From 230a30d7e9ca9960e818c6e2be21d26caaee255b Mon Sep 17 00:00:00 2001 From: Lucian Tuca Date: Wed, 22 Apr 2020 16:58:49 +0300 Subject: [PATCH] REPO-4859 : HTTP_UNAUTHORIZED instead of HTTP_FORBIDDEN for some CMIS apis (#932) - updated code so the Context set includes the USERNAME field. - the missing of that field on the context was causing the CMIS lib to trigger a 401 --- .../opencmis/AlfrescoCmisServiceImpl.java | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/src/main/java/org/alfresco/opencmis/AlfrescoCmisServiceImpl.java b/src/main/java/org/alfresco/opencmis/AlfrescoCmisServiceImpl.java index 95e895b775..90fd0f8220 100644 --- a/src/main/java/org/alfresco/opencmis/AlfrescoCmisServiceImpl.java +++ b/src/main/java/org/alfresco/opencmis/AlfrescoCmisServiceImpl.java @@ -44,8 +44,6 @@ import java.util.concurrent.ConcurrentHashMap; import javax.servlet.http.HttpServletRequest; -import net.sf.acegisecurity.Authentication; - import org.alfresco.model.ContentModel; import org.alfresco.opencmis.dictionary.CMISNodeInfo; import org.alfresco.opencmis.dictionary.CMISObjectVariant; @@ -136,6 +134,7 @@ import org.apache.chemistry.opencmis.commons.impl.server.AbstractCmisService; import org.apache.chemistry.opencmis.commons.impl.server.ObjectInfoImpl; import org.apache.chemistry.opencmis.commons.impl.server.RenditionInfoImpl; import org.apache.chemistry.opencmis.commons.server.CallContext; +import org.apache.chemistry.opencmis.commons.server.MutableCallContext; import org.apache.chemistry.opencmis.commons.server.ObjectInfo; import org.apache.chemistry.opencmis.commons.server.RenditionInfo; import org.apache.chemistry.opencmis.commons.spi.Holder; @@ -143,6 +142,8 @@ import org.apache.chemistry.opencmis.server.shared.QueryStringHttpServletRequest import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import net.sf.acegisecurity.Authentication; + /** * OpenCMIS service implementation * @@ -176,7 +177,19 @@ public class AlfrescoCmisServiceImpl extends AbstractCmisService implements Alfr @Override public void open(CallContext context) { - AlfrescoCmisServiceCall.set(context); + if (context instanceof MutableCallContext) + { + MutableCallContext mutableCallContext = (MutableCallContext) context; + if (mutableCallContext.getUsername() == null && AuthenticationUtil.getFullyAuthenticatedUser() != null) + { + mutableCallContext.put(CallContext.USERNAME, AuthenticationUtil.getFullyAuthenticatedUser()); + } + AlfrescoCmisServiceCall.set(mutableCallContext); + } + else + { + AlfrescoCmisServiceCall.set(context); + } } protected CallContext getContext()