From 68ae6ef330db3c300d97d9396b2a7ca781c52802 Mon Sep 17 00:00:00 2001
From: Andrew Hind <andy.hind@alfresco.com>
Date: Wed, 25 Jan 2006 14:17:41 +0000
Subject: [PATCH] Ldap progress and user/person search

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@2201 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
---
 config/alfresco/bootstrap/spaces.xml          |  2 +-
 config/alfresco/bootstrap/system.xml          |  2 +-
 config/alfresco/scheduled-jobs-context.xml    |  5 +
 .../repo/importer/ExportSourceImporter.java   | 94 ++++++++++++++++++-
 .../AbstractAuthenticationComponent.java      |  6 +-
 .../RepositoryAuthenticationDao.java          | 76 ++++++++-------
 .../security/person/PersonServiceImpl.java    | 62 ++++++++----
 7 files changed, 190 insertions(+), 57 deletions(-)

diff --git a/config/alfresco/bootstrap/spaces.xml b/config/alfresco/bootstrap/spaces.xml
index 79b6dc82b7..41b722643b 100644
--- a/config/alfresco/bootstrap/spaces.xml
+++ b/config/alfresco/bootstrap/spaces.xml
@@ -50,7 +50,7 @@
             <cm:folder view:childName="${spaces.guest_home.childname}">
                 <view:acl view:inherit="false">
                     <view:ace view:access="ALLOWED">
-                        <view:authority>Guest</view:authority>
+                        <view:authority>guest</view:authority>
                         <view:permission>Read</view:permission>
                     </view:ace>
                     <view:ace view:access="ALLOWED">
diff --git a/config/alfresco/bootstrap/system.xml b/config/alfresco/bootstrap/system.xml
index 06665e5373..d59d3c7916 100644
--- a/config/alfresco/bootstrap/system.xml
+++ b/config/alfresco/bootstrap/system.xml
@@ -19,7 +19,7 @@
                     <cm:person view:childName="cm:person">
                         <view:acl view:inherit="false">
                            <view:ace view:access="ALLOWED">
-                              <view:authority>Guest</view:authority>
+                              <view:authority>guest</view:authority>
                               <view:permission>Read</view:permission>
                            </view:ace>
                         </view:acl>
diff --git a/config/alfresco/scheduled-jobs-context.xml b/config/alfresco/scheduled-jobs-context.xml
index ea5afdaafb..6f01e72d5a 100644
--- a/config/alfresco/scheduled-jobs-context.xml
+++ b/config/alfresco/scheduled-jobs-context.xml
@@ -140,6 +140,11 @@
                 <ref local="ftsIndexerTrigger" />
                 <ref local="indexRecoveryTrigger" />
                 <ref local="indexBackupTrigger" />
+                <!--
+                <ref bean="ldapGroupTrigger" />
+                <ref bean="ldapPeopleTrigger" />
+                -->
+                
             </list>
         </property>
         <property name="waitForJobsToCompleteOnShutdown">
diff --git a/source/java/org/alfresco/repo/importer/ExportSourceImporter.java b/source/java/org/alfresco/repo/importer/ExportSourceImporter.java
index 29a5716af4..751c6df4d4 100644
--- a/source/java/org/alfresco/repo/importer/ExportSourceImporter.java
+++ b/source/java/org/alfresco/repo/importer/ExportSourceImporter.java
@@ -24,11 +24,22 @@ import java.io.FileWriter;
 import java.io.IOException;
 import java.io.Reader;
 import java.io.Writer;
+import java.util.List;
 
+import javax.transaction.UserTransaction;
+
+import org.alfresco.error.AlfrescoRuntimeException;
+import org.alfresco.repo.security.authentication.AuthenticationComponent;
+import org.alfresco.service.cmr.repository.ChildAssociationRef;
+import org.alfresco.service.cmr.repository.NodeRef;
+import org.alfresco.service.cmr.repository.NodeService;
 import org.alfresco.service.cmr.repository.StoreRef;
+import org.alfresco.service.cmr.search.SearchService;
 import org.alfresco.service.cmr.view.ImporterBinding;
 import org.alfresco.service.cmr.view.ImporterService;
 import org.alfresco.service.cmr.view.Location;
+import org.alfresco.service.namespace.NamespacePrefixResolver;
+import org.alfresco.service.transaction.TransactionService;
 import org.alfresco.util.TempFileProvider;
 import org.dom4j.io.OutputFormat;
 import org.dom4j.io.XMLWriter;
@@ -39,9 +50,21 @@ public class ExportSourceImporter implements ImporterJobSPI
 
     private ExportSource exportSource;
 
