Merged WEBAPP-API (5.2.1) to 5.2.N (5.2.1)

136785 jkaabimofrad: MNT-17824: Added a workaround for retrieving authorities (i.e. group or role) that were created with 'GROUP_' prefix before MNT-14958 fix. git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/BRANCHES/DEV/5.2.N/root@136810 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-10-08 14:51:49 +00:00 · 2017-05-19 08:32:26 +00:00
parent 1ee1cbd533
commit 2d714be75d
1 changed files with 64 additions and 52 deletions
--- a/source/java/org/alfresco/repo/security/authority/AuthorityDAOImpl.java
+++ b/source/java/org/alfresco/repo/security/authority/AuthorityDAOImpl.java
@@ -1,28 +1,28 @@
-/*
+/*
- * #%L
+ * #%L
- * Alfresco Repository
+ * Alfresco Repository
- * %%
+ * %%
- * Copyright (C) 2005 - 2016 Alfresco Software Limited
+ * Copyright (C) 2005 - 2016 Alfresco Software Limited
- * %%
+ * %%
- * This file is part of the Alfresco software. 
+ * This file is part of the Alfresco software. 
- * If the software was purchased under a paid Alfresco license, the terms of 
+ * If the software was purchased under a paid Alfresco license, the terms of 
- * the paid license agreement will prevail.  Otherwise, the software is 
+ * the paid license agreement will prevail.  Otherwise, the software is 
- * provided under the following open source license terms:
+ * provided under the following open source license terms:
- * 
+ * 
- * Alfresco is free software: you can redistribute it and/or modify
+ * Alfresco is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
+ * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
+ * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
+ * (at your option) any later version.
- * 
+ * 
- * Alfresco is distributed in the hope that it will be useful,
+ * Alfresco is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Lesser General Public License for more details.
+ * GNU Lesser General Public License for more details.
- * 
+ * 
- * You should have received a copy of the GNU Lesser General Public License
+ * You should have received a copy of the GNU Lesser General Public License
- * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
+ * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
- * #L%
+ * #L%
- */
+ */
 package org.alfresco.repo.security.authority;
 import java.io.Serializable;
@@ -799,8 +799,8 @@ public class AuthorityDAOImpl implements AuthorityDAO, NodeServicePolicies.Befor
        childAuthorityCache.remove(parentRef);
        if (AuthorityType.getAuthorityType(childName) == AuthorityType.USER)
        {
-            // Normalize the user name
+            // Normalize the user name
-            childName = (String) nodeService.getProperty(childRef, ContentModel.PROP_USERNAME);
+            childName = (String) nodeService.getProperty(childRef, ContentModel.PROP_USERNAME);
            userAuthorityCache.remove(childName);
        }
        else
@@ -860,17 +860,17 @@ public class AuthorityDAOImpl implements AuthorityDAO, NodeServicePolicies.Befor
        {
            // Get the unfiltered set of authorities from the cache or generate it
            Set<String> authorities = userAuthorityCache.get(name);
-            // if not in the cache, normalize the user name and try again
+            // if not in the cache, normalize the user name and try again
-            if (authorities == null)
+            if (authorities == null)
-            {
+            {
-            	NodeRef personRef = getAuthorityOrNull(name);
+            	NodeRef personRef = getAuthorityOrNull(name);
-            	if (personRef == null)
+            	if (personRef == null)
-            	{
+            	{
-            		return new TreeSet<String>(); // don't worry about missing person nodes. Just return an empty set
+            		return new TreeSet<String>(); // don't worry about missing person nodes. Just return an empty set
-            	}
+            	}
-                name = (String) nodeService.getProperty(personRef, ContentModel.PROP_USERNAME);
+                name = (String) nodeService.getProperty(personRef, ContentModel.PROP_USERNAME);
-                authorities = userAuthorityCache.get(name);
+                authorities = userAuthorityCache.get(name);
-            }
+            }
            if (authorities == null)
            {
                authorities = new TreeSet<String>();
@@ -882,7 +882,7 @@ public class AuthorityDAOImpl implements AuthorityDAO, NodeServicePolicies.Befor
                {
                    listAuthorities(null, name, authorities, true, true);
                }
-                // Add the set back to the cache. Name has already been normalized. If the value is locked then nothing will happen.
