Merged V1.3 to HEAD (3218:3225)

svn merge svn://www.alfresco.org:3691/alfresco/BRANCHES/V1.3@3218 svn://www.alfresco.org:3691/alfresco/BRANCHES/V1.3@3225 . git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@3408 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-07-24 17:32:48 +00:00 · 2006-07-26 11:03:16 +00:00
parent f4e00169ab
commit 4e18df8f63
7 changed files with 127 additions and 53 deletions
--- a/source/java/org/alfresco/repo/security/authority/AuthorityDAOImpl.java
+++ b/source/java/org/alfresco/repo/security/authority/AuthorityDAOImpl.java
@@ -61,7 +61,7 @@ public class AuthorityDAOImpl implements AuthorityDAO

    private DictionaryService dictionaryService;

-    private SimpleCache<String, ArrayList<NodeRef>> userToAuthorityCache;
+    private SimpleCache<String, HashSet<String>> userToAuthorityCache;

    public AuthorityDAOImpl()
    {
@@ -90,7 +90,7 @@ public class AuthorityDAOImpl implements AuthorityDAO
        this.searchService = searchService;
    }

-    public void setUserToAuthorityCache(SimpleCache<String, ArrayList<NodeRef>> userToAuthorityCache)
+    public void setUserToAuthorityCache(SimpleCache<String, HashSet<String>> userToAuthorityCache)
    {
        this.userToAuthorityCache = userToAuthorityCache;
    }
@@ -127,6 +127,7 @@ public class AuthorityDAOImpl implements AuthorityDAO
            }
            nodeService.addChild(parentRef, childRef, ContentModel.ASSOC_MEMBER, QName.createQName("usr", childName,
                    namespacePrefixResolver));
+            userToAuthorityCache.clear();
        }
        else
        {
@@ -165,7 +166,7 @@ public class AuthorityDAOImpl implements AuthorityDAO
            throw new UnknownAuthorityException("An authority was not found for " + name);
        }
        nodeService.deleteNode(nodeRef);
-
+        userToAuthorityCache.clear();
    }

    public Set<String> getAllRootAuthorities(AuthorityType type)
@@ -234,15 +235,31 @@ public class AuthorityDAOImpl implements AuthorityDAO
                throw new UnknownAuthorityException("An authority was not found for " + childName);
            }
            nodeService.removeChild(parentRef, childRef);
+            userToAuthorityCache.clear();
        }

    }

    public Set<String> getContainingAuthorities(AuthorityType type, String name, boolean immediate)
    {
-        HashSet<String> authorities = new HashSet<String>();
-        findAuthorities(type, name, authorities, true, !immediate);
-        return authorities;
+        if (AuthorityType.getAuthorityType(name).equals(AuthorityType.USER) && ! immediate && (type == null))
+        {
+            // Cache user to authority look ups
+            HashSet<String> authorities = userToAuthorityCache.get(name);
+            if(authorities == null)
+            {
+                authorities = new HashSet<String>();
+                findAuthorities(type, name, authorities, true, !immediate);
+                userToAuthorityCache.put(name, authorities);
+            }
+            return authorities;
+        }
+        else
+        {
+           HashSet<String> authorities = new HashSet<String>();
+           findAuthorities(type, name, authorities, true, !immediate);
+           return authorities;
+        }
    }

    private void findAuthorities(AuthorityType type, String name, Set<String> authorities, boolean parents,
@@ -276,12 +293,7 @@ public class AuthorityDAOImpl implements AuthorityDAO

    private ArrayList<NodeRef> getUserContainers(String name)
    {
-        ArrayList<NodeRef> containers = userToAuthorityCache.get(name);
-        if (containers == null)
-        {
-            containers = findUserContainers(name);
-            userToAuthorityCache.put(name, containers);
-        }
+        ArrayList<NodeRef> containers = findUserContainers(name);
        return containers;
    }

--- a/source/java/org/alfresco/repo/security/permissions/impl/PermissionServiceImpl.java
+++ b/source/java/org/alfresco/repo/security/permissions/impl/PermissionServiceImpl.java
@@ -26,7 +26,10 @@ import net.sf.acegisecurity.Authentication;
 import net.sf.acegisecurity.GrantedAuthority;
 import net.sf.acegisecurity.providers.dao.User;

