mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-07-24 17:32:48 +00:00
Morning merge.
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/BRANCHES/WCM-DEV2/root@2851 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Britt Park
@@ -151,11 +151,12 @@ public class ChildAssocImpl implements ChildAssoc
|
||||
return false;
|
||||
}
|
||||
ChildAssoc that = (ChildAssoc) obj;
|
||||
return (this.getIsPrimary() == that.getIsPrimary()
|
||||
&& EqualsHelper.nullSafeEquals(this.getTypeQName(), that.getTypeQName())
|
||||
return (
|
||||
EqualsHelper.nullSafeEquals(this.getTypeQName(), that.getTypeQName())
|
||||
&& EqualsHelper.nullSafeEquals(this.getQname(), that.getQname())
|
||||
&& EqualsHelper.nullSafeEquals(this.getParent(), that.getParent())
|
||||
&& EqualsHelper.nullSafeEquals(this.getChild(), that.getChild()));
|
||||
&& EqualsHelper.nullSafeEquals(this.getChild(), that.getChild())
|
||||
);
|
||||
}
|
||||
|
||||
public int hashCode()
|
||||
|
||||
@@ -27,7 +27,7 @@ import org.alfresco.util.EqualsHelper;
|
||||
*
|
||||
* @author andyh
|
||||
*/
|
||||
public class DbAccessControlEntryImpl implements DbAccessControlEntry
|
||||
public class DbAccessControlEntryImpl extends LifecycleAdapter implements DbAccessControlEntry
|
||||
{
|
||||
/** The object id */
|
||||
private long id;
|
||||
@@ -56,7 +56,7 @@ public class DbAccessControlEntryImpl implements DbAccessControlEntry
|
||||
sb.append("DbAccessControlEntryImpl")
|
||||
.append("[ id=").append(id)
|
||||
.append(", acl=").append(accessControlList.getId())
|
||||
.append(", permission=").append(permission.getId())
|
||||
.append(", permission=").append(permission.getKey())
|
||||
.append(", authority=").append(authority.getRecipient())
|
||||
.append("]");
|
||||
return sb.toString();
|
||||
@@ -74,16 +74,14 @@ public class DbAccessControlEntryImpl implements DbAccessControlEntry
|
||||
return false;
|
||||
}
|
||||
DbAccessControlEntry other = (DbAccessControlEntry) o;
|
||||
return (this.allowed == other.isAllowed())
|
||||
&& EqualsHelper.nullSafeEquals(this.accessControlList, other.getAccessControlList())
|
||||
&& EqualsHelper.nullSafeEquals(this.permission, other.getPermission())
|
||||
&& EqualsHelper.nullSafeEquals(this.authority, other.getAuthority());
|
||||
return (EqualsHelper.nullSafeEquals(this.permission, other.getPermission())
|
||||
&& EqualsHelper.nullSafeEquals(this.authority, other.getAuthority()));
|
||||
}
|
||||
|
||||
@Override
|
||||
public int hashCode()
|
||||
{
|
||||
int hashCode = accessControlList.hashCode();
|
||||
int hashCode = 0;
|
||||
if (permission != null)
|
||||
{
|
||||
hashCode = hashCode * 37 + permission.hashCode();
|
||||
@@ -92,33 +90,9 @@ public class DbAccessControlEntryImpl implements DbAccessControlEntry
|
||||
{
|
||||
hashCode = hashCode * 37 + authority.hashCode();
|
||||
}
|
||||
hashCode = hashCode * 37 + (allowed ? 1 : 0);
|
||||
return hashCode;
|
||||
}
|
||||
|
||||
/**
|
||||
* Factory method to create an entry and wire it in to the contained nodePermissionEntry
|
||||
*
|
||||
* @param accessControlList the list of entries that this one belongs to
|
||||
* @param permission the mandatory permission association with this entry
|
||||
* @param authority the mandatory authority
|
||||
* @param allowed allowed or disallowed
|
||||
* @return Returns an unpersisted entity
|
||||
*/
|
||||
public static DbAccessControlEntryImpl create(
|
||||
DbAccessControlList accessControlList,
|
||||
DbPermission permission,
|
||||
DbAuthority authority,
|
||||
boolean allowed)
|
||||
{
|
||||
DbAccessControlEntryImpl accessControlEntry = new DbAccessControlEntryImpl();
|
||||
accessControlEntry.setAccessControlList(accessControlList);
|
||||
accessControlEntry.setPermission(permission);
|
||||
accessControlEntry.setAuthority(authority);
|
||||
accessControlEntry.setAllowed(allowed);
|
||||
return accessControlEntry;
|
||||
}
|
||||
|
||||
|
||||
public long getId()
|
||||
{
|
||||
return id;
|
||||
@@ -171,4 +145,13 @@ public class DbAccessControlEntryImpl implements DbAccessControlEntry
|
||||
{
|
||||
this.allowed = allowed;
|
||||
}
|
||||
|
||||
public void delete()
|
||||
{
|
||||
// remove the instance from the access control list
|
||||
@SuppressWarnings("unused")
|
||||
boolean removed = getAccessControlList().getEntries().remove(this);
|
||||
// delete the instance
|
||||
getSession().delete(this);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -16,13 +16,20 @@
|
||||
*/
|
||||
package org.alfresco.repo.domain.hibernate;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.repo.domain.DbAccessControlEntry;
|
||||
import org.alfresco.repo.domain.DbAccessControlList;
|
||||
import org.alfresco.repo.domain.DbAuthority;
|
||||
import org.alfresco.repo.domain.DbPermission;
|
||||
import org.alfresco.repo.domain.DbPermissionKey;
|
||||
import org.alfresco.repo.domain.Node;
|
||||
import org.alfresco.util.EqualsHelper;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.hibernate.CallbackException;
|
||||
import org.hibernate.Query;
|
||||
import org.hibernate.Session;
|
||||
|
||||
/**
|
||||
@@ -36,8 +43,14 @@ public class DbAccessControlListImpl extends LifecycleAdapter implements DbAcces
|
||||
|
||||
private long id;
|
||||
private Node node;
|
||||
private Set<DbAccessControlEntry> entries;
|
||||
private boolean inherits;
|
||||
|
||||
public DbAccessControlListImpl()
|
||||
{
|
||||
entries = new HashSet<DbAccessControlEntry>(5);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString()
|
||||
{
|
||||
@@ -45,6 +58,7 @@ public class DbAccessControlListImpl extends LifecycleAdapter implements DbAcces
|
||||
sb.append("DbAccessControlListImpl")
|
||||
.append("[ id=").append(id)
|
||||
.append(", node=").append(node)
|
||||
.append(", entries=").append(entries.size())
|
||||
.append(", inherits=").append(inherits)
|
||||
.append("]");
|
||||
return sb.toString();
|
||||
@@ -73,35 +87,6 @@ public class DbAccessControlListImpl extends LifecycleAdapter implements DbAcces
|
||||
return (node == null ? 0 : node.hashCode());
|
||||
}
|
||||
|
||||
public int deleteEntries()
|
||||
{
|
||||
/*
|
||||
* This can use a delete direct to the database as well, but then care must be taken
|
||||
* to evict the instances from the session.
|
||||
*/
|
||||
|
||||
// bypass L2 cache and get all entries for this list
|
||||
Query query = getSession()
|
||||
.getNamedQuery(PermissionsDaoComponentImpl.QUERY_GET_AC_ENTRIES_FOR_AC_LIST)
|
||||
.setLong("accessControlListId", this.id);
|
||||
int count = HibernateHelper.deleteQueryResults(getSession(), query);
|
||||
// done
|
||||
if (logger.isDebugEnabled())
|
||||
{
|
||||
logger.debug("Deleted " + count + " access entries for access control list " + this.id);
|
||||
}
|
||||
return count;
|
||||
}
|
||||
|
||||
/**
|
||||
* Ensures that all this access control list's entries have been deleted.
