MT - fix testCOCIandSearch (fallout from CHK-9517)

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@16688 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261

source/java/org/alfresco/repo/security/authentication/AuthenticationUtil.java

@@ -416,6 +416,20 @@ public class AuthenticationUtil implements InitializingBean
         {
             throw new IllegalStateException("AuthenticationUtil not yet initialised; default admin username not available");
         }
+        
+        if (isMtEnabled())
+        {
+            String runAsUser = AuthenticationUtil.getRunAsUser();
+            if (runAsUser != null)
+            {
+                String[] parts = splitUserTenant(runAsUser);
+                if (parts.length == 2)
+                {
+                    return defaultAdminUserName + TenantService.SEPARATOR + parts[1];
+                }
+            }
+        }
+        
         return defaultAdminUserName;
     }
 
@@ -579,10 +593,10 @@ public class AuthenticationUtil implements InitializingBean
         
         if (isMtEnabled())
         {
-            int idx = userName.indexOf(TenantService.SEPARATOR);
-            if ((idx != -1) && (idx < (userName.length() - 1)))
+            String[] parts = splitUserTenant(userName);
+            if (parts.length == 2)
             {
-                NDC.push("Tenant:" + userName.substring(idx + 1) + " User:" + userName.substring(0, idx));
+                NDC.push("Tenant:" + parts[1] + " User:" + parts[0]);
             }
             else
             {
@@ -595,4 +609,8 @@ public class AuthenticationUtil implements InitializingBean
         }
     }
     
+    private static String[] splitUserTenant(String userName)
+    {
+        return userName.split(TenantService.SEPARATOR);
+    }
 }

source/java/org/alfresco/repo/security/authority/AuthorityServiceImpl.java

@@ -175,11 +175,28 @@ public class AuthorityServiceImpl implements AuthorityService, InitializingBean
         // Check named admin users
         Set<String> adminUsers = this.authenticationService.getDefaultAdministratorUserNames();
         
+        String currentUserBaseName = tenantService.getBaseNameUser(currentUserName);
+        
+        boolean isAdminUser = false;
+        if (tenantService.isEnabled())
+        {
             // note: for multi-tenancy, this currently relies on a naming convention which assumes that all tenant admins will 
             // have the same base name as the default non-tenant specific admin. Typically "admin" is the default required admin user, 
             // although, if for example "bob" is also listed as an admin then all tenant-specific bob's will also have admin authority
-        String currentUserBaseName = tenantService.getBaseNameUser(currentUserName);
-        boolean isAdminUser = (adminUsers.contains(currentUserName) || adminUsers.contains(currentUserBaseName));
+            
+            for (String adminUser : adminUsers)
+            {
+                if (adminUser.equals(currentUserName) || tenantService.getBaseNameUser(adminUser).equals(currentUserBaseName))
+                {
+                    isAdminUser = true;
+                    break;
+                }
+            }
+        }
+        else
+        {
+            isAdminUser = adminUsers.contains(currentUserName);
+        }
         
         // Check named admin groups
         if (!isAdminUser && !adminGroups.isEmpty())

source/java/org/alfresco/repo/tenant/MultiTAdminServiceImpl.java

@@ -1242,7 +1242,7 @@ public class MultiTAdminServiceImpl implements TenantAdminService, ApplicationCo
         {
             return baseAdminUsername;
         }
-        return AuthenticationUtil.getAdminUserName();
+        return getBaseNameUser(AuthenticationUtil.getAdminUserName());
     }
     
     private String getSystemUser(String tenantDomain)