Merged V2.2 to HEAD

8083: Merged V2.1 to V2.2 8066: RM-31 and related issues (ACT-729) 8068: Fix for AR-1997 8084: Fixed script error on notify page of invite website user wizard 8086: Merged V2.1 to V2.2 8075: Clear()ing a hibernate session, is not always enough to guarantee that transactions not use unbounded amounts of memory 8076: Turn off test that needs to be fixed real soon now. 8092: Implementation for: http://issues.alfresco.com/browse/AR-1744 8093: Fixed upgrade scripts for V2.1.2 to V2.2 upgrades 8096: Fix for AWC-1578 and AWC-1814 8097: Added new indexes missing from scripts and made index names consistent. 8098: Fix for AWC-1548 8100: Removed use of QName from alf_permission table 8102: Fix for AWC-1690 8103: test was == on id that used to be long but is now a Long git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@8476 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-07-24 17:32:48 +00:00 · 2008-03-10 13:11:50 +00:00
parent 72a90a14f1
commit 3e2311888b
25 changed files with 507 additions and 238 deletions
--- a/source/java/org/alfresco/repo/security/authentication/AbstractAuthenticationComponent.java
+++ b/source/java/org/alfresco/repo/security/authentication/AbstractAuthenticationComponent.java
@@ -32,8 +32,14 @@ import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
 import net.sf.acegisecurity.providers.dao.User;

 import org.alfresco.error.AlfrescoRuntimeException;
+import org.alfresco.model.ContentModel;
 import org.alfresco.repo.tenant.TenantService;
+import org.alfresco.repo.transaction.RetryingTransactionHelper;
+import org.alfresco.service.cmr.repository.NodeRef;
+import org.alfresco.service.cmr.repository.NodeService;
 import org.alfresco.service.cmr.security.PermissionService;
+import org.alfresco.service.cmr.security.PersonService;
+import org.alfresco.service.transaction.TransactionService;

 /**
 * This class abstract the support required to set up and query the Acegi context for security enforcement. There are
@@ -50,6 +56,12 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
    
    private TenantService tenantService;

+    private PersonService personService;
+
+    private NodeService nodeService;
+
+    private TransactionService transactionService;
+
    public AbstractAuthenticationComponent()
    {
        super();
@@ -70,6 +82,26 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
    	this.tenantService = tenantService;
    }

+    public void setPersonService(PersonService personService)
+    {
+        this.personService = personService;
+    }
+
+    public void setNodeService(NodeService nodeService)
+    {
+        this.nodeService = nodeService;
+    }
+
+    public void setTransactionService(TransactionService transactionService)
+    {
+        this.transactionService = transactionService;
+    }
+    
+    public TransactionService getTransactionService()
+    {
+        return transactionService;
+    }
+
    public void authenticate(String userName, char[] password) throws AuthenticationException
    {
        // Support guest login from the login screen
@@ -84,9 +116,9 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
    }

    /**
-     * Default unsupported authentication implementation 
-     *  - as of 2.1 this is the best way to implement your own authentication component as it will support guest login
-     *  - prior to this direct over ride for authenticate(String , char[]) was used. This will still work.
+     * Default unsupported authentication implementation - as of 2.1 this is the best way to implement your own
+     * authentication component as it will support guest login - prior to this direct over ride for authenticate(String ,
+     * char[]) was used. This will still work.
     * 
     * @param userName
     * @param password
@@ -96,6 +128,37 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
        throw new UnsupportedOperationException();
    }

+    public Authentication setCurrentUser(final String userName) throws AuthenticationException
+    {
+        if (AuthenticationUtil.getSystemUserName().equals(userName))
+        {
+            return setCurrentUserImpl(userName);
+        }
+        else
+        {
+            return transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionHelper.RetryingTransactionCallback<Authentication>()
+            {
+
+                public Authentication execute() throws Throwable
+                {
+                    NodeRef userNode = personService.getPerson(userName);
+                    if (userNode != null)
+                    {
+                        // Get the person name and use that as the current user to line up with permission checks
+                        String personName = (String) nodeService.getProperty(userNode, ContentModel.PROP_USERNAME);
+                        return setCurrentUserImpl(personName);
+
+                    }
+                    else
+                    {
+                        // Set using the user name
+                        return setCurrentUserImpl(userName);
+                    }
+                }
+            }, false, false);
+        }
+    }
+
    /**
     * Explicitly set the current user to be authenticated.
     * 
@@ -103,7 +166,7 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
     *            String
     * @return Authentication
     */
-    public Authentication setCurrentUser(String userName) throws AuthenticationException
+    private Authentication setCurrentUserImpl(String userName) throws AuthenticationException
    {
        if (userName == null)
        {