MNT-20764: Searches fail for users who are members of groups where the authorityName contains double quotes (#603)

* Implement MNT-20764 changes made in alfresco-repository version 8.178
2025-07-31 17:39:05 +00:00 · 2020-05-01 19:02:41 +01:00
parent 81eae47cce
commit 19ca722b12
5 changed files with 7 additions and 25 deletions
--- a/pom.xml
+++ b/pom.xml
@@ -37,8 +37,8 @@
        <dir.root>${project.build.directory}/alf_data</dir.root>
        <img.exe>convert</img.exe>

-        <dependency.alfresco-repository.version>8.174</dependency.alfresco-repository.version>
-        <dependency.alfresco-data-model.version>8.106</dependency.alfresco-data-model.version>
+        <dependency.alfresco-repository.version>8.178</dependency.alfresco-repository.version>
+        <dependency.alfresco-data-model.version>8.111</dependency.alfresco-data-model.version>
        <dependency.alfresco-core.version>8.32</dependency.alfresco-core.version>

        <dependency.alfresco-pdf-renderer.version>1.1</dependency.alfresco-pdf-renderer.version>
--- a/src/main/java/org/alfresco/rest/api/impl/GroupsImpl.java
+++ b/src/main/java/org/alfresco/rest/api/impl/GroupsImpl.java
@@ -87,7 +87,6 @@ public class GroupsImpl implements Groups
    private static final String DISPLAY_NAME = "displayName";
    private static final String AUTHORITY_NAME = "authorityName";
    private static final String ERR_MSG_MODIFY_FIXED_AUTHORITY = "Trying to modify a fixed authority";
-    private static final char[] illegalCharacters = {'/', '\\', '\r', '\n'};

    private final static Map<String, String> SORT_PARAMS_TO_NAMES;
    static
@@ -949,14 +948,6 @@ public class GroupsImpl implements Groups
                throw new InvalidArgumentException("groupId is null or empty");
            }

-            for (char illegalCharacter : illegalCharacters)
-            {
-                if (groupId.indexOf(illegalCharacter) != -1)
-                {
-                    throw new IllegalArgumentException("groupId contains characters that are not permitted: "+groupId.charAt(groupId.indexOf(illegalCharacter)));
-                }
-            }
-
            if (groupAuthorityExists(groupId))
            {
                throw new ConstraintViolatedException("Group '" + group.getId() + "' already exists.");
--- a/src/main/java/org/alfresco/rest/api/impl/PeopleImpl.java
+++ b/src/main/java/org/alfresco/rest/api/impl/PeopleImpl.java
@@ -111,7 +111,6 @@ public class PeopleImpl implements People
            PermissionService.GROUP_PREFIX,
            PermissionService.ROLE_PREFIX
    };
-    private static final char[] illegalCharacters = {'/', '\\', '\r', '\n'};

    protected Nodes nodes;
 	protected Sites sites;
@@ -670,14 +669,6 @@ public class PeopleImpl implements People
            throw new InvalidArgumentException("Username exceeds max length of " + USERNAME_MAXLENGTH + " characters.");
        }

-        for (char illegalCharacter : illegalCharacters)
-        {
-            if (username.indexOf(illegalCharacter) != -1)
-            {
-                throw new IllegalArgumentException("Username contains characters that are not permitted: "+username.charAt(username.indexOf(illegalCharacter)));
-            }
-        }
-
        for (String prefix : RESERVED_AUTHORITY_PREFIXES)
        {
            if (username.toUpperCase().startsWith(prefix))
--- a/src/test/java/org/alfresco/rest/api/tests/GroupsTest.java
+++ b/src/test/java/org/alfresco/rest/api/tests/GroupsTest.java
@@ -1450,11 +1450,11 @@ public class GroupsTest extends AbstractSingleNetworkSiteTest
            groupsProxy.createGroup(group, null, HttpServletResponse.SC_BAD_REQUEST);
        }

-        // Create group with an id that contains invalid characters ("/", "\", "\n", "\r") should return an error.
+        // Create group with an id that contains invalid characters {'/', '\\', '\n', '\r', '"'} should return an error.
        {
            setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD);

-            char[] invalidCharacters = {'/', '\\', '\n', '\r'};
+            char[] invalidCharacters = {'/', '\\', '\n', '\r', '"'};
            for (char invalidCharacter : invalidCharacters)
            {
                Group group = new Group();
--- a/src/test/java/org/alfresco/rest/api/tests/TestPeople.java
+++ b/src/test/java/org/alfresco/rest/api/tests/TestPeople.java
@@ -331,14 +331,14 @@ public class TestPeople extends AbstractBaseApiTest
        person.setUserName("myUserName11111111111111111111111111111111111111111111111111111111111111111111111111111111@" + account1.getId());
        people.create(person, 400);

-        // create person with invalid characters ("/", "\", "\n", "\r")
+        // create person with invalid characters {'/', '\\', '\n', '\r', '"'}
        {
-            char[] invalidCharacters = {'/', '\\', '\n', '\r'};
+            char[] invalidCharacters = {'/', '\\', '\n', '\r', '"'};

            for (char invalidCharacter : invalidCharacters)
            {
                person.setUserName("myUser" + invalidCharacter + "Name@" + account1.getId());
-        people.create(person, 400);
+                people.create(person, 400);
            }
        }