mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-07-24 17:32:48 +00:00
Ldap progress and user/person search
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@2201 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Andrew Hind
@@ -50,7 +50,7 @@
|
||||
<cm:folder view:childName="${spaces.guest_home.childname}">
|
||||
<view:acl view:inherit="false">
|
||||
<view:ace view:access="ALLOWED">
|
||||
<view:authority>Guest</view:authority>
|
||||
<view:authority>guest</view:authority>
|
||||
<view:permission>Read</view:permission>
|
||||
</view:ace>
|
||||
<view:ace view:access="ALLOWED">
|
||||
|
||||
@@ -19,7 +19,7 @@
|
||||
<cm:person view:childName="cm:person">
|
||||
<view:acl view:inherit="false">
|
||||
<view:ace view:access="ALLOWED">
|
||||
<view:authority>Guest</view:authority>
|
||||
<view:authority>guest</view:authority>
|
||||
<view:permission>Read</view:permission>
|
||||
</view:ace>
|
||||
</view:acl>
|
||||
|
||||
@@ -140,6 +140,11 @@
|
||||
<ref local="ftsIndexerTrigger" />
|
||||
<ref local="indexRecoveryTrigger" />
|
||||
<ref local="indexBackupTrigger" />
|
||||
<!--
|
||||
<ref bean="ldapGroupTrigger" />
|
||||
<ref bean="ldapPeopleTrigger" />
|
||||
-->
|
||||
|
||||
</list>
|
||||
</property>
|
||||
<property name="waitForJobsToCompleteOnShutdown">
|
||||
|
||||
@@ -24,11 +24,22 @@ import java.io.FileWriter;
|
||||
import java.io.IOException;
|
||||
import java.io.Reader;
|
||||
import java.io.Writer;
|
||||
import java.util.List;
|
||||
|
||||
import javax.transaction.UserTransaction;
|
||||
|
||||
import org.alfresco.error.AlfrescoRuntimeException;
|
||||
import org.alfresco.repo.security.authentication.AuthenticationComponent;
|
||||
import org.alfresco.service.cmr.repository.ChildAssociationRef;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.cmr.repository.NodeService;
|
||||
import org.alfresco.service.cmr.repository.StoreRef;
|
||||
import org.alfresco.service.cmr.search.SearchService;
|
||||
import org.alfresco.service.cmr.view.ImporterBinding;
|
||||
import org.alfresco.service.cmr.view.ImporterService;
|
||||
import org.alfresco.service.cmr.view.Location;
|
||||
import org.alfresco.service.namespace.NamespacePrefixResolver;
|
||||
import org.alfresco.service.transaction.TransactionService;
|
||||
import org.alfresco.util.TempFileProvider;
|
||||
import org.dom4j.io.OutputFormat;
|
||||
import org.dom4j.io.XMLWriter;
|
||||
@@ -39,10 +50,22 @@ public class ExportSourceImporter implements ImporterJobSPI
|
||||
|
||||
private ExportSource exportSource;
|
||||
|
||||
private AuthenticationComponent authenticationComponent;
|
||||
|
||||
private StoreRef storeRef;
|
||||
|
||||
private String path;
|
||||
|
||||
private boolean clearAllChildren;
|
||||
|
||||
private NodeService nodeService;
|
||||
|
||||
private SearchService searchService;
|
||||
|
||||
private NamespacePrefixResolver namespacePrefixResolver;
|
||||
|
||||
private TransactionService transactionService;
|
||||
|
||||
public ExportSourceImporter()
|
||||
{
|
||||
super();
|
||||
@@ -58,10 +81,68 @@ public class ExportSourceImporter implements ImporterJobSPI
|
||||
this.exportSource = exportSource;
|
||||
}
|
||||
|
||||
public void setClearAllChildren(boolean clearAllChildren)
|
||||
{
|
||||
this.clearAllChildren = clearAllChildren;
|
||||
}
|
||||
|
||||
public void setPath(String path)
|
||||
{
|
||||
this.path = path;
|
||||
}
|
||||
|
||||
public void setStoreRef(String storeRef)
|
||||
{
|
||||
this.storeRef = new StoreRef(storeRef);
|
||||
}
|
||||
|
||||
public void setTransactionService(TransactionService transactionService)
|
||||
{
|
||||
this.transactionService = transactionService;
|
||||
}
|
||||
|
||||
public void setNamespacePrefixResolver(NamespacePrefixResolver namespacePrefixResolver)
|
||||
{
|
||||
