inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-24 17:32:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged V2.2 to HEAD

Browse Source 
8083: Merged V2.1 to V2.2
      8066: RM-31 and related issues (ACT-729)
      8068: Fix for AR-1997
   8084: Fixed script error on notify page of invite website user wizard
   8086: Merged V2.1 to V2.2
      8075: Clear()ing a hibernate session, is not always enough to guarantee that transactions not use unbounded amounts of memory
      8076: Turn off test that needs to be fixed real soon now.
   8092: Implementation for:   http://issues.alfresco.com/browse/AR-1744
   8093: Fixed upgrade scripts for V2.1.2 to V2.2 upgrades
   8096: Fix for AWC-1578 and AWC-1814
   8097: Added new indexes missing from scripts and made index names consistent.
   8098: Fix for AWC-1548
   8100: Removed use of QName from alf_permission table
   8102: Fix for AWC-1690
   8103: test was == on id that used to be long but is now a Long


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@8476 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Derek Hulley
2008-03-10 13:11:50 +00:00
parent 72a90a14f1
commit 3e2311888b
25 changed files with 507 additions and 238 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
source/java/org/alfresco/repo/admin/patch/impl/AbstractPermissionChangePatch.java
View File

@@ -24,11 +24,10 @@
*/
package org.alfresco.repo.admin.patch.impl;
import java.util.List;
import org.alfresco.repo.admin.patch.AbstractPatch;
import org.alfresco.repo.domain.DbAccessControlEntry;
import org.alfresco.repo.domain.DbPermission;
import org.alfresco.repo.domain.QNameDAO;
import org.alfresco.repo.domain.QNameEntity;
import org.alfresco.repo.domain.hibernate.DbPermissionImpl;
import org.alfresco.service.namespace.QName;
import org.hibernate.Query;
@@ -56,6 +55,11 @@ public abstract class AbstractPermissionChangePatch extends AbstractPatch
this.helper.setSessionFactory(sessionFactory);
}
public void setQnameDAO(QNameDAO qnameDAO)
{
helper.setQnameDAO(qnameDAO);
}
/**
* Helper method to rename (move) a permission. This involves checking for the existence of the
* new permission and then moving all the entries to point to the new permission.
@@ -74,11 +78,11 @@ public abstract class AbstractPermissionChangePatch extends AbstractPatch
/** Helper to get a permission entity */
private static class GetPermissionCallback implements HibernateCallback
{
private QName typeQName;
private QNameEntity typeQNameEntity;
private String name;
public GetPermissionCallback(QName typeQName, String name)
public GetPermissionCallback(QNameEntity typeQNameEntity, String name)
{
this.typeQName = typeQName;
this.typeQNameEntity = typeQNameEntity;
this.name = name;
}
public Object doInHibernate(Session session)
@@ -87,7 +91,7 @@ public abstract class AbstractPermissionChangePatch extends AbstractPatch
session.flush();
Query query = session.getNamedQuery(HibernateHelper.QUERY_GET_PERMISSION);
query.setParameter("permissionTypeQName", typeQName)
query.setParameter("permissionTypeQName", typeQNameEntity)
.setString("permissionName", name);
return query.uniqueResult();
}
@@ -97,6 +101,13 @@ public abstract class AbstractPermissionChangePatch extends AbstractPatch
{
private static final String QUERY_GET_PERMISSION = "permission.GetPermission";
private QNameDAO qnameDAO;
public void setQnameDAO(QNameDAO qnameDAO)
{
this.qnameDAO = qnameDAO;
}
public int createAndUpdatePermission(
final QName oldTypeQName,
final String oldName,
@@ -108,20 +119,24 @@ public abstract class AbstractPermissionChangePatch extends AbstractPatch
throw new IllegalArgumentException("Cannot move permission to itself: " + oldTypeQName + "-" + oldName);
}
HibernateCallback getNewPermissionCallback = new GetPermissionCallback(oldTypeQName, oldName);
// Get the QName entities
QNameEntity oldTypeQNameEntity = qnameDAO.getOrCreateQNameEntity(oldTypeQName);
QNameEntity newTypeQNameEntity = qnameDAO.getOrCreateQNameEntity(newTypeQName);
HibernateCallback getNewPermissionCallback = new GetPermissionCallback(oldTypeQNameEntity, oldName);
DbPermission permission = (DbPermission) getHibernateTemplate().execute(getNewPermissionCallback);
if (permission == null)
{
// create the permission
permission = new DbPermissionImpl();
permission.setTypeQname(newTypeQName);
permission.setTypeQName(newTypeQNameEntity);
permission.setName(newName);
// save
getHibernateTemplate().save(permission);
}
else
{
permission.setTypeQname(newTypeQName);
permission.setTypeQName(newTypeQNameEntity);
permission.setName(newName);
}
// done

