inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged HEAD-QA to HEAD (4.2) (including moving test classes into separate folders)

Browse Source 
51903 to 54309 


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@54310 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Samuel Langlois
2013-08-20 17:17:31 +00:00
parent 5a8f6ee635
commit e60d57ea42
70 changed files with 7094 additions and 1988 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
source/java/org/alfresco/web/app/Application.java
View File

@@ -391,25 +391,8 @@ public class Application
{
session.invalidate();
}
// remove the username cookie value
Cookie authCookie = AuthenticationHelper.getAuthCookie(request);
if (authCookie != null)
{
HttpServletResponse response = (HttpServletResponse) context.getExternalContext().getResponse();
if (response.isCommitted())
{
// It's too late to do it now, but we can ask the login page to do it
request.getSession().setAttribute(AuthenticationHelper.SESSION_INVALIDATED, true);
}
else
{
authCookie.setMaxAge(0);
response.addCookie(authCookie);
}
}
}
// Explicitly invalidate the Alfresco ticket. This no longer happens on session expiry to allow for ticket
// 'sharing'
WebApplicationContext wc = FacesContextUtils.getRequiredWebApplicationContext(context);

52
source/java/org/alfresco/web/app/ContextListener.java
View File

@@ -53,8 +53,6 @@ public class ContextListener implements ServletContextListener, HttpSessionListe
private static Log logger = LogFactory.getLog(ContextListener.class);
private ServletContext servletContext;
private ServletContextListener enterpriseListener;
private String enterpriseListenerClass = "org.alfresco.enterprise.repo.EnterpriseContextListener";
/**
* @see javax.servlet.ServletContextListener#contextInitialized(javax.servlet.ServletContextEvent)
@@ -124,51 +122,15 @@ public class ContextListener implements ServletContextListener, HttpSessionListe
}
catch (Exception ex) {}
}
synchronized(this)
{
findEnterpriseListener();
if (enterpriseListener != null)
{
// Perform any extra context initialisation required for enterprise.
enterpriseListener.contextInitialized(event);
}
}
}
protected void findEnterpriseListener()
{
try
{
Class<?> c = Class.forName(enterpriseListenerClass);
enterpriseListener = (ServletContextListener) c.newInstance();
}
catch (ClassNotFoundException e)
{
// It's OK not to have the enterprise context destroyer available.
}
catch (InstantiationException e)
{
logger.error("Failed to instantiate enterprise ServletContextListener.", e);
}
catch (IllegalAccessException e)
{
logger.error("Failed to instantiate enterprise ServletContextListener.", e);
}
}
/**
* {@inheritDoc}
*/
public void contextDestroyed(ServletContextEvent event)
{
synchronized(this)
{
if (enterpriseListener != null)
{
// Perform any extra destruction required for enterprise.
enterpriseListener.contextDestroyed(event);
}
}
// NOOP
}
/**
@@ -188,16 +150,4 @@ public class ContextListener implements ServletContextListener, HttpSessionListe
if (logger.isDebugEnabled())
logger.debug("HTTP session destroyed: " + event.getSession().getId());
}
/**
* Inject a different class name (from the default) for the enterprise ServletContextListener.
* <p>
* Useful for testing.
*
* @param listenerClass Class name to use.
*/
protected void setEnterpriseListenerClass(String listenerClass)
{
this.enterpriseListenerClass = listenerClass;
}
}

