mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-07-24 17:32:48 +00:00
MT - fix AR-2036
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@8124 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Jan Vonka
@@ -68,6 +68,12 @@
|
|||||||
</property>
|
</property>
|
||||||
<property name="authenticationComponent">
|
<property name="authenticationComponent">
|
||||||
<ref bean="authenticationComponent" />
|
<ref bean="authenticationComponent" />
|
||||||
|
</property>
|
||||||
|
<property name="tenantService">
|
||||||
|
<ref bean="tenantService" />
|
||||||
|
</property>
|
||||||
|
<property name="tenantDeployerService">
|
||||||
|
<ref bean="tenantAdminService" />
|
||||||
</property>
|
</property>
|
||||||
</bean>
|
</bean>
|
||||||
|
|
||||||
|
|||||||
@@ -33,6 +33,10 @@ import org.alfresco.error.AlfrescoRuntimeException;
|
|||||||
import org.alfresco.repo.node.integrity.IntegrityChecker;
|
import org.alfresco.repo.node.integrity.IntegrityChecker;
|
||||||
import org.alfresco.repo.security.authentication.AuthenticationComponent;
|
import org.alfresco.repo.security.authentication.AuthenticationComponent;
|
||||||
import org.alfresco.repo.security.authentication.AuthenticationUtil;
|
import org.alfresco.repo.security.authentication.AuthenticationUtil;
|
||||||
|
import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
|
||||||
|
import org.alfresco.repo.tenant.Tenant;
|
||||||
|
import org.alfresco.repo.tenant.TenantDeployerService;
|
||||||
|
import org.alfresco.repo.tenant.TenantService;
|
||||||
import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback;
|
import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback;
|
||||||
import org.alfresco.service.cmr.admin.PatchException;
|
import org.alfresco.service.cmr.admin.PatchException;
|
||||||
import org.alfresco.service.cmr.repository.NodeService;
|
import org.alfresco.service.cmr.repository.NodeService;
|
||||||
@@ -70,6 +74,7 @@ public abstract class AbstractPatch implements Patch
|
|||||||
private List<Patch> dependsOn;
|
private List<Patch> dependsOn;
|
||||||
/** flag indicating if the patch was successfully applied */
|
/** flag indicating if the patch was successfully applied */
|
||||||
private boolean applied;
|
private boolean applied;
|
||||||
|
private boolean applyToTenants = true; // by default, apply to each tenant, if tenant service is enabled
|
||||||
/** the service to register ourselves with */
|
/** the service to register ourselves with */
|
||||||
private PatchService patchService;
|
private PatchService patchService;
|
||||||
/** used to ensure a unique transaction per execution */
|
/** used to ensure a unique transaction per execution */
|
||||||
@@ -82,6 +87,11 @@ public abstract class AbstractPatch implements Patch
|
|||||||
protected SearchService searchService;
|
protected SearchService searchService;
|
||||||
/** support service */
|
/** support service */
|
||||||
protected AuthenticationComponent authenticationComponent;
|
protected AuthenticationComponent authenticationComponent;
|
||||||
|
/** support service */
|
||||||
|
protected TenantService tenantService;
|
||||||
|
/** support service */
|
||||||
|
protected TenantDeployerService tenantDeployerService;
|
||||||
|
|
||||||
|
|
||||||
public AbstractPatch()
|
public AbstractPatch()
|
||||||
{
|
{
|
||||||
@@ -153,6 +163,16 @@ public abstract class AbstractPatch implements Patch
|
|||||||
{
|
{
|
||||||
this.authenticationComponent = authenticationComponent;
|
this.authenticationComponent = authenticationComponent;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public void setTenantService(TenantService tenantService)
|
||||||
|
{
|
||||||
|
this.tenantService = tenantService;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setTenantDeployerService(TenantDeployerService tenantDeployerService)
|
||||||
|
{
|
||||||
|
this.tenantDeployerService = tenantDeployerService;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* This ensures that this bean gets registered with the appropriate {@link PatchService service}.
|
* This ensures that this bean gets registered with the appropriate {@link PatchService service}.
|
||||||
@@ -293,6 +313,11 @@ public abstract class AbstractPatch implements Patch
|
|||||||
throw new PatchException(ERR_PROPERTY_NOT_SET, name, this);
|
throw new PatchException(ERR_PROPERTY_NOT_SET, name, this);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public void setApplyToTenants(boolean applyToTenants)
|
||||||
|
{
|
||||||
|
this.applyToTenants = applyToTenants;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check that the schema version properties have been set appropriately.
|
* Check that the schema version properties have been set appropriately.
