mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-08-07 17:49:17 +00:00
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@10631 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Andrew Hind
@@ -375,8 +375,10 @@ public abstract class AbstractPermissionsDaoComponentImpl implements Permissions
|
||||
{
|
||||
case FIXED:
|
||||
case GLOBAL:
|
||||
case SHARED:
|
||||
throw new IllegalStateException("Can not delete from this acl in a node context " + acl.getAclType());
|
||||
case SHARED:
|
||||
// Nothing to do
|
||||
break;
|
||||
case DEFINING:
|
||||
case LAYERED:
|
||||
case OLD:
|
||||
|
||||
@@ -160,6 +160,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
|
||||
|
||||
/**
|
||||
* Set the DAO for accessing QName entities
|
||||
*
|
||||
* @param qnameDAO
|
||||
*/
|
||||
public void setQnameDAO(QNameDAO qnameDAO)
|
||||
@@ -169,6 +170,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
|
||||
|
||||
/**
|
||||
* Set the ACL cache
|
||||
*
|
||||
* @param aclCache
|
||||
*/
|
||||
public void setAclCache(SimpleCache<Long, AccessControlList> aclCache)
|
||||
@@ -902,6 +904,8 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
public List<AclChange> deleteAccessControlList(final Long id)
|
||||
{
|
||||
if (logger.isDebugEnabled())
|
||||
{
|
||||
HibernateCallback check = new HibernateCallback()
|
||||
{
|
||||
@@ -915,9 +919,10 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
|
||||
}
|
||||
};
|
||||
List<Node> nodes = (List<Node>) getHibernateTemplate().execute(check);
|
||||
for(Node node : nodes)
|
||||
for (Node node : nodes)
|
||||
{
|
||||
logger.error("Found "+node.getId() +" "+node.getUuid() + " "+node.getAccessControlList() );
|
||||
logger.debug("Found " + node.getId() + " " + node.getUuid() + " " + node.getAccessControlList());
|
||||
}
|
||||
}
|
||||
|
||||
List<AclChange> acls = new ArrayList<AclChange>();
|
||||
@@ -929,7 +934,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
|
||||
}
|
||||
if (acl.getAclType() == ACLType.SHARED)
|
||||
{
|
||||
throw new UnsupportedOperationException("Delete is not supported for shared acls - they are deleted with teh defining acl");
|
||||
throw new UnsupportedOperationException("Delete is not supported for shared acls - they are deleted with the defining acl");
|
||||
}
|
||||
|
||||
if ((acl.getAclType() == ACLType.DEFINING) || (acl.getAclType() == ACLType.LAYERED))
|
||||
@@ -1074,6 +1079,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
|
||||
|
||||
/**
|
||||
* Search for access control lists
|
||||
*
|
||||
* @param pattern
|
||||
* @return the ids of the ACLs found
|
||||
*/
|
||||
@@ -1130,11 +1136,11 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
|
||||
for (Object[] result : results)
|
||||
// for (DbAccessControlListMember member : members)
|
||||
{
|
||||
Boolean aceIsAllowed = (Boolean)result[0];
|
||||
Integer aceType = (Integer)result[1];
|
||||
String authority = (String)result[2];
|
||||
Long permissionId = (Long)result[3];
|
||||
Integer position = (Integer)result[4];
|
||||
Boolean aceIsAllowed = (Boolean) result[0];
|
||||
Integer aceType = (Integer) result[1];
|
||||
String authority = (String) result[2];
|
||||
Long permissionId = (Long) result[3];
|
||||
Integer position = (Integer) result[4];
|
||||
|
||||
SimpleAccessControlEntry sacEntry = new SimpleAccessControlEntry();
|
||||
sacEntry.setAccessStatus(aceIsAllowed ? AccessStatus.ALLOWED : AccessStatus.DENIED);
|
||||
@@ -1148,7 +1154,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
|
||||
// context.setPropertyContext(entry.getContext().getPropertyContext());
|
||||
// sacEntry.setContext(context);
|
||||
// }
|
||||
DbPermission perm = (DbPermission)getSession().get(DbPermissionImpl.class, permissionId);
|
||||
DbPermission perm = (DbPermission) getSession().get(DbPermissionImpl.class, permissionId);
|
||||