this.namespacePrefixResolver = namespacePrefixResolver;
|
||||
}
|
||||
|
||||
public void setNodeService(NodeService nodeService)
|
||||
{
|
||||
this.nodeService = nodeService;
|
||||
}
|
||||
|
||||
|
||||
|
||||
public void setAuthenticationComponent(AuthenticationComponent authenticationComponent)
|
||||
{
|
||||
this.authenticationComponent = authenticationComponent;
|
||||
}
|
||||
|
||||
public void setSearchService(SearchService searchService)
|
||||
{
|
||||
this.searchService = searchService;
|
||||
}
|
||||
|
||||
public void doImport()
|
||||
{
|
||||
UserTransaction userTransaction = null;
|
||||
try
|
||||
{
|
||||
userTransaction = transactionService.getUserTransaction();
|
||||
userTransaction.begin();
|
||||
authenticationComponent.setSystemUserAsCurrentUser();
|
||||
if(clearAllChildren)
|
||||
{
|
||||
List<NodeRef> refs = searchService.selectNodes(nodeService.getRootNode(storeRef), path, null, namespacePrefixResolver, false);
|
||||
for(NodeRef ref: refs)
|
||||
{
|
||||
for(ChildAssociationRef car: nodeService.getChildAssocs(ref))
|
||||
{
|
||||
nodeService.deleteNode(car.getChildRef());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
File tempFile = TempFileProvider.createTempFile("ExportSourceImporter-", ".xml");
|
||||
Writer writer = new BufferedWriter(new FileWriter(tempFile));
|
||||
XMLWriter xmlWriter = createXMLExporter(writer);
|
||||
@@ -75,10 +156,17 @@ public class ExportSourceImporter implements ImporterJobSPI
|
||||
|
||||
importerService.importView(reader, location, REPLACE_BINDING, null);
|
||||
reader.close();
|
||||
userTransaction.commit();
|
||||
}
|
||||
catch (IOException io)
|
||||
catch(Throwable t)
|
||||
{
|
||||
throw new ExportSourceImporterException("Failed to import", io);
|
||||
try { if (userTransaction != null) {userTransaction.rollback();} } catch (Exception ex) {}
|
||||
try {authenticationComponent.clearCurrentSecurityContext(); } catch (Exception ex) {}
|
||||
throw new ExportSourceImporterException("Failed to import", t);
|
||||
}
|
||||
finally
|
||||
{
|
||||
authenticationComponent.clearCurrentSecurityContext();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -101,7 +189,7 @@ public class ExportSourceImporter implements ImporterJobSPI
|
||||
|
||||
public UUID_BINDING getUUIDBinding()
|
||||
{
|
||||
return UUID_BINDING.REPLACE_EXISTING;
|
||||
return UUID_BINDING.UPDATE_EXISTING;
|
||||
}
|
||||
|
||||
public String getValue(String key)
|
||||
|
||||
@@ -79,10 +79,10 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
|
||||
gas[0] = new GrantedAuthorityImpl("ROLE_SYSTEM");
|
||||
ud = new User(SYSTEM_USER_NAME, "", true, true, true, true, gas);
|
||||
}
|
||||
else if (userName.equals(PermissionService.GUEST))
|
||||
else if (userName.equalsIgnoreCase(PermissionService.GUEST))
|
||||
{
|
||||
GrantedAuthority[] gas = new GrantedAuthority[0];
|
||||
ud = new User(PermissionService.GUEST, "", true, true, true, true, gas);
|
||||
ud = new User(PermissionService.GUEST.toLowerCase(), "", true, true, true, true, gas);
|
||||
}
|
||||
else
|
||||
{
|
||||
@@ -215,7 +215,7 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
|
||||
*/
|
||||
public String getGuestUserName()
|
||||
{
|
||||
return PermissionService.GUEST;
|
||||
return PermissionService.GUEST.toLowerCase();
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -39,6 +39,9 @@ import org.alfresco.service.cmr.repository.NodeService;
|
||||
import org.alfresco.service.cmr.repository.StoreRef;
|
||||
import org.alfresco.service.cmr.repository.datatype.DefaultTypeConverter;
|
||||
import org.alfresco.service.cmr.search.QueryParameterDefinition;
|
||||
import org.alfresco.service.cmr.search.ResultSet;
|
||||
import org.alfresco.service.cmr.search.ResultSetRow;
|
||||
import org.alfresco.service.cmr.search.SearchParameters;
|
||||
