inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged V3.2 to HEAD

Browse Source 
17076: Improvements for ETHREEOH-2153: patch.updateDmPermissions takes too long to complete


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@17082 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Andrew Hind
2009-10-22 10:54:25 +00:00
parent f62a7a886a
commit ca1de03f8b
7 changed files with 570 additions and 143 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
config/alfresco/hibernate-context.xml
View File

@@ -276,7 +276,18 @@
</property>
</bean>
<bean id="aclDaoComponent" class="org.alfresco.repo.domain.hibernate.AclDaoComponentImpl">
<bean id="aclDaoComponent" class="org.springframework.aop.framework.ProxyFactoryBean">
<property name="target">
<ref bean="aclDaoComponentImpl" />
</property>
<property name="interceptorNames">
<list>
<value>daoServiceDirtySessionInterceptor</value>
</list>
</property>
</bean>
<bean id="aclDaoComponentImpl" class="org.alfresco.repo.domain.hibernate.AclDaoComponentImpl">
<property name="sessionFactory">
<ref bean="sessionFactory" />
</property>

5
source/java/org/alfresco/repo/admin/patch/impl/DmPermissionsPatch.java
View File

@@ -31,6 +31,7 @@ import org.alfresco.repo.admin.patch.AbstractPatch;
import org.alfresco.repo.domain.AccessControlListDAO;
import org.alfresco.repo.domain.hibernate.AclDaoComponentImpl;
import org.alfresco.repo.security.permissions.ACLType;
import org.alfresco.repo.security.permissions.impl.AclDaoComponent;
import org.alfresco.repo.transaction.RetryingTransactionHelper;
import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback;
@@ -44,7 +45,7 @@ public class DmPermissionsPatch extends AbstractPatch
private AccessControlListDAO accessControlListDao;
private AclDaoComponentImpl aclDaoComponent;
private AclDaoComponent aclDaoComponent;
@Override
protected String applyInternal() throws Exception
@@ -85,7 +86,7 @@ public class DmPermissionsPatch extends AbstractPatch
*
* @param aclDaoComponent
*/
public void setAclDaoComponent(AclDaoComponentImpl aclDaoComponent)
public void setAclDaoComponent(AclDaoComponent aclDaoComponent)
{
this.aclDaoComponent = aclDaoComponent;
}

6
source/java/org/alfresco/repo/admin/patch/impl/WCMPostPermissionSnapshotPatch.java
View File

@@ -29,9 +29,9 @@ import java.util.List;
import org.alfresco.i18n.I18NUtil;
import org.alfresco.repo.admin.patch.AbstractPatch;
import org.alfresco.repo.domain.hibernate.AclDaoComponentImpl;
import org.alfresco.repo.search.AVMSnapShotTriggeredIndexingMethodInterceptor;
import org.alfresco.repo.search.impl.lucene.AVMLuceneIndexer;
import org.alfresco.repo.security.permissions.impl.AclDaoComponent;
import org.alfresco.service.cmr.avm.AVMService;
import org.alfresco.service.cmr.avm.AVMStoreDescriptor;
@@ -48,7 +48,7 @@ public class WCMPostPermissionSnapshotPatch extends AbstractPatch
AVMService avmService;
AclDaoComponentImpl aclDaoComponent;
AclDaoComponent aclDaoComponent;
public void setAvmService(AVMService avmService)
{
@@ -60,7 +60,7 @@ public class WCMPostPermissionSnapshotPatch extends AbstractPatch
this.avmSnapShotTriggeredIndexingMethodInterceptor = avmSnapShotTriggeredIndexingMethodInterceptor;
}
public void setAclDaoComponent(AclDaoComponentImpl aclDaoComponent)
public void setAclDaoComponent(AclDaoComponent aclDaoComponent)
{
this.aclDaoComponent = aclDaoComponent;
}

493
source/java/org/alfresco/repo/domain/hibernate/AclDaoComponentImpl.java
View File

