mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-08-07 17:49:17 +00:00
Merged V4.1-BUG-FIX to HEAD
40170: Fix compile error following merge from 4.1.0 to 4.1.1
40175: ALF-14002 (5108), ALF-14220 (5109), ALF-15419 (5110) patch versions for 4.1.1 that came from commits made to V4.0-BUG-FIX after 4.0.2 was released.
40203: Fix 4.1 -> 4.1.1 merge error that was stopping start up of Share.
Required change to extra config in 4.1.1 added for ALF-12524.
There are other differences in the file for ALF-14812 and ALF-14813 but were not impacted.
40206: ALF-15281 - FTP/FTPS: With preserve timestamps turned off, the modification date does not change.
40208: ALF-12831: Upgrade to swftools 0.9.2
40210: ALF-13933: First attempt at installing LibreOffice 3.5
- Installed to a subdirectory called libreoffice
- OpenOffice, Openoffice and OpenOffice.org replaced in all display strings
40229: ALF-7278: Merged V3.4-BUG-FIX (3.4.11) to V4.1-BUG-FIX (4.1.1)
40227: ALF-15436 CLONE Alfresco 3.4c + Share + TIFF preview only shows the first page
40237: Fix for ALF-14663 from Vadim Danilchenko - the 'edit online' button in Share fails but we do not send any error message
40258: Merged BRANCHES/DEV/BELARUS/V4.1-BUG-FIX-2012_07_09 to BRANCHES/DEV/V4.1-BUG-FIX:
39668: ALF-15214 patch.fixBpmPackages performs unnecessary work
40261: Merged V3.4-BUG-FIX to V4.1-BUG-FIX
38592: Fixed ALF-14929: NodeDAO might not be last node write to the database
- Regression introduced when Hibernate was removed
- Fix validated by unit test
38596: Merged DEV to V3.4-BUG-FIX
38594: ALF-14744: Documents uploaded via WebDAV mount from Windows 7, and copied by a jscript rule are zero-length
Change CreateNodeRuleTrigger.onCreateNode() method:
Search for property of "d:content" type in node TypeDefinition, AspectDefinitions of node aspects and don't fire rules if found.
38781: Fixed ALF-14979: Long running AVM XPath queries on startup
- Basic XPath was always fetching all siblings
38896: ALF-14744: Fix rule-firing regressions plus unit test
- CreateNodeRuleTrigger must remember new nodes, regardless of whether it fires to avoid an update being fired on a node created in the same transaction
- Tests should not assume that inbound rule will be fired on a content-less node (when the node's type or aspects have content properties)
38909: Merged DEV to V3.4-BUG-FIX (3.4.11)
<< Fix for issued identified by QA on 20/6/12 after verification of customer issues >>
38849: ALF-11956: WCM accessibility
Navigation between the fields with erroneous data has been modified to allow navigation between elements of composite widgets such as Date/Time pickers etc...
- the fix for ALF-10804 is backported (required for the current fix);
- ability of cancelling and reactivating the strict navigation sequence has been added (pressing the Escape key for cancelling and focusing the alert link for reactivating);
- generation of duplicate ids for comboboxes of the 'MonthDayPicker' widget has been fixed
38544: ALF-11956: WCM accessibility
Draft implementation of 'FocusResolver' which introduces functionality of strict sequence for navigation between fields of the XForms widgets with erroneous data detected during validation
38934: Fix for ALF-13658/ALF-14849
38990: ALF-13048 Configuration of temp directories for converters (Openoffice and JOD)
More general approach taken for JOD :
- Allow an OpenOffice user template profile to be used by the JOD started OpenOffice process via
the alfresco global property jodconverter.templateProfileDir
- Among other settings, the profile contains values set in Tools|Options via the UI
This includes the temporary directory: Tools|Options|openOffice.org|Temporary Files
- If blank, a default profile is created. The user profile is recreated on each restart from the template.
May be set to an existing user's profile such as: C:\Users\<username>\AppData\Roaming\OpenOffice.org\3
39115: Merged V3.4 to V3.4-BUG-FIX
38593: Merged DEV to V3.4
38572: ALF-13578: CIFS: AlfJLANWorker threads (concurrency) - server not responding
Add nodeServices.exists(nodeRef) check to errorHandler in ContentDiskDriver.closeFile() to hide InvalidNodeRefException here.