+                // Add the set back to the cache. Name has already been normalized. If the value is locked then nothing will happen.
                userAuthorityCache.put(name, Collections.unmodifiableSet(authorities));
            }
            // If we wanted the unfiltered set we are done
@@ -1029,29 +1029,36 @@ public class AuthorityDAOImpl implements AuthorityDAO, NodeServicePolicies.Befor
    public String getName(AuthorityType type, String shortName)
    {
        String authorityName = shortName;
        if (type.isFixedString())
        {
-            authorityName = type.getFixedString();
+            return type.getFixedString();
        }
        else if (type.isPrefixed())
        {
-            String prefix = type.getPrefixString();
+            final String prefix = type.getPrefixString();
            final String authorityName = prefix + shortName;
            if (shortName.startsWith(prefix))
            {
                String doublePrefixed = prefix + prefix;
                if (shortName.startsWith(doublePrefixed))
                {
-                    throw new AuthorityException("The authority name is double-prefixed");
+                    throw new AuthorityException("The authority name [" + shortName + "] is double-prefixed");
                }
                // MNT-17824: We need this check, in case this method is invoked for retrieving an
                // authority (rather than creating a new one), that was created with the shortName prefixed with 'GROUP_' before the MNT-14958 fix.
                // As before MNT-14958, if the shortName starts with 'GROUP_', the authority name will end up as 'GROUP_GROUP_<anyName>'
                else if (getAuthorityOrNull(authorityName, type) != null)
                {
                    return authorityName;
                }
            }
            else
            {
-                authorityName = prefix + shortName;
+                return authorityName;
            }
        }
-            return authorityName;
+        return shortName;
    }
    protected void addAuthorityNameIfMatches(Set<String> authorities, String authorityName, AuthorityType type)
@@ -1285,12 +1292,17 @@ public class AuthorityDAOImpl implements AuthorityDAO, NodeServicePolicies.Befor
            }
        }
    }
-    
+
    private NodeRef getAuthorityOrNull(final String name)
    {
        final AuthorityType authType = AuthorityType.getAuthorityType(name);
        return getAuthorityOrNull(name, authType);
    }
    private NodeRef getAuthorityOrNull(final String name, final AuthorityType authType)
    {
        try
        {
            final AuthorityType authType = AuthorityType.getAuthorityType(name);
            switch (authType)
            {
                case USER:
@@ -1302,13 +1314,13 @@ public class AuthorityDAOImpl implements AuthorityDAO, NodeServicePolicies.Befor
                    return null;
                default:
                {
-                    Pair <String, String> cacheKey = cacheKey(name);
+                    Pair<String, String> cacheKey = cacheKey(name);
                    NodeRef result = authorityLookupCache.get(cacheKey);
                    if (result == null)
                    {
-                        List<ChildAssociationRef> results = nodeService.getChildAssocs(getAuthorityContainer(),
+                        List<ChildAssociationRef> results = nodeService.getChildAssocs(getAuthorityContainer(), ContentModel.ASSOC_CHILDREN,
-                                ContentModel.ASSOC_CHILDREN, QName.createQName("cm", name, namespacePrefixResolver), false);
+                                    QName.createQName("cm", name, namespacePrefixResolver), false);
-                        result = results.isEmpty() ? NULL_NODEREF :results.get(0).getChildRef(); 
+                        result = results.isEmpty() ? NULL_NODEREF : results.get(0).getChildRef();
                        authorityLookupCache.put(cacheKey, result);
                    }
                    return result.equals(NULL_NODEREF) ? null : result;