+import org.alfresco.model.ContentModel;
 import org.alfresco.repo.cache.SimpleCache;
+import org.alfresco.repo.policy.JavaBehaviour;
+import org.alfresco.repo.policy.PolicyComponent;
 import org.alfresco.repo.security.authentication.AuthenticationComponent;
 import org.alfresco.repo.security.permissions.DynamicAuthority;
 import org.alfresco.repo.security.permissions.NodePermissionEntry;
@@ -43,6 +46,7 @@ import org.alfresco.service.cmr.security.AccessStatus;
 import org.alfresco.service.cmr.security.AuthorityService;
 import org.alfresco.service.cmr.security.AuthorityType;
 import org.alfresco.service.cmr.security.PermissionService;
+import org.alfresco.service.namespace.NamespaceService;
 import org.alfresco.service.namespace.QName;
 import org.alfresco.util.EqualsHelper;
 import org.apache.commons.logging.Log;
@@ -102,6 +106,8 @@ public class PermissionServiceImpl implements PermissionServiceSPI, Initializing
     */
    private List<DynamicAuthority> dynamicAuthorities;

+    private PolicyComponent policyComponent;
+
    /*
     * Standard spring construction.
     */
@@ -152,13 +158,24 @@ public class PermissionServiceImpl implements PermissionServiceSPI, Initializing
    /**
     * Set the permissions access cache.
     * 
-     * @param accessCache a transactionally safe cache
+     * @param accessCache
+     *            a transactionally safe cache
     */
    public void setAccessCache(SimpleCache<Serializable, AccessStatus> accessCache)
    {
        this.accessCache = accessCache;
    }

+    public void setPolicyComponent(PolicyComponent policyComponent)
+    {
+        this.policyComponent = policyComponent;
+    }
+    
+    public void onMoveNode(ChildAssociationRef oldChildAssocRef, ChildAssociationRef newChildAssocRef)
+    {
+        accessCache.clear();
+    }
+    
    public void afterPropertiesSet() throws Exception
    {
        if (dictionaryService == null)
@@ -189,6 +206,13 @@ public class PermissionServiceImpl implements PermissionServiceSPI, Initializing
        {
            throw new IllegalArgumentException("Property 'accessCache' has not been set");
        }
+        if (policyComponent == null)
+        {
+            throw new IllegalArgumentException("Property 'policyComponent' has not been set");
+        }
+        
+        policyComponent.bindClassBehaviour(QName.createQName(NamespaceService.ALFRESCO_URI, "onMoveNode"), ContentModel.ASPECT_AUDITABLE, new JavaBehaviour(this, "onMoveNode"));
+    
    }

    //
@@ -372,7 +396,7 @@ public class PermissionServiceImpl implements PermissionServiceSPI, Initializing
        Set<String> authorisations = getAuthorisations(auth, nodeRef);
        Serializable key = generateKey(
                authorisations,
-                nodeService.getPath(nodeRef),
+                nodeRef,
                perm);
        AccessStatus status = accessCache.get(key);
        if (status != null)
@@ -423,16 +447,17 @@ public class PermissionServiceImpl implements PermissionServiceSPI, Initializing
    }
    
    /**
-     * Key for a cache object is built from all the known Authorities (which can change
-     * dynamically so they must all be used) the NodeRef ID and the permission reference itself.
-     * This gives a unique key for each permission test.
+     * Key for a cache object is built from all the known Authorities (which can
+     * change dynamically so they must all be used) the NodeRef ID and the
+     * permission reference itself. This gives a unique key for each permission
+     * test.
     */
-    static Serializable generateKey(Set<String> auths, Path path, PermissionReference perm)
+    static Serializable generateKey(Set<String> auths, NodeRef nodeRef, PermissionReference perm)
    {
        LinkedHashSet<Serializable> key = new LinkedHashSet<Serializable>();
        key.add(perm.toString());
        key.addAll(auths); 
-        key.add(path);
+        key.add(nodeRef);
        return key;
    }