34
source/java/org/alfresco/repo/avm/AVMNodeDAO.java
View File

@@ -102,6 +102,19 @@ public interface AVMNodeDAO
*/
public List<Long> getNewInStoreIDs(AVMStore store);
/**
* Clear newInStore field for a store. (Snapshot)
* @param store
*/
public void clearNewInStore(AVMStore store);
/**
* Get any new layered entries in a store.
* @param store
* @return
*/
public List<Long> getNewLayeredInStoreIDs(AVMStore store);
/**
* Inappropriate hack to get Hibernate to play nice.
*/
@@ -111,25 +124,40 @@ public interface AVMNodeDAO
* Get a batch
* @return An iterator over all nodes.
*/
List<AVMNode> getEmptyGUIDS(int count);
public List<AVMNode> getEmptyGUIDS(int count);
/**
* Get a batch of LayeredDirectories which have null indirectionVersions.
* @param count
* @return
*/
List<LayeredDirectoryNode> getNullVersionLayeredDirectories(int count);
public List<LayeredDirectoryNode> getNullVersionLayeredDirectories(int count);
/**
* Get a batch of LayeredFiles which have null indirectionVersions.
* @param count
* @return
*/
List<LayeredFileNode> getNullVersionLayeredFiles(int count);
public List<LayeredFileNode> getNullVersionLayeredFiles(int count);
/**
* Evict an AVMNode that is no longer going to be used.
* @param node
*/
public void evict(AVMNode node);
/**
* Clear the hibernate session cache.
*/
public void clear();
/**
* Turn off 2nd level caching.
*/
public void noCache();
/**
* Turn on 2nd level caching.
*/
public void yesCache();
}

26
source/java/org/alfresco/repo/avm/AVMRepository.java
View File

@@ -920,19 +920,27 @@ public class AVMRepository
*/
public Map<String, Integer> createSnapshot(String storeName, String tag, String description)
{
AlfrescoTransactionSupport.bindListener(fCreateVersionTxnListener);
AVMStore store = getAVMStoreByName(storeName);
if (store == null)
try
{
throw new AVMNotFoundException("Store not found.");
fAVMNodeDAO.noCache();
AlfrescoTransactionSupport.bindListener(fCreateVersionTxnListener);
AVMStore store = getAVMStoreByName(storeName);
if (store == null)
{
throw new AVMNotFoundException("Store not found.");
}
Map<String, Integer> result = store.createSnapshot(tag, description, new HashMap<String, Integer>());
for (Map.Entry<String, Integer> entry : result.entrySet())
{
fLookupCache.onSnapshot(entry.getKey());
fCreateVersionTxnListener.versionCreated(entry.getKey(), entry.getValue());
}
return result;
}
Map<String, Integer> result = store.createSnapshot(tag, description, new HashMap<String, Integer>());
for (Map.Entry<String, Integer> entry : result.entrySet())
finally
{
fLookupCache.onSnapshot(entry.getKey());
fCreateVersionTxnListener.versionCreated(entry.getKey(), entry.getValue());
fAVMNodeDAO.yesCache();
}
return result;
}
/**

12
source/java/org/alfresco/repo/avm/AVMServicePermissionsTest.java
View File

@@ -520,13 +520,13 @@ public class AVMServicePermissionsTest extends TestCase
node = avmNodeDAO.getByID(desc.getId());
DbAccessControlList dirAcl = node.getAcl();
assertNotNull(dirAcl);
assertTrue(acl.getId() == dirAcl.getId());
assertEquals(acl.getId(), dirAcl.getId());
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base/update-dir/update-file");
node = avmNodeDAO.getByID(desc.getId());
DbAccessControlList fileAcl = node.getAcl();
assertNotNull(fileAcl);
assertTrue(acl.getId() == fileAcl.getId());
assertEquals(acl.getId(), fileAcl.getId());
avmService.createSnapshot(storeName, "store", "store");
avmService.createSnapshot(storeName + "-layer-base", "store", "store");
@@ -549,7 +549,7 @@ public class AVMServicePermissionsTest extends TestCase
node = avmNodeDAO.getByID(desc.getId());
dirAcl = node.getAcl();
assertNotNull(dirAcl);
assertTrue(acl.getId() == dirAcl.getId());
assertEquals(acl.getId(), dirAcl.getId());
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base/update-dir/update-file");
node = avmNodeDAO.getByID(desc.getId());
@@ -597,13 +597,13 @@ public class AVMServicePermissionsTest extends TestCase
node = avmNodeDAO.getByID(desc.getId());
DbAccessControlList dirAcl = node.getAcl();
assertNotNull(dirAcl);
assertTrue(acl.getId() == dirAcl.getId());
assertEquals(acl.getId(), dirAcl.getId());
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base/update-dir/update-file");
node = avmNodeDAO.getByID(desc.getId());
DbAccessControlList fileAcl = node.getAcl();
assertNotNull(fileAcl);
assertTrue(acl.getId() == fileAcl.getId());
assertEquals(acl.getId(), fileAcl.getId());
avmService.createSnapshot(storeName, "store", "store");
avmService.createSnapshot(storeName + "-layer-base", "store", "store");
@@ -628,7 +628,7 @@ public class AVMServicePermissionsTest extends TestCase
node = avmNodeDAO.getByID(desc.getId());
dirAcl = node.getAcl();
assertNotNull(dirAcl);
assertTrue(acl.getId() == dirAcl.getId());
assertEquals(acl.getId(), dirAcl.getId());
desc = avmService.lookup(-1, storeName + "-layer-base:/layer-to-base/update-dir/update-file");
node = avmNodeDAO.getByID(desc.getId());

