Merged V3.1 to HEAD

12904: Partial fix for ETHREEOH-1221 git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@13539 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-08-07 17:49:17 +00:00 · 2009-03-10 18:05:28 +00:00
parent 42fa774d76
commit 862e3b671f
11 changed files with 60 additions and 49 deletions
--- a/config/alfresco/extension/mt/mt-admin-context.xml.sample
+++ b/config/alfresco/extension/mt/mt-admin-context.xml.sample
@@ -14,6 +14,8 @@
        <property name="tenantAdminService" ref="tenantAdminService"/>       
        <property name="tenantService" ref="tenantService"/>        
        <property name="authenticationService" ref="AuthenticationService"/>
+        <property name="authorityService" ref="AuthorityService"/>
+        <property name="baseAdminUsername"><value>${alfresco_user_store.adminusername}</value></property>
   </bean>

   <bean id="tenantInterpreterHelp" class="org.alfresco.i18n.ResourceBundleBootstrapComponent">
--- a/config/alfresco/mt/mt-base-context.xml
+++ b/config/alfresco/mt/mt-base-context.xml
@@ -20,6 +20,7 @@
      <property name="workflowService" ref="WorkflowService"/>
      <property name="repositoryExporterService" ref="repositoryExporterComponent"/>
      <property name="moduleService" ref="moduleService"/>
+      <property name="baseAdminUsername"><value>${alfresco_user_store.adminusername}</value></property>
      
      <property name="siteAVMBootstrap" ref="siteAVMBootstrap"/>
      
--- a/config/alfresco/repo-admin-context.xml
+++ b/config/alfresco/repo-admin-context.xml
@@ -21,7 +21,7 @@
   
      <property name="transactionService" ref="transactionComponent"/>
      <property name="repoAdminService" ref="RepoAdminService"/>
-      <property name="tenantService" ref="tenantService"/>
+      <property name="authorityService" ref="AuthorityService"/>
        
   </bean>

--- a/config/alfresco/workflow-context.xml
+++ b/config/alfresco/workflow-context.xml
@@ -53,6 +53,7 @@
      <property name="transactionService" ref="transactionService"/>
      <property name="fileFolderService" ref="FileFolderService"/>
      <property name="tenantService" ref="tenantService"/>
+      <property name="authorityService" ref="AuthorityService"/>
   </bean>

   <bean id="workflowInterpreterHelp" class="org.alfresco.i18n.ResourceBundleBootstrapComponent">
--- a/source/java/org/alfresco/repo/admin/BaseInterpreter.java
+++ b/source/java/org/alfresco/repo/admin/BaseInterpreter.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2005-2007 Alfresco Software Limited.
+ * Copyright (C) 2005-2009 Alfresco Software Limited.
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
@@ -30,8 +30,8 @@ import java.io.InputStreamReader;

 import org.alfresco.repo.security.authentication.AuthenticationUtil;
 import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
-import org.alfresco.repo.tenant.TenantService;
 import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback;
+import org.alfresco.service.cmr.security.AuthorityService;
 import org.alfresco.service.transaction.TransactionService;
 import org.alfresco.util.AbstractLifecycleBean;
 import org.alfresco.util.ApplicationContextHelper;
@@ -46,8 +46,7 @@ public abstract class BaseInterpreter extends AbstractLifecycleBean
 {
    // dependencies
    protected TransactionService transactionService;
-    protected TenantService tenantService;
-
+    protected AuthorityService authorityService;

    /**4
     * The reader for interaction.
@@ -100,9 +99,9 @@ public abstract class BaseInterpreter extends AbstractLifecycleBean
        this.transactionService = transactionService;
    }
    
-    public void setTenantService(TenantService tenantService)
+    public void setAuthorityService(AuthorityService authorityService)
    {
-        this.tenantService = tenantService;
+        this.authorityService = authorityService;
    }
    

@@ -175,7 +174,13 @@ public abstract class BaseInterpreter extends AbstractLifecycleBean
    
    protected boolean hasAuthority(String username)
    {
-        return ((username != null) && (tenantService.getBaseNameUser(username).equals(DEFAULT_ADMIN)));
+        if (authorityService == null)
+        {
+            // default for backwards compatibility - eg. upgrade of existing MT instance (mt-admin-context.xml.sample)
+            authorityService = (AuthorityService)getApplicationContext().getBean("AuthorityService");
+        }
+        
+        return ((username != null) && (authorityService.isAdminAuthority(username)));
    }

