From e1abbcc7a488eea7830501c7a4094acf4abcba8c Mon Sep 17 00:00:00 2001 From: Jan Vonka Date: Wed, 30 Jan 2008 14:16:50 +0000 Subject: [PATCH] MT - fix AR-2036 git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@8124 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261 --- .../alfresco/patch/patch-services-context.xml | 6 +++ .../repo/admin/patch/AbstractPatch.java | 51 ++++++++++++++++++- .../AbstractAuthenticationComponent.java | 16 +++++- .../AuthenticationComponent.java | 4 ++ .../AuthenticationServiceImpl.java | 7 +-- .../ChainingAuthenticationComponentImpl.java | 17 ++++++- 6 files changed, 91 insertions(+), 10 deletions(-) diff --git a/config/alfresco/patch/patch-services-context.xml b/config/alfresco/patch/patch-services-context.xml index 0cacefe7e2..3e4baf2d79 100644 --- a/config/alfresco/patch/patch-services-context.xml +++ b/config/alfresco/patch/patch-services-context.xml @@ -68,6 +68,12 @@ + + + + + + diff --git a/source/java/org/alfresco/repo/admin/patch/AbstractPatch.java b/source/java/org/alfresco/repo/admin/patch/AbstractPatch.java index 1ba4553c96..617be5caae 100644 --- a/source/java/org/alfresco/repo/admin/patch/AbstractPatch.java +++ b/source/java/org/alfresco/repo/admin/patch/AbstractPatch.java @@ -33,6 +33,10 @@ import org.alfresco.error.AlfrescoRuntimeException; import org.alfresco.repo.node.integrity.IntegrityChecker; import org.alfresco.repo.security.authentication.AuthenticationComponent; import org.alfresco.repo.security.authentication.AuthenticationUtil; +import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork; +import org.alfresco.repo.tenant.Tenant; +import org.alfresco.repo.tenant.TenantDeployerService; +import org.alfresco.repo.tenant.TenantService; import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback; import org.alfresco.service.cmr.admin.PatchException; import org.alfresco.service.cmr.repository.NodeService; @@ -70,6 +74,7 @@ public abstract class AbstractPatch implements Patch private List dependsOn; /** flag indicating if the patch was successfully applied */ private boolean applied; + private boolean applyToTenants = true; // by default, apply to each tenant, if tenant service is enabled /** the service to register ourselves with */ private PatchService patchService; /** used to ensure a unique transaction per execution */ @@ -82,6 +87,11 @@ public abstract class AbstractPatch implements Patch protected SearchService searchService; /** support service */ protected AuthenticationComponent authenticationComponent; + /** support service */ + protected TenantService tenantService; + /** support service */ + protected TenantDeployerService tenantDeployerService; + public AbstractPatch() { @@ -153,6 +163,16 @@ public abstract class AbstractPatch implements Patch { this.authenticationComponent = authenticationComponent; } + + public void setTenantService(TenantService tenantService) + { + this.tenantService = tenantService; + } + + public void setTenantDeployerService(TenantDeployerService tenantDeployerService) + { + this.tenantDeployerService = tenantDeployerService; + } /** * This ensures that this bean gets registered with the appropriate {@link PatchService service}. @@ -293,6 +313,11 @@ public abstract class AbstractPatch implements Patch throw new PatchException(ERR_PROPERTY_NOT_SET, name, this); } } + + public void setApplyToTenants(boolean applyToTenants) + { + this.applyToTenants = applyToTenants; + } /** * Check that the schema version properties have been set appropriately. @@ -354,8 +379,30 @@ public abstract class AbstractPatch implements Patch IntegrityChecker.setWarnInTransaction(); String report = applyInternal(); - // done - return report; + + if ((tenantService != null) && (tenantDeployerService != null) && + tenantService.isEnabled() && applyToTenants) + { + List tenants = tenantDeployerService.getAllTenants(); + for (Tenant tenant : tenants) + { + String tenantDomain = tenant.getTenantDomain(); + String tenantReport = AuthenticationUtil.runAs(new RunAsWork() + { + public String doWork() throws Exception + { + return applyInternal(); + } + }, tenantService.getDomainUser(AuthenticationUtil.getSystemUserName(), tenantDomain)); + + report = report + "\n" + tenantReport + " (for tenant: " + tenantDomain + ")"; + } + + return report; + } + + // done + return report; } }; return transactionService.getRetryingTransactionHelper().doInTransaction(patchWork); diff --git a/source/java/org/alfresco/repo/security/authentication/AbstractAuthenticationComponent.java b/source/java/org/alfresco/repo/security/authentication/AbstractAuthenticationComponent.java index 7fa9e46fb6..e9a6df7a2e 100644 --- a/source/java/org/alfresco/repo/security/authentication/AbstractAuthenticationComponent.java +++ b/source/java/org/alfresco/repo/security/authentication/AbstractAuthenticationComponent.java @@ -190,7 +190,8 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC } /** - * Set the system user as the current user. + * Set the system user as the current user + * note: for MT, will set to default domain only * * @return Authentication */ @@ -201,6 +202,7 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC /** * Get the name of the system user + * note: for MT, will get system for default domain only * * @return String */ @@ -208,10 +210,22 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC { return AuthenticationUtil.SYSTEM_USER_NAME; } + + /** + * Is this the system user ? + * + * @return boolean + */ + public boolean isSystemUserName(String userName) + { + return ((userName != null) && tenantService.getBaseNameUser(userName).equals(getSystemUserName())); + } /** * Get the name of the Guest User * note: for MT, will get guest for default domain only + * + * @return String */ public String getGuestUserName() { diff --git a/source/java/org/alfresco/repo/security/authentication/AuthenticationComponent.java b/source/java/org/alfresco/repo/security/authentication/AuthenticationComponent.java index b883ed4412..ebb9205f36 100644 --- a/source/java/org/alfresco/repo/security/authentication/AuthenticationComponent.java +++ b/source/java/org/alfresco/repo/security/authentication/AuthenticationComponent.java @@ -96,6 +96,10 @@ public interface AuthenticationComponent */ public String getSystemUserName(); + /** + * True if this is the System user ? + */ + public boolean isSystemUserName(String userName); /** * Get the name of the guest user diff --git a/source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java b/source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java index 425b73e63f..308c86f5cf 100644 --- a/source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java +++ b/source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java @@ -174,12 +174,7 @@ public class AuthenticationServiceImpl implements AuthenticationService public boolean isCurrentUserTheSystemUser() { - String userName = getCurrentUserName(); - if ((userName != null) && userName.equals(authenticationComponent.getSystemUserName())) - { - return true; - } - return false; + return authenticationComponent.isSystemUserName(getCurrentUserName()); } public void authenticateAsGuest() throws AuthenticationException diff --git a/source/java/org/alfresco/repo/security/authentication/ChainingAuthenticationComponentImpl.java b/source/java/org/alfresco/repo/security/authentication/ChainingAuthenticationComponentImpl.java index 74cf50fdce..3a06bf4e4b 100644 --- a/source/java/org/alfresco/repo/security/authentication/ChainingAuthenticationComponentImpl.java +++ b/source/java/org/alfresco/repo/security/authentication/ChainingAuthenticationComponentImpl.java @@ -304,9 +304,24 @@ public class ChainingAuthenticationComponentImpl implements AuthenticationCompon { return AuthenticationUtil.SYSTEM_USER_NAME; } + + /** + * If any implementation supports System then System is allowed + */ + public boolean isSystemUserName(String userName) + { + for (AuthenticationComponent authComponent : getUsableAuthenticationComponents()) + { + if (authComponent.isSystemUserName(userName)) + { + return true; + } + } + return false; + } /** - * If any implementation supoprts guest then huest is allowed + * If any implementation supports guest then guest is allowed */ public boolean guestUserAuthenticationAllowed() {