38591: ALF-13578: CIFS: AlfJLANWorker threads (concurrency) - server not responding
Replace "catch (AlfrescoRuntimeException e)" with "catch (RuntimeException e)" in ContentDiskDriver.
Add "catch (InvalidNodeRefException ex)" to ContentDiskDriver.renameFile() method and throw java.io.FileNotFoundException here.
39063: Process the async packet queue at the end of CIFS NIO socket processing, before re-enabling socket events. ALF-13578.
39117: Merged V3.4 to V3.4-BUG-FIX (RECORD ONLY)
39116: ALF-13578: Reversed r39063 due to QA time constraints. Fix will be made limited availability and in next service pack.
39179: Merged DEV to V3.4-BUG-FIX (3.4.11)
38911: ALF-14827: Cannot see metrics data to Alfresco Enterprise Content Store in Hyperic HQ
The attribute "TotalSize" is no longer exists in the Alfresco 3.4.x
SpaceFree and SpaceTotal are added to the alfresco enterprise plugin.
38910: ALF-15016: Cannot see services to FTP, NFS Server in Hyperic HQ
Alfresco enterrprise plugin fixed so that FTP and NFS Server resources now available in resources tab.
39230: ALF-15048 - Create Rule 'Execute Script'- 'Append Copyright to file'
- Script that added the copyright was hidden in a .acp file (a zip file).
.acp is normally used by wireshark so was not found in searches.
39294: Merged V3.4 to V3.4-BUG-FIX
39293: ALF-14698: Merged PATCHES/V3.4.6 to V3.4
38786: Merged V4.0-BUG-FIX to PATCHES/V3.4.6 (partial rework)
34279: NodeDAO: re-parent "lost & found" orphan child nodes (see ALF-12358 & ALF-13066 / SYS-301)
- if orphaned nodes are identified (eg. via getPath(s)) then attempt partial recovery by placing them in (temp) lost_found
- ... ALF-12358 ('child' node has deleted parent(s))
- ... ALF-13066 (non-root 'child' node has no parent(s))
- for internal use only - allows index tracking (eg. Solr) to continue
- precursor to fixing underlying root causes
34338: NodeDAO: re-parent "lost & found" orphan child nodes (see ALF-12358 & ALF-13066 / SYS-301)
- test fix (follow-on to r34279)
34341: NodeDAO: re-parent "lost & found" orphan child nodes (see ALF-12358 & ALF-13066 / SYS-301)
- ano test fix (once more with feeling)
34434: ALF-13066: Fix for intermittent failure (testConcurrentLinkToDeletedNode)
38959: ALF-15136: Merged HEAD to PATCHES/V3.4.6
32659: Fixed ALF-11946: Lucene index recovery startup can cause full table scans and file sorts
- Made the backward timestepping work in bounded segments, whereas previously there
was no lower bound causing the database to creak under load and the whole process
to take a long time.
- Seen during benchmark testing as well
39211: ALF-15109: 'Touch' nodes in every case where we add / remove secondary parent associations. Causing group membership fallout at SAP.
39218: ALF-15109: Improved fix - must fire cascaded secondary association deletions at DbNodeServiceImpl level to ensure appropriate index events are fired and prevent out of sync indexes!
39240: ALF-15109: Another attempt. Now we are firing all the right events on cascade removal of secondary associations a lot of things are coming out in the wash!
- Cascade delete secondary associations in a first recursive pass
- Use a List of Pairs rather than a Map to avoid missing multiple associations to the same child
39295: Fixed merge issue
39381: ALF-12781 - Unable to set email contributors authority
39595: Fix for ALF-12506 - utils.setLocale() override the value to a lower case.
39932: ALF-9540: copy from drive to CIFS is slower than direct drive to drive copy by a factor of ~ 15
39935: ALF-9606: JSF, WebDav + Kerberos - Browser goes to a previous visited page when done/cancel edit online document
- User is now redirected to logon when session expires.
39961: ALF-9540: Fix some broken unit tests caused by missing policies.