|
||||
*/
|
||||
public boolean onDelete(Session session) throws CallbackException
|
||||
{
|
||||
deleteEntries();
|
||||
return super.onDelete(session);
|
||||
}
|
||||
|
||||
public long getId()
|
||||
{
|
||||
return id;
|
||||
@@ -126,9 +111,18 @@ public class DbAccessControlListImpl extends LifecycleAdapter implements DbAcces
|
||||
this.node = node;
|
||||
}
|
||||
|
||||
public DbAccessControlListImpl()
|
||||
public Set<DbAccessControlEntry> getEntries()
|
||||
{
|
||||
super();
|
||||
return entries;
|
||||
}
|
||||
|
||||
/**
|
||||
* For Hibernate use
|
||||
*/
|
||||
@SuppressWarnings("unused")
|
||||
private void setEntries(Set<DbAccessControlEntry> entries)
|
||||
{
|
||||
this.entries = entries;
|
||||
}
|
||||
|
||||
public boolean getInherits()
|
||||
@@ -140,4 +134,112 @@ public class DbAccessControlListImpl extends LifecycleAdapter implements DbAcces
|
||||
{
|
||||
this.inherits = inherits;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see #deleteEntry(String, DbPermissionKey)
|
||||
*/
|
||||
public int deleteEntriesForAuthority(String authority)
|
||||
{
|
||||
return deleteEntry(authority, null);
|
||||
}
|
||||
|
||||
/**
|
||||
* @see #deleteEntry(String, DbPermissionKey)
|
||||
*/
|
||||
public int deleteEntriesForPermission(DbPermissionKey permissionKey)
|
||||
{
|
||||
return deleteEntry(null, permissionKey);
|
||||
}
|
||||
|
||||
public int deleteEntry(String authority, DbPermissionKey permissionKey)
|
||||
{
|
||||
List<DbAccessControlEntry> toDelete = new ArrayList<DbAccessControlEntry>(2);
|
||||
for (DbAccessControlEntry entry : entries)
|
||||
{
|
||||
if (authority != null && !authority.equals(entry.getAuthority().getRecipient()))
|
||||
{
|
||||
// authority is not a match
|
||||
continue;
|
||||
}
|
||||
else if (permissionKey != null && !permissionKey.equals(entry.getPermission().getKey()))
|
||||
{
|
||||
// permission is not a match
|
||||
continue;
|
||||
}
|
||||
toDelete.add(entry);
|
||||
}
|
||||
// delete them
|
||||
for (DbAccessControlEntry entry : toDelete)
|
||||
{
|
||||
// remove from the entry list
|
||||
entry.delete();
|
||||
}
|
||||
// done
|
||||
if (logger.isDebugEnabled())
|
||||
{
|
||||
logger.debug("Deleted " + toDelete.size() + " access entries: \n" +
|
||||
" access control list: " + id + "\n" +
|
||||
" authority: " + authority + "\n" +
|
||||
" permission: " + permissionKey);
|
||||
}
|
||||
return toDelete.size();
|
||||
}
|
||||
|
||||
public int deleteEntries()
|
||||
{
|
||||
/*
|
||||
* We don't do the full delete-remove-from-set thing here. Just delete each child entity
|
||||
* and then clear the entry set.
|
||||
*/
|
||||
|
||||
Session session = getSession();
|
||||
List<DbAccessControlEntry> toDelete = new ArrayList<DbAccessControlEntry>(entries);
|
||||
// delete each entry
|
||||
for (DbAccessControlEntry entry : toDelete)
|
||||
{
|
||||
session.delete(entry);
|
||||
}
|
||||
// clear the list
|
||||
int count = entries.size();
|
||||
entries.clear();
|
||||
// done
|
||||
if (logger.isDebugEnabled())
|
||||
{
|
||||
logger.debug("Deleted " + count + " access entries for access control list " + this.id);
|
||||
}
|
||||
return count;
|
||||
}
|
||||
|
||||
public DbAccessControlEntry getEntry(String authority, DbPermissionKey permissionKey)
|
||||
{
|
||||
for (DbAccessControlEntry entry : entries)
|
||||
{
|
||||
DbAuthority authorityEntity = entry.getAuthority();
|
||||
DbPermission permissionEntity = entry.getPermission();
|
||||
// check for a match
|
||||
if (authorityEntity.getRecipient().equals(authority)
|
||||
&& permissionEntity.getKey().equals(permissionKey))
|
||||
{
|
||||
// found it
|
||||
return entry;
|
||||
}
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
public DbAccessControlEntryImpl newEntry(DbPermission permission, DbAuthority authority, boolean allowed)
|
||||
{
|
||||
DbAccessControlEntryImpl accessControlEntry = new DbAccessControlEntryImpl();
|
||||
// fill
|
||||
accessControlEntry.setAccessControlList(this);
|
||||
accessControlEntry.setPermission(permission);
|
||||
accessControlEntry.setAuthority(authority);
|
||||
accessControlEntry.setAllowed(allowed);
|
||||
// save it
|
||||
getSession().save(accessControlEntry);
|
||||
// maintain inverse set on the acl
|
||||
getEntries().add(accessControlEntry);
|
||||
// done
|
||||
return accessControlEntry;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -38,11 +38,11 @@ public class DbAuthorityImpl extends LifecycleAdapter implements DbAuthority
|
||||
private static Log logger = LogFactory.getLog(DbAuthorityImpl.class);
|
||||
|
||||
private String recipient;
|
||||
private Set<String> externalKeys = new HashSet<String>();
|
||||
private Set<String> externalKeys;
|
||||
|
||||
public DbAuthorityImpl()
|
||||
{
|
||||
super();
|
||||
externalKeys = new HashSet<String>();
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -76,8 +76,8 @@ public class DbAuthorityImpl extends LifecycleAdapter implements DbAuthority
|
||||
// bypass L2 cache and get all entries for this list
|
||||
Query query = getSession()
|
||||
.getNamedQuery(PermissionsDaoComponentImpl.QUERY_GET_AC_ENTRIES_FOR_AUTHORITY)
|
||||
.setString("recipient", this.recipient);
|
||||
int count = HibernateHelper.deleteQueryResults(getSession(), query);
|
||||
.setString("authorityRecipient", this.recipient);
|
||||
int count = HibernateHelper.deleteDbAccessControlEntries(getSession(), query);
|
||||
// done
|
||||
if (logger.isDebugEnabled())
|
||||
{
|
||||
@@ -115,4 +115,16 @@ public class DbAuthorityImpl extends LifecycleAdapter implements DbAuthority
|
||||
{
|
||||
this.externalKeys = externalKeys;
|
||||
}
|
||||
|
||||
/**
|
||||
* Helper method to find an authority based on its natural key
|
||||
*
|
||||
* @param session the Hibernate session to use
|
||||
* @param authority the authority name
|
||||
* @return Returns an existing instance or null if not found
|
||||
*/
|
||||
public static DbAuthority find(Session session, String authority)
|
||||
{
|
||||
return (DbAuthority) session.get(DbAuthorityImpl.class, authority);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -17,6 +17,7 @@
|
||||
package org.alfresco.repo.domain.hibernate;
|
||||
|
||||
import org.alfresco.repo.domain.DbPermission;
|
||||
import org.alfresco.repo.domain.DbPermissionKey;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
import org.alfresco.util.EqualsHelper;
|
||||
import org.apache.commons.logging.Log;
|
||||
@@ -90,7 +91,7 @@ public class DbPermissionImpl extends LifecycleAdapter implements DbPermission
|
||||
Query query = getSession()
|
||||
.getNamedQuery(PermissionsDaoComponentImpl.QUERY_GET_AC_ENTRIES_FOR_PERMISSION)
|
||||
.setSerializable("permissionId", this.id);
|
||||
int count = HibernateHelper.deleteQueryResults(getSession(), query);
|
||||
int count = HibernateHelper.deleteDbAccessControlEntries(getSession(), query);
|
||||
// done
|
||||
if (logger.isDebugEnabled())
|
||||
{
|
||||
@@ -142,6 +143,11 @@ public class DbPermissionImpl extends LifecycleAdapter implements DbPermission
|
||||
this.name = name;
|
||||
}
|
||||
|
||||
public DbPermissionKey getKey()
|
||||
{
|
||||
return new DbPermissionKey(typeQname, name);
|
||||
}
|
||||
|
||||
/**
|
||||
* Helper method to find a permission based on its natural key
|
||||
*
|
||||
|
||||
@@ -16,8 +16,7 @@
|
||||
*/
|
||||
package org.alfresco.repo.domain.hibernate;
|
||||
|
||||
import org.hibernate.CacheMode;
|
||||
import org.hibernate.ObjectDeletedException;
|
||||
import org.alfresco.repo.domain.DbAccessControlEntry;
|
||||
import org.hibernate.Query;
|
||||
import org.hibernate.ScrollMode;
|
||||
import org.hibernate.ScrollableResults;
|
||||
@@ -32,36 +31,25 @@ public class HibernateHelper
|
||||
{
|
||||
/**
|
||||
* Helper method to scroll through the results of a query and delete all the
|
||||
* results, performing batch flushes. This will handle large resultsets by
|
||||
* pulling the results directly in from the query. For certain circumstances, it
|
||||
* may be better to perform a bulk delete directly instead.