@@ -29,6 +29,7 @@ import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
@@ -53,6 +54,7 @@ import org.alfresco.repo.security.permissions.ACLType;
import org.alfresco.repo.security.permissions.AccessControlEntry;
import org.alfresco.repo.security.permissions.AccessControlList;
import org.alfresco.repo.security.permissions.AccessControlListProperties;
import org.alfresco.repo.security.permissions.PermissionReference;
import org.alfresco.repo.security.permissions.SimpleAccessControlEntry;
import org.alfresco.repo.security.permissions.SimpleAccessControlEntryContext;
import org.alfresco.repo.security.permissions.SimpleAccessControlList;
@@ -71,6 +73,7 @@ import org.hibernate.CacheMode;
import org.hibernate.Criteria;
import org.hibernate.Query;
import org.hibernate.Session;
import org.hibernate.criterion.Criterion;
import org.hibernate.criterion.Restrictions;
import org.springframework.orm.hibernate3.HibernateCallback;
import org.springframework.orm.hibernate3.support.HibernateDaoSupport;
@@ -149,7 +152,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
/**
* Simlpe copy
*/
COPY_ONLY;
COPY_ONLY, CREATE_AND_INHERIT;
}
/**
@@ -235,10 +238,10 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
default:
break;
}
return createAccessControlListImpl(properties);
return createAccessControlListImpl(properties, null, null);
}
private Long createAccessControlListImpl(AccessControlListProperties properties)
private Long createAccessControlListImpl(AccessControlListProperties properties, List<AccessControlEntry> aces, Long inherited)
{
DbAccessControlListImpl acl = new DbAccessControlListImpl();
if (properties.getAclId() != null)
@@ -300,11 +303,64 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
acl.setAclChangeSet(getCurrentChangeSet());
acl.setRequiresVersion(false);
Long created = (Long) getHibernateTemplate().save(acl);
DirtySessionMethodInterceptor.flushSession(getSession(), true);
if ((aces != null) && aces.size() > 0)
{
List<AclChange> changes = new ArrayList<AclChange>();
List<DbAccessControlEntry> toAdd = new ArrayList<DbAccessControlEntry>(aces.size());
List<AccessControlEntry> excluded = new ArrayList<AccessControlEntry>(aces.size());
for (AccessControlEntry ace : aces)
{
if ((ace.getPosition() != null) && (ace.getPosition() != 0))
{
throw new IllegalArgumentException("Invalid position");
}
// Find authority
DbAuthority authority = getAuthority(ace.getAuthority(), true);
DbPermission permission = getPermission(ace.getPermission(), true);
// Find context
if (ace.getContext() != null)
{
throw new UnsupportedOperationException();
}
// Find ACE
DbAccessControlEntry entry = getAccessControlEntry(permission, authority, ace, true);
// Wire up
// COW and remove any existing matches
SimpleAccessControlEntry exclude = new SimpleAccessControlEntry();
// match any access status
exclude.setAceType(ace.getAceType());
exclude.setAuthority(ace.getAuthority());
exclude.setPermission(ace.getPermission());
exclude.setPosition(0);
toAdd.add(entry);
excluded.add(exclude);
// Will remove from the cache
}
Long toInherit = null;
if (inherited != null)
{
toInherit = getInheritedAccessControlList(inherited);
}
getWritable(created, toInherit, excluded, toAdd, toInherit, false, changes, WriteMode.CREATE_AND_INHERIT);
}
return created;
}
@SuppressWarnings("unchecked")
private void getWritable(final Long id, final Long parent, AccessControlEntry exclude, List<DbAccessControlEntry> toAdd, Long inheritsFrom, boolean cascade,
private void getWritable(final Long id, final Long parent, List<? extends AccessControlEntry> exclude, List<DbAccessControlEntry> toAdd, Long inheritsFrom, boolean cascade,
List<AclChange> changes, WriteMode mode)
{
List<DbAccessControlEntry> inherited = null;
@@ -321,6 +377,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
Query query = session.getNamedQuery(QUERY_GET_ACES_FOR_ACL);
query.setParameter("id", parent);
DirtySessionMethodInterceptor.setQueryFlushMode(session, query);
return query.list();
}
};
@@ -358,7 +415,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
* @param changes
*/
@SuppressWarnings("unchecked")
private void getWritable(final Long id, final Long parent, AccessControlEntry exclude, List<DbAccessControlEntry> toAdd, Long inheritsFrom,
private void getWritable(final Long id, final Long parent, List<? extends AccessControlEntry> exclude, List<DbAccessControlEntry> toAdd, Long inheritsFrom,
List<DbAccessControlEntry> inherited, List<Integer> positions, boolean cascade, int depth, List<AclChange> changes, WriteMode mode, boolean requiresVersion)
{
AclChange current = getWritable(id, parent, exclude, toAdd, inheritsFrom, inherited, positions, depth, mode, requiresVersion);
@@ -378,6 +435,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
Query query = session.getNamedQuery(QUERY_GET_ACLS_THAT_INHERIT_FROM_THIS_ACL);
query.setParameter("id", id);
DirtySessionMethodInterceptor.setQueryFlushMode(session, query);
return query.list();
}
};
@@ -405,7 +463,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
* @return - an AclChange
*/
@SuppressWarnings("unchecked")
private AclChange getWritable(final Long id, final Long parent, AccessControlEntry exclude, List<DbAccessControlEntry> toAdd, Long inheritsFrom,
private AclChange getWritable(final Long id, final Long parent, List<? extends AccessControlEntry> exclude, List<DbAccessControlEntry> toAdd, Long inheritsFrom,
List<DbAccessControlEntry> inherited, List<Integer> positions, int depth, WriteMode mode, boolean requiresVersion)
{
DbAccessControlList acl = (DbAccessControlList) getHibernateTemplate().get(DbAccessControlListImpl.class, id);
@@ -438,6 +496,9 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
case REMOVE_INHERITED:
removeInherited(id, depth);
break;
case CREATE_AND_INHERIT:
addAcesToAcl(acl, toAdd, depth);
addInherited(acl, inherited, positions, depth);
case COPY_ONLY:
default:
break;
@@ -472,6 +533,9 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
case REMOVE_INHERITED:
removeInherited(id, depth);
break;
case CREATE_AND_INHERIT:
addAcesToAcl(acl, toAdd, depth);
addInherited(acl, inherited, positions, depth);
case COPY_ONLY:
default:
break;
@@ -497,6 +561,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
newAcl.setVersioned(Boolean.TRUE);
newAcl.setRequiresVersion(Boolean.FALSE);
Long created = (Long) getHibernateTemplate().save(newAcl);
DirtySessionMethodInterceptor.flushSession(getSession(), true);
// Create new membership entries - excluding those in the given pattern
@@ -507,6 +572,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
Query query = session.getNamedQuery(QUERY_GET_ACES_FOR_ACL);
query.setParameter("id", id);
DirtySessionMethodInterceptor.setQueryFlushMode(session, query);
return query.list();
}
};
@@ -533,6 +599,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
newMember.setAccessControlEntry(member.getAccessControlEntry());
newMember.setPosition(member.getPosition());
getHibernateTemplate().save(newMember);
DirtySessionMethodInterceptor.flushSession(getSession(), true);
}
@@ -560,6 +627,9 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
case REMOVE_INHERITED:
removeInherited(newAcl.getId(), depth);
break;
case CREATE_AND_INHERIT:
addAcesToAcl(acl, toAdd, depth);
addInherited(acl, inherited, positions, depth);
case COPY_ONLY:
default:
break;
@@ -594,7 +664,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
* @param depth
*/
@SuppressWarnings("unchecked")
private void removeAcesFromAcl(final Long id, final AccessControlEntry exclude, final int depth)
private void removeAcesFromAcl(final Long id, final List<? extends AccessControlEntry> exclude, final int depth)
{
AcePatternMatcher excluder = new AcePatternMatcher(exclude);
HibernateCallback callback = new HibernateCallback()
@@ -610,6 +680,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
criteria.createAlias("ace.authority", "authority");
criteria.createAlias("ace.permission", "permission");
criteria.setResultTransformer(Criteria.ALIAS_TO_ENTITY_MAP);
DirtySessionMethodInterceptor.setCriteriaFlushMode(session, criteria);
return criteria.list();
}
else
@@ -617,35 +688,118 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
Criteria criteria = session.createCriteria(DbAccessControlListMemberImpl.class, "member");
criteria.createAlias("accessControlList", "acl");
criteria.add(Restrictions.eq("acl.id", id));
if ((exclude.getPosition() != null) && exclude.getPosition() >= 0)
// build or