3
source/java/org/alfresco/repo/avm/AVMServiceTest.java
View File

@@ -569,6 +569,7 @@ public class AVMServiceTest extends AVMServiceTestBase
/**
* Test Deployment.
*/
/*
public void testDeployment() throws Exception
{
try
@@ -673,7 +674,7 @@ public class AVMServiceTest extends AVMServiceTestBase
throw e;
}
}
*/
protected void runQueriesForCreateAndDeploy(String store) throws Exception
{
StoreRef storeRef = AVMNodeConverter.ToStoreRef(store);

70
source/java/org/alfresco/repo/avm/AVMStoreImpl.java
View File

@@ -190,11 +190,14 @@ public class AVMStoreImpl implements AVMStore, Serializable
@SuppressWarnings("unchecked")
public Map<String, Integer> createSnapshot(String tag, String description, Map<String, Integer> snapShotMap)
{
VersionRoot lastVersion = AVMDAOs.Instance().fVersionRootDAO.getMaxVersion(this);
long rootID = fRoot.getId();
AVMStoreImpl me = (AVMStoreImpl)AVMDAOs.Instance().fAVMStoreDAO.getByID(fID);
VersionRoot lastVersion = AVMDAOs.Instance().fVersionRootDAO.getMaxVersion(me);
List<VersionLayeredNodeEntry> layeredEntries =
AVMDAOs.Instance().fVersionLayeredNodeEntryDAO.get(lastVersion);
// Is there no need for a snapshot?
if (!fRoot.getIsNew() && layeredEntries.size() == 0)
DirectoryNode root = (DirectoryNode)AVMDAOs.Instance().fAVMNodeDAO.getByID(rootID);
if (!root.getIsNew() && layeredEntries.size() == 0)
{
// So, we set the tag and description fields of the latest version.
if (tag != null || description != null)
@@ -205,13 +208,13 @@ public class AVMStoreImpl implements AVMStore, Serializable
snapShotMap.put(fName, lastVersion.getVersionID());
return snapShotMap;
}
snapShotMap.put(fName, fNextVersionID);
snapShotMap.put(fName, me.fNextVersionID);
// Force copies on all the layered nodes from last snapshot.
for (VersionLayeredNodeEntry entry : layeredEntries)
{
String path = entry.getPath();
path = path.substring(path.indexOf(':') + 1);
Lookup lookup = lookup(-1, path, false, false);
Lookup lookup = me.lookup(-1, path, false, false);
if (lookup == null)
{
continue;
@@ -255,59 +258,50 @@ public class AVMStoreImpl implements AVMStore, Serializable
*/
}
// Clear out the new nodes.
List<Long> newInRep = AVMDAOs.Instance().fAVMNodeDAO.getNewInStoreIDs(this);
List<AVMNode> layeredNodes = new ArrayList<AVMNode>();
for (Long newGuyID : newInRep)
List<Long> allLayeredNodeIDs = AVMDAOs.Instance().fAVMNodeDAO.getNewLayeredInStoreIDs(me);
AVMDAOs.Instance().fAVMNodeDAO.clearNewInStore(me);
AVMDAOs.Instance().fAVMNodeDAO.clear();
List<Long> layeredNodeIDs = new ArrayList<Long>();
for (Long layeredID : allLayeredNodeIDs)
{
AVMNode newGuy = AVMDAOs.Instance().fAVMNodeDAO.getByID(newGuyID);
newGuy.setStoreNew(null);
Layered layered = null;
if (newGuy.getType() == AVMNodeType.LAYERED_DIRECTORY &&
((LayeredDirectoryNode)newGuy).getPrimaryIndirection())
Layered layered = (Layered)AVMDAOs.Instance().fAVMNodeDAO.getByID(layeredID);
String indirection = layered.getIndirection();
if (indirection == null)
{
layered = (Layered)AVMNodeUnwrapper.Unwrap(newGuy);
continue;
}
if (newGuy.getType() == AVMNodeType.LAYERED_FILE)
layeredNodeIDs.add(layeredID);
String storeName = indirection.substring(0, indirection.indexOf(':'));
if (!snapShotMap.containsKey(storeName))
{
layered = (Layered)AVMNodeUnwrapper.Unwrap(newGuy);
}
if (layered != null)
{
layeredNodes.add(newGuy);
String indirection = layered.getIndirection();
String storeName = indirection.substring(0, indirection.indexOf(':'));
if (!snapShotMap.containsKey(storeName))
AVMStore store = AVMDAOs.Instance().fAVMStoreDAO.getByName(storeName);
if (store == null)
{
AVMStore store = AVMDAOs.Instance().fAVMStoreDAO.getByName(storeName);
if (store == null)
{
layered.setIndirectionVersion(-1);
}
else
{
store.createSnapshot(null, null, snapShotMap);
layered.setIndirectionVersion(snapShotMap.get(storeName));
}
layered.setIndirectionVersion(-1);
}
else
{
store.createSnapshot(null, null, snapShotMap);
layered = (Layered)AVMDAOs.Instance().fAVMNodeDAO.getByID(layeredID);
layered.setIndirectionVersion(snapShotMap.get(storeName));
}
}
else
{
AVMDAOs.Instance().fAVMNodeDAO.evict(newGuy);
layered.setIndirectionVersion(snapShotMap.get(storeName));
}
}
AVMDAOs.Instance().fAVMNodeDAO.flush();
// Make up a new version record.
String user = RawServices.Instance().getAuthenticationComponent().getCurrentUserName();
if (user == null)
{
user = RawServices.Instance().getAuthenticationComponent().getSystemUserName();
}
VersionRoot versionRoot = new VersionRootImpl(this,
fRoot,
fNextVersionID++,
me = (AVMStoreImpl)AVMDAOs.Instance().fAVMStoreDAO.getByID(fID);
VersionRoot versionRoot = new VersionRootImpl(me,
me.fRoot,
me.fNextVersionID++,
System.currentTimeMillis(),
user,
tag,
@@ -315,8 +309,9 @@ public class AVMStoreImpl implements AVMStore, Serializable
// Another embarassing flush needed.
AVMDAOs.Instance().fAVMNodeDAO.flush();
AVMDAOs.Instance().fVersionRootDAO.save(versionRoot);
for (AVMNode node : layeredNodes)
for (Long nodeID : layeredNodeIDs)
{
AVMNode node = AVMDAOs.Instance().fAVMNodeDAO.getByID(nodeID);
List<String> paths = fAVMRepository.getVersionPaths(versionRoot, node);
for (String path : paths)
{
@@ -325,7 +320,6 @@ public class AVMStoreImpl implements AVMStore, Serializable
AVMDAOs.Instance().fVersionLayeredNodeEntryDAO.save(entry);
}
}
// Increment the version id.
return snapShotMap;
}

