Merged V3.0 to HEAD

11498: Improvements to DM ACL upgrade 11502: Edit Details button text updated to Edit Site Details to avoid confusion 11503: ETHREEOH-577 - It is possible to create empty comment at document details page 11504: ETHREEOH-576 - Cannot create calendar event with name containing certain characters such as : / 11505: Merged V2.2 to V3.0 11337: Tidy up the deletion of unused ACEs when authorities are deleted - ETWOTWO-749 11339: Fix permission checks under RunAs to use the effective user's groups - ETWOTWO-753 11506: Fixed ETHREEOH-579: RuntimeExec can not handle commands and arguments that contains spaces git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@12448 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-08-07 17:49:17 +00:00 · 2008-12-17 14:12:21 +00:00
parent 4669d51678
commit 46483f1c54
8 changed files with 285 additions and 10 deletions
--- a/source/java/org/alfresco/repo/domain/hibernate/AclDaoComponentImpl.java
+++ b/source/java/org/alfresco/repo/domain/hibernate/AclDaoComponentImpl.java
@@ -93,6 +93,8 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
    // static String QUERY_GET_AUTHORITY_ALIASES = "permission.GetAuthorityAliases";

    static String QUERY_GET_ACES_AND_ACLS_BY_AUTHORITY = "permission.GetAcesAndAclsByAuthority";
+    
+    static String QUERY_GET_ACES_BY_AUTHORITY = "permission.GetAcesByAuthority";

    static String QUERY_GET_ACES_FOR_ACL = "permission.GetAcesForAcl";

@@ -855,6 +857,26 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
            getHibernateTemplate().delete(ace);
        }

+        
+        // Tidy up any unreferenced ACEs
+        
+        callback = new HibernateCallback()
+        {
+            public Object doInHibernate(Session session)
+            {
+                Query query = session.getNamedQuery(QUERY_GET_ACES_BY_AUTHORITY);
+                query.setParameter("authority", authority);
+                return query.list();
+            }
+        };
+        List<DbAccessControlEntry> unreferenced = (List<DbAccessControlEntry>) getHibernateTemplate().execute(callback);
+        
+        for (DbAccessControlEntry ace : unreferenced)
+        {
+            getHibernateTemplate().delete(ace);
+        }
+
+        
        // remove authority

        callback = new HibernateCallback()
--- a/source/java/org/alfresco/repo/domain/hibernate/DMAccessControlListDAO.java
+++ b/source/java/org/alfresco/repo/domain/hibernate/DMAccessControlListDAO.java
@@ -206,7 +206,8 @@ public class DMAccessControlListDAO implements AccessControlListDAO
        // Do the children first

        DbAccessControlList existingAcl = getAccessControlList(nodeRef);
-        Long toInherit = inherited;
+        Long toInherit = null;
+        Long idToInheritFrom = null;

        if (existingAcl != null)
        {
@@ -229,13 +230,13 @@ public class DMAccessControlListDAO implements AccessControlListDAO
                }
                if (existingAcl.getInherits())
                {
-                    if (toInherit != null)
+                    if (inherited != null)
                    {
-                        aclDaoComponent.enableInheritance(id, toInherit);
+                        aclDaoComponent.enableInheritance(id, inherited);
                    }
                }

-                toInherit = aclDaoComponent.getInheritedAccessControlList(id);
+                idToInheritFrom = id;

                setAccessControlList(nodeRef, newAcl);
            }
@@ -256,20 +257,33 @@ public class DMAccessControlListDAO implements AccessControlListDAO

                DbAccessControlList newAcl = aclDaoComponent.getDbAccessControlList(id);

-                toInherit = aclDaoComponent.getInheritedAccessControlList(id);
+                idToInheritFrom = id;

                setAccessControlList(nodeRef, newAcl);
            }
            else
            {
                // Unset - simple inherit
-                DbAccessControlList inheritedAcl = aclDaoComponent.getDbAccessControlList(toInherit);
+                DbAccessControlList inheritedAcl = aclDaoComponent.getDbAccessControlList(inherited);
                setAccessControlList(nodeRef, inheritedAcl);
            }
        }

        for (ChildAssociationRef child : nodeService.getChildAssocs(nodeRef))
        {
+            // Only make inherited if required
+            if(toInherit == null)
+            {
+                if(idToInheritFrom == null)
+                {
+                    toInherit = inherited;
+                }
+                else
+                {
+                    toInherit = aclDaoComponent.getInheritedAccessControlList(idToInheritFrom);
+                }
+            }
+            
            if (child.isPrimary())
            {
                CounterSet update = fixOldDmAcls(child.getChildRef(), toInherit, false);
--- a/source/java/org/alfresco/repo/domain/hibernate/Permission.hbm.xml
+++ b/source/java/org/alfresco/repo/domain/hibernate/Permission.hbm.xml
@@ -336,7 +336,18 @@
         authority.authority = :authority
   </query>
    
+   <query name="permission.GetAcesByAuthority" cacheable="true">
+       select
+         ace
+       from
+         org.alfresco.repo.domain.hibernate.DbAccessControlEntryImpl as ace
+         join ace.authority as authority
+       where
+         authority.authority = :authority
+   </query>
    
+    
+    
   <query name="permission.GetAcesForAcl" cacheable="true">
       select
         aclmem