diff --git a/source/java/org/alfresco/repo/web/scripts/invitation/InvitationWebScriptTest.java b/source/java/org/alfresco/repo/web/scripts/invitation/InvitationWebScriptTest.java index 00cd00ac7e..91d54ef50d 100644 --- a/source/java/org/alfresco/repo/web/scripts/invitation/InvitationWebScriptTest.java +++ b/source/java/org/alfresco/repo/web/scripts/invitation/InvitationWebScriptTest.java @@ -146,23 +146,6 @@ public class InvitationWebScriptTest extends BaseWebScriptTest super.tearDown(); this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName()); - // Tidy-up any site's created during the execution of the test - for (String shortName : this.createdSites) - { - sendRequest(new DeleteRequest(URL_SITES + "/" + shortName), 0); - } - - // Clear the list - this.createdSites.clear(); - - for (Tracker invite : this.createdInvitations) - { - sendRequest(new DeleteRequest(URL_SITES + "/" + invite.siteName + "/invitations/" + invite.inviteId), 0); - } - - // Clear the list - this.createdInvitations.clear(); - RetryingTransactionCallback deleteCallback = new RetryingTransactionCallback() { @Override @@ -175,6 +158,17 @@ public class InvitationWebScriptTest extends BaseWebScriptTest } }; transactionService.getRetryingTransactionHelper().doInTransaction(deleteCallback); + + // Tidy-up any sites created during the execution of the test + for (String shortName : this.createdSites) + { + sendRequest(new DeleteRequest(URL_SITES + "/" + shortName), 0); + } + + // Clear the list + this.createdSites.clear(); + // Clear the list + this.createdInvitations.clear(); } private JSONObject createSite(String sitePreset, String shortName, String title, String description, diff --git a/source/java/org/alfresco/repo/web/scripts/site/SiteServiceTest.java b/source/java/org/alfresco/repo/web/scripts/site/SiteServiceTest.java index 3412879c03..0cf5ad82e1 100644 --- a/source/java/org/alfresco/repo/web/scripts/site/SiteServiceTest.java +++ b/source/java/org/alfresco/repo/web/scripts/site/SiteServiceTest.java @@ -134,6 +134,12 @@ public class SiteServiceTest extends BaseWebScriptTest super.tearDown(); this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName()); + // Clear the users + deleteUser(USER_ONE); + deleteUser(USER_TWO); + deleteUser(USER_THREE); + deleteUser(USER_NUMERIC); + // Tidy-up any site's create during the execution of the test for (String shortName : this.createdSites) { @@ -141,13 +147,7 @@ public class SiteServiceTest extends BaseWebScriptTest } // Clear the list - this.createdSites.clear(); - - // Clear the users - deleteUser(USER_ONE); - deleteUser(USER_TWO); - deleteUser(USER_THREE); - deleteUser(USER_NUMERIC); + this.createdSites.clear(); } public void testCreateSite() throws Exception diff --git a/source/java/org/alfresco/repo/webdav/WebDAVMethod.java b/source/java/org/alfresco/repo/webdav/WebDAVMethod.java index 95e7ee6914..38a0e62e04 100644 --- a/source/java/org/alfresco/repo/webdav/WebDAVMethod.java +++ b/source/java/org/alfresco/repo/webdav/WebDAVMethod.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2005-2010 Alfresco Software Limited. + * Copyright (C) 2005-2012 Alfresco Software Limited. * * This file is part of Alfresco * @@ -1152,7 +1152,7 @@ public abstract class WebDAVMethod }, AuthenticationUtil.getSystemUserName()); } - private LockInfo getNodeLockInfoImpl(FileInfo nodeInfo) + private LockInfo getNodeLockInfoImpl(final FileInfo nodeInfo) { // Check if node is locked directly. LockInfo lockInfo = getNodeLockInfoDirect(nodeInfo); @@ -1162,74 +1162,86 @@ public abstract class WebDAVMethod } // Node isn't locked directly, try to search for an indirect lock. - NodeService nodeService = getNodeService(); - NodeRef node = nodeInfo.getNodeRef(); - - while (true) + + // ALF-13472: In accordance with http://www.webdav.org/specs/rfc2518.html#rfc.section.8.10.4 lock of collection causes locking each resource within it. + // It should be possible to receive information about direct or indirect lock because it is one of the states of requested resource. + return AuthenticationUtil.runAsSystem(new RunAsWork() { - NodeRef parent = m_childToParent.get(node); - - if ((parent == null) && (! m_childToParent.containsKey(node))) + @Override + public LockInfo doWork() throws Exception { - ChildAssociationRef childAssocRef = nodeService.getPrimaryParent(node); - parent = childAssocRef.getParentRef(); + NodeService nodeService = getNodeService(); + + NodeRef node = nodeInfo.getNodeRef(); - if (! childAssocRef.getTypeQName().equals(ContentModel.ASSOC_CONTAINS)) + while (true) { - parent = null; - } - - // temporarily cache - for this request - m_childToParent.put(node, parent); - } - - if (parent == null) - { - // Node has no lock and Lock token - return new LockInfoImpl(); - } - - lockInfo = m_parentLockInfo.get(parent); - - if (lockInfo != null) - { - lockInfo.getRWLock().readLock().lock(); - try - { - if (lockInfo.isLocked()) + NodeRef parent = m_childToParent.get(node); + + if ((parent == null) && (! m_childToParent.containsKey(node))) { - return lockInfo; + ChildAssociationRef childAssocRef = nodeService.getPrimaryParent(node); + parent = childAssocRef.getParentRef(); + + if (! childAssocRef.getTypeQName().equals(ContentModel.ASSOC_CONTAINS)) + { + parent = null; + } + + // temporarily cache - for this request + m_childToParent.put(node, parent); } - } - finally - { - lockInfo.getRWLock().readLock().unlock(); - } - } + + if (parent == null) + { + // Node has no lock and Lock token + return new LockInfoImpl(); + } + + LockInfo lockInfo = m_parentLockInfo.get(parent); - if (lockInfo == null) - { - try - { - lockInfo = getNodeLockInfoIndirect(parent); if (lockInfo != null) { - return lockInfo; + lockInfo.getRWLock().readLock().lock(); + try + { + if (lockInfo.isLocked()) + { + return lockInfo; + } + } + finally + { + lockInfo.getRWLock().readLock().unlock(); + } } - } - finally - { + if (lockInfo == null) { - lockInfo = new LockInfoImpl(); + try + { + lockInfo = getNodeLockInfoIndirect(parent); + if (lockInfo != null) + { + return lockInfo; + } + } + finally + { + if (lockInfo == null) + { + lockInfo = new LockInfoImpl(); + } + // temporarily cache - for this request + m_parentLockInfo.put(parent, lockInfo); + } } - // temporarily cache - for this request - m_parentLockInfo.put(parent, lockInfo); - } + + node = parent; + } // end while } - - node = parent; - } + }); + } /** @@ -1280,15 +1292,30 @@ public abstract class WebDAVMethod parentLock.getRWLock().readLock().lock(); try - { - // now check for lock status ... + { + // In this case node is locked indirectly. if (parentLock.isLocked() && WebDAV.INFINITY.equals(parentLock.getDepth())) { // In this case node is locked indirectly. + //Get lock scope + // Get shared lock tokens + + // Store lock information to the lockInfo object + + // Get lock token of the locked node - this is indirect lock token. + return parentLock; - } + } return null; - } + } + // No has no exclusive lock but can be locked with shared lock + // Check node lock depth. + // If depth is WebDAV.INFINITY then return this node's Lock token. + // In this case node is locked indirectly. + + //Get lock scope + + // Node has it's own Lock token. finally { parentLock.getRWLock().readLock().unlock(); diff --git a/source/java/org/alfresco/repo/webdav/auth/BaseKerberosAuthenticationFilter.java b/source/java/org/alfresco/repo/webdav/auth/BaseKerberosAuthenticationFilter.java index 20aca35a03..9b28010682 100644 --- a/source/java/org/alfresco/repo/webdav/auth/BaseKerberosAuthenticationFilter.java +++ b/source/java/org/alfresco/repo/webdav/auth/BaseKerberosAuthenticationFilter.java @@ -87,6 +87,10 @@ public abstract class BaseKerberosAuthenticationFilter extends BaseSSOAuthentica private LoginContext m_loginContext; + // Should we strip the @domain suffix from the Kerberos username? + + private boolean m_stripKerberosUsernameSuffix = true; + /** * Sets the HTTP service account password. (the Principal should be configured in java.login.config) * @@ -118,8 +122,18 @@ public abstract class BaseKerberosAuthenticationFilter extends BaseSSOAuthentica { m_loginEntryName = jaasConfigEntryName; } - + /** + * Indicates whether the @domain suffix should be removed from Kerberos user IDs + * + * @param stripKerberosUsernameSuffix + * true if the @domain suffix should be removed from Kerberos user IDs + */ + public void setStripKerberosUsernameSuffix(boolean stripKerberosUsernameSuffix) + { + m_stripKerberosUsernameSuffix = stripKerberosUsernameSuffix; + } + /* (non-Javadoc) * @see org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter#init() */ @@ -484,6 +498,7 @@ public abstract class BaseKerberosAuthenticationFilter extends BaseSSOAuthentica // Authenticate the user KerberosDetails krbDetails = null; + String userName = null; NegTokenTarg negTokenTarg = null; try @@ -498,6 +513,7 @@ public abstract class BaseKerberosAuthenticationFilter extends BaseSSOAuthentica // Access the Kerberos response krbDetails = (KerberosDetails) result; + userName = m_stripKerberosUsernameSuffix ? krbDetails.getUserName() : krbDetails.getSourceName(); // Create the NegTokenTarg response blob @@ -509,7 +525,7 @@ public abstract class BaseKerberosAuthenticationFilter extends BaseSSOAuthentica { // Create and store the user authentication context - SessionUser user = createUserEnvironment(httpSess, krbDetails.getUserName()); + SessionUser user = createUserEnvironment(httpSess, userName); // Debug @@ -529,7 +545,7 @@ public abstract class BaseKerberosAuthenticationFilter extends BaseSSOAuthentica { // Pass on validation failures if (getLogger().isDebugEnabled()) - getLogger().debug("Failed to validate user " + krbDetails.getUserName(), ex); + getLogger().debug("Failed to validate user " + userName, ex); throw ex; }