inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-31 17:39:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged V2.9 to HEAD

Browse Source 
9018: MT: system-wide jobs should run across all stores/indexes
   9204: Merged V2.2 to V2.9
      8633: Merged V2.1 to V2.2
         8629: Merged V2.1-A to V2.1
            8493: Fixed ADB-51: ImporterBootstrap doesn't use transaction retrying
            8494: EHCache and JGroup patches and upgrades
            8546: ACT-1650: performance optimization
            8550: Fixes to transactional cache handling
            8553: Fixed tests: MLText is a Map, but will always have at least one entry, even that entry is null.
            8583: ACT-954: IndexInfo files now reopen when they close (for whatever reason)
      8640: Merged V2.1 to V2.2
         8638: Used correct exception type for IO channel reopen logic
      9102: Unit test to check that transactional cache size overrun is handled
      9106: Merged V2.1 to V2.2
         9043: Fixed AR-2291: SchemaBootstrap lock is only required before first SQL execution
         9045: Fix AR-2291: SchemaBootstrap lock is only required before first SQL execution
         9047: Fixed AR-2305: Index tracking in AUTO mode doesn't report anything on bootstrap
         9048: Fixed AR-2300: Random-based GUID instead of time-based GUIDs
         9049: Fix patches to only run once
         9050 <Defered>: Changed getString() method to use the available buffer length rather than a hard coded value.
         9060: Fixed ETWOONE-109 and ETWOONE-128: RetryingTransactionHelper fixes and improvements
         9061: Fixed NodeRefPropertyMethodInterceptorTest
         9075 <Defered>: Added delete permission check when marking a file for delete on close. ETWOONE-141/ACT-2416.
         9080: Fixed EHCache source zip
         9081: Fixed ETWOONE-118: Tomcat failed bootstrap doesn't clean up EHCache cluster structures
         9085: Fixed ETWOONE-154: Added JSR107 Jar to WAR
      9115: Fixed test: TransactionalCache uses LRU so repeatedly checking if a entry is there keeps it in the cache.
   9206: Merged V2.2 to V2.9
      8857: Improvements to ACL performance for large ACLs
      8951: Always check permission entry changes are made at position 0
   9219 <No change>: Made NTLMLogonDetails class Serializable, port of r8973.
   9220: Added delete permission check when marking a file for delete on close. Port of r9075.
   9222: Merged V2.1 to V2.9
      8683: Early warning for nodes indexed in the wrong store (ACT-964)
      8684: Enhanced tests
      8685: Enhanced tests
      8686: Additional tests
   9223: Merged V2.2 to V2.9
      9120: Merged V2.1 to V2.2
         8740: Fix for AR-2173 - do no recheck case of the user name when validating tickets (it has been done)
      9122: Additional unit test from support case.
   9224: Merged V2.2 to V2.9
      9076: Fixed ETWOTWO-426: Upgrading alfresco from 2.1.1 to 2.2 throws errors with Mysql 5.0.51
      9104: Merged V2.1 to V2.2
         9025: Fixed AR-2314, AR-2299: Optimizations after profiling
      9105: Merged V2.1 to V2.2
         8745: Fix AR-2233 (regression introduced by fix for AR-2221)
      9121: Merged V2.1 to V2.2
         9017: Fix index back up failing due to background index merge/deletions (inlcudes back port of CHK-2588)
      9137: Incorporated additions from Will into AVM console (ETWOTWO-439)
   9225: Merged V2.1 to V2.9
      8641: Merged V2.1-A to V2.1
         7729: Fix to Repository Web Service (queryAssociated) to allow reverse association lookup (ie. given target, get the source)
      8673: Fix for AR-2098 - shorter URL form now has NTLM filter mapping example in web.xml
      8682: Fix for AR-2005
      8695: AR-2054.