+    private AuthenticationComponent authenticationComponent;
+    
     private StoreRef storeRef;
 
     private String path;
+    
+    private boolean clearAllChildren;
+    
+    private NodeService nodeService;
+    
+    private SearchService searchService;
+    
+    private NamespacePrefixResolver namespacePrefixResolver;
+    
+    private TransactionService transactionService;
 
     public ExportSourceImporter()
     {
@@ -58,10 +81,68 @@ public class ExportSourceImporter implements ImporterJobSPI
         this.exportSource = exportSource;
     }
 
+    public void setClearAllChildren(boolean clearAllChildren)
+    {
+        this.clearAllChildren = clearAllChildren;
+    }
+
+    public void setPath(String path)
+    {
+        this.path = path;
+    }
+
+    public void setStoreRef(String storeRef)
+    {
+        this.storeRef = new StoreRef(storeRef);
+    }
+    
+    public void setTransactionService(TransactionService transactionService)
+    {
+        this.transactionService = transactionService;
+    }
+
+    public void setNamespacePrefixResolver(NamespacePrefixResolver namespacePrefixResolver)
+    {
+        this.namespacePrefixResolver = namespacePrefixResolver;
+    }
+
+    public void setNodeService(NodeService nodeService)
+    {
+        this.nodeService = nodeService;
+    }
+    
+    
+
+    public void setAuthenticationComponent(AuthenticationComponent authenticationComponent)
+    {
+        this.authenticationComponent = authenticationComponent;
+    }
+
+    public void setSearchService(SearchService searchService)
+    {
+        this.searchService = searchService;
+    }
+
     public void doImport()
     {
+        UserTransaction userTransaction = null;
         try
         {
+            userTransaction = transactionService.getUserTransaction();
+            userTransaction.begin();
+            authenticationComponent.setSystemUserAsCurrentUser();
+            if(clearAllChildren)
+            {
+                List<NodeRef> refs = searchService.selectNodes(nodeService.getRootNode(storeRef), path, null, namespacePrefixResolver, false);
+                for(NodeRef ref: refs)
+                {
+                    for(ChildAssociationRef car: nodeService.getChildAssocs(ref))
+                    {
+                        nodeService.deleteNode(car.getChildRef());
+                    }
+                }
+            }
+            
             File tempFile = TempFileProvider.createTempFile("ExportSourceImporter-", ".xml");
             Writer writer = new BufferedWriter(new FileWriter(tempFile));
             XMLWriter xmlWriter = createXMLExporter(writer);
@@ -75,10 +156,17 @@ public class ExportSourceImporter implements ImporterJobSPI
 
             importerService.importView(reader, location, REPLACE_BINDING, null);
             reader.close();
+            userTransaction.commit();
         }
-        catch (IOException io)
+        catch(Throwable t)
         {
-            throw new ExportSourceImporterException("Failed to import", io);
+            try { if (userTransaction != null) {userTransaction.rollback();} } catch (Exception ex) {}
+            try {authenticationComponent.clearCurrentSecurityContext(); } catch (Exception ex) {}
+            throw new ExportSourceImporterException("Failed to import", t);
+        }
+        finally
+        {
+            authenticationComponent.clearCurrentSecurityContext();
         }
     }
 
@@ -101,7 +189,7 @@ public class ExportSourceImporter implements ImporterJobSPI
 
         public UUID_BINDING getUUIDBinding()
         {
-            return UUID_BINDING.REPLACE_EXISTING;
+            return UUID_BINDING.UPDATE_EXISTING;
         }
 