if (exclude.size() == 1)
{
AccessControlEntry excluded = exclude.get(0);
if ((excluded.getPosition() != null) && excluded.getPosition() >= 0)
{
criteria.add(Restrictions.eq("position", Integer.valueOf(depth)));
}
if ((exclude.getAccessStatus() != null) || (exclude.getAceType() != null) || (exclude.getAuthority() != null) || (exclude.getPermission() != null))
if ((excluded.getAccessStatus() != null) || (excluded.getAceType() != null) || (excluded.getAuthority() != null) || (excluded.getPermission() != null))
{
criteria.createAlias("accessControlEntry", "ace");
if (exclude.getAccessStatus() != null)
if (excluded.getAccessStatus() != null)
{
criteria.add(Restrictions.eq("ace.allowed", exclude.getAccessStatus() == AccessStatus.ALLOWED ? Boolean.TRUE : Boolean.FALSE));
criteria.add(Restrictions.eq("ace.allowed", excluded.getAccessStatus() == AccessStatus.ALLOWED ? Boolean.TRUE : Boolean.FALSE));
}
if (exclude.getAceType() != null)
if (excluded.getAceType() != null)
{
criteria.add(Restrictions.eq("ace.applies", Integer.valueOf(exclude.getAceType().getId())));
criteria.add(Restrictions.eq("ace.applies", Integer.valueOf(excluded.getAceType().getId())));
}
if (exclude.getAuthority() != null)
if (excluded.getAuthority() != null)
{
criteria.createAlias("ace.authority", "authority");
criteria.add(Restrictions.eq("authority.authority", exclude.getAuthority()));
criteria.add(Restrictions.eq("authority.authority", excluded.getAuthority()));
}
if (exclude.getPermission() != null)
if (excluded.getPermission() != null)
{
criteria.createAlias("ace.permission", "permission");
criteria.add(Restrictions.eq("permission.name", exclude.getPermission().getName()));
criteria.add(Restrictions.eq("permission.name", excluded.getPermission().getName()));
// TODO: Add typeQname
}
}
}
else
{
criteria.createAlias("accessControlEntry", "ace");
criteria.createAlias("ace.authority", "authority");
criteria.createAlias("ace.permission", "permission");
List<Criterion> toOr = new LinkedList<Criterion>();
LOOP: for (AccessControlEntry excluded : exclude)
{
List<Criterion> toAnd = new LinkedList<Criterion>();
if ((excluded.getPosition() != null) && excluded.getPosition() >= 0)
{
toAnd.add(Restrictions.eq("position", Integer.valueOf(depth)));
}
if (excluded.getAccessStatus() != null)
{
toAnd.add(Restrictions.eq("ace.allowed", excluded.getAccessStatus() == AccessStatus.ALLOWED ? Boolean.TRUE : Boolean.FALSE));
}
if (excluded.getAceType() != null)
{
toAnd.add(Restrictions.eq("ace.applies", Integer.valueOf(excluded.getAceType().getId())));
}
if (excluded.getAuthority() != null)
{
toAnd.add(Restrictions.eq("authority.authority", excluded.getAuthority()));
}
if (excluded.getPermission() != null)
{
toAnd.add(Restrictions.eq("permission.name", excluded.getPermission().getName()));
// TODO: Add typeQname
}
Criterion accumulated = null;
for (Criterion current : toAnd)
{
if (accumulated == null)
{
accumulated = current;
}
else
{
accumulated = Restrictions.and(accumulated, current);
}
}
if (accumulated == null)
{
// matches all
toOr = null;
break LOOP;
}
else
{
toOr.add(accumulated);
}
}
Criterion accumulated = null;
for (Criterion current : toOr)
{
if (accumulated == null)
{
accumulated = current;
}
else
{
accumulated = Restrictions.or(accumulated, current);
}
}
if (accumulated == null)
{
// no action
}
else
{
criteria.add(accumulated);
}
}
criteria.setResultTransformer(Criteria.ALIAS_TO_ENTITY_MAP);
DirtySessionMethodInterceptor.setCriteriaFlushMode(session, criteria);
return criteria.list();
}
@@ -666,7 +820,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
}
if (removed)
{
getHibernateTemplate().flush();
DirtySessionMethodInterceptor.flushSession(getSession(), true);
}
}
@@ -690,6 +844,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
newMember.setPosition(depth);
getHibernateTemplate().save(newMember);
}
DirtySessionMethodInterceptor.flushSession(getSession(), true);
}
}
@@ -708,6 +863,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
Query query = session.getNamedQuery(QUERY_GET_ACES_FOR_ACL);
query.setParameter("id", id);
DirtySessionMethodInterceptor.setQueryFlushMode(session, query);
return query.list();
}
};
@@ -724,7 +880,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
}
if (removed)
{
getHibernateTemplate().flush();
DirtySessionMethodInterceptor.flushSession(getSession(), true);
}
}
@@ -737,6 +893,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
Query query = session.getNamedQuery(QUERY_GET_ACES_FOR_ACL);
query.setParameter("id", id);
DirtySessionMethodInterceptor.setQueryFlushMode(session, query);
return query.list();
}
};
@@ -758,11 +915,13 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
}
if (changed)
{
getHibernateTemplate().flush();
DirtySessionMethodInterceptor.flushSession(getSession(), true);
}
}
private void addInherited(DbAccessControlList acl, List<DbAccessControlEntry> inherited, List<Integer> positions, int depth)
{
if (inherited != null)
{
for (int i = 0; i < inherited.size(); i++)
{
@@ -776,7 +935,8 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
getHibernateTemplate().save(newMember);
}
DirtySessionMethodInterceptor.flushSession(getSession(), true);
}
}
@SuppressWarnings("unchecked")
@@ -788,6 +948,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
Query query = session.getNamedQuery(QUERY_GET_ACES_FOR_ACL);
query.setParameter("id", id);
DirtySessionMethodInterceptor.setQueryFlushMode(session, query);
return query.list();
}
};
@@ -804,7 +965,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
}
if (changed)
{
getHibernateTemplate().flush();
DirtySessionMethodInterceptor.flushSession(getSession(), true);
}
for (int i = 0; i < inherited.size(); i++)
@@ -819,6 +980,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
getHibernateTemplate().save(newMember);
}
DirtySessionMethodInterceptor.flushSession(getSession(), true);
}
@@ -837,6 +999,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
Query query = session.getNamedQuery(QUERY_GET_ACES_AND_ACLS_BY_AUTHORITY);
query.setParameter("authority", authority);
DirtySessionMethodInterceptor.setQueryFlushMode(session, query);
return query.list();
}
};
@@ -869,7 +1032,6 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
getHibernateTemplate().delete(ace);
}
// Tidy up any unreferenced ACEs
callback = new HibernateCallback()
@@ -878,6 +1040,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
Query query = session.getNamedQuery(QUERY_GET_ACES_BY_AUTHORITY);
query.setParameter("authority", authority);
DirtySessionMethodInterceptor.setQueryFlushMode(session, query);
return query.list();
}
};
@@ -888,16 +1051,15 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
getHibernateTemplate().delete(ace);
}
// remove authority
DbAuthority toRemove = getAuthority(authority, false);
if(toRemove != null)
if (toRemove != null)
{
getHibernateTemplate().delete(toRemove);
}
// TODO: Remove affected ACLs from the cache
DirtySessionMethodInterceptor.flushSession(getSession(), true);
return acls;
}
@@ -911,6 +1073,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
Query query = session.getNamedQuery(QUERY_GET_ACES_FOR_ACL);
query.setParameter("id", id);
DirtySessionMethodInterceptor.setQueryFlushMode(session, query);
return query.list();
}
};
@@ -920,6 +1083,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
getHibernateTemplate().delete(member);
}
DirtySessionMethodInterceptor.flushSession(getSession(), true);
aclCache.remove(id);
}
@@ -936,6 +1100,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
criteria.createAlias("node.accessControlList", "acl");
criteria.add(Restrictions.eq("acl.id", id));
criteria.setResultTransformer(Criteria.DISTINCT_ROOT_ENTITY);
DirtySessionMethodInterceptor.setCriteriaFlushMode(session, criteria);
return criteria.list();
}
};
@@ -981,6 +1146,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
Query query = session.getNamedQuery(QUERY_GET_ACLS_THAT_INHERIT_FROM_THIS_ACL);
query.setParameter("id", newId);
DirtySessionMethodInterceptor.setQueryFlushMode(session, query);
return query.list();
}
};
@@ -997,6 +1163,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
Query query = session.getNamedQuery(QUERY_GET_ACES_FOR_ACL);
query.setParameter("id", newId);
DirtySessionMethodInterceptor.setQueryFlushMode(session, query);
return query.list();
}
};
@@ -1026,6 +1193,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
Query query = session.getNamedQuery(QUERY_GET_ACLS_THAT_INHERIT_FROM_THIS_ACL);
