inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

ALF-9156 Switch the Calender basic listing to using a canned query directly, and start on a permissions check for it (currently disabled)

Browse Source 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@28986 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Nick Burch
2011-07-13 15:26:58 +00:00
parent 097482c3ee
commit 128d5c9afc
4 changed files with 231 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
config/alfresco/calendar-services-context.xml
View File

@@ -16,7 +16,7 @@
<idref local="CalendarService_transaction" />
<idref bean="AuditMethodInterceptor" />
<idref bean="exceptionTranslator" />
<idref local="CalendarService_security" />
<idref bean="CalendarService_security" />
</list>
</property>
</bean>
@@ -34,9 +34,23 @@
</property>
</bean>
<!-- Calendar service security bean -->
<bean id="CalendarService_security"
class="org.alfresco.repo.security.permissions.impl.AlwaysProceedMethodInterceptor" />
<!-- List of Calendar Canned queries -->
<bean id="calendarCannedQueryRegistry" class="org.alfresco.util.registry.NamedObjectRegistry">
<property name="storageType" value="org.alfresco.query.CannedQueryFactory"/>
</bean>
<!-- The regular GetChildren Canned Query Factory -->
<bean name="calendarGetChildrenCannedQueryFactory" class="org.alfresco.repo.node.getchildren.GetChildrenCannedQueryFactory">
<property name="registry" ref="calendarCannedQueryRegistry"/>
<property name="dictionaryService" ref="dictionaryService"/>
<property name="tenantService" ref="tenantService"/>
<property name="nodeDAO" ref="nodeDAO"/>
<property name="qnameDAO" ref="qnameDAO"/>
<property name="localeDAO" ref="localeDAO"/>
<property name="contentDataDAO" ref="contentDataDAO"/>
<property name="cannedQueryDAO" ref="cannedQueryDAO"/>
<property name="methodSecurity" ref="CalendarService_security_listCalendarEntries"/>
</bean>
<!-- Calendar Service base bean -->
<bean id="calendarService" class="org.alfresco.repo.calendar.CalendarServiceImpl">
@@ -44,9 +58,9 @@
<property name="siteService" ref="SiteService"/>
<property name="searchService" ref="SearchService" /> <!-- TODO Temp -->
<property name="taggingService" ref="TaggingService"/>
<property name="fileFolderService" ref="FileFolderService" /> <!-- TODO Temp -->
<property name="permissionService" ref="PermissionService"/>
<property name="transactionService" ref="transactionService" />
<property name="cannedQueryRegistry" ref="calendarCannedQueryRegistry" />
</bean>
</beans>

27
config/alfresco/public-services-security-context.xml
View File

@@ -962,6 +962,33 @@
</bean>
<!-- ==================== -->
<!-- The Calendar Service -->
<!-- ==================== -->
<!-- The calendar service itself does not require any security restrictions, -->
<!-- they are imposed by the node and site services it uses to do its work. -->
<bean id="CalendarService_security" class="org.alfresco.repo.security.permissions.impl.AlwaysProceedMethodInterceptor" />
<!-- The canned queries that the calendar service uses do however need to check -->
<bean id="CalendarService_CannedQuery_security" class="org.alfresco.repo.security.permissions.impl.acegi.MethodSecurityInterceptor">
<property name="authenticationManager"><ref bean="authenticationManager"/></property>
<property name="accessDecisionManager"><ref local="accessDecisionManager"/></property>
<property name="afterInvocationManager"><ref local="afterInvocationManager"/></property>
<property name="objectDefinitionSource">
<value>
org.alfresco.service.cmr.calendar.CalendarService.listCalendarEntries=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
</value>
</property>
</bean>
<bean id="CalendarService_security_listCalendarEntries" class="org.alfresco.repo.security.permissions.impl.acegi.MethodSecurityBean">
<property name="methodSecurityInterceptor" ref="CalendarService_CannedQuery_security" />
<property name="service" value="org.alfresco.service.cmr.calendar.CalendarService" />
<property name="methodName" value="listCalendarEntries" />
</bean>
<!-- ======================== -->
<!-- Repository Admin Service -->
<!-- ======================== -->