40026: Return success status for CIFS set security descriptor call even when the SecurityDescriptorInterface is not implemented. ALF-15357
Attempt to fix slow MS Office docx file save, unable to reproduce locally.
40090: ALF-15388: Merged V4.1-BUG-FIX to V3.4-BUG-FIX
40022: Fix for ALF-15144 - Slow Share doclib high-level folder browsing due to version history retrieval
Revision: 40159
Author: taksoy
Date: Tuesday, August 07, 2012 1:44:29 PM
Message:
ALF-13636: ReferenceError: "containerId" is not defined - Exception thrown during folder rule creation
----
Modified : /alfresco/BRANCHES/DEV/V3.4-BUG-FIX/root/projects/slingshot/source/web/modules/documentlibrary/global-folder.js
40231: ALF-13575: Merged DEV to V3.4-BUG-FIX
39879: Use of NetBIOS name versus DNS name in links accessed through CIFS
- hostname is now determined from the path used to mount the drive on the client
40251: Merged DEV to V3.4-BUG-FIX
39667: ALF-4832: Incorrect behaviour of user's activities information in Moderated sites
Introduce new method to ActivityPostService that accept userName.
Post activity using new method when user is joined to site.
40252: Merged PATCHES/V3.4.6 to V3.4-BUG-FIX
39437: ALF-15458 / ALF-15184: ADMLuceneIndexerImpl debug can cause indexing to fail
- Don't try to print the path of a deleted node!
39520: Merged DEV to PATCHES/V3.4.6
38728: ALF-15459 / ALF-14714 : A user can overwrite a "WRITE_LOCK" on a document created by a different user
-The document owner is not considered to be the lock owner now.
-ALF-12081 was backported.
39581: ALF-15460 / ALF-15216: Need predefined JGroups configuration for FILE_PING
- Now FILE_PING can be selected using alfresco.jgroups.defaultProtocol=TCP-FPING
- New parameter alfresco.fping.shared.dir specifies its shared directory and defaults to ${dir.contentstore}
39662: ALF-15461 / ALF-15243: "Failed to initialise config service" after a node comes back into the cluster
- Nested writable transaction in a read only transaction
- Removed old school transaction management
39768: ALF-15462 / ALF-10725: Account for local index impact of reparenting orphaned nodes
- Unfortunately this means AbstractNodeDAOImpl now must talk to NodeIndexer but this may be revisited
39770: ALF-15462 / ALF-10725: Fix test failure - an orphaned node WITH the root aspect must still have parents or it is unindexable!
39816: ALF-15462 / ALF-10725: Revisit orphans once more
- delete_ChildAssocsToAndFrom removed because it's evil and could orphan a node that's just shown up (read committed) from another transaction
- Now only parent assocs of the deleted node are removed automatically and children are handled through normal cascading operations
- The foreign keys will now block the deletion of a node with a new child created mid-transaction
39846: ALF-15461 / ALF-15243: Fix unit test failures
40253: Merged PATCHES/V3.4.9 to V3.4.-BUG-FIX
39703: ALF-15463: More synchronization, TRACE logging and test for ALF-15215: Missing synchronization in RepositoryContainer.getRegistry()
39885: ALF-15464 / ALF-15311: JGroups resends incorrect message for XMIT_REQ
- Added new configuration files for heartbeat channel that removes NAKACK protocol as guaranteed delivery is not necessary for heartbeat.
40262: Merged V3.4-BUG-FIX to V4.1-BUG-FIX (RECORD ONLY)
36853: Merge DEV to V3.4-BUG-FIX
31272 : ALF-8588 - IMAP Cannot attach two attachments with the same name.
