diff --git a/source/java/org/alfresco/repo/domain/hibernate/AclDaoComponentImpl.java b/source/java/org/alfresco/repo/domain/hibernate/AclDaoComponentImpl.java
index b4b2f6854e..86df648e22 100644
--- a/source/java/org/alfresco/repo/domain/hibernate/AclDaoComponentImpl.java
+++ b/source/java/org/alfresco/repo/domain/hibernate/AclDaoComponentImpl.java
@@ -58,6 +58,7 @@ import org.alfresco.repo.security.permissions.impl.AclDaoComponent;
import org.alfresco.repo.security.permissions.impl.SimplePermissionReference;
import org.alfresco.repo.transaction.AlfrescoTransactionSupport;
import org.alfresco.service.cmr.security.AccessStatus;
+import org.alfresco.service.cmr.security.AuthorityType;
import org.alfresco.service.namespace.QName;
import org.alfresco.util.GUID;
import org.apache.commons.logging.Log;
@@ -1945,7 +1946,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
if (pattern.getAuthority() != null)
{
DbAuthority authority = (DbAuthority) result.get("authority");
- if (!pattern.getAuthority().equals(authority.getAuthority()))
+ if ((pattern.getAuthorityType() != AuthorityType.WILDCARD) && !pattern.getAuthority().equals(authority.getAuthority()))
{
return false;
}
diff --git a/source/java/org/alfresco/repo/security/permissions/impl/PermissionServiceTest.java b/source/java/org/alfresco/repo/security/permissions/impl/PermissionServiceTest.java
index 0564cc2d1e..bba0349a13 100644
--- a/source/java/org/alfresco/repo/security/permissions/impl/PermissionServiceTest.java
+++ b/source/java/org/alfresco/repo/security/permissions/impl/PermissionServiceTest.java
@@ -2488,6 +2488,20 @@ public class PermissionServiceTest extends AbstractPermissionTest
assertTrue("Time was "+(end - start)/1000000000.0f, end == start);
}
+ public void testClearPermissionNullAuthority()
+ {
+ assertEquals(0, permissionService.getAllSetPermissions(rootNodeRef).size());
+ permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), "andy", AccessStatus.ALLOWED));
+ permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ_CHILDREN), "andy", AccessStatus.ALLOWED));
+ assertEquals(2, permissionService.getAllSetPermissions(rootNodeRef).size());
+ permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ), "lemur", AccessStatus.ALLOWED));
+ permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ_CHILDREN), "lemur", AccessStatus.ALLOWED));
+ assertEquals(4, permissionService.getAllSetPermissions(rootNodeRef).size());
+
+ permissionService.clearPermission(rootNodeRef, null);
+ assertEquals(0, permissionService.getAllSetPermissions(rootNodeRef).size());
+ }
+
public void testGetAllSetPermissionsFromAllNodes()
{
runAs(AuthenticationUtil.getAdminUserName());
diff --git a/source/java/org/alfresco/service/cmr/security/AuthorityType.java b/source/java/org/alfresco/service/cmr/security/AuthorityType.java
index 7007516b59..cc02046f0a 100644
--- a/source/java/org/alfresco/service/cmr/security/AuthorityType.java
+++ b/source/java/org/alfresco/service/cmr/security/AuthorityType.java
@@ -29,6 +29,7 @@ package org.alfresco.service.cmr.security;
* OWNER - the special authority that applies to the owner of a node
* EVERYONE - the special authority that is interpreted as everyone
* GUEST - the special authority that applies to a GUEST (An unknown, unauthenticated user)
+ * WILDCARD - the set of all authorities (including the guest user)
*
*
* @author Andy Hind
@@ -225,6 +226,33 @@ public enum AuthorityType
{
return 6;
}
+ },
+ WILDCARD
+ {
+ public boolean isFixedString()
+ {
+ return false;
+ }
+
+ public String getFixedString()
+ {
+ return "";
+ }
+
+ public boolean isPrefixed()
+ {
+ return false;
+ }
+
+ public String getPrefixString()
+ {
+ return "";
+ }
+
+ public int getOrderPosition()
+ {
+ return 7;
+ }
};
public abstract boolean isFixedString();
@@ -245,34 +273,43 @@ public enum AuthorityType
public static AuthorityType getAuthorityType(String authority)
{
AuthorityType authorityType;
- if (authority.equals(PermissionService.ADMINISTRATOR_AUTHORITY))
+
+ if(null == authority)
{
- authorityType = AuthorityType.ADMIN;
- }
- if (authority.equals(PermissionService.ALL_AUTHORITIES))
- {
- authorityType = AuthorityType.EVERYONE;
- }
- else if (authority.equals(PermissionService.OWNER_AUTHORITY))
- {
- authorityType = AuthorityType.OWNER;
- }
- else if (authority.equalsIgnoreCase(PermissionService.GUEST_AUTHORITY))
- {
- authorityType = AuthorityType.GUEST;
- }
- else if (authority.startsWith(PermissionService.GROUP_PREFIX))
- {
- authorityType = AuthorityType.GROUP;
- }
- else if (authority.startsWith(PermissionService.ROLE_PREFIX))
- {
- authorityType = AuthorityType.ROLE;
+ authorityType = AuthorityType.WILDCARD;
}
else
{
- authorityType = AuthorityType.USER;
+ if (authority.equals(PermissionService.ADMINISTRATOR_AUTHORITY))
+ {
+ authorityType = AuthorityType.ADMIN;
+ }
+ if (authority.equals(PermissionService.ALL_AUTHORITIES))
+ {
+ authorityType = AuthorityType.EVERYONE;
+ }
+ else if (authority.equals(PermissionService.OWNER_AUTHORITY))
+ {
+ authorityType = AuthorityType.OWNER;
+ }
+ else if (authority.equalsIgnoreCase(PermissionService.GUEST_AUTHORITY))
+ {
+ authorityType = AuthorityType.GUEST;
+ }
+ else if (authority.startsWith(PermissionService.GROUP_PREFIX))
+ {
+ authorityType = AuthorityType.GROUP;
+ }
+ else if (authority.startsWith(PermissionService.ROLE_PREFIX))
+ {
+ authorityType = AuthorityType.ROLE;
+ }
+ else
+ {
+ authorityType = AuthorityType.USER;
+ }
}
+
return authorityType;
}
}