mirror of
				https://github.com/Alfresco/alfresco-community-repo.git
				synced 2025-10-22 15:12:38 +00:00 
			
		
		
		
	Merged DEV to HEAD (5.1)
110726: ACE-979: WebDav MT RepositoryAuthenticationDao.getUserFolderLocation() seems to be no tenant-safe
      - Implemented a JUnit test.
      - Fixed RepositoryAuthenticationDAO.getUserFolderLocation() to use cache keys with tenant domain and use the domain to find correct user store.
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@111250 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
			
			
This commit is contained in:
		| @@ -1,5 +1,5 @@ | |||||||
| /* | /* | ||||||
|  * Copyright (C) 2005-2013 Alfresco Software Limited. |  * Copyright (C) 2005-2014 Alfresco Software Limited. | ||||||
|  * |  * | ||||||
|  * This file is part of Alfresco |  * This file is part of Alfresco | ||||||
|  * |  * | ||||||
| @@ -308,14 +308,13 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao, In | |||||||
|      |      | ||||||
|     private NodeRef getUserFolderLocation(String caseSensitiveUserName) |     private NodeRef getUserFolderLocation(String caseSensitiveUserName) | ||||||
|     { |     { | ||||||
|         NodeRef userNodeRef = singletonCache.get(KEY_USERFOLDER_NODEREF); |         NodeRef userNodeRef = singletonCache.get((tenantService.getUserDomain(caseSensitiveUserName) + KEY_USERFOLDER_NODEREF)); | ||||||
|         if (userNodeRef == null) |         if (userNodeRef == null) | ||||||
|         { |         { | ||||||
|             QName qnameAssocSystem = QName.createQName("sys", "system", namespacePrefixResolver); |             QName qnameAssocSystem = QName.createQName("sys", "system", namespacePrefixResolver); | ||||||
|             QName qnameAssocUsers = QName.createQName("sys", "people", namespacePrefixResolver); |             QName qnameAssocUsers = QName.createQName("sys", "people", namespacePrefixResolver); | ||||||
|              |              | ||||||
|             //StoreRef userStoreRef = tenantService.getName(caseSensitiveUserName, new StoreRef(STOREREF_USERS.getProtocol(), STOREREF_USERS.getIdentifier())); |             StoreRef userStoreRef = tenantService.getName(caseSensitiveUserName, new StoreRef(STOREREF_USERS.getProtocol(), STOREREF_USERS.getIdentifier())); | ||||||
|             StoreRef userStoreRef = new StoreRef(STOREREF_USERS.getProtocol(), STOREREF_USERS.getIdentifier()); |  | ||||||
|  |  | ||||||
|             // AR-527 |             // AR-527 | ||||||
|             NodeRef rootNode = nodeService.getRootNode(userStoreRef); |             NodeRef rootNode = nodeService.getRootNode(userStoreRef); | ||||||
| @@ -338,7 +337,7 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao, In | |||||||
|             { |             { | ||||||
|                 userNodeRef = tenantService.getName(results.get(0).getChildRef()); |                 userNodeRef = tenantService.getName(results.get(0).getChildRef()); | ||||||
|             } |             } | ||||||
|             singletonCache.put(KEY_USERFOLDER_NODEREF, userNodeRef); |             singletonCache.put((tenantService.getUserDomain(caseSensitiveUserName) + KEY_USERFOLDER_NODEREF), userNodeRef); | ||||||
|         } |         } | ||||||
|         return userNodeRef; |         return userNodeRef; | ||||||
|     } |     } | ||||||
|   | |||||||
| @@ -1,5 +1,5 @@ | |||||||
| /* | /* | ||||||
|  * Copyright (C) 2005-2011 Alfresco Software Limited. |  * Copyright (C) 2005-2014 Alfresco Software Limited. | ||||||
|  * |  * | ||||||
|  * This file is part of Alfresco |  * This file is part of Alfresco | ||||||
|  * |  * | ||||||
| @@ -53,6 +53,7 @@ import org.alfresco.repo.security.authentication.InMemoryTicketComponentImpl.Tic | |||||||
| import org.alfresco.repo.security.authentication.RepositoryAuthenticationDao.CacheEntry; | import org.alfresco.repo.security.authentication.RepositoryAuthenticationDao.CacheEntry; | ||||||
| import org.alfresco.repo.tenant.TenantAdminService; | import org.alfresco.repo.tenant.TenantAdminService; | ||||||
