inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-10-01 14:41:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into feature/ACS-1383_StorageClasses

Browse Source 
# Conflicts:
#	data-model/src/main/java/org/alfresco/repo/content/ContentStore.java
#	repository/src/main/java/org/alfresco/repo/content/ContentServiceImpl.java
#	repository/src/main/java/org/alfresco/repo/content/caching/CachingContentStore.java
#	repository/src/main/java/org/alfresco/repo/content/replication/AggregatingContentStore.java
#	repository/src/main/java/org/alfresco/service/cmr/repository/ContentService.java
#	repository/src/main/resources/alfresco/public-services-security-context.xml
#	repository/src/test/java/org/alfresco/repo/content/replication/AggregatingContentStoreTest.java
#	repository/src/test/java/org/alfresco/repo/version/ContentServiceImplTest.java
This commit is contained in:
mpichura
2021-10-06 12:12:42 +02:00
parent 483b894cb2 aa4a5a6063
commit e9aa76ee7b
190 changed files with 8339 additions and 4438 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
remote-api/pom.xml
View File

@@ -7,7 +7,7 @@
<parent>
<groupId>org.alfresco</groupId>
<artifactId>alfresco-community-repo</artifactId>
<version>11.94-SNAPSHOT</version>
<version>14.7-SNAPSHOT</version>
</parent>
<dependencies>

34
remote-api/src/main/java/org/alfresco/opencmis/CMISServletDispatcher.java
View File

@@ -27,17 +27,14 @@ package org.alfresco.opencmis;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintWriter;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Enumeration;
import java.util.EventListener;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
@@ -48,19 +45,17 @@ import javax.servlet.Servlet;
import javax.servlet.ServletConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.ServletRegistration;
import javax.servlet.SessionCookieConfig;
import javax.servlet.SessionTrackingMode;
import javax.servlet.descriptor.JspConfigDescriptor;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletResponse;
import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.opencmis.CMISDispatcherRegistry.Binding;
import org.alfresco.opencmis.CMISDispatcherRegistry.Endpoint;
import org.alfresco.repo.tenant.TenantAdminService;
import org.alfresco.rest.framework.core.exceptions.JsonpCallbackNotAllowedException;
import org.alfresco.service.descriptor.Descriptor;
import org.alfresco.service.descriptor.DescriptorService;
import org.apache.chemistry.opencmis.commons.enums.CmisVersion;
@@ -69,7 +64,6 @@ import org.apache.chemistry.opencmis.server.impl.CmisRepositoryContextListener;
import org.apache.chemistry.opencmis.server.impl.atompub.CmisAtomPubServlet;
import org.springframework.extensions.webscripts.WebScriptRequest;
import org.springframework.extensions.webscripts.WebScriptResponse;
import org.springframework.extensions.webscripts.servlet.WebScriptServletRuntime;
/**
* Dispatches OpenCMIS requests to a servlet e.g. the OpenCMIS AtomPub servlet.
@@ -90,6 +84,8 @@ public abstract class CMISServletDispatcher implements CMISDispatcher
protected CmisVersion cmisVersion;
protected TenantAdminService tenantAdminService;
private boolean allowUnsecureCallbackJSONP;
private Set<String> nonAttachContentTypes = Collections.emptySet(); // pre-configured whitelist, eg. images & pdf
public void setTenantAdminService(TenantAdminService tenantAdminService)
@@ -151,7 +147,17 @@ public abstract class CMISServletDispatcher implements CMISDispatcher
return this.currentDescriptor;
}
public void setAllowUnsecureCallbackJSONP(boolean allowUnsecureCallbackJSONP)
{
this.allowUnsecureCallbackJSONP = allowUnsecureCallbackJSONP;
}
public boolean isAllowUnsecureCallbackJSONP()
{
return allowUnsecureCallbackJSONP;
}
public void init()
{
Endpoint endpoint = new Endpoint(getBinding(), version);
@@ -219,12 +225,22 @@ public abstract class CMISServletDispatcher implements CMISDispatcher
CMISHttpServletResponse httpResWrapper = getHttpResponse(res);
CMISHttpServletRequest httpReqWrapper = getHttpRequest(req);
servlet.service(httpReqWrapper, httpResWrapper);
// check for "callback" query param
if (!allowUnsecureCallbackJSONP && httpReqWrapper.getParameter("callback") != null)
{
throw new JsonpCallbackNotAllowedException();
}
servlet.service(httpReqWrapper, httpResWrapper);
}
catch(ServletException e)
{
throw new AlfrescoRuntimeException("", e);
}
catch (JsonpCallbackNotAllowedException e)
{
res.setStatus(403);
res.getWriter().append(e.getMessage());
}
}
/**

22
remote-api/src/main/java/org/alfresco/repo/web/scripts/BufferedRequest.java
View File

@@ -29,6 +29,7 @@ import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.util.function.Supplier;
import org.springframework.extensions.surf.util.Content;
import org.springframework.extensions.webscripts.Description.FormatStyle;
@@ -38,15 +39,15 @@ import org.springframework.extensions.webscripts.WebScriptRequest;
import org.springframework.extensions.webscripts.WrappingWebScriptRequest;
import org.springframework.util.FileCopyUtils;
public class BufferedRequest implements WrappingWebScriptRequest
public class BufferedRequest implements WrappingWebScriptRequest, AutoCloseable
{
private TempOutputStreamFactory streamFactory;
private WebScriptRequest req;
private final Supplier<TempOutputStream> streamFactory;
private final WebScriptRequest req;
private TempOutputStream bufferStream;
private InputStream contentStream;
private BufferedReader contentReader;
public BufferedRequest(WebScriptRequest req, TempOutputStreamFactory streamFactory)
public BufferedRequest(WebScriptRequest req, Supplier<TempOutputStream> streamFactory)
{
this.req = req;
this.streamFactory = streamFactory;
@@ -56,7 +57,7 @@ public class BufferedRequest implements WrappingWebScriptRequest
{
if (bufferStream == null)
{
bufferStream = streamFactory.createOutputStream();
bufferStream = streamFactory.get();
try
{
@@ -81,7 +82,7 @@ public class BufferedRequest implements WrappingWebScriptRequest
}
if (contentStream == null)
{
contentStream = getBufferedBodyAsTempStream().getInputStream();
contentStream = getBufferedBodyAsTempStream().toNewInputStream();
}
return contentStream;
@@ -95,7 +96,7 @@ public class BufferedRequest implements WrappingWebScriptRequest
{
contentStream.close();
}
catch (Exception e)
catch (Exception ignore)
{
}
contentStream = null;
@@ -106,13 +107,14 @@ public class BufferedRequest implements WrappingWebScriptRequest
{
contentReader.close();
}
catch (Exception e)
catch (Exception ignore)
{
}
contentReader = null;
}
}
@Override
public void close()
{
reset();
@@ -122,7 +124,7 @@ public class BufferedRequest implements WrappingWebScriptRequest
{
bufferStream.destroy();
}
catch (Exception e)
catch (Exception ignore)
{
}
bufferStream = null;

74
remote-api/src/main/java/org/alfresco/repo/web/scripts/BufferedResponse.java
View File

@@ -28,6 +28,7 @@ package org.alfresco.repo.web.scripts;
import java.io.IOException;
import java.io.OutputStream;
import java.io.Writer;
import java.util.function.Supplier;
import org.alfresco.error.AlfrescoRuntimeException;
import org.apache.commons.logging.Log;
@@ -42,25 +43,24 @@ import org.springframework.util.FileCopyUtils;
/**
* Transactional Buffered Response
*/
public class BufferedResponse implements WrappingWebScriptResponse
public class BufferedResponse implements WrappingWebScriptResponse, AutoCloseable
{
// Logger
protected static final Log logger = LogFactory.getLog(BufferedResponse.class);
private TempOutputStreamFactory streamFactory;
private WebScriptResponse res;
private int bufferSize;
private TempOutputStream outputStream = null;
private StringBuilderWriter outputWriter = null;
private final Supplier<TempOutputStream> streamFactory;
private final WebScriptResponse res;
private final int bufferSize;
private TempOutputStream outputStream;
private StringBuilderWriter outputWriter;
/**
* Construct
*
* @param res WebScriptResponse
*
* @param res WebScriptResponse
* @param bufferSize int
*/
public BufferedResponse(WebScriptResponse res, int bufferSize, TempOutputStreamFactory streamFactory)
public BufferedResponse(WebScriptResponse res, int bufferSize, Supplier<TempOutputStream> streamFactory)
{
this.res = res;
this.bufferSize = bufferSize;
@@ -71,6 +71,7 @@ public class BufferedResponse implements WrappingWebScriptResponse
* (non-Javadoc)
* @see org.alfresco.web.scripts.WrappingWebScriptResponse#getNext()
*/
@Override
public WebScriptResponse getNext()
{
return res;
@@ -123,16 +124,18 @@ public class BufferedResponse implements WrappingWebScriptResponse
* (non-Javadoc)
* @see org.alfresco.web.scripts.WebScriptResponse#getOutputStream()
*/
@Override
public OutputStream getOutputStream() throws IOException
{
if (outputStream == null)
if (outputStream != null)
{
if (outputWriter != null)
{
throw new AlfrescoRuntimeException("Already buffering output writer");
}
outputStream = streamFactory.createOutputStream();
return outputStream;
}
if (outputWriter != null)
{
throw new AlfrescoRuntimeException("Already buffering output writer");
}
outputStream = streamFactory.get();
return outputStream;
}
@@ -151,14 +154,15 @@ public class BufferedResponse implements WrappingWebScriptResponse
*/
public Writer getWriter() throws IOException
{
if (outputWriter == null)
if (outputWriter != null)
{
if (outputStream != null)
{
throw new AlfrescoRuntimeException("Already buffering output stream");
}
outputWriter = new StringBuilderWriter(bufferSize);
return outputWriter;
}
if (outputStream != null)
{
throw new AlfrescoRuntimeException("Already buffering output stream");
}
outputWriter = new StringBuilderWriter(bufferSize);
return outputWriter;
}
@@ -262,15 +266,7 @@ public class BufferedResponse implements WrappingWebScriptResponse
if (logger.isDebugEnabled())
logger.debug("Writing Transactional response: size=" + outputStream.getLength());
try
{
outputStream.flush();
FileCopyUtils.copy(outputStream.getInputStream(), res.getOutputStream());
}
finally
{
outputStream.destroy();
}
FileCopyUtils.copy(outputStream.toNewInputStream(), res.getOutputStream());
}
}
catch (IOException e)
@@ -278,4 +274,20 @@ public class BufferedResponse implements WrappingWebScriptResponse
throw new AlfrescoRuntimeException("Failed to commit buffered response", e);
}
}
@Override
public void close()
{
if (outputStream != null)
{
try
{
outputStream.destroy();
}
catch (Exception ignore)
{
}
outputStream = null;
}
}
}

637
remote-api/src/main/java/org/alfresco/repo/web/scripts/RepositoryContainer.java
View File

