diff --git a/packaging/tests/scripts/start-compose.sh b/packaging/tests/scripts/start-compose.sh index 3b28e01dc2..3036c56947 100755 --- a/packaging/tests/scripts/start-compose.sh +++ b/packaging/tests/scripts/start-compose.sh @@ -49,5 +49,6 @@ then echo "Docker Compose started ok" else echo "Docker Compose failed to start" >&2 + docker compose ${DOCKER_COMPOSES} logs --tail 200 exit 1 -fi \ No newline at end of file +fi diff --git a/repository/src/main/java/org/alfresco/repo/security/authority/AuthorityDAO.java b/repository/src/main/java/org/alfresco/repo/security/authority/AuthorityDAO.java index 11bd4557bc..b577bb0425 100644 --- a/repository/src/main/java/org/alfresco/repo/security/authority/AuthorityDAO.java +++ b/repository/src/main/java/org/alfresco/repo/security/authority/AuthorityDAO.java @@ -248,4 +248,9 @@ public interface AuthorityDAO * Remove an authority from zones. */ public void removeAuthorityFromZones(String authorityName, Set zones); + + /** + * @return Returns the authority container, which must exist + */ + NodeRef getAuthorityContainer(); } diff --git a/repository/src/main/java/org/alfresco/repo/security/authority/AuthorityDAOImpl.java b/repository/src/main/java/org/alfresco/repo/security/authority/AuthorityDAOImpl.java index 15ece29956..b940201edc 100644 --- a/repository/src/main/java/org/alfresco/repo/security/authority/AuthorityDAOImpl.java +++ b/repository/src/main/java/org/alfresco/repo/security/authority/AuthorityDAOImpl.java @@ -1360,7 +1360,8 @@ public class AuthorityDAOImpl implements AuthorityDAO, NodeServicePolicies.Befor /** * @return Returns the authority container, which must exist */ - private NodeRef getAuthorityContainer() + @Override + public NodeRef getAuthorityContainer() { return getSystemContainer(qnameAssocAuthorities); } diff --git a/repository/src/main/java/org/alfresco/repo/security/sync/ChainingUserRegistrySynchronizer.java b/repository/src/main/java/org/alfresco/repo/security/sync/ChainingUserRegistrySynchronizer.java index bb1eaf5c66..29513874d9 100644 --- a/repository/src/main/java/org/alfresco/repo/security/sync/ChainingUserRegistrySynchronizer.java +++ b/repository/src/main/java/org/alfresco/repo/security/sync/ChainingUserRegistrySynchronizer.java @@ -411,6 +411,7 @@ public class ChainingUserRegistrySynchronizer extends AbstractLifecycleBean Date groupLastModified = groupLastModifiedMillis == -1 ? null : new Date(groupLastModifiedMillis); Date personLastModified = personLastModifiedMillis == -1 ? null : new Date(personLastModifiedMillis); + plugin.initSync(groupLastModified, syncDelete); ret.setGroups(plugin.getGroupNames()); ret.setUsers(plugin.getPersonNames()); @@ -918,7 +919,7 @@ public class ChainingUserRegistrySynchronizer extends AbstractLifecycleBean : getMostRecentUpdateTime( ChainingUserRegistrySynchronizer.GROUP_LAST_MODIFIED_ATTRIBUTE, zoneId, splitTxns); Date lastModified = lastModifiedMillis == -1 ? null : new Date(lastModifiedMillis); - + userRegistry.initSync(lastModified, syncDelete); if (ChainingUserRegistrySynchronizer.logger.isInfoEnabled()) { if (lastModified == null) @@ -945,6 +946,7 @@ public class ChainingUserRegistrySynchronizer extends AbstractLifecycleBean this.loggingInterval); class Analyzer extends BaseBatchProcessWorker { + private final Map nodeDescriptions = new HashMap<>(); private final Map groupsToCreate = new TreeMap(); private final Map> personParentAssocsToCreate = newPersonMap(); private final Map> personParentAssocsToDelete = newPersonMap(); @@ -1103,6 +1105,7 @@ public class ChainingUserRegistrySynchronizer extends AbstractLifecycleBean { PropertyMap groupProperties = group.getProperties(); String groupName = (String) groupProperties.get(ContentModel.PROP_AUTHORITY_NAME); + nodeDescriptions.put(groupName, group); String groupDisplayName = (String) groupProperties.get(ContentModel.PROP_AUTHORITY_DISPLAY_NAME); if (groupDisplayName == null) { @@ -1565,9 +1568,11 @@ public class ChainingUserRegistrySynchronizer extends AbstractLifecycleBean + groupShortName + "'"); } // create the group + Map groupProperties = Optional.ofNullable(Analyzer.this.nodeDescriptions.get(child)) + .map(NodeDescription::getProperties) + .orElse(new