27
source/java/org/alfresco/repo/avm/hibernate/AVM.hbm.xml
View File

@@ -92,9 +92,11 @@
<property name="indirectionVersion" type="int" column="indirection_version"/>
<!-- This marks a layered directory as either knowing itself what
it points at (true) or inheriting what it points at from its
container (false). -->
container (false).
Ideally we would have the column 'indirection' in the index but it is too long.
-->
<property name="primaryIndirection"
column="primary_indirection" type="boolean" index="idx_avm_lyr_indn" />
column="primary_indirection" type="boolean" index="idx_avm_n_pi" />
<property name="opacity" column="opacity" type="boolean"/>
<!-- Map of names to DirectoryEntries. -->
</subclass>
@@ -281,6 +283,27 @@
where an.storeNew = :store
]]>
</query>
<query name="AVMNode.ClearNewInStore">
<![CDATA[
update versioned AVMNodeImpl an
set an.storeNew = null
where an.storeNew = :store
]]>
</query>
<query name="AVMNode.GetNewLayeredDirectory">
<![CDATA[
select an.id
from LayeredDirectoryNodeImpl an
where an.storeNew = :store
]]>
</query>
<query name="AVMNode.GetNewLayeredFile">
<![CDATA[
select an.id
from LayeredFileNodeImpl an
where an.storeNew = :store
]]>
</query>
<query name="AVMNode.GetDescendents">
<![CDATA[
select hl.descendent

60
source/java/org/alfresco/repo/avm/hibernate/AVMNodeDAOHibernate.java
View File