@@ -2,7 +2,7 @@
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2019 Alfresco Software Limited
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
@@ -25,12 +25,13 @@
*/
package org.alfresco.repo.web.scripts;
import java.io.File;
import java.io.IOException;
import java.net.SocketException;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.function.Supplier;
import javax.servlet.http.HttpServletResponse;
import javax.transaction.Status;
@@ -40,7 +41,6 @@ import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.error.ExceptionStackUtil;
import org.alfresco.repo.model.Repository;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
import org.alfresco.repo.transaction.AlfrescoTransactionSupport;
import org.alfresco.repo.transaction.AlfrescoTransactionSupport.TxnReadState;
import org.alfresco.repo.transaction.RetryingTransactionHelper;
@@ -95,8 +95,7 @@ public class RepositoryContainer extends AbstractRuntimeContainer
private String tempDirectoryName = null;
private int memoryThreshold = 4 * 1024 * 1024; // 4mb
private long maxContentSize = (long) 4 * 1024 * 1024 * 1024; // 4gb
private TempOutputStreamFactory streamFactory = null;
private TempOutputStreamFactory responseStreamFactory = null;
private Supplier<TempOutputStream> streamFactory = null;
private String preserveHeadersPattern = null;
private Class<?>[] notPublicExceptions = new Class<?>[] {};
@@ -107,17 +106,16 @@ public class RepositoryContainer extends AbstractRuntimeContainer
*/
public void setup()
{
File tempDirectory = TempFileProvider.getTempDir(tempDirectoryName);
this.streamFactory = new TempOutputStreamFactory(tempDirectory, memoryThreshold, maxContentSize, encryptTempFiles, false);
this.responseStreamFactory = new TempOutputStreamFactory(tempDirectory, memoryThreshold, maxContentSize,
encryptTempFiles, false);
streamFactory = TempOutputStream.factory(
TempFileProvider.getTempDir(tempDirectoryName),
memoryThreshold, maxContentSize, encryptTempFiles);
}
public void setEncryptTempFiles(Boolean encryptTempFiles)
{
if(encryptTempFiles != null)
{
this.encryptTempFiles = encryptTempFiles.booleanValue();
this.encryptTempFiles = encryptTempFiles;
}
}
@@ -130,7 +128,7 @@ public class RepositoryContainer extends AbstractRuntimeContainer
{
if(memoryThreshold != null)
{
this.memoryThreshold = memoryThreshold.intValue();
this.memoryThreshold = memoryThreshold;
}
}
@@ -138,7 +136,7 @@ public class RepositoryContainer extends AbstractRuntimeContainer
{
if(maxContentSize != null)
{
this.maxContentSize = maxContentSize.longValue();
this.maxContentSize = maxContentSize;
}
}
@@ -246,8 +244,7 @@ public class RepositoryContainer extends AbstractRuntimeContainer
*/
public Map<String, Object> getScriptParameters()
{
Map<String, Object> params = new HashMap<String, Object>();
params.putAll(super.getScriptParameters());
Map<String, Object> params = new HashMap<>(super.getScriptParameters());
addRepoParameters(params);
return params;
}
@@ -259,16 +256,11 @@ public class RepositoryContainer extends AbstractRuntimeContainer
public Map<String, Object> getTemplateParameters()
{
// Ensure we have a transaction - we might be generating the status template after the main transaction failed
return fallbackTransactionHelper.doInTransaction(new RetryingTransactionCallback<Map<String, Object>>()
{
public Map<String, Object> execute() throws Throwable
{
Map<String, Object> params = new HashMap<String, Object>();
params.putAll(RepositoryContainer.super.getTemplateParameters());
params.put(TemplateService.KEY_IMAGE_RESOLVER, imageResolver.getImageResolver());
addRepoParameters(params);
return params;
}
return fallbackTransactionHelper.doInTransaction(() -> {
Map<String, Object> params = new HashMap<>(RepositoryContainer.super.getTemplateParameters());
params.put(TemplateService.KEY_IMAGE_RESOLVER, imageResolver.getImageResolver());
addRepoParameters(params);
return params;
}, true);
}
@@ -321,7 +313,7 @@ public class RepositoryContainer extends AbstractRuntimeContainer
Throwable displayCause = ExceptionStackUtil.getCause(e, publicExceptions);
if (displayCause == null && hideCause != null)
{
AlfrescoRuntimeException alf = null;
final AlfrescoRuntimeException alf;
if (e instanceof AlfrescoRuntimeException)
{
alf = (AlfrescoRuntimeException) e;
@@ -342,117 +334,154 @@ public class RepositoryContainer extends AbstractRuntimeContainer
}
}
protected void executeScriptInternal(WebScriptRequest scriptReq, WebScriptResponse scriptRes, final Authenticator auth)
protected void executeScriptInternal(final WebScriptRequest scriptReq, final WebScriptResponse scriptRes, final Authenticator auth)
throws IOException
{
final WebScript script = scriptReq.getServiceMatch().getWebScript();
final Description desc = script.getDescription();
final boolean debug = logger.isDebugEnabled();
// Escalate the webscript declared level of authentication to the container required authentication
// eg. must be guest if MT is enabled unless credentials are empty
RequiredAuthentication containerRequiredAuthentication = getRequiredAuthentication();
final RequiredAuthentication containerRequiredAuthentication = getRequiredAuthentication();
final RequiredAuthentication required = (desc.getRequiredAuthentication().compareTo(containerRequiredAuthentication) < 0 && !auth.emptyCredentials() ? containerRequiredAuthentication : desc.getRequiredAuthentication());
final boolean isGuest = scriptReq.isGuest();
if (required == RequiredAuthentication.none)
{
// TODO revisit - cleared here, in-lieu of WebClient clear
//AuthenticationUtil.clearCurrentSecurityContext();
transactionedExecuteAs(script, scriptReq, scriptRes);
return;
}
else if ((required == RequiredAuthentication.user || required == RequiredAuthentication.admin) && isGuest)
// if the required authentication is not equal to guest, then it should be one of the following:
// user | sysadmin | admin (the 'none' authentication is handled above)
// in this case the guest user should not be able to execute those scripts.
if (required != RequiredAuthentication.guest && isGuest)
{
throw new WebScriptException(HttpServletResponse.SC_UNAUTHORIZED, "Web Script " + desc.getId() + " requires user authentication; however, a guest has attempted access.");
}
else
try
{
try
AuthenticationUtil.pushAuthentication();
//
// Determine if user already authenticated
//
if (debug)
{
AuthenticationUtil.pushAuthentication();
//
// Determine if user already authenticated
//
String currentUser = AuthenticationUtil.getFullyAuthenticatedUser();
logger.debug("Current authentication: " + (currentUser == null ? "unauthenticated" : "authenticated as " + currentUser));
logger.debug("Authentication required: " + required);
logger.debug("Guest login requested: " + isGuest);
}
//
// Apply appropriate authentication to Web Script invocation
//
final RetryingTransactionCallback<Boolean> authWork = () -> {
if (auth != null && !auth.authenticate(required, isGuest))
{
return false;
}
// The user will now have been authenticated, based on HTTP Auth, Ticket, etc.
// Check that the user they authenticated as has appropriate access to the script
checkScriptAccess(required, desc.getId());
if (debug)
{
String currentUser = AuthenticationUtil.getFullyAuthenticatedUser();
logger.debug("Current authentication: " + (currentUser == null ? "unauthenticated" : "authenticated as " + currentUser));
logger.debug("Authentication required: " + required);
logger.debug("Guest login requested: " + isGuest);
logger.debug("Authentication: " + (currentUser == null ? "unauthenticated" : "authenticated as " + currentUser));
}
//
// Apply appropriate authentication to Web Script invocation
//
RetryingTransactionCallback<Boolean> authWork = new RetryingTransactionCallback<Boolean>()
{
public Boolean execute() throws Exception
{
if (auth == null || auth.authenticate(required, isGuest))
{
// The user will now have been authenticated, based on HTTP Auth, Ticket etc
// Check that the user they authenticated as has appropriate access to the script
// Check to see if they supplied HTTP Auth or Ticket as guest, on a script that needs more
if (required == RequiredAuthentication.user || required == RequiredAuthentication.admin)
{
String authenticatedUser = AuthenticationUtil.getFullyAuthenticatedUser();
String runAsUser = AuthenticationUtil.getRunAsUser();
if ( (authenticatedUser == null) ||
(authenticatedUser.equals(runAsUser) && authorityService.hasGuestAuthority()) ||
(!authenticatedUser.equals(runAsUser) && authorityService.isGuestAuthority(authenticatedUser)) )
{
throw new WebScriptException(HttpServletResponse.SC_UNAUTHORIZED, "Web Script " + desc.getId() + " requires user authentication; however, a guest has attempted access.");
}
}
// Check to see if they're admin or system on an Admin only script
if (required == RequiredAuthentication.admin && !(authorityService.hasAdminAuthority() || AuthenticationUtil.getFullyAuthenticatedUser().equals(AuthenticationUtil.getSystemUserName())))
{
throw new WebScriptException(HttpServletResponse.SC_UNAUTHORIZED, "Web Script " + desc.getId() + " requires admin authentication; however, a non-admin has attempted access.");
}
if (debug)
{
String currentUser = AuthenticationUtil.getFullyAuthenticatedUser();
logger.debug("Authentication: " + (currentUser == null ? "unauthenticated" : "authenticated as " + currentUser));
}
return true;
}
return false;
}
};
boolean readOnly = transactionService.isReadOnly();
boolean requiresNew = !readOnly && AlfrescoTransactionSupport.getTransactionReadState() == TxnReadState.TXN_READ_ONLY;
if (transactionService.getRetryingTransactionHelper().doInTransaction(authWork, readOnly, requiresNew))
{
// Execute Web Script if authentication passed
// The Web Script has its own txn management with potential runAs() user
transactionedExecuteAs(script, scriptReq, scriptRes);
}
else
{
throw new WebScriptException(HttpServletResponse.SC_UNAUTHORIZED, "Authentication failed for Web Script " + desc.getId());
}
}
finally
return true;
};
final boolean readOnly = transactionService.isReadOnly();
final boolean requiresNew = !readOnly && AlfrescoTransactionSupport.getTransactionReadState() == TxnReadState.TXN_READ_ONLY;
if (!transactionService.getRetryingTransactionHelper().doInTransaction(authWork, readOnly, requiresNew))
{
//
// Reset authentication for current thread
//
AuthenticationUtil.popAuthentication();
if (debug)
{
String currentUser = AuthenticationUtil.getFullyAuthenticatedUser();
logger.debug("Authentication reset: " + (currentUser == null ? "unauthenticated" : "authenticated as " + currentUser));
}
throw new WebScriptException(HttpServletResponse.SC_UNAUTHORIZED, "Authentication failed for Web Script " + desc.getId());
}
// Execute Web Script if authentication passed
// The Web Script has its own txn management with potential runAs() user
transactionedExecuteAs(script, scriptReq, scriptRes, required);
}
finally
{
//
// Reset authentication for current thread
//
AuthenticationUtil.popAuthentication();
if (debug)
{
String currentUser = AuthenticationUtil.getFullyAuthenticatedUser();
logger.debug("Authentication reset: " + (currentUser == null ? "unauthenticated" : "authenticated as " + currentUser));
}
}
}
private boolean isSystemUser()
{
return Objects.equals(AuthenticationUtil.getFullyAuthenticatedUser(), AuthenticationUtil.getSystemUserName());
}
private boolean isSysAdminUser()
{
return authorityService.hasSysAdminAuthority();
}
private boolean isAdmin()
{
return authorityService.hasAdminAuthority();
}
public final boolean isAdminOrSystemUser()
{
return isAdmin() || isSystemUser();
}
/**
* Check to see if they supplied HTTP Auth or Ticket as guest, on a script that needs more
*/
private void checkGuestAccess(RequiredAuthentication required, String scriptDescriptorId)
{
if (required == RequiredAuthentication.user || required == RequiredAuthentication.admin
|| required == RequiredAuthentication.sysadmin)
{
final String authenticatedUser = AuthenticationUtil.getFullyAuthenticatedUser();
final String runAsUser = AuthenticationUtil.getRunAsUser();
if ((authenticatedUser == null) || (authenticatedUser.equals(runAsUser)
&& authorityService.hasGuestAuthority()) || (!authenticatedUser.equals(runAsUser)
&& authorityService.isGuestAuthority(authenticatedUser)))
{
throw new WebScriptException(HttpServletResponse.SC_UNAUTHORIZED, "Web Script " + scriptDescriptorId
+ " requires user authentication; however, a guest has attempted access.");
}
}
}
private void checkScriptAccess(RequiredAuthentication required, String scriptDescriptorId)
{
// first, check guest access
checkGuestAccess(required, scriptDescriptorId);
// Check to see if the user is sysAdmin, admin or system on a sysadmin scripts
if (required == RequiredAuthentication.sysadmin && !(isSysAdminUser() || isAdminOrSystemUser()))
{
throw new WebScriptException(HttpServletResponse.SC_UNAUTHORIZED, "Web Script " + scriptDescriptorId
+ " requires system-admin authentication; however, a non-system-admin has attempted access.");
}
else if (required == RequiredAuthentication.admin && !isAdminOrSystemUser())
{
throw new WebScriptException(HttpServletResponse.SC_UNAUTHORIZED, "Web Script " + scriptDescriptorId
+ " requires admin authentication; however, a non-admin has attempted access.");
}
}
@@ -467,191 +496,160 @@ public class RepositoryContainer extends AbstractRuntimeContainer
protected void transactionedExecute(final WebScript script, final WebScriptRequest scriptReq, final WebScriptResponse scriptRes)
throws IOException
{
final Description description = script.getDescription();
try
{
final Description description = script.getDescription();
if (description.getRequiredTransaction() == RequiredTransaction.none)
{
script.execute(scriptReq, scriptRes);
return;
}
else
}
catch (IOException e)
{
handleIOException(e);
}
final RequiredTransactionParameters trxParams = description.getRequiredTransactionParameters();
try (final BufferedRequest bufferedReq = newBufferedRequest(trxParams, scriptReq, streamFactory);
final BufferedResponse bufferedRes = newBufferedResponse(trxParams, scriptRes, streamFactory))
{
boolean readonly = description.getRequiredTransactionParameters().getCapability() == TransactionCapability.readonly;
boolean requiresNew = description.getRequiredTransaction() == RequiredTransaction.requiresnew;
// log a warning if we detect a GET webscript being run in a readwrite transaction, GET calls should
// NOT have any side effects so this scenario as a warning sign something maybe amiss, see ALF-10179.
if (logger.isDebugEnabled() && !readonly && "GET".equalsIgnoreCase(
description.getMethod()))
{
final BufferedRequest bufferedReq;
final BufferedResponse bufferedRes;
RequiredTransactionParameters trxParams = description.getRequiredTransactionParameters();
if (trxParams.getCapability() == TransactionCapability.readwrite)
{
if (trxParams.getBufferSize() > 0)
{
if (logger.isDebugEnabled())
logger.debug("Creating Transactional Response for ReadWrite transaction; buffersize=" + trxParams.getBufferSize());
logger.debug("Webscript with URL '" + scriptReq.getURL() +
"' is a GET request but it's descriptor has declared a readwrite transaction is required");
}
// create buffered request and response that allow transaction retrying
bufferedReq = new BufferedRequest(scriptReq, streamFactory);
bufferedRes = new BufferedResponse(scriptRes, trxParams.getBufferSize(), responseStreamFactory);
}
else
try
{
final RetryingTransactionHelper transactionHelper = transactionService.getRetryingTransactionHelper();
if (script instanceof LoginPost)
{
//login script requires read-write transaction because of authorization interceptor
transactionHelper.setForceWritable(true);
}
transactionHelper.doInTransaction(() -> {
try
{
if (logger.isDebugEnabled())
logger.debug("Transactional Response bypassed for ReadWrite - buffersize=0");
bufferedReq = null;
bufferedRes = null;
}
}
else
{
bufferedReq = null;
bufferedRes = null;
}
// encapsulate script within transaction
RetryingTransactionCallback<Object> work = new RetryingTransactionCallback<Object>()
{
public Object execute() throws Exception
{
try
logger.debug("Begin retry transaction block: " + description.getRequiredTransaction() + ","
+ description.getRequiredTransactionParameters().getCapability());
if (bufferedReq == null || bufferedRes == null)
{
if (logger.isDebugEnabled())
logger.debug("Begin retry transaction block: " + description.getRequiredTransaction() + ","
+ description.getRequiredTransactionParameters().getCapability());
if (bufferedRes == null)
{
script.execute(scriptReq, scriptRes);
}
else
{
// Reset the request and response in case of a transaction retry
bufferedReq.reset();
// REPO-4388 don't reset specified headers
bufferedRes.reset(preserveHeadersPattern);
script.execute(bufferedReq, bufferedRes);
}
script.execute(scriptReq, scriptRes);
}
catch(Exception e)
else
{
if (logger.isDebugEnabled())
{
logger.debug("Transaction exception: " + description.getRequiredTransaction() + ": " + e.getMessage());
// Note: user transaction shouldn't be null, but just in case inside this exception handler
UserTransaction userTrx = RetryingTransactionHelper.getActiveUserTransaction();
if (userTrx != null)
{
logger.debug("Transaction status: " + userTrx.getStatus());
}
}
// Reset the request and response in case of a transaction retry
bufferedReq.reset();
// REPO-4388 don't reset specified headers
bufferedRes.reset(preserveHeadersPattern);
script.execute(bufferedReq, bufferedRes);
}
}
catch (Exception e)
{
if (logger.isDebugEnabled())
{
logger.debug("Transaction exception: " + description.getRequiredTransaction() + ": " + e.getMessage());
// Note: user transaction shouldn't be null, but just in case inside this exception handler
UserTransaction userTrx = RetryingTransactionHelper.getActiveUserTransaction();
if (userTrx != null)
{
if (userTrx.getStatus() != Status.STATUS_MARKED_ROLLBACK)
logger.debug("Transaction status: " + userTrx.getStatus());
}
}
final UserTransaction userTrx = RetryingTransactionHelper.getActiveUserTransaction();
if (userTrx != null)
{
if (userTrx.getStatus() != Status.STATUS_MARKED_ROLLBACK)
{
if (logger.isDebugEnabled())
logger.debug("Marking web script transaction for rollback");
try
{
userTrx.setRollbackOnly();
}
catch (Throwable re)
{
if (logger.isDebugEnabled())
logger.debug("Marking web script transaction for rollback");
try
{
userTrx.setRollbackOnly();
}
catch(Throwable re)
{
if (logger.isDebugEnabled())
logger.debug("Caught and ignoring exception during marking for rollback: " + re.getMessage());
}
logger.debug("Caught and ignoring exception during marking for rollback: " + re.getMessage());
}
}
// re-throw original exception for retry
throw e;
}
finally
{
if (logger.isDebugEnabled())
logger.debug("End retry transaction block: " + description.getRequiredTransaction() + ","
+ description.getRequiredTransactionParameters().getCapability());
}
return null;
}
};
boolean readonly = description.getRequiredTransactionParameters().getCapability() == TransactionCapability.readonly;
boolean requiresNew = description.getRequiredTransaction() == RequiredTransaction.requiresnew;
// log a warning if we detect a GET webscript being run in a readwrite transaction, GET calls should
// NOT have any side effects so this scenario as a warning sign something maybe amiss, see ALF-10179.
if (logger.isDebugEnabled() && !readonly && "GET".equalsIgnoreCase(description.getMethod()))
{
logger.debug("Webscript with URL '" + scriptReq.getURL() +
"' is a GET request but it's descriptor has declared a readwrite transaction is required");
}
try
{
RetryingTransactionHelper transactionHelper = transactionService.getRetryingTransactionHelper();
if(script instanceof LoginPost)
{
//login script requires read-write transaction because of authorization intercepter
transactionHelper.setForceWritable(true);
}
transactionHelper.doInTransaction(work, readonly, requiresNew);
}
catch (TooBusyException e)
{
// Map TooBusyException to a 503 status code
throw new WebScriptException(HttpServletResponse.SC_SERVICE_UNAVAILABLE, e.getMessage(), e);
}
finally
{
// Get rid of any temporary files
if (bufferedReq != null)
{
bufferedReq.close();
}
}
// Ensure a response is always flushed after successful execution
if (bufferedRes != null)
{
bufferedRes.writeResponse();
}
// re-throw original exception for retry
throw e;
}
finally
{
if (logger.isDebugEnabled())
logger.debug("End retry transaction block: " + description.getRequiredTransaction() + ","
+ description.getRequiredTransactionParameters().getCapability());
}
return null;
}, readonly, requiresNew);
}
}
catch (IOException ioe)
{
Throwable socketException = ExceptionStackUtil.getCause(ioe, SocketException.class);
Class<?> clientAbortException = null;
try
catch (TooBusyException e)
{
clientAbortException = Class.forName("org.apache.catalina.connector.ClientAbortException");
// Map TooBusyException to a 503 status code
throw new WebScriptException(HttpServletResponse.SC_SERVICE_UNAVAILABLE, e.getMessage(), e);
}
catch (ClassNotFoundException e)
// Ensure a response is always flushed after successful execution
if (bufferedRes != null)
{
// do nothing
}
// Note: if you need to look for more exceptions in the stack, then create a static array and pass it in
if ((socketException != null && socketException.getMessage().contains("Broken pipe")) || (clientAbortException != null && ExceptionStackUtil.getCause(ioe, clientAbortException) != null))
{
if (logger.isDebugEnabled())
{
logger.warn("Client has cut off communication", ioe);
}
else
{
logger.info("Client has cut off communication");
}
}
else
{
throw ioe;
bufferedRes.writeResponse();
}
}
}
private static void handleIOException(final IOException ioe) throws IOException
{
Throwable socketException = ExceptionStackUtil.getCause(ioe, SocketException.class);
Class<?> clientAbortException = null;
try
{
clientAbortException = Class.forName("org.apache.catalina.connector.ClientAbortException");
}
catch (ClassNotFoundException e)
{
// do nothing
}
// Note: if you need to look for more exceptions in the stack, then create a static array and pass it in
if ((socketException != null && socketException.getMessage().contains("Broken pipe")) ||
(clientAbortException != null && ExceptionStackUtil.getCause(ioe, clientAbortException) != null))
{
if (logger.isDebugEnabled())
{
logger.warn("Client has cut off communication", ioe);
}
else
{
logger.info("Client has cut off communication");
}
}
else
{
throw ioe;
}
}
/**
* Execute script within required level of transaction as required effective user.
*
* @param script WebScript
*
* @param script WebScript
* @param scriptReq WebScriptRequest
* @param scriptRes WebScriptResponse
* @throws IOException
@@ -659,22 +657,46 @@ public class RepositoryContainer extends AbstractRuntimeContainer
private void transactionedExecuteAs(final WebScript script, final WebScriptRequest scriptReq,
final WebScriptResponse scriptRes) throws IOException
{
String runAs = script.getDescription().getRunAs();
final String runAs = script.getDescription().getRunAs();
if (runAs == null)
{
transactionedExecute(script, scriptReq, scriptRes);
}
else
{
RunAsWork<Object> work = new RunAsWork<Object>()
{
public Object doWork() throws Exception
{
transactionedExecute(script, scriptReq, scriptRes);
return null;
}
};
AuthenticationUtil.runAs(work, runAs);
AuthenticationUtil.runAs(() -> {
transactionedExecute(script, scriptReq, scriptRes);
return null;
}, runAs);
}
}
/**
* Execute script within required level of transaction as required effective user.
*
* @param script WebScript
* @param scriptReq WebScriptRequest
* @param scriptRes WebScriptResponse
* @param requiredAuthentication Required authentication
* @throws IOException
*/
private void transactionedExecuteAs(final WebScript script, final WebScriptRequest scriptReq,
final WebScriptResponse scriptRes, RequiredAuthentication requiredAuthentication) throws IOException
{
// Execute as System if and only if, the current user is a member of System-Admin group, and he is not a super admin.
// E.g. if 'jdoe' is a member of ALFRESCO_SYSTEM_ADMINISTRATORS group, then the work should be executed as System to satisfy the ACL checks.
// But, if the current user is Admin (i.e. super admin, which by default he is a member fo the ALFRESCO_SYSTEM_ADMINISTRATORS group)
// then don't wrap the work as RunAs, since he can do anything!
if (requiredAuthentication == RequiredAuthentication.sysadmin && isSysAdminUser() && !isAdmin())
{
AuthenticationUtil.runAs(() -> {
transactionedExecute(script, scriptReq, scriptRes);
return null;
}, AuthenticationUtil.SYSTEM_USER_NAME);
}
else
{
transactionedExecuteAs(script, scriptReq, scriptRes);
}
}
@@ -688,17 +710,12 @@ public class RepositoryContainer extends AbstractRuntimeContainer
{
ContextRefreshedEvent refreshEvent = (ContextRefreshedEvent)event;
ApplicationContext refreshContext = refreshEvent.getApplicationContext();
if (refreshContext != null && refreshContext.equals(applicationContext))
if (refreshContext.equals(applicationContext))
{
RunAsWork<Object> work = new RunAsWork<Object>()
{
public Object doWork() throws Exception
{
reset();
return null;
}
};
AuthenticationUtil.runAs(work, AuthenticationUtil.getSystemUserName());
AuthenticationUtil.runAs(() -> {
reset();
return null;
}, AuthenticationUtil.getSystemUserName());
}
}
}
@@ -739,18 +756,54 @@ public class RepositoryContainer extends AbstractRuntimeContainer
@Override
public void reset()
{
transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionCallback<Object>()
{
public Object execute() throws Exception
{
internalReset();
return null;
}
transactionService.getRetryingTransactionHelper().doInTransaction(() -> {
internalReset();
return null;
}, true, false);
}
private void internalReset()
{
super.reset();
}
private static BufferedRequest newBufferedRequest(
final RequiredTransactionParameters trxParams,
final WebScriptRequest scriptReq,
final Supplier<TempOutputStream> streamFactory)
{
if (trxParams.getCapability() != TransactionCapability.readwrite)
{
return null;
}
if (trxParams.getBufferSize() <= 0)
{
return null;
}
// create buffered request that allow transaction retrying
return new BufferedRequest(scriptReq, streamFactory);
}
private static BufferedResponse newBufferedResponse(
final RequiredTransactionParameters trxParams,
final WebScriptResponse scriptRes,
final Supplier<TempOutputStream> streamFactory)
{
if (trxParams.getCapability() != TransactionCapability.readwrite)
{
return null;
}
if (trxParams.getBufferSize() <= 0)
{
if (logger.isDebugEnabled())
logger.debug("Transactional Response bypassed for ReadWrite - buffersize=0");
return null;
}
if (logger.isDebugEnabled())
logger.debug("Creating Transactional Response for ReadWrite transaction; buffersize=" + trxParams.getBufferSize());
// create buffered response that allow transaction retrying
return new BufferedResponse(scriptRes, trxParams.getBufferSize(), streamFactory);
}
}