    /**
--- a/source/java/org/alfresco/repo/admin/RepoAdminInterpreter.java
+++ b/source/java/org/alfresco/repo/admin/RepoAdminInterpreter.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2005-2007 Alfresco Software Limited.
+ * Copyright (C) 2005-2009 Alfresco Software Limited.
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
@@ -61,13 +61,6 @@ public class RepoAdminInterpreter extends BaseInterpreter
        runMain("repoAdminInterpreter");
    }

-    protected boolean hasAuthority(String username)
-    {
-        // must be an "admin" for repository administration
-        return ((username != null) && (tenantService.getBaseNameUser(username).equals(BaseInterpreter.DEFAULT_ADMIN)));
-    }
-
-
    /**
     * Execute a single command using the BufferedReader passed in for any data needed.
     *
--- a/source/java/org/alfresco/repo/dictionary/DictionaryModelType.java
+++ b/source/java/org/alfresco/repo/dictionary/DictionaryModelType.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2005-2007 Alfresco Software Limited.
+ * Copyright (C) 2005-2009 Alfresco Software Limited.
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
@@ -398,7 +398,7 @@ public class DictionaryModelType implements ContentServicePolicies.OnContentUpda
                for (NodeRef pendingNodeRef : pendingModels)
                {
                    String tenantDomain = tenantService.getDomain(pendingNodeRef.getStoreRef().getIdentifier());
-                    String tenantAdminUserName = tenantService.getDomainUser(TenantService.ADMIN_BASENAME, tenantDomain);
+                    String tenantSystemUserName = tenantService.getDomainUser(AuthenticationUtil.getSystemUserName(), tenantDomain);
                    
                    final NodeRef nodeRef = tenantService.getBaseName(pendingNodeRef);
                    
@@ -484,7 +484,7 @@ public class DictionaryModelType implements ContentServicePolicies.OnContentUpda

                            return null; 
                        }
-                    }, tenantAdminUserName);
+                    }, tenantSystemUserName);
                }
            }
        }
--- a/source/java/org/alfresco/repo/tenant/MultiTAdminServiceImpl.java
+++ b/source/java/org/alfresco/repo/tenant/MultiTAdminServiceImpl.java
@@ -99,6 +99,8 @@ public class MultiTAdminServiceImpl implements TenantAdminService, ApplicationCo
    
    private List<WorkflowDeployer> workflowDeployers = new ArrayList<WorkflowDeployer>();
    
+    private String baseAdminUsername = "admin"; // default for backwards compatibility only - eg. upgrade of existing MT instance (mt-admin-context.xml.sample)
+
    /*
     * Tenant domain/ids are unique strings that are case-insensitive. Tenant ids must be valid filenames. 
     * They may also map onto domains and hence should allow valid FQDN.
@@ -204,6 +206,11 @@ public class MultiTAdminServiceImpl implements TenantAdminService, ApplicationCo
        this.siteAVMBootstrap = siteAVMBootstrap;
    }
    
+    public void setBaseAdminUsername(String baseAdminUsername)
+    {
+        this.baseAdminUsername = baseAdminUsername;
+    }
+    
    public static final String PROTOCOL_STORE_USER = "user";
    public static final String PROTOCOL_STORE_WORKSPACE = "workspace";
    public static final String PROTOCOL_STORE_SYSTEM = "system";
@@ -219,8 +226,6 @@ public class MultiTAdminServiceImpl implements TenantAdminService, ApplicationCo
    private static final String TENANT_ATTRIBUTE_ENABLED = "enabled";
    private static final String TENANT_ROOT_CONTENT_STORE_DIR = "rootContentStoreDir";

-    private static final String ADMIN_BASENAME = TenantService.ADMIN_BASENAME;
-
    private List<TenantDeployer> tenantDeployers = new ArrayList<TenantDeployer>();

    private static final String WARN_MSG = "Please update your alfresco/extension/mt/mt-admin-context.xml to use baseMultiTAdminService (see latest alfresco/extension/mt/mt-admin-context.xml.sample)";
@@ -750,7 +755,6 @@ public class MultiTAdminServiceImpl implements TenantAdminService, ApplicationCo
        
        ImporterBootstrap systemImporterBootstrap = (ImporterBootstrap)ctx.getBean("systemBootstrap");
        systemImporterBootstrap.setBootstrapViews(bootstrapViews);
-        systemImporterBootstrap.setLog(true);

        bootstrapSystemTenantStore(systemImporterBootstrap, tenantDomain);
    }
@@ -787,7 +791,6 @@ public class MultiTAdminServiceImpl implements TenantAdminService, ApplicationCo
        
