mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-08-07 17:49:17 +00:00
Merged V3.1 to HEAD
12904: Partial fix for ETHREEOH-1221 git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@13539 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Jan Vonka
@@ -7,13 +7,15 @@
|
||||
<!-- MT Admin Service Implementation -->
|
||||
<!-- -->
|
||||
|
||||
<bean id="tenantAdminService" parent="baseMultiTAdminService" />
|
||||
<bean id="tenantAdminService" parent="baseMultiTAdminService" />
|
||||
|
||||
<bean id="tenantInterpreter" class="org.alfresco.repo.tenant.TenantInterpreter">
|
||||
<property name="transactionService" ref="transactionComponent"/>
|
||||
<property name="tenantAdminService" ref="tenantAdminService"/>
|
||||
<property name="tenantService" ref="tenantService"/>
|
||||
<property name="authenticationService" ref="AuthenticationService"/>
|
||||
<property name="authorityService" ref="AuthorityService"/>
|
||||
<property name="baseAdminUsername"><value>${alfresco_user_store.adminusername}</value></property>
|
||||
</bean>
|
||||
|
||||
<bean id="tenantInterpreterHelp" class="org.alfresco.i18n.ResourceBundleBootstrapComponent">
|
||||
|
||||
@@ -20,6 +20,7 @@
|
||||
<property name="workflowService" ref="WorkflowService"/>
|
||||
<property name="repositoryExporterService" ref="repositoryExporterComponent"/>
|
||||
<property name="moduleService" ref="moduleService"/>
|
||||
<property name="baseAdminUsername"><value>${alfresco_user_store.adminusername}</value></property>
|
||||
|
||||
<property name="siteAVMBootstrap" ref="siteAVMBootstrap"/>
|
||||
|
||||
|
||||
@@ -21,7 +21,7 @@
|
||||
|
||||
<property name="transactionService" ref="transactionComponent"/>
|
||||
<property name="repoAdminService" ref="RepoAdminService"/>
|
||||
<property name="tenantService" ref="tenantService"/>
|
||||
<property name="authorityService" ref="AuthorityService"/>
|
||||
|
||||
</bean>
|
||||
|
||||
|
||||
@@ -53,6 +53,7 @@
|
||||
<property name="transactionService" ref="transactionService"/>
|
||||
<property name="fileFolderService" ref="FileFolderService"/>
|
||||
<property name="tenantService" ref="tenantService"/>
|
||||
<property name="authorityService" ref="AuthorityService"/>
|
||||
</bean>
|
||||
|
||||
<bean id="workflowInterpreterHelp" class="org.alfresco.i18n.ResourceBundleBootstrapComponent">
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (C) 2005-2007 Alfresco Software Limited.
|
||||
* Copyright (C) 2005-2009 Alfresco Software Limited.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU General Public License
|
||||
@@ -30,8 +30,8 @@ import java.io.InputStreamReader;
|
||||
|
||||
import org.alfresco.repo.security.authentication.AuthenticationUtil;
|
||||
import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
|
||||
import org.alfresco.repo.tenant.TenantService;
|
||||
import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback;
|
||||
import org.alfresco.service.cmr.security.AuthorityService;
|
||||
import org.alfresco.service.transaction.TransactionService;
|
||||
import org.alfresco.util.AbstractLifecycleBean;
|
||||
import org.alfresco.util.ApplicationContextHelper;
|
||||
@@ -46,8 +46,7 @@ public abstract class BaseInterpreter extends AbstractLifecycleBean
|
||||
{
|
||||
// dependencies
|
||||
protected TransactionService transactionService;
|
||||
protected TenantService tenantService;
|
||||
|
||||
protected AuthorityService authorityService;
|
||||
|
||||
/**4
|
||||
* The reader for interaction.