187
remote-api/src/main/java/org/alfresco/repo/web/scripts/TempOutputStream.java
View File

@@ -36,6 +36,7 @@ import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.Key;
import java.util.function.Supplier;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
@@ -88,13 +89,11 @@ public class TempOutputStream extends OutputStream
private final File tempDir;
private final int memoryThreshold;
private final long maxContentSize;
private boolean encrypt;
private boolean deleteTempFileOnClose;
private final boolean encrypt;
private long length = 0;
private OutputStream outputStream;
private File tempFile;
private TempByteArrayOutputStream tempStream;
private Key symKey;
private byte[] iv;
@@ -112,58 +111,49 @@ public class TempOutputStream extends OutputStream
* the max content size in B
* @param encrypt
* true if temp files should be encrypted
* @param deleteTempFileOnClose
* true if temp files should be deleted on output stream close
* (useful if we need to cache the content for further reads). If
* this is false then we need to make sure we call
* {@link TempOutputStream}.destroy to clean up properly.
*/
public TempOutputStream(File tempDir, int memoryThreshold, long maxContentSize, boolean encrypt, boolean deleteTempFileOnClose)
public TempOutputStream(File tempDir, int memoryThreshold, long maxContentSize, boolean encrypt)
{
this.tempDir = tempDir;
this.memoryThreshold = (memoryThreshold < 0) ? DEFAULT_MEMORY_THRESHOLD : memoryThreshold;
this.maxContentSize = maxContentSize;
this.encrypt = encrypt;
this.deleteTempFileOnClose = deleteTempFileOnClose;
this.tempStream = new TempByteArrayOutputStream();
this.outputStream = this.tempStream;
this.outputStream = new ByteArrayOutputStream();
}
/**
* Returns the data as an InputStream
*/
public InputStream getInputStream() throws IOException
public InputStream toNewInputStream() throws IOException
{
if (tempFile != null)
closeOutputStream();
if (tempFile == null)
{
return new ByteArrayInputStream(((ByteArrayOutputStream) outputStream).toByteArray());
}
if (!encrypt)
{
if (encrypt)
{
final Cipher cipher;
try
{
cipher = Cipher.getInstance(TRANSFORMATION);
cipher.init(Cipher.DECRYPT_MODE, symKey, new IvParameterSpec(iv));
}
catch (Exception e)
{
destroy();
if (logger.isErrorEnabled())
{
logger.error("Cannot initialize decryption cipher", e);
}
throw new IOException("Cannot initialize decryption cipher", e);
}
return new BufferedInputStream(new CipherInputStream(new FileInputStream(tempFile), cipher));
}
return new BufferedInputStream(new FileInputStream(tempFile));
}
else
try
{
return new ByteArrayInputStream(tempStream.getBuffer(), 0, tempStream.getCount());
final Cipher cipher = Cipher.getInstance(TRANSFORMATION);
cipher.init(Cipher.DECRYPT_MODE, symKey, new IvParameterSpec(iv));
return new BufferedInputStream(new CipherInputStream(new FileInputStream(tempFile), cipher));
}
catch (Exception e)
{
destroy();
if (logger.isErrorEnabled())
{
logger.error("Cannot initialize decryption cipher", e);
}
throw new IOException("Cannot initialize decryption cipher", e);
}
}
@@ -190,7 +180,7 @@ public class TempOutputStream extends OutputStream
@Override
public void close() throws IOException
{
close(deleteTempFileOnClose);
closeOutputStream();
}
/**
@@ -215,7 +205,9 @@ public class TempOutputStream extends OutputStream
*/
public void destroy() throws IOException
{
close(true);
closeOutputStream();
deleteTempFile();
}
public long getLength()
@@ -282,102 +274,95 @@ public class TempOutputStream extends OutputStream
}
}
private void close(boolean deleteTempFileOnClose)
private BufferedOutputStream createFileOutputStream(final File file) throws IOException
{
closeOutputStream();
if (deleteTempFileOnClose)
if (!encrypt)
{
deleteTempFile();
return new BufferedOutputStream(new FileOutputStream(file));
}
}
private BufferedOutputStream createOutputStream(File file) throws IOException
{
BufferedOutputStream fileOutputStream;
if (encrypt)
try
{
try
// Generate a symmetric key
final KeyGenerator keyGen = KeyGenerator.getInstance(ALGORITHM);
keyGen.init(KEY_SIZE);
symKey = keyGen.generateKey();
Cipher cipher = Cipher.getInstance(TRANSFORMATION);
cipher.init(Cipher.ENCRYPT_MODE, symKey);
iv = cipher.getIV();
return new BufferedOutputStream(new CipherOutputStream(new FileOutputStream(file), cipher));
}
catch (Exception e)
{
if (logger.isErrorEnabled())
{
// Generate a symmetric key
final KeyGenerator keyGen = KeyGenerator.getInstance(ALGORITHM);
keyGen.init(KEY_SIZE);
symKey = keyGen.generateKey();
Cipher cipher = Cipher.getInstance(TRANSFORMATION);
cipher.init(Cipher.ENCRYPT_MODE, symKey);
iv = cipher.getIV();
fileOutputStream = new BufferedOutputStream(new CipherOutputStream(new FileOutputStream(file), cipher));
logger.error("Cannot initialize encryption cipher", e);
}
catch (Exception e)
{
if (logger.isErrorEnabled())
{
logger.error("Cannot initialize encryption cipher", e);
}
throw new IOException("Cannot initialize encryption cipher", e);
}
throw new IOException("Cannot initialize encryption cipher", e);
}
else
{
fileOutputStream = new BufferedOutputStream(new FileOutputStream(file));
}
return fileOutputStream;
}
private void update(int len) throws IOException
{
if (maxContentSize > -1 && length + len > maxContentSize)
if (surpassesMaxContentSize(len))
{
destroy();
throw new ContentLimitViolationException("Content size violation, limit = " + maxContentSize);
}
if (tempFile == null && (tempStream.getCount() + len) > memoryThreshold)
if (surpassesThreshold(len))
{
File file = TempFileProvider.createTempFile(TEMP_FILE_PREFIX, ".bin", tempDir);
tempFile = TempFileProvider.createTempFile(TEMP_FILE_PREFIX, ".bin", tempDir);
BufferedOutputStream fileOutputStream = createOutputStream(file);
fileOutputStream.write(this.tempStream.getBuffer(), 0, this.tempStream.getCount());
final BufferedOutputStream fileOutputStream = createFileOutputStream(tempFile);
fileOutputStream.write(((ByteArrayOutputStream) outputStream).toByteArray());
fileOutputStream.flush();
try
{
tempStream.close();
outputStream.close();
}
catch (IOException e)
catch (IOException ignore)
{
// Ignore exception
}
tempStream = null;
tempFile = file;
outputStream = fileOutputStream;
}
length += len;
}
private static class TempByteArrayOutputStream extends ByteArrayOutputStream
private boolean surpassesMaxContentSize(final int len)
{
/**
* @return The internal buffer where data is stored
*/
public byte[] getBuffer()
{
return buf;
}
return maxContentSize >= 0 && length + len > maxContentSize;
}
/**
* @return The number of valid bytes in the buffer.
*/
public int getCount()
{
return count;
}
private boolean surpassesThreshold(final int len)
{
return tempFile == null && length + len > memoryThreshold;
}
/**
* Creates a {@link TempOutputStream} factory/supplier.
*
* @param tempDir
* the temporary directory, i.e. <code>isDir == true</code>, that
* will be used as * parent directory for creating temp file backed
* streams
* @param memoryThreshold
* the memory threshold in B
* @param maxContentSize
* the max content size in B
* @param encrypt
* true if temp files should be encrypted
*/
public static Supplier<TempOutputStream> factory(final File tempDir, final int memoryThreshold,
final long maxContentSize, final boolean encrypt)
{
return () -> new TempOutputStream(tempDir, memoryThreshold, maxContentSize, encrypt);
}
}

105
remote-api/src/main/java/org/alfresco/repo/web/scripts/TempOutputStreamFactory.java
View File

@@ -1,105 +0,0 @@
/*
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2019 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
* the paid license agreement will prevail. Otherwise, the software is
* provided under the following open source license terms:
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
* #L%
*/
package org.alfresco.repo.web.scripts;
import java.io.File;
/**
* Factory for {@link TempOutputStream}
*/
public class TempOutputStreamFactory
{
/**
* A temporary directory, i.e. <code>isDir == true</code>, that will be used as
* parent directory for creating temp file backed streams.
*/
private final File tempDir;
private int memoryThreshold;
private long maxContentSize;
private boolean encrypt;
private boolean deleteTempFileOnClose;
/**
* Creates a {@link TempOutputStream} factory.
*
* @param tempDir
* the temporary directory, i.e. <code>isDir == true</code>, that
* will be used as * parent directory for creating temp file backed
* streams
* @param memoryThreshold
* the memory threshold in B
* @param maxContentSize
* the max content size in B
* @param encrypt
* true if temp files should be encrypted
* @param deleteTempFileOnClose
* true if temp files should be deleted on output stream close
* (useful if we need to cache the content for further reads). If
* this is false then we need to make sure we call
* {@link TempOutputStream}.destroy to clean up properly.
*/
public TempOutputStreamFactory(File tempDir, int memoryThreshold, long maxContentSize, boolean encrypt, boolean deleteTempFileOnClose)
{
this.tempDir = tempDir;
this.memoryThreshold = memoryThreshold;
this.maxContentSize = maxContentSize;
this.encrypt = encrypt;
this.deleteTempFileOnClose = deleteTempFileOnClose;
}
/**
* Creates a new {@link TempOutputStream} object
*/
public TempOutputStream createOutputStream()
{
return new TempOutputStream(tempDir, memoryThreshold, maxContentSize, encrypt, deleteTempFileOnClose);
}
public File getTempDir()
{
return tempDir;
}
public int getMemoryThreshold()
{
return memoryThreshold;
}
public long getMaxContentSize()
{
return maxContentSize;
}
public boolean isEncrypt()
{
return encrypt;
}
public boolean isDeleteTempFileOnClose()
{
return deleteTempFileOnClose;
}
}

215
remote-api/src/main/java/org/alfresco/repo/web/scripts/bulkimport/AbstractBulkFileSystemImportWebScript.java
View File

@@ -30,8 +30,19 @@ import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.Arrays;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
import java.util.OptionalInt;
import java.util.function.Function;
import java.util.function.Supplier;
import com.google.common.primitives.Ints;
import org.alfresco.repo.bulkimport.BulkFilesystemImporter;
import org.alfresco.repo.bulkimport.BulkImportParameters;
import org.alfresco.repo.bulkimport.NodeImporter;
import org.alfresco.repo.bulkimport.impl.MultiThreadedBulkFilesystemImporter;
import org.alfresco.repo.model.Repository;
import org.alfresco.service.cmr.model.FileFolderService;
import org.alfresco.service.cmr.model.FileInfo;
@@ -39,8 +50,12 @@ import org.alfresco.service.cmr.model.FileNotFoundException;
import org.alfresco.service.cmr.repository.NodeRef;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.extensions.surf.util.I18NUtil;
import org.springframework.extensions.webscripts.Cache;
import org.springframework.extensions.webscripts.DeclarativeWebScript;
import org.springframework.extensions.webscripts.Status;
import org.springframework.extensions.webscripts.WebScriptException;
import org.springframework.extensions.webscripts.WebScriptRequest;
/**
* contains common fields and methods for the import web scripts.
@@ -60,10 +75,10 @@ public class AbstractBulkFileSystemImportWebScript extends DeclarativeWebScript
// Web scripts parameters (common)
protected static final String PARAMETER_REPLACE_EXISTING = "replaceExisting";
protected static final String PARAMETER_EXISTING_FILE_MODE = "existingFileMode";
protected static final String PARAMETER_VALUE_REPLACE_EXISTING = "replaceExisting";
protected static final String PARAMETER_VALUE_REPLACE_EXISTING = "true";
protected static final String PARAMETER_SOURCE_DIRECTORY = "sourceDirectory";
protected static final String PARAMETER_DISABLE_RULES = "disableRules";
protected static final String PARAMETER_VALUE_DISABLE_RULES = "disableRules";
protected static final String PARAMETER_VALUE_DISABLE_RULES = "true";
protected static final String IMPORT_ALREADY_IN_PROGRESS_MODEL_KEY = "importInProgress";
protected static final String IMPORT_ALREADY_IN_PROGRESS_ERROR_KEY ="bfsit.error.importAlreadyInProgress";
@@ -75,7 +90,7 @@ public class AbstractBulkFileSystemImportWebScript extends DeclarativeWebScript
protected Repository repository;
protected volatile boolean importInProgress;
protected NodeRef getTargetNodeRef(String targetNodeRefStr, String targetPath) throws FileNotFoundException
{
NodeRef targetNodeRef;
@@ -219,4 +234,198 @@ public class AbstractBulkFileSystemImportWebScript extends DeclarativeWebScript
this.repository = repository;
}
protected class MultithreadedImportWebScriptLogic
{
private final MultiThreadedBulkFilesystemImporter bulkImporter;
private final Supplier<NodeImporter> nodeImporterFactory;
private final WebScriptRequest request;
private final Status status;
private final Cache cache;
public MultithreadedImportWebScriptLogic(MultiThreadedBulkFilesystemImporter bulkImporter, Supplier<NodeImporter> nodeImporterFactory, WebScriptRequest request, Status status, Cache cache)
{
this.bulkImporter = Objects.requireNonNull(bulkImporter);
this.nodeImporterFactory = Objects.requireNonNull(nodeImporterFactory);
this.request = Objects.requireNonNull(request);
this.status = Objects.requireNonNull(status);
this.cache = Objects.requireNonNull(cache);
}
public Map<String, Object> executeImport()
{
Map<String, Object> model = new HashMap<>();
cache.setNeverCache(true);
String targetPath = null;
try
{
targetPath = request.getParameter(PARAMETER_TARGET_PATH);
if (isRunning())
{
model.put(IMPORT_ALREADY_IN_PROGRESS_MODEL_KEY, I18NUtil.getMessage(IMPORT_ALREADY_IN_PROGRESS_ERROR_KEY));
return model;
}
final BulkImportParameters bulkImportParameters = getBulkImportParameters();
final NodeImporter nodeImporter = nodeImporterFactory.get();
bulkImporter.asyncBulkImport(bulkImportParameters, nodeImporter);
waitForImportToBegin();
// redirect to the status Web Script
status.setCode(Status.STATUS_MOVED_TEMPORARILY);
status.setRedirect(true);
status.setLocation(request.getServiceContextPath() + WEB_SCRIPT_URI_BULK_FILESYSTEM_IMPORT_STATUS);
}
catch (WebScriptException | IllegalArgumentException e)
{
status.setCode(Status.STATUS_BAD_REQUEST, e.getMessage());
status.setRedirect(true);
}
catch (FileNotFoundException fnfe)
{
status.setCode(Status.STATUS_BAD_REQUEST,"The repository path '" + targetPath + "' does not exist !");
status.setRedirect(true);
}
catch (Throwable t)
{
throw new WebScriptException(Status.STATUS_INTERNAL_SERVER_ERROR, buildTextMessage(t), t);
}
return model;
}
private void waitForImportToBegin() throws InterruptedException
{
// ACE-3047 fix, since bulk import is started asynchronously there is a chance that client
// will get into the status page before import is actually started.
// In this case wrong information (for previous import) will be displayed.
// So lets ensure that import started before redirecting client to status page.
int i = 0;
while (!bulkImporter.getStatus().inProgress() && i < 10)
{
Thread.sleep(100);
i++;
}
}
private BulkImportParameters getBulkImportParameters() throws FileNotFoundException
{
final BulkImportParametersExtractor extractor = new BulkImportParametersExtractor(request::getParameter,
AbstractBulkFileSystemImportWebScript.this::getTargetNodeRef,
bulkImporter.getDefaultBatchSize(),
bulkImporter.getDefaultNumThreads());
return extractor.extract();
}
private boolean isRunning()
{
return bulkImporter.getStatus().inProgress();
}
}
protected static class BulkImportParametersExtractor
{
private final Function<String, String> paramsProvider;
private final NodeRefCreator nodeRefCreator;
private final int defaultBatchSize;
private final int defaultNumThreads;
public BulkImportParametersExtractor(final Function<String, String> paramsProvider, final NodeRefCreator nodeRefCreator,
final int defaultBatchSize, final int defaultNumThreads)
{
this.paramsProvider = Objects.requireNonNull(paramsProvider);
this.nodeRefCreator = Objects.requireNonNull(nodeRefCreator);
this.defaultBatchSize = defaultBatchSize;
this.defaultNumThreads = defaultNumThreads;
}
public BulkImportParameters extract() throws FileNotFoundException
{
BulkImportParameters result = new BulkImportParameters();
result.setTarget(getTargetNodeRef());
setExistingFileMode(result);
result.setNumThreads(getOptionalPositiveInteger(PARAMETER_NUM_THREADS).orElse(defaultNumThreads));
result.setBatchSize(getOptionalPositiveInteger(PARAMETER_BATCH_SIZE).orElse(defaultBatchSize));
setDisableRules(result);
return result;
}
private void setExistingFileMode(BulkImportParameters params)
{
String replaceExistingStr = getParamStringValue(PARAMETER_REPLACE_EXISTING);
String existingFileModeStr = getParamStringValue(PARAMETER_EXISTING_FILE_MODE);
if (!isNullOrEmpty(replaceExistingStr) && !isNullOrEmpty(existingFileModeStr))
{
// Check that we haven't had both the deprecated and new (existingFileMode)
// parameters supplied.
throw new IllegalStateException(
String.format("Only one of these parameters may be used, not both: %s, %s",
PARAMETER_REPLACE_EXISTING,
PARAMETER_EXISTING_FILE_MODE));
}
if (!isNullOrEmpty(existingFileModeStr))
{
params.setExistingFileMode(BulkImportParameters.ExistingFileMode.valueOf(existingFileModeStr));
}
else
{
params.setReplaceExisting(PARAMETER_VALUE_REPLACE_EXISTING.equals(replaceExistingStr));
}
}
private void setDisableRules(final BulkImportParameters params)
{
final String disableRulesStr = getParamStringValue(PARAMETER_DISABLE_RULES);
params.setDisableRulesService(!isNullOrEmpty(disableRulesStr) && PARAMETER_VALUE_DISABLE_RULES.equals(disableRulesStr));
}
private NodeRef getTargetNodeRef() throws FileNotFoundException
{
String targetNodeRefStr = getParamStringValue(PARAMETER_TARGET_NODEREF);
String targetPath = getParamStringValue(PARAMETER_TARGET_PATH);
return nodeRefCreator.fromNodeRefAndPath(targetNodeRefStr, targetPath);
}
private OptionalInt getOptionalPositiveInteger(final String paramName)
{
final String strValue = getParamStringValue(paramName);
if (isNullOrEmpty(strValue))
{
return OptionalInt.empty();
}
final Integer asInt = Ints.tryParse(strValue);
if (asInt == null || asInt < 1)
{
throw new WebScriptException("Error: parameter '" + paramName + "' must be an integer > 0.");
}
return OptionalInt.of(asInt);
}
private String getParamStringValue(String paramName)
{
Objects.requireNonNull(paramName);
return paramsProvider.apply(paramName);
}
private boolean isNullOrEmpty(String str)
{
return str == null || str.trim().length() == 0;
}
@FunctionalInterface
protected interface NodeRefCreator
{
NodeRef fromNodeRefAndPath(String nodeRef, String path) throws FileNotFoundException;
}
}
}