66
source/java/org/alfresco/repo/calendar/CalendarServiceImpl.java
View File

@@ -28,14 +28,16 @@ import java.util.Set;
import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.model.ContentModel;
import org.alfresco.query.CannedQueryFactory;
import org.alfresco.query.CannedQueryResults;
import org.alfresco.query.PagingRequest;
import org.alfresco.query.PagingResults;
import org.alfresco.repo.node.getchildren.GetChildrenCannedQuery;
import org.alfresco.repo.node.getchildren.GetChildrenCannedQueryFactory;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback;
import org.alfresco.service.cmr.calendar.CalendarEntry;
import org.alfresco.service.cmr.calendar.CalendarService;
import org.alfresco.service.cmr.model.FileFolderService;
import org.alfresco.service.cmr.model.FileInfo;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.search.SearchService;
@@ -45,6 +47,7 @@ import org.alfresco.service.cmr.tagging.TaggingService;
import org.alfresco.service.namespace.QName;
import org.alfresco.service.transaction.TransactionService;
import org.alfresco.util.Pair;
import org.alfresco.util.registry.NamedObjectRegistry;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -63,6 +66,8 @@ public class CalendarServiceImpl implements CalendarService
*/
private static final int MAX_QUERY_ENTRY_COUNT = 10000;
private static final String CANNED_QUERY_GET_CHILDREN = "calendarGetChildrenCannedQueryFactory";
/**
* The logger
*/
@@ -72,9 +77,9 @@ public class CalendarServiceImpl implements CalendarService
private SiteService siteService;
private SearchService searchService; // TODO Temp only
private TaggingService taggingService;
private FileFolderService fileFolderService; // TODO Temp only
private PermissionService permissionService;
private TransactionService transactionService;
private NamedObjectRegistry<CannedQueryFactory<NodeRef>> cannedQueryRegistry;
public void setNodeService(NodeService nodeService)
{
@@ -99,14 +104,6 @@ public class CalendarServiceImpl implements CalendarService
this.taggingService = taggingService;
}
/**
* TODO Temp only
*/
public void setFileFolderService(FileFolderService fileFolderService)
{
this.fileFolderService = fileFolderService;
}
public void setPermissionService(PermissionService permissionService)
{
this.permissionService = permissionService;
@@ -117,6 +114,14 @@ public class CalendarServiceImpl implements CalendarService
this.transactionService = transactionService;
}
/**
* Set the registry of {@link CannedQueryFactory canned queries}
*/
public void setCannedQueryRegistry(NamedObjectRegistry<CannedQueryFactory<NodeRef>> cannedQueryRegistry)
{
this.cannedQueryRegistry = cannedQueryRegistry;
}
/**
* Fetches the Calendar Container on a site, creating as required if requested.
*/
@@ -362,9 +367,6 @@ public class CalendarServiceImpl implements CalendarService
public PagingResults<CalendarEntry> listCalendarEntries(
String siteShortName, PagingRequest paging)
{
// TODO Switch to this
//return listCalendarEntries(new String[] { siteShortName }, paging);
NodeRef container = getSiteCalendarContainer(siteShortName, false);
if(container == null)
{
@@ -372,11 +374,22 @@ public class CalendarServiceImpl implements CalendarService
return null;
}
// Ask the file folder service
// Build our sorting, by date
List<Pair<QName,Boolean>> sort = new ArrayList<Pair<QName, Boolean>>();
sort.add(new Pair<QName, Boolean>(CalendarModel.PROP_FROM_DATE, true));
sort.add(new Pair<QName, Boolean>(CalendarModel.PROP_TO_DATE, true));
PagingResults<FileInfo> results = fileFolderService.list(container, true, false, null, sort, paging);
// We only want calendar entries
Set<QName> types = new HashSet<QName>();
types.add(CalendarModel.TYPE_EVENT);
// Run the canned query
GetChildrenCannedQueryFactory getChildrenCannedQueryFactory = (GetChildrenCannedQueryFactory)cannedQueryRegistry.getNamedObject(CANNED_QUERY_GET_CHILDREN);
GetChildrenCannedQuery cq = (GetChildrenCannedQuery)getChildrenCannedQueryFactory.getCannedQuery(
container, types, null, sort, paging);
// Execute the canned query
CannedQueryResults<NodeRef> results = cq.execute();
return wrap(results);
}
@@ -384,6 +397,12 @@ public class CalendarServiceImpl implements CalendarService
public PagingResults<CalendarEntry> listCalendarEntries(
String[] siteShortNames, PagingRequest paging)
{
// If we only have the one site, use the list above
if(siteShortNames != null && siteShortNames.length == 1)
{
return listCalendarEntries(siteShortNames[0], paging);
}
// TODO Use search for now
return null;
}
@@ -397,9 +416,10 @@ public class CalendarServiceImpl implements CalendarService
}
/**
* TODO Temp hack!
* Our class to wrap up paged results of NodeRefs as
* CalendarEntry instances
*/
private PagingResults<CalendarEntry> wrap(final PagingResults<FileInfo> results)
private PagingResults<CalendarEntry> wrap(final PagingResults<NodeRef> results)
{
return new PagingResults<CalendarEntry>()
{
@@ -412,11 +432,13 @@ public class CalendarServiceImpl implements CalendarService
public List<CalendarEntry> getPage()
{
List<CalendarEntry> entries = new ArrayList<CalendarEntry>();
for(FileInfo file : results.getPage())
for(NodeRef nodeRef : results.getPage())
{
CalendarEntryImpl entry = new CalendarEntryImpl(file.getNodeRef(), file.getName());
entry.populate(nodeService.getProperties(file.getNodeRef()));
entry.setTags(taggingService.getTags(file.getNodeRef()));
String entryName = (String)nodeService.getProperty(nodeRef, ContentModel.PROP_NAME);
CalendarEntryImpl entry = new CalendarEntryImpl(nodeRef, entryName);
entry.populate(nodeService.getProperties(nodeRef));
entry.setTags(taggingService.getTags(nodeRef));
entries.add(entry);
}
return entries;

