From 4f4d6ec9378c65d97e4f5a356c794a9ced938a37 Mon Sep 17 00:00:00 2001 From: Alan Davis Date: Tue, 11 Feb 2014 19:44:32 +0000 Subject: [PATCH] Merged HEAD-BUG-FIX (4.3/Cloud) to HEAD (4.3/Cloud) 57112: Merged V4.2-BUG-FIX (4.2.1) to HEAD-BUG-FIX (Cloud/4.3) 56761: Reverse Merge: Caused lots of build errors running SecurityTestSuite. Specifically HomeFolderProviderSynchronizerTest which ran after AuthorityBridgeTableAsynchronouslyRefreshedCacheTest. See https://bamboo.alfresco.com/bamboo/browse/ALF-ENTERPRISEV42BUGFIX-7 (#11 has 30 errors including 26 from HFPST and ABTARCT) 56562: Merged V4.1-BUG-FIX (4.1.7) to V4.2-BUG-FIX (4.2.1) 56138: Merged DEV to V4.1-BUG-FIX (4.1.7) 56075: MNT-9375 (related to MNT-9485): MT - when users are added to site with a group addition versus individual, they are not handled as members of site Added JUnit test for the issue. Added the test to SecurityTestSuite. 56580: Merged V4.1-BUG-FIX (4.1.7) to V4.2-BUG-FIX (4.2.1) 56026: Merged DEV to V4.1-BUG-FIX (4.1.7) 55892: MNT-9485: MT Users added to Alfresco Administrators group via Group addition do not have 'admin' privileges - Build bridge cache on behalf of provided tenant user. 56581: Merged V4.1-BUG-FIX (4.1.7) to V4.2-BUG-FIX (4.2.1) << last commit missed a file >> 56026: Merged DEV to V4.1-BUG-FIX (4.1.7) 55892: MNT-9485: MT Users added to Alfresco Administrators group via Group addition do not have 'admin' privileges - Build bridge cache on behalf of provided tenant user. git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@61742 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261 --- config/alfresco/cache-context.xml | 1 - ...idgeTableAsynchronouslyRefreshedCache.java | 26 +--- .../repo/security/SecurityTestSuite.java | 6 +- ...TableAsynchronouslyRefreshedCacheTest.java | 133 ------------------ 4 files changed, 7 insertions(+), 159 deletions(-) delete mode 100644 source/test-java/org/alfresco/repo/security/authority/AuthorityBridgeTableAsynchronouslyRefreshedCacheTest.java diff --git a/config/alfresco/cache-context.xml b/config/alfresco/cache-context.xml index 9f4e8e81b3..0925328aa2 100644 --- a/config/alfresco/cache-context.xml +++ b/config/alfresco/cache-context.xml @@ -42,7 +42,6 @@ - diff --git a/source/java/org/alfresco/repo/security/authority/AuthorityBridgeTableAsynchronouslyRefreshedCache.java b/source/java/org/alfresco/repo/security/authority/AuthorityBridgeTableAsynchronouslyRefreshedCache.java index a19c3b92c1..9862d79575 100644 --- a/source/java/org/alfresco/repo/security/authority/AuthorityBridgeTableAsynchronouslyRefreshedCache.java +++ b/source/java/org/alfresco/repo/security/authority/AuthorityBridgeTableAsynchronouslyRefreshedCache.java @@ -21,9 +21,6 @@ package org.alfresco.repo.security.authority; import java.util.List; import org.alfresco.repo.cache.AbstractAsynchronouslyRefreshedCache; -import org.alfresco.repo.security.authentication.AuthenticationUtil; -import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork; -import org.alfresco.repo.tenant.TenantAdminService; import org.alfresco.repo.transaction.RetryingTransactionHelper; import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback; import org.alfresco.util.BridgeTable; @@ -38,7 +35,6 @@ public class AuthorityBridgeTableAsynchronouslyRefreshedCache extends AbstractAs { private AuthorityBridgeDAO authorityBridgeDAO; private RetryingTransactionHelper retryingTransactionHelper; - private TenantAdminService tenantAdminService; /** * @param authorityBridgeDAO @@ -58,29 +54,17 @@ public class AuthorityBridgeTableAsynchronouslyRefreshedCache extends AbstractAs this.retryingTransactionHelper = retryingTransactionHelper; } - public void setTenantAdminService(TenantAdminService