MT - fix AR-2036

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@8124 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261

config/alfresco/patch/patch-services-context.xml

@@ -69,6 +69,12 @@
         <property name="authenticationComponent">
             <ref bean="authenticationComponent" />
         </property>
+        <property name="tenantService">
+            <ref bean="tenantService" />
+        </property>
+        <property name="tenantDeployerService">
+            <ref bean="tenantAdminService" />
+        </property>
     </bean>
     
     <!-- Example patches -->

source/java/org/alfresco/repo/admin/patch/AbstractPatch.java

@@ -33,6 +33,10 @@ import org.alfresco.error.AlfrescoRuntimeException;
 import org.alfresco.repo.node.integrity.IntegrityChecker;
 import org.alfresco.repo.security.authentication.AuthenticationComponent;
 import org.alfresco.repo.security.authentication.AuthenticationUtil;
+import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
+import org.alfresco.repo.tenant.Tenant;
+import org.alfresco.repo.tenant.TenantDeployerService;
+import org.alfresco.repo.tenant.TenantService;
 import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback;
 import org.alfresco.service.cmr.admin.PatchException;
 import org.alfresco.service.cmr.repository.NodeService;
@@ -70,6 +74,7 @@ public abstract class AbstractPatch implements Patch
     private List<Patch> dependsOn;
     /** flag indicating if the patch was successfully applied */
     private boolean applied;
+    private boolean applyToTenants = true; // by default, apply to each tenant, if tenant service is enabled
     /** the service to register ourselves with */
     private PatchService patchService;
     /** used to ensure a unique transaction per execution */
@@ -82,6 +87,11 @@ public abstract class AbstractPatch implements Patch
     protected SearchService searchService;
     /** support service */
     protected AuthenticationComponent authenticationComponent;
+    /** support service */
+    protected TenantService tenantService;
+    /** support service */
+    protected TenantDeployerService tenantDeployerService;
+    
 
     public AbstractPatch()
     {
@@ -154,6 +164,16 @@ public abstract class AbstractPatch implements Patch
         this.authenticationComponent = authenticationComponent;
     }
     
+    public void setTenantService(TenantService tenantService)
+    {
+        this.tenantService = tenantService;
+    }
+    
+    public void setTenantDeployerService(TenantDeployerService tenantDeployerService)
+    {
+        this.tenantDeployerService = tenantDeployerService;
+    }
+
     /**
      * This ensures that this bean gets registered with the appropriate {@link PatchService service}. 
      */
@@ -294,6 +314,11 @@ public abstract class AbstractPatch implements Patch
         }
     }
     
+    public void setApplyToTenants(boolean applyToTenants)
+    {
+        this.applyToTenants = applyToTenants;
+    }
+
     /**
      * Check that the schema version properties have been set appropriately.
      * Derived classes can override this method to perform their own validation provided
@@ -354,6 +379,28 @@ public abstract class AbstractPatch implements Patch
                             IntegrityChecker.setWarnInTransaction();
 
                             String report = applyInternal();
+                            
+                        	if ((tenantService != null) && (tenantDeployerService != null) &&
+                        		tenantService.isEnabled() && applyToTenants)
+                            {
+                            	List<Tenant> tenants = tenantDeployerService.getAllTenants();	                            	
+                                for (Tenant tenant : tenants)
+                                {          
+                                	String tenantDomain = tenant.getTenantDomain();
+                                	String tenantReport = AuthenticationUtil.runAs(new RunAsWork<String>()
+                                    {
+                                		public String doWork() throws Exception
+                                        {
+                                			return applyInternal();
+                                        }
+                                    }, tenantService.getDomainUser(AuthenticationUtil.getSystemUserName(), tenantDomain));
+                                	
+                                	report = report + "\n" + tenantReport + " (for tenant: " + tenantDomain + ")";
+                                }
+                                
+                                return report;
+                            }
+
 	                        // done
 	                        return report;
                         }

source/java/org/alfresco/repo/security/authentication/AbstractAuthenticationComponent.java

@@ -190,7 +190,8 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
     }
 
     /**
-     * Set the system user as the current user.
+     * Set the system user as the current user
+     * note: for MT, will set to default domain only
      * 
      * @return Authentication
      */
@@ -201,6 +202,7 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
 
     /**
      * Get the name of the system user
+     * note: for MT, will get system for default domain only
      * 
      * @return String
      */
@@ -209,9 +211,21 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
         return AuthenticationUtil.SYSTEM_USER_NAME;
     }
     
+    /**
+     * Is this the system user ?
+     *
+     * @return boolean
+	 */
+    public boolean isSystemUserName(String userName)
+    {
+    	return ((userName != null) && tenantService.getBaseNameUser(userName).equals(getSystemUserName()));
+    }
+
     /**
      * Get the name of the Guest User
      * note: for MT, will get guest for default domain only
+     * 
+     * @return String
      */
     public String getGuestUserName()
     {

source/java/org/alfresco/repo/security/authentication/AuthenticationComponent.java

@@ -96,6 +96,10 @@ public interface AuthenticationComponent
      */
     public String getSystemUserName();
     
+    /**
+     * True if this is the System user ?
+     */
+    public boolean isSystemUserName(String userName);
     
     /**
      * Get the name of the guest user

source/java/org/alfresco/repo/security/authentication/AuthenticationServiceImpl.java

@@ -174,12 +174,7 @@ public class AuthenticationServiceImpl implements AuthenticationService
 
     public boolean isCurrentUserTheSystemUser()
     {
-        String userName = getCurrentUserName();
+        return authenticationComponent.isSystemUserName(getCurrentUserName());
-        if ((userName != null) && userName.equals(authenticationComponent.getSystemUserName()))
-        {
-            return true;
-        }
-        return false;
     }
 
     public void authenticateAsGuest() throws AuthenticationException

source/java/org/alfresco/repo/security/authentication/ChainingAuthenticationComponentImpl.java

@@ -306,7 +306,22 @@ public class ChainingAuthenticationComponentImpl implements AuthenticationCompon
     }
     
     /**
-     * If any implementation supoprts guest then huest is allowed
+     * If any implementation supports System then System is allowed
+     */
+    public boolean isSystemUserName(String userName)
+    {
+        for (AuthenticationComponent authComponent : getUsableAuthenticationComponents())
+        {
+            if (authComponent.isSystemUserName(userName))
+            {
+                return true;
+            }
+        }
+        return false; 	
+    }
+
+    /**
+     * If any implementation supports guest then guest is allowed
      */
     public boolean guestUserAuthenticationAllowed()
     {