inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-24 17:32:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

MT - System "runAs" will run in MT-context

Browse Source 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@8277 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Jan Vonka
2008-02-14 10:21:12 +00:00
parent d141885e6d
commit 2bde146829
5 changed files with 48 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
source/java/org/alfresco/repo/audit/AuditableAspect.java
View File

@@ -167,8 +167,8 @@ public class AuditableAspect
// Set the updated property values (but do not cascade to update audit behaviour)
onUpdateAudit.disable();
// note: special MT case - need to run in context of user's domain ... although checkForLock requires System
AuthenticationUtil.runAs(new SetAuditProperties(nodeService, nodeRef, properties), tenantService.getDomainUser(AuthenticationUtil.getSystemUserName(), tenantService.getCurrentUserDomain()));
// note: in MT case, this will run in System context of user's domain ... checkForLock requires System
AuthenticationUtil.runAs(new SetAuditProperties(nodeService, nodeRef, properties), AuthenticationUtil.getSystemUserName());
}
finally
{
@@ -201,8 +201,8 @@ public class AuditableAspect
// Set the updated property values
// note: special MT case - need to run in context of user's domain ... although checkForLock requires System
AuthenticationUtil.runAs(new SetAuditProperties(nodeService, nodeRef, properties), tenantService.getDomainUser(AuthenticationUtil.getSystemUserName(), tenantService.getCurrentUserDomain()));
// note: in MT case, this will run in System context of user's domain ... checkForLock requires System
AuthenticationUtil.runAs(new SetAuditProperties(nodeService, nodeRef, properties), AuthenticationUtil.getSystemUserName());
if (logger.isDebugEnabled())
logger.debug("Auditable node " + nodeRef + " updated [modified=" + now + ";modifier=" + modifier + "]");

2
source/java/org/alfresco/repo/content/TenantRoutingFileContentStore.java
View File

@@ -70,7 +70,7 @@ public class TenantRoutingFileContentStore extends AbstractRoutingContentStore i
if (tenantService.isEnabled())
{
String currentUser = AuthenticationUtil.getCurrentUserName();
if ((currentUser == null) || (currentUser.equals(AuthenticationUtil.getSystemUserName())))
if ((currentUser == null) || (tenantService.getBaseNameUser(currentUser).equals(AuthenticationUtil.getSystemUserName())))
{
// return enabled stores across all tenants, if running as system/null user, for example, ContentStoreCleaner scheduled job
List<ContentStore> allEnabledStores = new ArrayList<ContentStore>();

9
source/java/org/alfresco/repo/module/ModuleComponentHelper.java
View File

@@ -210,10 +210,6 @@ public class ModuleComponentHelper
/*
* Ensure transactionality and the correct authentication
*/
// Note: for system bootstrap this will be the default domain, else tenant domain for tenant create/import
final String tenantDomainCtx = tenantDeployerService.getCurrentUserDomain();
AuthenticationUtil.runAs(new RunAsWork<Object>()
{
public Object doWork() throws Exception
@@ -230,6 +226,9 @@ public class ModuleComponentHelper
final Map<String, Set<ModuleComponent>> mapExecutedComponents = new HashMap<String, Set<ModuleComponent>>(1);
final Map<String, Set<String>> mapStartedModules = new HashMap<String, Set<String>>(1);
// Note: for system bootstrap this will be the default domain, else tenant domain for tenant create/import
final String tenantDomainCtx = tenantDeployerService.getCurrentUserDomain();
mapExecutedComponents.put(tenantDomainCtx, new HashSet<ModuleComponent>(10));
mapStartedModules.put(tenantDomainCtx, new HashSet<String>(2));
@@ -322,7 +321,7 @@ public class ModuleComponentHelper
return null;
}
}, tenantDeployerService.getDomainUser(AuthenticationUtil.getSystemUserName(), tenantDomainCtx));
}, AuthenticationUtil.getSystemUserName());
}
/**

30
source/java/org/alfresco/repo/security/authentication/AuthenticationUtil.java
View File

@@ -54,11 +54,21 @@ public abstract class AuthenticationUtil
public static final String SYSTEM_USER_NAME = "System";
private static boolean mtEnabled = false;
private AuthenticationUtil()
{
super();
}
public static void setMtEnabled(boolean mtEnabled)
{
if (! AuthenticationUtil.mtEnabled)
{
AuthenticationUtil.mtEnabled = mtEnabled;
}
}
public static Authentication setCurrentUser(String userName)
{
return setCurrentUser(userName, getDefaultUserDetails(userName));
@@ -178,6 +188,8 @@ public abstract class AuthenticationUtil
{
NDC.remove();
if (mtEnabled == true)
{
int idx = userName.indexOf(TenantService.SEPARATOR);
if ((idx != -1) && (idx < (userName.length()-1)))
{
@@ -188,6 +200,11 @@ public abstract class AuthenticationUtil
NDC.push("User:"+userName);
}
}
else
{
NDC.push("User:"+userName);
}
}
/**
* Get the current authentication context
@@ -278,6 +295,7 @@ public abstract class AuthenticationUtil
{
ContextHolder.setContext(null);
InMemoryTicketComponentImpl.clearCurrentSecurityContext();
NDC.remove();
}
/**
@@ -295,6 +313,18 @@ public abstract class AuthenticationUtil
R result = null;
try
{
if ((currentUser != null) && (mtEnabled == true))
{
int idx = currentUser.indexOf(TenantService.SEPARATOR);
if ((idx != -1) && (idx < (currentUser.length()-1)))
{
if (uid.equals(AuthenticationUtil.getSystemUserName()))
{
uid = uid + TenantService.SEPARATOR + currentUser.substring(idx+1);
}
}
}
AuthenticationUtil.setCurrentUser(uid);
result = runAsWork.doWork();
return result;

2
source/java/org/alfresco/repo/tenant/MultiTAdminServiceImpl.java
View File

@@ -230,6 +230,8 @@ public class MultiTAdminServiceImpl extends AbstractLifecycleBean implements Ten
{
checkProperties();
AuthenticationUtil.setMtEnabled(true);
// initialise the tenant admin service and status of tenants (using attribute service)
// note: this requires that the repository schema has already been initialised