      8696: Improved sort test to include prefix form of field name
   9226: Fix ALFCOM-994 (see also earlier change in r9223)


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@9233 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Derek Hulley
2008-05-22 12:40:46 +00:00
parent 86027f41f1
commit 6e225ce15d
60 changed files with 2359 additions and 1164 deletions
Download Patch File Download Diff File Expand all files Collapse all files

135
source/java/org/alfresco/repo/domain/hibernate/AclDaoComponentImpl.java
View File

@@ -30,6 +30,7 @@ import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.zip.CRC32;
@@ -45,6 +46,7 @@ import org.alfresco.repo.domain.Node;
import org.alfresco.repo.domain.QNameDAO;
import org.alfresco.repo.domain.QNameEntity;
import org.alfresco.repo.node.db.hibernate.HibernateNodeDaoServiceImpl;
import org.alfresco.repo.security.permissions.ACEType;
import org.alfresco.repo.security.permissions.ACLCopyMode;
import org.alfresco.repo.security.permissions.ACLType;
import org.alfresco.repo.security.permissions.AccessControlEntry;
@@ -63,6 +65,7 @@ import org.alfresco.service.namespace.QName;
import org.alfresco.util.GUID;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.hibernate.CacheMode;
import org.hibernate.Criteria;
import org.hibernate.Query;
import org.hibernate.Session;
@@ -93,6 +96,8 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
static String QUERY_GET_ACES_FOR_ACL = "permission.GetAcesForAcl";
static String QUERY_LOAD_ACL = "permission.LoadAcl";
static String QUERY_GET_ACLS_THAT_INHERIT_FROM_THIS_ACL = "permission.GetAclsThatInheritFromThisAcl";
static String QUERY_GET_AVM_NODES_BY_ACL = "permission.FindAvmNodesByACL";
@@ -102,7 +107,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
static String QUERY_GET_LAYERED_DIRECTORIES = "permission.GetLayeredDirectories";
static String QUERY_GET_LAYERED_FILES = "permission.GetLayeredFiles";
static String QUERY_GET_NEW_IN_STORE = "permission.GetNewInStore";
/** Access to QName entities */
@@ -573,24 +578,71 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
* @param depth
*/
@SuppressWarnings("unchecked")
private void removeAcesFromAcl(final Long id, AccessControlEntry exclude, int depth)
private void removeAcesFromAcl(final Long id, final AccessControlEntry exclude, final int depth)
{
AcePatternMatcher excluder = new AcePatternMatcher(exclude);
HibernateCallback callback = new HibernateCallback()
{
public Object doInHibernate(Session session)
{
Query query = session.getNamedQuery(QUERY_GET_ACES_FOR_ACL);
query.setParameter("id", id);
return query.list();
if (exclude == null)
{
Criteria criteria = session.createCriteria(DbAccessControlListMemberImpl.class, "member");
criteria.createAlias("accessControlList", "acl");
criteria.add(Restrictions.eq("acl.id", id));
criteria.createAlias("accessControlEntry", "ace");
criteria.createAlias("ace.authority", "authority");
criteria.createAlias("ace.permission", "permission");
criteria.setResultTransformer(Criteria.ALIAS_TO_ENTITY_MAP);
return criteria.list();
}
else
{
Criteria criteria = session.createCriteria(DbAccessControlListMemberImpl.class, "member");
criteria.createAlias("accessControlList", "acl");
criteria.add(Restrictions.eq("acl.id", id));
if ((exclude.getPosition() != null) && exclude.getPosition() >= 0)
{
criteria.add(Restrictions.eq("position", Integer.valueOf(depth)));
}
if ((exclude.getAccessStatus() != null) || (exclude.getAceType() != null) || (exclude.getAuthority() != null) || (exclude.getPermission() != null))
{
criteria.createAlias("accessControlEntry", "ace");
if (exclude.getAccessStatus() != null)
{
criteria.add(Restrictions.eq("ace.allowed", exclude.getAccessStatus() == AccessStatus.ALLOWED ? Boolean.TRUE : Boolean.FALSE));
}
if (exclude.getAceType() != null)
{
criteria.add(Restrictions.eq("ace.applies", Integer.valueOf(exclude.getAceType().getId())));
}
if (exclude.getAuthority() != null)
{
criteria.createAlias("ace.authority", "authority");
criteria.add(Restrictions.eq("authority.authority", exclude.getAuthority()));
}
if (exclude.getPermission() != null)
{
criteria.createAlias("ace.permission", "permission");
criteria.add(Restrictions.eq("permission.name", exclude.getPermission().getName()));
// TODO: Add typeQname
}
}
criteria.setResultTransformer(Criteria.ALIAS_TO_ENTITY_MAP);
return criteria.list();
}
}
};
List<DbAccessControlListMember> members = (List<DbAccessControlListMember>) getHibernateTemplate().execute(callback);
List<Map<String, Object>> results = (List<Map<String, Object>>) getHibernateTemplate().execute(callback);
boolean removed = false;
for (DbAccessControlListMember member : members)
for (Map<String, Object> result : results)
{
if ((exclude != null) && excluder.matches(member.getAccessControlEntry(), depth, member.getPosition()))
DbAccessControlListMember member = (DbAccessControlListMember) result.get("member");
if ((exclude != null) && excluder.matches(result, depth))
{
getHibernateTemplate().delete(member);
removed = true;
@@ -1066,34 +1118,42 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