|
||||
@@ -100,9 +99,9 @@ public abstract class BaseInterpreter extends AbstractLifecycleBean
|
||||
this.transactionService = transactionService;
|
||||
}
|
||||
|
||||
public void setTenantService(TenantService tenantService)
|
||||
public void setAuthorityService(AuthorityService authorityService)
|
||||
{
|
||||
this.tenantService = tenantService;
|
||||
this.authorityService = authorityService;
|
||||
}
|
||||
|
||||
|
||||
@@ -175,7 +174,13 @@ public abstract class BaseInterpreter extends AbstractLifecycleBean
|
||||
|
||||
protected boolean hasAuthority(String username)
|
||||
{
|
||||
return ((username != null) && (tenantService.getBaseNameUser(username).equals(DEFAULT_ADMIN)));
|
||||
if (authorityService == null)
|
||||
{
|
||||
// default for backwards compatibility - eg. upgrade of existing MT instance (mt-admin-context.xml.sample)
|
||||
authorityService = (AuthorityService)getApplicationContext().getBean("AuthorityService");
|
||||
}
|
||||
|
||||
return ((username != null) && (authorityService.isAdminAuthority(username)));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (C) 2005-2007 Alfresco Software Limited.
|
||||
* Copyright (C) 2005-2009 Alfresco Software Limited.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU General Public License
|
||||
@@ -61,13 +61,6 @@ public class RepoAdminInterpreter extends BaseInterpreter
|
||||
runMain("repoAdminInterpreter");
|
||||
}
|
||||
|
||||
protected boolean hasAuthority(String username)
|
||||
{
|
||||
// must be an "admin" for repository administration
|
||||
return ((username != null) && (tenantService.getBaseNameUser(username).equals(BaseInterpreter.DEFAULT_ADMIN)));
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Execute a single command using the BufferedReader passed in for any data needed.
|
||||
*
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (C) 2005-2007 Alfresco Software Limited.
|
||||
* Copyright (C) 2005-2009 Alfresco Software Limited.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU General Public License
|
||||
@@ -398,7 +398,7 @@ public class DictionaryModelType implements ContentServicePolicies.OnContentUpda
|
||||
for (NodeRef pendingNodeRef : pendingModels)
|
||||
{
|
||||
String tenantDomain = tenantService.getDomain(pendingNodeRef.getStoreRef().getIdentifier());
|
||||
String tenantAdminUserName = tenantService.getDomainUser(TenantService.ADMIN_BASENAME, tenantDomain);
|
||||
String tenantSystemUserName = tenantService.getDomainUser(AuthenticationUtil.getSystemUserName(), tenantDomain);
|
||||
|
||||
final NodeRef nodeRef = tenantService.getBaseName(pendingNodeRef);
|
||||
|
||||
@@ -484,7 +484,7 @@ public class DictionaryModelType implements ContentServicePolicies.OnContentUpda
|
||||
|
||||
return null;
|
||||
}
|
||||
}, tenantAdminUserName);
|
||||
}, tenantSystemUserName);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -99,6 +99,8 @@ public class MultiTAdminServiceImpl implements TenantAdminService, ApplicationCo
|
||||
|
||||
private List<WorkflowDeployer> workflowDeployers = new ArrayList<WorkflowDeployer>();
|
||||
|
||||
private String baseAdminUsername = "admin"; // default for backwards compatibility only - eg. upgrade of existing MT instance (mt-admin-context.xml.sample)
|
||||
|
||||
/*
|
||||
* Tenant domain/ids are unique strings that are case-insensitive. Tenant ids must be valid filenames.
|
||||
* They may also map onto domains and hence should allow valid FQDN.