38923: Merged HEAD to BRANCHES/DEV/V3.4-BUG-FIX
32757: Fix for ALF-9365
Merged BRANCHES/DEV/V4.0-BUG-FIX to BRANCHES/DEV/V3.4-BUG-FIX
35693: Fix for ALF-13806 - Get content webscript incorrectly returns text/plain mimetype for HTML files, not text/html
Merged BRANCHES/V4.0 to BRANCHES/DEV/V3.4-BUG-FIX
36560: Correctly size content length header after HTML stripping process (ALF-9365)
39015: Merged in upgrade of truezip to 7.5.5 see ALF-14247
39056: Merged V4.1-BUG-FIX to V3.4-BUG-FIX:
ALF-15053: Ensure that sub-folders of "res" can be accessed in the DocLib
39361: Added truezip-swing jar. It seems that Truezip needs Swing :(
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@40274 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Dave Ward
@@ -482,9 +482,9 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
|
||||
{
|
||||
public Object doWork() throws Exception
|
||||
{
|
||||
if (!personService.personExists(userName)
|
||||
|| !nodeService.getProperty(personService.getPerson(userName),
|
||||
ContentModel.PROP_USERNAME).equals(userName))
|
||||
String identifier;
|
||||
if ((identifier = personService.getUserIdentifier(userName)) == null
|
||||
|| !identifier.equals(userName))
|
||||
{
|
||||
if (logger.isDebugEnabled())
|
||||
{
|
||||
|
||||
@@ -113,7 +113,7 @@ public class AuthenticationServiceImpl extends AbstractAuthenticationService imp
|
||||
// clear context - to avoid MT concurrency issue (causing domain mismatch) - see also 'authenticate' above
|
||||
clearCurrentSecurityContext();
|
||||
currentUser = ticketComponent.validateTicket(ticket);
|
||||
authenticationComponent.setCurrentUser(currentUser, UserNameValidationMode.CHECK);
|
||||
authenticationComponent.setCurrentUser(currentUser, UserNameValidationMode.NONE);
|
||||
}
|
||||
catch (AuthenticationException ae)
|
||||
{
|
||||
|
||||
@@ -48,6 +48,7 @@ import org.alfresco.repo.policy.PolicyComponent;
|
||||
import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
|
||||
import org.alfresco.repo.security.authentication.InMemoryTicketComponentImpl.ExpiryMode;
|
||||
import org.alfresco.repo.security.authentication.InMemoryTicketComponentImpl.Ticket;
|
||||
import org.alfresco.repo.security.authentication.RepositoryAuthenticationDao.CacheEntry;
|
||||
import org.alfresco.repo.tenant.TenantService;
|
||||
import org.alfresco.repo.transaction.AlfrescoTransactionSupport;
|
||||
import org.alfresco.repo.transaction.AlfrescoTransactionSupport.TxnReadState;
|
||||
@@ -101,7 +102,7 @@ public class AuthenticationTest extends TestCase
|
||||
|
||||
private PolicyComponent policyComponent;
|
||||
|
||||
private SimpleCache<String, NodeRef> authenticationCache;
|
||||
private SimpleCache<String, CacheEntry> authenticationCache;
|
||||
private SimpleCache<String, NodeRef> immutableSingletonCache;
|
||||
|
||||
public AuthenticationTest()
|
||||
@@ -137,7 +138,7 @@ public class AuthenticationTest extends TestCase
|
||||
pubPersonService = (PersonService) ctx.getBean("PersonService");
|
||||
personService = (PersonService) ctx.getBean("personService");
|
||||
policyComponent = (PolicyComponent) ctx.getBean("policyComponent");
|
||||
authenticationCache = (SimpleCache<String, NodeRef>) ctx.getBean("authenticationCache");
|
||||
authenticationCache = (SimpleCache<String, CacheEntry>) ctx.getBean("authenticationCache");
|
||||
immutableSingletonCache = (SimpleCache<String, NodeRef>) ctx.getBean("immutableSingletonCache");
|
||||
// permissionServiceSPI = (PermissionServiceSPI)
|
||||
// ctx.getBean("permissionService");
|
||||
|
||||
@@ -39,6 +39,8 @@ import org.alfresco.repo.node.NodeServicePolicies.OnUpdatePropertiesPolicy;
|
||||
import org.alfresco.repo.policy.JavaBehaviour;
|
||||
import org.alfresco.repo.policy.PolicyComponent;