144
source/java/org/alfresco/repo/calendar/CalendarServiceImplTest.java
View File

@@ -42,7 +42,9 @@ import org.alfresco.service.cmr.calendar.CalendarService;
import org.alfresco.service.cmr.dictionary.DictionaryService;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.security.AccessStatus;
import org.alfresco.service.cmr.security.MutableAuthenticationService;
import org.alfresco.service.cmr.security.PermissionService;
import org.alfresco.service.cmr.security.PersonService;
import org.alfresco.service.cmr.site.SiteInfo;
import org.alfresco.service.cmr.site.SiteService;
@@ -75,8 +77,10 @@ public class CalendarServiceImplTest
private static CalendarService CALENDAR_SERVICE;
private static DictionaryService DICTIONARY_SERVICE;
private static NodeService NODE_SERVICE;
private static NodeService PUBLIC_NODE_SERVICE;
private static PersonService PERSON_SERVICE;
private static RetryingTransactionHelper TRANSACTION_HELPER;
private static PermissionService PERMISSION_SERVICE;
private static SiteService SITE_SERVICE;
private static TaggingService TAGGING_SERVICE;
@@ -84,6 +88,7 @@ public class CalendarServiceImplTest
private static final String ADMIN_USER = AuthenticationUtil.getAdminUserName();
private static SiteInfo CALENDAR_SITE;
private static SiteInfo ALTERNATE_CALENDAR_SITE;
/**
* Temporary test nodes (created during a test method) that need deletion after the test method.
@@ -101,8 +106,10 @@ public class CalendarServiceImplTest
CALENDAR_SERVICE = (CalendarService)testContext.getBean("CalendarService");
DICTIONARY_SERVICE = (DictionaryService)testContext.getBean("dictionaryService");
NODE_SERVICE = (NodeService)testContext.getBean("nodeService");
PUBLIC_NODE_SERVICE = (NodeService)testContext.getBean("NodeService");
PERSON_SERVICE = (PersonService)testContext.getBean("personService");
TRANSACTION_HELPER = (RetryingTransactionHelper)testContext.getBean("retryingTransactionHelper");
PERMISSION_SERVICE = (PermissionService)testContext.getBean("permissionService");
SITE_SERVICE = (SiteService)testContext.getBean("siteService");
TAGGING_SERVICE = (TaggingService)testContext.getBean("TaggingService");
@@ -111,7 +118,7 @@ public class CalendarServiceImplTest
// We need to create the test site as the test user so that they can contribute content to it in tests below.
AuthenticationUtil.setFullyAuthenticatedUser(TEST_USER);
createTestSite();
createTestSites();
}
@Test public void createNewEntry() throws Exception
@@ -468,6 +475,15 @@ public class CalendarServiceImplTest
results = CALENDAR_SERVICE.listCalendarEntries(CALENDAR_SITE.getShortName(), paging);
assertEquals(1, results.getPage().size());
assertEquals("TitleC", results.getPage().get(0).getTitle());
// Tidy
paging = new PagingRequest(10);
results = CALENDAR_SERVICE.listCalendarEntries(CALENDAR_SITE.getShortName(), paging);
for(CalendarEntry entry : results.getPage())
{
testNodesToTidy.add(entry.getNodeRef());
}
}
@Test public void calendarMultiSiteListing() throws Exception