import org.alfresco.service.cmr.search.SearchService;
|
||||
import org.alfresco.service.namespace.NamespacePrefixResolver;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
@@ -81,8 +84,6 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
|
||||
this.dictionaryService = dictionaryService;
|
||||
}
|
||||
|
||||
|
||||
|
||||
public void setNamespaceService(NamespacePrefixResolver namespacePrefixResolver)
|
||||
{
|
||||
this.namespacePrefixResolver = namespacePrefixResolver;
|
||||
@@ -103,7 +104,8 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
|
||||
this.searchService = searchService;
|
||||
}
|
||||
|
||||
public UserDetails loadUserByUsername(String caseSensitiveUserName) throws UsernameNotFoundException, DataAccessException
|
||||
public UserDetails loadUserByUsername(String caseSensitiveUserName) throws UsernameNotFoundException,
|
||||
DataAccessException
|
||||
{
|
||||
String userName = userNamesAreCaseSensitive ? caseSensitiveUserName : caseSensitiveUserName.toLowerCase();
|
||||
NodeRef userRef = getUserOrNull(userNamesAreCaseSensitive ? userName : userName.toLowerCase());
|
||||
@@ -127,18 +129,30 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
|
||||
public NodeRef getUserOrNull(String caseSensitiveUserName)
|
||||
{
|
||||
String userName = userNamesAreCaseSensitive ? caseSensitiveUserName : caseSensitiveUserName.toLowerCase();
|
||||
NodeRef rootNode = nodeService.getRootNode(getUserStoreRef());
|
||||
QueryParameterDefinition[] defs = new QueryParameterDefinition[1];
|
||||
DataTypeDefinition text = dictionaryService.getDataType(DataTypeDefinition.TEXT);
|
||||
defs[0] = new QueryParameterDefImpl(QName.createQName("usr", "var", namespacePrefixResolver), text, true,
|
||||
userName);
|
||||
List<NodeRef> results = searchService.selectNodes(rootNode, PEOPLE_FOLDER
|
||||
+ "/usr:user[@usr:username = $usr:var ]", defs, namespacePrefixResolver, false);
|
||||
if (results.size() != 1)
|
||||
SearchParameters sp = new SearchParameters();
|
||||
sp.setLanguage(SearchService.LANGUAGE_LUCENE);
|
||||
sp.setQuery("@usr\\:username:" + userName);
|
||||
sp.addStore(getUserStoreRef());
|
||||
sp.excludeDataInTheCurrentTransaction(false);
|
||||
|
||||
ResultSet rs = searchService.query(sp);
|
||||
|
||||
for (ResultSetRow row : rs)
|
||||
{
|
||||
return null;
|
||||
|
||||
NodeRef nodeRef = row.getNodeRef();
|
||||
if (nodeService.exists(nodeRef))
|
||||
{
|
||||
String realUserName = DefaultTypeConverter.INSTANCE.convert(String.class, nodeService.getProperty(
|
||||
nodeRef, ContentModel.PROP_USER_USERNAME));
|
||||
if (realUserName.equals(userName))
|
||||
{
|
||||
return nodeRef;
|
||||
}
|
||||
return results.get(0);
|
||||
}
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
public void createUser(String caseSensitiveUserName, char[] rawPassword) throws AuthenticationException
|
||||
@@ -167,10 +181,8 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
|
||||
private NodeRef getOrCreateTypeLocation()
|
||||
{
|
||||
NodeRef rootNode = nodeService.getRootNode(getUserStoreRef());
|
||||
List<ChildAssociationRef> results = nodeService.getChildAssocs(
|
||||
rootNode,
|
||||
RegexQNamePattern.MATCH_ALL,
|
||||
QName.createQName("sys", "system", namespacePrefixResolver));
|
||||
List<ChildAssociationRef> results = nodeService.getChildAssocs(rootNode, RegexQNamePattern.MATCH_ALL, QName
|
||||
.createQName("sys", "system", namespacePrefixResolver));
|
||||
NodeRef sysNode = null;
|
||||
if (results.size() == 0)
|
||||
{
|
||||
@@ -182,10 +194,8 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
|
||||
{
|
||||
sysNode = results.get(0).getChildRef();
|
||||
}
|
||||
results = nodeService.getChildAssocs(
|
||||
sysNode,
|
||||
RegexQNamePattern.MATCH_ALL,
|
||||
QName.createQName("sys", "people", namespacePrefixResolver));
|
||||