         public String getValue(String key)
diff --git a/source/java/org/alfresco/repo/security/authentication/AbstractAuthenticationComponent.java b/source/java/org/alfresco/repo/security/authentication/AbstractAuthenticationComponent.java
index d0edb8d940..e7ecd2a03b 100644
--- a/source/java/org/alfresco/repo/security/authentication/AbstractAuthenticationComponent.java
+++ b/source/java/org/alfresco/repo/security/authentication/AbstractAuthenticationComponent.java
@@ -79,10 +79,10 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
                 gas[0] = new GrantedAuthorityImpl("ROLE_SYSTEM");
                 ud = new User(SYSTEM_USER_NAME, "", true, true, true, true, gas);
             }
-            else if (userName.equals(PermissionService.GUEST))
+            else if (userName.equalsIgnoreCase(PermissionService.GUEST))
             {
                 GrantedAuthority[] gas = new GrantedAuthority[0];
-                ud = new User(PermissionService.GUEST, "", true, true, true, true, gas);
+                ud = new User(PermissionService.GUEST.toLowerCase(), "", true, true, true, true, gas);
             }
             else
             {
@@ -215,7 +215,7 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
      */
     public String getGuestUserName()
     {
-        return PermissionService.GUEST;
+        return PermissionService.GUEST.toLowerCase();
     }
 
     /**
diff --git a/source/java/org/alfresco/repo/security/authentication/RepositoryAuthenticationDao.java b/source/java/org/alfresco/repo/security/authentication/RepositoryAuthenticationDao.java
index 8d13d93c23..f59ea42896 100644
--- a/source/java/org/alfresco/repo/security/authentication/RepositoryAuthenticationDao.java
+++ b/source/java/org/alfresco/repo/security/authentication/RepositoryAuthenticationDao.java
@@ -39,6 +39,9 @@ import org.alfresco.service.cmr.repository.NodeService;
 import org.alfresco.service.cmr.repository.StoreRef;
 import org.alfresco.service.cmr.repository.datatype.DefaultTypeConverter;
 import org.alfresco.service.cmr.search.QueryParameterDefinition;
+import org.alfresco.service.cmr.search.ResultSet;
+import org.alfresco.service.cmr.search.ResultSetRow;
+import org.alfresco.service.cmr.search.SearchParameters;
 import org.alfresco.service.cmr.search.SearchService;
 import org.alfresco.service.namespace.NamespacePrefixResolver;
 import org.alfresco.service.namespace.QName;
@@ -50,7 +53,7 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
 
     private static final String SYSTEM_FOLDER = "/sys:system";
 
-    private  static final String PEOPLE_FOLDER = SYSTEM_FOLDER + "/sys:people";
+    private static final String PEOPLE_FOLDER = SYSTEM_FOLDER + "/sys:people";
 
     private NodeService nodeService;
 
@@ -63,9 +66,9 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
     private PasswordEncoder passwordEncoder;
 
     private StoreRef userStoreRef;
-    
+
     private boolean userNamesAreCaseSensitive;
-    
+
     public boolean getUserNamesAreCaseSensitive()
     {
         return userNamesAreCaseSensitive;
@@ -81,8 +84,6 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
         this.dictionaryService = dictionaryService;
     }
 
-   
-    
     public void setNamespaceService(NamespacePrefixResolver namespacePrefixResolver)
     {
         this.namespacePrefixResolver = namespacePrefixResolver;
@@ -103,10 +104,11 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
         this.searchService = searchService;
     }
 
-    public UserDetails loadUserByUsername(String caseSensitiveUserName) throws UsernameNotFoundException, DataAccessException
+    public UserDetails loadUserByUsername(String caseSensitiveUserName) throws UsernameNotFoundException,
+            DataAccessException
     {
-        String userName = userNamesAreCaseSensitive ? caseSensitiveUserName: caseSensitiveUserName.toLowerCase();
-        NodeRef userRef = getUserOrNull(userNamesAreCaseSensitive ? userName: userName.toLowerCase());
+        String userName = userNamesAreCaseSensitive ? caseSensitiveUserName : caseSensitiveUserName.toLowerCase();
+        NodeRef userRef = getUserOrNull(userNamesAreCaseSensitive ? userName : userName.toLowerCase());
         if (userRef == null)
         {
             throw new UsernameNotFoundException("Could not find user by userName: " + caseSensitiveUserName);
@@ -126,24 +128,36 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
 
