diff --git a/config/alfresco/public-services-security-context.xml b/config/alfresco/public-services-security-context.xml index 0904040a62..a747146dfb 100644 --- a/config/alfresco/public-services-security-context.xml +++ b/config/alfresco/public-services-security-context.xml @@ -694,6 +694,7 @@ org.alfresco.service.cmr.security.AuthorityService.getAuthorities=ACL_ALLOW org.alfresco.service.cmr.security.AuthorityService.getAllAuthorities=ACL_ALLOW org.alfresco.service.cmr.security.AuthorityService.getAllRootAuthorities=ACL_ALLOW + org.alfresco.service.cmr.security.AuthorityService.findAuthoritiesByShortName=ACL_ALLOW org.alfresco.service.cmr.security.AuthorityService.findAuthorities=ACL_ALLOW org.alfresco.service.cmr.security.AuthorityService.createAuthority=ACL_METHOD.ROLE_ADMINISTRATOR org.alfresco.service.cmr.security.AuthorityService.addAuthority=ACL_METHOD.ROLE_ADMINISTRATOR @@ -703,7 +704,7 @@ org.alfresco.service.cmr.security.AuthorityService.getContainingAuthorities=ACL_ALLOW org.alfresco.service.cmr.security.AuthorityService.getShortName=ACL_ALLOW org.alfresco.service.cmr.security.AuthorityService.getName=ACL_ALLOW - org.alfresco.service.cmr.security.AuthorityService.authorityExists=ACL_METHOD.ROLE_ADMINISTRATOR + org.alfresco.service.cmr.security.AuthorityService.authorityExists=ACL_ALLOW org.alfresco.service.cmr.security.AuthorityService.getAuthoritiesForUser=ACL_METHOD.ROLE_ADMINISTRATOR org.alfresco.service.cmr.security.AuthorityService.setAuthorityDisplayName=ACL_METHOD.ROLE_ADMINISTRATOR org.alfresco.service.cmr.security.AuthorityService.getAuthorityDisplayName=ACL_ALLOW diff --git a/source/java/org/alfresco/repo/security/authority/AuthorityServiceImpl.java b/source/java/org/alfresco/repo/security/authority/AuthorityServiceImpl.java index 40f5fd398e..5a4250ecae 100644 --- a/source/java/org/alfresco/repo/security/authority/AuthorityServiceImpl.java +++ b/source/java/org/alfresco/repo/security/authority/AuthorityServiceImpl.java @@ -256,6 +256,13 @@ public class AuthorityServiceImpl implements AuthorityService, InitializingBean } return authorities; } + + + public Set findAuthoritiesByShortName(AuthorityType type, String shortNamePattern) + { + String fullNamePattern = getName(type, shortNamePattern); + return findAuthorities(type, fullNamePattern); + } public void addAuthority(String parentName, String childName) { diff --git a/source/java/org/alfresco/repo/security/authority/SimpleAuthorityServiceImpl.java b/source/java/org/alfresco/repo/security/authority/SimpleAuthorityServiceImpl.java index f11d5e0159..21b080506d 100644 --- a/source/java/org/alfresco/repo/security/authority/SimpleAuthorityServiceImpl.java +++ b/source/java/org/alfresco/repo/security/authority/SimpleAuthorityServiceImpl.java @@ -284,4 +284,11 @@ public class SimpleAuthorityServiceImpl implements AuthorityService } + public Set findAuthoritiesByShortName(AuthorityType type, + String shortNamePattern) + { + String fullNamePattern = getName(type, shortNamePattern); + return findAuthorities(type, fullNamePattern); + } + } diff --git a/source/java/org/alfresco/repo/security/authority/script/ScriptAuthorityService.java b/source/java/org/alfresco/repo/security/authority/script/ScriptAuthorityService.java index 01e9d67739..a451a8615c 100644 --- a/source/java/org/alfresco/repo/security/authority/script/ScriptAuthorityService.java +++ b/source/java/org/alfresco/repo/security/authority/script/ScriptAuthorityService.java @@ -24,16 +24,13 @@ */ package org.alfresco.repo.security.authority.script; -import java.util.List; +import java.util.LinkedHashSet; import java.util.Set; import org.alfresco.repo.jscript.BaseScopableProcessorExtension; import org.alfresco.service.cmr.security.AuthorityService; import org.alfresco.service.cmr.security.AuthorityType; - - - /** * Script object representing the authority service. * @@ -59,11 +56,17 @@ public class ScriptAuthorityService extends BaseScopableProcessorExtension * Search the root groups, those without a parent group. * @return The root groups (empty if there are no root groups) */ - public ScriptGroup[] searchRootGroups(String pattern, boolean includeInternal) + public ScriptGroup[] searchRootGroups(String shortNamePattern, boolean includeInternal) { - ScriptGroup[] groups = new ScriptGroup[0]; + Set