|
||||
@@ -204,6 +206,11 @@ public class MultiTAdminServiceImpl implements TenantAdminService, ApplicationCo
|
||||
this.siteAVMBootstrap = siteAVMBootstrap;
|
||||
}
|
||||
|
||||
public void setBaseAdminUsername(String baseAdminUsername)
|
||||
{
|
||||
this.baseAdminUsername = baseAdminUsername;
|
||||
}
|
||||
|
||||
public static final String PROTOCOL_STORE_USER = "user";
|
||||
public static final String PROTOCOL_STORE_WORKSPACE = "workspace";
|
||||
public static final String PROTOCOL_STORE_SYSTEM = "system";
|
||||
@@ -219,8 +226,6 @@ public class MultiTAdminServiceImpl implements TenantAdminService, ApplicationCo
|
||||
private static final String TENANT_ATTRIBUTE_ENABLED = "enabled";
|
||||
private static final String TENANT_ROOT_CONTENT_STORE_DIR = "rootContentStoreDir";
|
||||
|
||||
private static final String ADMIN_BASENAME = TenantService.ADMIN_BASENAME;
|
||||
|
||||
private List<TenantDeployer> tenantDeployers = new ArrayList<TenantDeployer>();
|
||||
|
||||
private static final String WARN_MSG = "Please update your alfresco/extension/mt/mt-admin-context.xml to use baseMultiTAdminService (see latest alfresco/extension/mt/mt-admin-context.xml.sample)";
|
||||
@@ -750,7 +755,6 @@ public class MultiTAdminServiceImpl implements TenantAdminService, ApplicationCo
|
||||
|
||||
ImporterBootstrap systemImporterBootstrap = (ImporterBootstrap)ctx.getBean("systemBootstrap");
|
||||
systemImporterBootstrap.setBootstrapViews(bootstrapViews);
|
||||
systemImporterBootstrap.setLog(true);
|
||||
|
||||
bootstrapSystemTenantStore(systemImporterBootstrap, tenantDomain);
|
||||
}
|
||||
@@ -787,7 +791,6 @@ public class MultiTAdminServiceImpl implements TenantAdminService, ApplicationCo
|
||||
|
||||
ImporterBootstrap userImporterBootstrap = (ImporterBootstrap)ctx.getBean("userBootstrap");
|
||||
userImporterBootstrap.setBootstrapViews(bootstrapViews);
|
||||
userImporterBootstrap.setLog(true);
|
||||
|
||||
bootstrapUserTenantStore(userImporterBootstrap, tenantDomain, null);
|
||||
}
|
||||
@@ -826,7 +829,6 @@ public class MultiTAdminServiceImpl implements TenantAdminService, ApplicationCo
|
||||
|
||||
ImporterBootstrap versionImporterBootstrap = (ImporterBootstrap)ctx.getBean("versionBootstrap");
|
||||
versionImporterBootstrap.setBootstrapViews(bootstrapViews);
|
||||
versionImporterBootstrap.setLog(true);
|
||||
|
||||
bootstrapVersionTenantStore(versionImporterBootstrap, tenantDomain);
|
||||
}
|
||||
@@ -855,7 +857,6 @@ public class MultiTAdminServiceImpl implements TenantAdminService, ApplicationCo
|
||||
|
||||
ImporterBootstrap spacesArchiveImporterBootstrap = (ImporterBootstrap)ctx.getBean("spacesArchiveBootstrap");
|
||||
spacesArchiveImporterBootstrap.setBootstrapViews(bootstrapViews);
|
||||
spacesArchiveImporterBootstrap.setLog(true);
|
||||
|
||||
bootstrapSpacesArchiveTenantStore(spacesArchiveImporterBootstrap, tenantDomain);
|
||||
}
|
||||
@@ -889,7 +890,6 @@ public class MultiTAdminServiceImpl implements TenantAdminService, ApplicationCo
|
||||
|
||||
ImporterBootstrap spacesImporterBootstrap = (ImporterBootstrap)ctx.getBean("spacesBootstrap");
|
||||
spacesImporterBootstrap.setBootstrapViews(bootstrapViews);
|
||||
spacesImporterBootstrap.setLog(true);
|
||||
|
||||
bootstrapSpacesTenantStore(spacesImporterBootstrap, tenantDomain);
|
||||
}
|
||||
@@ -907,7 +907,6 @@ public class MultiTAdminServiceImpl implements TenantAdminService, ApplicationCo
|
||||
|
||||
ImporterBootstrap spacesImporterBootstrap = (ImporterBootstrap)ctx.getBean("spacesBootstrap");
|
||||