query.setParameter("id", id);
DirtySessionMethodInterceptor.setQueryFlushMode(session, query);
return query.list();
}
};
@@ -1050,6 +1218,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
Query query = session.getNamedQuery(QUERY_GET_ACES_FOR_ACL);
query.setParameter("id", id);
DirtySessionMethodInterceptor.setQueryFlushMode(session, query);
return query.list();
}
};
@@ -1061,7 +1230,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
}
getHibernateTemplate().delete(acl);
getSession().flush();
DirtySessionMethodInterceptor.flushSession(getSession(), true);
}
// remove the deleted acl from the cache
@@ -1076,7 +1245,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
SimpleAccessControlEntry pattern = new SimpleAccessControlEntry();
pattern.setPosition(Integer.valueOf(0));
// Will remove from the cache
getWritable(id, null, pattern, null, null, true, changes, WriteMode.COPY_UPDATE_AND_INHERIT);
getWritable(id, null, Collections.singletonList(pattern), null, null, true, changes, WriteMode.COPY_UPDATE_AND_INHERIT);
return changes;
}
@@ -1086,7 +1255,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
SimpleAccessControlEntry pattern = new SimpleAccessControlEntry();
pattern.setPosition(Integer.valueOf(-1));
// Will remove from the cache
getWritable(id, null, pattern, null, null, true, changes, WriteMode.COPY_UPDATE_AND_INHERIT);
getWritable(id, null, Collections.singletonList(pattern), null, null, true, changes, WriteMode.COPY_UPDATE_AND_INHERIT);
return changes;
}
@@ -1094,7 +1263,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
List<AclChange> changes = new ArrayList<AclChange>();
// Will remove from the cache
getWritable(id, null, pattern, null, null, true, changes, WriteMode.COPY_UPDATE_AND_INHERIT);
getWritable(id, null, Collections.singletonList(pattern), null, null, true, changes, WriteMode.COPY_UPDATE_AND_INHERIT);
return changes;
}
@@ -1147,6 +1316,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
Query query = session.getNamedQuery(QUERY_LOAD_ACL);
query.setParameter("id", id);
query.setCacheMode(CacheMode.IGNORE);
DirtySessionMethodInterceptor.setQueryFlushMode(session, query);
return query.list();
}
};
@@ -1174,7 +1344,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
// context.setPropertyContext(entry.getContext().getPropertyContext());
// sacEntry.setContext(context);
// }
DbPermission perm = (DbPermission)getSession().get(DbPermissionImpl.class, permissionId);
DbPermission perm = (DbPermission) getSession().get(DbPermissionImpl.class, permissionId);
QName permTypeQName = qnameDAO.getQName(perm.getTypeQNameId()).getSecond(); // Has an ID so must exist
SimplePermissionReference permissionRefernce = SimplePermissionReference.getPermissionReference(permTypeQName, perm.getName());
sacEntry.setPermission(permissionRefernce);
@@ -1229,7 +1399,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
properties.setAclType(ACLType.SHARED);
properties.setInherits(Boolean.TRUE);
properties.setVersioned(acl.isVersioned());
Long sharedId = createAccessControlListImpl(properties);
Long sharedId = createAccessControlListImpl(properties, null, null);
@SuppressWarnings("unused")
DbAccessControlList shared = (DbAccessControlList) getHibernateTemplate().get(DbAccessControlListImpl.class, sharedId);
getWritable(sharedId, id, null, null, id, true, changes, WriteMode.ADD_INHERITED);
@@ -1285,6 +1455,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
Query query = session.getNamedQuery(QUERY_GET_LATEST_ACL_BY_ACLID);
query.setParameter("aclId", searchAclId);
DirtySessionMethodInterceptor.setQueryFlushMode(session, query);
return query.uniqueResult();
}
};
@@ -1367,32 +1538,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
// Find authority
DbAuthority authority = getAuthority(ace.getAuthority(), true);
// Find permission
final QName permissionQName = ace.getPermission().getQName();
final String permissionName = ace.getPermission().getName();
final Pair<Long, QName> permissionQNamePair = qnameDAO.getOrCreateQName(permissionQName);
HibernateCallback callback = new HibernateCallback()
{
public Object doInHibernate(Session session)
{
Query query = session.getNamedQuery(QUERY_GET_PERMISSION);
query.setParameter("permissionTypeQNameId", permissionQNamePair.getFirst());
query.setParameter("permissionName", permissionName);
return query.uniqueResult();
}
};
DbPermission permission = (DbPermission) getHibernateTemplate().execute(callback);
if (permission == null)
{
DbPermissionImpl newPermission = new DbPermissionImpl();
newPermission.setTypeQNameId(permissionQNamePair.getFirst());
newPermission.setName(permissionName);
permission = newPermission;
getHibernateTemplate().save(newPermission);
}
DbPermission permission = getPermission(ace.getPermission(), true);
// Find context
@@ -1402,32 +1548,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
}
// Find ACE
final DbAuthority finalAuthority = authority;
final DbPermission finalPermission = permission;
callback = new HibernateCallback()
{
public Object doInHibernate(Session session)
{
Query query = session.getNamedQuery(QUERY_GET_ACE_WITH_NO_CONTEXT);
query.setParameter("permissionId", finalPermission.getId());
query.setParameter("authorityId", finalAuthority.getId());
query.setParameter("allowed", (ace.getAccessStatus() == AccessStatus.ALLOWED) ? true : false);
query.setParameter("applies", ace.getAceType().getId());
return query.uniqueResult();
}
};
DbAccessControlEntry entry = (DbAccessControlEntry) getHibernateTemplate().execute(callback);
if (entry == null)
{
DbAccessControlEntryImpl newEntry = new DbAccessControlEntryImpl();
newEntry.setAceType(ace.getAceType());
newEntry.setAllowed((ace.getAccessStatus() == AccessStatus.ALLOWED) ? true : false);
newEntry.setAuthority(authority);
newEntry.setPermission(permission);
entry = newEntry;
getHibernateTemplate().save(newEntry);
}
DbAccessControlEntry entry = getAccessControlEntry(permission, authority, ace, true);
// Wire up
// COW and remove any existing matches
@@ -1441,7 +1562,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
List<DbAccessControlEntry> toAdd = new ArrayList<DbAccessControlEntry>(1);
toAdd.add(entry);
// Will remove from the cache
getWritable(id, null, exclude, toAdd, null, true, changes, WriteMode.COPY_UPDATE_AND_INHERIT);
getWritable(id, null, Collections.singletonList(exclude), toAdd, null, true, changes, WriteMode.COPY_UPDATE_AND_INHERIT);
return changes;
}
@@ -1550,7 +1671,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
}
return toCopy;
case REDIRECT:
if((toInheritFrom != null) && (toInheritFrom == toCopy))
if ((toInheritFrom != null) && (toInheritFrom == toCopy))
{
return getInheritedAccessControlList(toInheritFrom);
}
@@ -1663,6 +1784,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
public List<Long> getAvmNodesByACL(final Long id)
{
List<Long> avmNodeIds = avmNodeDAO.getAVMNodesByAclId(id);
return avmNodeIds;
}
@@ -1696,6 +1818,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
Query query = session.getNamedQuery(QUERY_GET_ACES_FOR_ACL);
query.setParameter("id", inheritsFrom);
DirtySessionMethodInterceptor.setQueryFlushMode(session, query);
return query.list();
}
};
@@ -1743,6 +1866,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
changeSet = new DbAccessControlListChangeSetImpl();
changeSetId = getHibernateTemplate().save(changeSet);
DirtySessionMethodInterceptor.flushSession(getSession(), true);
changeSet = (DbAccessControlListChangeSetImpl) getHibernateTemplate().get(DbAccessControlListChangeSetImpl.class, changeSetId);
// bind the id
AlfrescoTransactionSupport.bindResource(RESOURCE_KEY_ACL_CHANGE_SET_ID, changeSetId);
@@ -1764,16 +1888,16 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
private static class AcePatternMatcher
{
private AccessControlEntry pattern;
private List<? extends AccessControlEntry> patterns;
AcePatternMatcher(AccessControlEntry pattern)
AcePatternMatcher(List<? extends AccessControlEntry> patterns)
{
this.pattern = pattern;
this.patterns = patterns;
}
boolean matches(QNameDAO qnameDAO, Map<String, Object> result, int position)
{
if (pattern == null)
if (patterns == null)
{
return true;
}
@@ -1781,6 +1905,28 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
DbAccessControlListMember member = (DbAccessControlListMember) result.get("member");
DbAccessControlEntry entry = (DbAccessControlEntry) result.get("ace");
for (AccessControlEntry pattern : patterns)
{