groups = new LinkedHashSet(0); Set authorities = authorityService.getAllRootAuthorities(AuthorityType.GROUP); - return groups; + for(String authority : authorities) + { + ScriptGroup group = new ScriptGroup(authority, authorityService); + groups.add(group); + + } + return groups.toArray(new ScriptGroup[groups.size()]); } /** @@ -72,20 +75,34 @@ public class ScriptAuthorityService extends BaseScopableProcessorExtension */ public ScriptGroup[] getAllRootGroups(boolean includeInternal) { - ScriptGroup[] groups = new ScriptGroup[0]; + Set groups = new LinkedHashSet(0); Set authorities = authorityService.getAllRootAuthorities(AuthorityType.GROUP); - return groups; + for(String authority : authorities) + { + ScriptGroup group = new ScriptGroup(authority, authorityService); + groups.add(group); + + } + return groups.toArray(new ScriptGroup[groups.size()]); } /** * Get a group given its short name * @param shortName - * @return + * @return the authority or null if it can't be found */ public ScriptGroup getGroup(String shortName) { - Set authorities = authorityService.findAuthorities(AuthorityType.GROUP, shortName); - return new ScriptGroup(); + + String fullName = authorityService.getName(AuthorityType.GROUP, shortName); + + if (authorityService.authorityExists(fullName)) + { + ScriptGroup group = new ScriptGroup(fullName, authorityService); + return group; + } + // group not found. + return null; } /** @@ -94,23 +111,28 @@ public class ScriptAuthorityService extends BaseScopableProcessorExtension */ public ScriptGroup createRootGroup(String shortName, String displayName) { - String newName = authorityService.createAuthority(AuthorityType.GROUP, null, shortName, displayName); - - return new ScriptGroup(); + authorityService.createAuthority(AuthorityType.GROUP, null, shortName, displayName); + return getGroup(shortName); } /** * Search for groups * - * @param shortNameFilter partial match on shortName (* and ?) work. if empty then matches everything. + * @param shortNameFilter partial match on shortName (* and ?) work. If empty then matches everything. * @param includeInternal * @return the groups matching the query */ - public ScriptGroup[] listGroups(String shortNameFilter, boolean includeInternal) + public ScriptGroup[] searchGroups(String shortNameFilter, boolean includeInternal) { - ScriptGroup[] groups = new ScriptGroup[0]; - Set authorities = authorityService.findAuthorities(AuthorityType.GROUP, shortNameFilter); - return groups; + Set groups = new LinkedHashSet(0); + Set authorities = authorityService.findAuthoritiesByShortName(AuthorityType.GROUP, shortNameFilter); + for(String authority : authorities) + { + ScriptGroup group = new ScriptGroup(authority, authorityService); + groups.add(group); + + } + return groups.toArray(new ScriptGroup[groups.size()]); } } diff --git a/source/java/org/alfresco/repo/security/authority/script/ScriptGroup.java b/source/java/org/alfresco/repo/security/authority/script/ScriptGroup.java index 622411cb99..c3c3059d26 100644 --- a/source/java/org/alfresco/repo/security/authority/script/ScriptGroup.java +++ b/source/java/org/alfresco/repo/security/authority/script/ScriptGroup.java @@ -26,6 +26,7 @@ package org.alfresco.repo.security.authority.script; import java.io.Serializable; +import java.util.LinkedHashSet; import java.util.Set; import org.alfresco.repo.security.authority.script.Authority.ScriptAuthorityType; @@ -38,11 +39,29 @@ import org.alfresco.service.cmr.security.AuthorityType; */ public class ScriptGroup implements Authority, Serializable { + /** + * + */ + private static final long serialVersionUID = 6073732221341647273L; + /** + * + */ private transient AuthorityService authorityService; private ScriptAuthorityType authorityType = ScriptAuthorityType.GROUP; private String shortName; private String fullName; private String displayName; + private boolean isAdmin; + // how to calculate this private boolean isInternal; + + public ScriptGroup(String fullName, AuthorityService authorityService) + { + this.authorityService = authorityService; + this.fullName = fullName; + shortName = authorityService.getShortName(fullName); + displayName = authorityService.getAuthorityDisplayName(fullName); + isAdmin = authorityService.isAdminAuthority(fullName); + } /** * Delete