@@ -33,7 +33,12 @@ import org.alfresco.repo.avm.AVMStore;
import org.alfresco.repo.avm.DirectoryNode;
import org.alfresco.repo.avm.LayeredDirectoryNode;
import org.alfresco.repo.avm.LayeredFileNode;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.hibernate.CacheMode;
import org.hibernate.Query;
import org.hibernate.impl.SessionImpl;
import org.hibernate.stat.SessionStatistics;
import org.springframework.orm.hibernate3.support.HibernateDaoSupport;
/**
@@ -43,6 +48,8 @@ import org.springframework.orm.hibernate3.support.HibernateDaoSupport;
class AVMNodeDAOHibernate extends HibernateDaoSupport implements
AVMNodeDAO
{
private static Log fgLogger = LogFactory.getLog(AVMNodeDAOHibernate.class);
/**
* Do nothing constructor.
*/
@@ -232,4 +239,57 @@ class AVMNodeDAOHibernate extends HibernateDaoSupport implements
getSession().flush();
getSession().evict(node);
}
/* (non-Javadoc)
* @see org.alfresco.repo.avm.AVMNodeDAO#clear()
*/
public void clear()
{
fgLogger.error(getSession().getStatistics());
getSession().flush();
getSession().clear();
fgLogger.error(getSession().getStatistics());
}
/* (non-Javadoc)
* @see org.alfresco.repo.avm.AVMNodeDAO#noCache()
*/
public void noCache()
{
getSession().getSessionFactory().evict(AVMNodeImpl.class);
getSession().setCacheMode(CacheMode.IGNORE);
}
/* (non-Javadoc)
* @see org.alfresco.repo.avm.AVMNodeDAO#yesCache()
*/
public void yesCache()
{
getSession().setCacheMode(CacheMode.NORMAL);
}
/* (non-Javadoc)
* @see org.alfresco.repo.avm.AVMNodeDAO#clearNewInStore(org.alfresco.repo.avm.AVMStore)
*/
public void clearNewInStore(AVMStore store)
{
Query query = getSession().getNamedQuery("AVMNode.ClearNewInStore");
query.setEntity("store", store);
query.executeUpdate();
}
/* (non-Javadoc)
* @see org.alfresco.repo.avm.AVMNodeDAO#getNewLayeredInStoreIDs(org.alfresco.repo.avm.AVMStore)
*/
@SuppressWarnings("unchecked")
public List<Long> getNewLayeredInStoreIDs(AVMStore store)
{
Query query = getSession().getNamedQuery("AVMNode.GetNewLayeredDirectory");
query.setEntity("store", store);
List<Long> ids = (List<Long>)query.list();
query = getSession().getNamedQuery("AVMNode.GetNewLayeredFile");
query.setEntity("store", store);
ids.addAll((List<Long>)query.list());
return ids;
}
}

6
source/java/org/alfresco/repo/domain/DbPermission.java
View File

@@ -26,8 +26,6 @@ package org.alfresco.repo.domain;
import java.io.Serializable;
import org.alfresco.service.namespace.QName;
/**
* The interface against which permission references are persisted in hibernate.
*
@@ -48,12 +46,12 @@ public interface DbPermission extends Serializable
/**
* @return Returns the qualified name of this permission
*/
public QName getTypeQname();
public QNameEntity getTypeQName();
/**
* @param qname the entity representing the qname for this instance
*/
public void setTypeQname(QName qname);
public void setTypeQName(QNameEntity typeQNameEntity);
/**
* @return Returns the permission name

41
source/java/org/alfresco/repo/domain/hibernate/AclDaoComponentImpl.java
View File

@@ -39,6 +39,8 @@ import org.alfresco.repo.domain.DbAccessControlListChangeSet;
import org.alfresco.repo.domain.DbAccessControlListMember;
import org.alfresco.repo.domain.DbAuthority;
import org.alfresco.repo.domain.DbPermission;
import org.alfresco.repo.domain.QNameDAO;
import org.alfresco.repo.domain.QNameEntity;
import org.alfresco.repo.node.db.hibernate.HibernateNodeDaoServiceImpl;
import org.alfresco.repo.security.permissions.ACLCopyMode;
import org.alfresco.repo.security.permissions.ACLType;
@@ -54,6 +56,7 @@ import org.alfresco.repo.security.permissions.impl.AclDaoComponent;
import org.alfresco.repo.security.permissions.impl.SimplePermissionReference;
import org.alfresco.repo.transaction.AlfrescoTransactionSupport;
import org.alfresco.service.cmr.security.AccessStatus;
import org.alfresco.service.namespace.QName;
import org.alfresco.util.GUID;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -93,6 +96,8 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
static String QUERY_GET_LATEST_ACL_BY_ACLID = "permission.FindLatestAclByGuid";
/** Access to QName entities */
private QNameDAO qnameDAO;
/** a transactionally-safe cache to be injected */
private SimpleCache<Long, AccessControlList> aclCache;
@@ -107,6 +112,14 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
DbAccessControlListImpl.setAclDaoComponent(this);
}
/**
* Set the DAO for accessing QName entities
*/
public void setQnameDAO(QNameDAO qnameDAO)
{
this.qnameDAO = qnameDAO;
}
public void setAclCache(SimpleCache<Long, AccessControlList> aclCache)
{
this.aclCache = aclCache;
@@ -1002,8 +1015,8 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
context.setPropertyContext(member.getAccessControlEntry().getContext().getPropertyContext());
entry.setContext(context);
}
SimplePermissionReference permissionRefernce = new SimplePermissionReference(member.getAccessControlEntry().getPermission().getTypeQname(), member
.getAccessControlEntry().getPermission().getName());
DbPermission perm = member.getAccessControlEntry().getPermission();
SimplePermissionReference permissionRefernce = new SimplePermissionReference(perm.getTypeQName().getQName(), perm.getName());
entry.setPermission(permissionRefernce);
entry.setPosition(member.getPosition());
@@ -1176,6 +1189,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
}
@SuppressWarnings("unchecked")
public List<AclChange> setAccessControlEntry(Long id, final AccessControlEntry ace)
{
DbAccessControlList target = (DbAccessControlList) getHibernateTemplate().get(DbAccessControlListImpl.class, id);
@@ -1222,13 +1236,17 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
// Find permission
final QName permissionQName = ace.getPermission().getQName();
final String permissionName = ace.getPermission().getName();
final QNameEntity permissionQNameEntity = qnameDAO.getOrCreateQNameEntity(permissionQName);
callback = new HibernateCallback()
{
public Object doInHibernate(Session session)
{
Query query = session.getNamedQuery(QUERY_GET_PERMISSION);
query.setParameter("permissionTypeQName", ace.getPermission().getQName());
query.setParameter("permissionName", ace.getPermission().getName());
query.setParameter("permissionTypeQName", permissionQNameEntity);
query.setParameter("permissionName", permissionName);
return query.uniqueResult();
}
};
@@ -1236,8 +1254,8 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
if (permission == null)
{
DbPermissionImpl newPermission = new DbPermissionImpl();
newPermission.setTypeQname(ace.getPermission().getQName());
newPermission.setName(ace.getPermission().getName());
newPermission.setTypeQName(permissionQNameEntity);
newPermission.setName(permissionName);
permission = newPermission;
getHibernateTemplate().save(newPermission);
}
@@ -1536,6 +1554,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
return avmNodeIds;
}
@SuppressWarnings("unchecked")
private List<AclChange> disableInheritanceImpl(Long id, boolean setInheritedOnAcl, DbAccessControlList acl)
{
List<AclChange> changes = new ArrayList<AclChange>();
@@ -1583,8 +1602,8 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
context.setPropertyContext(member.getAccessControlEntry().getContext().getPropertyContext());
entry.setContext(context);
}
SimplePermissionReference permissionRefernce = new SimplePermissionReference(member.getAccessControlEntry().getPermission().getTypeQname(), member
.getAccessControlEntry().getPermission().getName());
DbPermission perm = member.getAccessControlEntry().getPermission();
SimplePermissionReference permissionRefernce = new SimplePermissionReference(perm.getTypeQName().getQName(), perm.getName());
entry.setPermission(permissionRefernce);
entry.setPosition(Integer.valueOf(0));
@@ -1676,11 +1695,13 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
if (pattern.getPermission() != null)
{
if ((pattern.getPermission().getQName() != null) && (!pattern.getPermission().getQName().equals(entry.getPermission().getTypeQname())))
final QName patternQName = pattern.getPermission().getQName();
if ((patternQName != null) && (!patternQName.equals(entry.getPermission().getTypeQName().getQName())))
{
return false;
}
if ((pattern.getPermission().getName() != null) && (!pattern.getPermission().getName().equals(entry.getPermission().getName())))
final String patternName = pattern.getPermission().getName();
if ((patternName != null) && (!patternName.equals(entry.getPermission().getName())))
{
return false;
}