tenantAdminService) - { - this.tenantAdminService = tenantAdminService; - } - @Override protected BridgeTable buildCache(final String tenantId) { - return AuthenticationUtil.runAs(new RunAsWork>() + return retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback>() { - public BridgeTable doWork() throws Exception + @Override + public BridgeTable execute() throws Throwable { - return retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback>() - { - @Override - public BridgeTable execute() throws Throwable - { - return doBuildCache(tenantId); - } - }, true, false); - + return doBuildCache(tenantId); } - }, tenantAdminService.getDomainUser(AuthenticationUtil.getSystemUserName(), tenantId)); + }, true, false); } private BridgeTable doBuildCache(String tenantId) diff --git a/source/test-java/org/alfresco/repo/security/SecurityTestSuite.java b/source/test-java/org/alfresco/repo/security/SecurityTestSuite.java index fb060f0c20..826de1e3e9 100644 --- a/source/test-java/org/alfresco/repo/security/SecurityTestSuite.java +++ b/source/test-java/org/alfresco/repo/security/SecurityTestSuite.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2005-2013 Alfresco Software Limited. + * Copyright (C) 2005-2011 Alfresco Software Limited. * * This file is part of Alfresco * @@ -28,7 +28,6 @@ import org.alfresco.repo.security.authentication.AuthenticationTest; import org.alfresco.repo.security.authentication.AuthorizationTest; import org.alfresco.repo.security.authentication.ChainingAuthenticationServiceTest; import org.alfresco.repo.security.authentication.NameBasedUserNameGeneratorTest; -import org.alfresco.repo.security.authority.AuthorityBridgeTableAsynchronouslyRefreshedCacheTest; import org.alfresco.repo.security.authority.AuthorityServiceTest; import org.alfresco.repo.security.authority.DuplicateAuthorityTest; import org.alfresco.repo.security.authority.ExtendedPermissionServiceTest; @@ -77,8 +76,7 @@ public class SecurityTestSuite extends TestSuite // suite.addTestSuite(ChainingUserRegistrySynchronizerTest.class); suite.addTestSuite(OwnableServiceTest.class); suite.addTestSuite(ReadPermissionTest.class); - suite.addTestSuite(AuthorizationTest.class); - suite.addTestSuite(AuthorityBridgeTableAsynchronouslyRefreshedCacheTest.class); + suite.addTestSuite(AuthorizationTest.class); suite.addTest(new JUnit4TestAdapter(HomeFolderProviderSynchronizerTest.class)); diff --git a/source/test-java/org/alfresco/repo/security/authority/AuthorityBridgeTableAsynchronouslyRefreshedCacheTest.java b/source/test-java/org/alfresco/repo/security/authority/AuthorityBridgeTableAsynchronouslyRefreshedCacheTest.java deleted file mode 100644 index 6386539a52..0000000000 --- a/source/test-java/org/alfresco/repo/security/authority/AuthorityBridgeTableAsynchronouslyRefreshedCacheTest.java +++ /dev/null @@ -1,133 +0,0 @@ -/* - * Copyright (C) 2005-2013 Alfresco Software Limited. - * - * This file is part of Alfresco - * - * Alfresco is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * Alfresco is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with Alfresco. If not, see . - */ -package org.alfresco.repo.security.authority; - -import junit.framework.TestCase; -import org.alfresco.repo.security.authentication.AuthenticationUtil; -import org.alfresco.repo.tenant.TenantAdminService; -import org.alfresco.repo.transaction.RetryingTransactionHelper; -import org.alfresco.service.ServiceRegistry; -import org.alfresco.service.cmr.security.AuthorityService; -import org.alfresco.service.cmr.security.AuthorityType; -import org.alfresco.service.cmr.security.PersonService; -import org.alfresco.service.transaction.TransactionService; -import org.alfresco.util.ApplicationContextHelper; - -import org.alfresco.util.GUID; -import