if (checkPattern(qnameDAO, result, position, member, entry, pattern))
{
return true;
}
}
return false;
}
/**
* @param qnameDAO
* @param result
* @param position
* @param member
* @param entry
* @return
*/
private boolean checkPattern(QNameDAO qnameDAO, Map<String, Object> result, int position, DbAccessControlListMember member, DbAccessControlEntry entry,
AccessControlEntry pattern)
{
if (pattern.getAccessStatus() != null)
{
if (pattern.getAccessStatus() != (entry.isAllowed() ? AccessStatus.ALLOWED : AccessStatus.DENIED))
@@ -1815,7 +1961,8 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
DbPermission permission = (DbPermission) result.get("permission");
final QName patternQName = pattern.getPermission().getQName();
final QName permTypeQName = qnameDAO.getQName(permission.getTypeQNameId()).getSecond(); // Has an ID so must exist
final QName permTypeQName = qnameDAO.getQName(permission.getTypeQNameId()).getSecond(); // Has an ID so
// must exist
if ((patternQName != null) && (!patternQName.equals(permTypeQName)))
{
return false;
@@ -1958,6 +2105,40 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
}
/**
<<<<<<< .working
=======
* Get the total number of head nodes in the repository
*
* @return count
*/
public Long getAVMHeadNodeCount()
{
try
{
Session session = getSession();
int isolationLevel = session.connection().getTransactionIsolation();
try
{
session.connection().setTransactionIsolation(1);
Query query = getSession().getNamedQuery("permission.GetAVMHeadNodeCount");
DirtySessionMethodInterceptor.setQueryFlushMode(session, query);
Long answer = (Long) query.uniqueResult();
return answer;
}
finally
{
session.connection().setTransactionIsolation(isolationLevel);
}
}
catch (SQLException e)
{
throw new AlfrescoRuntimeException("Failed to set TX isolation level", e);
}
}
/**
>>>>>>> .merge-right.r17076
* Get the max acl id
*
* @return - max acl id
@@ -1972,6 +2153,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
session.connection().setTransactionIsolation(1);
Query query = getSession().getNamedQuery("permission.GetMaxAclId");
DirtySessionMethodInterceptor.setQueryFlushMode(session, query);
Long answer = (Long) query.uniqueResult();
return answer;
}
@@ -2006,6 +2188,41 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
}
/**
<<<<<<< .working
=======
* Get the acl count canges so far for progress tracking
*
* @param above
* @return - the count
*/
public Long getAVMNodeCountWithNewACLS(Long above)
{
try
{
Session session = getSession();
int isolationLevel = session.connection().getTransactionIsolation();
try
{
session.connection().setTransactionIsolation(1);
Query query = getSession().getNamedQuery("permission.GetAVMHeadNodeCountWherePermissionsHaveChanged");
query.setParameter("above", above);
DirtySessionMethodInterceptor.setQueryFlushMode(session, query);
Long answer = (Long) query.uniqueResult();
return answer;
}
finally
{
session.connection().setTransactionIsolation(isolationLevel);
}
}
catch (SQLException e)
{
throw new AlfrescoRuntimeException("Failed to set TX isolation level", e);
}
}
/**
>>>>>>> .merge-right.r17076
* How many nodes are noew in store (approximate)
*
* @return - the number of new nodes - approximate
@@ -2030,6 +2247,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
for (AVMNodeEntity ldNodeEntity : ldNodeEntities)
{
Long from = ldNodeEntity.getId();
String to = ldNodeEntity.getIndirection();
Integer version = ldNodeEntity.getIndirectionVersion();
@@ -2136,6 +2354,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
session.connection().setTransactionIsolation(1);
Query query = getSession().getNamedQuery("permission.GetDmNodeCount");
DirtySessionMethodInterceptor.setQueryFlushMode(session, query);
Long answer = (Long) query.uniqueResult();
return answer;
}
@@ -2168,6 +2387,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
session.connection().setTransactionIsolation(1);
Query query = getSession().getNamedQuery("permission.GetDmNodeCountWherePermissionsHaveChanged");
query.setParameter("above", above);
DirtySessionMethodInterceptor.setQueryFlushMode(session, query);
Long answer = (Long) query.uniqueResult();
return answer;
}
@@ -2186,7 +2406,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
DbAuthority dbAuthority = getAuthority(before, false);
// If there is no entry and alias is not required - there is nothing it would match
if(dbAuthority != null)
if (dbAuthority != null)
{
dbAuthority.setAuthority(after);
dbAuthority.setCrc(getCrc(after));
@@ -2194,8 +2414,6 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
}
}
private DbAuthority getAuthority(final String authority, boolean create)
{
// Find auth
@@ -2205,6 +2423,7 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
{
Query query = session.getNamedQuery(QUERY_GET_AUTHORITY);
query.setParameter("authority", authority);
DirtySessionMethodInterceptor.setQueryFlushMode(session, query);
return query.list();
}
};
@@ -2226,6 +2445,69 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
return dbAuthority;
}
private DbPermission getPermission(final PermissionReference permissionReference, boolean create)
{
// Find permission
final QName permissionQName = permissionReference.getQName();
final String permissionName = permissionReference.getName();
final Pair<Long, QName> permissionQNamePair = qnameDAO.getOrCreateQName(permissionQName);
HibernateCallback callback = new HibernateCallback()
{
public Object doInHibernate(Session session)
{
Query query = session.getNamedQuery(QUERY_GET_PERMISSION);
query.setParameter("permissionTypeQNameId", permissionQNamePair.getFirst());
query.setParameter("permissionName", permissionName);
DirtySessionMethodInterceptor.setQueryFlushMode(session, query);
return query.uniqueResult();
}
};
DbPermission dbPermission = (DbPermission) getHibernateTemplate().execute(callback);
if (create && (dbPermission == null))
{
DbPermissionImpl newPermission = new DbPermissionImpl();
newPermission.setTypeQNameId(permissionQNamePair.getFirst());
newPermission.setName(permissionName);
dbPermission = newPermission;
getHibernateTemplate().save(newPermission);
DirtySessionMethodInterceptor.flushSession(getSession(), true);
}
return dbPermission;
}
private DbAccessControlEntry getAccessControlEntry(final DbPermission permission, final DbAuthority authority, final AccessControlEntry ace, boolean create)
{
HibernateCallback callback = new HibernateCallback()
{
public Object doInHibernate(Session session)
{
Query query = session.getNamedQuery(QUERY_GET_ACE_WITH_NO_CONTEXT);
query.setParameter("permissionId", permission.getId());
query.setParameter("authorityId", authority.getId());
query.setParameter("allowed", (ace.getAccessStatus() == AccessStatus.ALLOWED) ? true : false);
query.setParameter("applies", ace.getAceType().getId());
DirtySessionMethodInterceptor.setQueryFlushMode(session, query);
return query.uniqueResult();
}
};
DbAccessControlEntry entry = (DbAccessControlEntry) getHibernateTemplate().execute(callback);
if (create && (entry == null))
{
DbAccessControlEntryImpl newEntry = new DbAccessControlEntryImpl();
newEntry.setAceType(ace.getAceType());
newEntry.setAllowed((ace.getAccessStatus() == AccessStatus.ALLOWED) ? true : false);
newEntry.setAuthority(authority);
newEntry.setPermission(permission);
entry = newEntry;
getHibernateTemplate().save(newEntry);
DirtySessionMethodInterceptor.flushSession(getSession(), true);
}
return entry;
}
public void createAuthority(String authority)
{
createDbAuthority(authority);
@@ -2237,7 +2519,30 @@ public class AclDaoComponentImpl extends HibernateDaoSupport implements AclDaoCo
dbAuthority.setAuthority(authority);
dbAuthority.setCrc(getCrc(authority));
getHibernateTemplate().save(dbAuthority);
DirtySessionMethodInterceptor.flushSession(getSession(), true);
return dbAuthority;
}
/*
* (non-Javadoc)
*
* @see org.alfresco.repo.security.permissions.impl.AclDaoComponent#setAccessControlEntries(java.lang.Long,
* java.util.List)
*/
public List<AclChange> setAccessControlEntries(Long id, List<AccessControlEntry> aces)
{
throw new UnsupportedOperationException();
}
/*
* (non-Javadoc)
*
* @see org.alfresco.repo.security.permissions.impl.AclDaoComponent#createAccessControlList(org.alfresco.repo.security.permissions.AccessControlListProperties,
* java.util.List, long)
*/
public Long createAccessControlList(AccessControlListProperties properties, List<AccessControlEntry> aces, Long inherited)
{
return createAccessControlListImpl(properties, aces, inherited);
}
}