14
source/java/org/alfresco/repo/domain/hibernate/DbAccessControlEntryImpl.java
View File

@@ -32,8 +32,6 @@ import org.alfresco.repo.domain.DbAuthority;
import org.alfresco.repo.domain.DbPermission;
import org.alfresco.repo.domain.DbPermissionKey;
import org.alfresco.repo.security.permissions.ACEType;
import org.alfresco.service.namespace.QName;
import org.hibernate.CallbackException;
import org.hibernate.Session;
/**
@@ -71,9 +69,15 @@ public class DbAccessControlEntryImpl implements DbAccessControlEntry, Serializa
public String toString()
{
StringBuilder sb = new StringBuilder(128);
sb.append("DbAccessControlEntryImpl").append("[ id=").append(id).append(", version=").append(version).append(", permission=").append(permission.getKey()).append(
", authority=").append(authority.getAuthority()).append(", allowed=").append(allowed).append(", authorityDeleted=").append(", aceType=")
.append(ACEType.getACETypeFromId(aceType)).append(", context=").append(context).append("]");
sb.append("DbAccessControlEntryImpl")
.append("[ id=").append(id)
.append(", version=").append(version)
.append(", permission=").append(permission.getKey())
.append(", authority=").append(authority.getAuthority())
.append(", allowed=").append(allowed)
.append(", aceType=").append(ACEType.getACETypeFromId(aceType))
.append(", context=").append(context)
.append("]");
return sb.toString();
}

34
source/java/org/alfresco/repo/domain/hibernate/DbPermissionImpl.java
View File

