inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-24 17:32:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix AR-191, AR-192: CIFS and other network protocols will now treat everything as read-only when the server is in read-only mode

Browse Source 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@3124 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Derek Hulley
2006-06-16 11:01:51 +00:00
parent dab54834b8
commit affce5b315
5 changed files with 66 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
config/alfresco/domain/transaction.properties
View File

@@ -3,7 +3,7 @@
#
server.transaction.mode.readOnly=PROPAGATION_REQUIRED, readOnly
# the properties below should change in tandem
# server.transaction.mode=PROPAGATION_REQUIRED, readOnly
# server.transaction.allow-writes=false
#server.transaction.mode.default=PROPAGATION_REQUIRED, readOnly
#server.transaction.allow-writes=false
server.transaction.mode.default=PROPAGATION_REQUIRED
server.transaction.allow-writes=true

1
config/alfresco/network-protocol-context.xml
View File

@@ -66,6 +66,7 @@
<property name="fileFolderService"><ref bean="FileFolderService" /></property>
<property name="mimetypeService"><ref bean="mimetypeService" /></property>
<property name="permissionService"><ref bean="permissionService"/></property>
<property name="allowWrites"><value>${server.transaction.allow-writes}</value></property>
</bean>
</beans>

34
source/java/org/alfresco/filesys/smb/server/repo/CifsHelper.java
View File

@@ -64,6 +64,7 @@ public class CifsHelper
private FileFolderService fileFolderService;
private MimetypeService mimetypeService;
private PermissionService permissionService;
private boolean isReadOnly;
// Mark locked files as offline
@@ -74,6 +75,7 @@ public class CifsHelper
*/
public CifsHelper()
{
isReadOnly = false;
}
public void setDictionaryService(DictionaryService dictionaryService)
@@ -101,6 +103,24 @@ public class CifsHelper
this.permissionService = permissionService;
}
/**
* @return Returns true if all files/folders should be treated as read-only
*/
public boolean isReadOnly()
{
return isReadOnly;
}
/**
* Set whether the system allows files to be edited or not. The default is
* to allow writes.
* @param allowWrites true to allow writes, otherwise false for read-only mode
*/
public void setAllowWrites(boolean allowWrites)
{
this.isReadOnly = !allowWrites;
}
/**
* Enable marking of locked files as offline
*
@@ -216,7 +236,7 @@ public class CifsHelper
String lockTypeStr = (String) nodeProperties.get(ContentModel.PROP_LOCK_TYPE);
if ( lockTypeStr != null)
if ( lockTypeStr != null )
{
// File is locked so mark it as read-only and offline
@@ -256,8 +276,16 @@ public class CifsHelper
// Read/write access
if ( permissionService.hasPermission(nodeRef, PermissionService.WRITE) == AccessStatus.DENIED)
fileInfo.setFileAttributes(fileInfo.getFileAttributes() + FileAttribute.ReadOnly);
boolean hasPermission = permissionService.hasPermission(nodeRef, PermissionService.WRITE) == AccessStatus.DENIED;
if (isReadOnly || !hasPermission)
{
int attr = fileInfo.getFileAttributes();
if (( attr & FileAttribute.ReadOnly) == 0)
{
attr += FileAttribute.ReadOnly;
fileInfo.setFileAttributes(attr);
}
}
// Set the normal file attribute if no other attributes are set

22
source/java/org/alfresco/filesys/smb/server/repo/ContentDiskDriver.java
View File

@@ -32,6 +32,7 @@ import org.alfresco.filesys.server.core.DeviceContextException;
import org.alfresco.filesys.server.filesys.AccessDeniedException;
import org.alfresco.filesys.server.filesys.AccessMode;
import org.alfresco.filesys.server.filesys.DiskInterface;
import org.alfresco.filesys.server.filesys.FileAttribute;
import org.alfresco.filesys.server.filesys.FileInfo;
import org.alfresco.filesys.server.filesys.FileName;
import org.alfresco.filesys.server.filesys.FileOpenParams;
@@ -467,7 +468,14 @@ public class ContentDiskDriver implements DiskInterface, IOCtlInterface
*/
public boolean isReadOnly(SrvSession sess, DeviceContext ctx) throws IOException
{
return false;
if (cifsHelper.isReadOnly())
{
return true;
}
else
{
return false;
}
}
/**
@@ -505,9 +513,19 @@ public class ContentDiskDriver implements DiskInterface, IOCtlInterface
if ( pfile != null)
{
// DEBUG
if ( logger.isDebugEnabled())
logger.debug("getInfo using pseudo file info for " + path);
FileInfo pseudoFileInfo = pfile.getFileInfo();
if (cifsHelper.isReadOnly())
{
int attr = pseudoFileInfo.getFileAttributes();
if (( attr & FileAttribute.ReadOnly) == 0)
{
attr += FileAttribute.ReadOnly;
pseudoFileInfo.setFileAttributes(attr);
}
}
return pfile.getFileInfo();
}
}

17
source/java/org/alfresco/repo/security/permissions/impl/ExceptionTranslatorMethodInterceptor.java
View File

@@ -16,11 +16,14 @@
*/
package org.alfresco.repo.security.permissions.impl;
import net.sf.acegisecurity.AccessDeniedException;
import org.alfresco.repo.security.permissions.AccessDeniedException;
import org.aopalliance.intercept.MethodInterceptor;
import org.aopalliance.intercept.MethodInvocation;
import org.springframework.dao.InvalidDataAccessApiUsageException;
/**
* Interceptor to translate and possibly I18Nize exceptions thrown by service calls.
*/
public class ExceptionTranslatorMethodInterceptor implements MethodInterceptor
{
private static final String MSG_ACCESS_DENIED = "permissions.err_access_denied";
@@ -36,10 +39,14 @@ public class ExceptionTranslatorMethodInterceptor implements MethodInterceptor
{
return mi.proceed();
}
catch(AccessDeniedException ade)
catch (net.sf.acegisecurity.AccessDeniedException ade)
{
throw new org.alfresco.repo.security.permissions.AccessDeniedException(MSG_ACCESS_DENIED, ade);
throw new AccessDeniedException(MSG_ACCESS_DENIED, ade);
}
catch (InvalidDataAccessApiUsageException e)
{
// this usually occurs when the server is in read-only mode
throw new AccessDeniedException(MSG_ACCESS_DENIED, e);
}
}
}