     public NodeRef getUserOrNull(String caseSensitiveUserName)
     {
-        String userName = userNamesAreCaseSensitive ? caseSensitiveUserName: caseSensitiveUserName.toLowerCase();
-        NodeRef rootNode = nodeService.getRootNode(getUserStoreRef());
-        QueryParameterDefinition[] defs = new QueryParameterDefinition[1];
-        DataTypeDefinition text = dictionaryService.getDataType(DataTypeDefinition.TEXT);
-        defs[0] = new QueryParameterDefImpl(QName.createQName("usr", "var", namespacePrefixResolver), text, true,
-                userName);
-        List<NodeRef> results = searchService.selectNodes(rootNode, PEOPLE_FOLDER
-                + "/usr:user[@usr:username = $usr:var ]", defs, namespacePrefixResolver, false);
-        if (results.size() != 1)
+        String userName = userNamesAreCaseSensitive ? caseSensitiveUserName : caseSensitiveUserName.toLowerCase();
+        SearchParameters sp = new SearchParameters();
+        sp.setLanguage(SearchService.LANGUAGE_LUCENE);
+        sp.setQuery("@usr\\:username:" + userName);
+        sp.addStore(getUserStoreRef());
+        sp.excludeDataInTheCurrentTransaction(false);
+
+        ResultSet rs = searchService.query(sp);
+
+        for (ResultSetRow row : rs)
         {
-            return null;
+
+            NodeRef nodeRef = row.getNodeRef();
+            if (nodeService.exists(nodeRef))
+            {
+                String realUserName = DefaultTypeConverter.INSTANCE.convert(String.class, nodeService.getProperty(
+                        nodeRef, ContentModel.PROP_USER_USERNAME));
+                if (realUserName.equals(userName))
+                {
+                    return nodeRef;
+                }
+            }
         }
-        return results.get(0);
+
+        return null;
     }
 