|
||||
import org.alfresco.repo.tenant.TenantService;
|
||||
import org.alfresco.repo.transaction.AlfrescoTransactionSupport;
|
||||
import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback;
|
||||
import org.alfresco.service.cmr.repository.ChildAssociationRef;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.cmr.repository.NodeService;
|
||||
@@ -48,7 +50,10 @@ import org.alfresco.service.cmr.security.AuthorityService;
|
||||
import org.alfresco.service.namespace.NamespacePrefixResolver;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
import org.alfresco.service.namespace.RegexQNamePattern;
|
||||
import org.alfresco.service.transaction.TransactionService;
|
||||
import org.alfresco.util.EqualsHelper;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.dao.DataAccessException;
|
||||
|
||||
@@ -61,19 +66,24 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao, In
|
||||
{
|
||||
private static final StoreRef STOREREF_USERS = new StoreRef("user", "alfrescoUserStore");
|
||||
|
||||
private static final Log logger = LogFactory.getLog(RepositoryAuthenticationDao.class);
|
||||
|
||||
private AuthorityService authorityService;
|
||||
|
||||
private NodeService nodeService;
|
||||
private TenantService tenantService;
|
||||
private NamespacePrefixResolver namespacePrefixResolver;
|
||||
private PasswordEncoder passwordEncoder;
|
||||
private PolicyComponent policyComponent;
|
||||
|
||||
private TransactionService transactionService;
|
||||
|
||||
// note: caches are tenant-aware (if using EhCacheAdapter shared cache)
|
||||
|
||||
private SimpleCache<String, NodeRef> singletonCache; // eg. for user folder nodeRef
|
||||
private final String KEY_USERFOLDER_NODEREF = "key.userfolder.noderef";
|
||||
|
||||
private SimpleCache<String, NodeRef> authenticationCache;
|
||||
private SimpleCache<String, CacheEntry> authenticationCache;
|
||||
|
||||
public RepositoryAuthenticationDao()
|
||||
{
|
||||
@@ -115,11 +125,16 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao, In
|
||||
this.policyComponent = policyComponent;
|
||||
}
|
||||
|
||||
public void setAuthenticationCache(SimpleCache<String, NodeRef> authenticationCache)
|
||||
public void setAuthenticationCache(SimpleCache<String, CacheEntry> authenticationCache)
|
||||
{
|
||||
this.authenticationCache = authenticationCache;
|
||||
}
|
||||
|
||||
public void setTransactionService(TransactionService transactionService)
|
||||
{
|
||||
this.transactionService = transactionService;
|
||||
}
|
||||
|
||||
public void afterPropertiesSet() throws Exception
|
||||
{
|
||||
this.policyComponent.bindClassBehaviour(
|
||||
@@ -130,52 +145,94 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao, In
|
||||
BeforeDeleteNodePolicy.QNAME,
|
||||
ContentModel.TYPE_USER,
|
||||
new JavaBehaviour(this, "beforeDeleteNode"));
|
||||
this.policyComponent.bindClassBehaviour(
|
||||
OnUpdatePropertiesPolicy.QNAME,
|
||||
ContentModel.TYPE_USER,
|
||||
new JavaBehaviour(this, "onUpdateUserProperties"));
|
||||
}
|
||||
|
||||
@Override
|
||||
public UserDetails loadUserByUsername(String incomingUserName) throws UsernameNotFoundException, DataAccessException
|
||||
{
|
||||
NodeRef userRef = getUserOrNull(incomingUserName);
|
||||
if (userRef == null)
|
||||
CacheEntry userEntry = getUserEntryOrNull(incomingUserName);
|
||||
if (userEntry == null)
|
||||
{
|
||||
throw new UsernameNotFoundException("Could not find user by userName: " + incomingUserName);
|
||||
}
|
||||
|
||||
Map<QName, Serializable> properties = nodeService.getProperties(userRef);
|
||||
String password = DefaultTypeConverter.INSTANCE.convert(String.class, properties.get(ContentModel.PROP_PASSWORD));
|
||||
|
||||
// Report back the user name as stored on the user