spacesImporterBootstrap.setBootstrapViews(bootstrapViews);
|
||||
spacesImporterBootstrap.setLog(true);
|
||||
|
||||
spacesImporterBootstrap.setUseExistingStore(true);
|
||||
|
||||
@@ -1240,7 +1239,7 @@ public class MultiTAdminServiceImpl implements TenantAdminService, ApplicationCo
|
||||
|
||||
private String getTenantAdminUser(String tenantDomain)
|
||||
{
|
||||
return tenantService.getDomainUser(ADMIN_BASENAME, tenantDomain);
|
||||
return tenantService.getDomainUser(this.baseAdminUsername, tenantDomain);
|
||||
}
|
||||
|
||||
private String getTenantGuestUser(String tenantDomain)
|
||||
|
||||
@@ -217,7 +217,7 @@ public class MultiTDemoTest extends TestCase
|
||||
{
|
||||
for (final String tenantDomain : tenants)
|
||||
{
|
||||
String tenantAdminName = tenantService.getDomainUser(TenantService.ADMIN_BASENAME, tenantDomain);
|
||||
String tenantAdminName = tenantService.getDomainUser(DEFAULT_ADMIN_UN, tenantDomain);
|
||||
|
||||
AuthenticationUtil.runAs(new RunAsWork<Object>()
|
||||
{
|
||||
@@ -238,7 +238,7 @@ public class MultiTDemoTest extends TestCase
|
||||
|
||||
for (final String tenantDomain : tenants)
|
||||
{
|
||||
String tenantAdminName = tenantService.getDomainUser(TenantService.ADMIN_BASENAME, tenantDomain);
|
||||
String tenantAdminName = tenantService.getDomainUser(DEFAULT_ADMIN_UN, tenantDomain);
|
||||
|
||||
AuthenticationUtil.runAs(new RunAsWork<Object>()
|
||||
{
|
||||
@@ -343,7 +343,7 @@ public class MultiTDemoTest extends TestCase
|
||||
|
||||
for (final String tenantDomain : tenants)
|
||||
{
|
||||
loginLogoutUser(tenantService.getDomainUser(TenantService.ADMIN_BASENAME, tenantDomain), DEFAULT_ADMIN_PW+" "+tenantDomain);
|
||||
loginLogoutUser(tenantService.getDomainUser(DEFAULT_ADMIN_UN, tenantDomain), DEFAULT_ADMIN_PW+" "+tenantDomain);
|
||||
}
|
||||
}
|
||||
catch (Throwable t)
|
||||
@@ -361,7 +361,7 @@ public class MultiTDemoTest extends TestCase
|
||||
|
||||
for (final String tenantDomain : tenants)
|
||||
{
|
||||
String tenantAdminName = tenantService.getDomainUser(TenantService.ADMIN_BASENAME, tenantDomain);
|
||||
String tenantAdminName = tenantService.getDomainUser(DEFAULT_ADMIN_UN, tenantDomain);
|
||||
|
||||
AuthenticationUtil.runAs(new RunAsWork<Object>()
|
||||
{
|
||||
@@ -392,7 +392,7 @@ public class MultiTDemoTest extends TestCase
|
||||
|
||||
for (final String tenantDomain : tenants)
|
||||
{
|
||||
String tenantAdminName = tenantService.getDomainUser(TenantService.ADMIN_BASENAME, tenantDomain);
|
||||
String tenantAdminName = tenantService.getDomainUser(DEFAULT_ADMIN_UN, tenantDomain);
|
||||
|
||||
AuthenticationUtil.runAs(new RunAsWork<Object>()
|
||||
{
|
||||
@@ -526,7 +526,7 @@ public class MultiTDemoTest extends TestCase
|
||||
|
||||
for (final String tenantDomain : tenants)
|
||||
{
|
||||
String tenantAdminName = tenantService.getDomainUser(TenantService.ADMIN_BASENAME, tenantDomain);
|
||||
String tenantAdminName = tenantService.getDomainUser(DEFAULT_ADMIN_UN, tenantDomain);
|
||||
|
||||
AuthenticationUtil.runAs(new RunAsWork<Object>()
|
||||
{
|
||||
@@ -546,7 +546,7 @@ public class MultiTDemoTest extends TestCase
|
||||
|
||||
for (final String tenantDomain : tenants)
|
||||
{
|
||||
String tenantAdminName = tenantService.getDomainUser(TenantService.ADMIN_BASENAME, tenantDomain);
|
||||
String tenantAdminName = tenantService.getDomainUser(DEFAULT_ADMIN_UN, tenantDomain);
|
||||
|
||||
AuthenticationUtil.runAs(new RunAsWork<Object>()
|
||||
{
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (C) 2005-2007 Alfresco Software Limited.
