inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged V3.2 to HEAD

Browse Source 
16029: ALFCOM-3293 - MT: group management broken with domain mismatch error (fallout from CHK-7357)


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@16036 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Jan Vonka
2009-09-02 09:25:50 +00:00
parent c75a5343f9
commit bd9fe31142
3 changed files with 97 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
config/alfresco/authority-services-context.xml
View File

@@ -62,6 +62,9 @@
<property name="personService"> <property name="personService">
<ref bean="personService" /> <ref bean="personService" />
</property> </property>
<property name="tenantService">
<ref bean="tenantService" />
</property>
<property name="userToAuthorityCache"> <property name="userToAuthorityCache">
<ref bean="userToAuthorityCache" /> <ref bean="userToAuthorityCache" />
</property> </property>

25
source/java/org/alfresco/repo/security/authority/AuthorityDAOImpl.java
View File

@@ -37,6 +37,7 @@ import java.util.regex.Pattern;
import org.alfresco.error.AlfrescoRuntimeException; import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.model.ContentModel; import org.alfresco.model.ContentModel;
import org.alfresco.repo.cache.SimpleCache; import org.alfresco.repo.cache.SimpleCache;
import org.alfresco.repo.tenant.TenantService;
import org.alfresco.service.cmr.dictionary.DictionaryService; import org.alfresco.service.cmr.dictionary.DictionaryService;
import org.alfresco.service.cmr.repository.ChildAssociationRef; import org.alfresco.service.cmr.repository.ChildAssociationRef;
import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.cmr.repository.NodeRef;
@@ -68,6 +69,8 @@ public class AuthorityDAOImpl implements AuthorityDAO
private PersonService personService; private PersonService personService;
private TenantService tenantService;
private SimpleCache<CacheKey, HashSet<String>> authorityLookupCache; private SimpleCache<CacheKey, HashSet<String>> authorityLookupCache;
public AuthorityDAOImpl() public AuthorityDAOImpl()
@@ -108,6 +111,11 @@ public class AuthorityDAOImpl implements AuthorityDAO
this.personService = personService; this.personService = personService;
} }
public void setTenantService(TenantService tenantService)
{
this.tenantService = tenantService;
}
public boolean authorityExists(String name) public boolean authorityExists(String name)
{ {
NodeRef ref = getAuthorityOrNull(name); NodeRef ref = getAuthorityOrNull(name);
@@ -246,7 +254,7 @@ public class AuthorityDAOImpl implements AuthorityDAO
throw new UnknownAuthorityException("An authority was not found for " + name); throw new UnknownAuthorityException("An authority was not found for " + name);
} }
CacheKey key = new CacheKey(type, name, false, !immediate); CacheKey key = new CacheKey(type, name, tenantService.getCurrentUserDomain(), false, !immediate);
HashSet<String> authorities = authorityLookupCache.get(key); HashSet<String> authorities = authorityLookupCache.get(key);
if (authorities == null) if (authorities == null)
@@ -277,7 +285,7 @@ public class AuthorityDAOImpl implements AuthorityDAO
public Set<String> getContainingAuthorities(AuthorityType type, String name, boolean immediate) public Set<String> getContainingAuthorities(AuthorityType type, String name, boolean immediate)
{ {
CacheKey key = new CacheKey(type, name, true, !immediate); CacheKey key = new CacheKey(type, name, tenantService.getCurrentUserDomain(), true, !immediate);
HashSet<String> authorities = authorityLookupCache.get(key); HashSet<String> authorities = authorityLookupCache.get(key);
if (authorities == null) if (authorities == null)
@@ -610,23 +618,23 @@ public class AuthorityDAOImpl implements AuthorityDAO
private static class CacheKey implements Serializable private static class CacheKey implements Serializable
{ {
/** private static final long serialVersionUID = -3787608436067567755L;
*
*/
private static final long serialVersionUID = -4784784204722074066L;
AuthorityType type; AuthorityType type;
String name; String name;
String tenantDomain;
boolean parents; boolean parents;
boolean recursive; boolean recursive;
CacheKey(AuthorityType type, String name, boolean parents, boolean recursive) CacheKey(AuthorityType type, String name, String tenantDomain, boolean parents, boolean recursive)
{ {
this.type = type; this.type = type;
this.name = name; this.name = name;
this.tenantDomain = (tenantDomain == null ? TenantService.DEFAULT_DOMAIN : tenantDomain);
this.parents = parents; this.parents = parents;
this.recursive = recursive; this.recursive = recursive;
} }
@@ -637,6 +645,7 @@ public class AuthorityDAOImpl implements AuthorityDAO
final int prime = 31; final int prime = 31;
int result = 1; int result = 1;
result = prime * result + ((name == null) ? 0 : name.hashCode()); result = prime * result + ((name == null) ? 0 : name.hashCode());
result = prime * result + ((tenantDomain == null) ? 0 : tenantDomain.hashCode());
result = prime * result + (parents ? 1231 : 1237); result = prime * result + (parents ? 1231 : 1237);
result = prime * result + (recursive ? 1231 : 1237); result = prime * result + (recursive ? 1231 : 1237);
result = prime * result + ((type == null) ? 0 : type.hashCode()); result = prime * result + ((type == null) ? 0 : type.hashCode());
@@ -660,6 +669,8 @@ public class AuthorityDAOImpl implements AuthorityDAO
} }
else if (!name.equals(other.name)) else if (!name.equals(other.name))
return false; return false;
else if (!tenantDomain.equals(other.tenantDomain))
return false;
if (parents != other.parents) if (parents != other.parents)
return false; return false;
if (recursive != other.recursive) if (recursive != other.recursive)

