Merged V3.2 to HEAD:

19472: ALF-725: Revert to using jTDS JDBC driver for SQL Server in 3.2 SP1, since the Microsoft driver doesn't work with the v3.2.r iBATIS stuff - All example/installer alfresco-global.properties updated - Wiki updated http://wiki.alfresco.com/wiki/Database_Configuration#MS-SQL_Databases - Logged doc bug ALF-2144 and release note bug ALF-2145 19501:Merged DEV/BELARUS/V3.2-2010_02_24 to V3.2 (with corrections) 19243: ALF-757: Cannot start up on JBoss 5.1 due to audit configuration error - Removed getPath() method because it is incompatible with JBoss and other app servers where resources can't be resolved to a file - Now use Spring ResourceLoader instead of creating FileInputStream - getLastModified() still returned where the resource resolves to a file; otherwise the server startup time 19503: (RECORD ONLY) ALF-2100: Merged HEAD to V3.2 19155: ALF-1995: Removed remaining direct dependencies on portlet API from Alfresco Explorer classes - Moved into AlfrescoFacesPortlet - portlet.jar was removed from alfresco.war for Liferay compatibility 19506: Merged PATCHES/V3.1.2 to V3.2 19218: (RECORD ONLY) Created hotfix branch off TAGS/ENTERPRISE/V3.1.2 19229: (RECORD ONLY) Merged V3.1 to V3.1.2 18577: Fix for ETHREEOH-4117, based on CHK-11154 19341: Merged DEV/BELARUS/V3.1-2010_02_05 to PATCHES/V3.1.2 (with corrections) 19156: ALF-1906: splitPersonCleanUpBootstrapBean is not able to remove duplicated users Also - improved detection of 'split' persons - added unit tests for person splitting and deleting - fixed duplicate person caching and sorting problems - prevented onUpdateProperties from firing needlessly in PersonServiceImpl and AuthorityDAOImpl when persons and authorities are created initially 19342: (RECORD ONLY) Incremented version number 19508: Merged PATCHES/V3.2.0 to V3.2 18762: (RECORD ONLY) Created hotfix branch off V3.2.0-ENTERPRISE-FINAL 18789: (RECORD ONLY) Merged BRANCHES/V3.2:r17905,18254,18319 to PATCHES/V3.2.0 r17905 | markr | 2010-01-06 16:55:12 +0000 (Wed, 06 Jan 2010) | 3 lines ETHREEOH-3809 - WCM - First test server deploy fails. added yet another transaction to read the previous snapshot transaction. added a new system test based upon the WCM services. The beginnings of testing against layered authored sandboxes. r18254 | janv | 2010-01-22 18:15:43 +0000 (Fri, 22 Jan 2010) | 1 line WCM/AVM - ETHREEOH-2057 (Submitting WCM Content through WF JSF Error - due to AVM Sync issue) r18319 | royw | 2010-01-27 12:18:27 +0000 (Wed, 27 Jan 2010) | 4 lines Merged BRANCHES/DEV/BELARUS/V3.2-2010_01_11 to V3.2 18273: ETHREEOH-3834: WCM: An extral .xml.html file is created when editing newly created content 18822: (RECORD ONLY) Merged DEV_TEMPORARY to PATCHES/V3.2.0 18478: SAP XForms errors - ACT 15969 18699: ETHREEOH-4171: HTTP 500 when filling in a WCM webform - ACT 15969 18842: (RECORD ONLY) Merged V3.2 to PATCHES/V3.2.0 18701: Merged DEV_TEMPORARY to V3.2 18693 : ETHREEOH-4182: ASR deployer fails to set the contentUrl of documents on the target system - Merged in fix related to closing output streams. - Increased coverage of unit test. 18854: (RECORD ONLY) Merged V3.2 to V3.2.0 18019: ETHREEOH-3770: LDAP sync now supports attribute range retrieval to get around limits imposed by Active Directory on multi-valued attributes - Meant that groups with more than 1000 members were getting truncated in Active Directory - Now switched on in ldap-ad and off in ldap subsystem - Also switched off result set paging in ldap subsystem by default for wider compatibility with non-AD systems 18272: Merged DEV/BELARUS/V3.2-2010_01_11 to V3.2 18257: ETHREEOH-4002: User/Group sync does not handle LDAP communication failures - Merged with corrections 18276: ETHREEOH-4002: Correction to previous checkin - modification dates are only persisted after successful processing of users and groups, so need to delete them on comms failure 18340: ETHREEOH-4069: LDAP sync cannot resolve DNs containing a slash character - Due to JNDI interpreting the slash character as a separator 18403: ETHREEOH-4008: LDAP sync should preserve case of group members - Was incorrectly extracting attributes from lower-cased DN 18846: ETHREEOH-4233: LDAP sync now synchronizes group display names - New ldap.synchronization.groupDisplayNameAttributeName property provides name of LDAP attribute 18877: (RECORD ONLY) Merged /alfresco/BRANCHES/V3.2:r18616 r18616 | markr | 2010-02-12 14:08:52 +0000 (Fri, 12 Feb 2010) | 1 line ETHREEOH-4181 - Access denied exception when deploying via avm deployment receiver 19319: ALF-2043: User ID case sensitivity issues with Sharepoint Connector and External Authentication Subsystem - DefaultRemoteUserMapper and AlfrescoUserGroupServiceHandler should use personService.getUserIdentifier() to 'normalize' a username according to case sensitivity settings - NtlmAuthenticationHandler should also leave the normalization to personService 19320: (RECORD ONLY) Incremented version label 19380: ALF-2043: Revisit user ID case sensitivity in DefaultRemoteUserMapper - Has to use public PersonService in case it is accessed outside of a transaction - Fixed regular expression matching - Added unit tests to try out all the remote user mapper options 19509: Merged PATCHES/V3.2.r to V3.2 18803: (RECORD ONLY) Created hotfix branch off V3.2.r-ENTERPRISE-FINAL 18833: (RECORD ONLY) Turn on Repo Doclib by default 19054: (RECORD ONLY) Merging V3.2 to PATCHES/V3.2.r 18787: MT: fix ETHREEOH-4125 - authority migration / batch processor (when upgrading groups from 3.1 to 3.2) 19358: (RECORD ONLY) Merged DEV/BELARUS/V3.2-2010_01_11 to PATCHES/V3.2.r 18699: ETHREEOH-4171: HTTP 500 when filling in a WCM webform 19447: (RECORD ONLY) Incremented version label 19518: ALF-757: Corrected audit config resource URL so that it resolves inside Tomcat as well as JUnit! 19525: ALF-708: Use BatchProcessor to process duplicate persons in small batches in SplitPersonCleanupBootstrapBean - Even tested in a unit test! git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@19536 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-08-07 17:49:17 +00:00 · 2010-03-24 13:49:03 +00:00
parent e9474e4764
commit 174fd8fd77
10 changed files with 298 additions and 55 deletions
--- a/source/java/org/alfresco/repo/security/person/PersonServiceImpl.java
+++ b/source/java/org/alfresco/repo/security/person/PersonServiceImpl.java
@@ -355,8 +355,6 @@ public class PersonServiceImpl extends TransactionListenerAdapter implements Per
                    QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, searchUserName.toLowerCase()),
                    false);
            allRefs = new LinkedHashSet<NodeRef>(childRefs.size() * 2);
-            // add to cache
-            personCache.put(cacheKey, allRefs);

