inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Enhanced User properties available ready for User Profile component - added new properties to content model definition, ContentModel constants file and Slingshot User objects.

Browse Source 
Added AlfrescoUser object, to be responsible for persisting changes to User Profile.
Added concept of ThreadLocalRequestContext - similar to FacesContext in that it has a static accessor method to retrieve the "current" instance.
Removal of 'alfresco-system' endpoint from web-framework and replaced usage with 'alfresco' endpoint:
 - removes the need for admin user detailed to be stored in web-framework config files (!) and being constantly transmitted between tiers
 - refactored appropriate webscripts to accept non-admin authentication but added code checks to ensure non-admin users can only bring back meta-data about themselves
 - refactored AVMRemoteStore and RemoteStore client to use authenticated endpoint rather than system admin authentication driven endpoint
 - this also reduces the the traffic between tiers and vastly reduces the number of login tickets requested
Added open HTTP endpoint - for use by RSS feed components etc. that point to any website feed - configured as 'unsecure' endpoint so purposely cannot be accessed via proxy URLs.

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@9920 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Kevin Roast
2008-07-17 14:38:55 +00:00
parent 5f5937479b
commit 773b9e811e
7 changed files with 156 additions and 119 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
config/alfresco/templates/webscripts/org/alfresco/repository/store/remoteavm.delete.desc.xml
View File

@@ -2,6 +2,6 @@
<shortname>Remote AVM Store</shortname> <shortname>Remote AVM Store</shortname>
<description>Remote service mirroring the Store interface - to an AVM store</description> <description>Remote service mirroring the Store interface - to an AVM store</description>
<url>/remotestore/{method}/{path}</url> <url>/remotestore/{method}/{path}</url>
<authentication>admin</authentication> <authentication>user</authentication>
<format default="">argument</format> <format default="">argument</format>
</webscript> </webscript>

2
config/alfresco/templates/webscripts/org/alfresco/repository/store/remoteavm.get.desc.xml
View File

@@ -3,6 +3,6 @@
<description>Remote service mirroring the Store interface - to an AVM store</description> <description>Remote service mirroring the Store interface - to an AVM store</description>
<url>/remotestore/{method}</url> <url>/remotestore/{method}</url>
<url>/remotestore/{method}/{path}</url> <url>/remotestore/{method}/{path}</url>
<authentication>admin</authentication> <authentication>none</authentication>
<format default="">argument</format> <format default="">argument</format>
</webscript> </webscript>

2
config/alfresco/templates/webscripts/org/alfresco/repository/store/remoteavm.post.desc.xml
View File

@@ -2,6 +2,6 @@
<shortname>Remote AVM Store</shortname> <shortname>Remote AVM Store</shortname>
<description>Remote service mirroring the Store interface - to an AVM store</description> <description>Remote service mirroring the Store interface - to an AVM store</description>
<url>/remotestore/{method}/{path}</url> <url>/remotestore/{method}/{path}</url>
<authentication>admin</authentication> <authentication>user</authentication>
<format default="">argument</format> <format default="">argument</format>
</webscript> </webscript>

2
config/alfresco/templates/webscripts/org/alfresco/webframework/metadata.get.desc.xml
View File

@@ -3,6 +3,6 @@
<description>Content Metadata Retrieval Service</description> <description>Content Metadata Retrieval Service</description>
<url>/webframework/content/metadata</url> <url>/webframework/content/metadata</url>
<format default="html">argument</format> <format default="html">argument</format>
<authentication>admin</authentication> <authentication>user</authentication>
<transaction>required</transaction> <transaction>required</transaction>
</webscript> </webscript>

14
config/alfresco/templates/webscripts/org/alfresco/webframework/metadata.get.html.ftl
View File

@@ -55,11 +55,9 @@
<#assign renderable = false> <#assign renderable = false>
<#if val?is_string == true> <#if val?is_string == true>
<#assign renderable = true> <#assign renderable = true>
</#if> <#elseif val?is_date == true>
<#if val?is_date == true>
<#assign renderable = true> <#assign renderable = true>
</#if> <#elseif val?is_boolean == true>
<#if val?is_boolean == true>
<#assign renderable = true> <#assign renderable = true>
</#if> </#if>
<#if renderable == true> <#if renderable == true>
@@ -67,12 +65,10 @@
, ,
</#if> </#if>
<#if val?is_string == true> <#if val?is_string == true>
"${key}" : "${val}" "${key}" : "${val?js_string}"
</#if> <#elseif val?is_date == true>
<#if val?is_date == true>
"${key}" : "${val?datetime}" "${key}" : "${val?datetime}"
</#if> <#elseif val?is_boolean == true>
<#if val?is_boolean == true>
"${key}" : "${val}" "${key}" : "${val}"
</#if> </#if>
<#assign first = false> <#assign first = false>