72
source/java/org/alfresco/repo/tenant/MultiTDemoTest.java
View File

@@ -410,30 +410,80 @@ public class MultiTDemoTest extends TestCase
{ {
logger.info("Create demo groups"); logger.info("Create demo groups");
assertTrue(tenants.size() > 0);
final int rootGrpsOrigCnt = AuthenticationUtil.runAs(new RunAsWork<Integer>()
{
public Integer doWork() throws Exception
{
return authorityService.getAllRootAuthorities(AuthorityType.GROUP).size();
}
}, tenantService.getDomainUser(AuthenticationUtil.getAdminUserName(), tenants.get(0)));
// create groups and add users
for (final String tenantDomain : tenants) for (final String tenantDomain : tenants)
{ {
String tenantAdminName = tenantService.getDomainUser(AuthenticationUtil.getAdminUserName(), tenantDomain); final String tenantAdminName = tenantService.getDomainUser(AuthenticationUtil.getAdminUserName(), tenantDomain);
AuthenticationUtil.runAs(new RunAsWork<Object>() AuthenticationUtil.runAs(new RunAsWork<Object>()
{ {
public Object doWork() throws Exception public Object doWork() throws Exception
{ {
createGroup("GrpA-"+tenantDomain, null); createGroup("GrpA", null);
createGroup("SubGrpA-"+tenantDomain, "GrpA-"+tenantDomain); createGroup("SubGrpA", "GrpA");
createGroup("GrpB-"+tenantDomain, null); createGroup("GrpB", null);
createGroup("SubGrpB-"+tenantDomain, "GrpB-"+tenantDomain);
createGroup("GrpC", null);
if (tenantDomain.equals(TEST_TENANT_DOMAIN2)) if (tenantDomain.equals(TEST_TENANT_DOMAIN2))
{ {
createGroup("GrpC-"+tenantDomain, null); createGroup("SubGrpC", "GrpC");
createGroup("SubGrpC-"+tenantDomain, "GrpC-"+tenantDomain);
} }
createGroup("GrpD", null);
addToGroup("GrpD", tenantAdminName);
return null; return null;
} }
}, tenantAdminName); }, tenantAdminName);
}
// check groups/users
for (final String tenantDomain : tenants)
{
final String tenantAdminName = tenantService.getDomainUser(AuthenticationUtil.getAdminUserName(), tenantDomain);
AuthenticationUtil.runAs(new RunAsWork<Object>()
{
public Object doWork() throws Exception
{
Set<String> rootGrps = authorityService.getAllRootAuthorities(AuthorityType.GROUP);
assertEquals(rootGrpsOrigCnt+4, rootGrps.size());
Set<String> auths = authorityService.getContainedAuthorities(null, "GROUP_GrpA", true);
assertEquals(1, auths.size());
auths = authorityService.getContainedAuthorities(null, "GROUP_GrpB", true);
assertEquals(0, auths.size());
auths = authorityService.getContainedAuthorities(null, "GROUP_GrpC", true);
if (tenantDomain.equals(TEST_TENANT_DOMAIN2))
{
assertEquals(1, auths.size());
}
else
{
assertEquals(0, auths.size());
}
auths = authorityService.getContainedAuthorities(null, "GROUP_GrpD", true);
assertEquals(1, auths.size());
assertTrue(auths.toArray()[0].equals(tenantAdminName));
return null;
}
}, tenantAdminName);
} }
} }
@@ -885,9 +935,8 @@ public class MultiTDemoTest extends TestCase
if (parentGroupName != null) if (parentGroupName != null)
{ {
this.authorityService.addAuthority(parentGroupName, groupName); addToGroup(parentShortName, groupName);
} }
} }
else else
{ {
@@ -895,6 +944,11 @@ public class MultiTDemoTest extends TestCase
} }
} }
private void addToGroup(String parentGroupShortName, String authorityName)
{
String parentGroupName = this.authorityService.getName(AuthorityType.GROUP, parentGroupShortName);
authorityService.addAuthority(parentGroupName, authorityName);
}
private NodeRef createUser(String baseUserName, String tenantDomain, String password) private NodeRef createUser(String baseUserName, String tenantDomain, String password)
{ {