30
source/java/org/alfresco/repo/domain/hibernate/DMAccessControlListDAO.java
View File

@@ -215,25 +215,18 @@ public class DMAccessControlListDAO implements AccessControlListDAO
result.increment(ACLType.DEFINING);
SimpleAccessControlListProperties properties = DMPermissionsDaoComponentImpl.getDefaultProperties();
properties.setInherits(existingAcl.getInherits());
Long id = aclDaoComponent.createAccessControlList(properties);
DbAccessControlList newAcl = aclDaoComponent.getDbAccessControlList(id);
AccessControlList existing = aclDaoComponent.getAccessControlList(existingAcl.getId());
for (AccessControlEntry entry : existing.getEntries())
{
if (entry.getPosition() == 0)
{
aclDaoComponent.setAccessControlEntry(id, entry);
}
}
Long actuallyInherited = null;
if (existingAcl.getInherits())
{
if (inherited != null)
{
aclDaoComponent.enableInheritance(id, inherited);
actuallyInherited = inherited;
}
}
Long id = aclDaoComponent.createAccessControlList(properties, existing.getEntries(), actuallyInherited);
DbAccessControlList newAcl = aclDaoComponent.getDbAccessControlList(id);
idToInheritFrom = id;
@@ -268,12 +261,15 @@ public class DMAccessControlListDAO implements AccessControlListDAO
}
}
for (ChildAssociationRef child : nodeService.getChildAssocs(nodeRef))
List<ChildAssociationRef> children = nodeService.getChildAssocs(nodeRef);
if (children.size() > 0)
{
hibernateSessionHelper.reset();
// Only make inherited if required
if(toInherit == null)
if (toInherit == null)
{
if(idToInheritFrom == null)
if (idToInheritFrom == null)
{
toInherit = inherited;
}
@@ -283,6 +279,10 @@ public class DMAccessControlListDAO implements AccessControlListDAO
}
}
}
for (ChildAssociationRef child : children)
{
if (child.isPrimary())
{
CounterSet update = fixOldDmAcls(child.getChildRef(), toInherit, false);