SimplePermissionReference permissionRefernce = SimplePermissionReference.getPermissionReference(perm.getTypeQName().getQName(), perm.getName());
|
||||
sacEntry.setPermission(permissionRefernce);
|
||||
sacEntry.setPosition(position);
|
||||
@@ -1993,6 +1999,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
|
||||
|
||||
/**
|
||||
* Get the max acl id
|
||||
*
|
||||
* @return - max acl id
|
||||
*/
|
||||
public Long getMaxAclId()
|
||||
@@ -2040,6 +2047,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
|
||||
|
||||
/**
|
||||
* Get the acl count canges so far for progress tracking
|
||||
*
|
||||
* @param above
|
||||
* @return - the count
|
||||
*/
|
||||
@@ -2070,6 +2078,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
|
||||
|
||||
/**
|
||||
* How many nodes are noew in store (approximate)
|
||||
*
|
||||
* @return - the number fo new nodes - approximate
|
||||
*/
|
||||
public Long getNewInStore()
|
||||
@@ -2086,10 +2095,9 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
|
||||
return count;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Find layered directories
|
||||
* Used to imporove performance during patching and cascading the effect fo permission changes between layers
|
||||
* Find layered directories Used to imporove performance during patching and cascading the effect fo permission
|
||||
* changes between layers
|
||||
*
|
||||
* @return - layered directories
|
||||
*/
|
||||
@@ -2117,9 +2125,8 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
|
||||
}
|
||||
|
||||
/**
|
||||
* Find layered files
|
||||
*
|
||||
* Used to imporove performance during patching and cascading the effect fo permission changes between layers
|
||||
* Find layered files Used to imporove performance during patching and cascading the effect fo permission changes
|
||||
* between layers
|
||||
*
|
||||
* @return - layerd files
|
||||
*/
|
||||
@@ -2163,8 +2170,8 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
|
||||
|
||||
/**
|
||||
* Support to describe AVM indirections for permission performance improvements when permissions are set.
|
||||
* @author andyh
|
||||
*
|
||||
* @author andyh
|
||||
*/
|
||||
public static class Indirection
|
||||
{
|
||||
@@ -2239,6 +2246,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
|
||||
|
||||
/**
|
||||
* How many DM nodes are three with new ACls (to track patch progress)
|
||||
*
|
||||
* @param above
|
||||
* @return - the count
|
||||
*/
|
||||
|
||||
@@ -116,6 +116,11 @@ public class DMPermissionsDaoComponentImpl extends AbstractPermissionsDaoCompone
|
||||
System.out.println("Deleting "+acl+" on "+nodeRef);
|
||||
if (acl != null)
|
||||
{
|
||||
switch (acl.getAclType())
|
||||
{
|
||||
case OLD:
|
||||
throw new IllegalStateException("Can not mix old and new style permissions");
|
||||
case DEFINING:
|
||||
if (acl.getInheritsFrom() != null)
|
||||
{
|
||||
@SuppressWarnings("unused")
|
||||
@@ -145,6 +150,19 @@ public class DMPermissionsDaoComponentImpl extends AbstractPermissionsDaoCompone
|
||||
getACLDAO(nodeRef).updateChangedAcls(nodeRef, changes);
|
||||
aclDaoComponent.deleteAccessControlList(acl.getId());
|
||||
}
|
||||
break;
|
||||
case FIXED:
|
||||
throw new IllegalStateException("Delete not supported for fixed permissions");
|
||||
case GLOBAL:
|
||||
throw new IllegalStateException("Delete not supported for global permissions");
|
||||
case SHARED:
|
||||
// nothing to do
|
||||
return;
|
||||
case LAYERED:
|
||||
throw new IllegalStateException("Layering is not supported for DM permissions");
|
||||
default:
|
||||
throw new IllegalStateException("Unknown type " + acl.getAclType());
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -39,8 +39,8 @@ import org.alfresco.service.cmr.repository.NodeRef;
|
||||
|
||||
/**
|
||||
* Old permissions dao component impl
|
||||
* @author andyh
|
||||
*
|
||||
* @author andyh