15
config/alfresco/templates/webscripts/org/alfresco/webframework/metadata.get.js
View File

@@ -7,21 +7,28 @@ if(args["id"] != null)
object = search.findNode(id); object = search.findNode(id);
} }
// if not by id, then allow for user id // if not by id, then allow for user id - but only if current user is the user!
if(object == null && args["user"] != null) else if(args["user"] != null)
{ {
var userId = args["user"]; var userId = args["user"];
object = people.getPerson(userId); if (userId == person.properties.userName)
{
object = person;
}
} }
// load content by relative path // load content by relative path
if(object == null) else
{ {
var path = args["path"]; var path = args["path"];
if(path == null || path == "" || path == "/") if(path == null || path == "" || path == "/")
{
path = "/Company Home"; path = "/Company Home";
}
else else
{
path = "/Company Home" + path; path = "/Company Home" + path;
}
// look up the content by path // look up the content by path
object = roothome.childByNamePath(path); object = roothome.childByNamePath(path);

64
source/java/org/alfresco/repo/web/scripts/bean/AVMRemoteStore.java
View File

@@ -32,6 +32,8 @@ import java.util.SortedMap;
import org.alfresco.repo.avm.AVMNodeConverter; import org.alfresco.repo.avm.AVMNodeConverter;
import org.alfresco.repo.content.MimetypeMap; import org.alfresco.repo.content.MimetypeMap;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
import org.alfresco.repo.security.permissions.AccessDeniedException; import org.alfresco.repo.security.permissions.AccessDeniedException;
import org.alfresco.service.cmr.avm.AVMExistsException; import org.alfresco.service.cmr.avm.AVMExistsException;
import org.alfresco.service.cmr.avm.AVMNodeDescriptor; import org.alfresco.service.cmr.avm.AVMNodeDescriptor;
@@ -104,20 +106,25 @@ public class AVMRemoteStore extends BaseRemoteStore
* @see org.alfresco.repo.web.scripts.bean.BaseRemoteStore#getDocument(org.alfresco.web.scripts.WebScriptResponse, java.lang.String) * @see org.alfresco.repo.web.scripts.bean.BaseRemoteStore#getDocument(org.alfresco.web.scripts.WebScriptResponse, java.lang.String)
*/ */
@Override @Override
protected void getDocument(WebScriptResponse res, String path) throws IOException protected void getDocument(final WebScriptResponse res, final String path) throws IOException
{ {
String avmPath = buildAVMPath(path); final String avmPath = buildAVMPath(path);
AVMNodeDescriptor desc = this.avmService.lookup(-1, avmPath); final AVMNodeDescriptor desc = this.avmService.lookup(-1, avmPath);
if (desc == null) if (desc == null)
{ {
res.setStatus(Status.STATUS_NOT_FOUND); res.setStatus(Status.STATUS_NOT_FOUND);
return; return;
} }
AuthenticationUtil.runAs(new RunAsWork<Object>()
{
@SuppressWarnings("synthetic-access")
public Object doWork() throws Exception
{
ContentReader reader; ContentReader reader;
try try
{ {
reader = this.avmService.getContentReader(-1, avmPath); reader = avmService.getContentReader(-1, avmPath);
if (reader == null) if (reader == null)
{ {
@@ -133,7 +140,7 @@ public class AVMRemoteStore extends BaseRemoteStore
if (extIndex != -1) if (extIndex != -1)
{ {
String ext = path.substring(extIndex + 1); String ext = path.substring(extIndex + 1);
String mt = this.mimetypeService.getMimetypesByExtension().get(ext); String mt = mimetypeService.getMimetypesByExtension().get(ext);
if (mt != null) if (mt != null)
{ {
mimetype = mt; mimetype = mt;
@@ -175,6 +182,9 @@ public class AVMRemoteStore extends BaseRemoteStore
{ {
res.setStatus(Status.STATUS_NOT_FOUND); res.setStatus(Status.STATUS_NOT_FOUND);
} }
return null;
}
}, AuthenticationUtil.getSystemUserName());
} }
/* (non-Javadoc) /* (non-Javadoc)
@@ -195,7 +205,12 @@ public class AVMRemoteStore extends BaseRemoteStore
* @see org.alfresco.repo.web.scripts.bean.BaseRemoteStore#createDocument(org.alfresco.web.scripts.WebScriptResponse, java.lang.String, java.io.InputStream) * @see org.alfresco.repo.web.scripts.bean.BaseRemoteStore#createDocument(org.alfresco.web.scripts.WebScriptResponse, java.lang.String, java.io.InputStream)
*/ */
@Override @Override