            for (ChildAssociationRef childRef : childRefs)
            {
@@ -382,6 +380,9 @@ public class PersonServiceImpl extends TransactionListenerAdapter implements Per
        else if (refs.size() == 1)
        {
            returnRef = refs.get(0);
+
+            // Don't bother caching unless we get a result that doesn't need duplicate processing
+            personCache.put(cacheKey, allRefs);            
        }
        return returnRef;
    }
@@ -411,6 +412,7 @@ public class PersonServiceImpl extends TransactionListenerAdapter implements Per
    }

    private static final String KEY_POST_TXN_DUPLICATES = "PersonServiceImpl.KEY_POST_TXN_DUPLICATES";
+    private static final String KEY_ALLOW_UID_UPDATE  = "PersonServiceImpl.KEY_ALLOW_UID_UPDATE";

    /**
     * Get the txn-bound usernames that need cleaning up
@@ -455,6 +457,8 @@ public class PersonServiceImpl extends TransactionListenerAdapter implements Per

                if (duplicateMode.equalsIgnoreCase(SPLIT))
                {
+                    // Allow UIDs to be updated in this transaction
+                    AlfrescoTransactionSupport.bindResource(KEY_ALLOW_UID_UPDATE, Boolean.TRUE);
                    split(postTxnDuplicates);
                    s_logger.info("Split duplicate person objects");
                }
@@ -497,13 +501,15 @@ public class PersonServiceImpl extends TransactionListenerAdapter implements Per

    private NodeRef findBest(List<NodeRef> refs)
    {
+        // Given that we might not have audit attributes, use the assumption that the node ID increases to sort the
+        // nodes
        if (lastIsBest)
        {
-            Collections.sort(refs, new CreationDateComparator(nodeService, false));
+            Collections.sort(refs, new NodeIdComparator(nodeService, false));
        }
        else
        {
-            Collections.sort(refs, new CreationDateComparator(nodeService, true));
+            Collections.sort(refs, new NodeIdComparator(nodeService, true));
        }

