diff --git a/config/alfresco/bootstrap/spaces.xml b/config/alfresco/bootstrap/spaces.xml index 4c58133b02..b7c16ab94a 100644 --- a/config/alfresco/bootstrap/spaces.xml +++ b/config/alfresco/bootstrap/spaces.xml @@ -85,7 +85,7 @@ view:childName="${spaces.templates.rss.childname}"> - guest + ${alfresco_user_store.guestusername} Consumer @@ -121,7 +121,7 @@ - guest + ${alfresco_user_store.guestusername} Consumer diff --git a/config/alfresco/bootstrap/system.xml b/config/alfresco/bootstrap/system.xml index 75ebb153d6..93e3ccab7e 100644 --- a/config/alfresco/bootstrap/system.xml +++ b/config/alfresco/bootstrap/system.xml @@ -14,7 +14,7 @@ - guest + ${alfresco_user_store.guestusername} Read @@ -44,7 +44,7 @@ - guest + ${alfresco_user_store.guestusername} Read diff --git a/config/alfresco/hibernate-context.xml b/config/alfresco/hibernate-context.xml index 6522262255..e75d7126f2 100644 --- a/config/alfresco/hibernate-context.xml +++ b/config/alfresco/hibernate-context.xml @@ -302,7 +302,7 @@ - + diff --git a/source/java/org/alfresco/repo/domain/hibernate/AclDaoComponentImpl.java b/source/java/org/alfresco/repo/domain/hibernate/AclDaoComponentImpl.java index 548b910b2c..804c3b9c09 100644 --- a/source/java/org/alfresco/repo/domain/hibernate/AclDaoComponentImpl.java +++ b/source/java/org/alfresco/repo/domain/hibernate/AclDaoComponentImpl.java @@ -44,7 +44,6 @@ import org.alfresco.repo.domain.DbAuthority; import org.alfresco.repo.domain.DbPermission; import org.alfresco.repo.domain.Node; import org.alfresco.repo.domain.QNameDAO; -import org.alfresco.repo.node.db.hibernate.HibernateNodeDaoServiceImpl; import org.alfresco.repo.security.permissions.ACEType; import org.alfresco.repo.security.permissions.ACLCopyMode; import org.alfresco.repo.security.permissions.ACLType; @@ -80,7 +79,7 @@ import org.springframework.orm.hibernate3.support.HibernateDaoSupport; */ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoComponent { - private static Log logger = LogFactory.getLog(HibernateNodeDaoServiceImpl.class); + private static Log logger = LogFactory.getLog(AclDaoComponentImpl.class); static String QUERY_GET_PERMISSION = "permission.GetPermission"; diff --git a/source/java/org/alfresco/repo/domain/hibernate/HibernateSessionHelperResource.java b/source/java/org/alfresco/repo/domain/hibernate/HibernateSessionHelperResource.java index 17817fdf05..ebe81f4c37 100644 --- a/source/java/org/alfresco/repo/domain/hibernate/HibernateSessionHelperResource.java +++ b/source/java/org/alfresco/repo/domain/hibernate/HibernateSessionHelperResource.java @@ -31,12 +31,9 @@ import java.util.List; import java.util.Set; import org.alfresco.util.GUID; -import org.hibernate.CacheMode; import org.hibernate.Session; import org.hibernate.engine.EntityKey; -import com.sun.corba.se.spi.legacy.connection.GetEndPointInfoAgainException; - /** * Support to (optionally) listen to hibernate events generated by a hibernate session. The tracking is bound to a * transaction resource @@ -71,18 +68,13 @@ public class HibernateSessionHelperResource implements HibernateSessionHelperRes public void mark(Session session) { - Thread thread = Thread.currentThread(); - String guid = GUID.generate(); mark(session, guid); - - } @SuppressWarnings("unchecked") public void mark(Session session, String label) { - session.flush(); if (label == null) { throw new HibernateSessionHelperResourceException("Null key is not supported"); @@ -99,10 +91,26 @@ public class HibernateSessionHelperResource implements HibernateSessionHelperRes } HashSet mark = new HashSet((Set) session.getStatistics().getEntityKeys()); + + // If the mark is too large, then the flush process will be excessive. + if (mark.size() > 1000) + { + // The session is to big. Use the mark to as a basis for cleaning out the session. + if (currentMark == null) + { + // The session is just too big + SessionSizeResourceManager.clear(session); + } + else + { + reset(session); + } + // Get the mark list again + mark = new HashSet((Set) session.getStatistics().getEntityKeys()); + } + marks.put(label, mark); currentMark = label; - - //System.out.println("Mark "+marks.size()+" "+currentMark); } public void removeMark(Session session) @@ -205,11 +213,6 @@ public class HibernateSessionHelperResource