179
remote-api/src/main/java/org/alfresco/repo/web/scripts/bulkimport/copy/BulkFilesystemImportWebScript.java
View File

@@ -27,17 +27,12 @@
package org.alfresco.repo.web.scripts.bulkimport.copy;
import java.io.File;
import java.util.HashMap;
import java.util.Map;
import org.alfresco.repo.bulkimport.BulkImportParameters;
import org.alfresco.repo.bulkimport.NodeImporter;
import org.alfresco.repo.bulkimport.impl.MultiThreadedBulkFilesystemImporter;
import org.alfresco.repo.bulkimport.impl.StreamingNodeImporterFactory;
import org.alfresco.repo.web.scripts.bulkimport.AbstractBulkFileSystemImportWebScript;
import org.alfresco.service.cmr.model.FileNotFoundException;
import org.alfresco.service.cmr.repository.NodeRef;
import org.springframework.extensions.surf.util.I18NUtil;
import org.springframework.extensions.webscripts.Cache;
import org.springframework.extensions.webscripts.Status;
import org.springframework.extensions.webscripts.WebScriptException;
@@ -69,170 +64,22 @@ public class BulkFilesystemImportWebScript extends AbstractBulkFileSystemImportW
@Override
protected Map<String, Object> executeImpl(final WebScriptRequest request, final Status status, final Cache cache)
{
Map<String, Object> model = new HashMap<String, Object>();
String targetNodeRefStr = null;
String targetPath = null;
String sourceDirectoryStr = null;
@Deprecated String replaceExistingStr = null;
String existingFileModeStr = null;
String batchSizeStr = null;
String numThreadsStr = null;
String disableRulesStr = null;
final MultithreadedImportWebScriptLogic importLogic = new MultithreadedImportWebScriptLogic(bulkImporter,
() -> createNodeImporter(request), request, status, cache);
return importLogic.executeImport();
}
cache.setNeverCache(true);
try
private NodeImporter createNodeImporter(WebScriptRequest request)
{
final String sourceDirectoryStr = request.getParameter(PARAMETER_SOURCE_DIRECTORY);
if (sourceDirectoryStr == null || sourceDirectoryStr.trim().length() == 0)
{
if(!bulkImporter.getStatus().inProgress())
{
NodeRef targetNodeRef = null;
File sourceDirectory = null;
boolean replaceExisting = false;
BulkImportParameters.ExistingFileMode existingFileMode = null;
int batchSize = bulkImporter.getDefaultBatchSize();
int numThreads = bulkImporter.getDefaultNumThreads();
boolean disableRules = false;
// Retrieve, validate and convert parameters
targetNodeRefStr = request.getParameter(PARAMETER_TARGET_NODEREF);
targetPath = request.getParameter(PARAMETER_TARGET_PATH);
sourceDirectoryStr = request.getParameter(PARAMETER_SOURCE_DIRECTORY);
replaceExistingStr = request.getParameter(PARAMETER_REPLACE_EXISTING);
existingFileModeStr = request.getParameter(PARAMETER_EXISTING_FILE_MODE);
batchSizeStr = request.getParameter(PARAMETER_BATCH_SIZE);
numThreadsStr = request.getParameter(PARAMETER_NUM_THREADS);
disableRulesStr = request.getParameter(PARAMETER_DISABLE_RULES);
targetNodeRef = getTargetNodeRef(targetNodeRefStr, targetPath);
if (sourceDirectoryStr == null || sourceDirectoryStr.trim().length() == 0)
{
throw new RuntimeException("Error: mandatory parameter '" + PARAMETER_SOURCE_DIRECTORY + "' was not provided.");
}
sourceDirectory = new File(sourceDirectoryStr.trim());
if (replaceExistingStr != null && existingFileModeStr != null)
{
// Check that we haven't had both the deprecated and new (existingFileMode)
// parameters supplied.
throw new IllegalStateException(
String.format("Only one of these parameters may be used, not both: %s, %s",
PARAMETER_REPLACE_EXISTING,
PARAMETER_EXISTING_FILE_MODE));
}
if (replaceExistingStr != null && replaceExistingStr.trim().length() > 0)
{
replaceExisting = PARAMETER_VALUE_REPLACE_EXISTING.equals(replaceExistingStr);
}
if (existingFileModeStr != null && existingFileModeStr.trim().length() > 0)
{
existingFileMode = BulkImportParameters.ExistingFileMode.valueOf(existingFileModeStr);
}
if (disableRulesStr != null && disableRulesStr.trim().length() > 0)
{
disableRules = PARAMETER_VALUE_DISABLE_RULES.equals(disableRulesStr);
}
// Initiate the import
NodeImporter nodeImporter = nodeImporterFactory.getNodeImporter(sourceDirectory);
BulkImportParameters bulkImportParameters = new BulkImportParameters();
if (numThreadsStr != null && numThreadsStr.trim().length() > 0)
{
try
{
numThreads = Integer.parseInt(numThreadsStr);
if(numThreads < 1)
{
throw new RuntimeException("Error: parameter '" + PARAMETER_NUM_THREADS + "' must be an integer > 0.");
}
bulkImportParameters.setNumThreads(numThreads);
}
catch(NumberFormatException e)
{
throw new RuntimeException("Error: parameter '" + PARAMETER_NUM_THREADS + "' must be an integer > 0.");
}
}
if (batchSizeStr != null && batchSizeStr.trim().length() > 0)
{
try
{
batchSize = Integer.parseInt(batchSizeStr);
if(batchSize < 1)
{
throw new RuntimeException("Error: parameter '" + PARAMETER_BATCH_SIZE + "' must be an integer > 0.");
}
bulkImportParameters.setBatchSize(batchSize);
}
catch(NumberFormatException e)
{
throw new RuntimeException("Error: parameter '" + PARAMETER_BATCH_SIZE + "' must be an integer > 0.");
}
}
if (existingFileMode != null)
{
bulkImportParameters.setExistingFileMode(existingFileMode);
}
else
{
// Fall back to the old/deprecated way.
bulkImportParameters.setReplaceExisting(replaceExisting);
}
bulkImportParameters.setTarget(targetNodeRef);
bulkImportParameters.setDisableRulesService(disableRules);
bulkImporter.asyncBulkImport(bulkImportParameters, nodeImporter);
// ACE-3047 fix, since bulk import is started asynchronously there is a chance that client
// will get into the status page before import is actually started.
// In this case wrong information (for previous import) will be displayed.
// So lets ensure that import started before redirecting client to status page.
int i = 0;
while (!bulkImporter.getStatus().inProgress() && i < 10)
{
Thread.sleep(100);
i++;
}
// redirect to the status Web Script
status.setCode(Status.STATUS_MOVED_TEMPORARILY);
status.setRedirect(true);
status.setLocation(request.getServiceContextPath() + WEB_SCRIPT_URI_BULK_FILESYSTEM_IMPORT_STATUS);
}
else
{
model.put(IMPORT_ALREADY_IN_PROGRESS_MODEL_KEY, I18NUtil.getMessage(IMPORT_ALREADY_IN_PROGRESS_ERROR_KEY));
}
throw new WebScriptException("Error: mandatory parameter '" + PARAMETER_SOURCE_DIRECTORY + "' was not provided.");
}
catch (WebScriptException wse)
{
status.setCode(Status.STATUS_BAD_REQUEST, wse.getMessage());
status.setRedirect(true);
}
catch (FileNotFoundException fnfe)
{
status.setCode(Status.STATUS_BAD_REQUEST,"The repository path '" + targetPath + "' does not exist !");
status.setRedirect(true);
}
catch(IllegalArgumentException iae)
{
status.setCode(Status.STATUS_BAD_REQUEST,iae.getMessage());
status.setRedirect(true);
}
catch (Throwable t)
{
throw new WebScriptException(Status.STATUS_INTERNAL_SERVER_ERROR, buildTextMessage(t), t);
}
return model;
final File sourceDirectory = new File(sourceDirectoryStr.trim());
return nodeImporterFactory.getNodeImporter(sourceDirectory);
}
}

287
remote-api/src/main/java/org/alfresco/repo/web/scripts/model/filefolder/FileFolderLoaderPost.java
View File

@@ -23,149 +23,144 @@
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
* #L%
*/
package org.alfresco.repo.web.scripts.model.filefolder;
import java.io.IOException;
import java.io.OutputStream;
import org.alfresco.repo.model.filefolder.FileFolderLoader;
import org.alfresco.service.cmr.model.FileNotFoundException;
import org.json.JSONException;
import org.json.JSONObject;
import org.json.JSONTokener;
import org.springframework.beans.BeansException;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware;
import org.springframework.extensions.webscripts.AbstractWebScript;
import org.springframework.extensions.webscripts.Status;
import org.springframework.extensions.webscripts.WebScriptException;
import org.springframework.extensions.webscripts.WebScriptRequest;
import org.springframework.extensions.webscripts.WebScriptResponse;
/**
* Link to {@link FileFolderLoader}
*/
public class FileFolderLoaderPost extends AbstractWebScript implements ApplicationContextAware
{
public static final String KEY_FOLDER_PATH = "folderPath";
public static final String KEY_FILE_COUNT = "fileCount";
public static final String KEY_FILES_PER_TXN = "filesPerTxn";
public static final String KEY_MIN_FILE_SIZE = "minFileSize";
public static final String KEY_MAX_FILE_SIZE = "maxFileSize";
public static final String KEY_MAX_UNIQUE_DOCUMENTS = "maxUniqueDocuments";
public static final String KEY_FORCE_BINARY_STORAGE = "forceBinaryStorage";
public static final String KEY_DESCRIPTION_COUNT = "descriptionCount";
public static final String KEY_DESCRIPTION_SIZE = "descriptionSize";
public static final String KEY_COUNT = "count";
public static final int DEFAULT_FILE_COUNT = 100;
public static final int DEFAULT_FILES_PER_TXN = 100;
public static final long DEFAULT_MIN_FILE_SIZE = 80*1024L;
public static final long DEFAULT_MAX_FILE_SIZE = 120*1024L;
public static final long DEFAULT_MAX_UNIQUE_DOCUMENTS = Long.MAX_VALUE;
public static final int DEFAULT_DESCRIPTION_COUNT = 1;
public static final long DEFAULT_DESCRIPTION_SIZE = 128L;
public static final boolean DEFAULT_FORCE_BINARY_STORAGE = false;
private ApplicationContext applicationContext;
@Override
public void setApplicationContext(ApplicationContext applicationContext) throws BeansException
{
this.applicationContext = applicationContext;
}
public void execute(WebScriptRequest req, WebScriptResponse res) throws IOException
{
FileFolderLoader loader = (FileFolderLoader) applicationContext.getBean("fileFolderLoader");
int count = 0;
String folderPath = "";
try
{
JSONObject json = new JSONObject(new JSONTokener(req.getContent().getContent()));
folderPath = json.getString(KEY_FOLDER_PATH);
if (folderPath == null)
{
throw new WebScriptException(Status.STATUS_BAD_REQUEST, KEY_FOLDER_PATH + " not supplied.");
}
int fileCount = 100;
if (json.has(KEY_FILE_COUNT))
{
fileCount = json.getInt(KEY_FILE_COUNT);
}
int filesPerTxn = DEFAULT_FILES_PER_TXN;
if (json.has(KEY_FILES_PER_TXN))
{
filesPerTxn = json.getInt(KEY_FILES_PER_TXN);
}
long minFileSize = DEFAULT_MIN_FILE_SIZE;
if (json.has(KEY_MIN_FILE_SIZE))
{
minFileSize = json.getInt(KEY_MIN_FILE_SIZE);
}
long maxFileSize = DEFAULT_MAX_FILE_SIZE;
if (json.has(KEY_MAX_FILE_SIZE))
{
maxFileSize = json.getInt(KEY_MAX_FILE_SIZE);
}
long maxUniqueDocuments = DEFAULT_MAX_UNIQUE_DOCUMENTS;
if (json.has(KEY_MAX_UNIQUE_DOCUMENTS))
{
maxUniqueDocuments = json.getInt(KEY_MAX_UNIQUE_DOCUMENTS);
}
boolean forceBinaryStorage = DEFAULT_FORCE_BINARY_STORAGE;
if (json.has(KEY_FORCE_BINARY_STORAGE))
{
forceBinaryStorage = json.getBoolean(KEY_FORCE_BINARY_STORAGE);
}
int descriptionCount = DEFAULT_DESCRIPTION_COUNT;
if (json.has(KEY_DESCRIPTION_COUNT))
{
descriptionCount = json.getInt(KEY_DESCRIPTION_COUNT);
}
long descriptionSize = DEFAULT_DESCRIPTION_SIZE;
if (json.has(KEY_DESCRIPTION_SIZE))
{
descriptionSize = json.getLong(KEY_DESCRIPTION_SIZE);
}
// Perform the load
count = loader.createFiles(
folderPath,
fileCount, filesPerTxn,
minFileSize, maxFileSize,
maxUniqueDocuments,
forceBinaryStorage,
descriptionCount, descriptionSize);
}
catch (FileNotFoundException e)
{
throw new WebScriptException(Status.STATUS_NOT_FOUND, "Folder not found: ", folderPath);
}
catch (IOException iox)
{
throw new WebScriptException(Status.STATUS_BAD_REQUEST, "Could not read content from req.", iox);
}
catch (JSONException je)
{
throw new WebScriptException(Status.STATUS_BAD_REQUEST, "Could not parse JSON from req.", je);
}
// Write the response
OutputStream os = res.getOutputStream();
try
{
JSONObject json = new JSONObject();
json.put(KEY_COUNT, count);
os.write(json.toString().getBytes("UTF-8"));
}
catch (JSONException e)
{
throw new WebScriptException(Status.STATUS_INTERNAL_SERVER_ERROR, "Failed to write JSON", e);
}
finally
{
os.close();
}
}
}
package org.alfresco.repo.web.scripts.model.filefolder;
import java.io.IOException;
import java.io.OutputStream;
import org.alfresco.repo.model.filefolder.FileFolderLoader;
import org.alfresco.service.cmr.model.FileNotFoundException;
import org.json.JSONException;
import org.json.JSONObject;
import org.json.JSONTokener;
import org.springframework.beans.BeansException;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware;
import org.springframework.extensions.webscripts.AbstractWebScript;
import org.springframework.extensions.webscripts.Status;
import org.springframework.extensions.webscripts.WebScriptException;
import org.springframework.extensions.webscripts.WebScriptRequest;
import org.springframework.extensions.webscripts.WebScriptResponse;
/**
* Link to {@link FileFolderLoader}
*/
public class FileFolderLoaderPost extends AbstractWebScript implements ApplicationContextAware
{
public static final String KEY_FOLDER_PATH = "folderPath";
public static final String KEY_FILE_COUNT = "fileCount";
public static final String KEY_FILES_PER_TXN = "filesPerTxn";
public static final String KEY_MIN_FILE_SIZE = "minFileSize";
public static final String KEY_MAX_FILE_SIZE = "maxFileSize";
public static final String KEY_MAX_UNIQUE_DOCUMENTS = "maxUniqueDocuments";
public static final String KEY_FORCE_BINARY_STORAGE = "forceBinaryStorage";
public static final String KEY_DESCRIPTION_COUNT = "descriptionCount";
public static final String KEY_DESCRIPTION_SIZE = "descriptionSize";
public static final String KEY_COUNT = "count";
public static final int DEFAULT_FILE_COUNT = 100;
public static final int DEFAULT_FILES_PER_TXN = 100;
public static final long DEFAULT_MIN_FILE_SIZE = 80*1024L;
public static final long DEFAULT_MAX_FILE_SIZE = 120*1024L;
public static final long DEFAULT_MAX_UNIQUE_DOCUMENTS = Long.MAX_VALUE;
public static final int DEFAULT_DESCRIPTION_COUNT = 1;
public static final long DEFAULT_DESCRIPTION_SIZE = 128L;
public static final boolean DEFAULT_FORCE_BINARY_STORAGE = false;
private ApplicationContext applicationContext;
@Override
public void setApplicationContext(ApplicationContext applicationContext) throws BeansException
{
this.applicationContext = applicationContext;
}
public void execute(WebScriptRequest req, WebScriptResponse res) throws IOException
{
FileFolderLoader loader = (FileFolderLoader) applicationContext.getBean("fileFolderLoader");
int count = 0;
String folderPath = "";
try
{
JSONObject json = new JSONObject(new JSONTokener(req.getContent().getContent()));
folderPath = json.getString(KEY_FOLDER_PATH);
if (folderPath == null)
{
throw new WebScriptException(Status.STATUS_BAD_REQUEST, KEY_FOLDER_PATH + " not supplied.");
}
int fileCount = 100;
if (json.has(KEY_FILE_COUNT))
{
fileCount = json.getInt(KEY_FILE_COUNT);
}
int filesPerTxn = DEFAULT_FILES_PER_TXN;
if (json.has(KEY_FILES_PER_TXN))
{
filesPerTxn = json.getInt(KEY_FILES_PER_TXN);
}
long minFileSize = DEFAULT_MIN_FILE_SIZE;
if (json.has(KEY_MIN_FILE_SIZE))
{
minFileSize = json.getInt(KEY_MIN_FILE_SIZE);
}
long maxFileSize = DEFAULT_MAX_FILE_SIZE;
if (json.has(KEY_MAX_FILE_SIZE))
{
maxFileSize = json.getInt(KEY_MAX_FILE_SIZE);
}
long maxUniqueDocuments = DEFAULT_MAX_UNIQUE_DOCUMENTS;
if (json.has(KEY_MAX_UNIQUE_DOCUMENTS))
{
maxUniqueDocuments = json.getInt(KEY_MAX_UNIQUE_DOCUMENTS);
}
boolean forceBinaryStorage = DEFAULT_FORCE_BINARY_STORAGE;
if (json.has(KEY_FORCE_BINARY_STORAGE))
{
forceBinaryStorage = json.getBoolean(KEY_FORCE_BINARY_STORAGE);
}
int descriptionCount = DEFAULT_DESCRIPTION_COUNT;
if (json.has(KEY_DESCRIPTION_COUNT))
{
descriptionCount = json.getInt(KEY_DESCRIPTION_COUNT);
}
long descriptionSize = DEFAULT_DESCRIPTION_SIZE;
if (json.has(KEY_DESCRIPTION_SIZE))
{
descriptionSize = json.getLong(KEY_DESCRIPTION_SIZE);
}
// Perform the load
count = loader.createFiles(
folderPath,
fileCount, filesPerTxn,
minFileSize, maxFileSize,
maxUniqueDocuments,
forceBinaryStorage,
descriptionCount, descriptionSize);
}
catch (FileNotFoundException e)
{
throw new WebScriptException(Status.STATUS_NOT_FOUND, "Folder not found: ", folderPath);
}
catch (IOException iox)
{
throw new WebScriptException(Status.STATUS_BAD_REQUEST, "Could not read content from req.", iox);
}
catch (JSONException je)
{
throw new WebScriptException(Status.STATUS_BAD_REQUEST, "Could not parse JSON from req.", je);
}
// Write the response
try (OutputStream os = res.getOutputStream())
{
JSONObject json = new JSONObject();
json.put(KEY_COUNT, count);
os.write(json.toString().getBytes("UTF-8"));
}
catch (JSONException e)
{
throw new WebScriptException(Status.STATUS_INTERNAL_SERVER_ERROR, "Failed to write JSON", e);
}
}
}