|
||||
* resulting access control entries, performing batch flushes.
|
||||
*
|
||||
* @param session the session to use for the deletions
|
||||
* @param query the query with all parameters set
|
||||
* @return Returns the number of entities deleted, regardless of type
|
||||
* @param query the query with all parameters set and that will return
|
||||
* {@link org.alfresco.repo.domain.DbAccessControlEntry access control entry} instances
|
||||
* @return Returns the number of entries deleted
|
||||
*/
|
||||
public static int deleteQueryResults(Session session, Query query)
|
||||
public static int deleteDbAccessControlEntries(Session session, Query query)
|
||||
{
|
||||
ScrollableResults entities = query.setCacheMode(CacheMode.IGNORE).scroll(ScrollMode.FORWARD_ONLY);
|
||||
ScrollableResults entities = query.scroll(ScrollMode.FORWARD_ONLY);
|
||||
int count = 0;
|
||||
while (entities.next())
|
||||
{
|
||||
Object[] entityResults = entities.get();
|
||||
for (Object object : entityResults)
|
||||
DbAccessControlEntry entry = (DbAccessControlEntry) entities.get(0);
|
||||
entry.delete();
|
||||
if (++count % 50 == 0)
|
||||
{
|
||||
try
|
||||
{
|
||||
session.delete(object);
|
||||
}
|
||||
catch (ObjectDeletedException e)
|
||||
{
|
||||
// ignore - it's what we wanted
|
||||
}
|
||||
if (++count % 50 == 0)
|
||||
{
|
||||
session.flush();
|
||||
session.clear();
|
||||
}
|
||||
session.flush();
|
||||
session.clear();
|
||||
}
|
||||
}
|
||||
return count;
|
||||
|
||||
@@ -18,6 +18,7 @@ package org.alfresco.repo.domain.hibernate;
|
||||
|
||||
import java.io.Serializable;
|
||||
|
||||
import org.alfresco.error.AlfrescoRuntimeException;
|
||||
import org.hibernate.CallbackException;
|
||||
import org.hibernate.Session;
|
||||
import org.hibernate.classic.Lifecycle;
|
||||
@@ -37,6 +38,10 @@ public abstract class LifecycleAdapter implements Lifecycle
|
||||
*/
|
||||
protected Session getSession()
|
||||
{
|
||||
if (session == null)
|
||||
{
|
||||
throw new AlfrescoRuntimeException("Hibernate entity is not part of a session: " + this);
|
||||
}
|
||||
return session;
|
||||
}
|
||||
|
||||
|
||||
@@ -28,9 +28,9 @@
|
||||
name="store"
|
||||
class="org.alfresco.repo.domain.hibernate.StoreImpl"
|
||||
not-null="true"
|
||||
lazy="no-proxy"
|
||||
lazy="proxy"
|
||||
optimistic-lock="true"
|
||||
fetch="select">
|
||||
fetch="join">
|
||||
<column name="protocol" not-null="true" />
|
||||
<column name="identifier" not-null="true" />
|
||||
</many-to-one>
|
||||
@@ -43,8 +43,8 @@
|
||||
name="accessControlList"
|
||||
class="org.alfresco.repo.domain.hibernate.DbAccessControlListImpl"
|
||||
property-ref="node"
|
||||
lazy="no-proxy"
|
||||
fetch="select"
|
||||
lazy="false"
|
||||
fetch="join"
|
||||
cascade="delete" />
|
||||
<!-- forward assoc to properties -->
|
||||
<map
|
||||
@@ -74,55 +74,59 @@
|
||||
<set
|
||||
name="aspects"
|
||||
table="node_aspects"
|
||||
lazy="true"
|
||||
sort="unsorted"
|
||||
lazy="false"
|
||||
fetch="join"
|
||||
inverse="false"
|
||||
fetch="select"
|
||||
sort="unsorted"
|
||||
optimistic-lock="true"
|
||||
cascade="delete" >
|
||||
<key column="node_id" not-null="true" />
|
||||
<element column="qname" type="QName" length="200"/>
|
||||
</set>
|
||||
<!-- inverse assoc to parent childassocs -->
|
||||
<bag
|
||||
<set
|
||||
name="parentAssocs"
|
||||
lazy="true"
|
||||
inverse="true"
|
||||
lazy="true"
|
||||
fetch="select"
|
||||
cascade="none"
|
||||
optimistic-lock="true"
|
||||
fetch="select" >
|
||||
optimistic-lock="true" >
|
||||
<key column="child_node_id" />
|
||||
<one-to-many class="org.alfresco.repo.domain.hibernate.ChildAssocImpl" />
|
||||
</bag>
|
||||
</set>
|
||||
<!-- inverse assoc to child childassocs -->
|
||||
<bag
|
||||
<set
|
||||
name="childAssocs"
|
||||
inverse="true"
|
||||
lazy="true"
|
||||
fetch="select"
|
||||
cascade="none"
|
||||
optimistic-lock="true"
|
||||
fetch="select" >
|
||||
optimistic-lock="true" >
|
||||
<key column="parent_node_id" />
|
||||
<one-to-many class="org.alfresco.repo.domain.hibernate.ChildAssocImpl" />
|
||||
</bag>
|
||||
</set>
|
||||
<!-- inverse assoc to source nodeassocs -->
|
||||
<bag
|
||||
<set
|
||||
name="sourceNodeAssocs"
|
||||
inverse="true"
|
||||
lazy="true"
|
||||
fetch="select"
|
||||
cascade="none"
|
||||
optimistic-lock="true" >
|
||||
<key column="target_node_id" />
|
||||
<one-to-many class="org.alfresco.repo.domain.hibernate.NodeAssocImpl" />
|
||||
</bag>
|
||||
</set>
|
||||
<!-- inverse assoc to target nodeassocs -->
|
||||
<bag
|
||||
<set
|
||||
name="targetNodeAssocs"
|
||||
inverse="true"
|
||||
lazy="true"
|
||||
fetch="select"
|
||||
cascade="none"
|
||||
optimistic-lock="true" >
|
||||
<key column="source_node_id" />
|
||||
<one-to-many class="org.alfresco.repo.domain.hibernate.NodeAssocImpl" />
|
||||
</bag>
|
||||
</set>
|
||||
</class>
|
||||
|
||||
<class
|
||||
@@ -145,10 +149,10 @@
|
||||
name="node"
|
||||
class="org.alfresco.repo.domain.hibernate.NodeImpl"
|
||||
column="node_id"
|
||||
unique="false"
|
||||
not-null="false"
|
||||
lazy="false"
|
||||
fetch="join"
|
||||
lazy="false" />
|
||||
unique="false"
|
||||
not-null="false" />
|
||||
<property name="changeTxnId" column="change_txn_id" type="string" length="56" not-null="true" />
|
||||
<property name="deleted" column="deleted" type="boolean" not-null="true" />
|
||||
</class>
|
||||
@@ -165,10 +169,6 @@
|
||||
<id name="id" column="id" type="long" >
|
||||
<generator class="native" />
|
||||
</id>
|
||||
<property name="typeQName" column="type_qname" type="QName" length="255" not-null="true" />
|
||||
<property name="qname" column="qname" type="QName" length="255" not-null="true" />
|
||||
<property name="isPrimary" column="is_primary" />
|
