inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

ALF-9321 (RINF 11): CQ permissions

Browse Source 
- AbstractCannedQuery.applyPostQueryPermissions (put back "List<R>" return type)

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@28646 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Jan Vonka
2011-06-28 09:28:56 +00:00
parent f14bc73a1a
commit 9dd1da987a
3 changed files with 10 additions and 81 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
source/java/org/alfresco/repo/node/getchildren/GetChildrenCannedQuery.java
View File

@@ -35,7 +35,6 @@ import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.model.ContentModel; import org.alfresco.model.ContentModel;
import org.alfresco.query.CannedQueryParameters; import org.alfresco.query.CannedQueryParameters;
import org.alfresco.query.CannedQuerySortDetails; import org.alfresco.query.CannedQuerySortDetails;
import org.alfresco.query.PagingResults;
import org.alfresco.query.CannedQuerySortDetails.SortOrder; import org.alfresco.query.CannedQuerySortDetails.SortOrder;
import org.alfresco.repo.domain.node.AuditablePropertiesEntity; import org.alfresco.repo.domain.node.AuditablePropertiesEntity;
import org.alfresco.repo.domain.node.Node; import org.alfresco.repo.domain.node.Node;
@@ -482,7 +481,7 @@ public class GetChildrenCannedQuery extends AbstractCannedQueryPermissions<NodeR
} }
@Override @Override
protected PagingResults<NodeRef> applyPostQueryPermissions(List<NodeRef> results, String authenticationToken, int requestedCount) protected List<NodeRef> applyPostQueryPermissions(List<NodeRef> results, String authenticationToken, int requestedCount)
{ {
Long start = (logger.isDebugEnabled() ? System.currentTimeMillis() : null); Long start = (logger.isDebugEnabled() ? System.currentTimeMillis() : null);
@@ -495,11 +494,11 @@ public class GetChildrenCannedQuery extends AbstractCannedQueryPermissions<NodeR
// note: assume user has read access to most/majority of the items hence pre-load up to max checks // note: assume user has read access to most/majority of the items hence pre-load up to max checks
preload(results.subList(0, toIdx)); preload(results.subList(0, toIdx));
PagingResults<NodeRef> ret = super.applyPostQueryPermissions(results, authenticationToken, requestedCount); List<NodeRef> ret = super.applyPostQueryPermissions(results, authenticationToken, requestedCount);
if (start != null) if (start != null)
{ {
logger.debug("Post-query perms: "+ret.getPage().size()+" in "+(System.currentTimeMillis()-start)+" msecs"); logger.debug("Post-query perms: "+ret.size()+" in "+(System.currentTimeMillis()-start)+" msecs");
} }
return ret; return ret;
@@ -699,9 +698,9 @@ public class GetChildrenCannedQuery extends AbstractCannedQueryPermissions<NodeR
preload(nodeRefs); preload(nodeRefs);
// TODO track total time for incremental permission checks ... and cutoff (eg. based on some config) // TODO track total time for incremental permission checks ... and cutoff (eg. based on some config)
PagingResults<NodeRef> results = applyPermissions(nodeRefs, authenticationToken, nodeRefs.size()); List<NodeRef> results = applyPermissions(nodeRefs, authenticationToken, nodeRefs.size());
for (NodeRef nodeRef : results.getPage()) for (NodeRef nodeRef : results)
{ {
// Call back // Call back
boolean more = resultsCallback.handle(nodeRef); boolean more = resultsCallback.handle(nodeRef);

1
source/java/org/alfresco/repo/security/authority/GetAuthoritiesCannedQueryFactory.java
View File

@@ -18,7 +18,6 @@
*/ */
package org.alfresco.repo.security.authority; package org.alfresco.repo.security.authority;
import java.lang.reflect.Method;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;

79
source/java/org/alfresco/repo/security/permissions/impl/acegi/AbstractCannedQueryPermissions.java
View File