protected void createDocument(WebScriptResponse res, String path, InputStream content) protected void createDocument(final WebScriptResponse res, final String path, final InputStream content)
{
AuthenticationUtil.runAs(new RunAsWork<Object>()
{
@SuppressWarnings("synthetic-access")
public Object doWork() throws Exception
{ {
String avmPath = buildAVMPath(path); String avmPath = buildAVMPath(path);
try try
@@ -207,15 +222,15 @@ public class AVMRemoteStore extends BaseRemoteStore
while (index < dirs.length) while (index < dirs.length)
{ {
String dirPath = parentPath + "/" + dirs[index]; String dirPath = parentPath + "/" + dirs[index];
if (this.avmService.lookup(-1, dirPath) == null) if (avmService.lookup(-1, dirPath) == null)
{ {
this.avmService.createDirectory(parentPath, dirs[index]); avmService.createDirectory(parentPath, dirs[index]);
} }
parentPath = dirPath; parentPath = dirPath;
index++; index++;
} }
this.avmService.createFile(parts[0], parts[1], content); avmService.createFile(parts[0], parts[1], content);
} }
catch (AccessDeniedException ae) catch (AccessDeniedException ae)
{ {
@@ -225,15 +240,18 @@ public class AVMRemoteStore extends BaseRemoteStore
{ {
res.setStatus(Status.STATUS_CONFLICT); res.setStatus(Status.STATUS_CONFLICT);
} }
return null;
}
}, AuthenticationUtil.getSystemUserName());
} }
/* (non-Javadoc) /* (non-Javadoc)
* @see org.alfresco.repo.web.scripts.bean.BaseRemoteStore#updateDocument(org.alfresco.web.scripts.WebScriptResponse, java.lang.String, java.io.InputStream) * @see org.alfresco.repo.web.scripts.bean.BaseRemoteStore#updateDocument(org.alfresco.web.scripts.WebScriptResponse, java.lang.String, java.io.InputStream)
*/ */
@Override @Override
protected void updateDocument(WebScriptResponse res, String path, InputStream content) protected void updateDocument(final WebScriptResponse res, final String path, final InputStream content)
{ {
String avmPath = buildAVMPath(path); final String avmPath = buildAVMPath(path);
AVMNodeDescriptor desc = this.avmService.lookup(-1, avmPath); AVMNodeDescriptor desc = this.avmService.lookup(-1, avmPath);
if (desc == null) if (desc == null)
{ {
@@ -241,24 +259,32 @@ public class AVMRemoteStore extends BaseRemoteStore
return; return;
} }
AuthenticationUtil.runAs(new RunAsWork<Object>()
{
@SuppressWarnings("synthetic-access")
public Object doWork() throws Exception
{
try try
{ {
ContentWriter writer = this.avmService.getContentWriter(avmPath); ContentWriter writer = avmService.getContentWriter(avmPath);
writer.putContent(content); writer.putContent(content);
} }
catch (AccessDeniedException ae) catch (AccessDeniedException ae)
{ {
res.setStatus(Status.STATUS_UNAUTHORIZED); res.setStatus(Status.STATUS_UNAUTHORIZED);
} }
return null;
}
}, AuthenticationUtil.getSystemUserName());
} }
/* (non-Javadoc) /* (non-Javadoc)
* @see org.alfresco.repo.web.scripts.bean.BaseRemoteStore#deleteDocument(org.alfresco.web.scripts.WebScriptResponse, java.lang.String) * @see org.alfresco.repo.web.scripts.bean.BaseRemoteStore#deleteDocument(org.alfresco.web.scripts.WebScriptResponse, java.lang.String)
*/ */
@Override @Override
protected void deleteDocument(WebScriptResponse res, String path) protected void deleteDocument(final WebScriptResponse res, final String path)
{ {
String avmPath = buildAVMPath(path); final String avmPath = buildAVMPath(path);
AVMNodeDescriptor desc = this.avmService.lookup(-1, avmPath); AVMNodeDescriptor desc = this.avmService.lookup(-1, avmPath);
if (desc == null) if (desc == null)
{ {
@@ -266,14 +292,22 @@ public class AVMRemoteStore extends BaseRemoteStore
return; return;
} }
AuthenticationUtil.runAs(new RunAsWork<Object>()
{
@SuppressWarnings("synthetic-access")
public Object doWork() throws Exception
{
try try
{ {
this.avmService.removeNode(avmPath); avmService.removeNode(avmPath);
} }
catch (AccessDeniedException ae) catch (AccessDeniedException ae)
{ {
res.setStatus(Status.STATUS_UNAUTHORIZED); res.setStatus(Status.STATUS_UNAUTHORIZED);
} }
return null;
}
}, AuthenticationUtil.getSystemUserName());
} }
/* (non-Javadoc) /* (non-Javadoc)