@@ -28,12 +28,9 @@ import java.io.Serializable;
import org.alfresco.repo.domain.DbPermission;
import org.alfresco.repo.domain.DbPermissionKey;
import org.alfresco.repo.domain.QNameEntity;
import org.alfresco.service.namespace.QName;
import org.alfresco.util.EqualsHelper;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.hibernate.CallbackException;
import org.hibernate.Query;
import org.hibernate.Session;
/**
@@ -45,14 +42,9 @@ public class DbPermissionImpl implements DbPermission, Serializable
{
private static final long serialVersionUID = -6352566900815035461L;
private static Log logger = LogFactory.getLog(DbPermissionImpl.class);
private Long id;
private Long version;
private QName typeQname;
private QNameEntity typeQName;
private String name;
public DbPermissionImpl()
@@ -64,8 +56,12 @@ public class DbPermissionImpl implements DbPermission, Serializable
public String toString()
{
StringBuilder sb = new StringBuilder(128);
sb.append("DbPermissionImpl").append("[ id=").append(id).append(", version=").append(version).append(", typeQname=").append(typeQname).append(", name=").append(getName())
.append("]");
sb.append("DbPermissionImpl")
.append("[ id=").append(id)
.append(", version=").append(version)
.append(", typeQName=").append(typeQName.getQName())
.append(", name=").append(getName())
.append("]");
return sb.toString();
}
@@ -81,13 +77,13 @@ public class DbPermissionImpl implements DbPermission, Serializable
return false;
}
DbPermission other = (DbPermission) o;
return (EqualsHelper.nullSafeEquals(typeQname, other.getTypeQname())) && (EqualsHelper.nullSafeEquals(name, other.getName()));
return (EqualsHelper.nullSafeEquals(typeQName, other.getTypeQName())) && (EqualsHelper.nullSafeEquals(name, other.getName()));
}
@Override
public int hashCode()
{
return typeQname.hashCode() + (37 * name.hashCode());
return typeQName.hashCode() + (37 * name.hashCode());
}
public Long getId()
@@ -118,14 +114,14 @@ public class DbPermissionImpl implements DbPermission, Serializable
this.version = version;
}
public QName getTypeQname()
public QNameEntity getTypeQName()
{
return typeQname;
return typeQName;
}
public void setTypeQname(QName typeQname)
public void setTypeQName(QNameEntity typeQName)
{
this.typeQname = typeQname;
this.typeQName = typeQName;
}
public String getName()
@@ -140,7 +136,7 @@ public class DbPermissionImpl implements DbPermission, Serializable
public DbPermissionKey getKey()
{
return new DbPermissionKey(typeQname, name);
return new DbPermissionKey(typeQName.getQName(), name);
}
/**

29
source/java/org/alfresco/repo/domain/hibernate/Permission.hbm.xml
View File

@@ -6,8 +6,6 @@
<hibernate-mapping>
<typedef class="org.alfresco.repo.domain.hibernate.QNameUserType" name="QName" />
<class
name="org.alfresco.repo.domain.hibernate.DbAccessControlListChangeSetImpl"
proxy="org.alfresco.repo.domain.DbAccessControlListChangeSet"
@@ -54,9 +52,9 @@
<version column="version" name="version" type="long" />
<property name="inherits" column="inherits" type="boolean" not-null="true" index="idx_pm_acl_inh" />
<property name="inherits" column="inherits" type="boolean" not-null="true" index="idx_alf_acl_inh" />
<property name="inheritsFrom" column="inherits_from" type="long" not-null="false" index="idx_pm_acl_inh" />
<property name="inheritsFrom" column="inherits_from" type="long" not-null="false" index="idx_alf_acl_inh" />
<property name="type" column="type" type="int" not-null="true" />
@@ -174,8 +172,17 @@
<generator class="native" />
</id>
<natural-id mutable="true">
<property name="typeQname" column="type_qname" type="QName" length="200" />
<natural-id mutable="true" >
<many-to-one
name="typeQName"
class="org.alfresco.repo.domain.hibernate.QNameEntityImpl"
column="type_qname_id"
foreign-key="fk_alf_perm_tqn"
lazy="proxy"
fetch="select"
unique="false"
not-null="true"
cascade="none" />
<property name="name" type="string" length="100" column="name" />
</natural-id>
@@ -199,9 +206,9 @@
<version column="version" name="version" type="long" />
<property name="authority" column="authority" type="string" length="100" unique-key="uidx_auth_name" index="idx_authority" />
<property name="crc" column="crc" type="long" unique-key="uidx_auth_name" />
<property name="authority" column="authority" type="string" length="100" unique-key="uidx_auth_name" index="idx_alf_auth_aut" />
<property name="crc" column="crc" type="long" unique-key="uidx_auth_name" />
</class>
@@ -268,7 +275,7 @@
from
org.alfresco.repo.domain.hibernate.DbPermissionImpl as permission
where
permission.typeQname = :permissionTypeQName and
permission.typeQName = :permissionTypeQName and
permission.name = :permissionName
</query>
@@ -402,7 +409,7 @@
ace.authority.recipient = :authorityRecipient and
ace.allowed = :allow and
ace.permission.name = :permissionName and
ace.permission.typeQname = :permissionTypeQname
ace.permission.typeQName = :permissionTypeQname
</query>
-->
</hibernate-mapping>

71
source/java/org/alfresco/repo/security/authentication/AbstractAuthenticationComponent.java
View File