|
||||
String userName = DefaultTypeConverter.INSTANCE.convert(String.class, properties.get(ContentModel.PROP_USER_USERNAME));
|
||||
|
||||
GrantedAuthority[] gas = new GrantedAuthority[1];
|
||||
gas[0] = new GrantedAuthorityImpl("ROLE_AUTHENTICATED");
|
||||
|
||||
UserDetails ud = new User(
|
||||
userName,
|
||||
password,
|
||||
getEnabled(userName, properties),
|
||||
!getHasExpired(userName, properties),
|
||||
!getCredentialsHaveExpired(userName, properties),
|
||||
!getLocked(userName, properties),
|
||||
gas);
|
||||
return ud;
|
||||
UserDetails userDetails = userEntry.userDetails;
|
||||
if (userEntry.credentialExpiryDate == null || userEntry.credentialExpiryDate.compareTo(new Date()) >= 0)
|
||||
{
|
||||
return userDetails;
|
||||
}
|
||||
// If the credentials have expired, we must return a copy with the flag set
|
||||
return new User(userDetails.getUsername(), userDetails.getPassword(), userDetails.isEnabled(),
|
||||
userDetails.isAccountNonExpired(), false,
|
||||
userDetails.isAccountNonLocked(), userDetails.getAuthorities());
|
||||
}
|
||||
|
||||
|
||||
public NodeRef getUserOrNull(String searchUserName)
|
||||
{
|
||||
CacheEntry userEntry = getUserEntryOrNull(searchUserName);
|
||||
return userEntry == null ? null: userEntry.nodeRef;
|
||||
}
|
||||
|
||||
private CacheEntry getUserEntryOrNull(final String searchUserName)
|
||||
{
|
||||
class SearchUserNameCallback implements RetryingTransactionCallback<CacheEntry>
|
||||
{
|
||||
@Override
|
||||
public CacheEntry execute() throws Throwable
|
||||
{
|
||||
List<ChildAssociationRef> results = nodeService.getChildAssocs(getUserFolderLocation(searchUserName),
|
||||
ContentModel.ASSOC_CHILDREN, QName.createQName(ContentModel.USER_MODEL_URI, searchUserName));
|
||||
if (!results.isEmpty())
|
||||
{
|
||||
NodeRef userRef = tenantService.getName(results.get(0).getChildRef());
|
||||
Map<QName, Serializable> properties = nodeService.getProperties(userRef);
|
||||
String password = DefaultTypeConverter.INSTANCE.convert(String.class,
|
||||
properties.get(ContentModel.PROP_PASSWORD));
|
||||
|
||||
// Report back the user name as stored on the user
|
||||
String userName = DefaultTypeConverter.INSTANCE.convert(String.class,
|
||||
properties.get(ContentModel.PROP_USER_USERNAME));
|
||||
|
||||
GrantedAuthority[] gas = new GrantedAuthority[1];
|
||||
gas[0] = new GrantedAuthorityImpl("ROLE_AUTHENTICATED");
|
||||
|
||||
return new CacheEntry(userRef, new User(userName, password, getEnabled(userName, properties),
|
||||
!getHasExpired(userName, properties), true, !getLocked(userName, properties), gas),
|
||||
getCredentialsExpiryDate(userName, properties));
|
||||
}
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
if (searchUserName == null || searchUserName.length() == 0)
|
||||
{
|
||||
return null;
|
||||
}
|
||||
|
||||
NodeRef result = authenticationCache.get(searchUserName);
|
||||
CacheEntry result = authenticationCache.get(searchUserName);
|
||||
if (result == null)
|
||||
{
|
||||
List<ChildAssociationRef> results = nodeService.getChildAssocs(getUserFolderLocation(searchUserName),
|
||||
ContentModel.ASSOC_CHILDREN, QName.createQName(ContentModel.USER_MODEL_URI, searchUserName));
|
||||
if (!results.isEmpty())
|
||||
if (AlfrescoTransactionSupport.getTransactionId() == null)
|
||||
{
|
||||
result = transactionService.getRetryingTransactionHelper().doInTransaction(new SearchUserNameCallback());
|
||||
}
|
||||
else
|
||||
{
|
||||
try
|
||||
{
|
||||
result = new SearchUserNameCallback().execute();
|
||||
}
|
||||
catch (Throwable e)
|
||||
{
|
||||
logger.error(e);
|
||||
}
|
||||
}
|
||||
if (result != null)
|
||||
{
|
||||
result = tenantService.getName(results.get(0).getChildRef());
|
||||