19
remote-api/src/main/java/org/alfresco/repo/web/scripts/transfer/PostSnapshotCommandProcessor.java
View File

@@ -125,16 +125,15 @@ public class PostSnapshotCommandProcessor implements CommandProcessor
logger.debug("success");
resp.setStatus(Status.STATUS_OK);
OutputStream out = resp.getOutputStream();
resp.setContentType("text/xml");
resp.setContentEncoding("utf-8");
receiver.generateRequsite(transferId, out);
out.close();
}
try (OutputStream out = resp.getOutputStream())
{
resp.setContentType("text/xml");
resp.setContentEncoding("utf-8");
receiver.generateRequsite(transferId, out);
}
}
catch (Exception ex)
{
logger.debug("exception caught", ex);

28
remote-api/src/main/java/org/alfresco/rest/api/DeletedNodes.java
View File

@@ -2,7 +2,7 @@
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2016 Alfresco Software Limited
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
@@ -34,6 +34,7 @@ import org.alfresco.rest.api.model.UserInfo;
import org.alfresco.rest.framework.resource.content.BinaryResource;
import org.alfresco.rest.framework.resource.parameters.CollectionWithPagingInfo;
import org.alfresco.rest.framework.resource.parameters.Parameters;
import org.alfresco.service.cmr.repository.DirectAccessUrl;
/**
* Handles trashcan / deleted nodes
@@ -99,4 +100,29 @@ public interface DeletedNodes
* @return
*/
CollectionWithPagingInfo<Rendition> getRenditions(String archivedId, Parameters parameters);
/**
* Gets a presigned URL to directly access content.
*
* @param archivedId The node id for which to obtain the direct access {@code URL}
* @param renditionId The rendition id for which to obtain the direct access {@code URL}
* @param attachment {@code true} if an attachment {@code URL} is requested, {@code false} for an embedded {@code URL}, {@code true} by default.
* @return A direct access {@code URL} object for the content.
*/
default DirectAccessUrl requestContentDirectUrl(String archivedId, String renditionId, boolean attachment)
{
return requestContentDirectUrl(archivedId, renditionId, attachment, null);
}
/**
* Gets a presigned URL to directly access content.
*
* @param archivedId The node id for which to obtain the direct access {@code URL}
* @param renditionId The rendition id for which to obtain the direct access {@code URL}
* @param attachment {@code true} if an attachment {@code URL} is requested, {@code false} for an embedded {@code URL}, {@code true} by default.
* @param validFor The time at which the direct access {@code URL} will expire.
* @return A direct access {@code URL} object for the content.
*/
DirectAccessUrl requestContentDirectUrl(String archivedId, String renditionId, boolean attachment, Long validFor);
}

66
remote-api/src/main/java/org/alfresco/rest/api/DirectAccessUrlHelper.java Normal file
View File

@@ -0,0 +1,66 @@
/*
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
* the paid license agreement will prevail. Otherwise, the software is
* provided under the following open source license terms:
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
* #L%
*/
package org.alfresco.rest.api;
import org.alfresco.rest.api.impl.directurl.RestApiDirectUrlConfig;
import org.alfresco.rest.api.model.DirectAccessUrlRequest;
import org.alfresco.rest.framework.core.exceptions.DisabledServiceException;
import org.apache.commons.lang3.BooleanUtils;
/**
* Helper class for retrieving direct access URLs options.
*
* @author Sara Aspery
*/
public class DirectAccessUrlHelper
{
private RestApiDirectUrlConfig restApiDirectUrlConfig;
public void setRestApiDirectUrlConfig(RestApiDirectUrlConfig restApiDirectUrlConfig)
{
this.restApiDirectUrlConfig = restApiDirectUrlConfig;
}
public Long getDefaultExpiryTimeInSec()
{
if (restApiDirectUrlConfig ==null || !restApiDirectUrlConfig.isEnabled())
{
throw new DisabledServiceException("Direct access url isn't available.");
}
return restApiDirectUrlConfig.getDefaultExpiryTimeInSec();
}
public boolean getAttachment(DirectAccessUrlRequest directAccessUrlRequest)
{
boolean attachment = true;
if (directAccessUrlRequest != null )
{
attachment = BooleanUtils.toBooleanDefaultIfNull(directAccessUrlRequest.isAttachment(), true);
}
return attachment;
}
}

46
remote-api/src/main/java/org/alfresco/rest/api/Nodes.java
View File

@@ -2,7 +2,7 @@
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2017 Alfresco Software Limited
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
@@ -44,6 +44,7 @@ import org.alfresco.rest.framework.resource.content.BinaryResource;
import org.alfresco.rest.framework.resource.parameters.CollectionWithPagingInfo;
import org.alfresco.rest.framework.resource.parameters.Parameters;
import org.alfresco.service.cmr.repository.ChildAssociationRef;
import org.alfresco.service.cmr.repository.DirectAccessUrl;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.StoreRef;
import org.alfresco.service.namespace.QName;
@@ -266,6 +267,49 @@ public interface Nodes
*/
Node unlock(String nodeId, Parameters parameters);
/**
* Gets a presigned URL to directly access content.
* @param nodeId The node id for which to obtain the direct access {@code URL}
* @param attachment {@code true} if an attachment {@code URL} is requested, {@code false} for an embedded {@code URL}.
* @return A direct access {@code URL} object for the content.
*/
default DirectAccessUrl requestContentDirectUrl(String nodeId, boolean attachment)
{
return requestContentDirectUrl(validateNode(nodeId), attachment);
}
/**
* Gets a presigned URL to directly access content.
* @param nodeRef The node reference for which to obtain the direct access {@code URL}
* @param attachment {@code true} if an attachment {@code URL} is requested, {@code false} for an embedded {@code URL}.
* @return A direct access {@code URL} object for the content.
*/
default DirectAccessUrl requestContentDirectUrl(NodeRef nodeRef, boolean attachment)
{
return requestContentDirectUrl(nodeRef, attachment, null);
}
/**
* Gets a presigned URL to directly access content.
* @param nodeId The node id for which to obtain the direct access {@code URL}
* @param attachment {@code true} if an attachment {@code URL} is requested, {@code false} for an embedded {@code URL}.
* @param validFor The time at which the direct access {@code URL} will expire.
* @return A direct access {@code URL} object for the content.
*/
default DirectAccessUrl requestContentDirectUrl(String nodeId, boolean attachment, Long validFor)
{
return requestContentDirectUrl(validateNode(nodeId), attachment, validFor);
}
/**
* Gets a presigned URL to directly access content.
* @param nodeRef The node reference for which to obtain the direct access {@code URL}
* @param attachment {@code true} if an attachment {@code URL} is requested, {@code false} for an embedded {@code URL}.
* @param validFor The time at which the direct access {@code URL} will expire.
* @return A direct access {@code URL} object for the content.
*/
DirectAccessUrl requestContentDirectUrl(NodeRef nodeRef, boolean attachment, Long validFor);
/**
* Convert from node properties (map of QName to Serializable) retrieved from
* the respository to a map of String to Object that can be formatted/expressed

57
remote-api/src/main/java/org/alfresco/rest/api/Renditions.java
View File

@@ -2,7 +2,7 @@
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2020 Alfresco Software Limited
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
@@ -32,7 +32,9 @@ import org.alfresco.rest.framework.core.exceptions.NotFoundException;
import org.alfresco.rest.framework.resource.content.BinaryResource;
import org.alfresco.rest.framework.resource.parameters.CollectionWithPagingInfo;
import org.alfresco.rest.framework.resource.parameters.Parameters;
import org.alfresco.service.cmr.repository.DirectAccessUrl;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.StoreRef;
import java.util.List;
@@ -186,5 +188,58 @@ public interface Renditions
* @return the rendition stream
*/
BinaryResource getContentNoValidation(NodeRef nodeRef, String versionId, String renditionId, Parameters parameters);
/**
* Gets a presigned URL to directly access content.
* @param nodeId the node id for which to obtain the direct access {@code URL}
* @param versionId the version id (aka version label)
* @param renditionId the rendition id
* @param attachment {@code true} if an attachment {@code URL} is requested, {@code false} for an embedded {@code URL}
* @return a direct access {@code URL} object for the content
*/
default DirectAccessUrl requestContentDirectUrl(String nodeId, String versionId, String renditionId, boolean attachment)
{
NodeRef nodeRef = new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, nodeId);
return requestContentDirectUrl(nodeRef, versionId, renditionId, attachment);
}
/**
* Gets a presigned URL to directly access content.
* @param nodeId the node id for which to obtain the direct access {@code URL}
* @param versionId the version id (aka version label)
* @param renditionId the rendition id
* @param attachment {@code true} if an attachment {@code URL} is requested, {@code false} for an embedded {@code URL}
* @param validFor the time at which the direct access {@code URL} will expire
* @return a direct access {@code URL} object for the content
*/
default DirectAccessUrl requestContentDirectUrl(String nodeId, String versionId, String renditionId, boolean attachment, Long validFor)
{
NodeRef nodeRef = new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, nodeId);
return requestContentDirectUrl(nodeRef, versionId, renditionId, attachment, validFor);
}
/**
* Gets a presigned URL to directly access content.
* @param nodeRef the node reference for which to obtain the direct access {@code URL}
* @param versionId the version id (aka version label)
* @param renditionId the rendition id
* @param attachment {@code true} if an attachment {@code URL} is requested, {@code false} for an embedded {@code URL}
* @return a direct access {@code URL} object for the content.
*/
default DirectAccessUrl requestContentDirectUrl(NodeRef nodeRef, String versionId, String renditionId, boolean attachment)
{
return requestContentDirectUrl(nodeRef, versionId, renditionId, attachment, null);
}
/**
* Gets a presigned URL to directly access content.
* @param nodeRef the node reference for which to obtain the direct access {@code URL}
* @param versionId the version id (aka version label)
* @param renditionId the rendition id
* @param attachment {@code true} if an attachment {@code URL} is requested, {@code false} for an embedded {@code URL}
* @param validFor the time at which the direct access {@code URL} will expire
* @return a direct access {@code URL} object for the content.
*/
DirectAccessUrl requestContentDirectUrl(NodeRef nodeRef, String versionId, String renditionId, boolean attachment, Long validFor);
}

27
remote-api/src/main/java/org/alfresco/rest/api/discovery/DiscoveryApiWebscript.java
View File

@@ -2,7 +2,7 @@
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2016 Alfresco Software Limited
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
@@ -25,6 +25,7 @@
*/
package org.alfresco.rest.api.discovery;
import org.alfresco.rest.api.impl.directurl.RestApiDirectUrlConfig;
import org.alfresco.rest.api.model.DiscoveryDetails;
import org.alfresco.rest.api.model.ModulePackage;
import org.alfresco.rest.api.model.RepositoryInfo;
@@ -41,6 +42,7 @@ import org.alfresco.service.cmr.audit.AuditService;
import org.alfresco.service.cmr.module.ModuleDetails;
import org.alfresco.service.cmr.module.ModuleService;
import org.alfresco.service.cmr.quickshare.QuickShareService;
import org.alfresco.service.cmr.repository.ContentService;
import org.alfresco.service.cmr.thumbnail.ThumbnailService;
import org.alfresco.service.descriptor.Descriptor;
import org.alfresco.service.descriptor.DescriptorService;
@@ -67,6 +69,8 @@ public class DiscoveryApiWebscript extends AbstractWebScript implements Recogniz
private ModuleService moduleService;
private ApiAssistant assistant;
private ThumbnailService thumbnailService;
private RestApiDirectUrlConfig restApiDirectUrlConfig;
private ContentService contentService;
private boolean enabled = true;
private final static String DISABLED = "Not Implemented";
@@ -106,6 +110,16 @@ public class DiscoveryApiWebscript extends AbstractWebScript implements Recogniz
this.thumbnailService = thumbnailService;
}
public void setRestApiDirectUrlConfig(RestApiDirectUrlConfig restApiDirectUrlConfig)
{
this.restApiDirectUrlConfig = restApiDirectUrlConfig;
}
public void setContentService(ContentService contentService)
{
this.contentService = contentService;
}
@Override
public void afterPropertiesSet() throws Exception
{
@@ -116,6 +130,8 @@ public class DiscoveryApiWebscript extends AbstractWebScript implements Recogniz
PropertyCheck.mandatory(this, "moduleService", moduleService);
PropertyCheck.mandatory(this, "assistant", assistant);
PropertyCheck.mandatory(this, "thumbnailService", thumbnailService);
PropertyCheck.mandatory(this, "restApiDirectUrlConfig", restApiDirectUrlConfig);
PropertyCheck.mandatory(this, "contentService", contentService);
}
@Override
@@ -154,7 +170,8 @@ public class DiscoveryApiWebscript extends AbstractWebScript implements Recogniz
.setReadOnly(repoAdminService.getUsage().isReadOnly())
.setAuditEnabled(auditService.isAuditEnabled())
.setQuickShareEnabled(quickShareService.isQuickShareEnabled())
.setThumbnailGenerationEnabled(thumbnailService.getThumbnailsEnabled()));
.setThumbnailGenerationEnabled(thumbnailService.getThumbnailsEnabled())
.setDirectAccessUrlEnabled(isContentDirectUrlEnabled()));
}
private List<ModulePackage> getModules()
@@ -194,4 +211,10 @@ public class DiscoveryApiWebscript extends AbstractWebScript implements Recogniz
throw new DisabledServiceException(DISABLED);
}
}
protected boolean isContentDirectUrlEnabled()
{
return (restApiDirectUrlConfig.isEnabled() && contentService.isContentDirectUrlEnabled());
}
}

22
remote-api/src/main/java/org/alfresco/rest/api/impl/DeletedNodesImpl.java
View File

@@ -2,7 +2,7 @@
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2016 Alfresco Software Limited
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
@@ -55,6 +55,7 @@ import org.alfresco.rest.framework.resource.content.BinaryResource;
import org.alfresco.rest.framework.resource.parameters.CollectionWithPagingInfo;
import org.alfresco.rest.framework.resource.parameters.Parameters;
import org.alfresco.rest.framework.tools.RecognizedParamsExtractor;
import org.alfresco.service.cmr.repository.DirectAccessUrl;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.repository.StoreRef;
@@ -244,4 +245,23 @@ public class DeletedNodesImpl implements DeletedNodes, RecognizedParamsExtractor
NodeRef nodeRef = new NodeRef(StoreRef.STORE_REF_ARCHIVE_SPACESSTORE, archivedId);
return renditions.getRenditions(nodeRef, parameters);
}
/**
* {@inheritDoc}
*/
@Override
public DirectAccessUrl requestContentDirectUrl(String originalNodeId, String renditionId, boolean attachment, Long validFor)
{
//First check the node is valid and has been archived.
NodeRef validatedNodeRef = nodes.validateNode(StoreRef.STORE_REF_ARCHIVE_SPACESSTORE, originalNodeId);
if (renditionId != null)
{
return renditions.requestContentDirectUrl(validatedNodeRef, null, renditionId, attachment, validFor);
}
else
{
return nodes.requestContentDirectUrl(validatedNodeRef, attachment, validFor);
}
}
}

