inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

MT - fix tenant domain validation when creating new users/persons

Browse Source 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@8470 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Jan Vonka
2008-03-07 15:33:30 +00:00
parent 17949048eb
commit 8e14524650
2 changed files with 62 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
config/alfresco/messages/webclient.properties
View File

@@ -1844,6 +1844,7 @@ error_negative_quota=Quota cannot be negative: {0}
error_search_not_exist=Search does not exist with name: {0} error_search_not_exist=Search does not exist with name: {0}
error_search_not_exist=Search does not exist with name: \"{0}\" error_search_not_exist=Search does not exist with name: \"{0}\"
error_retrieving_search_results=Error getting results for search \"{0}\" - \"{1}\" error_retrieving_search_results=Error getting results for search \"{0}\" - \"{1}\"
error_domain_mismatch=Domain mismatch: expected = {0}, actual = {1}
# Confirmations # Confirmations
return_to_application=Return to application return_to_application=Return to application

103
source/java/org/alfresco/web/bean/users/CreateUserWizard.java
View File

@@ -40,7 +40,6 @@ import javax.faces.validator.ValidatorException;
import org.alfresco.error.AlfrescoRuntimeException; import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.model.ApplicationModel; import org.alfresco.model.ApplicationModel;
import org.alfresco.model.ContentModel; import org.alfresco.model.ContentModel;
import org.alfresco.repo.security.authentication.AuthenticationException;
import org.alfresco.repo.tenant.TenantService; import org.alfresco.repo.tenant.TenantService;
import org.alfresco.service.cmr.repository.ChildAssociationRef; import org.alfresco.service.cmr.repository.ChildAssociationRef;
import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.cmr.repository.NodeRef;
@@ -71,6 +70,7 @@ public class CreateUserWizard extends BaseWizardBean
private static Logger logger = Logger.getLogger(CreateUserWizard.class); private static Logger logger = Logger.getLogger(CreateUserWizard.class);
protected static final String ERROR = "error_person"; protected static final String ERROR = "error_person";
protected static final String ERROR_DOMAIN_MISMATCH = "error_domain_mismatch";
protected static final String QUOTA_UNITS_KB = "kilobyte"; protected static final String QUOTA_UNITS_KB = "kilobyte";
protected static final String QUOTA_UNITS_MB = "megabyte"; protected static final String QUOTA_UNITS_MB = "megabyte";
@@ -178,7 +178,7 @@ public class CreateUserWizard extends BaseWizardBean
/** /**
* @return tenantService * @return tenantService
*/ */
private TenantService geTenantService() private TenantService getTenantService()
{ {
//check for null for cluster environment //check for null for cluster environment
if(tenantService == null) if(tenantService == null)
@@ -278,24 +278,37 @@ public class CreateUserWizard extends BaseWizardBean
this.sizeQuota = null; this.sizeQuota = null;
this.sizeQuotaUnits = ""; this.sizeQuotaUnits = "";
} }
@Override
public String next()
{
String stepName = Application.getWizardManager().getCurrentStepName();
if ("summary".equals(stepName))
{
FacesContext context = FacesContext.getCurrentInstance();
if (! this.password.equals(this.confirm))
{
Utils.addErrorMessage(Application.getMessage(context, UsersDialog.ERROR_PASSWORD_MATCH));
}
checkTenantUserName();
if (context.getMessages().hasNext())
{
Application.getWizardManager().getState().setCurrentStep(Application.getWizardManager().getCurrentStep() - 1);
}
}
return super.next();
}
/** /**
* @return Returns the summary data for the wizard. * @return Returns the summary data for the wizard.
*/ */
public String getSummary() public String getSummary()
{ {
if (geTenantService().isEnabled())
{
try
{
checkTenantUserName();
}
catch (Exception e)
{
// TODO - ignore for now, but ideally should handle earlier
}
}
ResourceBundle bundle = Application.getBundle(FacesContext.getCurrentInstance()); ResourceBundle bundle = Application.getBundle(FacesContext.getCurrentInstance());
String homeSpaceLabel = this.homeSpaceName; String homeSpaceLabel = this.homeSpaceName;
@@ -791,13 +804,19 @@ public class CreateUserWizard extends BaseWizardBean
// TODO: implement create new Person object from specified details // TODO: implement create new Person object from specified details
try try
{ {
if (this.password.equals(this.confirm)) if (! this.password.equals(this.confirm))
{
Utils.addErrorMessage(Application.getMessage(context, UsersDialog.ERROR_PASSWORD_MATCH));
outcome = null;
}
if (checkTenantUserName() == false)
{
outcome = null;
}
if (outcome != null)
{ {
if (geTenantService().isEnabled())
{
checkTenantUserName();
}
// create properties for Person type from submitted Form data // create properties for Person type from submitted Form data
Map<QName, Serializable> props = new HashMap<QName, Serializable>(7, 1.0f); Map<QName, Serializable> props = new HashMap<QName, Serializable>(7, 1.0f);
props.put(ContentModel.PROP_USERNAME, this.userName); props.put(ContentModel.PROP_USERNAME, this.userName);
@@ -854,11 +873,6 @@ public class CreateUserWizard extends BaseWizardBean
putSizeQuotaProperty(this.userName, this.sizeQuota, this.sizeQuotaUnits); putSizeQuotaProperty(this.userName, this.sizeQuota, this.sizeQuotaUnits);
} }
} }
else
{
Utils.addErrorMessage(Application.getMessage(context, UsersDialog.ERROR_PASSWORD_MATCH));
outcome = null;
}
invalidateUserList(); invalidateUserList();
} }
catch (Throwable e) catch (Throwable e)
@@ -947,28 +961,33 @@ public class CreateUserWizard extends BaseWizardBean
return new Pair<Long, String>(size, units); return new Pair<Long, String>(size, units);
} }
protected void checkTenantUserName() public boolean checkTenantUserName()
{ {
String currentDomain = geTenantService().getCurrentUserDomain(); if (getTenantService().isEnabled())
if (! currentDomain.equals(TenantService.DEFAULT_DOMAIN)) {
{ String currentDomain = getTenantService().getCurrentUserDomain();
if (! geTenantService().isTenantUser(this.userName))
// note: getTenantService().getUserDomain(this.userName) checks whether tenant exists or not, which is not required here
String userDomain = TenantService.DEFAULT_DOMAIN;
int idx = this.userName.indexOf(TenantService.SEPARATOR);
if ((idx != -1) && (idx < (userName.length()-1)))
{
userDomain = userName.substring(idx+1);
}
if ((! currentDomain.equals(TenantService.DEFAULT_DOMAIN)) && (userDomain.equals(TenantService.DEFAULT_DOMAIN)))
{ {
// force domain onto the end of the username // force domain onto the end of the username
this.userName = geTenantService().getDomainUser(this.userName, currentDomain); this.userName = getTenantService().getDomainUser(this.userName, currentDomain);
logger.warn("Added domain to username: " + this.userName); logger.warn("Added domain to username: " + this.userName);
} }
else else if (! currentDomain.equals(userDomain))
{ {
try Utils.addErrorMessage(MessageFormat.format(Application.getMessage(FacesContext.getCurrentInstance(), ERROR_DOMAIN_MISMATCH), currentDomain, userDomain));
{ return false;
geTenantService().checkDomainUser(this.userName);
}
catch (RuntimeException re)
{
throw new AuthenticationException("User must belong to same domain as admin: " + currentDomain);
}
} }
} }
return true;
} }
} }