diff --git a/config/alfresco/patch/patch-services-context.xml b/config/alfresco/patch/patch-services-context.xml index 00427b4c42..71cbe0acfc 100644 --- a/config/alfresco/patch/patch-services-context.xml +++ b/config/alfresco/patch/patch-services-context.xml @@ -1484,6 +1484,12 @@ + + + + + + diff --git a/config/alfresco/scheduled-jobs-context.xml b/config/alfresco/scheduled-jobs-context.xml index 58f7df273d..0b5ac10ff1 100644 --- a/config/alfresco/scheduled-jobs-context.xml +++ b/config/alfresco/scheduled-jobs-context.xml @@ -507,6 +507,9 @@ + + + diff --git a/source/java/org/alfresco/repo/admin/patch/impl/MigrateVersionStorePatch.java b/source/java/org/alfresco/repo/admin/patch/impl/MigrateVersionStorePatch.java index d04efc1561..7ae2e276b7 100644 --- a/source/java/org/alfresco/repo/admin/patch/impl/MigrateVersionStorePatch.java +++ b/source/java/org/alfresco/repo/admin/patch/impl/MigrateVersionStorePatch.java @@ -27,7 +27,11 @@ package org.alfresco.repo.admin.patch.impl; import org.alfresco.error.AlfrescoRuntimeException; import org.alfresco.i18n.I18NUtil; import org.alfresco.repo.admin.patch.AbstractPatch; +import org.alfresco.repo.importer.ImporterBootstrap; +import org.alfresco.repo.security.authentication.AuthenticationUtil; +import org.alfresco.repo.tenant.TenantService; import org.alfresco.repo.version.VersionMigrator; +import org.alfresco.service.cmr.repository.StoreRef; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -41,6 +45,9 @@ public class MigrateVersionStorePatch extends AbstractPatch private static final String MSG_SUCCESS = "patch.migrateVersionStore.result"; private VersionMigrator versionMigrator; + private TenantService tenantService; + private ImporterBootstrap version2ImporterBootstrap; + private int batchSize = 1; private boolean deleteImmediately = false; @@ -49,6 +56,16 @@ public class MigrateVersionStorePatch extends AbstractPatch this.versionMigrator = versionMigrator; } + public void setTenantService(TenantService tenantService) + { + this.tenantService = tenantService; + } + + public void setImporterBootstrap(ImporterBootstrap version2ImporterBootstrap) + { + this.version2ImporterBootstrap = version2ImporterBootstrap; + } + public void setBatchSize(int batchSize) { this.batchSize = batchSize; @@ -73,7 +90,17 @@ public class MigrateVersionStorePatch extends AbstractPatch @Override protected String applyInternal() throws Exception - { + { + if (tenantService.isEnabled() && tenantService.isTenantUser()) + { + // bootstrap new version store + StoreRef bootstrapStoreRef = version2ImporterBootstrap.getStoreRef(); + bootstrapStoreRef = tenantService.getName(AuthenticationUtil.getCurrentEffectiveUserName(), bootstrapStoreRef); + version2ImporterBootstrap.setStoreUrl(bootstrapStoreRef.toString()); + + version2ImporterBootstrap.bootstrap(); + } + int vhCount = versionMigrator.migrateVersions(batchSize, deleteImmediately); // build the result message diff --git a/source/java/org/alfresco/repo/admin/patch/impl/SitePermissionRefactorPatch.java b/source/java/org/alfresco/repo/admin/patch/impl/SitePermissionRefactorPatch.java index 5560bc3607..4364d3c3b0 100644 --- a/source/java/org/alfresco/repo/admin/patch/impl/SitePermissionRefactorPatch.java +++ b/source/java/org/alfresco/repo/admin/patch/impl/SitePermissionRefactorPatch.java @@ -29,6 +29,7 @@ import java.util.Set; import org.alfresco.i18n.I18NUtil; import org.alfresco.repo.admin.patch.AbstractPatch; +import org.alfresco.repo.security.authentication.AuthenticationUtil; import org.alfresco.repo.site.SiteInfo; import org.alfresco.repo.site.SiteModel; import org.alfresco.repo.site.SiteService; @@ -37,6 +38,7 @@ import org.alfresco.service.cmr.security.AccessPermission; import org.alfresco.service.cmr.security.AuthorityService; import