inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-24 17:32:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

- add TenantService hooks to org.alfresco.repo.security services

Browse Source 
- Authentication, Person, Permission, Authority
- add user/tenant-based logging via log4j NDC (nested diagnostic context)

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@6399 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Jan Vonka
2007-08-02 10:56:30 +00:00
parent 56a0b7e164
commit 65f660c26c
11 changed files with 141 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
source/java/org/alfresco/repo/security/authority/AuthorityServiceImpl.java
View File

@@ -31,6 +31,7 @@ import java.util.Set;
import org.alfresco.model.ContentModel;
import org.alfresco.repo.security.authentication.AuthenticationComponent;
import org.alfresco.repo.security.permissions.PermissionServiceSPI;
import org.alfresco.repo.tenant.TenantService;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.repository.datatype.DefaultTypeConverter;
@@ -49,6 +50,8 @@ public class AuthorityServiceImpl implements AuthorityService
private PersonService personService;
private NodeService nodeService;
private TenantService tenantService;
private AuthorityDAO authorityDAO;
@@ -73,6 +76,11 @@ public class AuthorityServiceImpl implements AuthorityService
{
this.nodeService = nodeService;
}
public void setTenantService(TenantService tenantService)
{
this.tenantService = tenantService;
}
public void setPersonService(PersonService personService)
{
@@ -133,7 +141,13 @@ public class AuthorityServiceImpl implements AuthorityService
public Set<String> getAuthoritiesForUser(String currentUserName)
{
Set<String> authorities = new HashSet<String>();
if (adminUsers.contains(currentUserName))
// note: for multi-tenancy, this currently relies on a naming convention which assumes that all tenant admins will
// have the same base name as the default non-tenant specific admin. Typically "admin" is the default required admin user,
// although, if for example "bob" is also listed as an admin then all tenant-specific bob's will also have admin authority
if (adminUsers.contains(currentUserName) ||
adminUsers.contains(tenantService.getBaseNameUser(currentUserName)))
{
authorities.addAll(adminSet);
}

17
source/java/org/alfresco/repo/security/authority/SimpleAuthorityServiceImpl.java
View File

@@ -30,6 +30,7 @@ import java.util.Set;
import org.alfresco.model.ContentModel;
import org.alfresco.repo.security.authentication.AuthenticationComponent;
import org.alfresco.repo.tenant.TenantService;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.repository.datatype.DefaultTypeConverter;
@@ -58,6 +59,9 @@ public class SimpleAuthorityServiceImpl implements AuthorityService
private Set<String> adminUsers;
private AuthenticationComponent authenticationComponent;
private TenantService tenantService;
public SimpleAuthorityServiceImpl()
{
@@ -73,6 +77,12 @@ public class SimpleAuthorityServiceImpl implements AuthorityService
{
this.personService = personService;
}
public void setTenantService(TenantService tenantService)
{
this.tenantService = tenantService;
}
/**
* Currently the admin authority is granted only to the ALFRESCO_ADMIN_USER
@@ -81,7 +91,12 @@ public class SimpleAuthorityServiceImpl implements AuthorityService
public boolean hasAdminAuthority()
{
String currentUserName = authenticationComponent.getCurrentUserName();
return ((currentUserName != null) && adminUsers.contains(currentUserName));
// note: for MT, this currently relies on a naming convention which assumes that all tenant admins will
// have the same base name as the default non-tenant specific admin. Typically "admin" is the default required admin user,
// although, if for example "bob" is also listed as an admin then all tenant-specific bob's will also have admin authority
return ((currentUserName != null) && (adminUsers.contains(currentUserName) || adminUsers.contains(tenantService.getBaseNameUser(currentUserName))));
}
/* (non-Javadoc)