From 569c55eadccb27dced8e776da5ef8b75b486fd7d Mon Sep 17 00:00:00 2001 From: Dave Ward Date: Sun, 19 Aug 2012 14:12:51 +0000 Subject: [PATCH] Merged V4.1-BUG-FIX to HEAD 40484: ALF-15370: 'New Rule' page localisation breaks after any rule was created in Japanese 40487: Merged BRANCHES/V4.1 to BRANCHES/DEV/4.1-BUG-FIX: 40485: ALF-15453: Incorrect manage permissions working for a file/folder 40490: ALF-15455: Pass through windows specific environment variables (will not be set on unix) to make ImageMagick work on Windows with Bitrock layout 40492: Merged BRANCHES/DEV/BELARUS/V4.1-BUG-FIX-2012_08_15 to BRANCHES/DEV/V4.1-BUG-FIX 40491: ALF-7803 : Tomcat 7??? "Submit Items" page isn't opened The duplicate cellpadding attibutes were removed from jsp. 40495: Final part of achievable fix for ALF-12803 - No user feedback: Cannot transformed content with password. (Failure of synchronous rule causes upload to fail with unhelpful message) - cleaned up flash error message - but see comments on ALF-12803 for full resolution 40522: ALF-12839 Share - Inconsistency in adding a user or a group into a group 40525: ALF-12839 Share - Inconsistency in adding a user or a group into a group - fix unit test by adding the * added by javascript code 40535: ALF-15455: Another attempt - Properly escape global variables so bitrock doesn't try to expand them - Force backslash paths on windows 40539: ALF-15455: ImageMagick still not working on Windows because env variable setting was losing the system PATH - Did it ever work before? - Now, if variables are specified, the PATH is propagated from the parent environment. If a PATH is specified, it is prepended to the parent PATH. 40554: New Russian translations from Gloria plus Bitrock configuration to enable them 40559: ALF-15506: When deleting a file from the actions menu a message was not shown to indicate that the folder is being deleted. 40590: ALF-15318: It was possible for a user with a disabled / expired account to log in via NTLM/SSO 40591: Merged V4.1 to V4.1-BUG-FIX 40485: ALF-15453: Incorrect manage pernissions working for a file/folder 40545: Fixes a bug in the visibility of the Cloud Sync settings page on the user profile. 40592: Merged V4.1 to V4.1-BUG-FIX (RECORD ONLY) 40478: Merged BRANCHES/DEV/V4.1-BUG-FIX to BRANCHES/V4.1 40153: ALF-13998: 'No items' error is highlighted in red, even that is not sever error. 40361: ALF-15453: Incorrect manage permissions working for a file/folder 40481: Merge issue in r40478 fixed 40593: Merged V3.4-BUG-FIX to V4.1-BUG-FIX 40503: Fix for ALF-14832 - Search by Tags is not working in WCMQS site git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@40594 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261 --- config/alfresco/action-services-context.xml | 1 + .../default/imagemagick-transform-context.xml | 9 +++ .../AuthenticationContextImpl.java | 22 +++++++ .../alfresco/repo/site/SiteServiceImpl.java | 60 +++++++++++++++---- .../repo/site/SiteServiceImplTest.java | 6 +- 5 files changed, 82 insertions(+), 16 deletions(-) diff --git a/config/alfresco/action-services-context.xml b/config/alfresco/action-services-context.xml index eb985bbc28..3372a9f89c 100644 --- a/config/alfresco/action-services-context.xml +++ b/config/alfresco/action-services-context.xml @@ -178,6 +178,7 @@ + diff --git a/config/alfresco/subsystems/thirdparty/default/imagemagick-transform-context.xml b/config/alfresco/subsystems/thirdparty/default/imagemagick-transform-context.xml index 0b44032a2e..6e37fbb827 100644 --- a/config/alfresco/subsystems/thirdparty/default/imagemagick-transform-context.xml +++ b/config/alfresco/subsystems/thirdparty/default/imagemagick-transform-context.xml @@ -25,6 +25,15 @@ ${img.root} + + ${img.coders} + + + ${img.config} + + + ${img.gslib} + ${img.dyn} diff --git a/source/java/org/alfresco/repo/security/authentication/AuthenticationContextImpl.java