38
source/java/org/alfresco/repo/domain/hibernate/DirtySessionMethodInterceptor.java
View File

@@ -39,6 +39,7 @@ import org.aopalliance.intercept.MethodInterceptor;
import org.aopalliance.intercept.MethodInvocation;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.hibernate.Criteria;
import org.hibernate.FlushMode;
import org.hibernate.Query;
import org.hibernate.Session;
@@ -262,6 +263,43 @@ public class DirtySessionMethodInterceptor implements MethodInterceptor
query.setFlushMode(FlushMode.MANUAL);
}
public static void setCriteriaFlushMode(Session session, Criteria criteria)
{
FlushData flushData = DirtySessionMethodInterceptor.getFlushData();
// If all the methods in the method stack are annotated, then we can adjust the query and
// play with the session
if (!flushData.isStackAnnotated())
{
if (loggerDebugEnabled)
{
logger.debug(
"Method stack is not annotated. Not setting query flush mode: \n" +
" Flush Data: " + flushData);
}
return;
}
// The stack is fully annotated, so flush if required and set the flush mode on the query
if (loggerDebugEnabled)
{
logger.debug(
"Setting query flush mode: \n" +
" Criteria: " + criteria.toString() + "\n" +
" Dirty: " + flushData);
}
if (flushData.isDirty())
{
// Flush the session
session.flush();
// Reset the dirty state
flushData.resetDirtyCount();
}
// Adjust the query flush mode
criteria.setFlushMode(FlushMode.MANUAL);
}
/**
* Manually mark the session as dirty.
*/