||||
<property name="index" column="assoc_index" />
|
||||
<!-- forward assoc to parent node -->
|
||||
<many-to-one
|
||||
name="parent"
|
||||
@@ -189,6 +189,10 @@
|
||||
not-null="true" >
|
||||
<column name="child_node_id" />
|
||||
</many-to-one>
|
||||
<property name="typeQName" column="type_qname" type="QName" length="255" not-null="true" />
|
||||
<property name="qname" column="qname" type="QName" length="255" not-null="true" />
|
||||
<property name="isPrimary" column="is_primary" />
|
||||
<property name="index" column="assoc_index" />
|
||||
</class>
|
||||
|
||||
<class
|
||||
@@ -199,21 +203,27 @@
|
||||
<id name="id" column="id" type="long" >
|
||||
<generator class="native" />
|
||||
</id>
|
||||
<property name="typeQName" column="type_qname" type="QName" length="255" not-null="true" />
|
||||
<!-- forward assoc to source node -->
|
||||
<many-to-one
|
||||
name="source"
|
||||
class="org.alfresco.repo.domain.hibernate.NodeImpl"
|
||||
not-null="true" >
|
||||
<column name="source_node_id" />
|
||||
</many-to-one>
|
||||
<!-- forward assoc to target node -->
|
||||
<many-to-one
|
||||
name="target"
|
||||
class="org.alfresco.repo.domain.hibernate.NodeImpl"
|
||||
not-null="true" >
|
||||
<column name="target_node_id" />
|
||||
</many-to-one>
|
||||
<natural-id mutable="true">
|
||||
<!-- forward assoc to source node -->
|
||||
<many-to-one
|
||||
name="source"
|
||||
class="org.alfresco.repo.domain.hibernate.NodeImpl"
|
||||
lazy="false"
|
||||
fetch="join"
|
||||
not-null="true" >
|
||||
<column name="source_node_id" />
|
||||
</many-to-one>
|
||||
<!-- forward assoc to target node -->
|
||||
<many-to-one
|
||||
name="target"
|
||||
class="org.alfresco.repo.domain.hibernate.NodeImpl"
|
||||
lazy="false"
|
||||
fetch="join"
|
||||
not-null="true" >
|
||||
<column name="target_node_id" />
|
||||
</many-to-one>
|
||||
<property name="typeQName" column="type_qname" type="QName" length="255" not-null="true" />
|
||||
</natural-id>
|
||||
</class>
|
||||
|
||||
<query name="store.GetAllStores">
|
||||
|
||||
@@ -16,7 +16,6 @@
|
||||
*/
|
||||
package org.alfresco.repo.domain.hibernate;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
@@ -34,6 +33,7 @@ import org.alfresco.repo.domain.PropertyValue;
|
||||
import org.alfresco.repo.domain.Store;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
import org.alfresco.util.EqualsHelper;
|
||||
|
||||
/**
|
||||
* Bean containing all the persistence data representing a <b>node</b>.
|
||||
@@ -65,10 +65,10 @@ public class NodeImpl extends LifecycleAdapter implements Node
|
||||
public NodeImpl()
|
||||
{
|
||||
aspects = new HashSet<QName>(5);
|
||||
sourceNodeAssocs = new ArrayList<NodeAssoc>(3);
|
||||
targetNodeAssocs = new ArrayList<NodeAssoc>(3);
|
||||
parentAssocs = new ArrayList<ChildAssoc>(3);
|
||||
childAssocs = new ArrayList<ChildAssoc>(3);
|
||||
sourceNodeAssocs = new HashSet<NodeAssoc>(5);
|
||||
targetNodeAssocs = new HashSet<NodeAssoc>(5);
|
||||
parentAssocs = new HashSet<ChildAssoc>(5);
|
||||
childAssocs = new HashSet<ChildAssoc>(11);
|
||||
properties = new HashMap<QName, PropertyValue>(5);
|
||||
|
||||
ReentrantReadWriteLock lock = new ReentrantReadWriteLock();
|
||||
@@ -134,12 +134,13 @@ public class NodeImpl extends LifecycleAdapter implements Node
|
||||
return false;
|
||||
}
|
||||
Node that = (Node) obj;
|
||||
return (this.getNodeRef().equals(that.getNodeRef()));
|
||||
return (EqualsHelper.nullSafeEquals(getStore(), that.getStore())
|
||||
&& EqualsHelper.nullSafeEquals(getUuid(), that.getUuid()));
|
||||
}
|
||||
|
||||
public int hashCode()
|
||||
{
|
||||
return getNodeRef().hashCode();
|
||||
return getUuid().hashCode();
|
||||
}
|
||||
|
||||
// @Override
|
||||
@@ -316,11 +317,7 @@ public class NodeImpl extends LifecycleAdapter implements Node
|
||||
return accessControlList;
|
||||
}
|
||||
|
||||
/**
|
||||
* For Hibernate use
|
||||
*/
|
||||
@SuppressWarnings("unused")
|
||||
private void setAccessControlList(DbAccessControlList accessControlList)
|
||||
public void setAccessControlList(DbAccessControlList accessControlList)
|
||||
{
|
||||
this.accessControlList = accessControlList;
|
||||
}
|
||||
|
||||
@@ -26,6 +26,16 @@
|
||||
not-null="true">
|
||||
<column name="node_id" />
|
||||
</many-to-one>
|
||||
|
||||
<set name="entries"
|
||||
inverse="true"
|
||||
lazy="false"
|
||||
cascade="delete"
|
||||
optimistic-lock="true"
|
||||
fetch="join" >
|
||||
<key column="acl_id" />
|
||||
<one-to-many class="org.alfresco.repo.domain.hibernate.DbAccessControlEntryImpl" />
|
||||
</set>
|
||||
|
||||
<property name="inherits" column="inherits" type="boolean" not-null="true" />
|
||||
|
||||
@@ -47,29 +57,29 @@
|
||||
|
||||
<natural-id mutable="true" >
|
||||
<many-to-one
|
||||
name="accessControlList"
|
||||
class="org.alfresco.repo.domain.hibernate.DbAccessControlListImpl"
|
||||
column="acl_id"
|
||||
lazy="no-proxy"
|
||||
fetch="select"
|
||||
optimistic-lock="true"
|
||||
not-null="true" />
|
||||
name="accessControlList"
|
||||
class="org.alfresco.repo.domain.hibernate.DbAccessControlListImpl"
|
||||
column="acl_id"
|
||||
lazy="no-proxy"
|
||||
fetch="select"
|
||||
optimistic-lock="true"
|
||||
not-null="true" />
|
||||
<many-to-one
|
||||
name="permission"
|
||||
class="org.alfresco.repo.domain.hibernate.DbPermissionImpl"
|
||||
column="permission_id"
|
||||
lazy="no-proxy"
|
||||
fetch="select"
|
||||
optimistic-lock="true"
|
||||
not-null="true" />
|
||||
name="permission"
|
||||
class="org.alfresco.repo.domain.hibernate.DbPermissionImpl"
|
||||
column="permission_id"
|
||||
lazy="no-proxy"
|
||||
fetch="select"
|
||||
optimistic-lock="true"
|
||||
not-null="true" />
|
||||
<many-to-one
|
||||
name="authority"
|
||||