org.alfresco.service.cmr.security.AuthorityType; import org.alfresco.service.cmr.security.PermissionService; +import org.alfresco.util.EqualsHelper; /** * Patch's the site permission model to use groups to contain users. @@ -89,51 +91,59 @@ public class SitePermissionRefactorPatch extends AbstractPatch @Override protected String applyInternal() throws Exception { - // Set all the sites in the repository - List sites = this.siteService.listSites(null, null); - for (SiteInfo siteInfo : sites) + // NOTE: SiteService is not currently MT-enabled (eg. getSiteRoot) so skip if applied to tenant + if (EqualsHelper.nullSafeEquals( + AuthenticationUtil.SYSTEM_USER_NAME, + AuthenticationUtil.getCurrentEffectiveUserName()) + || + !AuthenticationUtil.isMtEnabled()) { - // Create the site's groups - String siteGroup = authorityService.createAuthority( - AuthorityType.GROUP, - null, - ((SiteServiceImpl)this.siteService).getSiteGroup(siteInfo.getShortName(), - false)); - Set permissions = permissionService.getSettablePermissions(SiteModel.TYPE_SITE); - for (String permission : permissions) - { - // Create a group for the permission - String permissionGroup = authorityService.createAuthority( - AuthorityType.GROUP, - siteGroup, - ((SiteServiceImpl)this.siteService).getSiteRoleGroup( - siteInfo.getShortName(), - permission, - false)); - - // Assign the group the relevant permission on the site - permissionService.setPermission(siteInfo.getNodeRef(), permissionGroup, permission, true); - } - - // Take the current members and assign them to the appropriate groups - Set currentPermissions = this.permissionService.getAllSetPermissions(siteInfo.getNodeRef()); - for (AccessPermission permission : currentPermissions) - { - // Only support user's being transfered (if public the everyone group will stay on the node) - if (permission.getAuthorityType() == AuthorityType.USER) - { - // Add this authority to the appropriate group - String group = ((SiteServiceImpl)this.siteService).getSiteRoleGroup( - siteInfo.getShortName(), - permission.getPermission(), - true); - this.authorityService.addAuthority(group, permission.getAuthority()); - - // Remove the permission from the node - this.permissionService.deletePermission(siteInfo.getNodeRef(), permission.getAuthority(), permission.getPermission()); - } - } - } + // Set all the sites in the repository + List sites = this.siteService.listSites(null, null); + for (SiteInfo siteInfo : sites) + { + // Create the site's groups + String siteGroup = authorityService.createAuthority( + AuthorityType.GROUP, + null, + ((SiteServiceImpl)this.siteService).getSiteGroup(siteInfo.getShortName(), + false)); + Set permissions = permissionService.getSettablePermissions(SiteModel.TYPE_SITE); + for (String permission : permissions) + { + // Create a group for the permission + String permissionGroup = authorityService.createAuthority( + AuthorityType.GROUP, + siteGroup, + ((SiteServiceImpl)this.siteService).getSiteRoleGroup( + siteInfo.getShortName(), + permission, + false)); + + // Assign the group the relevant permission on the site + permissionService.setPermission(siteInfo.getNodeRef(), permissionGroup, permission, true); + } + + // Take the current members and assign them to the appropriate groups + Set currentPermissions = this.permissionService.getAllSetPermissions(siteInfo.getNodeRef()); + for (AccessPermission permission : currentPermissions) + { + // Only support user's being transfered (if public the everyone group will stay on the node) + if (permission.getAuthorityType() == AuthorityType.USER) + { + // Add this authority to the appropriate group + String group = ((SiteServiceImpl)this.siteService).getSiteRoleGroup( + siteInfo.getShortName(), + permission.getPermission(), + true); + this.authorityService.addAuthority(group, permission.getAuthority()); + + // Remove the permission from the node + this.permissionService.deletePermission(siteInfo.getNodeRef(), permission.getAuthority(), permission.getPermission()); + } + } + } + } // Report status return I18NUtil.getMessage(STATUS_MSG); diff --git a/source/java/org/alfresco/repo/tenant/MultiTServiceImpl.java b/source/java/org/alfresco/repo/tenant/MultiTServiceImpl.java index 67c117c75d..c15196ef7c 100755 --- a/source/java/org/alfresco/repo/tenant/MultiTServiceImpl.java +++ b/source/java/org/alfresco/repo/tenant/MultiTServiceImpl.java @@ -500,7 +500,7 @@ public class MultiTServiceImpl implements TenantService */ public boolean isTenantUser() { - return isTenantUser(AuthenticationUtil.getCurrentUserName()); + return isTenantUser(AuthenticationUtil.getCurrentEffectiveUserName()); } /* (non-Javadoc) @@ -567,7 +567,7 @@ public class MultiTServiceImpl implements TenantService */ public String getCurrentUserDomain() { - String user = AuthenticationUtil.getCurrentUserName(); + String user = AuthenticationUtil.getCurrentEffectiveUserName(); return getUserDomain(user); } diff --git a/source/java/org/alfresco/repo/version/MigrationCleanupJob.java b/source/java/org/alfresco/repo/version/MigrationCleanupJob.java index f1f8e3fb64..171597eac6 100644 --- a/source/java/org/alfresco/repo/version/MigrationCleanupJob.java +++ b/source/java/org/alfresco/repo/version/MigrationCleanupJob.java @@ -24,7 +24,13 @@ */ package org.alfresco.repo.version; +import java.util.List; + import org.alfresco.error.AlfrescoRuntimeException; +import org.alfresco.repo.security.authentication.AuthenticationUtil; +import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork; +import org.alfresco.repo.tenant.Tenant; +import org.alfresco.repo.tenant.TenantAdminService; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.quartz.Job; @@ -39,7 +45,9 @@ public class MigrationCleanupJob implements Job { private static Log logger = LogFactory.getLog(MigrationCleanupJob.class); - private static final String KEY_COMPONENT = "versionMigrator"; + private static final String KEY_VERSION_MIGRATOR = "versionMigrator"; + private static final String KEY_TENANT_ADMIN_SERVICE = "tenantAdminService"; + private static final String KEY_BATCHSIZE = "batchSize"; private int batchSize = 1; @@ -47,10 +55,13 @@ public class MigrationCleanupJob implements Job public void execute(JobExecutionContext context) throws JobExecutionException { JobDataMap jobData = context.getJobDetail().getJobDataMap(); - VersionMigrator migrationCleanup = (VersionMigrator)jobData.get(KEY_COMPONENT); + + final VersionMigrator migrationCleanup = (VersionMigrator)jobData.get(KEY_VERSION_MIGRATOR); + final TenantAdminService tenantAdminService = (TenantAdminService)jobData.get(KEY_TENANT_ADMIN_SERVICE); + if (migrationCleanup == null) { - throw new JobExecutionException("Missing job data: " + KEY_COMPONENT); + throw new JobExecutionException("Missing job data: " + KEY_VERSION_MIGRATOR); } String batchSizeStr = (String)jobData.get(KEY_BATCHSIZE); @@ -75,5 +86,22 @@ public class MigrationCleanupJob implements Job // perform the cleanup of the old version store migrationCleanup.executeCleanup(batchSize); + + if ((tenantAdminService != null) && tenantAdminService.isEnabled()) + { + List tenants = tenantAdminService.getAllTenants(); + for (Tenant tenant : tenants) + { + String tenantDomain = tenant.getTenantDomain(); + AuthenticationUtil.runAs(new RunAsWork() + { + public Object doWork() throws Exception + { + migrationCleanup.executeCleanup(batchSize); + return null; + } + }, tenantAdminService.getDomainUser(AuthenticationUtil.getSystemUserName(), tenantDomain)); + } + } } }