inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-24 17:32:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix AR-191, AR-192: CIFS and other network protocols will now treat everything as read-only when the server is in read-only mode

Browse Source 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@3124 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Derek Hulley
2006-06-16 11:01:51 +00:00
parent dab54834b8
commit affce5b315
5 changed files with 66 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
config/alfresco/domain/transaction.properties
View File

@@ -3,7 +3,7 @@
# #
server.transaction.mode.readOnly=PROPAGATION_REQUIRED, readOnly server.transaction.mode.readOnly=PROPAGATION_REQUIRED, readOnly
# the properties below should change in tandem # the properties below should change in tandem
# server.transaction.mode=PROPAGATION_REQUIRED, readOnly #server.transaction.mode.default=PROPAGATION_REQUIRED, readOnly
#server.transaction.allow-writes=false #server.transaction.allow-writes=false
server.transaction.mode.default=PROPAGATION_REQUIRED server.transaction.mode.default=PROPAGATION_REQUIRED
server.transaction.allow-writes=true server.transaction.allow-writes=true

1
config/alfresco/network-protocol-context.xml
View File

@@ -66,6 +66,7 @@
<property name="fileFolderService"><ref bean="FileFolderService" /></property> <property name="fileFolderService"><ref bean="FileFolderService" /></property>
<property name="mimetypeService"><ref bean="mimetypeService" /></property> <property name="mimetypeService"><ref bean="mimetypeService" /></property>
<property name="permissionService"><ref bean="permissionService"/></property> <property name="permissionService"><ref bean="permissionService"/></property>
<property name="allowWrites"><value>${server.transaction.allow-writes}</value></property>
</bean> </bean>
</beans> </beans>

32
source/java/org/alfresco/filesys/smb/server/repo/CifsHelper.java
View File

@@ -64,6 +64,7 @@ public class CifsHelper
private FileFolderService fileFolderService; private FileFolderService fileFolderService;
private MimetypeService mimetypeService; private MimetypeService mimetypeService;
private PermissionService permissionService; private PermissionService permissionService;
private boolean isReadOnly;
// Mark locked files as offline // Mark locked files as offline
@@ -74,6 +75,7 @@ public class CifsHelper
*/ */
public CifsHelper() public CifsHelper()
{ {
isReadOnly = false;
} }
public void setDictionaryService(DictionaryService dictionaryService) public void setDictionaryService(DictionaryService dictionaryService)
@@ -101,6 +103,24 @@ public class CifsHelper
this.permissionService = permissionService; this.permissionService = permissionService;
} }
/**
* @return Returns true if all files/folders should be treated as read-only
*/
public boolean isReadOnly()
{
return isReadOnly;
}
/**
* Set whether the system allows files to be edited or not. The default is
* to allow writes.
* @param allowWrites true to allow writes, otherwise false for read-only mode
*/
public void setAllowWrites(boolean allowWrites)
{
this.isReadOnly = !allowWrites;
}
/** /**
* Enable marking of locked files as offline * Enable marking of locked files as offline
* *
@@ -256,8 +276,16 @@ public class CifsHelper
// Read/write access // Read/write access
if ( permissionService.hasPermission(nodeRef, PermissionService.WRITE) == AccessStatus.DENIED) boolean hasPermission = permissionService.hasPermission(nodeRef, PermissionService.WRITE) == AccessStatus.DENIED;
fileInfo.setFileAttributes(fileInfo.getFileAttributes() + FileAttribute.ReadOnly); if (isReadOnly || !hasPermission)
{
int attr = fileInfo.getFileAttributes();
if (( attr & FileAttribute.ReadOnly) == 0)
{
attr += FileAttribute.ReadOnly;
fileInfo.setFileAttributes(attr);
}
}
// Set the normal file attribute if no other attributes are set // Set the normal file attribute if no other attributes are set

20
source/java/org/alfresco/filesys/smb/server/repo/ContentDiskDriver.java
View File

