inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-10-08 14:51:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged WEBAPP-API (5.2.1) to 5.2.N (5.2.1)

Browse Source 
136785 jkaabimofrad: MNT-17824: Added a workaround for retrieving authorities (i.e. group or role) that were created with 'GROUP_' prefix before MNT-14958 fix.


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/BRANCHES/DEV/5.2.N/root@136810 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Jamal Kaabi-Mofrad
2017-05-19 08:32:26 +00:00
parent 1ee1cbd533
commit 2d714be75d
1 changed files with 64 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

116
source/java/org/alfresco/repo/security/authority/AuthorityDAOImpl.java
View File

@@ -1,28 +1,28 @@
/*
* #%L
* Alfresco Repository
* %%
* Copyright (C) 2005 - 2016 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
* the paid license agreement will prevail. Otherwise, the software is
* provided under the following open source license terms:
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
* #L%
*/
/*
* #%L
* Alfresco Repository
* %%
* Copyright (C) 2005 - 2016 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
* the paid license agreement will prevail. Otherwise, the software is
* provided under the following open source license terms:
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
* #L%
*/
package org.alfresco.repo.security.authority;
import java.io.Serializable;
@@ -799,8 +799,8 @@ public class AuthorityDAOImpl implements AuthorityDAO, NodeServicePolicies.Befor
childAuthorityCache.remove(parentRef);
if (AuthorityType.getAuthorityType(childName) == AuthorityType.USER)
{
// Normalize the user name
childName = (String) nodeService.getProperty(childRef, ContentModel.PROP_USERNAME);
// Normalize the user name
childName = (String) nodeService.getProperty(childRef, ContentModel.PROP_USERNAME);
userAuthorityCache.remove(childName);
}
else
@@ -860,17 +860,17 @@ public class AuthorityDAOImpl implements AuthorityDAO, NodeServicePolicies.Befor
{
// Get the unfiltered set of authorities from the cache or generate it
Set<String> authorities = userAuthorityCache.get(name);
// if not in the cache, normalize the user name and try again
if (authorities == null)
{
NodeRef personRef = getAuthorityOrNull(name);
if (personRef == null)
{
return new TreeSet<String>(); // don't worry about missing person nodes. Just return an empty set
}
name = (String) nodeService.getProperty(personRef, ContentModel.PROP_USERNAME);
authorities = userAuthorityCache.get(name);
}
// if not in the cache, normalize the user name and try again
if (authorities == null)
{
NodeRef personRef = getAuthorityOrNull(name);
if (personRef == null)
{
return new TreeSet<String>(); // don't worry about missing person nodes. Just return an empty set
}
name = (String) nodeService.getProperty(personRef, ContentModel.PROP_USERNAME);
authorities = userAuthorityCache.get(name);
}
if (authorities == null)
{
authorities = new TreeSet<String>();
@@ -882,7 +882,7 @@ public class AuthorityDAOImpl implements AuthorityDAO, NodeServicePolicies.Befor
{
listAuthorities(null, name, authorities, true, true);
}
// Add the set back to the cache. Name has already been normalized. If the value is locked then nothing will happen.
// Add the set back to the cache. Name has already been normalized. If the value is locked then nothing will happen.
userAuthorityCache.put(name, Collections.unmodifiableSet(authorities));
}
// If we wanted the unfiltered set we are done
@@ -1029,29 +1029,36 @@ public class AuthorityDAOImpl implements AuthorityDAO, NodeServicePolicies.Befor
public String getName(AuthorityType type, String shortName)
{
String authorityName = shortName;
if (type.isFixedString())
{
authorityName = type.getFixedString();
return type.getFixedString();
}
else if (type.isPrefixed())
{
String prefix = type.getPrefixString();
final String prefix = type.getPrefixString();
final String authorityName = prefix + shortName;
if (shortName.startsWith(prefix))
{
String doublePrefixed = prefix + prefix;
if (shortName.startsWith(doublePrefixed))
{
throw new AuthorityException("The authority name is double-prefixed");
throw new AuthorityException("The authority name [" + shortName + "] is double-prefixed");
}
// MNT-17824: We need this check, in case this method is invoked for retrieving an
// authority (rather than creating a new one), that was created with the shortName prefixed with 'GROUP_' before the MNT-14958 fix.
// As before MNT-14958, if the shortName starts with 'GROUP_', the authority name will end up as 'GROUP_GROUP_<anyName>'
else if (getAuthorityOrNull(authorityName, type) != null)
{
return authorityName;
}
}
else
{
authorityName = prefix + shortName;
return authorityName;
}
}
return authorityName;
return shortName;
}
protected void addAuthorityNameIfMatches(Set<String> authorities, String authorityName, AuthorityType type)
@@ -1285,12 +1292,17 @@ public class AuthorityDAOImpl implements AuthorityDAO, NodeServicePolicies.Befor
}
}
}
private NodeRef getAuthorityOrNull(final String name)
{
final AuthorityType authType = AuthorityType.getAuthorityType(name);
return getAuthorityOrNull(name, authType);
}
private NodeRef getAuthorityOrNull(final String name, final AuthorityType authType)
{
try
{
final AuthorityType authType = AuthorityType.getAuthorityType(name);
switch (authType)
{
case USER:
@@ -1302,13 +1314,13 @@ public class AuthorityDAOImpl implements AuthorityDAO, NodeServicePolicies.Befor
return null;
default:
{
Pair <String, String> cacheKey = cacheKey(name);
Pair<String, String> cacheKey = cacheKey(name);
NodeRef result = authorityLookupCache.get(cacheKey);
if (result == null)
{
List<ChildAssociationRef> results = nodeService.getChildAssocs(getAuthorityContainer(),
ContentModel.ASSOC_CHILDREN, QName.createQName("cm", name, namespacePrefixResolver), false);
result = results.isEmpty() ? NULL_NODEREF :results.get(0).getChildRef();
List<ChildAssociationRef> results = nodeService.getChildAssocs(getAuthorityContainer(), ContentModel.ASSOC_CHILDREN,
QName.createQName("cm", name, namespacePrefixResolver), false);
result = results.isEmpty() ? NULL_NODEREF : results.get(0).getChildRef();
authorityLookupCache.put(cacheKey, result);
}
return result.equals(NULL_NODEREF) ? null : result;