PropertyMap()); ChainingUserRegistrySynchronizer.this.authorityService.createAuthority( - AuthorityType.getAuthorityType(child), groupShortName, groupDisplayName, - zoneSet); + AuthorityType.getAuthorityType(child), groupShortName, groupDisplayName, zoneSet, groupProperties); } else { diff --git a/repository/src/main/java/org/alfresco/repo/security/sync/UserRegistry.java b/repository/src/main/java/org/alfresco/repo/security/sync/UserRegistry.java index fddd9c7ccc..1bbe1a3234 100644 --- a/repository/src/main/java/org/alfresco/repo/security/sync/UserRegistry.java +++ b/repository/src/main/java/org/alfresco/repo/security/sync/UserRegistry.java @@ -4,21 +4,21 @@ * %% * Copyright (C) 2005 - 2016 Alfresco Software Limited * %% - * This file is part of the Alfresco software. - * If the software was purchased under a paid Alfresco license, the terms of - * the paid license agreement will prevail. Otherwise, the software is + * This file is part of the Alfresco software. + * If the software was purchased under a paid Alfresco license, the terms of + * the paid license agreement will prevail. Otherwise, the software is * provided under the following open source license terms: - * + * * Alfresco is free software: you can redistribute it and/or modify * it under the terms of the GNU Lesser General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. - * + * * Alfresco is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Lesser General Public License for more details. - * + * * You should have received a copy of the GNU Lesser General Public License * along with Alfresco. If not, see . * #L% @@ -33,14 +33,14 @@ import org.alfresco.service.namespace.QName; /** * A UserRegistry is an encapsulation of an external registry from which user and group information can be queried (typically an LDAP directory). Implementations may optional support the ability to query only those users and groups modified since a certain time. - * + * * @author dward */ public interface UserRegistry { /** * Gets descriptions of all the persons (users) in the user registry or all those changed since a certain date. - * + * * @param modifiedSince * if non-null, then only descriptions of users modified since this date should be returned; if null then descriptions of all users should be returned. * @return a {@link Collection} of {@link NodeDescription}s of all the persons (users) in the user registry or all those changed since a certain date. The description properties should correspond to those of an Alfresco person node. @@ -49,7 +49,7 @@ public interface UserRegistry /** * Gets descriptions of all the groups in the user registry or all those changed since a certain date. - * + * * @param modifiedSince * if non-null, then only descriptions of groups modified since this date should be returned; if null then descriptions of all groups should be returned. * @return a {@link Collection} of {@link NodeDescription}s of all the groups in the user registry or all those changed since a certain date. The description properties should correspond to those of an Alfresco authority node. @@ -58,22 +58,35 @@ public interface UserRegistry /** * Gets the names of all persons in the registry. Used to detect local persons to be deleted. Note that the treatment of these names will depend on Alfresco's username case-sensitivity setting. - * + * * @return the person names */ public Collection getPersonNames(); /** * Gets the names of all groups in the registry. Used to detect local groups to be deleted. - * + * * @return the person names */ public Collection getGroupNames(); /** * Gets the set of property names that are auto-mapped by this user registry. These should remain read-only for this registry's users in the UI. - * + * * @return the person mapped properties */ public Set getPersonMappedProperties(); + + /** + * Notifies the user registry that the sync process is about to start. + * + * @param modifiedSince + * if non-null, then only descriptions of groups and users modified since this date should be returned; if null then descriptions of all groups and users should be returned. + * @param syncDelete + * if true then registry will be queried for all users and groups to calculate deleted entities + */ + default void initSync(Date modifiedSince, boolean syncDelete) + { + // default implementation does nothing + } }