this group @@ -52,14 +71,6 @@ public class ScriptGroup implements Authority, Serializable authorityService.deleteAuthority(fullName); } - /** - * Get the parents of this group. - */ - ScriptGroup[] getParents() - { - return null; - } - public void setAuthorityType(ScriptAuthorityType authorityType) { this.authorityType = authorityType; } @@ -95,32 +106,138 @@ public class ScriptGroup implements Authority, Serializable /** * Get child groups of this group */ - ScriptUser[] getUsers() + private ScriptUser[] childUsers; + public ScriptUser[] getChildUsers() { - Set users = authorityService.getContainedAuthorities(AuthorityType.USER, fullName, true); - //TODO - return null; + if(childUsers == null) + { + Set children = authorityService.getContainedAuthorities(AuthorityType.USER, fullName, true); + Set users = new LinkedHashSet(); + for(String authority : children) + { + ScriptUser user = new ScriptUser(authority, authorityService); + users.add(user); + } + childUsers = users.toArray(new ScriptUser[users.size()]); + } + return childUsers; } /** * Get child groups of this group */ - ScriptGroup[] getChildGroups() + public ScriptGroup[] getChildGroups() { Set children = authorityService.getContainedAuthorities(AuthorityType.GROUP, fullName, true); - //TODO - - return null; + Set groups = new LinkedHashSet(); + for(String authority : children) + { + ScriptGroup group = new ScriptGroup(authority, authorityService); + groups.add(group); + + } + return groups.toArray(new ScriptGroup[groups.size()]); } /** * Get the parents of this this group */ - ScriptGroup[] getParentGroups() + private ScriptGroup[] parentCache; + + public ScriptGroup[] getParentGroups() { - Set parents = authorityService.getContainingAuthorities(AuthorityType.GROUP, fullName, true); - //TODO - return null; + if(parentCache == null) + { + Set parents = authorityService.getContainingAuthorities(AuthorityType.GROUP, fullName, true); + Set groups = new LinkedHashSet(); + for(String authority : parents) + { + ScriptGroup group = new ScriptGroup(authority, authorityService); + groups.add(group); + + } + parentCache = groups.toArray(new ScriptGroup[groups.size()]); + } + return parentCache; } + + /** + * Get all the parents of this this group + */ + public ScriptGroup[] getAllParentGroups() + { + Set parents = authorityService.getContainingAuthorities(AuthorityType.GROUP, fullName, false); + Set groups = new LinkedHashSet(); + for(String authority : parents) + { + ScriptGroup group = new ScriptGroup(authority, authorityService); + groups.add(group); + + } + return groups.toArray(new ScriptGroup[groups.size()]); + } + + /** + * Get all the children of this group, regardless of type + */ + public Authority[] getAllChildren() + { + Authority[] groups = getChildGroups(); + Authority[] users = getChildUsers(); + + Authority[] ret = new Authority[groups.length + users.length]; + System.arraycopy(groups, 0, ret, 0, groups.length); + System.arraycopy(users, 0, ret, groups.length, users.length); + return ret; + } + + /** + * Is this a root group? + * @return + */ + public boolean isRootGroup() + { + ScriptGroup[] groups = getParentGroups(); + return (groups.length == 0); + } + + /** + * Is this an admin group? + * @return + */ + public boolean isAdminGroup() + { + return this.isAdmin; + } + + /** + * Is this an internal group? + * @return + */ + public boolean isInternalGroup() + { + //TODO Not yet implemeted + return true; + } + + /** + * Get the number of users contained within this group. + * @return the number of users contained within this group. + */ + public int getUserCount() + { + ScriptUser[] users = getChildUsers(); + return users.length; + } + + /** + * Get the number of child groups contained within this group. + * @return the number of child groups contained within this group. + */ + public int getGroupCount() + { + ScriptGroup[] groups = getChildGroups(); + return groups.length; + } } diff --git a/source/java/org/alfresco/repo/security/authority/script/ScriptUser.java b/source/java/org/alfresco/repo/security/authority/script/ScriptUser.java index afd5517b1e..ab326d4738 100644 --- a/source/java/org/alfresco/repo/security/authority/script/ScriptUser.java +++ b/source/java/org/alfresco/repo/security/authority/script/ScriptUser.java @@ -42,6 +42,15 @@ public class ScriptUser implements Authority, Serializable private String fullName; private String displayName; + public ScriptUser(String fullName, AuthorityService authorityService) + { + this.authorityService = authorityService; + this.fullName = fullName; + shortName = authorityService.getShortName(fullName); + displayName = authorityService.getAuthorityDisplayName(fullName); + //isInternal = authorityService. + } + public void setAuthorityType(ScriptAuthorityType authorityType) { this.authorityType = authorityType; } diff --git a/source/java/org/alfresco/service/cmr/security/AuthorityService.java b/source/java/org/alfresco/service/cmr/security/AuthorityService.java index 301a2a23b6..d5831e191a 100644 --- a/source/java/org/alfresco/service/cmr/security/AuthorityService.java +++ b/source/java/org/alfresco/service/cmr/security/AuthorityService.java @@ -70,7 +70,7 @@ public interface AuthorityService /** * Get the authorities for the current user * - * @return + * @return authorities for the current user */ @Auditable public Set getAuthorities(); @@ -86,16 +86,26 @@ public interface AuthorityService * * @param type - * the type of authorities. - * @return + * @return all authorities by type. */ @Auditable(parameters = {"type"}) public Set getAllAuthorities(AuthorityType type); + /** - * Find authorities by pattern matching (* and ?) + * Find authorities by pattern matching (* and ?) against the authority name. * @param type - the authority type - * @param namePattern - the pattern - * @return + * @param namePattern - the pattern which will be matched against the shortName. + * @return the names of the authorities matching the pattern and type. + */ + @Auditable(parameters = {"type"}) + public Set findAuthoritiesByShortName(AuthorityType type, String shortNamePattern); + + /** + * Find authorities by pattern matching (* and ?) against the full authority name. + * @param type - the authority type + * @param namePattern - the pattern which will be matched against the full authority name. + * @return the names of the authorites matching the pattern and type. */ @Auditable(parameters = {"type"}) public Set findAuthorities(AuthorityType type, String namePattern); @@ -107,7 +117,7 @@ public interface AuthorityService * * @param type - * the type of the authority - * @return + * @return all root authorities by type. */ @Auditable(parameters = {"type"}) public Set getAllRootAuthorities(AuthorityType type); @@ -119,7 +129,7 @@ public interface AuthorityService * @param type - * the type of the authority * @param parentName - - * the name of the parent authority. If this is null then a root + * the full name of the parent authority. If this is null then a root * authority is created. * @param shortName - * the short name of the authority to create @@ -132,20 +142,20 @@ public interface AuthorityService public String createAuthority(AuthorityType type, String parentName, String shortName); /** - * Create an authority. If the parent is null thisw method creates a root + * Create an authority. If the parent is null this method creates a root * authority. * * @param type - * the type of the authority * @param parentName - - * the name of the parent authority. If this is null then a root + * the full name of the parent authority. If this is null then a root * authority is created. * @param shortName - * the short name of the authority to create * @param authorityDisplayName * the display name for the authority * - * @return the name of the authority (this will be the prefix, if any + * @return the full name of the authority (this will be the prefix, if any * associated with the type appended with the short name) */ @Auditable(parameters = {"type", "parentName", "shortName", "authorityDisplayName"}) @@ -156,7 +166,7 @@ public interface AuthorityService * group to a group or adding a user to a group. * * @param parentName - - * the string identifier for the parent. + * the full name string identifier for the parent. * @param childName - * the string identifier for the child. */ @@ -245,7 +255,7 @@ public interface AuthorityService * Check if an authority exists. * * @param name (the long name). - * @return + * @return true, the authority exists. */ @Auditable(parameters = {"name"}) public boolean authorityExists(String name);