|
||||
*/
|
||||
public class PermissionsDaoComponentImpl extends AbstractPermissionsDaoComponentImpl
|
||||
{
|
||||
@@ -144,6 +144,12 @@ public class PermissionsDaoComponentImpl extends AbstractPermissionsDaoComponent
|
||||
}
|
||||
if (acl != null)
|
||||
{
|
||||
switch (acl.getAclType())
|
||||
{
|
||||
case OLD:
|
||||
throw new IllegalStateException("Can not mix old and new style permissions");
|
||||
case DEFINING:
|
||||
|
||||
if (acl.getInheritsFrom() != null)
|
||||
{
|
||||
@SuppressWarnings("unused")
|
||||
@@ -171,6 +177,19 @@ public class PermissionsDaoComponentImpl extends AbstractPermissionsDaoComponent
|
||||
getACLDAO(nodeRef).updateChangedAcls(nodeRef, changes);
|
||||
aclDaoComponent.deleteAccessControlList(acl.getId());
|
||||
}
|
||||
break;
|
||||
case FIXED:
|
||||
throw new IllegalStateException("Delete not supported for fixed permissions");
|
||||
case GLOBAL:
|
||||
throw new IllegalStateException("Delete not supported for global permissions");
|
||||
case SHARED:
|
||||
// nothing to do
|
||||
return;
|
||||
case LAYERED:
|
||||
throw new IllegalStateException("Layering is not supported for DM permissions");
|
||||
default:
|
||||
throw new IllegalStateException("Unknown type " + acl.getAclType());
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -96,6 +96,50 @@ public class PermissionServiceTest extends AbstractPermissionTest
|
||||
allowAndyReadChildren = new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ_CHILDREN), "andy", AccessStatus.ALLOWED);
|
||||
}
|
||||
|
||||
public void testDelete()
|
||||
{
|
||||
runAs("admin");
|
||||
|
||||
NodeRef n1 = nodeService.createNode(rootNodeRef, ContentModel.ASSOC_CHILDREN, QName.createQName("{namespace}one"), ContentModel.TYPE_FOLDER).getChildRef();
|
||||
NodeRef n2 = nodeService.createNode(n1, ContentModel.ASSOC_CONTAINS, QName.createQName("{namespace}two"), ContentModel.TYPE_FOLDER).getChildRef();
|
||||
|
||||
assertEquals(0, permissionService.getAllSetPermissions(n1).size());
|
||||
assertEquals(0, permissionService.getAllSetPermissions(n2).size());
|
||||
|
||||
permissionService.deletePermissions(n1);
|
||||
permissionService.deletePermissions(n2);
|
||||
|
||||
permissionService.setPermission(new SimplePermissionEntry(n1, getPermission(PermissionService.READ), "andy", AccessStatus.ALLOWED));
|
||||
|
||||
assertEquals(1, permissionService.getAllSetPermissions(n1).size());
|
||||
assertEquals(1, permissionService.getAllSetPermissions(n2).size());
|
||||
|
||||
permissionService.deletePermissions(n2);
|
||||
|
||||
assertEquals(1, permissionService.getAllSetPermissions(n1).size());
|
||||
assertEquals(1, permissionService.getAllSetPermissions(n2).size());
|
||||
|
||||
permissionService.setPermission(new SimplePermissionEntry(n2, getPermission(PermissionService.WRITE), "andy", AccessStatus.ALLOWED));
|
||||
|
||||
assertEquals(1, permissionService.getAllSetPermissions(n1).size());
|
||||
assertEquals(2, permissionService.getAllSetPermissions(n2).size());
|
||||
|
||||
permissionService.deletePermissions(n2);
|
||||
|
||||
assertEquals(1, permissionService.getAllSetPermissions(n1).size());
|
||||
assertEquals(1, permissionService.getAllSetPermissions(n2).size());
|
||||
|
||||
permissionService.setPermission(new SimplePermissionEntry(n2, getPermission(PermissionService.WRITE), "andy", AccessStatus.ALLOWED));
|
||||
|
||||
assertEquals(1, permissionService.getAllSetPermissions(n1).size());
|
||||
assertEquals(2, permissionService.getAllSetPermissions(n2).size());
|
||||
|
||||
permissionService.deletePermissions(n1);
|
||||
|
||||
assertEquals(0, permissionService.getAllSetPermissions(n1).size());
|
||||
assertEquals(1, permissionService.getAllSetPermissions(n2).size());
|
||||
}
|
||||
|
||||
public void test_AR_2055()
|
||||
{
|
||||
runAs("admin");
|
||||
|
||||
Reference in New Issue
Block a user