17
remote-api/src/main/java/org/alfresco/rest/api/impl/NodesImpl.java
View File

@@ -2,7 +2,7 @@
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2019 Alfresco Software Limited
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
@@ -142,6 +142,7 @@ import org.alfresco.service.cmr.repository.ContentData;
import org.alfresco.service.cmr.repository.ContentIOException;
import org.alfresco.service.cmr.repository.ContentService;
import org.alfresco.service.cmr.repository.ContentWriter;
import org.alfresco.service.cmr.repository.DirectAccessUrl;
import org.alfresco.service.cmr.repository.DuplicateChildNodeNameException;
import org.alfresco.service.cmr.repository.InvalidNodeRefException;
import org.alfresco.service.cmr.repository.MimetypeService;
@@ -3478,6 +3479,20 @@ public class NodesImpl implements Nodes
return getFolderOrDocument(nodeId, parameters);
}
/**
* {@inheritDoc}
*/
@Override
public DirectAccessUrl requestContentDirectUrl(NodeRef nodeRef, boolean attachment, Long validFor)
{
DirectAccessUrl directAccessUrl = contentService.requestContentDirectUrl(nodeRef, attachment, validFor);
if (directAccessUrl == null)
{
throw new DisabledServiceException("Direct access url isn't available.");
}
return directAccessUrl;
}
/**
* Checks if same permission is sent more than once
* @param locallySetPermissions

45
remote-api/src/main/java/org/alfresco/rest/api/impl/RenditionsImpl.java
View File

@@ -2,7 +2,7 @@
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2020 Alfresco Software LimitedP
* Copyright (C) 2005 - 2021 Alfresco Software LimitedP
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
@@ -26,6 +26,19 @@
package org.alfresco.rest.api.impl;
import java.io.File;
import java.io.InputStream;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.StringJoiner;
import java.util.TreeMap;
import org.alfresco.heartbeat.RenditionsDataCollector;
import org.alfresco.model.ContentModel;
import org.alfresco.query.PagingResults;
@@ -61,6 +74,7 @@ import org.alfresco.rest.workflow.api.impl.MapBasedQueryWalker;
import org.alfresco.service.ServiceRegistry;
import org.alfresco.service.cmr.repository.ChildAssociationRef;
import org.alfresco.service.cmr.repository.ContentData;
import org.alfresco.service.cmr.repository.DirectAccessUrl;
import org.alfresco.service.cmr.repository.MimetypeService;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
@@ -78,19 +92,6 @@ import org.apache.commons.logging.LogFactory;
import org.springframework.context.ResourceLoaderAware;
import org.springframework.core.io.ResourceLoader;
import java.io.File;
import java.io.InputStream;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.StringJoiner;
import java.util.TreeMap;
/**
* @author Jamal Kaabi-Mofrad, janv
*/
@@ -483,6 +484,22 @@ public class RenditionsImpl implements Renditions, ResourceLoaderAware
return getContentImpl(nodeRef, renditionId, parameters);
}
/**
* {@inheritDoc}
*/
public DirectAccessUrl requestContentDirectUrl(NodeRef nodeRef, String versionId, String renditionId, boolean attachment, Long validFor)
{
final NodeRef validatedNodeRef = validateNode(nodeRef.getStoreRef(), nodeRef.getId(), versionId, null);
NodeRef renditionNodeRef = getRenditionByName(validatedNodeRef, renditionId, null);
if (renditionNodeRef == null)
{
throw new NotFoundException("The rendition with id: " + renditionId + " was not found.");
}
return nodes.requestContentDirectUrl(renditionNodeRef, attachment, validFor);
}
private BinaryResource getContentImpl(NodeRef nodeRef, String renditionId, Parameters parameters)
{
NodeRef renditionNodeRef = getRenditionByName(nodeRef, renditionId, parameters);

94
remote-api/src/main/java/org/alfresco/rest/api/impl/directurl/RestApiDirectUrlConfig.java Normal file
View File

@@ -0,0 +1,94 @@
/*
* #%L
* Alfresco Repository
* %%
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
* the paid license agreement will prevail. Otherwise, the software is
* provided under the following open source license terms:
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
* #L%
*/
package org.alfresco.rest.api.impl.directurl;
import org.alfresco.repo.content.directurl.AbstractDirectUrlConfig;
import org.alfresco.repo.content.directurl.InvalidDirectAccessUrlConfigException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
/**
* REST API direct access URL configuration settings.
*
* @author Sara Aspery
*/
public class RestApiDirectUrlConfig extends AbstractDirectUrlConfig
{
private static final Log logger = LogFactory.getLog(RestApiDirectUrlConfig.class);
/**
* Configuration initialise
*/
public void init()
{
validate();
}
/**
* {@inheritDoc}
*/
@Override
public void validate()
{
// Disable direct access URLs for the REST API if any error found in the REST API direct access URL config
try
{
validateDirectAccessUrlConfig();
}
catch (InvalidDirectAccessUrlConfigException ex)
{
logger.error("Disabling REST API direct access URLs due to configuration error: " + ex.getMessage());
setEnabled(false);
}
logger.info("REST API direct access URLs are " + (isEnabled() ? "enabled" : "disabled"));
}
/* Helper method to validate the REST API direct access url configuration settings */
private void validateDirectAccessUrlConfig() throws InvalidDirectAccessUrlConfigException
{
if (isEnabled())
{
if (getDefaultExpiryTimeInSec() == null)
{
logger.warn(String.format("Default expiry time property is missing: setting to system-wide default [%s].", getSysWideDefaultExpiryTimeInSec()));
setDefaultExpiryTimeInSec(getSysWideDefaultExpiryTimeInSec());
}
if (getDefaultExpiryTimeInSec() < 1)
{
String errorMsg = String.format("REST API direct access URL default expiry time [%s] is invalid.", getDefaultExpiryTimeInSec());
throw new InvalidDirectAccessUrlConfigException(errorMsg);
}
if (getDefaultExpiryTimeInSec() > getSysWideMaxExpiryTimeInSec())
{
String errorMsg = String.format("REST API direct access URL default expiry time [%s] exceeds system-wide maximum expiry time [%s].",
getDefaultExpiryTimeInSec(), getSysWideMaxExpiryTimeInSec());
throw new InvalidDirectAccessUrlConfigException(errorMsg);
}
}
}
}

46
remote-api/src/main/java/org/alfresco/rest/api/model/DirectAccessUrlRequest.java Normal file
View File

@@ -0,0 +1,46 @@
/*
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
* the paid license agreement will prevail. Otherwise, the software is
* provided under the following open source license terms:
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
* #L%
*/
package org.alfresco.rest.api.model;
/**
* Direct Access URL request.
*
* @author Sara Aspery
*/
public class DirectAccessUrlRequest
{
private Boolean attachment;
public Boolean isAttachment()
{
return attachment;
}
public void setAttachment(Boolean attachment)
{
this.attachment = attachment;
}
}

15
remote-api/src/main/java/org/alfresco/rest/api/model/RepositoryInfo.java
View File

@@ -2,7 +2,7 @@
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2016 Alfresco Software Limited
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
@@ -416,6 +416,7 @@ public class RepositoryInfo
private boolean isAuditEnabled;
private boolean isQuickShareEnabled;
private boolean isThumbnailGenerationEnabled;
private boolean isDirectAccessUrlEnabled;
public StatusInfo()
{
@@ -465,6 +466,17 @@ public class RepositoryInfo
return this;
}
public boolean getIsDirectAccessUrlEnabled()
{
return isDirectAccessUrlEnabled;
}
public StatusInfo setDirectAccessUrlEnabled(boolean isDirectAccessUrlEnabled)
{
this.isDirectAccessUrlEnabled = isDirectAccessUrlEnabled;
return this;
}
@Override
public String toString()
{
@@ -473,6 +485,7 @@ public class RepositoryInfo
.append(", isAuditEnabled=").append(isAuditEnabled)
.append(", isQuickShareEnabled=").append(isQuickShareEnabled)
.append(", isThumbnailGenerationEnabled=").append(isThumbnailGenerationEnabled)
.append(", isDirectAccessUrlEnabled=").append(isDirectAccessUrlEnabled)
.append(']');
return sb.toString();
}

41
remote-api/src/main/java/org/alfresco/rest/api/nodes/NodeRenditionsRelation.java
View File

@@ -2,7 +2,7 @@
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2016 Alfresco Software Limited
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
@@ -26,16 +26,27 @@
package org.alfresco.rest.api.nodes;
import javax.servlet.http.HttpServletResponse;
import org.alfresco.repo.content.directurl.DirectAccessUrlDisabledException;
import org.alfresco.rest.api.DirectAccessUrlHelper;
import org.alfresco.rest.api.Renditions;
import org.alfresco.rest.api.model.DirectAccessUrlRequest;
import org.alfresco.rest.api.model.Rendition;
import org.alfresco.rest.framework.BinaryProperties;
import org.alfresco.rest.framework.Operation;
import org.alfresco.rest.framework.WebApiDescription;
import org.alfresco.rest.framework.WebApiParam;
import org.alfresco.rest.framework.core.ResourceParameter;
import org.alfresco.rest.framework.core.exceptions.DisabledServiceException;
import org.alfresco.rest.framework.resource.RelationshipResource;
import org.alfresco.rest.framework.resource.actions.interfaces.RelationshipResourceAction;
import org.alfresco.rest.framework.resource.actions.interfaces.RelationshipResourceBinaryAction;
import org.alfresco.rest.framework.resource.content.BinaryResource;
import org.alfresco.rest.framework.resource.parameters.CollectionWithPagingInfo;
import org.alfresco.rest.framework.resource.parameters.Parameters;
import org.alfresco.rest.framework.webscripts.WithResponse;
import org.alfresco.service.cmr.repository.DirectAccessUrl;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.StoreRef;
import org.alfresco.util.PropertyCheck;
@@ -58,12 +69,18 @@ public class NodeRenditionsRelation implements RelationshipResourceAction.Read<R
{
private Renditions renditions;
private DirectAccessUrlHelper directAccessUrlHelper;
public void setRenditions(Renditions renditions)
{
this.renditions = renditions;
}
public void setDirectAccessUrlHelper(DirectAccessUrlHelper directAccessUrlHelper)
{
this.directAccessUrlHelper = directAccessUrlHelper;
}
@Override
public void afterPropertiesSet() throws Exception
{
@@ -102,4 +119,26 @@ public class NodeRenditionsRelation implements RelationshipResourceAction.Read<R
return renditions.getContent(nodeRef, renditionId, parameters);
}
@Operation("request-direct-access-url")
@WebApiParam (name = "directAccessUrlRequest", title = "Request direct access url", description = "Options for direct access url request", kind = ResourceParameter.KIND.HTTP_BODY_OBJECT)
@WebApiDescription(title = "Request content url",
description="Generates a direct access URL.",
successStatus = HttpServletResponse.SC_OK)
public DirectAccessUrl requestContentDirectUrl(String nodeId, String renditionId, DirectAccessUrlRequest directAccessUrlRequest, Parameters parameters, WithResponse withResponse)
{
boolean attachment = directAccessUrlHelper.getAttachment(directAccessUrlRequest);
Long validFor = directAccessUrlHelper.getDefaultExpiryTimeInSec();
NodeRef nodeRef = new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, nodeId);
DirectAccessUrl directAccessUrl;
try
{
directAccessUrl = renditions.requestContentDirectUrl(nodeRef, null, renditionId, attachment, validFor);
}
catch (DirectAccessUrlDisabledException ex)
{
throw new DisabledServiceException(ex.getMessage());
}
return directAccessUrl;
}
}

6
remote-api/src/main/java/org/alfresco/rest/api/nodes/NodeVersionRenditionsRelation.java
View File

@@ -2,7 +2,7 @@
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2020 Alfresco Software Limited
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
@@ -26,6 +26,8 @@
package org.alfresco.rest.api.nodes;
import java.util.List;
import org.alfresco.rest.api.Renditions;
import org.alfresco.rest.api.model.Rendition;
import org.alfresco.rest.framework.BinaryProperties;
@@ -42,8 +44,6 @@ import org.alfresco.util.PropertyCheck;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.extensions.webscripts.Status;
import java.util.List;
/**
*
* Node version renditions

43
remote-api/src/main/java/org/alfresco/rest/api/nodes/NodeVersionsRelation.java
View File

@@ -2,7 +2,7 @@
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2016 Alfresco Software Limited
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
@@ -26,16 +26,22 @@
package org.alfresco.rest.api.nodes;
import org.alfresco.model.ContentModel;
import org.alfresco.repo.content.directurl.DirectAccessUrlDisabledException;
import org.alfresco.repo.node.integrity.IntegrityException;
import org.alfresco.repo.policy.BehaviourFilter;
import org.alfresco.repo.version.Version2Model;
import org.alfresco.repo.version.VersionModel;
import org.alfresco.rest.api.DirectAccessUrlHelper;
import org.alfresco.rest.api.model.DirectAccessUrlRequest;
import org.alfresco.rest.api.model.Node;
import org.alfresco.rest.api.model.UserInfo;
import org.alfresco.rest.api.model.VersionOptions;
import org.alfresco.rest.framework.BinaryProperties;
import org.alfresco.rest.framework.Operation;
import org.alfresco.rest.framework.WebApiDescription;
import org.alfresco.rest.framework.WebApiParam;
import org.alfresco.rest.framework.core.ResourceParameter;
import org.alfresco.rest.framework.core.exceptions.DisabledServiceException;
import org.alfresco.rest.framework.core.exceptions.EntityNotFoundException;
import org.alfresco.rest.framework.core.exceptions.PermissionDeniedException;
import org.alfresco.rest.framework.resource.RelationshipResource;
@@ -46,6 +52,7 @@ import org.alfresco.rest.framework.resource.parameters.CollectionWithPagingInfo;
import org.alfresco.rest.framework.resource.parameters.Parameters;
import org.alfresco.rest.framework.webscripts.WithResponse;
import org.alfresco.service.cmr.coci.CheckOutCheckInService;
import org.alfresco.service.cmr.repository.DirectAccessUrl;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.security.AccessStatus;
import org.alfresco.service.cmr.security.PermissionService;
@@ -80,6 +87,12 @@ public class NodeVersionsRelation extends AbstractNodeRelation implements
{
protected VersionService versionService;
protected BehaviourFilter behaviourFilter;
private DirectAccessUrlHelper directAccessUrlHelper;
public void setDirectAccessUrlHelper(DirectAccessUrlHelper directAccessUrlHelper)
{
this.directAccessUrlHelper = directAccessUrlHelper;
}
@Override
public void afterPropertiesSet()
@@ -288,4 +301,32 @@ public class NodeVersionsRelation extends AbstractNodeRelation implements
}
return null;
}
@Operation("request-direct-access-url")
@WebApiParam (name = "directAccessUrlRequest", title = "Request direct access url", description = "Options for direct access url request", kind = ResourceParameter.KIND.HTTP_BODY_OBJECT)
@WebApiDescription(title = "Request content url",
description="Generates a direct access URL.",
successStatus = HttpServletResponse.SC_OK)
public DirectAccessUrl requestContentDirectUrl(String nodeId, String versionId, DirectAccessUrlRequest directAccessUrlRequest, Parameters parameters, WithResponse withResponse)
{
boolean attachment = directAccessUrlHelper.getAttachment(directAccessUrlRequest);
Long validFor = directAccessUrlHelper.getDefaultExpiryTimeInSec();
Version version = findVersion(nodeId, versionId);
if (version != null)
{
NodeRef versionNodeRef = version.getFrozenStateNodeRef();
DirectAccessUrl directAccessUrl;
try
{
directAccessUrl = nodes.requestContentDirectUrl(versionNodeRef, attachment, validFor);
}
catch (DirectAccessUrlDisabledException ex)
{
throw new DisabledServiceException(ex.getMessage());
}
return directAccessUrl;
}
throw new EntityNotFoundException(nodeId+"-"+versionId);
}
}

43
remote-api/src/main/java/org/alfresco/rest/api/nodes/NodesEntityResource.java
View File

@@ -2,7 +2,7 @@
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2016 Alfresco Software Limited
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
@@ -25,11 +25,13 @@
*/
package org.alfresco.rest.api.nodes;
import javax.servlet.http.HttpServletResponse;
import java.io.InputStream;
import javax.servlet.http.HttpServletResponse;
import org.alfresco.repo.content.directurl.DirectAccessUrlDisabledException;
import org.alfresco.rest.api.DirectAccessUrlHelper;
import org.alfresco.rest.api.Nodes;
import org.alfresco.rest.api.model.DirectAccessUrlRequest;
import org.alfresco.rest.api.model.LockInfo;
import org.alfresco.rest.api.model.Node;
import org.alfresco.rest.api.model.NodeTarget;
@@ -37,6 +39,8 @@ import org.alfresco.rest.framework.BinaryProperties;
import org.alfresco.rest.framework.Operation;
import org.alfresco.rest.framework.WebApiDescription;
import org.alfresco.rest.framework.WebApiParam;
import org.alfresco.rest.framework.core.ResourceParameter;
import org.alfresco.rest.framework.core.exceptions.DisabledServiceException;
import org.alfresco.rest.framework.core.exceptions.EntityNotFoundException;
import org.alfresco.rest.framework.resource.EntityResource;
import org.alfresco.rest.framework.resource.actions.interfaces.BinaryResourceAction;
@@ -45,7 +49,10 @@ import org.alfresco.rest.framework.resource.content.BasicContentInfo;
import org.alfresco.rest.framework.resource.content.BinaryResource;
import org.alfresco.rest.framework.resource.parameters.Parameters;
import org.alfresco.rest.framework.webscripts.WithResponse;
import org.alfresco.service.cmr.repository.DirectAccessUrl;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.util.ParameterCheck;
import org.springframework.beans.factory.InitializingBean;
/**
@@ -61,13 +68,19 @@ public class NodesEntityResource implements
BinaryResourceAction.Read, BinaryResourceAction.Update<Node>, InitializingBean
{
private Nodes nodes;
private DirectAccessUrlHelper directAccessUrlHelper;
public void setNodes(Nodes nodes)
{
this.nodes = nodes;
}
@Override
public void setDirectAccessUrlHelper(DirectAccessUrlHelper directAccessUrlHelper)
{
this.directAccessUrlHelper = directAccessUrlHelper;
}
@Override
public void afterPropertiesSet()
{
ParameterCheck.mandatory("nodes", this.nodes);
@@ -189,5 +202,27 @@ public class NodesEntityResource implements
return nodes.unlock(nodeId, parameters);
}
@Operation("request-direct-access-url")
@WebApiParam(name = "directAccessUrlRequest", title = "Request direct access url", description = "Options for direct access url request", kind = ResourceParameter.KIND.HTTP_BODY_OBJECT)
@WebApiDescription(title = "Request content url",
description="Generates a direct access URL.",
successStatus = HttpServletResponse.SC_OK)
public DirectAccessUrl requestContentDirectUrl(String nodeId, DirectAccessUrlRequest directAccessUrlRequest, Parameters parameters, WithResponse withResponse)
{
boolean attachment = directAccessUrlHelper.getAttachment(directAccessUrlRequest);
Long validFor = directAccessUrlHelper.getDefaultExpiryTimeInSec();
NodeRef nodeRef = nodes.validateNode(nodeId);
DirectAccessUrl directAccessUrl;
try
{
directAccessUrl = nodes.requestContentDirectUrl(nodeRef, attachment, validFor);
}
catch (DirectAccessUrlDisabledException ex)
{
throw new DisabledServiceException(ex.getMessage());
}
return directAccessUrl;
}
}

