Changed metadata encryption to have a new dictionary type: d:encrypted

- Properties have to be encrypted and decrypted in code using MetadataEncryptor ('metadataEncryptor')
   - No conversion, encryption or decryption is done by Alfresco
   - Unencrypted values cannot be persisted and get thrown out
   - ALF-8646: RINF 38: Text data encryption
   - ALF-8956: RINF 38: Encryption key password specified by installer
   - ALF-9055: RINF 38: Support encryption against existing data


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@28480 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Derek Hulley
2011-06-20 11:50:37 +00:00
parent dc3139bef7
commit 1714397cac
31 changed files with 426 additions and 456 deletions

View File

@@ -32,7 +32,6 @@ import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.repo.domain.contentdata.ContentDataDAO;
import org.alfresco.repo.domain.locale.LocaleDAO;
import org.alfresco.repo.domain.qname.QNameDAO;
import org.alfresco.repo.security.encryption.Encryptor;
import org.alfresco.service.cmr.dictionary.DataTypeDefinition;
import org.alfresco.service.cmr.dictionary.DictionaryException;
import org.alfresco.service.cmr.dictionary.DictionaryService;
@@ -59,7 +58,6 @@ public class NodePropertyHelper
private static final Log logger = LogFactory.getLog(NodePropertyHelper.class);
private final DictionaryService dictionaryService;
private final Encryptor encryptor;
private final QNameDAO qnameDAO;
private final LocaleDAO localeDAO;
private final ContentDataDAO contentDataDAO;
@@ -71,14 +69,12 @@ public class NodePropertyHelper
DictionaryService dictionaryService,
QNameDAO qnameDAO,
LocaleDAO localeDAO,
ContentDataDAO contentDataDAO,
Encryptor encryptor)
ContentDataDAO contentDataDAO)
{
this.dictionaryService = dictionaryService;
this.qnameDAO = qnameDAO;
this.localeDAO = localeDAO;
this.contentDataDAO = contentDataDAO;
this.encryptor = encryptor;
}
public Map<NodePropertyKey, NodePropertyValue> convertToPersistentProperties(Map<QName, Serializable> in)
@@ -147,19 +143,16 @@ public class NodePropertyHelper
// Get or spoof the property datatype
QName propertyTypeQName;
boolean isEncrypted;
if (propertyDef == null) // property not recognised
{
// allow it for now - persisting excess properties can be useful sometimes
propertyTypeQName = DataTypeDefinition.ANY;
isEncrypted = false;
}
else
{
propertyTypeQName = propertyDef.getDataType().getName();
isEncrypted = propertyDef.isEncrypted();
}
// A property may appear to be multi-valued if the model definition is loose and
// an unexploded collection is passed in. Otherwise, use the model-defined behaviour
// strictly.
@@ -651,17 +644,14 @@ public class NodePropertyHelper
}
// get property attributes
final QName propertyTypeQName;
boolean isEncrypted;
if (propertyDef == null)
{
// allow this for now
propertyTypeQName = DataTypeDefinition.ANY;
isEncrypted = false;
}
else
{
propertyTypeQName = propertyDef.getDataType().getName();
isEncrypted = propertyDef.isEncrypted();
}
try
{