|
||||
* Copyright (C) 2005-2009 Alfresco Software Limited.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU General Public License
|
||||
@@ -48,9 +48,11 @@ public class TenantInterpreter extends BaseInterpreter
|
||||
// Service dependencies
|
||||
|
||||
private TenantAdminService tenantAdminService;
|
||||
|
||||
protected TenantService tenantService;
|
||||
private AuthenticationService authenticationService;
|
||||
|
||||
private String baseAdminUsername = "admin"; // default for backwards compatibility only - eg. upgrade of existing MT instance (mt-admin-context.xml.sample)
|
||||
|
||||
public void setTenantAdminService(TenantAdminService tenantAdminService)
|
||||
{
|
||||
this.tenantAdminService = tenantAdminService;
|
||||
@@ -61,6 +63,16 @@ public class TenantInterpreter extends BaseInterpreter
|
||||
this.authenticationService = authenticationService;
|
||||
}
|
||||
|
||||
public void setTenantService(TenantService tenantService)
|
||||
{
|
||||
this.tenantService = tenantService;
|
||||
}
|
||||
|
||||
public void setBaseAdminUsername(String baseAdminUsername)
|
||||
{
|
||||
this.baseAdminUsername = baseAdminUsername;
|
||||
}
|
||||
|
||||
/**
|
||||
* Main entry point.
|
||||
*/
|
||||
@@ -72,8 +84,8 @@ public class TenantInterpreter extends BaseInterpreter
|
||||
|
||||
protected boolean hasAuthority(String username)
|
||||
{
|
||||
// must be super "admin" for tenant administrator
|
||||
return ((username != null) && (username.equals(BaseInterpreter.DEFAULT_ADMIN)));
|
||||
// must be "super" admin for tenant administration
|
||||
return ((username != null) && (authorityService.isAdminAuthority(username)) && (! tenantService.isTenantUser(username)));
|
||||
}
|
||||
|
||||
public String interpretCommand(final String line) throws IOException
|
||||
@@ -324,7 +336,7 @@ public class TenantInterpreter extends BaseInterpreter
|
||||
String tenantDomain = new String(command[1]).toLowerCase();
|
||||
|
||||
final String newPassword = new String(command[2]);
|
||||
final String tenantAdminUsername = tenantService.getDomainUser(TenantService.ADMIN_BASENAME, tenantDomain);
|
||||
final String tenantAdminUsername = tenantService.getDomainUser(baseAdminUsername, tenantDomain);
|
||||
|
||||
AuthenticationUtil.runAs(new RunAsWork<Object>()
|
||||
{
|
||||
|
||||
@@ -46,8 +46,6 @@ public interface TenantService extends TenantUserService
|
||||
|
||||
public static final String DEFAULT_DOMAIN = "";
|
||||
|
||||
public static final String ADMIN_BASENAME = "admin";
|
||||
|
||||
/**
|
||||
* @return the reference <b>with</b> the tenant-specific ID attached
|
||||
*/
|
||||
|
||||
Reference in New Issue
Block a user