81
source/java/org/alfresco/web/app/ContextListenerTest.java
View File

@@ -1,81 +0,0 @@
/*
* Copyright (C) 2005-2012 Alfresco Software Limited.
*
* This file is part of Alfresco
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
*/
package org.alfresco.web.app;
import static org.junit.Assert.*;
import javax.servlet.ServletContextEvent;
import javax.servlet.ServletContextListener;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.mockito.runners.MockitoJUnitRunner;
/**
* Tests for the ContextListener class.
*
* @author Matt Ward
*/
@RunWith(MockitoJUnitRunner.class)
public class ContextListenerTest
{
private ContextListener contextListener;
private @Mock ServletContextEvent event;
@Before
public void setUp() throws Exception
{
contextListener = new ContextListener();
contextListener.setEnterpriseListenerClass("org.alfresco.web.app.ContextListenerTest$StubEnterpriseListener");
StubEnterpriseListener.enterpriseDestroyed = false;
}
@Test
public void testContextDestroyed()
{
contextListener.findEnterpriseListener();
contextListener.contextDestroyed(event);
assertTrue("Enterprise contextDestroyed() not executed.", StubEnterpriseListener.enterpriseDestroyed);
}
/**
* ServletContextListener to simulate an enterprise-specific context listener.
*/
protected static class StubEnterpriseListener implements ServletContextListener
{
static boolean enterpriseDestroyed;
@Override
public void contextDestroyed(ServletContextEvent arg0)
{
enterpriseDestroyed = true;
}
@Override
public void contextInitialized(ServletContextEvent arg0)
{
// Noop
}
}
}

116
source/java/org/alfresco/web/app/ResourceBundleWrapperTest.java
View File

@@ -1,116 +0,0 @@
/*
* Copyright (C) 2005-2010 Alfresco Software Limited.
*
* This file is part of Alfresco
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
*/
package org.alfresco.web.app;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
import java.util.Locale;
import java.util.ResourceBundle;
import junit.framework.TestCase;
/**
* Unit test for resource bundle wrapper
*
* @author Roy Wetherall
*/
public class ResourceBundleWrapperTest extends TestCase
{
private static final String BUNDLE_NAME = "org.alfresco.web.app.resourceBundleWrapperTest";
private static final String KEY_1 = "test_key_one";
private static final String KEY_2 = "test_key_two";
private static final String MSG_1 = "Test Key One";
private static final String MSG_2 = "Test Key Two";
/**
* Test adding the bundles
*/
public void test1AddingBundles()
{
// Check that the string's are not added to the bundle
ResourceBundle before = ResourceBundleWrapper.getResourceBundle("alfresco.messages.webclient", Locale.US);
Enumeration<String> keys = before.getKeys();
assertFalse(containsValue(keys, KEY_1));
assertFalse(containsValue(keys, KEY_2));
try
{
before.getString(KEY_1);
fail("Not expecting the key to be there");
}
catch (Throwable exception){};
try
{
before.getString(KEY_2);
fail("Not expecting the key to be there");
}
catch (Throwable exception){};
// Add an additional resource bundle
ResourceBundleWrapper.addResourceBundle(BUNDLE_NAME);
// Check that the string's are now added to the bundle
ResourceBundle after = ResourceBundleWrapper.getResourceBundle("alfresco.messages.webclient", Locale.US);
Enumeration<String> keys2 = after.getKeys();
assertTrue(containsValue(keys2, KEY_1));
assertEquals(after.getString(KEY_1), MSG_1);
assertEquals(after.getString(KEY_2), MSG_2);
}
/**
* Test the bootstrap bean
*/
public void test2Bootstrap()
{
// Use the bootstrap bean to add the bundles
List<String> bundles = new ArrayList<String>(1);
bundles.add(BUNDLE_NAME);
ResourceBundleBootstrap bootstrap = new ResourceBundleBootstrap();
bootstrap.setResourceBundles(bundles);
// Check that the string's are now added to the bundle
ResourceBundle after = ResourceBundleWrapper.getResourceBundle("alfresco.messages.webclient", Locale.US);
Enumeration<String> keys2 = after.getKeys();
assertTrue(containsValue(keys2, KEY_1));
assertTrue(containsValue(keys2, KEY_2));
assertEquals(after.getString(KEY_1), MSG_1);
assertEquals(after.getString(KEY_2), MSG_2);
}
/**
* Check whether the list contains the values
*
* @param values list of values to check
* @param value value to look for
* @return boolean true if value contained, false otherwise
*/
private boolean containsValue(Enumeration<String> values, String value)
{
boolean result = false;
while (values.hasMoreElements() == true)
{
if (values.nextElement().equals(value) == true)
{
result = true;
break;
}
}
return result;
}
}

