inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

ACE-2869: SOLR4 - security.anyDenyDenies=true config - result count from fts query still wrong.

Browse Source 
Results are no longer post-processed for anyDenyDenies when Solr4 is in use - the processing is done on the Solr side instead.

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@86007 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Matt Ward
2014-09-30 13:24:47 +00:00
parent 290f3ec8a0
commit 7fc1fc7bf2
4 changed files with 25 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
source/java/org/alfresco/repo/search/impl/lucene/SolrJSONResultSet.java
View File

@@ -81,6 +81,9 @@ public class SolrJSONResultSet implements ResultSet, JSONResult
private long lastIndexedTxId;
private SpellCheckResult spellCheckResult;
private boolean processedDenies;
/**
* Detached result set based on that provided
* @param resultSet
@@ -104,7 +107,10 @@ public class SolrJSONResultSet implements ResultSet, JSONResult
{
lastIndexedTxId = json.getLong("lastIndexedTx");
}
if (json.has("processedDenies"))
{
processedDenies = json.getBoolean("processedDenies");
}
JSONArray docs = response.getJSONArray("docs");
int numDocs = docs.length();
@@ -466,4 +472,9 @@ public class SolrJSONResultSet implements ResultSet, JSONResult
{
return this.spellCheckResult;
}
public boolean getProcessedDenies()
{
return processedDenies;
}
}

10
source/java/org/alfresco/repo/security/permissions/impl/acegi/ACLEntryAfterInvocationProvider.java
View File

@@ -94,7 +94,7 @@ public class ACLEntryAfterInvocationProvider implements AfterInvocationProvider,
private boolean optimisePermissionsCheck;
private int optimisePermissionsBulkFetchSize;
private boolean anyDenyDenies = false;
private boolean postProcessDenies = false;
/**
* Default constructor
*/
@@ -279,7 +279,8 @@ public class ACLEntryAfterInvocationProvider implements AfterInvocationProvider,
{
return decide(authentication, object, config, (ChildAssociationRef) returnedObject);
}
else if (SolrJSONResultSet.class.isAssignableFrom(returnedObject.getClass()) && !anyDenyDenies)
else if (SolrJSONResultSet.class.isAssignableFrom(returnedObject.getClass()) &&
(!anyDenyDenies || (!postProcessDenies && ((SolrJSONResultSet)returnedObject).getProcessedDenies())))
{
return returnedObject;
}
@@ -525,6 +526,11 @@ public class ACLEntryAfterInvocationProvider implements AfterInvocationProvider,
this.anyDenyDenies = anyDenyDenies;
}
public void setPostProcessDenies(boolean postProcessDenies)
{
this.postProcessDenies = postProcessDenies;
}
private ResultSet decide(Authentication authentication, Object object, ConfigAttributeDefinition config, ResultSet returnedObject) throws AccessDeniedException
{
ResultSet rs = optimisePermissionsCheck ? decideNew(authentication, object, config, returnedObject) :