class="org.alfresco.repo.domain.hibernate.DbAuthorityImpl"
|
||||
column="authority_id"
|
||||
lazy="no-proxy"
|
||||
fetch="select"
|
||||
optimistic-lock="true"
|
||||
not-null="true" />
|
||||
name="authority"
|
||||
class="org.alfresco.repo.domain.hibernate.DbAuthorityImpl"
|
||||
column="authority_id"
|
||||
lazy="no-proxy"
|
||||
fetch="select"
|
||||
optimistic-lock="true"
|
||||
not-null="true" />
|
||||
</natural-id>
|
||||
|
||||
<property name="allowed" column="allowed" type="boolean" not-null="true" />
|
||||
@@ -83,7 +93,7 @@
|
||||
dynamic-insert="false"
|
||||
dynamic-update="false"
|
||||
select-before-update="false"
|
||||
lazy="true"
|
||||
lazy="false"
|
||||
optimistic-lock="version" >
|
||||
|
||||
<id name="id" column="id" type="long" >
|
||||
@@ -104,7 +114,7 @@
|
||||
dynamic-insert="false"
|
||||
dynamic-update="false"
|
||||
select-before-update="false"
|
||||
lazy="true"
|
||||
lazy="false"
|
||||
optimistic-lock="version" >
|
||||
|
||||
<id name="recipient" column="recipient" type="string" length="100" />
|
||||
@@ -133,24 +143,6 @@
|
||||
permission.name = :permissionName
|
||||
</query>
|
||||
|
||||
<query name="permission.GetAccessControlEntriesForAccessControlList" cacheable="true" >
|
||||
select
|
||||
ace
|
||||
from
|
||||
org.alfresco.repo.domain.hibernate.DbAccessControlEntryImpl as ace
|
||||
where
|
||||
ace.accessControlList.id = :accessControlListId
|
||||
</query>
|
||||
|
||||
<query name="permission.GetAccessControlEntriesForPermission">
|
||||
select
|
||||
ace
|
||||
from
|
||||
org.alfresco.repo.domain.hibernate.DbAccessControlEntryImpl as ace
|
||||
where
|
||||
ace.permission.id = :permissionId
|
||||
</query>
|
||||
|
||||
<query name="permission.GetAccessControlEntriesForAuthority">
|
||||
select
|
||||
ace
|
||||
@@ -160,41 +152,4 @@
|
||||
ace.authority.recipient = :authorityRecipient
|
||||
</query>
|
||||
|
||||
<query name="permission.GetAccessControlEntriesForAuthorityAndNode">
|
||||
select
|
||||
ace
|
||||
from
|
||||
org.alfresco.repo.domain.hibernate.DbAccessControlEntryImpl as ace
|
||||
where
|
||||
ace.authority.recipient = :authorityRecipient and
|
||||
ace.accessControlList.node.store.key.protocol = :storeProtocol and
|
||||
ace.accessControlList.node.store.key.identifier = :storeIdentifier and
|
||||
ace.accessControlList.node.uuid = :nodeUuid
|
||||
</query>
|
||||
|
||||
<query name="permission.GetAccessControlEntryForAll">
|
||||
select
|
||||
ace
|
||||
from
|
||||
org.alfresco.repo.domain.hibernate.DbAccessControlEntryImpl as ace
|
||||
where
|
||||
ace.permission.typeQname = :permissionTypeQName and
|
||||
ace.permission.name = :permissionName and
|
||||
ace.authority.recipient = :authorityRecipient and
|
||||
ace.accessControlList.node.store.key.protocol = :storeProtocol and
|
||||
ace.accessControlList.node.store.key.identifier = :storeIdentifier and
|
||||
ace.accessControlList.node.uuid = :nodeUuid
|
||||
</query>
|
||||
|
||||
<query name="permission.GetAccessControlListForNode" cacheable="true" >
|
||||
select
|
||||
acl
|
||||
from
|
||||
org.alfresco.repo.domain.hibernate.DbAccessControlListImpl as acl
|
||||
where
|
||||
acl.node.store.key.protocol = :storeProtocol and
|
||||
acl.node.store.key.identifier = :storeIdentifier and
|
||||
acl.node.uuid = :nodeUuid
|
||||
</query>
|
||||
|
||||
</hibernate-mapping>
|
||||
@@ -16,16 +16,16 @@
|
||||
*/
|
||||
package org.alfresco.repo.domain.hibernate;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.repo.cache.SimpleCache;
|
||||
import org.alfresco.repo.domain.DbAccessControlEntry;
|
||||
import org.alfresco.repo.domain.DbAccessControlList;
|
||||
import org.alfresco.repo.domain.DbAuthority;
|
||||
import org.alfresco.repo.domain.DbPermission;
|
||||
import org.alfresco.repo.domain.DbPermissionKey;
|
||||
import org.alfresco.repo.domain.Node;
|
||||
import org.alfresco.repo.node.db.NodeDaoService;
|
||||
import org.alfresco.repo.security.permissions.NodePermissionEntry;
|
||||
@@ -55,16 +55,12 @@ import org.springframework.orm.hibernate3.support.HibernateDaoSupport;
|
||||
*/
|
||||
public class PermissionsDaoComponentImpl extends HibernateDaoSupport implements PermissionsDaoComponent
|
||||
{
|
||||
private static final boolean INHERIT_PERMISSIONS_DEFAULT = true;
|
||||
public static final String QUERY_GET_PERMISSION = "permission.GetPermission";
|
||||
public static final String QUERY_GET_AC_LIST_FOR_NODE = "permission.GetAccessControlListForNode";
|
||||
public static final String QUERY_GET_AC_ENTRIES_FOR_AC_LIST = "permission.GetAccessControlEntriesForAccessControlList";
|
||||
public static final String QUERY_GET_AC_ENTRIES_FOR_AUTHORITY = "permission.GetAccessControlEntriesForAuthority";
|
||||
public static final String QUERY_GET_AC_ENTRIES_FOR_PERMISSION = "permission.GetAccessControlEntriesForPermission";
|
||||
public static final String QUERY_GET_AC_ENTRIES_FOR_AUTHORITY_AND_NODE = "permission.GetAccessControlEntriesForAuthorityAndNode";
|
||||
public static final String QUERY_GET_AC_ENTRY_FOR_ALL = "permission.GetAccessControlEntryForAll";
|
||||
|
||||
private NodeDaoService nodeDaoService;
|
||||
private SimpleCache<NodeRef, SimpleNodePermissionEntry> nullPermissionCache;
|
||||
|
||||
public PermissionsDaoComponentImpl()
|
||||
{
|
||||
@@ -76,11 +72,6 @@ public class PermissionsDaoComponentImpl extends HibernateDaoSupport implements
|
||||
this.nodeDaoService = nodeDaoService;
|
||||
}
|
||||
|
||||
public void setNullPermissionCache(SimpleCache<NodeRef, SimpleNodePermissionEntry> nullPermissionCache)
|
||||
{
|
||||
this.nullPermissionCache = nullPermissionCache;
|
||||
}
|
||||
|
||||
public NodePermissionEntry getPermissions(NodeRef nodeRef)
|
||||
{
|
||||
// Create the object if it is not found.
