inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-24 17:32:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged V2.2 to HEAD

Browse Source 
7732: Support to cache null QName look ups ...
   7733: Support for store ACLs
   7741: Fix for over keen stiore ACLs ....
   7794: Fix for WCM-1019, tasks show all assets as modified when only one has
   7996: Fix for AWC-1519: cancelling discussion creation results in error


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@8448 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Derek Hulley
2008-03-07 01:50:03 +00:00
parent 513a32a71b
commit 6ce34484fc
22 changed files with 838 additions and 129 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
source/java/org/alfresco/repo/domain/hibernate/AVMAccessControlListDAO.java
View File

@@ -48,7 +48,9 @@ import org.alfresco.service.cmr.avm.AVMService;
import org.alfresco.service.cmr.avm.AVMStoreDescriptor;
import org.alfresco.service.cmr.repository.ChildAssociationRef;
import org.alfresco.service.cmr.repository.InvalidNodeRefException;
import org.alfresco.service.cmr.repository.InvalidStoreRefException;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.StoreRef;
import org.alfresco.util.Pair;
/**
@@ -814,7 +816,26 @@ public class AVMAccessControlListDAO implements AccessControlListDAO
}
}
private DbAccessControlList getStoreAclAsSystem(final String storeName)
{
return AuthenticationUtil.runAs(new RunAsWork<DbAccessControlList>(){
public DbAccessControlList doWork() throws Exception
{
return fAVMRepository.getStoreAcl(storeName);
}}, AuthenticationUtil.getSystemUserName());
}
private void setStoreAclAsSystem(final String storeName, final DbAccessControlList acl)
{
AuthenticationUtil.runAs(new RunAsWork<Object>(){
public Object doWork() throws Exception
{
fAVMRepository.setStoreAcl(storeName, acl);
return null;
}}, AuthenticationUtil.getSystemUserName());
}
private DbAccessControlList getAclAsSystem(final int version, final String path)
{
@@ -836,4 +857,30 @@ public class AVMAccessControlListDAO implements AccessControlListDAO
return null;
}}, AuthenticationUtil.getSystemUserName());
}
public DbAccessControlList getAccessControlList(StoreRef storeRef)
{
try
{
return getStoreAclAsSystem(storeRef.getIdentifier());
}
catch (AVMException e)
{
throw new InvalidStoreRefException(storeRef);
}
}
public void setAccessControlList(StoreRef storeRef, DbAccessControlList acl)
{
try
{
setStoreAclAsSystem(storeRef.getIdentifier(), acl);
}
catch (AVMException e)
{
throw new InvalidStoreRefException(storeRef);
}
}
}

138
source/java/org/alfresco/repo/domain/hibernate/AbstractPermissionsDaoComponentImpl.java
View File