@@ -475,19 +491,139 @@ public class CalendarServiceImplTest
// TODO
}
private static void createTestSite() throws Exception
/**
* Checks that the correct permission checking occurs on fetching
* calendar listings (which go through canned queries)
* TODO FIX
*/
public void DISABLEDcalendarListingPermissionsChecking() throws Exception
{
PagingRequest paging = new PagingRequest(10);
PagingResults<CalendarEntry> results;
// TODO This shouldn't be needed...
PERMISSION_SERVICE.clearPermission(ALTERNATE_CALENDAR_SITE.getNodeRef(), TEST_USER);
System.err.println(PERMISSION_SERVICE.getPermissions(ALTERNATE_CALENDAR_SITE.getNodeRef()));
System.err.println(PERMISSION_SERVICE.getAllSetPermissions(ALTERNATE_CALENDAR_SITE.getNodeRef()));
System.err.println(NODE_SERVICE.getChildAssocs(ALTERNATE_CALENDAR_SITE.getNodeRef()));
System.err.println(PUBLIC_NODE_SERVICE.getChildAssocs(ALTERNATE_CALENDAR_SITE.getNodeRef()));
// Nothing to start with in either site
results = CALENDAR_SERVICE.listCalendarEntries(CALENDAR_SITE.getShortName(), paging);
// assertEquals(0, results.getPage().size());
results = CALENDAR_SERVICE.listCalendarEntries(ALTERNATE_CALENDAR_SITE.getShortName(), paging);
assertEquals(0, results.getPage().size());
// Double check that we're only allowed to see the 1st site
assertEquals(true, SITE_SERVICE.isMember(CALENDAR_SITE.getShortName(), TEST_USER));
assertEquals(false, SITE_SERVICE.isMember(ALTERNATE_CALENDAR_SITE.getShortName(), TEST_USER));
assertEquals(AccessStatus.ALLOWED, PERMISSION_SERVICE.hasReadPermission(CALENDAR_SITE.getNodeRef()));
assertEquals(AccessStatus.DENIED, PERMISSION_SERVICE.hasReadPermission(ALTERNATE_CALENDAR_SITE.getNodeRef()));
// Add two events to one site and three to the other
CALENDAR_SERVICE.createCalendarEntry(CALENDAR_SITE.getShortName(), new CalendarEntryDTO(
"TitleA", "Description", "Location", new Date(1302431400), new Date(1302435000)
));
CALENDAR_SERVICE.createCalendarEntry(CALENDAR_SITE.getShortName(), new CalendarEntryDTO(
"TitleB", "Description", "Location", new Date(1302431400), new Date(1302442200)
));
CALENDAR_SERVICE.createCalendarEntry(ALTERNATE_CALENDAR_SITE.getShortName(), new CalendarEntryDTO(
"PrivateTitleA", "Description", "Location", new Date(1302431400), new Date(1302435000)
));
CALENDAR_SERVICE.createCalendarEntry(ALTERNATE_CALENDAR_SITE.getShortName(), new CalendarEntryDTO(
"PrivateTitleB", "Description", "Location", new Date(1302431400), new Date(1302442200)
));
NodeRef priv3 = CALENDAR_SERVICE.createCalendarEntry(ALTERNATE_CALENDAR_SITE.getShortName(), new CalendarEntryDTO(
"PrivateTitleC", "Description", "Location", new Date(1302431400), new Date(1302442200)
)).getNodeRef();
// Check again, as we're not in the 2nd site won't see any there
results = CALENDAR_SERVICE.listCalendarEntries(CALENDAR_SITE.getShortName(), paging);
assertEquals(2, results.getPage().size());
results = CALENDAR_SERVICE.listCalendarEntries(ALTERNATE_CALENDAR_SITE.getShortName(), paging);
assertEquals(0, results.getPage().size());
