have sufficient permissions to update the preferences of the user " + userName); + " does not have sufficient permissions to update the preferences of the user " + userName);
} }
} }
/**
* Helper to encapsulate the test for whether the currently authenticated user can write to the
* preferences objects for the given username and person node reference.
*
* @param userName Username owner of the preferences object for modification test
* @param personNodeRef Non-null person representing the given username
*
* @return true if they are allowed to write to the user preferences, false otherwise
*/
private boolean userCanWritePreferences(final String userName, final NodeRef personNodeRef)
{
final String currentUserName = AuthenticationUtil.getFullyAuthenticatedUser();
return (userName.equals(currentUserName) ||
personService.getUserIdentifier(userName).equals(personService.getUserIdentifier(currentUserName)) ||
authenticationContext.isSystemUserName(currentUserName) ||
permissionService.hasPermission(personNodeRef, PermissionService.WRITE) == AccessStatus.ALLOWED);
}
} }