74
source/java/org/alfresco/repo/security/permissions/impl/AclDaoComponent.java
View File

@@ -28,6 +28,7 @@ import java.util.List;
import java.util.Set;
import org.alfresco.repo.domain.DbAccessControlList;
import org.alfresco.repo.domain.hibernate.DirtySessionAnnotation;
import org.alfresco.repo.domain.hibernate.AclDaoComponentImpl.Indirection;
import org.alfresco.repo.security.permissions.ACLCopyMode;
import org.alfresco.repo.security.permissions.AccessControlEntry;
@@ -48,6 +49,7 @@ public interface AclDaoComponent extends TransactionalDao
* @param id
* @return
*/
@DirtySessionAnnotation(markDirty=false)
DbAccessControlList getDbAccessControlList(Long id);
@@ -57,6 +59,7 @@ public interface AclDaoComponent extends TransactionalDao
* @param id
* @return
*/
@DirtySessionAnnotation(markDirty=false)
public AccessControlList getAccessControlList(Long id);
/**
@@ -65,6 +68,7 @@ public interface AclDaoComponent extends TransactionalDao
* @param id
* @return - the id of all ACLs affected
*/
@DirtySessionAnnotation(markDirty=false)
public List<AclChange> deleteAccessControlList(Long id);
/**
@@ -73,6 +77,7 @@ public interface AclDaoComponent extends TransactionalDao
* @param id
* @return - the id of all ACLs affected
*/
@DirtySessionAnnotation(markDirty=false)
public List<AclChange> deleteLocalAccessControlEntries(Long id);
/**
@@ -81,6 +86,7 @@ public interface AclDaoComponent extends TransactionalDao
* @param id
* @return - the id of all ACLs affected
*/
@DirtySessionAnnotation(markDirty=false)
public List<AclChange> deleteInheritedAccessControlEntries(Long id);
/**
@@ -89,6 +95,7 @@ public interface AclDaoComponent extends TransactionalDao
* @param authority
* @return - the id of all ACLs affected
*/
@DirtySessionAnnotation(markDirty=false)
public List<AclChange> invalidateAccessControlEntries(String authority);
/**
@@ -97,6 +104,7 @@ public interface AclDaoComponent extends TransactionalDao
* @param authority
* @return - the id of all ACLs affected
*/
@DirtySessionAnnotation(markDirty=false)
public List<AclChange> deleteAccessControlEntries(String authority);
/**
@@ -107,6 +115,7 @@ public interface AclDaoComponent extends TransactionalDao
* non null elements are used for the match
* @return - the id of all ACLs affected
*/
@DirtySessionAnnotation(markDirty=false)
public List<AclChange> deleteAccessControlEntries(Long id, AccessControlEntry pattern);
/**
@@ -116,8 +125,19 @@ public interface AclDaoComponent extends TransactionalDao
* @param ace
* @return - the id of all ACLs affected
*/
@DirtySessionAnnotation(markDirty=false)
public List<AclChange> setAccessControlEntry(Long id, AccessControlEntry ace);
/**
* Add an access control entry
*
* @param id
* @param ace
* @return - the id of all ACLs affected
*/
@DirtySessionAnnotation(markDirty=false)
public List<AclChange> setAccessControlEntries(Long id, List<AccessControlEntry> aces);
/**
* Enable inheritance
*
@@ -125,6 +145,7 @@ public interface AclDaoComponent extends TransactionalDao
* @param parent
* @return
*/
@DirtySessionAnnotation(markDirty=false)
public List<AclChange> enableInheritance(Long id, Long parent);
/**
@@ -134,6 +155,7 @@ public interface AclDaoComponent extends TransactionalDao
* @param setInheritedOnAcl
* @return
*/
@DirtySessionAnnotation(markDirty=false)
public List<AclChange> disableInheritance(Long id, boolean setInheritedOnAcl);
/**
@@ -142,16 +164,21 @@ public interface AclDaoComponent extends TransactionalDao
* @param id
* @return - the id of all ACLs affected
*/
@DirtySessionAnnotation(markDirty=false)
public AccessControlListProperties getAccessControlListProperties(Long id);
/**
* Create a bew ACL with teh given properties. Unset ones are assigned defaults.
* Create a new ACL with the given properties. Unset properties are assigned defaults.
*
* @param properties
* @return
*/
@DirtySessionAnnotation(markDirty=false)
public Long createAccessControlList(AccessControlListProperties properties);
@DirtySessionAnnotation(markDirty=false)
public Long createAccessControlList(AccessControlListProperties properties, List<AccessControlEntry> aces, Long inherited);
/**
* Get the id of the ACL inherited from the one given
* May return null if there is nothing to inherit -> OLD world where nodes have thier own ACL and we wlak the parent chain
@@ -159,6 +186,7 @@ public interface AclDaoComponent extends TransactionalDao
* @param id
* @return
*/
@DirtySessionAnnotation(markDirty=false)
public Long getInheritedAccessControlList(Long id);
/**
@@ -168,23 +196,67 @@ public interface AclDaoComponent extends TransactionalDao
* @param target
* @return
*/
@DirtySessionAnnotation(markDirty=false)
public List<AclChange> mergeInheritedAccessControlList(Long inherited, Long target);
@DirtySessionAnnotation(markDirty=false)
public DbAccessControlList getDbAccessControlListCopy(Long toCopy, Long toInheritFrom, ACLCopyMode mode);
@DirtySessionAnnotation(markDirty=false)
public Long getCopy(Long toCopy, Long toInheritFrom, ACLCopyMode mode);
@DirtySessionAnnotation(markDirty=false)
public List<Long> getAvmNodesByACL(Long id);
@DirtySessionAnnotation(markDirty=false)
public List<Indirection> getAvmIndirections();
/**
* hibernate lifecycle support
* @param id
*/
@DirtySessionAnnotation(markDirty=false)
public void onDeleteAccessControlList(final long id);
@DirtySessionAnnotation(markDirty=false)
public void updateAuthority(String before, String after);
@DirtySessionAnnotation(markDirty=false)
public void createAuthority(String authority);
/**
* @return
*/
@DirtySessionAnnotation(markDirty=false)
boolean supportsProgressTracking();
/**
* @return
*/
@DirtySessionAnnotation(markDirty=false)
Long getDmNodeCount();
/**
* @return
*/
@DirtySessionAnnotation(markDirty=false)
Long getMaxAclId();
/**
* @param max
* @return
*/
@DirtySessionAnnotation(markDirty=false)
Long getDmNodeCountWithNewACLS(Long max);
/**
* @return
*/
@DirtySessionAnnotation(markDirty=false)
Long getNewInStore();
}