        ImporterBootstrap userImporterBootstrap = (ImporterBootstrap)ctx.getBean("userBootstrap");
        userImporterBootstrap.setBootstrapViews(bootstrapViews);
-        userImporterBootstrap.setLog(true);

        bootstrapUserTenantStore(userImporterBootstrap, tenantDomain, null);
    }
@@ -826,7 +829,6 @@ public class MultiTAdminServiceImpl implements TenantAdminService, ApplicationCo
        
        ImporterBootstrap versionImporterBootstrap = (ImporterBootstrap)ctx.getBean("versionBootstrap");
        versionImporterBootstrap.setBootstrapViews(bootstrapViews);
-        versionImporterBootstrap.setLog(true);

        bootstrapVersionTenantStore(versionImporterBootstrap, tenantDomain);
    }
@@ -855,7 +857,6 @@ public class MultiTAdminServiceImpl implements TenantAdminService, ApplicationCo
        
        ImporterBootstrap spacesArchiveImporterBootstrap = (ImporterBootstrap)ctx.getBean("spacesArchiveBootstrap");
        spacesArchiveImporterBootstrap.setBootstrapViews(bootstrapViews);
-        spacesArchiveImporterBootstrap.setLog(true);

        bootstrapSpacesArchiveTenantStore(spacesArchiveImporterBootstrap, tenantDomain);
    }
@@ -889,7 +890,6 @@ public class MultiTAdminServiceImpl implements TenantAdminService, ApplicationCo
        
        ImporterBootstrap spacesImporterBootstrap = (ImporterBootstrap)ctx.getBean("spacesBootstrap");
        spacesImporterBootstrap.setBootstrapViews(bootstrapViews);
-        spacesImporterBootstrap.setLog(true);

        bootstrapSpacesTenantStore(spacesImporterBootstrap, tenantDomain);
    }
@@ -907,7 +907,6 @@ public class MultiTAdminServiceImpl implements TenantAdminService, ApplicationCo
        
        ImporterBootstrap spacesImporterBootstrap = (ImporterBootstrap)ctx.getBean("spacesBootstrap");
        spacesImporterBootstrap.setBootstrapViews(bootstrapViews);
-        spacesImporterBootstrap.setLog(true);
        
        spacesImporterBootstrap.setUseExistingStore(true);

@@ -1240,7 +1239,7 @@ public class MultiTAdminServiceImpl implements TenantAdminService, ApplicationCo
    
    private String getTenantAdminUser(String tenantDomain)
    {
-        return tenantService.getDomainUser(ADMIN_BASENAME, tenantDomain);
+        return tenantService.getDomainUser(this.baseAdminUsername, tenantDomain);
    }

    private String getTenantGuestUser(String tenantDomain)
--- a/source/java/org/alfresco/repo/tenant/MultiTDemoTest.java
+++ b/source/java/org/alfresco/repo/tenant/MultiTDemoTest.java
@@ -217,7 +217,7 @@ public class MultiTDemoTest extends TestCase
        {
            for (final String tenantDomain : tenants)
            {        
-                String tenantAdminName = tenantService.getDomainUser(TenantService.ADMIN_BASENAME, tenantDomain);
+                String tenantAdminName = tenantService.getDomainUser(DEFAULT_ADMIN_UN, tenantDomain);
                
                AuthenticationUtil.runAs(new RunAsWork<Object>()
                {
@@ -238,7 +238,7 @@ public class MultiTDemoTest extends TestCase
            
            for (final String tenantDomain : tenants)
            {        
-                String tenantAdminName = tenantService.getDomainUser(TenantService.ADMIN_BASENAME, tenantDomain);
+                String tenantAdminName = tenantService.getDomainUser(DEFAULT_ADMIN_UN, tenantDomain);
                
                AuthenticationUtil.runAs(new RunAsWork<Object>()
                {
@@ -343,7 +343,7 @@ public class MultiTDemoTest extends TestCase
            
            for (final String tenantDomain : tenants)
            {
-                loginLogoutUser(tenantService.getDomainUser(TenantService.ADMIN_BASENAME, tenantDomain), DEFAULT_ADMIN_PW+" "+tenantDomain);
+                loginLogoutUser(tenantService.getDomainUser(DEFAULT_ADMIN_UN, tenantDomain), DEFAULT_ADMIN_PW+" "+tenantDomain);
            }
        }   
        catch (Throwable t)
@@ -361,7 +361,7 @@ public class MultiTDemoTest extends TestCase

        for (final String tenantDomain : tenants)
        {        
-            String tenantAdminName = tenantService.getDomainUser(TenantService.ADMIN_BASENAME, tenantDomain);
+            String tenantAdminName = tenantService.getDomainUser(DEFAULT_ADMIN_UN, tenantDomain);
            