org.springframework.context.ApplicationContext; - -import java.util.Set; - -public class AuthorityBridgeTableAsynchronouslyRefreshedCacheTest extends TestCase -{ - private static ApplicationContext ctx = ApplicationContextHelper.getApplicationContext(); - - private AuthorityService authorityService; - private TenantAdminService tenantAdminService; - private TransactionService transactionService; - private PersonService personService; - - private static final String TENANT_DOMAIN = GUID.generate() + ".com"; - private static final String TENANT_ADMIN_USER = AuthenticationUtil.getAdminUserName() + "@" + TENANT_DOMAIN; - - public AuthorityBridgeTableAsynchronouslyRefreshedCacheTest() - { - super(); - } - - @Override - public void setUp() throws Exception - { - transactionService = (TransactionService) ctx.getBean(ServiceRegistry.TRANSACTION_SERVICE.getLocalName()); - authorityService = (AuthorityService) ctx.getBean(ServiceRegistry.AUTHORITY_SERVICE.getLocalName()); - tenantAdminService = ctx.getBean("tenantAdminService", TenantAdminService.class); - personService = (PersonService) ctx.getBean(ServiceRegistry.PERSON_SERVICE.getLocalName()); - } - - @Override - protected void tearDown() - { - - } - - /** - * See MNT-9375 - */ - public void testAuthorityBridgeTableCacheForTenants() throws Exception - { - final String tenantPersonName = GUID.generate() + "@" + TENANT_DOMAIN; - final String childGroupName = "tenantChildGroup" + GUID.generate(); - final String parentGroupName = "tenantParentGroup" + GUID.generate(); - - createTenant(TENANT_DOMAIN); - - // Create a group and place a user in it - AuthenticationUtil.setFullyAuthenticatedUser(TENANT_ADMIN_USER); - final String tenantChildGroup = transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionHelper.RetryingTransactionCallback() - { - @Override - public String execute() throws Throwable - { - personService.getPerson(tenantPersonName, true); - assertTrue(personService.personExists(tenantPersonName)); - String tenantChildGroup = authorityService.createAuthority(AuthorityType.GROUP, childGroupName); - assertNotNull(authorityService.getAuthorityNodeRef(tenantChildGroup)); - authorityService.addAuthority(tenantChildGroup, tenantPersonName); - return tenantChildGroup; - } - }, false, true); - - // Create another group and place in it an existing group with a user - // The transaction is required, because the AuthorityBridgeTableAsynchronouslyRefreshedCache is cleared in the end of transaction asynchronously using FutureTask. - final String tenantParentGroup = transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionHelper.RetryingTransactionCallback() - { - @Override - public String execute() throws Throwable - { - String tenantParentGroup = authorityService.createAuthority(AuthorityType.GROUP, parentGroupName); - assertNotNull(authorityService.getAuthorityNodeRef(tenantParentGroup)); - authorityService.addAuthority(tenantParentGroup, tenantChildGroup); - - return tenantParentGroup; - } - }, false, true); - - Set authorities = authorityService.getContainingAuthorities(null, tenantPersonName, false); - assertEquals(2, authorities.size()); - assertTrue(authorities.contains(tenantParentGroup)); - assertTrue(authorities.contains(tenantChildGroup)); - AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getAdminUserName()); - } - - private void createTenant(final String tenantDomain) - { - transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionHelper.RetryingTransactionCallback() - { - @Override - public Void execute() throws Throwable - { - if (!tenantAdminService.existsTenant(tenantDomain)) - { - tenantAdminService.createTenant(tenantDomain, "password".toCharArray()); - } - return null; - } - }, false, true); - } -}