|
||||||
@@ -354,8 +379,30 @@ public abstract class AbstractPatch implements Patch
|
|||||||
IntegrityChecker.setWarnInTransaction();
|
IntegrityChecker.setWarnInTransaction();
|
||||||
|
|
||||||
String report = applyInternal();
|
String report = applyInternal();
|
||||||
// done
|
|
||||||
return report;
|
if ((tenantService != null) && (tenantDeployerService != null) &&
|
||||||
|
tenantService.isEnabled() && applyToTenants)
|
||||||
|
{
|
||||||
|
List<Tenant> tenants = tenantDeployerService.getAllTenants();
|
||||||
|
for (Tenant tenant : tenants)
|
||||||
|
{
|
||||||
|
String tenantDomain = tenant.getTenantDomain();
|
||||||
|
String tenantReport = AuthenticationUtil.runAs(new RunAsWork<String>()
|
||||||
|
{
|
||||||
|
public String doWork() throws Exception
|
||||||
|
{
|
||||||
|
return applyInternal();
|
||||||
|
}
|
||||||
|
}, tenantService.getDomainUser(AuthenticationUtil.getSystemUserName(), tenantDomain));
|
||||||
|
|
||||||
|
report = report + "\n" + tenantReport + " (for tenant: " + tenantDomain + ")";
|
||||||
|
}
|
||||||
|
|
||||||
|
return report;
|
||||||
|
}
|
||||||
|
|
||||||
|
// done
|
||||||
|
return report;
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
return transactionService.getRetryingTransactionHelper().doInTransaction(patchWork);
|
return transactionService.getRetryingTransactionHelper().doInTransaction(patchWork);
|
||||||
|
|||||||
@@ -190,7 +190,8 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set the system user as the current user.
|
* Set the system user as the current user
|
||||||
|
* note: for MT, will set to default domain only
|
||||||
*
|
*
|
||||||
* @return Authentication
|
* @return Authentication
|
||||||
*/
|
*/
|
||||||
@@ -201,6 +202,7 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the name of the system user
|
* Get the name of the system user
|
||||||
|
* note: for MT, will get system for default domain only
|
||||||
*
|
*
|
||||||
* @return String
|
* @return String
|
||||||
*/
|
*/
|
||||||
@@ -208,10 +210,22 @@ public abstract class AbstractAuthenticationComponent implements AuthenticationC
|
|||||||
{
|
{
|
||||||
return AuthenticationUtil.SYSTEM_USER_NAME;
|
return AuthenticationUtil.SYSTEM_USER_NAME;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Is this the system user ?
|
||||||
|
*
|
||||||
|
* @return boolean
|
||||||
|
*/
|
||||||
|
public boolean isSystemUserName(String userName)
|
||||||
|
{
|
||||||
|
return ((userName != null) && tenantService.getBaseNameUser(userName).equals(getSystemUserName()));
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the name of the Guest User
|
* Get the name of the Guest User
|
||||||
* note: for MT, will get guest for default domain only
|
* note: for MT, will get guest for default domain only
|
||||||
|
*
|
||||||
|
* @return String
|
||||||
*/
|
*/
|
||||||
public String getGuestUserName()
|
public String getGuestUserName()
|
||||||
{
|
{
|
||||||
|
|||||||
@@ -96,6 +96,10 @@ public interface AuthenticationComponent
|
|||||||
*/
|
*/
|
||||||
public String getSystemUserName();
|
public String getSystemUserName();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* True if this is the System user ?
|
||||||
|
*/
|
||||||
|
public boolean isSystemUserName(String userName);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the name of the guest user
|
* Get the name of the guest user
|
||||||
|
|||||||
@@ -174,12 +174,7 @@ public class AuthenticationServiceImpl implements AuthenticationService
|
|||||||
|
|
||||||
public boolean isCurrentUserTheSystemUser()
|
public boolean isCurrentUserTheSystemUser()
|
||||||
{
|
{
|
||||||
String userName = getCurrentUserName();
|
return authenticationComponent.isSystemUserName(getCurrentUserName());
|
||||||
if ((userName != null) && userName.equals(authenticationComponent.getSystemUserName()))
|
|
||||||
{
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
return false;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public void authenticateAsGuest() throws AuthenticationException
|
public void authenticateAsGuest() throws AuthenticationException
|
||||||
|
|||||||
@@ -304,9 +304,24 @@ public class ChainingAuthenticationComponentImpl implements AuthenticationCompon
|
|||||||
{
|
{
|
||||||
return AuthenticationUtil.SYSTEM_USER_NAME;
|
return AuthenticationUtil.SYSTEM_USER_NAME;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* If any implementation supports System then System is allowed
|
||||||
|
*/
|
||||||
|
public boolean isSystemUserName(String userName)
|
||||||
|
{
|
||||||
|
for (AuthenticationComponent authComponent : getUsableAuthenticationComponents())
|
||||||
|
{
|
||||||
|
if (authComponent.isSystemUserName(userName))
|
||||||
|
{
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* If any implementation supoprts guest then huest is allowed
|
* If any implementation supports guest then guest is allowed
|
||||||
*/
|
*/
|
||||||
public boolean guestUserAuthenticationAllowed()
|
public boolean guestUserAuthenticationAllowed()
|
||||||
{
|
{
|
||||||
|
|||||||
Reference in New Issue
Block a user