implements HibernateSessionHelperRes { if (!check.contains(key)) { - if (!key.getEntityName().startsWith("org.alfresco")) - { - System.out.println("Oops: " + key.getEntityName()); - } - if(key.getEntityName().equals(QNameEntityImpl.class.getName())) { //System.out.println("Skipping: " + key.getEntityName()); diff --git a/source/java/org/alfresco/repo/importer/ImporterComponent.java b/source/java/org/alfresco/repo/importer/ImporterComponent.java index 32a126004c..fde27cacf3 100644 --- a/source/java/org/alfresco/repo/importer/ImporterComponent.java +++ b/source/java/org/alfresco/repo/importer/ImporterComponent.java @@ -38,6 +38,7 @@ import java.util.Set; import org.alfresco.error.AlfrescoRuntimeException; import org.alfresco.model.ContentModel; +import org.alfresco.repo.importer.view.NodeContext; import org.alfresco.repo.policy.BehaviourFilter; import org.alfresco.service.cmr.dictionary.AssociationDefinition; import org.alfresco.service.cmr.dictionary.ChildAssociationDefinition; @@ -966,6 +967,27 @@ public class ImporterComponent return boundProperties; } + + /** + * Bind permissions - binds authorities + * + * @param properties + * @return + */ + private List bindPermissions(List permissions) + { + List boundPermissions = new ArrayList(permissions.size()); + + for (AccessPermission permission : permissions) + { + AccessPermission ace = new NodeContext.ACE(permission.getAccessStatus(), + bindPlaceHolder(permission.getAuthority(), binding), + permission.getPermission()); + boundPermissions.add(ace); + } + + return boundPermissions; + } /** * Bind property value @@ -1249,7 +1271,8 @@ public class ImporterComponent AccessStatus writePermission = permissionService.hasPermission(nodeRef, PermissionService.CHANGE_PERMISSIONS); if (authenticationService.isCurrentUserTheSystemUser() || writePermission.equals(AccessStatus.ALLOWED)) { - permissions = node.getAccessControlEntries(); + permissions = bindPermissions(node.getAccessControlEntries()); + for (AccessPermission permission : permissions) { permissionService.setPermission(nodeRef, permission.getAuthority(), permission.getPermission(), permission.getAccessStatus().equals(AccessStatus.ALLOWED)); @@ -1433,7 +1456,9 @@ public class ImporterComponent { permissionService.setInheritParentPermissions(existingNodeRef, false); } - permissions = node.getAccessControlEntries(); + + permissions = bindPermissions(node.getAccessControlEntries()); + for (AccessPermission permission : permissions) { permissionService.setPermission(existingNodeRef, permission.getAuthority(), permission.getPermission(), permission.getAccessStatus().equals(AccessStatus.ALLOWED)); @@ -1584,5 +1609,4 @@ public class ImporterComponent { } } - } diff --git a/source/java/org/alfresco/repo/importer/view/NodeContext.java b/source/java/org/alfresco/repo/importer/view/NodeContext.java index 39457916ce..0bdf792ad2 100644 --- a/source/java/org/alfresco/repo/importer/view/NodeContext.java +++ b/source/java/org/alfresco/repo/importer/view/NodeContext.java @@ -375,10 +375,7 @@ public class NodeContext extends ElementContext permission = PermissionService.CONSUMER; } - ACE ace = new ACE(); - ace.accessStatus = accessStatus; - ace.authority = authority; - ace.permission = permission; + ACE ace = new ACE(accessStatus, authority, permission); accessControlEntries.add(ace); } @@ -502,12 +499,18 @@ public class NodeContext extends ElementContext /** * Access Control Entry */ - private class ACE implements AccessPermission + public static class ACE implements AccessPermission { private AccessStatus accessStatus; private String authority; private String permission; - private int position; + + public ACE(AccessStatus accessStatus, String authority, String permission) + { + this.accessStatus = accessStatus; + this.authority = authority; + this.permission = permission; + } /* * (non-Javadoc) diff --git a/source/java/org/alfresco/repo/tenant/MultiTDemoTest.java b/source/java/org/alfresco/repo/tenant/MultiTDemoTest.java index f29138dccd..032c44be6a 100644 --- a/source/java/org/alfresco/repo/tenant/MultiTDemoTest.java +++ b/source/java/org/alfresco/repo/tenant/MultiTDemoTest.java @@ -107,6 +107,9 @@ public class MultiTDemoTest extends TestCase public static final String