@@ -34,12 +34,14 @@ import java.util.Set;
import org.alfresco.repo.domain.AccessControlListDAO;
import org.alfresco.repo.domain.DbAccessControlList;
import org.alfresco.repo.security.permissions.ACEType;
import org.alfresco.repo.security.permissions.ACLType;
import org.alfresco.repo.security.permissions.AccessControlEntry;
import org.alfresco.repo.security.permissions.AccessControlList;
import org.alfresco.repo.security.permissions.NodePermissionEntry;
import org.alfresco.repo.security.permissions.PermissionEntry;
import org.alfresco.repo.security.permissions.PermissionReference;
import org.alfresco.repo.security.permissions.SimpleAccessControlEntry;
import org.alfresco.repo.security.permissions.SimpleAccessControlListProperties;
import org.alfresco.repo.security.permissions.impl.AclChange;
import org.alfresco.repo.security.permissions.impl.AclDaoComponent;
import org.alfresco.repo.security.permissions.impl.PermissionsDaoComponent;
@@ -48,6 +50,7 @@ import org.alfresco.repo.security.permissions.impl.SimplePermissionEntry;
import org.alfresco.repo.transaction.TransactionalDao;
import org.alfresco.service.cmr.repository.InvalidNodeRefException;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.StoreRef;
import org.alfresco.service.cmr.security.AccessPermission;
import org.alfresco.service.cmr.security.AccessStatus;
import org.alfresco.util.GUID;
@@ -267,6 +270,30 @@ public abstract class AbstractPermissionsDaoComponentImpl implements Permissions
return snpe;
}
}
private SimpleNodePermissionEntry createSimpleNodePermissionEntry(StoreRef storeRef)
{
DbAccessControlList acl = getACLDAO(storeRef).getAccessControlList(storeRef);
if (acl == null)
{
// there isn't an access control list for the node - spoof a null one
SimpleNodePermissionEntry snpe = new SimpleNodePermissionEntry(null, true, Collections.<SimplePermissionEntry> emptySet());
return snpe;
}
else
{
AccessControlList info = aclDaoComponent.getAccessControlList(acl.getId());
HashSet<SimplePermissionEntry> spes = new HashSet<SimplePermissionEntry>(info.getEntries().size(), 1.0f);
for (AccessControlEntry entry : info.getEntries())
{
SimplePermissionEntry spe = new SimplePermissionEntry(null, entry.getPermission(), entry.getAuthority(), entry.getAccessStatus());
spes.add(spe);
}
SimpleNodePermissionEntry snpe = new SimpleNodePermissionEntry(null, acl.getInherits(), spes);
return snpe;
}
}
public boolean getInheritParentPermissions(NodeRef nodeRef)
{
@@ -456,6 +483,117 @@ public abstract class AbstractPermissionsDaoComponentImpl implements Permissions
getACLDAO(nodeRef).updateChangedAcls(nodeRef, all);
}
public void deletePermission(StoreRef storeRef, String authority, PermissionReference permission)
{
DbAccessControlList acl = getAccessControlList(storeRef);
if(acl == null)
{
return;
}
acl = getMutableAccessControlList(storeRef);
SimpleAccessControlEntry pattern = new SimpleAccessControlEntry();
pattern.setAuthority(authority);
pattern.setPermission(permission);
aclDaoComponent.deleteAccessControlEntries(acl.getId(), pattern);
}
private DbAccessControlList getMutableAccessControlList(StoreRef storeRef)
{
DbAccessControlList acl = getACLDAO(storeRef).getAccessControlList(storeRef);
if(acl == null)
{
SimpleAccessControlListProperties properties = new SimpleAccessControlListProperties();
properties.setAclType(ACLType.DEFINING);
properties.setVersioned(false);
properties.setInherits(false);
// Accept default versioning
Long id = aclDaoComponent.createAccessControlList(properties);
acl = aclDaoComponent.getDbAccessControlList(id);
getACLDAO(storeRef).setAccessControlList(storeRef, acl);
}
return acl;
}
private AccessControlListDAO getACLDAO(StoreRef storeRef)
{
AccessControlListDAO ret = fProtocolToACLDAO.get(storeRef.getProtocol());
if (ret == null)
{
return fDefaultACLDAO;
}
return ret;
}
private DbAccessControlList getAccessControlList(StoreRef storeRef)
{
return getACLDAO(storeRef).getAccessControlList(storeRef);
}
public void deletePermissions(StoreRef storeRef, String authority)
{
DbAccessControlList acl = getAccessControlList(storeRef);
if(acl == null)
{
return;
}
acl = getMutableAccessControlList(storeRef);
SimpleAccessControlEntry pattern = new SimpleAccessControlEntry();
pattern.setAuthority(authority);
aclDaoComponent.deleteAccessControlEntries(acl.getId(), pattern);
}
public void deletePermissions(StoreRef storeRef)
{
getACLDAO(storeRef).setAccessControlList(storeRef, null);
}
public void setPermission(StoreRef storeRef, String authority, PermissionReference permission, boolean allow)
{
DbAccessControlList acl = getMutableAccessControlList(storeRef);
SimpleAccessControlEntry entry = new SimpleAccessControlEntry();
entry.setAuthority(authority);
entry.setPermission(permission);
entry.setAccessStatus(allow ? AccessStatus.ALLOWED : AccessStatus.DENIED);
entry.setAceType(ACEType.ALL);
aclDaoComponent.setAccessControlEntry(acl.getId(), entry);
}
public NodePermissionEntry getPermissions(StoreRef storeRef)
{
// Create the object if it is not found.
// Null objects are not cached in hibernate
// If the object does not exist it will repeatedly query to check its
// non existence.
NodePermissionEntry npe = null;
DbAccessControlList acl = null;
try
{
acl = getAccessControlList(storeRef);
}
catch (InvalidNodeRefException e)
{
// Do nothing.
}
if (acl == null)
{
// there isn't an access control list for the node - spoof a null one
SimpleNodePermissionEntry snpe = new SimpleNodePermissionEntry(null, true, Collections.<SimplePermissionEntry> emptySet());
npe = snpe;
}
else
{
npe = createSimpleNodePermissionEntry(storeRef);
}
return npe;
}
protected abstract CreationReport createAccessControlList(NodeRef nodeRef, boolean inherit, DbAccessControlList existing);
static class CreationReport

66
source/java/org/alfresco/repo/domain/hibernate/AclDaoComponentImpl.java
View File