@@ -76,7 +76,7 @@ public abstract class AbstractCannedQueryPermissions<R> extends AbstractCannedQu
this.method = method; this.method = method;
} }
protected PagingResults<R> applyPostQueryPermissions(List<R> results, String authenticationToken, int requestedCount) protected List<R> applyPostQueryPermissions(List<R> results, String authenticationToken, int requestedCount)
{ {
int requestTotalCountMax = getParameters().requestTotalResultCountMax(); int requestTotalCountMax = getParameters().requestTotalResultCountMax();
int maxChecks = (((requestTotalCountMax > 0) && (requestTotalCountMax > requestedCount)) ? requestTotalCountMax : requestedCount); int maxChecks = (((requestTotalCountMax > 0) && (requestTotalCountMax > requestedCount)) ? requestTotalCountMax : requestedCount);
@@ -85,43 +85,10 @@ public abstract class AbstractCannedQueryPermissions<R> extends AbstractCannedQu
} }
@SuppressWarnings("unchecked") @SuppressWarnings("unchecked")
protected PagingResults<R> applyPermissions(List<R> results, String authenticationToken, int maxChecks) protected List<R> applyPermissions(List<R> results, String authenticationToken, int maxChecks)
{ {
long start = System.currentTimeMillis(); long start = System.currentTimeMillis();
// empty result
PagingResults<R> ret = new PagingResults<R>()
{
@Override
public String getQueryExecutionId()
{
return null;
}
@Override
public Pair<Integer, Integer> getTotalResultCount()
{
return new Pair<Integer, Integer>(0, 0);
}
@Override
public List<R> getPage()
{
return new ArrayList<R>(0);
}
@Override
public boolean hasMoreItems()
{
return false;
}
public boolean permissionsApplied()
{
return false;
}
};
Context context = ContextHolder.getContext(); Context context = ContextHolder.getContext();
if ((context == null) || (! (context instanceof AlfrescoSecureContext))) if ((context == null) || (! (context instanceof AlfrescoSecureContext)))
{ {
@@ -129,54 +96,18 @@ public abstract class AbstractCannedQueryPermissions<R> extends AbstractCannedQu
{ {
logger.debug("Unexpected context: "+(context == null ? "null" : context.getClass())+" - "+Thread.currentThread().getId()); logger.debug("Unexpected context: "+(context == null ? "null" : context.getClass())+" - "+Thread.currentThread().getId());
} }
System.out.println("Unexpected context: "+(context == null ? "null" : context.getClass())+" - "+Thread.currentThread().getId());
return ret; // empty result return new WrappedList<R>(new ArrayList<R>(0), true, false); // empty result
} }
Authentication authentication = (((SecureContext) context).getAuthentication()); Authentication authentication = (((SecureContext) context).getAuthentication());
ConfigAttributeDefinition cad = methodSecurityInterceptor.getObjectDefinitionSource().getAttributes(new InternalMethodInvocation(method)); ConfigAttributeDefinition cad = methodSecurityInterceptor.getObjectDefinitionSource().getAttributes(new InternalMethodInvocation(method));
final WrappedList<R> wl = (WrappedList<R>)methodSecurityInterceptor.getAfterInvocationManager().decide(authentication, null, cad, new WrappedList<R>(results, maxChecks)); List<R> ret = (WrappedList<R>)methodSecurityInterceptor.getAfterInvocationManager().decide(authentication, null, cad, new WrappedList<R>(results, maxChecks));
// final result
ret = new PagingResults<R>()
{
@Override
public String getQueryExecutionId()
{
return null;
}
@Override
public Pair<Integer, Integer> getTotalResultCount()
{
int count = wl.size();
return new Pair<Integer, Integer>(count, ((! wl.hasMoreItems()) ? count : null));
}
@Override
public List<R> getPage()
{
return wl;
}
@Override
public boolean hasMoreItems()
{
return wl.hasMoreItems(); // if hasMoreItems then implies cutoff
}
@Override
public boolean permissionsApplied()
{
return wl.permissionsApplied();
}
};
if (logger.isTraceEnabled()) if (logger.isTraceEnabled())
{ {
logger.trace("applyPermissions: "+wl.size()+" items in "+(System.currentTimeMillis()-start)+" msecs"); logger.trace("applyPermissions: "+ret.size()+" items in "+(System.currentTimeMillis()-start)+" msecs");
} }
return ret; return ret;