inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged HEAD-BUG-FIX (5.0/Cloud) to HEAD (5.0/Cloud)

Browse Source 
84733: Merged PLATFORM1 (5.0/Cloud) to HEAD-BUG-FIX (5.0/Cloud)
      78807: ACE-2083	 - Only allow document encryption if the capability has been licensed


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@85104 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Mark Rogers
2014-09-19 22:19:44 +00:00
parent 4df4536d0f
commit 6d398a5ba9
5 changed files with 86 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
config/alfresco/content-services-context.xml
View File

@@ -22,6 +22,7 @@
</list> </list>
</property> </property>
<property name="unencryptedContentStoreBeanName" value="unencryptedContentStore"/> <property name="unencryptedContentStoreBeanName" value="unencryptedContentStore"/>
<property name="encryptedContentStoreBeanName" value="encryptedContentStore"/>
</bean> </bean>
<!-- Default ContentStore subsystem, that does not use encryption --> <!-- Default ContentStore subsystem, that does not use encryption -->

1
config/alfresco/subsystems/fileServers/default/file-servers-context.xml
View File

@@ -120,6 +120,7 @@
<value>${cifs.tcpipSMB.port}</value> <value>${cifs.tcpipSMB.port}</value>
</property> </property>
<property name="platforms"> <property name="platforms">
<!-- Unchecked, Unknown, WINDOWS, LINUX, SOLARIS, MACOSX, AIX -->
<value>linux,solaris,macosx</value> <value>linux,solaris,macosx</value>
</property> </property>
<property name="ipv6Enabled"> <property name="ipv6Enabled">

9
source/java/org/alfresco/repo/descriptor/DescriptorServiceImpl.java
View File

@@ -65,6 +65,8 @@ public class DescriptorServiceImpl extends AbstractLifecycleBean
@SuppressWarnings("unused") @SuppressWarnings("unused")
private Object heartBeat; private Object heartBeat;
private boolean isBootstrapped;
/** /**
* The version of the software * The version of the software
*/ */
@@ -245,6 +247,7 @@ public class DescriptorServiceImpl extends AbstractLifecycleBean
} }
}; };
AuthenticationUtil.runAs(bootstrapWork, AuthenticationUtil.getSystemUserName()); AuthenticationUtil.runAs(bootstrapWork, AuthenticationUtil.getSystemUserName());
isBootstrapped = true;
// Broadcast that the descriptor service is now available // Broadcast that the descriptor service is now available
((ApplicationContext) event.getSource()).publishEvent(new DescriptorServiceAvailableEvent(this)); ((ApplicationContext) event.getSource()).publishEvent(new DescriptorServiceAvailableEvent(this));
} }
@@ -763,4 +766,10 @@ public class DescriptorServiceImpl extends AbstractLifecycleBean
} }
} }
} }
@Override
public boolean isBootstrapped() {
return isBootstrapped;
}
} }

71
source/java/org/alfresco/repo/management/subsystems/CryptodocSwitchableApplicationContextFactory.java
View File

@@ -20,6 +20,12 @@ package org.alfresco.repo.management.subsystems;
import java.io.IOException; import java.io.IOException;
import org.alfresco.repo.descriptor.DescriptorServiceAvailableEvent;
import org.alfresco.service.descriptor.DescriptorService;
import org.alfresco.service.license.LicenseDescriptor;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.context.ApplicationEvent;
/** /**
* {@link SwitchableApplicationContextFactory} that only allows the subsystem to be switched * {@link SwitchableApplicationContextFactory} that only allows the subsystem to be switched
@@ -31,9 +37,13 @@ import java.io.IOException;
* @author Matt Ward * @author Matt Ward
*/ */
public class CryptodocSwitchableApplicationContextFactory extends SwitchableApplicationContextFactory public class CryptodocSwitchableApplicationContextFactory extends SwitchableApplicationContextFactory
{ {
private static final String SOURCE_BEAN_PROPERTY = "sourceBeanName"; private static final String SOURCE_BEAN_PROPERTY = "sourceBeanName";
private String unencryptedContentStoreBeanName; private String unencryptedContentStoreBeanName;
private String encryptedContentStoreBeanName;
private DescriptorService descriptorService;
private static final Log logger = LogFactory.getLog(CryptodocSwitchableApplicationContextFactory.class);
@Override @Override
public boolean isUpdateable(String name) public boolean isUpdateable(String name)
@@ -44,9 +54,27 @@ public class CryptodocSwitchableApplicationContextFactory extends SwitchableAppl
} }
boolean updateable = true; boolean updateable = true;
if (name.equals(SOURCE_BEAN_PROPERTY) && !getCurrentSourceBeanName().equals(unencryptedContentStoreBeanName)) if (name.equals(SOURCE_BEAN_PROPERTY))
{ {
updateable = false; if(getCurrentSourceBeanName().equals(unencryptedContentStoreBeanName))
{
if(descriptorService != null)
{
LicenseDescriptor license = descriptorService.getLicenseDescriptor();
if(license != null && license.isCryptodocEnabled())
{
return true;
}
return false;
}
}
// can the source bean name be changed?
if(!getCurrentSourceBeanName().equals(unencryptedContentStoreBeanName))
{
// the subsystem has been switched once.
return false;
}
} }
return updateable; return updateable;
} }
@@ -68,9 +96,20 @@ public class CryptodocSwitchableApplicationContextFactory extends SwitchableAppl
this.unencryptedContentStoreBeanName = unencryptedContentStoreBeanName; this.unencryptedContentStoreBeanName = unencryptedContentStoreBeanName;
} }
public String getEncryptedContentStoreBeanName()
{
return encryptedContentStoreBeanName;
}
public void setEncryptedContentStoreBeanName(
String encryptedContentStoreBeanName)
{
this.encryptedContentStoreBeanName = encryptedContentStoreBeanName;
}
protected class CryptoSwitchableState extends SwitchableState
protected class CryptoSwitchableState extends SwitchableState
{ {
protected CryptoSwitchableState(String sourceBeanName) protected CryptoSwitchableState(String sourceBeanName)
{ {
@@ -82,9 +121,33 @@ public class CryptodocSwitchableApplicationContextFactory extends SwitchableAppl
{ {
if (!isUpdateable(name)) if (!isUpdateable(name))
{ {
throw new IllegalStateException("Switching to an unencrypted content store is not possible."); if(value.equalsIgnoreCase(unencryptedContentStoreBeanName))
{
throw new IllegalStateException("Switching to an unencrypted content store is not possible.");
}
if(value.equalsIgnoreCase(encryptedContentStoreBeanName))
{
throw new IllegalStateException("Switching to an encrypted content store is not licensed.");
}
throw new IllegalStateException("Switching to an unknown content store is not possible." + value);
} }
super.setProperty(name, value); super.setProperty(name, value);
} }
} }
public void onApplicationEvent(ApplicationEvent event)
{
if(logger.isDebugEnabled())
{
logger.debug("event : " + event);
}
if (event instanceof DescriptorServiceAvailableEvent)
{
descriptorService = ((DescriptorServiceAvailableEvent)event).getDescriptorService();
}
super.onApplicationEvent(event);
}
} }

6
source/java/org/alfresco/service/descriptor/DescriptorService.java
View File

@@ -122,4 +122,10 @@ public interface DescriptorService
*/ */
public String loadLicense(InputStream licenseStream); public String loadLicense(InputStream licenseStream);
/**
* Is this service bootstrapped?
* @return true, the service is bootstrapped and available
*/
boolean isBootstrapped();
} }