From 74ba308cf96de17211d2cb84885aa4dd5e40a61e Mon Sep 17 00:00:00 2001
From: Steven Glover <steven.glover@alfresco.com>
Date: Fri, 4 Nov 2011 16:20:09 +0000
Subject: [PATCH] Fix for ALF-11104: add authenticated user to authorisations
 list in PermissionService + fix inconsistency in AuthorityService

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@31751 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
---
 .../security/authority/AuthorityServiceImpl.java   | 10 ++++++----
 .../permissions/impl/PermissionServiceImpl.java    |  2 ++
 .../permissions/impl/PermissionServiceTest.java    | 14 +++++++++++++-
 3 files changed, 21 insertions(+), 5 deletions(-)

diff --git a/source/java/org/alfresco/repo/security/authority/AuthorityServiceImpl.java b/source/java/org/alfresco/repo/security/authority/AuthorityServiceImpl.java
index ace49df128..d732b13853 100644
--- a/source/java/org/alfresco/repo/security/authority/AuthorityServiceImpl.java
+++ b/source/java/org/alfresco/repo/security/authority/AuthorityServiceImpl.java
@@ -212,15 +212,17 @@ public class AuthorityServiceImpl implements AuthorityService, InitializingBean
      */
     private boolean hasAuthority(String authority, String parentAuthority)
     {
-        if (parentAuthority.equals(authority))
-        {
-            return true;
-        }
         // Even users are matched case sensitively in ACLs
         if (AuthorityType.getAuthorityType(parentAuthority) == AuthorityType.USER)
         {
             return false;
         }
+
+        if (parentAuthority.equals(authority))
+        {
+            return true;
+        }
+
         NodeRef nodeRef = authorityDAO.getAuthorityNodeRefOrNull(parentAuthority);
         if (nodeRef == null)
         {
diff --git a/source/java/org/alfresco/repo/security/permissions/impl/PermissionServiceImpl.java b/source/java/org/alfresco/repo/security/permissions/impl/PermissionServiceImpl.java
index 8948dc996d..24c217805d 100644
--- a/source/java/org/alfresco/repo/security/permissions/impl/PermissionServiceImpl.java
+++ b/source/java/org/alfresco/repo/security/permissions/impl/PermissionServiceImpl.java
@@ -768,6 +768,8 @@ public class PermissionServiceImpl extends AbstractLifecycleBean implements Perm
         String username = user.getUsername();
         Set<String> auths = authorityService.getAuthoritiesForUser(username);
 
+        auths.add(username);
+
         for (GrantedAuthority grantedAuthority : auth.getAuthorities())
         {
             auths.add(grantedAuthority.getAuthority());
diff --git a/source/java/org/alfresco/repo/security/permissions/impl/PermissionServiceTest.java b/source/java/org/alfresco/repo/security/permissions/impl/PermissionServiceTest.java
index ac1ea3d4a8..71476629fd 100644
--- a/source/java/org/alfresco/repo/security/permissions/impl/PermissionServiceTest.java
+++ b/source/java/org/alfresco/repo/security/permissions/impl/PermissionServiceTest.java
@@ -62,7 +62,19 @@ public class PermissionServiceTest extends AbstractPermissionTest
         super();
         // TODO Auto-generated constructor stub
     }
-    
+
+    /*
+     * Tests that the current user is contained in the current authorisations set
+     */
+    public void testCurrentUserAuthority()
+    {
+        runAs("andy");
+        assertEquals("andy", authenticationComponent.getCurrentUserName());
+
+        Set<String> authorisations = permissionService.getAuthorisations();
+        assertTrue("", authorisations.contains("andy"));
+    }
+
     public void testMove()
     {
         runAs("admin");