b/source/java/org/alfresco/repo/security/authentication/AuthenticationContextImpl.java index 87298c9957..67d0b36099 100644 --- a/source/java/org/alfresco/repo/security/authentication/AuthenticationContextImpl.java +++ b/source/java/org/alfresco/repo/security/authentication/AuthenticationContextImpl.java @@ -18,9 +18,13 @@ */ package org.alfresco.repo.security.authentication; +import net.sf.acegisecurity.AccountExpiredException; import net.sf.acegisecurity.Authentication; +import net.sf.acegisecurity.CredentialsExpiredException; +import net.sf.acegisecurity.DisabledException; import net.sf.acegisecurity.GrantedAuthority; import net.sf.acegisecurity.GrantedAuthorityImpl; +import net.sf.acegisecurity.LockedException; import net.sf.acegisecurity.UserDetails; import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken; import net.sf.acegisecurity.providers.dao.User; @@ -51,6 +55,24 @@ public class AuthenticationContextImpl implements AuthenticationContext { try { + // Apply the same validation that ACEGI would have to the user details - we may be going through a 'back + // door'. + if (!ud.isEnabled()) + { + throw new DisabledException("User is disabled"); + } + if (!ud.isAccountNonExpired()) + { + throw new AccountExpiredException("User account has expired"); + } + if (!ud.isAccountNonLocked()) + { + throw new LockedException("User account is locked"); + } + if (!ud.isCredentialsNonExpired()) + { + throw new CredentialsExpiredException("User credentials have expired"); + } UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(ud, "", ud .getAuthorities()); auth.setDetails(ud); diff --git a/source/java/org/alfresco/repo/site/SiteServiceImpl.java b/source/java/org/alfresco/repo/site/SiteServiceImpl.java index f20ddd9597..921b72fd28 100644 --- a/source/java/org/alfresco/repo/site/SiteServiceImpl.java +++ b/source/java/org/alfresco/repo/site/SiteServiceImpl.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2005-2011 Alfresco Software Limited. + * Copyright (C) 2005-2012 Alfresco Software Limited. * * This file is part of Alfresco * @@ -31,6 +31,8 @@ import java.util.SortedSet; import java.util.StringTokenizer; import java.util.TreeSet; import java.util.concurrent.ConcurrentHashMap; +import java.util.regex.Matcher; +import java.util.regex.Pattern; import org.alfresco.error.AlfrescoRuntimeException; import org.alfresco.model.ContentModel; @@ -1578,7 +1580,7 @@ public class SiteServiceImpl extends AbstractLifecycleBean implements SiteServic if (nameFilter != null && nameFilter.length() != 0) { // found a filter - does it match Group name part? - if (authority.substring(GROUP_PREFIX_LENGTH).toLowerCase().contains(nameFilterLower)) + if (matchByFilter(authority.substring(GROUP_PREFIX_LENGTH).toLowerCase(), nameFilterLower)) { members.put(authority, permission); } @@ -1586,7 +1588,7 @@ public class SiteServiceImpl extends AbstractLifecycleBean implements SiteServic { // Does it match on the Group Display Name part instead? String displayName = authorityService.getAuthorityDisplayName(authority); - if(displayName != null && displayName.toLowerCase().contains(nameFilterLower)) + if(displayName != null && matchByFilter(displayName.toLowerCase(), nameFilterLower)) { members.put(authority, permission); } @@ -1657,21 +1659,20 @@ public class SiteServiceImpl extends AbstractLifecycleBean implements SiteServic NodeRef person = personService.getPerson(username, false); String firstName = (String)directNodeService.getProperty(person, ContentModel.PROP_FIRSTNAME); String lastName = (String)directNodeService.getProperty(person, ContentModel.PROP_LASTNAME); + String userName = (String)directNodeService.getProperty(person, ContentModel.PROP_USERNAME); final String lowFirstName = (firstName != null ? firstName.toLowerCase() : ""); final String lowLastName = (lastName != null ? lastName.toLowerCase() : ""); + final String lowUserName = (userName != null ? userName.toLowerCase() : ""); for (int i=0; i