inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged V3.2 to HEAD

Browse Source 
16029: ALFCOM-3293 - MT: group management broken with domain mismatch error (fallout from CHK-7357)


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@16036 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Jan Vonka
2009-09-02 09:25:50 +00:00
parent c75a5343f9
commit bd9fe31142
3 changed files with 97 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
source/java/org/alfresco/repo/security/authority/AuthorityDAOImpl.java
View File

@@ -37,6 +37,7 @@ import java.util.regex.Pattern;
import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.model.ContentModel;
import org.alfresco.repo.cache.SimpleCache;
import org.alfresco.repo.tenant.TenantService;
import org.alfresco.service.cmr.dictionary.DictionaryService;
import org.alfresco.service.cmr.repository.ChildAssociationRef;
import org.alfresco.service.cmr.repository.NodeRef;
@@ -67,7 +68,9 @@ public class AuthorityDAOImpl implements AuthorityDAO
private DictionaryService dictionaryService;
private PersonService personService;
private TenantService tenantService;
private SimpleCache<CacheKey, HashSet<String>> authorityLookupCache;
public AuthorityDAOImpl()
@@ -107,7 +110,12 @@ public class AuthorityDAOImpl implements AuthorityDAO
{
this.personService = personService;
}
public void setTenantService(TenantService tenantService)
{
this.tenantService = tenantService;
}
public boolean authorityExists(String name)
{
NodeRef ref = getAuthorityOrNull(name);
@@ -246,7 +254,7 @@ public class AuthorityDAOImpl implements AuthorityDAO
throw new UnknownAuthorityException("An authority was not found for " + name);
}
CacheKey key = new CacheKey(type, name, false, !immediate);
CacheKey key = new CacheKey(type, name, tenantService.getCurrentUserDomain(), false, !immediate);
HashSet<String> authorities = authorityLookupCache.get(key);
if (authorities == null)
@@ -277,7 +285,7 @@ public class AuthorityDAOImpl implements AuthorityDAO
public Set<String> getContainingAuthorities(AuthorityType type, String name, boolean immediate)
{
CacheKey key = new CacheKey(type, name, true, !immediate);
CacheKey key = new CacheKey(type, name, tenantService.getCurrentUserDomain(), true, !immediate);
HashSet<String> authorities = authorityLookupCache.get(key);
if (authorities == null)
@@ -610,23 +618,23 @@ public class AuthorityDAOImpl implements AuthorityDAO
private static class CacheKey implements Serializable
{
/**
*
*/
private static final long serialVersionUID = -4784784204722074066L;
private static final long serialVersionUID = -3787608436067567755L;
AuthorityType type;
String name;
String tenantDomain;
boolean parents;
boolean recursive;
CacheKey(AuthorityType type, String name, boolean parents, boolean recursive)
CacheKey(AuthorityType type, String name, String tenantDomain, boolean parents, boolean recursive)
{
this.type = type;
this.name = name;
this.tenantDomain = (tenantDomain == null ? TenantService.DEFAULT_DOMAIN : tenantDomain);
this.parents = parents;
this.recursive = recursive;
}
@@ -637,6 +645,7 @@ public class AuthorityDAOImpl implements AuthorityDAO
final int prime = 31;
int result = 1;
result = prime * result + ((name == null) ? 0 : name.hashCode());
result = prime * result + ((tenantDomain == null) ? 0 : tenantDomain.hashCode());
result = prime * result + (parents ? 1231 : 1237);
result = prime * result + (recursive ? 1231 : 1237);
result = prime * result + ((type == null) ? 0 : type.hashCode());
@@ -660,6 +669,8 @@ public class AuthorityDAOImpl implements AuthorityDAO
}
else if (!name.equals(other.name))
return false;
else if (!tenantDomain.equals(other.tenantDomain))
return false;
if (parents != other.parents)
return false;
if (recursive != other.recursive)