@@ -32,6 +32,7 @@ import org.alfresco.filesys.server.core.DeviceContextException;
import org.alfresco.filesys.server.filesys.AccessDeniedException; import org.alfresco.filesys.server.filesys.AccessDeniedException;
import org.alfresco.filesys.server.filesys.AccessMode; import org.alfresco.filesys.server.filesys.AccessMode;
import org.alfresco.filesys.server.filesys.DiskInterface; import org.alfresco.filesys.server.filesys.DiskInterface;
import org.alfresco.filesys.server.filesys.FileAttribute;
import org.alfresco.filesys.server.filesys.FileInfo; import org.alfresco.filesys.server.filesys.FileInfo;
import org.alfresco.filesys.server.filesys.FileName; import org.alfresco.filesys.server.filesys.FileName;
import org.alfresco.filesys.server.filesys.FileOpenParams; import org.alfresco.filesys.server.filesys.FileOpenParams;
@@ -466,9 +467,16 @@ public class ContentDiskDriver implements DiskInterface, IOCtlInterface
* @exception java.io.IOException If an error occurs. * @exception java.io.IOException If an error occurs.
*/ */
public boolean isReadOnly(SrvSession sess, DeviceContext ctx) throws IOException public boolean isReadOnly(SrvSession sess, DeviceContext ctx) throws IOException
{
if (cifsHelper.isReadOnly())
{
return true;
}
else
{ {
return false; return false;
} }
}
/** /**
* Get the file information for the specified file. * Get the file information for the specified file.
@@ -505,9 +513,19 @@ public class ContentDiskDriver implements DiskInterface, IOCtlInterface
if ( pfile != null) if ( pfile != null)
{ {
// DEBUG // DEBUG
if ( logger.isDebugEnabled()) if ( logger.isDebugEnabled())
logger.debug("getInfo using pseudo file info for " + path); logger.debug("getInfo using pseudo file info for " + path);
FileInfo pseudoFileInfo = pfile.getFileInfo();
if (cifsHelper.isReadOnly())
{
int attr = pseudoFileInfo.getFileAttributes();
if (( attr & FileAttribute.ReadOnly) == 0)
{
attr += FileAttribute.ReadOnly;
pseudoFileInfo.setFileAttributes(attr);
}
}
return pfile.getFileInfo(); return pfile.getFileInfo();
} }
} }

17
source/java/org/alfresco/repo/security/permissions/impl/ExceptionTranslatorMethodInterceptor.java
View File

@@ -16,11 +16,14 @@
*/ */
package org.alfresco.repo.security.permissions.impl; package org.alfresco.repo.security.permissions.impl;
import net.sf.acegisecurity.AccessDeniedException; import org.alfresco.repo.security.permissions.AccessDeniedException;
import org.aopalliance.intercept.MethodInterceptor; import org.aopalliance.intercept.MethodInterceptor;
import org.aopalliance.intercept.MethodInvocation; import org.aopalliance.intercept.MethodInvocation;
import org.springframework.dao.InvalidDataAccessApiUsageException;
/**
* Interceptor to translate and possibly I18Nize exceptions thrown by service calls.
*/
public class ExceptionTranslatorMethodInterceptor implements MethodInterceptor public class ExceptionTranslatorMethodInterceptor implements MethodInterceptor
{ {
private static final String MSG_ACCESS_DENIED = "permissions.err_access_denied"; private static final String MSG_ACCESS_DENIED = "permissions.err_access_denied";
@@ -36,10 +39,14 @@ public class ExceptionTranslatorMethodInterceptor implements MethodInterceptor
{ {
return mi.proceed(); return mi.proceed();
} }
catch(AccessDeniedException ade) catch (net.sf.acegisecurity.AccessDeniedException ade)
{ {
throw new org.alfresco.repo.security.permissions.AccessDeniedException(MSG_ACCESS_DENIED, ade); throw new AccessDeniedException(MSG_ACCESS_DENIED, ade);
}
catch (InvalidDataAccessApiUsageException e)
{
// this usually occurs when the server is in read-only mode
throw new AccessDeniedException(MSG_ACCESS_DENIED, e);
} }
} }
} }