// Join the site, now we can see both
SITE_SERVICE.setMembership(ALTERNATE_CALENDAR_SITE.getShortName(), TEST_USER, SiteModel.SITE_CONTRIBUTOR);
results = CALENDAR_SERVICE.listCalendarEntries(CALENDAR_SITE.getShortName(), paging);
assertEquals(2, results.getPage().size());
results = CALENDAR_SERVICE.listCalendarEntries(ALTERNATE_CALENDAR_SITE.getShortName(), paging);
assertEquals(3, results.getPage().size());
// Explicitly remove their permissions from one node, check it vanishes from the list
PERMISSION_SERVICE.setInheritParentPermissions(priv3, false);
PERMISSION_SERVICE.clearPermission(priv3, TEST_USER);
results = CALENDAR_SERVICE.listCalendarEntries(CALENDAR_SITE.getShortName(), paging);
assertEquals(2, results.getPage().size());
results = CALENDAR_SERVICE.listCalendarEntries(ALTERNATE_CALENDAR_SITE.getShortName(), paging);
assertEquals(2, results.getPage().size());
// Leave, they go away again
SITE_SERVICE.removeMembership(ALTERNATE_CALENDAR_SITE.getShortName(), TEST_USER);
results = CALENDAR_SERVICE.listCalendarEntries(CALENDAR_SITE.getShortName(), paging);
assertEquals(2, results.getPage().size());
results = CALENDAR_SERVICE.listCalendarEntries(ALTERNATE_CALENDAR_SITE.getShortName(), paging);
assertEquals(0, results.getPage().size());
// Tidy
paging = new PagingRequest(10);
results = CALENDAR_SERVICE.listCalendarEntries(CALENDAR_SITE.getShortName(), paging);
for(CalendarEntry entry : results.getPage())
{
testNodesToTidy.add(entry.getNodeRef());
}
}
private static void createTestSites() throws Exception
{
CALENDAR_SITE = TRANSACTION_HELPER.doInTransaction(new RetryingTransactionHelper.RetryingTransactionCallback<SiteInfo>()
{
@Override
public SiteInfo execute() throws Throwable
{
SiteInfo site = SITE_SERVICE.createSite(TEST_SITE_PREFIX, CalendarServiceImplTest.class.getSimpleName() + "_testSite" + System.currentTimeMillis(),
"test site title", "test site description", SiteVisibility.PUBLIC);
SiteInfo site = SITE_SERVICE.createSite(
TEST_SITE_PREFIX,
CalendarServiceImplTest.class.getSimpleName() + "_testSite" + System.currentTimeMillis(),
"test site title", "test site description",
SiteVisibility.PUBLIC
);
CLASS_TEST_NODES_TO_TIDY.add(site.getNodeRef());
return site;
}
});
// Create the alternate site as admin
AuthenticationUtil.setFullyAuthenticatedUser(ADMIN_USER);
ALTERNATE_CALENDAR_SITE = TRANSACTION_HELPER.doInTransaction(new RetryingTransactionHelper.RetryingTransactionCallback<SiteInfo>()
{
@Override
public SiteInfo execute() throws Throwable
{
SiteInfo site = SITE_SERVICE.createSite(
TEST_SITE_PREFIX,
CalendarServiceImplTest.class.getSimpleName() + "_testAltSite" + System.currentTimeMillis(),
"alternate site title", "alternate site description",
SiteVisibility.PRIVATE
);
SITE_SERVICE.createContainer(
site.getShortName(), CalendarServiceImpl.CALENDAR_COMPONENT, null, null
);
CLASS_TEST_NODES_TO_TIDY.add(site.getNodeRef());
return site;
}
});
AuthenticationUtil.setFullyAuthenticatedUser(TEST_USER);
}
/**