        NodeRef fallBack = null;
@@ -775,6 +781,7 @@ public class PersonServiceImpl extends TransactionListenerAdapter implements Per
        {
            nodeService.deleteNode(personNodeRef);
        }
+        personCache.remove(userName.toLowerCase());
    }

    public Set<NodeRef> getAllPeople()
@@ -845,6 +852,7 @@ public class PersonServiceImpl extends TransactionListenerAdapter implements Per
    {
        NodeRef personRef = childAssocRef.getChildRef();
        String username = (String) this.nodeService.getProperty(personRef, ContentModel.PROP_USERNAME);
+        personCache.remove(username.toLowerCase());
        permissionsManager.setPermissions(personRef, username, username);

        // Make sure there is an authority entry - with a DB constraint for uniqueness
@@ -936,13 +944,13 @@ public class PersonServiceImpl extends TransactionListenerAdapter implements Per
        return null;
    }

-    public static class CreationDateComparator implements Comparator<NodeRef>
+    public static class NodeIdComparator implements Comparator<NodeRef>
    {
        private NodeService nodeService;

        boolean ascending;

-        CreationDateComparator(NodeService nodeService, boolean ascending)
+        NodeIdComparator(NodeService nodeService, boolean ascending)
        {
            this.nodeService = nodeService;
            this.ascending = ascending;
@@ -950,14 +958,14 @@ public class PersonServiceImpl extends TransactionListenerAdapter implements Per

        public int compare(NodeRef first, NodeRef second)
        {
-            Date firstDate = DefaultTypeConverter.INSTANCE.convert(Date.class, nodeService.getProperty(first, ContentModel.PROP_CREATED));
-            Date secondDate = DefaultTypeConverter.INSTANCE.convert(Date.class, nodeService.getProperty(second, ContentModel.PROP_CREATED));
+            Long firstId = DefaultTypeConverter.INSTANCE.convert(Long.class, nodeService.getProperty(first, ContentModel.PROP_NODE_DBID));
+            Long secondId = DefaultTypeConverter.INSTANCE.convert(Long.class, nodeService.getProperty(second, ContentModel.PROP_NODE_DBID));

-            if (firstDate != null)
+            if (firstId != null)
            {
-                if (secondDate != null)
+                if (secondId != null)
                {
-                    return firstDate.compareTo(secondDate) * (ascending ? 1 : -1);
+                    return firstId.compareTo(secondId) * (ascending ? 1 : -1);
                }
                else
                {
@@ -966,7 +974,7 @@ public class PersonServiceImpl extends TransactionListenerAdapter implements Per
            }
            else
            {
-                if (secondDate != null)
+                if (secondId != null)
                {
                    return ascending ? 1 : -1;
                }
@@ -996,22 +1004,39 @@ public class PersonServiceImpl extends TransactionListenerAdapter implements Per
    public void onUpdateProperties(NodeRef nodeRef, Map<QName, Serializable> before, Map<QName, Serializable> after)
    {
        String uidBefore = DefaultTypeConverter.INSTANCE.convert(String.class, before.get(ContentModel.PROP_USERNAME));
+        if (uidBefore == null)
+        {
+            // Node has just been created; nothing to do
+            return;
+        }
        String uidAfter = DefaultTypeConverter.INSTANCE.convert(String.class, after.get(ContentModel.PROP_USERNAME));
        if (!EqualsHelper.nullSafeEquals(uidBefore, uidAfter))
        {
-            if ((uidBefore == null) || uidBefore.equalsIgnoreCase(uidAfter))
+            // Only allow UID update if we are in the special split processing txn or we are just changing case
+            if (AlfrescoTransactionSupport.getResource(KEY_ALLOW_UID_UPDATE) != null || uidBefore.equalsIgnoreCase(uidAfter))
            {
                // Fix any ACLs
                aclDao.updateAuthority(uidBefore, uidAfter);
+
                // Fix primary association local name
                QName newAssocQName = QName.createQName("cm", uidAfter.toLowerCase(), namespacePrefixResolver);
                ChildAssociationRef assoc = nodeService.getPrimaryParent(nodeRef);
                nodeService.moveNode(nodeRef, assoc.getParentRef(), assoc.getTypeQName(), newAssocQName);
-                // Fix cache
-                if (uidBefore != null)
+                
+                // Fix other non-case sensitive parent associations
+                QName oldAssocQName = QName.createQName("cm", uidBefore, namespacePrefixResolver);
+                newAssocQName = QName.createQName("cm", uidAfter, namespacePrefixResolver);
+                for (ChildAssociationRef parent : nodeService.getParentAssocs(nodeRef))
                {
-                    personCache.remove(uidBefore.toLowerCase());
+                    if (!parent.isPrimary() && parent.getQName().equals(oldAssocQName))
+                    {
+                        nodeService.removeChildAssociation(parent);
+                        nodeService.addChild(parent.getParentRef(), parent.getChildRef(), parent.getTypeQName(), newAssocQName);
+                    }
                }
+
+                // Fix cache
+                personCache.remove(uidBefore.toLowerCase());
            }
            else
            {