|
||||
@@ -88,20 +79,22 @@ public class PermissionsDaoComponentImpl extends HibernateDaoSupport implements
|
||||
// If the object does not exist it will repeatedly query to check its
|
||||
// non existence.
|
||||
|
||||
NodePermissionEntry npe = nullPermissionCache.get(nodeRef);
|
||||
if (npe != null)
|
||||
NodePermissionEntry npe = null;
|
||||
DbAccessControlList acl = null;
|
||||
Node node = getNode(nodeRef, false);
|
||||
if (node != null)
|
||||
{
|
||||
return npe;
|
||||
// get the persisted version
|
||||
acl = getAccessControlList(node, false);
|
||||
}
|
||||
// get the persisted version
|
||||
DbAccessControlList acl = getAccessControlList(nodeRef, false);
|
||||
if (acl == null)
|
||||
{
|
||||
// there isn't an access control list for the node - spoof a null one
|
||||
SimpleNodePermissionEntry snpe = new SimpleNodePermissionEntry(
|
||||
nodeRef, true, Collections.<SimplePermissionEntry> emptySet());
|
||||
nodeRef,
|
||||
true,
|
||||
Collections.<SimplePermissionEntry> emptySet());
|
||||
npe = snpe;
|
||||
nullPermissionCache.put(nodeRef, snpe);
|
||||
}
|
||||
else
|
||||
{
|
||||
@@ -122,46 +115,18 @@ public class PermissionsDaoComponentImpl extends HibernateDaoSupport implements
|
||||
* @param create - create the object if it is missing
|
||||
* @return Returns the current access control list or null if not found
|
||||
*/
|
||||
private DbAccessControlList getAccessControlList(final NodeRef nodeRef, boolean create)
|
||||
private DbAccessControlList getAccessControlList(Node node, boolean create)
|
||||
{
|
||||
// get the access control list for the node
|
||||
HibernateCallback callback = new HibernateCallback()
|
||||
DbAccessControlList acl = node.getAccessControlList();
|
||||
if (acl == null && create)
|
||||
{
|
||||
public Object doInHibernate(Session session)
|
||||
{
|
||||
Query query = session.getNamedQuery(PermissionsDaoComponentImpl.QUERY_GET_AC_LIST_FOR_NODE);
|
||||
query.setString("storeProtocol", nodeRef.getStoreRef().getProtocol())
|
||||
.setString("storeIdentifier", nodeRef.getStoreRef().getIdentifier())
|
||||
.setString("nodeUuid", nodeRef.getId());
|
||||
return query.list();
|
||||
}
|
||||
};
|
||||
@SuppressWarnings("unchecked")
|
||||
List<DbAccessControlList> results = (List<DbAccessControlList>) getHibernateTemplate().execute(callback);
|
||||
DbAccessControlList acl = null;
|
||||
if (results.size() == 0)
|
||||
{
|
||||
// create it
|
||||
if (create)
|
||||
{
|
||||
acl = createAccessControlList(nodeRef);
|
||||
}
|
||||
// else null will be returned
|
||||
}
|
||||
else if (results.size() > 0)
|
||||
{
|
||||
acl = (DbAccessControlList) results.get(0);
|
||||
}
|
||||
else if (results.size() > 1)
|
||||
{
|
||||
logger.warn("Duplicate access control lists for node: " + nodeRef);
|
||||
acl = (DbAccessControlList) results.get(0);
|
||||
acl = createAccessControlList(node);
|
||||
}
|
||||
// done
|
||||
if (logger.isDebugEnabled())
|
||||
{
|
||||
logger.debug("Retrieved access control list: \n" +
|
||||
" node: " + nodeRef + "\n" +
|
||||
" node: " + node.getNodeRef() + "\n" +
|
||||
" list: " + acl);
|
||||
}
|
||||
return acl;
|
||||
@@ -171,17 +136,17 @@ public class PermissionsDaoComponentImpl extends HibernateDaoSupport implements
|
||||
* Creates an access control list for the node and removes the entry from
|
||||
* the nullPermsionCache.
|
||||
*/
|
||||
private DbAccessControlList createAccessControlList(final NodeRef nodeRef)
|
||||
private DbAccessControlList createAccessControlList(Node node)
|
||||
{
|
||||
// get the node referenced
|
||||
Node node = getNode(nodeRef);
|
||||
|
||||
DbAccessControlList acl = new DbAccessControlListImpl();
|
||||
acl.setNode(node);
|
||||
acl.setInherits(true);
|
||||
acl.setInherits(INHERIT_PERMISSIONS_DEFAULT);
|
||||
getHibernateTemplate().save(acl);
|
||||
|
||||
nullPermissionCache.remove(nodeRef);
|
||||
// maintain inverse
|
||||
node.setAccessControlList(acl);
|
||||
|
||||
NodeRef nodeRef = node.getNodeRef();
|
||||
|
||||
// done
|
||||
if (logger.isDebugEnabled())
|
||||
@@ -195,12 +160,14 @@ public class PermissionsDaoComponentImpl extends HibernateDaoSupport implements
|
||||
|
||||
/**
|
||||
* @param nodeRef the node reference
|
||||
* @return Returns the node for the given reference, or null
|
||||
* @param mustExist true if an exception must be thrown if the node does not exist
|
||||
* @return Returns the node for the given reference, or null if <code>mustExist == false</code>
|
||||
* @throws InvalidNodeRefException if the node must exist but doesn't
|
||||
*/
|
||||
private Node getNode(NodeRef nodeRef)
|
||||
private Node getNode(NodeRef nodeRef, boolean mustExist)
|
||||
{
|
||||
Node node = nodeDaoService.getNode(nodeRef);
|
||||
if (node == null)
|
||||
if (node == null && mustExist)
|
||||
{
|
||||
throw new InvalidNodeRefException(nodeRef);
|
||||
}
|
||||
@@ -209,17 +176,25 @@ public class PermissionsDaoComponentImpl extends HibernateDaoSupport implements
|
||||
|
||||
public void deletePermissions(NodeRef nodeRef)
|
||||
{
|
||||
DbAccessControlList acl = getAccessControlList(nodeRef, false);
|
||||
Node node = getNode(nodeRef, false);
|
||||
if (node == null)
|
||||
{
|
||||
return;
|
||||
}
|
||||
DbAccessControlList acl = getAccessControlList(node, false);
|
||||
if (acl != null)
|
||||
{
|
||||
// delete the access control list - it will cascade to the entries
|
||||
getHibernateTemplate().delete(acl);
|
||||
// maintain inverse
|
||||
node.setAccessControlList(null);
|
||||
}
|
||||
}
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
public void deletePermissions(final String authority)
|
||||
{
|
||||
// get the authority
|
||||
HibernateCallback callback = new HibernateCallback()
|
||||
{
|
||||
public Object doInHibernate(Session session)
|
||||
@@ -227,7 +202,7 @@ public class PermissionsDaoComponentImpl extends HibernateDaoSupport implements
|
||||
Query query = session
|
||||
.getNamedQuery(QUERY_GET_AC_ENTRIES_FOR_AUTHORITY)
|
||||
.setString("authorityRecipient", authority);
|
||||
return (Integer) HibernateHelper.deleteQueryResults(session, query);
|
||||
