inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-14 17:58:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged 5.2.0 (5.2.0) to HEAD (5.2)

Browse Source 
133849 rmunteanu: REPO-1746: Merge fixes for 5.2 GA issues to 5.2.0 branch
      Merged 5.2.N (5.2.1) to 5.2.0 (5.2.0)
         133351 jvonka: REPO-1646: V1 REST API - cannot unset optional fields (eg. when updating person / site details ...) - minor fixes with tests (update person)
         - ensure enabled & emailNotificationsEnabled cannot be null
         - null/empty company object should unset all fields (fix for empty case)


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@134188 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Alan Davis
2017-01-11 10:35:00 +00:00
parent e743336a6e
commit 2b55561d4a
3 changed files with 124 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

83
source/java/org/alfresco/rest/api/impl/PeopleImpl.java
View File

@@ -520,12 +520,22 @@ public class PeopleImpl implements People
{
throw new InvalidArgumentException("Field '"+fieldName+"' is null, but is required.");
}
// belts-and-braces - note: should not see empty string (since converted to null via custom json deserializer)
if ((fieldValue instanceof String) && ((String)fieldValue).isEmpty())
{
throw new InvalidArgumentException("Field '"+fieldName+"' is empty, but is required.");
}
}
public Person update(String personId, final Person person)
{
MutableAuthenticationService mutableAuthenticationService = (MutableAuthenticationService) authenticationService;
validateUpdatePersonData(person);
boolean isAdmin = isAdminAuthority();
String currentUserId = AuthenticationUtil.getFullyAuthenticatedUser();
if (!isAdminAuthority() && !currentUserId.equalsIgnoreCase(personId))
{
@@ -575,6 +585,7 @@ public class PeopleImpl implements People
throw new PermissionDeniedException("Admin authority cannot be disabled.");
}
// note: if current user is not an admin then permission denied exception is thrown
mutableAuthenticationService.setAuthenticationEnabled(personIdToUpdate, person.isEnabled());
}
@@ -612,6 +623,78 @@ public class PeopleImpl implements People
return getPerson(personId);
}
private void validateUpdatePersonData(Person person)
{
if (person.wasSet(ContentModel.PROP_FIRSTNAME))
{
checkRequiredField("firstName", person.getFirstName());
}
if (person.wasSet(ContentModel.PROP_EMAIL))
{
checkRequiredField("email", person.getEmail());
}
if (person.wasSet(ContentModel.PROP_ENABLED) && (person.isEnabled() == null))
{
throw new IllegalArgumentException("'enabled' field cannot be empty.");
}
if (person.wasSet(ContentModel.PROP_EMAIL_FEED_DISABLED) && (person.isEmailNotificationsEnabled() == null))
{
throw new IllegalArgumentException("'emailNotificationsEnabled' field cannot be empty.");
}
}
private void updatePassword(boolean isAdmin, String personIdToUpdate, Person person)
{
MutableAuthenticationService mutableAuthenticationService = (MutableAuthenticationService) authenticationService;
boolean isOldPassword = person.wasSet(Person.PROP_PERSON_OLDPASSWORD);
boolean isPassword = person.wasSet(Person.PROP_PERSON_PASSWORD);
if (isPassword || isOldPassword)
{
if (isOldPassword && ((person.getOldPassword() == null) || (person.getOldPassword().isEmpty())))
{
throw new IllegalArgumentException("'oldPassword' field cannot be empty.");
}
if (!isPassword || (person.getPassword() == null) || (person.getPassword().isEmpty()))
{
throw new IllegalArgumentException("password' field cannot be empty.");
}
char[] newPassword = person.getPassword().toCharArray();
if (!isAdmin)
{
// Non-admin users can update their own password, but must provide their current password.
if (!isOldPassword)
{
throw new IllegalArgumentException("To change password, both 'oldPassword' and 'password' fields are required.");
}
char[] oldPassword = person.getOldPassword().toCharArray();
try
{
mutableAuthenticationService.updateAuthentication(personIdToUpdate, oldPassword, newPassword);
}
catch (AuthenticationException e)
{
throw new PermissionDeniedException("Incorrect password.");
}
}
else
{
// An admin user can update without knowing the original pass - but must know their own!
// note: is it reasonable to silently ignore oldPassword if supplied ?
mutableAuthenticationService.setAuthentication(personIdToUpdate, newPassword);
}
}
}
private boolean isAdminAuthority()
{
return authorityService.hasAdminAuthority();

22
source/java/org/alfresco/rest/api/model/Person.java
View File

@@ -493,50 +493,62 @@ public class Person
if (wasSet(PROP_PERSON_COMPANY))
{
Company company = getCompany();
int setCount = 0;
if (company != null)
{
if (company.wasSet(ContentModel.PROP_ORGANIZATION))
{
setCount++;
properties.put(ContentModel.PROP_ORGANIZATION, company.getOrganization());
}
if (company.wasSet(ContentModel.PROP_COMPANYADDRESS1))
{
setCount++;
properties.put(ContentModel.PROP_COMPANYADDRESS1, company.getAddress1());
}
if (company.wasSet(ContentModel.PROP_COMPANYADDRESS2))
{
setCount++;
properties.put(ContentModel.PROP_COMPANYADDRESS2, company.getAddress2());
}
if (company.wasSet(ContentModel.PROP_COMPANYADDRESS3))
{
setCount++;
properties.put(ContentModel.PROP_COMPANYADDRESS3, company.getAddress3());
}
if (company.wasSet(ContentModel.PROP_COMPANYPOSTCODE))
{
setCount++;
properties.put(ContentModel.PROP_COMPANYPOSTCODE, company.getPostcode());
}
if (company.wasSet(ContentModel.PROP_COMPANYTELEPHONE))
{
setCount++;
properties.put(ContentModel.PROP_COMPANYTELEPHONE, company.getTelephone());
}
if (company.wasSet(ContentModel.PROP_COMPANYFAX))
{
setCount++;
properties.put(ContentModel.PROP_COMPANYFAX, company.getFax());
}
if (company.wasSet(ContentModel.PROP_COMPANYEMAIL))
{
setCount++;
properties.put(ContentModel.PROP_COMPANYEMAIL, company.getEmail());
}
}
else
if (setCount == 0)
{
// company was null or {} (no individual properties set)
properties.put(ContentModel.PROP_ORGANIZATION, null);
properties.put(ContentModel.PROP_COMPANYADDRESS1, null);
properties.put(ContentModel.PROP_COMPANYADDRESS2, null);