public Object doInHibernate(Session session)
{
Query query = session.getNamedQuery(QUERY_GET_ACES_FOR_ACL);
Query query = session.getNamedQuery(QUERY_LOAD_ACL);
query.setParameter("id", id);
query.setCacheMode(CacheMode.IGNORE);
return query.list();
}
};
List<DbAccessControlListMember> members = (List<DbAccessControlListMember>) getHibernateTemplate().execute(callback);
List<Object[]> results = (List<Object[]>) getHibernateTemplate().execute(callback);
List<AccessControlEntry> entries = new ArrayList<AccessControlEntry>();
for (DbAccessControlListMember member : members)
List<AccessControlEntry> entries = new ArrayList<AccessControlEntry>(results.size());
for (Object[] result : results)
// for (DbAccessControlListMember member : members)
{
SimpleAccessControlEntry entry = new SimpleAccessControlEntry();
entry.setAccessStatus(member.getAccessControlEntry().isAllowed() ? AccessStatus.ALLOWED : AccessStatus.DENIED);
entry.setAceType(member.getAccessControlEntry().getAceType());
entry.setAuthority(member.getAccessControlEntry().getAuthority().getAuthority());
if (member.getAccessControlEntry().getContext() != null)
{
SimpleAccessControlEntryContext context = new SimpleAccessControlEntryContext();
context.setClassContext(member.getAccessControlEntry().getContext().getClassContext());
context.setKVPContext(member.getAccessControlEntry().getContext().getKvpContext());
context.setPropertyContext(member.getAccessControlEntry().getContext().getPropertyContext());
entry.setContext(context);
}
DbPermission perm = member.getAccessControlEntry().getPermission();
Boolean aceIsAllowed = (Boolean)result[0];
Integer aceType = (Integer)result[1];
String authority = (String)result[2];
Long permissionId = (Long)result[3];
Integer position = (Integer)result[4];
SimpleAccessControlEntry sacEntry = new SimpleAccessControlEntry();
sacEntry.setAccessStatus(aceIsAllowed ? AccessStatus.ALLOWED : AccessStatus.DENIED);
sacEntry.setAceType(ACEType.getACETypeFromId(aceType));
sacEntry.setAuthority(authority);
// if (entry.getContext() != null)
// {
// SimpleAccessControlEntryContext context = new SimpleAccessControlEntryContext();
// context.setClassContext(entry.getContext().getClassContext());
// context.setKVPContext(entry.getContext().getKvpContext());
// context.setPropertyContext(entry.getContext().getPropertyContext());
// sacEntry.setContext(context);
// }
DbPermission perm = (DbPermission)getSession().get(DbPermissionImpl.class, permissionId);
SimplePermissionReference permissionRefernce = SimplePermissionReference.getPermissionReference(perm.getTypeQName().getQName(), perm.getName());
entry.setPermission(permissionRefernce);
entry.setPosition(member.getPosition());
sacEntry.setPermission(permissionRefernce);
sacEntry.setPosition(position);
entries.add(entry);
entries.add(sacEntry);
}
@@ -1714,13 +1774,16 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
this.pattern = pattern;
}
boolean matches(DbAccessControlEntry entry, int position, int memberPosition)
boolean matches(Map<String, Object> result, int position)
{
if (pattern == null)
{
return true;
}
DbAccessControlListMember member = (DbAccessControlListMember) result.get("member");
DbAccessControlEntry entry = (DbAccessControlEntry) result.get("ace");
if (pattern.getAccessStatus() != null)
{
if (pattern.getAccessStatus() != (entry.isAllowed() ? AccessStatus.ALLOWED : AccessStatus.DENIED))
@@ -1739,7 +1802,8 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
if (pattern.getAuthority() != null)
{
if (!pattern.getAuthority().equals(entry.getAuthority().getAuthority()))
DbAuthority authority = (DbAuthority) result.get("authority");
if (!pattern.getAuthority().equals(authority.getAuthority()))
{
return false;
}
@@ -1752,13 +1816,14 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
if (pattern.getPermission() != null)
{
DbPermission permission = (DbPermission) result.get("permission");
final QName patternQName = pattern.getPermission().getQName();
if ((patternQName != null) && (!patternQName.equals(entry.getPermission().getTypeQName().getQName())))
if ((patternQName != null) && (!patternQName.equals(permission.getTypeQName().getQName())))
{
return false;
}
final String patternName = pattern.getPermission().getName();
if ((patternName != null) && (!patternName.equals(entry.getPermission().getName())))
if ((patternName != null) && (!patternName.equals(permission.getName())))
{
return false;
}
@@ -1768,14 +1833,14 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
if (pattern.getPosition().intValue() >= 0)
{
if (memberPosition != position)
if (member.getPosition() != position)
{
return false;
}
}
else if (pattern.getPosition().intValue() == -1)
{
if (memberPosition <= position)
if (member.getPosition() <= position)
{
return false;
}
@@ -2000,7 +2065,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
throw new AlfrescoRuntimeException("Failed to set TX isolation level", e);
}
}
/**
* How many nodes are noew in store (approximate)
* @return - the number fo new nodes - approximate