DEFAULT_ADMIN_UN = "admin"; public static final String DEFAULT_ADMIN_PW = "admin"; + public static final String DEFAULT_GUEST_UN = "guest"; + public static final String DEFAULT_GUEST_PW = "thiscanbeanything"; + public static final String TEST_USER1 = "alice"; public static final String TEST_USER2 = "bob"; public static final String TEST_USER3 = "eve"; @@ -176,7 +179,7 @@ public class MultiTDemoTest extends TestCase if (! tenantAdminService.existsTenant(tenantDomain)) { //tenantAdminService.createTenant(tenantDomain, DEFAULT_ADMIN_PW.toCharArray(), ROOT_DIR + "/" + tenantDomain); - tenantAdminService.createTenant(tenantDomain, DEFAULT_ADMIN_PW.toCharArray(), null); // use default root dir + tenantAdminService.createTenant(tenantDomain, (DEFAULT_ADMIN_PW+" "+tenantDomain).toCharArray(), null); // use default root dir logger.info("Created tenant " + tenantDomain); } @@ -220,12 +223,12 @@ public class MultiTDemoTest extends TestCase { public Object doWork() throws Exception { - createUser(TEST_USER1, tenantDomain, "welcome"); - createUser(TEST_USER2, tenantDomain, "welcome"); + createUser(TEST_USER1, tenantDomain, TEST_USER1+" "+tenantDomain); + createUser(TEST_USER2, tenantDomain, TEST_USER2+" "+tenantDomain); if (tenantDomain.equals(TEST_TENANT_DOMAIN2)) { - createUser(TEST_USER3, tenantDomain, "welcome"); + createUser(TEST_USER3, tenantDomain, TEST_USER3+" "+tenantDomain); } return null; @@ -279,9 +282,9 @@ public class MultiTDemoTest extends TestCase } } - public void testLoginUsers() throws Throwable + public void testLoginTenantUsers() throws Throwable { - logger.info("Login demo users"); + logger.info("Login tenant users"); try { @@ -289,13 +292,13 @@ public class MultiTDemoTest extends TestCase for (final String tenantDomain : tenants) { - loginLogoutUser(tenantService.getDomainUser(TEST_USER1, tenantDomain), "welcome"); + loginLogoutUser(tenantService.getDomainUser(TEST_USER1, tenantDomain), TEST_USER1+" "+tenantDomain); - loginLogoutUser(tenantService.getDomainUser(TEST_USER2, tenantDomain), "welcome"); + loginLogoutUser(tenantService.getDomainUser(TEST_USER2, tenantDomain), TEST_USER2+" "+tenantDomain); if (tenantDomain.equals(TEST_TENANT_DOMAIN2)) { - loginLogoutUser(tenantService.getDomainUser(TEST_USER3, tenantDomain), "welcome"); + loginLogoutUser(tenantService.getDomainUser(TEST_USER3, tenantDomain), TEST_USER3+" "+tenantDomain); } } } @@ -308,13 +311,57 @@ public class MultiTDemoTest extends TestCase } } + public void testLoginTenantGuests() throws Throwable + { + logger.info("Login tenant guests"); + + try + { + AuthenticationUtil.clearCurrentSecurityContext(); + + for (final String tenantDomain : tenants) + { + loginLogoutUser(tenantService.getDomainUser(DEFAULT_GUEST_UN, tenantDomain), DEFAULT_GUEST_UN); + } + } + catch (Throwable t) + { + StringWriter stackTrace = new StringWriter(); + t.printStackTrace(new PrintWriter(stackTrace)); + System.err.println(stackTrace.toString()); + throw t; + } + } + + public void testLoginTenantAdmin() throws Throwable + { + logger.info("Login tenant admins"); + + try + { + AuthenticationUtil.clearCurrentSecurityContext(); + + for (final String tenantDomain : tenants) + { + loginLogoutUser(tenantService.getDomainUser(TenantService.ADMIN_BASENAME, tenantDomain), DEFAULT_ADMIN_PW+" "+tenantDomain); + } + } + catch (Throwable t) + { + StringWriter stackTrace = new StringWriter(); + t.printStackTrace(new PrintWriter(stackTrace)); + System.err.println(stackTrace.toString()); + throw t; + } + } + public void testCreateGroups() { logger.info("Create demo groups"); for (final String tenantDomain : tenants) { - String tenantAdminName = tenantService.getDomainUser("admin", tenantDomain); + String tenantAdminName = tenantService.getDomainUser(TenantService.ADMIN_BASENAME, tenantDomain); AuthenticationUtil.runAs(new RunAsWork() { @@ -505,7 +552,7 @@ public class MultiTDemoTest extends TestCase { public Object doWork() throws Exception { - NodeRef personNodeRef = createUser(TEST_USER4, tenantDomain, "welcome"); + NodeRef personNodeRef = createUser(TEST_USER4, tenantDomain, TEST_USER4+" "+tenantDomain); // Test nodeRef property NodeRef homeFolderNodeRef = (NodeRef)nodeService.getProperty(personNodeRef, ContentModel.PROP_HOMEFOLDER);