@@ -30,6 +30,7 @@ import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.zip.CRC32;
import org.alfresco.repo.cache.SimpleCache;
import org.alfresco.repo.domain.DbAccessControlEntry;
@@ -94,7 +95,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
/** a transactionally-safe cache to be injected */
private SimpleCache<Long, AccessControlList> aclCache;
private enum WriteMode
{
TRUNCATE_INHERITED, ADD_INHERITED, CHANGE_INHERITED, REMOVE_INHERITED, INSERT_INHERITED, COPY_UPDATE_AND_INHERIT, COPY_ONLY;
@@ -106,15 +107,11 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
DbAccessControlListImpl.setAclDaoComponent(this);
}
public void setAclCache(SimpleCache<Long, AccessControlList> aclCache)
{
this.aclCache = aclCache;
}
public DbAccessControlList getDbAccessControlList(Long id)
{
if (id == null)
@@ -722,14 +719,18 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
for (Object[] ids : results)
{
// Delete acl entry
DbAccessControlListMember member = (DbAccessControlListMember) getHibernateTemplate().get(DbAccessControlListMemberImpl.class, (Long) ids[0]);
Long aclId = ((Long) ids[1]);
aclCache.remove(aclId);
DbAccessControlList list = (DbAccessControlList) getHibernateTemplate().get(DbAccessControlListImpl.class, aclId);
acls.add(new AclChangeImpl(aclId, aclId, list.getAclType(), list.getAclType()));
getHibernateTemplate().delete(member);
aces.add((Long) ids[2]);
String authorityFound = (String) ids[3];
if (authorityFound.equals(authority))
{
// Delete acl entry
DbAccessControlListMember member = (DbAccessControlListMember) getHibernateTemplate().get(DbAccessControlListMemberImpl.class, (Long) ids[0]);
Long aclId = ((Long) ids[1]);
aclCache.remove(aclId);
DbAccessControlList list = (DbAccessControlList) getHibernateTemplate().get(DbAccessControlListImpl.class, aclId);
acls.add(new AclChangeImpl(aclId, aclId, list.getAclType(), list.getAclType()));
getHibernateTemplate().delete(member);
aces.add((Long) ids[2]);
}
}
// remove ACEs
@@ -749,13 +750,16 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
Query query = session.getNamedQuery(QUERY_GET_AUTHORITY);
query.setParameter("authority", authority);
return query.uniqueResult();
return query.list();
}
};
DbAuthority dbAuthority = (DbAuthority) getHibernateTemplate().execute(callback);
if (dbAuthority != null)
List<DbAuthority> authorities = (List<DbAuthority>) getHibernateTemplate().execute(callback);
for (DbAuthority found : authorities)
{
getHibernateTemplate().delete(dbAuthority);
if (found.getAuthority().equals(authority))
{
getHibernateTemplate().delete(found);
}
}
// TODO: Remove affected ACLs from the cache
@@ -948,18 +952,18 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
public AccessControlList getAccessControlList(Long id)
{
AccessControlList acl = aclCache.get(id);
if(acl == null)
if (acl == null)
{
acl = getAccessControlListImpl(id);
aclCache.put(id, acl);
}
else
{
//System.out.println("Used cache for "+id);
// System.out.println("Used cache for "+id);
}
return acl;
}
@SuppressWarnings("unchecked")
public AccessControlList getAccessControlListImpl(final Long id)
{
@@ -1194,14 +1198,24 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
Query query = session.getNamedQuery(QUERY_GET_AUTHORITY);
query.setParameter("authority", ace.getAuthority());
return query.uniqueResult();
return query.list();
}
};
DbAuthority authority = (DbAuthority) getHibernateTemplate().execute(callback);
DbAuthority authority = null;
List<DbAuthority> authorities = (List<DbAuthority>) getHibernateTemplate().execute(callback);
for(DbAuthority found : authorities)
{
if(found.getAuthority().equals(ace.getAuthority()))
{
authority = found;
break;
}
}
if (authority == null)
{
DbAuthorityImpl newAuthority = new DbAuthorityImpl();
newAuthority.setAuthority(ace.getAuthority());
newAuthority.setCrc(getCrc(ace.getAuthority()));
authority = newAuthority;
getHibernateTemplate().save(newAuthority);
}
@@ -1280,6 +1294,14 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
return changes;
}
private long getCrc(String str)
{
CRC32 crc = new CRC32();
crc.update(str.getBytes());
return crc.getValue();
}
public List<AclChange> enableInheritance(Long id, Long parent)
{
List<AclChange> changes = new ArrayList<AclChange>();