     public void createUser(String caseSensitiveUserName, char[] rawPassword) throws AuthenticationException
     {
-        String userName = userNamesAreCaseSensitive ? caseSensitiveUserName: caseSensitiveUserName.toLowerCase();
+        String userName = userNamesAreCaseSensitive ? caseSensitiveUserName : caseSensitiveUserName.toLowerCase();
         NodeRef userRef = getUserOrNull(userName);
         if (userRef != null)
         {
@@ -167,10 +181,8 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
     private NodeRef getOrCreateTypeLocation()
     {
         NodeRef rootNode = nodeService.getRootNode(getUserStoreRef());
-        List<ChildAssociationRef> results = nodeService.getChildAssocs(
-                rootNode,
-                RegexQNamePattern.MATCH_ALL,
-                QName.createQName("sys", "system", namespacePrefixResolver));
+        List<ChildAssociationRef> results = nodeService.getChildAssocs(rootNode, RegexQNamePattern.MATCH_ALL, QName
+                .createQName("sys", "system", namespacePrefixResolver));
         NodeRef sysNode = null;
         if (results.size() == 0)
         {
@@ -182,10 +194,8 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
         {
             sysNode = results.get(0).getChildRef();
         }
-        results = nodeService.getChildAssocs(
-                sysNode,
-                RegexQNamePattern.MATCH_ALL,
-                QName.createQName("sys", "people", namespacePrefixResolver));
+        results = nodeService.getChildAssocs(sysNode, RegexQNamePattern.MATCH_ALL, QName.createQName("sys", "people",
+                namespacePrefixResolver));
         NodeRef typesNode = null;
         if (results.size() == 0)
         {
@@ -306,7 +316,7 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
     {
         return getAccountHasExpired(getUserOrNull(userName));
     }
-    
+
     private boolean getAccountHasExpired(NodeRef userNode)
     {
         if (userNode == null)
@@ -354,12 +364,12 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
             return DefaultTypeConverter.INSTANCE.booleanValue(ser);
         }
     }
-    
+
     public boolean getCredentialsExpire(String userName)
     {
         return getCredentialsExpired(getUserOrNull(userName));
     }
-    
+
     private boolean getCredentialsExpired(NodeRef userNode)
     {
         if (userNode == null)
@@ -400,7 +410,7 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
     {
         return getCredentialsHaveExpired(getUserOrNull(userName));
     }
-    
+
     private boolean getCredentialsHaveExpired(NodeRef userNode)
     {
         if (userNode == null)
@@ -431,7 +441,7 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
     {
         return getEnabled(getUserOrNull(userName));
     }
-    
+
     private boolean getEnabled(NodeRef userNode)
     {
         if (userNode == null)
diff --git a/source/java/org/alfresco/repo/security/person/PersonServiceImpl.java b/source/java/org/alfresco/repo/security/person/PersonServiceImpl.java
index 4e1ff45160..d246876602 100644
--- a/source/java/org/alfresco/repo/security/person/PersonServiceImpl.java
+++ b/source/java/org/alfresco/repo/security/person/PersonServiceImpl.java
@@ -34,6 +34,9 @@ import org.alfresco.service.cmr.repository.NodeService;
 import org.alfresco.service.cmr.repository.StoreRef;
 import org.alfresco.service.cmr.repository.datatype.DefaultTypeConverter;
 import org.alfresco.service.cmr.search.QueryParameterDefinition;
+import org.alfresco.service.cmr.search.ResultSet;
+import org.alfresco.service.cmr.search.ResultSetRow;
+import org.alfresco.service.cmr.search.SearchParameters;
 import org.alfresco.service.cmr.search.SearchService;
 import org.alfresco.service.cmr.security.PersonService;
 import org.alfresco.service.namespace.NamespacePrefixResolver;
@@ -125,18 +128,31 @@ public class PersonServiceImpl implements PersonService
     public NodeRef getPersonOrNull(String caseSensitiveUserName)
     {
         String userName = userNamesAreCaseSensitive ? caseSensitiveUserName : caseSensitiveUserName.toLowerCase();
-        NodeRef rootNode = nodeService.getRootNode(storeRef);
-        QueryParameterDefinition[] defs = new QueryParameterDefinition[1];
-        DataTypeDefinition text = dictionaryService.getDataType(DataTypeDefinition.TEXT);
-        defs[0] = new QueryParameterDefImpl(QName.createQName("cm", "var", namespacePrefixResolver), text, true,
-                userName);
-        List<NodeRef> results = searchService.selectNodes(rootNode, PEOPLE_FOLDER
-                + "/cm:person[@cm:userName = $cm:var ]", defs, namespacePrefixResolver, false);
-        if (results.size() != 1)
+        SearchParameters sp = new SearchParameters();
+        sp.setLanguage(SearchService.LANGUAGE_LUCENE);
+        sp.setQuery("@cm\\:userName:" + userName);
+        sp.addStore(storeRef);
+        sp.excludeDataInTheCurrentTransaction(false);
+
+        ResultSet rs = searchService.query(sp);
+
+        for (ResultSetRow row : rs)
         {
-            return null;
+
+            NodeRef nodeRef = row.getNodeRef();
+            if (nodeService.exists(nodeRef))
+            {
+                String realUserName = DefaultTypeConverter.INSTANCE.convert(String.class, nodeService.getProperty(
+                        nodeRef, ContentModel.PROP_USERNAME));
+                realUserName = userNamesAreCaseSensitive ? realUserName : realUserName.toLowerCase();
+                if (realUserName.equals(userName))
+                {
+                    return nodeRef;
+                }
+            }
         }
-        return results.get(0);
+
+        return null;
     }
 
     public boolean createMissingPeople()
@@ -265,12 +281,26 @@ public class PersonServiceImpl implements PersonService
 
     public Set<NodeRef> getAllPeople()
     {
-        NodeRef rootNode = nodeService.getRootNode(storeRef);
-        List<NodeRef> results = searchService.selectNodes(rootNode, PEOPLE_FOLDER + "/cm:person", null,
-                namespacePrefixResolver, false);
-        HashSet<NodeRef> all = new HashSet<NodeRef>();
-        all.addAll(results);
-        return all;
+        SearchParameters sp = new SearchParameters();
+        sp.setLanguage(SearchService.LANGUAGE_LUCENE);
+        sp.setQuery("TYPE:\"" + ContentModel.TYPE_PERSON+"\"");
+        sp.addStore(storeRef);
+        sp.excludeDataInTheCurrentTransaction(false);
+
+        ResultSet rs = searchService.query(sp);
+
+        HashSet<NodeRef> nodes = new HashSet<NodeRef>();
+        for (ResultSetRow row : rs)
+        {
+
+            NodeRef nodeRef = row.getNodeRef();
+            if (nodeService.exists(nodeRef))
+            {
+               nodes.add(nodeRef);
+            }
+        }
+
+        return nodes;
     }
 
     public void setCreateMissingPeople(boolean createMissingPeople)