results = nodeService.getChildAssocs(sysNode, RegexQNamePattern.MATCH_ALL, QName.createQName("sys", "people",
|
||||
namespacePrefixResolver));
|
||||
NodeRef typesNode = null;
|
||||
if (results.size() == 0)
|
||||
{
|
||||
|
||||
@@ -34,6 +34,9 @@ import org.alfresco.service.cmr.repository.NodeService;
|
||||
import org.alfresco.service.cmr.repository.StoreRef;
|
||||
import org.alfresco.service.cmr.repository.datatype.DefaultTypeConverter;
|
||||
import org.alfresco.service.cmr.search.QueryParameterDefinition;
|
||||
import org.alfresco.service.cmr.search.ResultSet;
|
||||
import org.alfresco.service.cmr.search.ResultSetRow;
|
||||
import org.alfresco.service.cmr.search.SearchParameters;
|
||||
import org.alfresco.service.cmr.search.SearchService;
|
||||
import org.alfresco.service.cmr.security.PersonService;
|
||||
import org.alfresco.service.namespace.NamespacePrefixResolver;
|
||||
@@ -125,18 +128,31 @@ public class PersonServiceImpl implements PersonService
|
||||
public NodeRef getPersonOrNull(String caseSensitiveUserName)
|
||||
{
|
||||
String userName = userNamesAreCaseSensitive ? caseSensitiveUserName : caseSensitiveUserName.toLowerCase();
|
||||
NodeRef rootNode = nodeService.getRootNode(storeRef);
|
||||
QueryParameterDefinition[] defs = new QueryParameterDefinition[1];
|
||||
DataTypeDefinition text = dictionaryService.getDataType(DataTypeDefinition.TEXT);
|
||||
defs[0] = new QueryParameterDefImpl(QName.createQName("cm", "var", namespacePrefixResolver), text, true,
|
||||
userName);
|
||||
List<NodeRef> results = searchService.selectNodes(rootNode, PEOPLE_FOLDER
|
||||
+ "/cm:person[@cm:userName = $cm:var ]", defs, namespacePrefixResolver, false);
|
||||
if (results.size() != 1)
|
||||
SearchParameters sp = new SearchParameters();
|
||||
sp.setLanguage(SearchService.LANGUAGE_LUCENE);
|
||||
sp.setQuery("@cm\\:userName:" + userName);
|
||||
sp.addStore(storeRef);
|
||||
sp.excludeDataInTheCurrentTransaction(false);
|
||||
|
||||
ResultSet rs = searchService.query(sp);
|
||||
|
||||
for (ResultSetRow row : rs)
|
||||
{
|
||||
return null;
|
||||
|
||||
NodeRef nodeRef = row.getNodeRef();
|
||||
if (nodeService.exists(nodeRef))
|
||||
{
|
||||
String realUserName = DefaultTypeConverter.INSTANCE.convert(String.class, nodeService.getProperty(
|
||||
nodeRef, ContentModel.PROP_USERNAME));
|
||||
realUserName = userNamesAreCaseSensitive ? realUserName : realUserName.toLowerCase();
|
||||
if (realUserName.equals(userName))
|
||||
{
|
||||
return nodeRef;
|
||||
}
|
||||
return results.get(0);
|
||||
}
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
public boolean createMissingPeople()
|
||||
@@ -265,12 +281,26 @@ public class PersonServiceImpl implements PersonService
|
||||
|
||||
public Set<NodeRef> getAllPeople()
|
||||
{
|
||||
NodeRef rootNode = nodeService.getRootNode(storeRef);
|
||||
List<NodeRef> results = searchService.selectNodes(rootNode, PEOPLE_FOLDER + "/cm:person", null,
|
||||
namespacePrefixResolver, false);
|
||||
HashSet<NodeRef> all = new HashSet<NodeRef>();
|
||||
all.addAll(results);
|
||||
return all;
|
||||
SearchParameters sp = new SearchParameters();
|
||||
sp.setLanguage(SearchService.LANGUAGE_LUCENE);
|
||||
sp.setQuery("TYPE:\"" + ContentModel.TYPE_PERSON+"\"");
|
||||
sp.addStore(storeRef);
|
||||
sp.excludeDataInTheCurrentTransaction(false);
|
||||
|
||||
ResultSet rs = searchService.query(sp);
|
||||
|
||||
HashSet<NodeRef> nodes = new HashSet<NodeRef>();
|
||||
for (ResultSetRow row : rs)
|
||||
{
|
||||
|
||||
NodeRef nodeRef = row.getNodeRef();
|
||||
if (nodeService.exists(nodeRef))
|
||||
{
|
||||
nodes.add(nodeRef);
|
||||
}
|
||||
}
|
||||
|
||||
return nodes;
|
||||
}
|
||||
|
||||
public void setCreateMissingPeople(boolean createMissingPeople)
|
||||
|
||||
Reference in New Issue
Block a user