            AuthenticationUtil.runAs(new RunAsWork<Object>()
                    {
@@ -392,7 +392,7 @@ public class MultiTDemoTest extends TestCase
        
        for (final String tenantDomain : tenants)
        {        
-            String tenantAdminName = tenantService.getDomainUser(TenantService.ADMIN_BASENAME, tenantDomain);
+            String tenantAdminName = tenantService.getDomainUser(DEFAULT_ADMIN_UN, tenantDomain);
            
            AuthenticationUtil.runAs(new RunAsWork<Object>()
                    {
@@ -526,7 +526,7 @@ public class MultiTDemoTest extends TestCase
        
        for (final String tenantDomain : tenants)
        {        
-            String tenantAdminName = tenantService.getDomainUser(TenantService.ADMIN_BASENAME, tenantDomain);
+            String tenantAdminName = tenantService.getDomainUser(DEFAULT_ADMIN_UN, tenantDomain);
            
            AuthenticationUtil.runAs(new RunAsWork<Object>()
            {
@@ -546,7 +546,7 @@ public class MultiTDemoTest extends TestCase
        
        for (final String tenantDomain : tenants)
        {
-            String tenantAdminName = tenantService.getDomainUser(TenantService.ADMIN_BASENAME, tenantDomain);
+            String tenantAdminName = tenantService.getDomainUser(DEFAULT_ADMIN_UN, tenantDomain);
            
            AuthenticationUtil.runAs(new RunAsWork<Object>()
            {
--- a/source/java/org/alfresco/repo/tenant/TenantInterpreter.java
+++ b/source/java/org/alfresco/repo/tenant/TenantInterpreter.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2005-2007 Alfresco Software Limited.
+ * Copyright (C) 2005-2009 Alfresco Software Limited.
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
@@ -48,9 +48,11 @@ public class TenantInterpreter extends BaseInterpreter
    // Service dependencies    
    
    private TenantAdminService tenantAdminService;
-    
+    protected TenantService tenantService;
    private AuthenticationService authenticationService;
    
+    private String baseAdminUsername = "admin"; // default for backwards compatibility only - eg. upgrade of existing MT instance (mt-admin-context.xml.sample)
+
    public void setTenantAdminService(TenantAdminService tenantAdminService)
    {
        this.tenantAdminService = tenantAdminService;
@@ -61,6 +63,16 @@ public class TenantInterpreter extends BaseInterpreter
        this.authenticationService = authenticationService;
    }
    
+    public void setTenantService(TenantService tenantService)
+    {
+        this.tenantService = tenantService;
+    }
+    
+    public void setBaseAdminUsername(String baseAdminUsername)
+    {
+        this.baseAdminUsername = baseAdminUsername;
+    }
+    
    /**
     * Main entry point.
     */
@@ -72,8 +84,8 @@ public class TenantInterpreter extends BaseInterpreter
    
    protected boolean hasAuthority(String username)
    {
-        // must be super "admin" for tenant administrator
-        return ((username != null) && (username.equals(BaseInterpreter.DEFAULT_ADMIN)));
+        // must be "super" admin for tenant administration
+        return ((username != null) && (authorityService.isAdminAuthority(username)) && (! tenantService.isTenantUser(username)));
    }
    
    public String interpretCommand(final String line) throws IOException
@@ -324,7 +336,7 @@ public class TenantInterpreter extends BaseInterpreter
            String tenantDomain = new String(command[1]).toLowerCase();
            
            final String newPassword = new String(command[2]);
-            final String tenantAdminUsername = tenantService.getDomainUser(TenantService.ADMIN_BASENAME, tenantDomain);
+            final String tenantAdminUsername = tenantService.getDomainUser(baseAdminUsername, tenantDomain);

            AuthenticationUtil.runAs(new RunAsWork<Object>()
            {
--- a/source/java/org/alfresco/repo/tenant/TenantService.java
+++ b/source/java/org/alfresco/repo/tenant/TenantService.java
@@ -46,8 +46,6 @@ public interface TenantService extends TenantUserService
    
    public static final String DEFAULT_DOMAIN = "";
    
-    public static final String ADMIN_BASENAME = "admin";
-    
    /**
     * @return          the reference <b>with</b> the tenant-specific ID attached
     */