From 6d398a5ba9de995693dd907f02f58f3024cadf29 Mon Sep 17 00:00:00 2001 From: Mark Rogers Date: Fri, 19 Sep 2014 22:19:44 +0000 Subject: [PATCH] Merged HEAD-BUG-FIX (5.0/Cloud) to HEAD (5.0/Cloud) 84733: Merged PLATFORM1 (5.0/Cloud) to HEAD-BUG-FIX (5.0/Cloud) 78807: ACE-2083 - Only allow document encryption if the capability has been licensed git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@85104 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261 --- config/alfresco/content-services-context.xml | 1 + .../default/file-servers-context.xml | 1 + .../descriptor/DescriptorServiceImpl.java | 9 +++ ...ocSwitchableApplicationContextFactory.java | 75 +++++++++++++++++-- .../service/descriptor/DescriptorService.java | 6 ++ 5 files changed, 86 insertions(+), 6 deletions(-) diff --git a/config/alfresco/content-services-context.xml b/config/alfresco/content-services-context.xml index 13ed2c1e22..d515825da3 100644 --- a/config/alfresco/content-services-context.xml +++ b/config/alfresco/content-services-context.xml @@ -22,6 +22,7 @@ + diff --git a/config/alfresco/subsystems/fileServers/default/file-servers-context.xml b/config/alfresco/subsystems/fileServers/default/file-servers-context.xml index dc1438f96f..7c4d8a6eb7 100644 --- a/config/alfresco/subsystems/fileServers/default/file-servers-context.xml +++ b/config/alfresco/subsystems/fileServers/default/file-servers-context.xml @@ -120,6 +120,7 @@ ${cifs.tcpipSMB.port} + linux,solaris,macosx diff --git a/source/java/org/alfresco/repo/descriptor/DescriptorServiceImpl.java b/source/java/org/alfresco/repo/descriptor/DescriptorServiceImpl.java index 5475776006..56ec7967f5 100644 --- a/source/java/org/alfresco/repo/descriptor/DescriptorServiceImpl.java +++ b/source/java/org/alfresco/repo/descriptor/DescriptorServiceImpl.java @@ -65,6 +65,8 @@ public class DescriptorServiceImpl extends AbstractLifecycleBean @SuppressWarnings("unused") private Object heartBeat; + private boolean isBootstrapped; + /** * The version of the software */ @@ -245,6 +247,7 @@ public class DescriptorServiceImpl extends AbstractLifecycleBean } }; AuthenticationUtil.runAs(bootstrapWork, AuthenticationUtil.getSystemUserName()); + isBootstrapped = true; // Broadcast that the descriptor service is now available ((ApplicationContext) event.getSource()).publishEvent(new DescriptorServiceAvailableEvent(this)); } @@ -763,4 +766,10 @@ public class DescriptorServiceImpl extends AbstractLifecycleBean } } } + + @Override + public boolean isBootstrapped() { + + return isBootstrapped; + } } diff --git a/source/java/org/alfresco/repo/management/subsystems/CryptodocSwitchableApplicationContextFactory.java b/source/java/org/alfresco/repo/management/subsystems/CryptodocSwitchableApplicationContextFactory.java index fa1b6e4503..9be4a3d73f 100644 --- a/source/java/org/alfresco/repo/management/subsystems/CryptodocSwitchableApplicationContextFactory.java +++ b/source/java/org/alfresco/repo/management/subsystems/CryptodocSwitchableApplicationContextFactory.java @@ -20,6 +20,12 @@ package org.alfresco.repo.management.subsystems; import java.io.IOException; +import org.alfresco.repo.descriptor.DescriptorServiceAvailableEvent; +import org.alfresco.service.descriptor.DescriptorService; +import org.alfresco.service.license.LicenseDescriptor; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.springframework.context.ApplicationEvent; /** * {@link SwitchableApplicationContextFactory} that only allows the subsystem to be switched @@ -31,9 +37,13 @@ import java.io.IOException; * @author Matt Ward */ public class CryptodocSwitchableApplicationContextFactory extends SwitchableApplicationContextFactory + { private static final String SOURCE_BEAN_PROPERTY = "sourceBeanName"; private String unencryptedContentStoreBeanName; + private String encryptedContentStoreBeanName; + private DescriptorService descriptorService; + private static final Log logger = LogFactory.getLog(CryptodocSwitchableApplicationContextFactory.class); @Override public boolean isUpdateable(String name) @@ -44,9 +54,27 @@ public class CryptodocSwitchableApplicationContextFactory extends SwitchableAppl } boolean updateable = true; - if (name.equals(SOURCE_BEAN_PROPERTY) && !getCurrentSourceBeanName().equals(unencryptedContentStoreBeanName)) + if (name.equals(SOURCE_BEAN_PROPERTY)) { - updateable = false; + if(getCurrentSourceBeanName().equals(unencryptedContentStoreBeanName)) + { + if(descriptorService != null) + { + LicenseDescriptor license = descriptorService.getLicenseDescriptor(); + if(license != null && license.isCryptodocEnabled()) + { + return true; + } + return false; + } + } + + // can the source bean name be changed? + if(!getCurrentSourceBeanName().equals(unencryptedContentStoreBeanName)) + { + // the subsystem has been switched once. + return false; + } } return updateable; } @@ -68,9 +96,20 @@ public class CryptodocSwitchableApplicationContextFactory extends SwitchableAppl this.unencryptedContentStoreBeanName = unencryptedContentStoreBeanName; } - - - protected class CryptoSwitchableState extends SwitchableState + public String getEncryptedContentStoreBeanName() + { + return encryptedContentStoreBeanName; + } + + public void setEncryptedContentStoreBeanName( + String encryptedContentStoreBeanName) + { + this.encryptedContentStoreBeanName = encryptedContentStoreBeanName; + } + + + + protected class CryptoSwitchableState extends SwitchableState { protected CryptoSwitchableState(String sourceBeanName) { @@ -82,9 +121,33 @@ public class CryptodocSwitchableApplicationContextFactory extends SwitchableAppl { if (!isUpdateable(name)) { - throw new IllegalStateException("Switching to an unencrypted content store is not possible."); + if(value.equalsIgnoreCase(unencryptedContentStoreBeanName)) + { + throw new IllegalStateException("Switching to an unencrypted content store is not possible."); + } + if(value.equalsIgnoreCase(encryptedContentStoreBeanName)) + { + throw new IllegalStateException("Switching to an encrypted content store is not licensed."); + } + throw new IllegalStateException("Switching to an unknown content store is not possible." + value); } super.setProperty(name, value); } } + + public void onApplicationEvent(ApplicationEvent event) + { + + if(logger.isDebugEnabled()) + { + logger.debug("event : " + event); + } + + if (event instanceof DescriptorServiceAvailableEvent) + { + descriptorService = ((DescriptorServiceAvailableEvent)event).getDescriptorService(); + } + super.onApplicationEvent(event); + } + } diff --git a/source/java/org/alfresco/service/descriptor/DescriptorService.java b/source/java/org/alfresco/service/descriptor/DescriptorService.java index c40edf4ea7..dfe9e835fe 100644 --- a/source/java/org/alfresco/service/descriptor/DescriptorService.java +++ b/source/java/org/alfresco/service/descriptor/DescriptorService.java @@ -121,5 +121,11 @@ public interface DescriptorService * @return Returns a message telling the user what happened */ public String loadLicense(InputStream licenseStream); + + /** + * Is this service bootstrapped? + * @return true, the service is bootstrapped and available + */ + boolean isBootstrapped(); }