3
source/java/org/alfresco/web/app/resourceBundleWrapperTest.properties
View File

@@ -1,3 +0,0 @@
test_key_one=Test Key One
test_key_two=Test Key Two
test_key_three=Test Key Three

2
source/java/org/alfresco/web/app/servlet/AuthenticationFilter.java
View File

@@ -29,6 +29,7 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.extensions.config.ConfigService;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.repo.web.filter.beans.DependencyInjectedFilter;
import org.springframework.extensions.surf.util.AbstractLifecycleBean;
import org.alfresco.web.config.ClientConfigElement;
@@ -114,6 +115,7 @@ public class AuthenticationFilter extends AbstractLifecycleBean implements Depen
{
// continue filter chaining
chain.doFilter(req, res);
AuthenticationUtil.clearCurrentSecurityContext();
}
}
}

6
source/java/org/alfresco/web/app/servlet/AuthenticationHelper.java
View File

@@ -39,10 +39,10 @@ import org.alfresco.repo.security.permissions.AccessDeniedException;
import org.alfresco.repo.transaction.RetryingTransactionHelper;
import org.alfresco.repo.webdav.auth.RemoteUserMapper;
import org.alfresco.service.ServiceRegistry;
import org.alfresco.service.cmr.repository.InvalidNodeRefException;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.security.AuthenticationService;
import org.alfresco.service.cmr.security.AuthorityService;
import org.alfresco.service.cmr.security.PersonService;
import org.alfresco.web.app.Application;
import org.alfresco.web.app.portlet.AlfrescoFacesPortlet;
@@ -85,6 +85,7 @@ public final class AuthenticationHelper
private static final String REMOTE_USER_MAPPER = "RemoteUserMapper";
private static final String UNPROTECTED_AUTH_SERVICE = "authenticationService";
private static final String PERSON_SERVICE = "personService";
private static final String AUTHORITY_SERVICE = "AuthorityService";
/** cookie names */
private static final String COOKIE_ALFUSER = "alfUser0";
@@ -604,8 +605,9 @@ public final class AuthenticationHelper
// If the remote user mapper is configured, we may be able to map in an externally authenticated user
if (userId != null)
{
AuthorityService authorityService = (AuthorityService) wc.getBean(AUTHORITY_SERVICE);
// We have a previously-cached user with the wrong identity - replace them
if (user != null && !user.getUserName().equals(userId))
if (user != null && !authorityService.isGuestAuthority(user.getUserName()) && !user.getUserName().equals(userId))
{
if (logger.isDebugEnabled())
logger.debug("We have a previously-cached user with the wrong identity - replace them");

56
source/java/org/alfresco/web/app/servlet/CmisSecurityContextCleanerFilter.java Normal file
View File

@@ -0,0 +1,56 @@
/*
* Copyright (C) 2005-2013 Alfresco Software Limited.
*
* This file is part of Alfresco
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
*/
package org.alfresco.web.app.servlet;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import net.sf.acegisecurity.context.ContextHolder;
/**
* Clears security context. It should follow Authentication filters in the chain and should be mapped for CMIS requests only
*
* @author Dmitry Velichkevich
* @since 4.1.5
*/
public class CmisSecurityContextCleanerFilter implements Filter
{
@Override
public void destroy()
{
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException
{
ContextHolder.setContext(null);
chain.doFilter(servletRequest, servletResponse);
}
@Override
public void init(FilterConfig config) throws ServletException
{
}
}

124
source/java/org/alfresco/web/app/servlet/DefaultRemoteUserMapperTest.java
View File