return (Integer) HibernateHelper.deleteDbAccessControlEntries(session, query);
|
||||
}
|
||||
};
|
||||
Integer deletedCount = (Integer) getHibernateTemplate().execute(callback);
|
||||
@@ -240,20 +215,17 @@ public class PermissionsDaoComponentImpl extends HibernateDaoSupport implements
|
||||
|
||||
public void deletePermissions(final NodeRef nodeRef, final String authority)
|
||||
{
|
||||
HibernateCallback callback = new HibernateCallback()
|
||||
Node node = getNode(nodeRef, false);
|
||||
if (node == null)
|
||||
{
|
||||
public Object doInHibernate(Session session)
|
||||
{
|
||||
Query query = session
|
||||
.getNamedQuery(QUERY_GET_AC_ENTRIES_FOR_AUTHORITY_AND_NODE)
|
||||
.setString("authorityRecipient", authority)
|
||||
.setString("storeProtocol", nodeRef.getStoreRef().getProtocol())
|
||||
.setString("storeIdentifier", nodeRef.getStoreRef().getIdentifier())
|
||||
.setString("nodeUuid", nodeRef.getId());
|
||||
return HibernateHelper.deleteQueryResults(session, query);
|
||||
}
|
||||
};
|
||||
Integer deletedCount = (Integer) getHibernateTemplate().execute(callback);
|
||||
return;
|
||||
}
|
||||
DbAccessControlList acl = node.getAccessControlList();
|
||||
int deletedCount = 0;
|
||||
if (acl != null)
|
||||
{
|
||||
deletedCount = acl.deleteEntriesForAuthority(authority);
|
||||
}
|
||||
// done
|
||||
if (logger.isDebugEnabled())
|
||||
{
|
||||
@@ -268,40 +240,43 @@ public class PermissionsDaoComponentImpl extends HibernateDaoSupport implements
|
||||
* the given criteria. Note that the access control list for the node is
|
||||
* not deleted.
|
||||
*/
|
||||
public void deletePermission(final NodeRef nodeRef, final String authority, final PermissionReference permission)
|
||||
public void deletePermission(NodeRef nodeRef, String authority, PermissionReference permission)
|
||||
{
|
||||
// get the entry
|
||||
DbAccessControlEntry entry = getAccessControlEntry(nodeRef, authority, permission);
|
||||
if (entry != null)
|
||||
Node node = getNode(nodeRef, false);
|
||||
if (node == null)
|
||||
{
|
||||
getHibernateTemplate().delete(entry);
|
||||
// done
|
||||
if (logger.isDebugEnabled())
|
||||
{
|
||||
logger.debug("Deleted entry for criteria: \n" +
|
||||
" node: " + nodeRef + "\n" +
|
||||
" authority: " + authority + "\n" +
|
||||
" permission: " + permission);
|
||||
}
|
||||
return;
|
||||
}
|
||||
DbAccessControlList acl = node.getAccessControlList();
|
||||
int deletedCount = 0;
|
||||
if (acl != null)
|
||||
{
|
||||
DbPermissionKey permissionKey = new DbPermissionKey(permission.getQName(), permission.getName());
|
||||
deletedCount = acl.deleteEntry(authority, permissionKey);
|
||||
}
|
||||
// done
|
||||
if (logger.isDebugEnabled())
|
||||
{
|
||||
logger.debug("Deleted " + deletedCount + "entries for criteria: \n" +
|
||||
" node: " + nodeRef + "\n" +
|
||||
" permission: " + permission + "\n" +
|
||||
" authority: " + authority);
|
||||
}
|
||||
}
|
||||
|
||||
public void setPermission(NodeRef nodeRef, String authority, PermissionReference permission, boolean allow)
|
||||
{
|
||||
Node node = getNode(nodeRef, true);
|
||||
// get the entry
|
||||
DbAccessControlEntry entry = getAccessControlEntry(nodeRef, authority, permission);
|
||||
DbAccessControlEntry entry = getAccessControlEntry(node, authority, permission);
|
||||
if (entry == null)
|
||||
{
|
||||
// need to create it
|
||||
DbAccessControlList dbAccessControlList = getAccessControlList(nodeRef, true);
|
||||
DbAccessControlList dbAccessControlList = getAccessControlList(node, true);
|
||||
DbPermission dbPermission = getPermission(permission, true);
|
||||
DbAuthority dbAuthority = getAuthority(authority, true);
|
||||
// set persistent objects
|
||||
entry = DbAccessControlEntryImpl.create(dbAccessControlList, dbPermission, dbAuthority, allow);
|
||||
// save it
|
||||
getHibernateTemplate().save(entry);
|
||||
// drop the entry from the null cache
|
||||
nullPermissionCache.remove(nodeRef);
|
||||
entry = dbAccessControlList.newEntry(dbPermission, dbAuthority, allow);
|
||||
// done
|
||||
if (logger.isDebugEnabled())
|
||||
{
|
||||
@@ -326,31 +301,22 @@ public class PermissionsDaoComponentImpl extends HibernateDaoSupport implements
|
||||
* @return Returns all access control entries that match the criteria
|
||||
*/
|
||||
private DbAccessControlEntry getAccessControlEntry(
|
||||
final NodeRef nodeRef,
|
||||
final String authority,
|
||||
final PermissionReference permission)
|
||||
Node node,
|
||||
String authority,
|
||||
PermissionReference permission)
|
||||
{
|
||||
HibernateCallback callback = new HibernateCallback()
|
||||
DbAccessControlList acl = getAccessControlList(node, false);
|
||||
DbAccessControlEntry entry = null;
|
||||
if (acl != null)
|
||||
{
|
||||
public Object doInHibernate(Session session)
|
||||
{
|
||||
Query query = session
|
||||
.getNamedQuery(QUERY_GET_AC_ENTRY_FOR_ALL)
|
||||
.setString("permissionTypeQName", permission.getQName().toString())
|
||||
.setString("permissionName", permission.getName())
|
||||
.setString("authorityRecipient", authority)
|
||||
.setString("storeProtocol", nodeRef.getStoreRef().getProtocol())
|
||||
.setString("storeIdentifier", nodeRef.getStoreRef().getIdentifier())
|
||||
.setString("nodeUuid", nodeRef.getId());
|
||||
return (DbAccessControlEntry) query.uniqueResult();
|
||||
}
|
||||
};
|
||||
DbAccessControlEntry entry = (DbAccessControlEntry) getHibernateTemplate().execute(callback);
|
||||
DbPermissionKey permissionKey = new DbPermissionKey(permission.getQName(), permission.getName());
|
||||
entry = acl.getEntry(authority, permissionKey);
|
||||
}
|
||||
// done
|
||||
if (logger.isDebugEnabled())
|
||||
{
|
||||
logger.debug("" + (entry == null ? "Did not find" : "Found") + "entry for criteria: \n" +
|
||||
" node: " + nodeRef + "\n" +
|
||||
" node: " + node.getId() + "\n" +
|
||||
" authority: " + authority + "\n" +
|
||||
" permission: " + permission);
|
||||
}
|
||||
@@ -383,15 +349,9 @@ public class PermissionsDaoComponentImpl extends HibernateDaoSupport implements
|
||||
{
|
||||
final QName qname = permissionRef.getQName();
|
||||
final String name = permissionRef.getName();
|
||||