34
remote-api/src/main/java/org/alfresco/rest/api/trashcan/TrashcanEntityResource.java
View File

@@ -2,7 +2,7 @@
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2016 Alfresco Software Limited
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
@@ -28,7 +28,10 @@ package org.alfresco.rest.api.trashcan;
import javax.servlet.http.HttpServletResponse;
import org.alfresco.repo.content.directurl.DirectAccessUrlDisabledException;
import org.alfresco.rest.api.DeletedNodes;
import org.alfresco.rest.api.DirectAccessUrlHelper;
import org.alfresco.rest.api.model.DirectAccessUrlRequest;
import org.alfresco.rest.api.model.Node;
import org.alfresco.rest.api.model.NodeTargetAssoc;
import org.alfresco.rest.framework.BinaryProperties;
@@ -36,6 +39,7 @@ import org.alfresco.rest.framework.Operation;
import org.alfresco.rest.framework.WebApiDescription;
import org.alfresco.rest.framework.WebApiParam;
import org.alfresco.rest.framework.core.ResourceParameter;
import org.alfresco.rest.framework.core.exceptions.DisabledServiceException;
import org.alfresco.rest.framework.core.exceptions.EntityNotFoundException;
import org.alfresco.rest.framework.resource.EntityResource;
import org.alfresco.rest.framework.resource.actions.interfaces.BinaryResourceAction;
@@ -44,6 +48,7 @@ import org.alfresco.rest.framework.resource.content.BinaryResource;
import org.alfresco.rest.framework.resource.parameters.CollectionWithPagingInfo;
import org.alfresco.rest.framework.resource.parameters.Parameters;
import org.alfresco.rest.framework.webscripts.WithResponse;
import org.alfresco.service.cmr.repository.DirectAccessUrl;
/**
* An implementation of an Entity Resource for handling archived content
@@ -55,12 +60,18 @@ public class TrashcanEntityResource implements
EntityResourceAction.ReadById<Node>, EntityResourceAction.Read<Node>, EntityResourceAction.Delete, BinaryResourceAction.Read
{
private DeletedNodes deletedNodes;
private DirectAccessUrlHelper directAccessUrlHelper;
public void setDeletedNodes(DeletedNodes deletedNodes)
{
this.deletedNodes = deletedNodes;
}
public void setDirectAccessUrlHelper(DirectAccessUrlHelper directAccessUrlHelper)
{
this.directAccessUrlHelper = directAccessUrlHelper;
}
@Override
public CollectionWithPagingInfo<Node> readAll(Parameters params)
{
@@ -89,6 +100,27 @@ public class TrashcanEntityResource implements
return deletedNodes.getContent(nodeId, null, parameters);
}
@Operation("request-direct-access-url")
@WebApiParam(name = "directAccessUrlRequest", title = "Request direct access url", description = "Options for direct access url request", kind = ResourceParameter.KIND.HTTP_BODY_OBJECT)
@WebApiDescription(title = "Request content url",
description="Generates a direct access URL.",
successStatus = HttpServletResponse.SC_OK)
public DirectAccessUrl requestContentDirectUrl(String originalNodeId, DirectAccessUrlRequest directAccessUrlRequest, Parameters parameters, WithResponse withResponse)
{
boolean attachment = directAccessUrlHelper.getAttachment(directAccessUrlRequest);
Long validFor = directAccessUrlHelper.getDefaultExpiryTimeInSec();
DirectAccessUrl directAccessUrl;
try
{
directAccessUrl = deletedNodes.requestContentDirectUrl(originalNodeId, null, attachment, validFor);
}
catch (DirectAccessUrlDisabledException ex)
{
throw new DisabledServiceException(ex.getMessage());
}
return directAccessUrl;
}
@Override
public void delete(String nodeId, Parameters parameters)
{

42
remote-api/src/main/java/org/alfresco/rest/api/trashcan/TrashcanRenditionsRelation.java
View File

@@ -2,7 +2,7 @@
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2016 Alfresco Software Limited
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
@@ -25,18 +25,27 @@
*/
package org.alfresco.rest.api.trashcan;
import javax.servlet.http.HttpServletResponse;
import org.alfresco.repo.content.directurl.DirectAccessUrlDisabledException;
import org.alfresco.rest.api.DeletedNodes;
import org.alfresco.rest.api.DirectAccessUrlHelper;
import org.alfresco.rest.api.model.DirectAccessUrlRequest;
import org.alfresco.rest.api.model.Rendition;
import org.alfresco.rest.framework.BinaryProperties;
import org.alfresco.rest.framework.Operation;
import org.alfresco.rest.framework.WebApiDescription;
import org.alfresco.rest.framework.core.exceptions.EntityNotFoundException;
import org.alfresco.rest.framework.core.exceptions.RelationshipResourceNotFoundException;
import org.alfresco.rest.framework.WebApiParam;
import org.alfresco.rest.framework.core.ResourceParameter;
import org.alfresco.rest.framework.core.exceptions.DisabledServiceException;
import org.alfresco.rest.framework.resource.RelationshipResource;
import org.alfresco.rest.framework.resource.actions.interfaces.RelationshipResourceAction;
import org.alfresco.rest.framework.resource.actions.interfaces.RelationshipResourceBinaryAction;
import org.alfresco.rest.framework.resource.content.BinaryResource;
import org.alfresco.rest.framework.resource.parameters.CollectionWithPagingInfo;
import org.alfresco.rest.framework.resource.parameters.Parameters;
import org.alfresco.rest.framework.webscripts.WithResponse;
import org.alfresco.service.cmr.repository.DirectAccessUrl;
import org.alfresco.util.ParameterCheck;
import org.springframework.beans.factory.InitializingBean;
@@ -46,12 +55,18 @@ public class TrashcanRenditionsRelation
{
private DeletedNodes deletedNodes;
private DirectAccessUrlHelper directAccessUrlHelper;
public void setDeletedNodes(DeletedNodes deletedNodes)
{
this.deletedNodes = deletedNodes;
}
public void setDirectAccessUrlHelper(DirectAccessUrlHelper directAccessUrlHelper)
{
this.directAccessUrlHelper = directAccessUrlHelper;
}
@WebApiDescription(title = "List renditions", description = "List available (created) renditions")
@Override
public CollectionWithPagingInfo<Rendition> readAll(String nodeId, Parameters parameters)
@@ -74,6 +89,27 @@ public class TrashcanRenditionsRelation
return deletedNodes.getContent(nodeId, renditionId, parameters);
}
@Operation ("request-direct-access-url")
@WebApiParam (name = "directAccessUrlRequest", title = "Request direct access url", description = "Options for direct access url request", kind = ResourceParameter.KIND.HTTP_BODY_OBJECT)
@WebApiDescription(title = "Request content url",
description="Generates a direct access URL.",
successStatus = HttpServletResponse.SC_OK)
public DirectAccessUrl requestContentDirectUrl(String originalNodeId, String renditionId, DirectAccessUrlRequest directAccessUrlRequest, Parameters parameters, WithResponse withResponse)
{
boolean attachment = directAccessUrlHelper.getAttachment(directAccessUrlRequest);
Long validFor = directAccessUrlHelper.getDefaultExpiryTimeInSec();
DirectAccessUrl directAccessUrl;
try
{
directAccessUrl = deletedNodes.requestContentDirectUrl(originalNodeId, renditionId, attachment, validFor);
}
catch (DirectAccessUrlDisabledException ex)
{
throw new DisabledServiceException(ex.getMessage());
}
return directAccessUrl;
}
@Override
public void afterPropertiesSet() throws Exception
{

49
remote-api/src/main/java/org/alfresco/rest/framework/core/exceptions/JsonpCallbackNotAllowedException.java Normal file
View File

@@ -0,0 +1,49 @@
/*
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
* the paid license agreement will prevail. Otherwise, the software is
* provided under the following open source license terms:
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
* #L%
*/
package org.alfresco.rest.framework.core.exceptions;
/**
* JSONP callback not allowed
*
* @author Vitor Moreira
*/
public class JsonpCallbackNotAllowedException extends ApiException
{
private static final long serialVersionUID = 7198491358180044895L;
public static String DEFAULT_MESSAGE_ID = "framework.exception.JsonpCallbackNotAllowed";
public JsonpCallbackNotAllowedException()
{
super(DEFAULT_MESSAGE_ID);
}
public JsonpCallbackNotAllowedException(String msgId)
{
super(msgId);
}
}

47
remote-api/src/main/java/org/alfresco/rest/framework/webscripts/ApiWebScript.java
View File

@@ -28,10 +28,11 @@ package org.alfresco.rest.framework.webscripts;
import java.io.File;
import java.io.IOException;
import java.util.Map;
import java.util.function.Supplier;
import org.alfresco.repo.web.scripts.BufferedRequest;
import org.alfresco.repo.web.scripts.BufferedResponse;
import org.alfresco.repo.web.scripts.TempOutputStreamFactory;
import org.alfresco.repo.web.scripts.TempOutputStream;
import org.alfresco.rest.framework.Api;
import org.alfresco.rest.framework.tools.ApiAssistant;
import org.alfresco.service.transaction.TransactionService;
@@ -56,7 +57,7 @@ public abstract class ApiWebScript extends AbstractWebScript
protected String tempDirectoryName = null;
protected int memoryThreshold = 4 * 1024 * 1024; // 4mb
protected long maxContentSize = (long) 4 * 1024 * 1024 * 1024; // 4gb
protected TempOutputStreamFactory streamFactory = null;
protected Supplier<TempOutputStream> streamFactory = null;
protected TransactionService transactionService;
public void setTransactionService(TransactionService transactionService)
@@ -88,7 +89,7 @@ public abstract class ApiWebScript extends AbstractWebScript
this.maxContentSize = maxContentSize;
}
public void setStreamFactory(TempOutputStreamFactory streamFactory)
public void setStreamFactory(Supplier<TempOutputStream> streamFactory)
{
this.streamFactory = streamFactory;
}
@@ -96,50 +97,38 @@ public abstract class ApiWebScript extends AbstractWebScript
public void init()
{
File tempDirectory = TempFileProvider.getTempDir(tempDirectoryName);
this.streamFactory = new TempOutputStreamFactory(tempDirectory, memoryThreshold, maxContentSize, false, false);
streamFactory = TempOutputStream.factory(tempDirectory, memoryThreshold, maxContentSize, false);
}
@Override
public void execute(final WebScriptRequest req, final WebScriptResponse res) throws IOException
{
Map<String, String> templateVars = req.getServiceMatch().getTemplateVars();
Api api = assistant.determineApi(templateVars);
final BufferedRequest bufferedReq = getRequest(req);
final BufferedResponse bufferedRes = getResponse(res);
final Map<String, String> templateVars = req.getServiceMatch().getTemplateVars();
final Api api = ApiAssistant.determineApi(templateVars);
try
{
execute(api, bufferedReq, bufferedRes);
}
finally
{
// Get rid of any temporary files
if (bufferedReq != null)
{
bufferedReq.close();
}
}
// Ensure a response is always flushed after successful execution
if (bufferedRes != null)
try (final BufferedRequest bufferedReq = getRequest(req);
final BufferedResponse bufferedRes = getResponse(res))
{
bufferedRes.writeResponse();
execute(api, bufferedReq, bufferedRes);
// Ensure a response is always flushed after successful execution
if (bufferedRes != null)
{
bufferedRes.writeResponse();
}
}
}
protected BufferedRequest getRequest(final WebScriptRequest req)
{
// create buffered request and response that allow transaction retrying
final BufferedRequest bufferedReq = new BufferedRequest(req, streamFactory);
return bufferedReq;
return new BufferedRequest(req, streamFactory);
}
protected BufferedResponse getResponse(final WebScriptResponse resp)
{
// create buffered request and response that allow transaction retrying
final BufferedResponse bufferedRes = new BufferedResponse(resp, memoryThreshold, streamFactory);
return bufferedRes;
return new BufferedResponse(resp, memoryThreshold, streamFactory);
}
public abstract void execute(final Api api, WebScriptRequest req, WebScriptResponse res) throws IOException;

251
remote-api/src/main/java/org/alfresco/web/scripts/WebScriptUtils.java
View File

@@ -2,7 +2,7 @@
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2016 Alfresco Software Limited
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
@@ -23,110 +23,145 @@
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
* #L%
*/
package org.alfresco.web.scripts;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
import org.alfresco.repo.jscript.ScriptUtils;
import org.alfresco.repo.web.scripts.RepositoryContainer;
import org.alfresco.service.cmr.admin.RepoUsage;
import org.alfresco.service.cmr.repository.StoreRef;
import org.springframework.extensions.webscripts.WebScript;
/**
* Override of the JavaScript API ScriptUtils bean "utilsScript" to provide additional
* Remote API methods using objects not available to base Repository project.
* <p>
* See "web-scripts-application-context.xml" for bean definition.
*
* @since 4.2.0
* @since 5.1 (Moved to Remote API project)
* @author Kevin Roast
*/
public class WebScriptUtils extends ScriptUtils
{
protected RepositoryContainer repositoryContainer;
public void setRepositoryContainer(RepositoryContainer repositoryContainer)
{
this.repositoryContainer = repositoryContainer;
}
/**
* Searches for webscript components with the given family name.
*
* @param family the family
*
* @return An array of webscripts that match the given family name
*/
public Object[] findWebScripts(String family)
{
List<Object> values = new ArrayList<Object>();
for (WebScript webscript : this.repositoryContainer.getRegistry().getWebScripts())
{
if (family != null)
{
Set<String> familys = webscript.getDescription().getFamilys();
if (familys != null && familys.contains(family))
{
values.add(webscript.getDescription());
}
}
else
{
values.add(webscript.getDescription());
}
}
return values.toArray(new Object[values.size()]);
}
public String getHostAddress()
{
try
{
return InetAddress.getLocalHost().getHostAddress();
}
catch (UnknownHostException e)
{
return "Unknown";
}
}
public String getHostName()
{
try
{
return InetAddress.getLocalHost().getHostName();
}
catch (UnknownHostException e)
{
return "Unknown";
}
}
public RepoUsage getRestrictions()
{
return this.services.getRepoAdminService().getRestrictions();
}
public RepoUsage getUsage()
{
return this.services.getRepoAdminService().getUsage();
}
/**
* Gets the list of repository stores
*
* @return stores
*/
public List<StoreRef> getStores()
{
return this.services.getNodeService().getStores();
}
}
package org.alfresco.web.scripts;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
import org.alfresco.repo.jscript.ScriptUtils;
import org.alfresco.repo.web.scripts.RepositoryContainer;
import org.alfresco.service.cmr.admin.RepoUsage;
import org.alfresco.service.cmr.repository.StoreRef;
import org.springframework.extensions.webscripts.Description.RequiredAuthentication;
import org.springframework.extensions.webscripts.WebScript;
/**
* Override of the JavaScript API ScriptUtils bean "utilsScript" to provide additional
* Remote API methods using objects not available to base Repository project.
* <p>
* See "web-scripts-application-context.xml" for bean definition.
*
* @since 4.2.0
* @since 5.1 (Moved to Remote API project)
* @author Kevin Roast
*/
public class WebScriptUtils extends ScriptUtils
{
protected RepositoryContainer repositoryContainer;
public void setRepositoryContainer(RepositoryContainer repositoryContainer)
{
this.repositoryContainer = repositoryContainer;
}
/**
* Searches for webscript components with the given family name.
*
* @param family the family
*
* @return An array of webscripts that match the given family name
*/
public Object[] findWebScripts(String family)
{
List<Object> values = new ArrayList<>();
for (WebScript webscript : this.repositoryContainer.getRegistry().getWebScripts())
{
addScriptDescription(family, values, webscript);
}
return values.toArray(new Object[0]);
}
/**
* Searches for webscript components with the given family name accessible to the current user.
*
* @param family the family
*
* @return An array of webscripts that match the given family name accessible to the current user
*
* @since 7.1
*/
public Object[] findWebScriptsForCurrentUser(String family)
{
List<Object> values = new ArrayList<>();
final boolean isAdminOrSystemUser = repositoryContainer.isAdminOrSystemUser();
for (WebScript webscript : this.repositoryContainer.getRegistry().getWebScripts())
{
final RequiredAuthentication required = webscript.getDescription().getRequiredAuthentication();
// Ignore admin webscripts if the current user is not an Admin or System
if (RequiredAuthentication.admin == required && !isAdminOrSystemUser)
{
continue;
}
addScriptDescription(family, values, webscript);
}
return values.toArray(new Object[0]);
}
private void addScriptDescription(String family, List<Object> values, WebScript webscript)
{
if (family != null)
{
Set<String> families = webscript.getDescription().getFamilys();
if (families != null && families.contains(family))
{
values.add(webscript.getDescription());
}
}
else
{
values.add(webscript.getDescription());
}
}
public String getHostAddress()
{
try
{
return InetAddress.getLocalHost().getHostAddress();
}
catch (UnknownHostException e)
{
return "Unknown";
}
}
public String getHostName()
{
try
{
return InetAddress.getLocalHost().getHostName();
}
catch (UnknownHostException e)
{
return "Unknown";
}
}
public RepoUsage getRestrictions()
{
return this.services.getRepoAdminService().getRestrictions();
}
public RepoUsage getUsage()
{
return this.services.getRepoAdminService().getUsage();
}
/**
* Gets the list of repository stores
*
* @return stores
*/
public List<StoreRef> getStores()
{
return this.services.getNodeService().getStores();
}
}

2
remote-api/src/main/resources/alfresco/messages/rest-framework-messages.properties
View File

@@ -14,4 +14,6 @@ framework.exception.UnsupportedResourceOperation=The operation is unsupported
framework.exception.DeletedResource=In this version of the REST API resource {0} has been deleted
framework.exception.RequestEntityTooLarge=The file can't be uploaded because it's larger than the maximum upload size
framework.exception.InsufficientStorage=The file upload exceeds the content storage allowance
framework.exception.JsonpCallbackNotAllowed=For security reasons the callback parameter is not allowed
framework.no.stacktrace=For security reasons the stack trace is no longer displayed, but the property is kept for previous versions

