diff --git a/source/java/org/alfresco/repo/web/scripts/RepoStore.java b/source/java/org/alfresco/repo/web/scripts/RepoStore.java index 9578ca5431..2ff1382b9f 100644 --- a/source/java/org/alfresco/repo/web/scripts/RepoStore.java +++ b/source/java/org/alfresco/repo/web/scripts/RepoStore.java @@ -252,6 +252,14 @@ public class RepoStore implements Store, TenantDeployer { return getPath(getBaseNodeRef()); } + + /* (non-Javadoc) + * @see org.alfresco.web.scripts.Store#isSecure() + */ + public boolean isSecure() + { + return false; + } /* (non-Javadoc) * @see org.alfresco.web.scripts.Store#exists() diff --git a/source/java/org/alfresco/repo/web/scripts/RepositoryContainer.java b/source/java/org/alfresco/repo/web/scripts/RepositoryContainer.java index b5b993c553..9a7b4df4c5 100644 --- a/source/java/org/alfresco/repo/web/scripts/RepositoryContainer.java +++ b/source/java/org/alfresco/repo/web/scripts/RepositoryContainer.java @@ -33,6 +33,7 @@ import javax.servlet.http.HttpServletResponse; import org.alfresco.repo.cache.SimpleCache; import org.alfresco.repo.model.Repository; import org.alfresco.repo.security.authentication.AuthenticationUtil; +import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork; import org.alfresco.repo.tenant.TenantAdminService; import org.alfresco.repo.tenant.TenantDeployer; import org.alfresco.repo.transaction.AlfrescoTransactionSupport; @@ -227,7 +228,7 @@ public class RepositoryContainer extends AbstractRuntimeContainer implements Ten // TODO revisit - cleared here, in-lieu of WebClient clear AuthenticationUtil.clearCurrentSecurityContext(); } - transactionedExecute(script, scriptReq, scriptRes); + transactionedExecuteAs(script, scriptReq, scriptRes); } else if ((required == RequiredAuthentication.user || required == RequiredAuthentication.admin) && isGuest) { @@ -261,7 +262,7 @@ public class RepositoryContainer extends AbstractRuntimeContainer implements Ten } // Execute Web Script - transactionedExecute(script, scriptReq, scriptRes); + transactionedExecuteAs(script, scriptReq, scriptRes); } } finally @@ -326,6 +327,36 @@ public class RepositoryContainer extends AbstractRuntimeContainer implements Ten } } + /** + * Execute script within required level of transaction as required effective user. + * + * @param scriptReq + * @param scriptRes + * @throws IOException + */ + private void transactionedExecuteAs(final WebScript script, final WebScriptRequest scriptReq, + final WebScriptResponse scriptRes) throws IOException + { + String runAs = script.getDescription().getRunAs(); + if (runAs == null) + { + transactionedExecute(script, scriptReq, scriptRes); + } + else + { + RunAsWork work = new RunAsWork() + { + + public Object doWork() throws Exception + { + transactionedExecute(script, scriptReq, scriptRes); + return null; + } + }; + AuthenticationUtil.runAs(work, runAs); + } + } + /* (non-Javadoc) * @see org.alfresco.web.scripts.AbstractRuntimeContainer#getRegistry() */ diff --git a/source/java/org/alfresco/repo/web/scripts/RepositoryContainerTest.java b/source/java/org/alfresco/repo/web/scripts/RepositoryContainerTest.java new file mode 100644 index 0000000000..58f1ded3af --- /dev/null +++ b/source/java/org/alfresco/repo/web/scripts/RepositoryContainerTest.java @@ -0,0 +1,89 @@ +/* + * Copyright (C) 2005-2007 Alfresco Software Limited. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + + * As a special exception to the terms and conditions of version 2.0 of + * the GPL, you may redistribute this Program in connection with Free/Libre + * and Open Source Software ("FLOSS") applications as described in Alfresco's + * FLOSS exception. You should have received a copy of the text describing + * the FLOSS exception, and it is also available here: + * http://www.alfresco.com/legal/licensing" + */ +package org.alfresco.repo.web.scripts; + +import org.alfresco.model.ContentModel; +import org.alfresco.service.cmr.security.AuthenticationService; +import org.alfresco.service.cmr.security.PersonService; +import org.alfresco.util.PropertyMap; +import org.alfresco.web.scripts.TestWebScriptServer.GetRequest; +import org.alfresco.web.scripts.TestWebScriptServer.Response; + +/** + * Unit test to test runas function + * + * @author David Ward + */ +public class RepositoryContainerTest extends BaseWebScriptTest +{ + private AuthenticationService authenticationService; + private PersonService personService; + + private static final String USER_ONE = "RunAsOne"; + + private static final String URL_RUNAS = "/test/runas"; + + @Override + protected void setUp() throws Exception + { + super.setUp(); + + this.authenticationService = (AuthenticationService) getServer().getApplicationContext().getBean( + "AuthenticationService"); + this.personService = (PersonService) getServer().getApplicationContext().getBean("PersonService"); + + // Create users + createUser(USER_ONE); + } + + private void createUser(String userName) + { + if (this.authenticationService.authenticationExists(userName) == false) + { + this.authenticationService.createAuthentication(userName, "PWD".toCharArray()); + + PropertyMap ppOne = new PropertyMap(4); + ppOne.put(ContentModel.PROP_USERNAME, userName); + ppOne.put(ContentModel.PROP_FIRSTNAME, "firstName"); + ppOne.put(ContentModel.PROP_LASTNAME, "lastName"); + ppOne.put(ContentModel.PROP_EMAIL, "email@email.com"); + ppOne.put(ContentModel.PROP_JOBTITLE, "jobTitle"); + + this.personService.createPerson(ppOne); + } + } + + @Override + protected void tearDown() throws Exception + { + super.tearDown(); + } + + public void testRunAs() throws Exception + { + Response response = sendRequest(new GetRequest(URL_RUNAS), 200, "admin"); + assertEquals(USER_ONE, response.getContentAsString()); + } +} diff --git a/source/test-resources/alfresco/webscripts/org/alfresco/test/runas.get.desc.xml b/source/test-resources/alfresco/webscripts/org/alfresco/test/runas.get.desc.xml new file mode 100644 index 0000000000..feaf343ff1 --- /dev/null +++ b/source/test-resources/alfresco/webscripts/org/alfresco/test/runas.get.desc.xml @@ -0,0 +1,8 @@ + + Unit Test for Run As Function + Echo the name of the effective user + argument + /test/runas + user + required + \ No newline at end of file diff --git a/source/test-resources/alfresco/webscripts/org/alfresco/test/runas.get.html.ftl b/source/test-resources/alfresco/webscripts/org/alfresco/test/runas.get.html.ftl new file mode 100644 index 0000000000..24102388b4 --- /dev/null +++ b/source/test-resources/alfresco/webscripts/org/alfresco/test/runas.get.html.ftl @@ -0,0 +1 @@ +${userName!""} \ No newline at end of file diff --git a/source/test-resources/alfresco/webscripts/org/alfresco/test/runas.get.js b/source/test-resources/alfresco/webscripts/org/alfresco/test/runas.get.js new file mode 100644 index 0000000000..afaca91c66 --- /dev/null +++ b/source/test-resources/alfresco/webscripts/org/alfresco/test/runas.get.js @@ -0,0 +1 @@ +model.userName = person.properties.userName; \ No newline at end of file