@@ -1,124 +0,0 @@
/*
* Copyright (C) 2005-2010 Alfresco Software Limited.
*
* This file is part of Alfresco
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
*/
package org.alfresco.web.app.servlet;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
import javax.servlet.http.HttpServletRequest;
import org.alfresco.repo.management.subsystems.AbstractChainedSubsystemTest;
import org.alfresco.repo.management.subsystems.ChildApplicationContextFactory;
import org.alfresco.repo.management.subsystems.DefaultChildApplicationContextManager;
import org.alfresco.repo.webdav.auth.RemoteUserMapper;
import org.alfresco.util.ApplicationContextHelper;
import org.springframework.context.ApplicationContext;
/**
* @author dward
*
*/
public class DefaultRemoteUserMapperTest extends AbstractChainedSubsystemTest
{
ApplicationContext ctx = ApplicationContextHelper.getApplicationContext();
DefaultChildApplicationContextManager childApplicationContextManager;
ChildApplicationContextFactory childApplicationContextFactory;
/* (non-Javadoc)
* @see junit.framework.TestCase#setUp()
*/
@Override
protected void setUp() throws Exception
{
childApplicationContextManager = (DefaultChildApplicationContextManager) ctx.getBean("Authentication");
childApplicationContextManager.stop();
childApplicationContextManager.setProperty("chain", "external1:external");
childApplicationContextFactory = getChildApplicationContextFactory(childApplicationContextManager, "external1");
}
/* (non-Javadoc)
* @see junit.framework.TestCase#tearDown()
*/
@Override
protected void tearDown() throws Exception
{
childApplicationContextManager.destroy();
childApplicationContextManager = null;
childApplicationContextFactory = null;
}
public void testUnproxiedHeader() throws Exception
{
// Clear the proxy user name
childApplicationContextFactory.stop();
childApplicationContextFactory.setProperty("external.authentication.proxyUserName", "");
// Mock a request with a username in the header
HttpServletRequest mockRequest = mock(HttpServletRequest.class);
when(mockRequest.getHeader("X-Alfresco-Remote-User")).thenReturn("AdMiN");
assertEquals("admin", ((RemoteUserMapper) childApplicationContextFactory.getApplicationContext().getBean(
"remoteUserMapper")).getRemoteUser(mockRequest));
// Mock an unauthenticated request
when(mockRequest.getHeader("X-Alfresco-Remote-User")).thenReturn(null);
assertNull(((RemoteUserMapper) childApplicationContextFactory.getApplicationContext().getBean(
"remoteUserMapper")).getRemoteUser(mockRequest));
// Mock a remote user request
when(mockRequest.getRemoteUser()).thenReturn("ADMIN");
assertEquals("admin", ((RemoteUserMapper) childApplicationContextFactory.getApplicationContext().getBean(
"remoteUserMapper")).getRemoteUser(mockRequest));
}
public void testProxiedHeader() throws Exception
{
// Set the proxy user name
childApplicationContextFactory.stop();
childApplicationContextFactory.setProperty("external.authentication.proxyUserName", "bob");
// Mock a request with both a user and a header
HttpServletRequest mockRequest = mock(HttpServletRequest.class);
when(mockRequest.getRemoteUser()).thenReturn("bob");
when(mockRequest.getHeader("X-Alfresco-Remote-User")).thenReturn("AdMiN");
assertEquals("admin", ((RemoteUserMapper) childApplicationContextFactory.getApplicationContext().getBean(
"remoteUserMapper")).getRemoteUser(mockRequest));
// Now try header pattern matching
childApplicationContextFactory.stop();
childApplicationContextFactory.setProperty("external.authentication.userIdPattern", "abc-(.*)-999");
when(mockRequest.getHeader("X-Alfresco-Remote-User")).thenReturn("abc-AdMiN-999");
assertEquals("admin", ((RemoteUserMapper) childApplicationContextFactory.getApplicationContext().getBean(
"remoteUserMapper")).getRemoteUser(mockRequest));
// Try a request with an invalid match
when(mockRequest.getHeader("X-Alfresco-Remote-User")).thenReturn("abc-AdMiN-998");
assertNull(((RemoteUserMapper) childApplicationContextFactory.getApplicationContext().getBean(
"remoteUserMapper")).getRemoteUser(mockRequest));
// Try a request without the remote user
when(mockRequest.getRemoteUser()).thenReturn(null);
assertNull(((RemoteUserMapper) childApplicationContextFactory.getApplicationContext().getBean(
"remoteUserMapper")).getRemoteUser(mockRequest));
}
}