mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-07-24 17:32:48 +00:00
Merged V1.3 to HEAD (3218:3225)
svn merge svn://www.alfresco.org:3691/alfresco/BRANCHES/V1.3@3218 svn://www.alfresco.org:3691/alfresco/BRANCHES/V1.3@3225 . git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@3408 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Derek Hulley
@@ -26,7 +26,10 @@ import net.sf.acegisecurity.Authentication;
|
||||
import net.sf.acegisecurity.GrantedAuthority;
|
||||
import net.sf.acegisecurity.providers.dao.User;
|
||||
|
||||
import org.alfresco.model.ContentModel;
|
||||
import org.alfresco.repo.cache.SimpleCache;
|
||||
import org.alfresco.repo.policy.JavaBehaviour;
|
||||
import org.alfresco.repo.policy.PolicyComponent;
|
||||
import org.alfresco.repo.security.authentication.AuthenticationComponent;
|
||||
import org.alfresco.repo.security.permissions.DynamicAuthority;
|
||||
import org.alfresco.repo.security.permissions.NodePermissionEntry;
|
||||
@@ -43,6 +46,7 @@ import org.alfresco.service.cmr.security.AccessStatus;
|
||||
import org.alfresco.service.cmr.security.AuthorityService;
|
||||
import org.alfresco.service.cmr.security.AuthorityType;
|
||||
import org.alfresco.service.cmr.security.PermissionService;
|
||||
import org.alfresco.service.namespace.NamespaceService;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
import org.alfresco.util.EqualsHelper;
|
||||
import org.apache.commons.logging.Log;
|
||||
@@ -102,6 +106,8 @@ public class PermissionServiceImpl implements PermissionServiceSPI, Initializing
|
||||
*/
|
||||
private List<DynamicAuthority> dynamicAuthorities;
|
||||
|
||||
private PolicyComponent policyComponent;
|
||||
|
||||
/*
|
||||
* Standard spring construction.
|
||||
*/
|
||||
@@ -152,13 +158,24 @@ public class PermissionServiceImpl implements PermissionServiceSPI, Initializing
|
||||
/**
|
||||
* Set the permissions access cache.
|
||||
*
|
||||
* @param accessCache a transactionally safe cache
|
||||
* @param accessCache
|
||||
* a transactionally safe cache
|
||||
*/
|
||||
public void setAccessCache(SimpleCache<Serializable, AccessStatus> accessCache)
|
||||
{
|
||||
this.accessCache = accessCache;
|
||||
}
|
||||
|
||||
public void setPolicyComponent(PolicyComponent policyComponent)
|
||||
{
|
||||
this.policyComponent = policyComponent;
|
||||
}
|
||||
|
||||
public void onMoveNode(ChildAssociationRef oldChildAssocRef, ChildAssociationRef newChildAssocRef)
|
||||
{
|
||||
accessCache.clear();
|
||||
}
|
||||
|
||||
public void afterPropertiesSet() throws Exception
|
||||
{
|
||||
if (dictionaryService == null)
|
||||
@@ -189,6 +206,13 @@ public class PermissionServiceImpl implements PermissionServiceSPI, Initializing
|
||||
{
|
||||
throw new IllegalArgumentException("Property 'accessCache' has not been set");
|
||||
}
|
||||
if (policyComponent == null)
|
||||
{
|
||||
throw new IllegalArgumentException("Property 'policyComponent' has not been set");
|
||||
}
|
||||
|
||||
policyComponent.bindClassBehaviour(QName.createQName(NamespaceService.ALFRESCO_URI, "onMoveNode"), ContentModel.ASPECT_AUDITABLE, new JavaBehaviour(this, "onMoveNode"));
|
||||
|
||||
}
|
||||
|
||||
//
|
||||
@@ -372,7 +396,7 @@ public class PermissionServiceImpl implements PermissionServiceSPI, Initializing
|
||||
Set<String> authorisations = getAuthorisations(auth, nodeRef);
|
||||
Serializable key = generateKey(
|
||||
authorisations,
|
||||
nodeService.getPath(nodeRef),
|
||||
nodeRef,
|
||||
perm);
|
||||
AccessStatus status = accessCache.get(key);
|
||||
if (status != null)
|
||||
@@ -423,16 +447,17 @@ public class PermissionServiceImpl implements PermissionServiceSPI, Initializing
|
||||
}
|
||||
|
||||
/**
|
||||
* Key for a cache object is built from all the known Authorities (which can change
|
||||
* dynamically so they must all be used) the NodeRef ID and the permission reference itself.
|
||||
* This gives a unique key for each permission test.
|
||||
* Key for a cache object is built from all the known Authorities (which can
|
||||
* change dynamically so they must all be used) the NodeRef ID and the
|
||||
* permission reference itself. This gives a unique key for each permission
|
||||
* test.
|
||||
*/
|
||||
static Serializable generateKey(Set<String> auths, Path path, PermissionReference perm)
|
||||
static Serializable generateKey(Set<String> auths, NodeRef nodeRef, PermissionReference perm)
|
||||
{
|
||||
LinkedHashSet<Serializable> key = new LinkedHashSet<Serializable>();
|
||||
key.add(perm.toString());
|
||||
key.addAll(auths);
|
||||
key.add(path);
|
||||
key.add(nodeRef);
|
||||
return key;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user