54
source/java/org/alfresco/repo/domain/hibernate/DbAuthorityImpl.java
View File

@@ -29,7 +29,6 @@ import java.io.Serializable;
import org.alfresco.repo.domain.DbAuthority;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.hibernate.CallbackException;
import org.hibernate.Session;
/**
@@ -37,45 +36,44 @@ import org.hibernate.Session;
*
* @author andyh
*/
public class DbAuthorityImpl
implements DbAuthority, Serializable
public class DbAuthorityImpl implements DbAuthority, Serializable
{
private static final long serialVersionUID = -5582068692208928127L;
private static Log logger = LogFactory.getLog(DbAuthorityImpl.class);
private Long id;
private Long version;
private String authority;
private Long crc;
public DbAuthorityImpl()
{
}
@Override
public String toString()
{
StringBuilder sb = new StringBuilder(128);
sb.append("DbAuthorityImpl")
.append("[ id=").append(id)
.append(", version=").append(version)
.append(", authority=").append(authority)
.append("]");
sb.append("DbAuthorityImpl").append("[ id=").append(id).append(", version=").append(version).append(", authority=").append(authority).append("]");
return sb.toString();
}
@Override
public boolean equals(Object o)
{
if(this == o)
if (this == o)
{
return true;
}
if(!(o instanceof DbAuthority))
if (!(o instanceof DbAuthority))
{
return false;
}
DbAuthority other = (DbAuthority)o;
DbAuthority other = (DbAuthority) o;
return this.getAuthority().equals(other.getAuthority());
}
@@ -89,19 +87,29 @@ public class DbAuthorityImpl
{
return id;
}
@SuppressWarnings("unused")
private void setId(Long id)
{
this.id = id;
}
@SuppressWarnings("unused")
public void setCrc(Long crc)
{
this.crc = crc;
}
public Long getVersion()
{
return version;
}
public Long getCrc()
{
return crc;
}
/**
* For Hibernate use
*/
@@ -118,19 +126,21 @@ public class DbAuthorityImpl
public void setAuthority(String authority)
{
this.authority = authority;
this.authority = authority;
}
/**
* Helper method to find an authority based on its natural key
*
* @param session the Hibernate session to use
* @param authority the authority name
* @param session
* the Hibernate session to use
* @param authority
* the authority name
* @return Returns an existing instance or null if not found
*/
public static DbAuthority find(Session session, String authority)
{
// TODO: Needs to use a query
// TODO: Needs to use a query
throw new UnsupportedOperationException("TODO");
}
}

8
source/java/org/alfresco/repo/domain/hibernate/HibernateQNameDAOImpl.java
View File

@@ -164,6 +164,14 @@ public class HibernateQNameDAOImpl extends HibernateDaoSupport implements QNameD
// We found something, so we can add it to the cache
qnameEntityCache.put(qname, id);
}
else
{
qnameEntityCache.put(qname, -1L);
}
}
else if(id == -1L)
{
return null;
}
else
{

12
source/java/org/alfresco/repo/domain/hibernate/NodeAccessControlListDAO.java
View File

@@ -36,6 +36,7 @@ import org.alfresco.repo.security.permissions.ACLType;
import org.alfresco.repo.security.permissions.impl.AclChange;
import org.alfresco.service.cmr.repository.InvalidNodeRefException;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.StoreRef;
/**
* The Node implementation for getting and setting ACLs.
@@ -146,4 +147,15 @@ public class NodeAccessControlListDAO implements AccessControlListDAO
throw new UnsupportedOperationException();
}
public DbAccessControlList getAccessControlList(StoreRef storeRef)
{
throw new UnsupportedOperationException();
}
public void setAccessControlList(StoreRef storeRef, DbAccessControlList acl)
{
throw new UnsupportedOperationException();
}
}

8
source/java/org/alfresco/repo/domain/hibernate/Permission.hbm.xml
View File

@@ -193,13 +193,15 @@
lazy="false"
optimistic-lock="version" >
<id name="id" column="id" type="long" >
<id name="id" column="id" type="long" >
<generator class="native" />
</id>
<version column="version" name="version" type="long" />
<property name="authority" column="authority" type="string" length="100" unique="true"/>
<property name="authority" column="authority" type="string" length="100" unique-key="uidx_auth_name" index="idx_authority" />
<property name="crc" column="crc" type="long" unique-key="uidx_auth_name" />
</class>
@@ -317,7 +319,7 @@
<query name="permission.GetAcesAndAclsByAuthority" cacheable="true">
select
aclmem.id, acl.id, ace.id
aclmem.id, acl.id, ace.id, authority.authority
from
org.alfresco.repo.domain.hibernate.DbAccessControlListMemberImpl as aclmem
join aclmem.accessControlList as acl