Session session = getSession();
|
||||
|
||||
HibernateCallback callback = new HibernateCallback()
|
||||
{
|
||||
public Object doInHibernate(Session session)
|
||||
{
|
||||
return DbPermissionImpl.find(session, qname, name);
|
||||
}
|
||||
};
|
||||
DbPermission dbPermission = (DbPermission) getHibernateTemplate().execute(callback);
|
||||
DbPermission dbPermission = DbPermissionImpl.find(session, qname, name);
|
||||
|
||||
// create if necessary
|
||||
if ((dbPermission == null) && create)
|
||||
@@ -416,24 +376,21 @@ public class PermissionsDaoComponentImpl extends HibernateDaoSupport implements
|
||||
public void setPermission(NodePermissionEntry nodePermissionEntry)
|
||||
{
|
||||
NodeRef nodeRef = nodePermissionEntry.getNodeRef();
|
||||
// get the access control list
|
||||
DbAccessControlList acl = getAccessControlList(nodeRef, false);
|
||||
if (acl == null)
|
||||
Node node = getNode(nodeRef, true);
|
||||
|
||||
// Get the access control list
|
||||
// Note the logic here requires to know whether it was created or not
|
||||
DbAccessControlList acl = getAccessControlList(node, false);
|
||||
if (acl != null)
|
||||
{
|
||||
// create the access control list
|
||||
acl = createAccessControlList(nodeRef);
|
||||
}
|
||||
else
|
||||
{
|
||||
// remove entries associated with the list
|
||||
int deleted = acl.deleteEntries();
|
||||
if (logger.isDebugEnabled())
|
||||
{
|
||||
logger.debug("Deleted " + deleted + " entries for access control list: \n" +
|
||||
" acl: " + acl);
|
||||
}
|
||||
getSession().flush();
|
||||
// drop the list
|
||||
getHibernateTemplate().delete(acl);
|
||||
// update node
|
||||
node.setAccessControlList(null);
|
||||
}
|
||||
// create the access control list
|
||||
acl = createAccessControlList(node);
|
||||
|
||||
// set attributes
|
||||
acl.setInherits(nodePermissionEntry.inheritPermissions());
|
||||
|
||||
@@ -447,24 +404,41 @@ public class PermissionsDaoComponentImpl extends HibernateDaoSupport implements
|
||||
DbPermission permissionEntity = getPermission(permission, true);
|
||||
DbAuthority authorityEntity = getAuthority(authority, true);
|
||||
|
||||
DbAccessControlEntryImpl entry = DbAccessControlEntryImpl.create(
|
||||
acl,
|
||||
permissionEntity,
|
||||
authorityEntity,
|
||||
isAllowed);
|
||||
getHibernateTemplate().save(entry);
|
||||
@SuppressWarnings("unused")
|
||||
DbAccessControlEntryImpl entry = acl.newEntry(permissionEntity, authorityEntity, isAllowed);
|
||||
}
|
||||
}
|
||||
|
||||
public void setInheritParentPermissions(NodeRef nodeRef, boolean inheritParentPermissions)
|
||||
{
|
||||
DbAccessControlList acl = getAccessControlList(nodeRef, true);
|
||||
acl.setInherits(inheritParentPermissions);
|
||||
Node node = getNode(nodeRef, true);
|
||||
|
||||
DbAccessControlList acl = null;
|
||||
if (!inheritParentPermissions)
|
||||
{
|
||||
// Inheritance == true is the default, so only force a create of the ACL if the value false
|
||||
acl = getAccessControlList(node, true);
|
||||
acl.setInherits(false);
|
||||
}
|
||||
else
|
||||
{
|
||||
acl = getAccessControlList(node, false);
|
||||
if (acl != null)
|
||||
{
|
||||
acl.setInherits(true);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public boolean getInheritParentPermissions(NodeRef nodeRef)
|
||||
{
|
||||
DbAccessControlList acl = getAccessControlList(nodeRef, false);
|
||||
Node node = getNode(nodeRef, false);
|
||||
if (node == null)
|
||||
{
|
||||
return INHERIT_PERMISSIONS_DEFAULT;
|
||||
}
|
||||
|
||||
DbAccessControlList acl = getAccessControlList(node, false);
|
||||
if (acl == null)
|
||||
{
|
||||
return true;
|
||||
@@ -484,46 +458,19 @@ public class PermissionsDaoComponentImpl extends HibernateDaoSupport implements
|
||||
{
|
||||
ParameterCheck.mandatory("acl", acl);
|
||||
}
|
||||
List<DbAccessControlEntry> entries = getEntriesForList(acl);
|
||||
Set<DbAccessControlEntry> entries = acl.getEntries();
|
||||
SimpleNodePermissionEntry snpe = new SimpleNodePermissionEntry(
|
||||
acl.getNode().getNodeRef(),
|
||||
acl.getInherits(),
|
||||
createSimplePermissionEntries(entries));
|
||||
return snpe;
|
||||
}
|
||||
|
||||
/**
|
||||
* Executes a query to retrieve the access control list's entries
|
||||
*
|
||||
* @param acl the access control list
|
||||
* @return Returns a list of the entries
|
||||
*/
|
||||
@SuppressWarnings("unchecked")
|
||||
private List<DbAccessControlEntry> getEntriesForList(final DbAccessControlList acl)
|
||||
{
|
||||
HibernateCallback callback = new HibernateCallback()
|
||||
{
|
||||
public Object doInHibernate(Session session)
|
||||
{
|
||||
Query query = session.getNamedQuery(QUERY_GET_AC_ENTRIES_FOR_AC_LIST);
|
||||
query.setLong("accessControlListId", acl.getId());
|
||||
return query.list();
|
||||
}
|
||||
};
|
||||
List<DbAccessControlEntry> entries = (List<DbAccessControlEntry>) getHibernateTemplate().execute(callback);
|
||||
// done
|
||||
if (logger.isDebugEnabled())
|
||||
{
|
||||
logger.debug("Found " + entries.size() + " entries for access control list " + acl.getId());
|
||||
}
|
||||
return entries;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param entries access control entries
|
||||
* @return Returns a unique set of entries that can be given back to the outside world
|
||||
*/
|
||||
private Set<SimplePermissionEntry> createSimplePermissionEntries(List<DbAccessControlEntry> entries)
|
||||
private Set<SimplePermissionEntry> createSimplePermissionEntries(Collection<DbAccessControlEntry> entries)
|
||||
{
|
||||
if (entries == null)
|
||||
{
|
||||
|
||||
@@ -23,9 +23,9 @@
|
||||
<many-to-one
|
||||
name="rootNode"
|
||||
not-null="true"
|
||||
lazy="false"
|
||||
lazy="proxy"
|
||||
class="org.alfresco.repo.domain.hibernate.NodeImpl"
|
||||
fetch="join" >
|
||||
fetch="select" >
|
||||
<column name="root_node_id" />
|
||||
</many-to-one>
|
||||
</class>
|
||||
|
||||
@@ -123,7 +123,7 @@ public class StoreImpl implements Store
|
||||
return key;
|
||||
}
|
||||
|
||||
public synchronized void setKey(StoreKey key)
|
||||
public void setKey(StoreKey key)
|
||||
{
|
||||
refWriteLock.lock();
|
||||
try
|
||||
|
||||
Reference in New Issue
Block a user