authenticationCache.put(searchUserName, result);
|
||||
}
|
||||
}
|
||||
@@ -475,19 +532,19 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao, In
|
||||
@Override
|
||||
public boolean getCredentialsHaveExpired(String userName)
|
||||
{
|
||||
return getCredentialsHaveExpired(userName, null);
|
||||
return !loadUserByUsername(userName).isCredentialsNonExpired();
|
||||
}
|
||||
|
||||
/**
|
||||
* @param userName the username (never <tt>null</tt>
|
||||
* @param properties the properties associated with the user or <tt>null</tt> to get them
|
||||
* @return <tt>true</tt> if the user account has expired
|
||||
* @return Date on which the credentials expire or <tt>null</tt> if they never expire
|
||||
*/
|
||||
private boolean getCredentialsHaveExpired(String userName, Map<QName, Serializable> properties)
|
||||
private Date getCredentialsExpiryDate(String userName, Map<QName, Serializable> properties)
|
||||
{
|
||||
if (authorityService.isAdminAuthority(userName))
|
||||
{
|
||||
return false; // Admin never expires
|
||||
return null; // Admin never expires
|
||||
}
|
||||
if (properties == null)
|
||||
{
|
||||
@@ -495,23 +552,15 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao, In
|
||||
}
|
||||
if (properties == null)
|
||||
{
|
||||
return false;
|
||||
return null;
|
||||
}
|
||||
if (DefaultTypeConverter.INSTANCE.booleanValue(properties.get(ContentModel.PROP_CREDENTIALS_EXPIRE)))
|
||||
{
|
||||
Date date = DefaultTypeConverter.INSTANCE.convert(Date.class, properties.get(ContentModel.PROP_CREDENTIALS_EXPIRY_DATE));
|
||||
if (date == null)
|
||||
{
|
||||
return false;
|
||||
return DefaultTypeConverter.INSTANCE.convert(Date.class, properties.get(ContentModel.PROP_CREDENTIALS_EXPIRY_DATE));
|
||||
}
|
||||
else
|
||||
{
|
||||
return (date.compareTo(new Date()) < 1);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
return false;
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -641,7 +690,7 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao, In
|
||||
@Override
|
||||
public void onUpdateProperties(NodeRef nodeRef, Map<QName, Serializable> before, Map<QName, Serializable> after)
|
||||
{
|
||||
String uidBefore = DefaultTypeConverter.INSTANCE.convert(String.class, before.get(ContentModel.PROP_USERNAME));
|
||||
String uidBefore = DefaultTypeConverter.INSTANCE.convert(String.class, before.get(ContentModel.PROP_USERNAME));
|
||||
String uidAfter = DefaultTypeConverter.INSTANCE.convert(String.class, after.get(ContentModel.PROP_USERNAME));
|
||||
if (uidBefore != null && !EqualsHelper.nullSafeEquals(uidBefore, uidAfter))
|
||||
{
|
||||
@@ -654,6 +703,13 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao, In
|
||||
authenticationCache.remove(uidBefore);
|
||||
}
|
||||
}
|
||||
authenticationCache.remove(uidAfter);
|
||||
}
|
||||
|
||||
public void onUpdateUserProperties(NodeRef nodeRef, Map<QName, Serializable> before, Map<QName, Serializable> after)
|
||||
{
|
||||
String uidBefore = DefaultTypeConverter.INSTANCE.convert(String.class, before.get(ContentModel.PROP_USER_USERNAME));
|
||||
authenticationCache.remove(uidBefore);
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -665,4 +721,18 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao, In
|
||||
authenticationCache.remove(userName);
|
||||
}
|
||||
}
|
||||
|
||||
static class CacheEntry
|
||||
{
|
||||
public NodeRef nodeRef;
|
||||
public UserDetails userDetails;
|
||||
public Date credentialExpiryDate;
|
||||
|
||||
public CacheEntry(NodeRef nodeRef, UserDetails userDetails, Date credentialExpiryDate)
|
||||
{
|
||||
this.nodeRef = nodeRef;
|
||||
this.userDetails = userDetails;
|
||||
this.credentialExpiryDate = credentialExpiryDate;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user