94
source/java/org/alfresco/repo/tenant/MultiTDemoTest.java
View File

@@ -410,30 +410,80 @@ public class MultiTDemoTest extends TestCase
{
logger.info("Create demo groups");
assertTrue(tenants.size() > 0);
final int rootGrpsOrigCnt = AuthenticationUtil.runAs(new RunAsWork<Integer>()
{
public Integer doWork() throws Exception
{
return authorityService.getAllRootAuthorities(AuthorityType.GROUP).size();
}
}, tenantService.getDomainUser(AuthenticationUtil.getAdminUserName(), tenants.get(0)));
// create groups and add users
for (final String tenantDomain : tenants)
{
String tenantAdminName = tenantService.getDomainUser(AuthenticationUtil.getAdminUserName(), tenantDomain);
final String tenantAdminName = tenantService.getDomainUser(AuthenticationUtil.getAdminUserName(), tenantDomain);
AuthenticationUtil.runAs(new RunAsWork<Object>()
{
public Object doWork() throws Exception
{
createGroup("GrpA", null);
createGroup("SubGrpA", "GrpA");
createGroup("GrpB", null);
createGroup("GrpC", null);
if (tenantDomain.equals(TEST_TENANT_DOMAIN2))
{
public Object doWork() throws Exception
{
createGroup("GrpA-"+tenantDomain, null);
createGroup("SubGrpA-"+tenantDomain, "GrpA-"+tenantDomain);
createGroup("GrpB-"+tenantDomain, null);
createGroup("SubGrpB-"+tenantDomain, "GrpB-"+tenantDomain);
if (tenantDomain.equals(TEST_TENANT_DOMAIN2))
{
createGroup("GrpC-"+tenantDomain, null);
createGroup("SubGrpC-"+tenantDomain, "GrpC-"+tenantDomain);
}
return null;
}
}, tenantAdminName);
createGroup("SubGrpC", "GrpC");
}
createGroup("GrpD", null);
addToGroup("GrpD", tenantAdminName);
return null;
}
}, tenantAdminName);
}
// check groups/users
for (final String tenantDomain : tenants)
{
final String tenantAdminName = tenantService.getDomainUser(AuthenticationUtil.getAdminUserName(), tenantDomain);
AuthenticationUtil.runAs(new RunAsWork<Object>()
{
public Object doWork() throws Exception
{
Set<String> rootGrps = authorityService.getAllRootAuthorities(AuthorityType.GROUP);
assertEquals(rootGrpsOrigCnt+4, rootGrps.size());
Set<String> auths = authorityService.getContainedAuthorities(null, "GROUP_GrpA", true);
assertEquals(1, auths.size());
auths = authorityService.getContainedAuthorities(null, "GROUP_GrpB", true);
assertEquals(0, auths.size());
auths = authorityService.getContainedAuthorities(null, "GROUP_GrpC", true);
if (tenantDomain.equals(TEST_TENANT_DOMAIN2))
{
assertEquals(1, auths.size());
}
else
{
assertEquals(0, auths.size());
}
auths = authorityService.getContainedAuthorities(null, "GROUP_GrpD", true);
assertEquals(1, auths.size());
assertTrue(auths.toArray()[0].equals(tenantAdminName));
return null;
}
}, tenantAdminName);
}
}
@@ -885,9 +935,8 @@ public class MultiTDemoTest extends TestCase
if (parentGroupName != null)
{
this.authorityService.addAuthority(parentGroupName, groupName);
addToGroup(parentShortName, groupName);
}
}
else
{
@@ -895,6 +944,11 @@ public class MultiTDemoTest extends TestCase
}
}
private void addToGroup(String parentGroupShortName, String authorityName)
{
String parentGroupName = this.authorityService.getName(AuthorityType.GROUP, parentGroupShortName);
authorityService.addAuthority(parentGroupName, authorityName);
}
private NodeRef createUser(String baseUserName, String tenantDomain, String password)
{