Merged DEV to HEAD (5.1)

110726: ACE-979: WebDav MT RepositoryAuthenticationDao.getUserFolderLocation() seems to be no tenant-safe - Implemented a JUnit test. - Fixed RepositoryAuthenticationDAO.getUserFolderLocation() to use cache keys with tenant domain and use the domain to find correct user store. git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@111250 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-10-15 15:02:20 +00:00 · 2015-09-02 07:17:48 +00:00
parent 87a1d5221d
commit bb47289edf
2 changed files with 43 additions and 7 deletions
--- a/source/java/org/alfresco/repo/security/authentication/RepositoryAuthenticationDao.java
+++ b/source/java/org/alfresco/repo/security/authentication/RepositoryAuthenticationDao.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2005-2013 Alfresco Software Limited.
+ * Copyright (C) 2005-2014 Alfresco Software Limited.
 *
 * This file is part of Alfresco
 *
@@ -308,14 +308,13 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao, In
    private NodeRef getUserFolderLocation(String caseSensitiveUserName)
    {
-        NodeRef userNodeRef = singletonCache.get(KEY_USERFOLDER_NODEREF);
+        NodeRef userNodeRef = singletonCache.get((tenantService.getUserDomain(caseSensitiveUserName) + KEY_USERFOLDER_NODEREF));
        if (userNodeRef == null)
        {
            QName qnameAssocSystem = QName.createQName("sys", "system", namespacePrefixResolver);
            QName qnameAssocUsers = QName.createQName("sys", "people", namespacePrefixResolver);
-            //StoreRef userStoreRef = tenantService.getName(caseSensitiveUserName, new StoreRef(STOREREF_USERS.getProtocol(), STOREREF_USERS.getIdentifier()));
+            StoreRef userStoreRef = tenantService.getName(caseSensitiveUserName, new StoreRef(STOREREF_USERS.getProtocol(), STOREREF_USERS.getIdentifier()));
            StoreRef userStoreRef = new StoreRef(STOREREF_USERS.getProtocol(), STOREREF_USERS.getIdentifier());
            // AR-527
            NodeRef rootNode = nodeService.getRootNode(userStoreRef);
@@ -338,7 +337,7 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao, In
            {
                userNodeRef = tenantService.getName(results.get(0).getChildRef());
            }
-            singletonCache.put(KEY_USERFOLDER_NODEREF, userNodeRef);
+            singletonCache.put((tenantService.getUserDomain(caseSensitiveUserName) + KEY_USERFOLDER_NODEREF), userNodeRef);
        }
        return userNodeRef;
    }
--- a/source/test-java/org/alfresco/repo/security/authentication/AuthenticationTest.java
+++ b/source/test-java/org/alfresco/repo/security/authentication/AuthenticationTest.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2005-2011 Alfresco Software Limited.
+ * Copyright (C) 2005-2014 Alfresco Software Limited.
 *
 * This file is part of Alfresco
 *
@@ -53,6 +53,7 @@ import org.alfresco.repo.security.authentication.InMemoryTicketComponentImpl.Tic
 import org.alfresco.repo.security.authentication.RepositoryAuthenticationDao.CacheEntry;
 import org.alfresco.repo.tenant.TenantAdminService;
 import org.alfresco.repo.tenant.TenantService;
 import org.alfresco.repo.tenant.TenantUtil;
 import org.alfresco.repo.transaction.AlfrescoTransactionSupport;
 import org.alfresco.repo.transaction.AlfrescoTransactionSupport.TxnReadState;
 import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback;
@@ -115,6 +116,11 @@ public class AuthenticationTest extends TestCase
    private SimpleCache<String, CacheEntry> authenticationCache;    
    private SimpleCache<String, NodeRef> immutableSingletonCache;
    private static final String TEST_RUN = System.currentTimeMillis()+"";
    private static final String TEST_TENANT_DOMAIN = TEST_RUN+".my.test";
    private static final String DEFAULT_ADMIN_PW = "admin";
    private static final String TENANT_ADMIN_PW = DEFAULT_ADMIN_PW + TEST_TENANT_DOMAIN;
    public AuthenticationTest()
    {
        super();
@@ -444,6 +450,37 @@ public class AuthenticationTest extends TestCase
        return dao;
    }
    /**
     * Test for ALF-20680
     * Test of the {@link RepositoryAuthenticationDao#getUserFolderLocation(String)} in multitenancy
     */
    public void testAuthenticateMultiTenant()
    {
        // Create a tenant domain
        TenantUtil.runAsSystemTenant(new TenantUtil.TenantRunAsWork<Object>() {
            public Object doWork() throws Exception {
                if (!tenantAdminService.existsTenant(TEST_TENANT_DOMAIN)) {
                    tenantAdminService.createTenant(TEST_TENANT_DOMAIN, TENANT_ADMIN_PW.toCharArray(), null);
                }
                return null;
            }
        }, TenantService.DEFAULT_DOMAIN);
        // Use default admin
        authenticateMultiTenantWork(AuthenticationUtil.getAdminUserName(), DEFAULT_ADMIN_PW);
        // Use tenant admin
        authenticateMultiTenantWork(AuthenticationUtil.getAdminUserName() + TenantService.SEPARATOR + TEST_TENANT_DOMAIN, TENANT_ADMIN_PW);
    }
    private void authenticateMultiTenantWork(String userName, String password)
    {
        String hashedPassword = dao.getMD4HashedPassword(userName);
        assertNotNull(hashedPassword);
        UserDetails userDetails = (UserDetails) dao.loadUserByUsername(userName);
        assertEquals(passwordEncoder.encodePassword(password, dao.getSalt(userDetails)), hashedPassword);
    }
    public void testCreateAndyUserAndOtherCRUD() throws NoSuchAlgorithmException, UnsupportedEncodingException
    {
        RepositoryAuthenticationDao dao = createRepositoryAuthenticationDao();