| import org.alfresco.repo.tenant.TenantService; | import org.alfresco.repo.tenant.TenantService; | ||||||
|  | import org.alfresco.repo.tenant.TenantUtil; | ||||||
| import org.alfresco.repo.transaction.AlfrescoTransactionSupport; | import org.alfresco.repo.transaction.AlfrescoTransactionSupport; | ||||||
| import org.alfresco.repo.transaction.AlfrescoTransactionSupport.TxnReadState; | import org.alfresco.repo.transaction.AlfrescoTransactionSupport.TxnReadState; | ||||||
| import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback; | import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback; | ||||||
| @@ -115,6 +116,11 @@ public class AuthenticationTest extends TestCase | |||||||
|     private SimpleCache<String, CacheEntry> authenticationCache;     |     private SimpleCache<String, CacheEntry> authenticationCache;     | ||||||
|     private SimpleCache<String, NodeRef> immutableSingletonCache; |     private SimpleCache<String, NodeRef> immutableSingletonCache; | ||||||
|  |  | ||||||
|  |     private static final String TEST_RUN = System.currentTimeMillis()+""; | ||||||
|  |     private static final String TEST_TENANT_DOMAIN = TEST_RUN+".my.test"; | ||||||
|  |     private static final String DEFAULT_ADMIN_PW = "admin"; | ||||||
|  |     private static final String TENANT_ADMIN_PW = DEFAULT_ADMIN_PW + TEST_TENANT_DOMAIN; | ||||||
|  |  | ||||||
|     public AuthenticationTest() |     public AuthenticationTest() | ||||||
|     { |     { | ||||||
|         super(); |         super(); | ||||||
| @@ -444,6 +450,37 @@ public class AuthenticationTest extends TestCase | |||||||
|         return dao; |         return dao; | ||||||
|     } |     } | ||||||
|  |  | ||||||
|  |     /** | ||||||
|  |      * Test for ALF-20680 | ||||||
|  |      * Test of the {@link RepositoryAuthenticationDao#getUserFolderLocation(String)} in multitenancy | ||||||
|  |      */ | ||||||
|  |     public void testAuthenticateMultiTenant() | ||||||
|  |     { | ||||||
|  |         // Create a tenant domain | ||||||
|  |         TenantUtil.runAsSystemTenant(new TenantUtil.TenantRunAsWork<Object>() { | ||||||
|  |             public Object doWork() throws Exception { | ||||||
|  |                 if (!tenantAdminService.existsTenant(TEST_TENANT_DOMAIN)) { | ||||||
|  |                     tenantAdminService.createTenant(TEST_TENANT_DOMAIN, TENANT_ADMIN_PW.toCharArray(), null); | ||||||
|  |                 } | ||||||
|  |                 return null; | ||||||
|  |             } | ||||||
|  |         }, TenantService.DEFAULT_DOMAIN); | ||||||
|  |  | ||||||
|  |         // Use default admin | ||||||
|  |         authenticateMultiTenantWork(AuthenticationUtil.getAdminUserName(), DEFAULT_ADMIN_PW); | ||||||
|  |  | ||||||
|  |         // Use tenant admin | ||||||
|  |         authenticateMultiTenantWork(AuthenticationUtil.getAdminUserName() + TenantService.SEPARATOR + TEST_TENANT_DOMAIN, TENANT_ADMIN_PW); | ||||||
|  |     } | ||||||
|  |  | ||||||
|  |     private void authenticateMultiTenantWork(String userName, String password) | ||||||
|  |     { | ||||||
|  |         String hashedPassword = dao.getMD4HashedPassword(userName); | ||||||
|  |         assertNotNull(hashedPassword); | ||||||
|  |         UserDetails userDetails = (UserDetails) dao.loadUserByUsername(userName); | ||||||
|  |         assertEquals(passwordEncoder.encodePassword(password, dao.getSalt(userDetails)), hashedPassword); | ||||||
|  |     } | ||||||
|  |  | ||||||
|     public void testCreateAndyUserAndOtherCRUD() throws NoSuchAlgorithmException, UnsupportedEncodingException |     public void testCreateAndyUserAndOtherCRUD() throws NoSuchAlgorithmException, UnsupportedEncodingException | ||||||
|     { |     { | ||||||
|         RepositoryAuthenticationDao dao = createRepositoryAuthenticationDao(); |         RepositoryAuthenticationDao dao = createRepositoryAuthenticationDao(); | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user