inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-31 17:39:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix to only propagate ACLs down primary relationships

Browse Source 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@9101 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Andrew Hind
2008-05-14 12:55:21 +00:00
parent 9d544f57b9
commit 2456d05ad9
1 changed files with 63 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

119
source/java/org/alfresco/repo/domain/hibernate/DMAccessControlListDAO.java
View File

@@ -48,13 +48,10 @@ import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.repository.StoreRef; import org.alfresco.service.cmr.repository.StoreRef;
/** /**
* DAO layer for the improved ACL implemtentation. * DAO layer for the improved ACL implemtentation. This layer is responsible for setting ACLs and any cascade behaviour
* * required. It also implements the migration from the old implementation to the new.
* This layer is responsible for setting ACLs and any cascade behaviour required.
* It also implements the migration from the old implementation to the new.
* *
* @author andyh * @author andyh
*
*/ */
public class DMAccessControlListDAO implements AccessControlListDAO public class DMAccessControlListDAO implements AccessControlListDAO
{ {
@@ -81,6 +78,7 @@ public class DMAccessControlListDAO implements AccessControlListDAO
/** /**
* Set the ACL DAO components * Set the ACL DAO components
*
* @param aclDaoComponent * @param aclDaoComponent
*/ */
public void setAclDaoComponent(AclDaoComponent aclDaoComponent) public void setAclDaoComponent(AclDaoComponent aclDaoComponent)
@@ -100,6 +98,7 @@ public class DMAccessControlListDAO implements AccessControlListDAO
/** /**
* Set the node service. * Set the node service.
*
* @param nodeService * @param nodeService
*/ */
public void setNodeService(NodeService nodeService) public void setNodeService(NodeService nodeService)
@@ -196,8 +195,11 @@ public class DMAccessControlListDAO implements AccessControlListDAO
for (ChildAssociationRef child : nodeService.getChildAssocs(nodeRef)) for (ChildAssociationRef child : nodeService.getChildAssocs(nodeRef))
{ {
CounterSet update = fixOldDmAcls(child.getChildRef()); if (child.isPrimary())
result.add(update); {
CounterSet update = fixOldDmAcls(child.getChildRef());
result.add(update);
}
} }
DbAccessControlList existingAcl = getAccessControlList(nodeRef); DbAccessControlList existingAcl = getAccessControlList(nodeRef);
@@ -235,7 +237,7 @@ public class DMAccessControlListDAO implements AccessControlListDAO
// Already fixed up :-) // Already fixed up :-)
} }
} }
return result; return result;
} }
@@ -291,49 +293,51 @@ public class DMAccessControlListDAO implements AccessControlListDAO
for (ChildAssociationRef child : children) for (ChildAssociationRef child : children)
{ {
DbAccessControlList acl = getAccessControlList(child.getChildRef()); if (child.isPrimary())
{
DbAccessControlList acl = getAccessControlList(child.getChildRef());
if (acl == null) if (acl == null)
{
hibernateSessionHelper.mark();
try
{ {
setFixedAcls(child.getChildRef(), mergeFrom, changes, true); hibernateSessionHelper.mark();
try
{
setFixedAcls(child.getChildRef(), mergeFrom, changes, true);
}
finally
{
hibernateSessionHelper.resetAndRemoveMark();
}
} }
finally else if (acl.getAclType() == ACLType.LAYERED)
{ {
hibernateSessionHelper.resetAndRemoveMark(); throw new UnsupportedOperationException();
}
else if (acl.getAclType() == ACLType.DEFINING)
{
@SuppressWarnings("unused")
List<AclChange> newChanges = aclDaoComponent.mergeInheritedAccessControlList(mergeFrom, acl.getId());
}
else
{
hibernateSessionHelper.mark();
try
{
setFixedAcls(child.getChildRef(), mergeFrom, changes, true);
}
finally
{
hibernateSessionHelper.resetAndRemoveMark();
}
} }
} }
else if (acl.getAclType() == ACLType.LAYERED)
{
throw new UnsupportedOperationException();
}
else if (acl.getAclType() == ACLType.DEFINING)
{
@SuppressWarnings("unused")
List<AclChange> newChanges = aclDaoComponent.mergeInheritedAccessControlList(mergeFrom, acl.getId());
}
else
{
hibernateSessionHelper.mark();
try
{
setFixedAcls(child.getChildRef(), mergeFrom, changes, true);
}
finally
{
hibernateSessionHelper.resetAndRemoveMark();
}
}
} }
} }
} }
/** /**
* Static support to set ACLs - required for use by the dbNodeService * Static support to set ACLs - required for use by the dbNodeService
* *
* @param nodeRef * @param nodeRef
* @param mergeFrom * @param mergeFrom
@@ -359,24 +363,27 @@ public class DMAccessControlListDAO implements AccessControlListDAO
for (ChildAssociationRef child : children) for (ChildAssociationRef child : children)
{ {
DbAccessControlList acl = getAccessControlList(child.getChildRef(), nodeDaoService); if (child.isPrimary())
{
DbAccessControlList acl = getAccessControlList(child.getChildRef(), nodeDaoService);
if (acl == null) if (acl == null)
{ {
setFixedAcls(child.getChildRef(), mergeFrom, true, nodeService, aclDaoComponent, nodeDaoService); setFixedAcls(child.getChildRef(), mergeFrom, true, nodeService, aclDaoComponent, nodeDaoService);
} }
else if (acl.getAclType() == ACLType.LAYERED) else if (acl.getAclType() == ACLType.LAYERED)
{ {
throw new UnsupportedOperationException(); throw new UnsupportedOperationException();
} }
else if (acl.getAclType() == ACLType.DEFINING) else if (acl.getAclType() == ACLType.DEFINING)
{ {
@SuppressWarnings("unused") @SuppressWarnings("unused")
List<AclChange> newChanges = aclDaoComponent.mergeInheritedAccessControlList(mergeFrom, acl.getId()); List<AclChange> newChanges = aclDaoComponent.mergeInheritedAccessControlList(mergeFrom, acl.getId());
} }
else else
{ {
setFixedAcls(child.getChildRef(), mergeFrom, true, nodeService, aclDaoComponent, nodeDaoService); setFixedAcls(child.getChildRef(), mergeFrom, true, nodeService, aclDaoComponent, nodeDaoService);
}
} }
} }
} }