@@ -32,8 +32,14 @@ import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import net.sf.acegisecurity.providers.dao.User;
import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.model.ContentModel;
import org.alfresco.repo.tenant.TenantService;
import org.alfresco.repo.transaction.RetryingTransactionHelper;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.security.PermissionService;
import org.alfresco.service.cmr.security.PersonService;
import org.alfresco.service.transaction.TransactionService;
/**
* This class abstract the support required to set up and query the Acegi context for security enforcement. There are
@@ -50,6 +56,12 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
private TenantService tenantService;
private PersonService personService;
private NodeService nodeService;
private TransactionService transactionService;
public AbstractAuthenticationComponent()
{
super();
@@ -70,6 +82,26 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
this.tenantService = tenantService;
}
public void setPersonService(PersonService personService)
{
this.personService = personService;
}
public void setNodeService(NodeService nodeService)
{
this.nodeService = nodeService;
}
public void setTransactionService(TransactionService transactionService)
{
this.transactionService = transactionService;
}
public TransactionService getTransactionService()
{
return transactionService;
}
public void authenticate(String userName, char[] password) throws AuthenticationException
{
// Support guest login from the login screen
@@ -84,9 +116,9 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
}
/**
* Default unsupported authentication implementation
* - as of 2.1 this is the best way to implement your own authentication component as it will support guest login
* - prior to this direct over ride for authenticate(String , char[]) was used. This will still work.
* Default unsupported authentication implementation - as of 2.1 this is the best way to implement your own
* authentication component as it will support guest login - prior to this direct over ride for authenticate(String ,
* char[]) was used. This will still work.
*
* @param userName
* @param password
@@ -96,6 +128,37 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
throw new UnsupportedOperationException();
}
public Authentication setCurrentUser(final String userName) throws AuthenticationException
{
if (AuthenticationUtil.getSystemUserName().equals(userName))
{
return setCurrentUserImpl(userName);
}
else
{
return transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionHelper.RetryingTransactionCallback<Authentication>()
{
public Authentication execute() throws Throwable
{
NodeRef userNode = personService.getPerson(userName);
if (userNode != null)
{
// Get the person name and use that as the current user to line up with permission checks
String personName = (String) nodeService.getProperty(userNode, ContentModel.PROP_USERNAME);
return setCurrentUserImpl(personName);
}
else
{
// Set using the user name
return setCurrentUserImpl(userName);
}
}
}, false, false);
}
}
/**
* Explicitly set the current user to be authenticated.
*
@@ -103,7 +166,7 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
* String
* @return Authentication
*/
public Authentication setCurrentUser(String userName) throws AuthenticationException
private Authentication setCurrentUserImpl(String userName) throws AuthenticationException
{
if (userName == null)
{

88
source/java/org/alfresco/repo/security/authentication/ntlm/NTLMAuthenticationComponentImpl.java
View File

@@ -118,12 +118,6 @@ public class NTLMAuthenticationComponentImpl extends AbstractAuthenticationCompo
private PassthruReaperThread m_reaperThread;
// Person service, used to map passthru usernames to Alfresco person names
private PersonService m_personService;
private NodeService m_nodeService;
private TransactionService m_transactionService;
/**
* Passthru Session Reaper Thread
*/
@@ -467,36 +461,6 @@ public class NTLMAuthenticationComponentImpl extends AbstractAuthenticationCompo
}
}
/**
* Set the person service
*
* @param personService PersonService
*/
public final void setPersonService(PersonService personService)
{
m_personService = personService;
}
/**
* Set the node service
*
* @param nodeService NodeService
*/
public final void setNodeService(NodeService nodeService)
{
m_nodeService = nodeService;
}
/**
* Set the transaction service
*
* @param transService TransactionService
*/
public final void setTransactionService(TransactionService transService)
{
m_transactionService = transService;
}
/**
* Return the authentication session timeout, in milliseconds
*
@@ -693,31 +657,7 @@ public class NTLMAuthenticationComponentImpl extends AbstractAuthenticationCompo
// Map the passthru username to an Alfresco person
NodeRef userNode = m_personService.getPerson(username);
if ( userNode != null)
{
// Get the person name and use that as the current user to line up with permission checks
String personName = (String) m_nodeService.getProperty(userNode, ContentModel.PROP_USERNAME);
setCurrentUser(personName);
// DEBUG
if ( logger.isDebugEnabled())
logger.debug("Setting current user using person " + personName + " (username " + username + ")");
}
else
{
// Set using the user name
setCurrentUser( username);
// DEBUG
if ( logger.isDebugEnabled())
logger.debug("Setting current user using username " + username);
}
setCurrentUser( username);
// Debug
@@ -875,35 +815,13 @@ public class NTLMAuthenticationComponentImpl extends AbstractAuthenticationCompo
// Wrap the service calls in a transaction
tx = m_transactionService.getUserTransaction( false);
tx = getTransactionService().getUserTransaction( false);
tx.begin();
// Map the passthru username to an Alfresco person
NodeRef userNode = m_personService.getPerson(username);
if ( userNode != null)
{
// Get the person name and use that as the current user to line up with permission checks
setCurrentUser( username);
String personName = (String) m_nodeService.getProperty(userNode, ContentModel.PROP_USERNAME);
setCurrentUser(personName);
// DEBUG
if ( logger.isDebugEnabled())
logger.debug("Setting current user using person " + personName + " (username " + username + ")");
}
else
{
// Set using the user name
setCurrentUser( username);
// DEBUG
if ( logger.isDebugEnabled())
logger.debug("Setting current user using username " + username);
}
}
catch (NoSuchPersonException ex)
{