20
remote-api/src/main/resources/alfresco/public-rest-context.xml
View File

@@ -960,8 +960,13 @@
<property name="sites" ref="Sites" />
</bean>
<bean id= "directAccessUrlHelper" class="org.alfresco.rest.api.DirectAccessUrlHelper">
<property name="restApiDirectUrlConfig" ref="restApiDirectUrlConfig" />
</bean>
<bean class="org.alfresco.rest.api.nodes.NodesEntityResource">
<property name="nodes" ref="Nodes" />
<property name="directAccessUrlHelper" ref="directAccessUrlHelper" />
</bean>
<bean class="org.alfresco.rest.api.nodes.NodeCommentsRelation">
@@ -987,6 +992,7 @@
<bean id="nodeVersionsRelation" class="org.alfresco.rest.api.nodes.NodeVersionsRelation" parent="baseNodeRelation">
<property name="behaviourFilter" ref="policyBehaviourFilter"/>
<property name="directAccessUrlHelper" ref="directAccessUrlHelper" />
</bean>
<bean class="org.alfresco.rest.api.nodes.NodeSecondaryChildrenRelation" parent="baseNodeRelation"/>
@@ -1011,9 +1017,9 @@
<bean class="org.alfresco.rest.api.trashcan.TrashcanEntityResource">
<property name="deletedNodes" ref="DeletedNodes" />
<property name="directAccessUrlHelper" ref="directAccessUrlHelper" />
</bean>
<bean class="org.alfresco.rest.api.quicksharelinks.QuickShareLinkEntityResource">
<property name="quickShareLinks" ref="QuickShareLinks" />
</bean>
@@ -1085,12 +1091,21 @@
<property name="assistant" ref="apiAssistant" />
<property name="enabled" value="${system.api.discovery.enabled}" />
<property name="thumbnailService" ref="ThumbnailService" />
<property name="restApiDirectUrlConfig" ref="restApiDirectUrlConfig" />
<property name="contentService" ref="contentService" />
</bean>
<bean id="org.alfresco.rest.api.probes.ProbeEntityResource.get" class="org.alfresco.rest.api.probes.ProbeEntityResource">
<property name="discovery" ref="webscript.org.alfresco.api.DiscoveryApiWebscript.get" />
</bean>
<!-- REST API direct access URL configuration settings -->
<bean id="restApiDirectUrlConfig" class="org.alfresco.rest.api.impl.directurl.RestApiDirectUrlConfig" init-method="init">
<property name="systemWideDirectUrlConfig" ref="systemWideDirectUrlConfig" />
<property name="enabled" value="#{T(Boolean).valueOf('${restApi.directAccessUrl.enabled}')}"/>
<property name="defaultExpiryTimeInSec" value="#{T(Integer).parseInt('${restApi.directAccessUrl.defaultExpiryTimeInSec}')}" />
</bean>
<!-- OpenCMIS -->
<bean id="publicApiCMISServiceFactory" class="org.alfresco.opencmis.PublicApiAlfrescoCmisServiceFactory" init-method="init">
@@ -1145,6 +1160,7 @@
<property name="cmisVersion" value="1.1"/>
<property name="tenantAdminService" ref="tenantAdminService"/>
<property name="nonAttachContentTypes" ref="nodes.nonAttachContentTypes"/>
<property name="allowUnsecureCallbackJSONP" value="${allow.unsecure.callback.jsonp}"/>
</bean>
<bean id="webscript.org.alfresco.api.opencmis.OpenCMIS.get"
@@ -1431,6 +1447,7 @@
<bean class="org.alfresco.rest.api.nodes.NodeRenditionsRelation">
<property name="renditions" ref="Renditions" />
<property name="directAccessUrlHelper" ref="directAccessUrlHelper" />
</bean>
<bean class="org.alfresco.rest.api.nodes.NodeVersionRenditionsRelation">
@@ -1443,6 +1460,7 @@
<bean class="org.alfresco.rest.api.trashcan.TrashcanRenditionsRelation">
<property name="deletedNodes" ref="DeletedNodes"/>
<property name="directAccessUrlHelper" ref="directAccessUrlHelper" />
</bean>
<!-- HeartBeat rest api renditions data collector -->

2
remote-api/src/main/resources/alfresco/templates/webscripts/org/alfresco/repository/admin/admin-common.lib.js
View File

@@ -40,7 +40,7 @@ var Admin = Admin || {};
var toolInfo = {};
// collect the tools required for the Admin Console
var tools = utils.findWebScripts("AdminConsole");
var tools = utils.findWebScriptsForCurrentUser("AdminConsole");
// process each tool and generate the data so that a label+link can
// be output by the component template for each tool required

4
remote-api/src/main/resources/alfresco/templates/webscripts/org/alfresco/repository/admin/admin-communitysummary.get.desc.xml
View File

@@ -7,7 +7,7 @@
<!-- COMMUNITY ONLY -->
<family>AdminConsole:Edition:Community</family>
<format default="html">argument</format>
<authentication>admin</authentication>
<authentication>sysadmin</authentication>
<lifecycle>internal</lifecycle>
<transaction allow="readonly">required</transaction>
</webscript>
</webscript>

4
remote-api/src/main/resources/alfresco/templates/webscripts/org/alfresco/repository/admin/admin-root.get.desc.xml
View File

@@ -5,7 +5,7 @@
<url>/admin/</url>
<family>AdminConsoleHelper</family>
<format default="html">argument</format>
<authentication>admin</authentication>
<authentication>sysadmin</authentication>
<lifecycle>internal</lifecycle>
<transaction allow="readonly">required</transaction>
</webscript>
</webscript>

4
remote-api/src/main/resources/alfresco/templates/webscripts/org/alfresco/repository/admin/jmxdump.get.desc.xml
View File

@@ -5,7 +5,7 @@
</description>
<url>/api/admin/jmxdump</url>
<family>AdminConsoleHelper</family>
<authentication>admin</authentication>
<authentication>sysadmin</authentication>
<transaction allow="readonly"/>
<lifecycle>internal</lifecycle>
</webscript>
</webscript>

4
remote-api/src/main/resources/alfresco/templates/webscripts/org/alfresco/repository/admin/usage.post.desc.xml
View File

@@ -3,8 +3,8 @@
<description>Update and retrieve repository usage</description>
<url>/api/admin/usage</url>
<format default="json" />
<authentication>admin</authentication>
<authentication>sysadmin</authentication>
<transaction>required</transaction>
<family>Admin</family>
<lifecycle>internal</lifecycle>
</webscript>
</webscript>

1
remote-api/src/test/java/org/alfresco/AppContext01TestSuite.java
View File

@@ -42,6 +42,7 @@ import org.junit.runners.Suite;
org.alfresco.rest.api.tests.TestPublicApiAtomPub10TCK.class,
org.alfresco.rest.api.tests.TestPublicApiAtomPub11TCK.class,
org.alfresco.rest.api.tests.TestPublicApiBrowser11TCK.class,
org.alfresco.repo.web.scripts.bulkimport.BulkImportParametersExtractorTest.class
})
public class AppContext01TestSuite
{

3
remote-api/src/test/java/org/alfresco/AppContext02TestSuite.java
View File

@@ -2,7 +2,7 @@
* #%L
* Alfresco Repository
* %%
* Copyright (C) 2005 - 2017 Alfresco Software Limited
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
@@ -47,6 +47,7 @@ import org.junit.runners.Suite;
org.alfresco.rest.api.tests.ActivitiesPostingTest.class,
org.alfresco.rest.api.tests.AuthenticationsTest.class,
org.alfresco.rest.api.tests.DiscoveryApiTest.class,
org.alfresco.rest.api.discovery.DiscoveryApiWebscriptUnitTest.class,
org.alfresco.rest.api.tests.GroupsTest.class,
org.alfresco.rest.api.tests.ModulePackagesApiTest.class,
org.alfresco.rest.api.tests.NodeApiTest.class,

3
remote-api/src/test/java/org/alfresco/AppContext04TestSuite.java
View File

@@ -2,7 +2,7 @@
* #%L
* Alfresco Repository
* %%
* Copyright (C) 2005 - 2017 Alfresco Software Limited
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
@@ -76,6 +76,7 @@ import org.junit.runners.Suite;
org.alfresco.repo.web.scripts.site.SurfConfigTest.class,
org.alfresco.repo.web.scripts.node.NodeWebScripTest.class,
org.alfresco.rest.api.impl.CommentsImplUnitTest.class,
org.alfresco.rest.api.impl.RestApiDirectUrlConfigUnitTest.class
})
public class AppContext04TestSuite
{

178
remote-api/src/test/java/org/alfresco/repo/web/scripts/admin/AdminWebScriptTest.java
View File

@@ -2,7 +2,7 @@
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2016 Alfresco Software Limited
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
@@ -31,10 +31,12 @@ import java.util.List;
import java.util.Locale;
import java.util.Map;
import org.alfresco.model.ContentModel;
import org.alfresco.repo.content.MimetypeMap;
import org.alfresco.repo.dictionary.Facetable;
import org.alfresco.repo.dictionary.IndexTokenisationMode;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.repo.security.authority.AuthorityServiceImpl;
import org.alfresco.repo.web.scripts.BaseWebScriptTest;
import org.alfresco.service.cmr.admin.RepoAdminService;
import org.alfresco.service.cmr.admin.RepoUsage;
@@ -48,11 +50,18 @@ import org.alfresco.service.cmr.dictionary.ModelDefinition;
import org.alfresco.service.cmr.dictionary.PropertyDefinition;
import org.alfresco.service.cmr.i18n.MessageLookup;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.security.AuthorityService;
import org.alfresco.service.cmr.security.MutableAuthenticationService;
import org.alfresco.service.cmr.security.PersonService;
import org.alfresco.service.descriptor.DescriptorService;
import org.alfresco.service.license.LicenseDescriptor;
import org.alfresco.service.namespace.QName;
import org.alfresco.test_category.OwnJVMTestsCategory;
import org.alfresco.util.PropertyMap;
import org.apache.commons.lang3.RandomStringUtils;
import org.json.JSONObject;
import org.jsoup.Jsoup;
import org.jsoup.nodes.Document;
import org.junit.Test;
import org.junit.experimental.categories.Category;
import org.springframework.context.ApplicationContext;
@@ -74,29 +83,46 @@ import static org.mockito.Mockito.when;
@Category(OwnJVMTestsCategory.class)
public class AdminWebScriptTest extends BaseWebScriptTest
{
private ApplicationContext ctx;
private RepoAdminService repoAdminService;
private DescriptorService descriptorService;
private RepoAdminService repoAdminService;
private DescriptorService descriptorService;
private PersonService personService;
private MutableAuthenticationService authenticationService;
private String admin;
private String guest;
private String user1_sysAdmin;
private String user2;
@Override
protected void setUp() throws Exception
{
super.setUp();
ctx = getServer().getApplicationContext();
repoAdminService = (RepoAdminService) ctx.getBean("RepoAdminService");
descriptorService = (DescriptorService) ctx.getBean("DescriptorService");
ApplicationContext ctx = getServer().getApplicationContext();
repoAdminService = ctx.getBean("RepoAdminService", RepoAdminService.class);
descriptorService = ctx.getBean("DescriptorService", DescriptorService.class);
personService = ctx.getBean("PersonService", PersonService.class);
authenticationService = ctx.getBean("AuthenticationService", MutableAuthenticationService.class);
AuthorityService authorityService = ctx.getBean("AuthorityService", AuthorityService.class);
admin = AuthenticationUtil.getAdminUserName();
guest = AuthenticationUtil.getGuestUserName();
AuthenticationUtil.setFullyAuthenticatedUser(admin);
user1_sysAdmin = RandomStringUtils.randomAlphabetic(10);
String user1_password = RandomStringUtils.randomAlphabetic(10);
createUser(user1_sysAdmin, user1_password);
authorityService.addAuthority(AuthorityServiceImpl.GROUP_ALFRESCO_SYSTEM_ADMINISTRATORS_AUTHORITY, user1_sysAdmin);
user2 = RandomStringUtils.randomAlphabetic(10);
String user2_password = RandomStringUtils.randomAlphabetic(10);
createUser(user2, user2_password);
}
@Override
protected void tearDown() throws Exception
{
super.tearDown();
AuthenticationUtil.clearCurrentSecurityContext();
}
public void testGetRestrictions() throws Exception
@@ -227,6 +253,129 @@ public class AdminWebScriptTest extends BaseWebScriptTest
assertTrue(property.getResidual());
}
public void testSysAdminAccess() throws Exception
{
AuthenticationUtil.clearCurrentSecurityContext();
String url = "/admin/admin-communitysummary";
TestWebScriptServer.GetRequest req = new TestWebScriptServer.GetRequest(url);
Response response = sendRequest(req, Status.STATUS_OK, user1_sysAdmin);
Document doc = Jsoup.parse(response.getContentAsString());
assertNotNull(doc.title());
assertTrue(doc.title().contains("System Summary"));
// Super Admin should still have access to all the scripts
response = sendRequest(req, Status.STATUS_OK, admin);
doc = Jsoup.parse(response.getContentAsString());
assertNotNull(doc.title());
assertTrue(doc.title().contains("System Summary"));
}
public void testSysAdminAccess_nodeBrowser() throws Exception
{
AuthenticationUtil.clearCurrentSecurityContext();
String nodeBrowserUrl = "/admin/admin-nodebrowser";
// test the get webscript of the node browser
TestWebScriptServer.GetRequest getReq = new TestWebScriptServer.GetRequest(nodeBrowserUrl);
// The node browser is only accessible to admins, not sysAdmins
sendRequest(getReq, Status.STATUS_UNAUTHORIZED, user1_sysAdmin);
// test the post webscript of the node browser too
TestWebScriptServer.PostRequest postReq = new TestWebScriptServer.PostRequest(nodeBrowserUrl, "",
"multipart/form-data; boundary=----WebKitFormBoundaryjacWCXfJ3KjtRenA");
// The node browser is only accessible to admins, not sysAdmins
sendRequest(postReq, Status.STATUS_UNAUTHORIZED, user1_sysAdmin);
// Normal user shouldn't have access either
sendRequest(getReq, Status.STATUS_UNAUTHORIZED, user2);
// Admin should have access to everything
Response response = sendRequest(getReq, Status.STATUS_OK, admin);
Document doc = Jsoup.parse(response.getContentAsString());
assertNotNull(doc.title());
assertTrue(doc.title().contains("Node Browser"));
}
public void testSysAdminAccess_repoConsole() throws Exception
{
String repoConsoleUrl = "/admin/admin-repoconsole";
// test the get webscript of the repo console
TestWebScriptServer.GetRequest getReq = new TestWebScriptServer.GetRequest(repoConsoleUrl);
sendRequest(getReq, Status.STATUS_UNAUTHORIZED, user1_sysAdmin);
// test the post webscript of the repo console too
TestWebScriptServer.PostRequest postReq = new TestWebScriptServer.PostRequest(repoConsoleUrl, "",
"multipart/form-data; boundary=----WebKitFormBoundaryjacWCXfJ3KjtRenA");
sendRequest(postReq, Status.STATUS_UNAUTHORIZED, user1_sysAdmin);
// Normal user shouldn't have access either
sendRequest(getReq, Status.STATUS_UNAUTHORIZED, user2);
// Admin should have access to everything
Response response = sendRequest(getReq, Status.STATUS_OK, admin);
Document doc = Jsoup.parse(response.getContentAsString());
assertNotNull(doc.title());
assertTrue(doc.title().contains("Model and Messages Console"));
}
public void testSysAdminAccess_tenantConsole() throws Exception
{
String tenantConsoleUrl = "/admin/admin-tenantconsole";
// test the get webscript of the tenant console
TestWebScriptServer.GetRequest getReq = new TestWebScriptServer.GetRequest(tenantConsoleUrl);
sendRequest(getReq, Status.STATUS_UNAUTHORIZED, user1_sysAdmin);
// test the post webscript of the tenant console too
TestWebScriptServer.PostRequest postReq = new TestWebScriptServer.PostRequest(tenantConsoleUrl, "",
"multipart/form-data; boundary=----WebKitFormBoundaryjacWCXfJ3KjtRenA");
sendRequest(postReq, Status.STATUS_UNAUTHORIZED, user1_sysAdmin);
// Normal user shouldn't have access either
sendRequest(getReq, Status.STATUS_UNAUTHORIZED, user2);
// Admin should have access to everything
Response response = sendRequest(getReq, Status.STATUS_OK, admin);
Document doc = Jsoup.parse(response.getContentAsString());
assertNotNull(doc.title());
assertTrue(doc.title().contains("Tenant Admin Console"));
}
public void testSysAdminAccess_workflowConsole() throws Exception
{
String workflowConsoleUrl = "/admin/admin-workflowconsole";
// test the get webscript of the workflow console
TestWebScriptServer.GetRequest getReq = new TestWebScriptServer.GetRequest(workflowConsoleUrl);
sendRequest(getReq, Status.STATUS_UNAUTHORIZED, user1_sysAdmin);
// test the post webscript of the workflow console too
TestWebScriptServer.PostRequest postReq = new TestWebScriptServer.PostRequest(workflowConsoleUrl, "",
"multipart/form-data; boundary=----WebKitFormBoundaryjacWCXfJ3KjtRenA");
sendRequest(postReq, Status.STATUS_UNAUTHORIZED, user1_sysAdmin);
// Normal user shouldn't have access either
sendRequest(getReq, Status.STATUS_UNAUTHORIZED, user2);
// Admin should have access to everything
Response response = sendRequest(getReq, Status.STATUS_OK, admin);
Document doc = Jsoup.parse(response.getContentAsString());
assertNotNull(doc.title());
assertTrue(doc.title().contains("Workflow Admin Console"));
}
public void testNonSysAdminAccess() throws Exception
{
AuthenticationUtil.clearCurrentSecurityContext();
String url = "/admin/admin-communitysummary";
TestWebScriptServer.GetRequest req = new TestWebScriptServer.GetRequest(url);
sendRequest(req, Status.STATUS_UNAUTHORIZED, user2);
}
private class SimplePropertyDefinition implements PropertyDefinition
{
private boolean isAspect;
@@ -350,4 +499,19 @@ public class AdminWebScriptTest extends BaseWebScriptTest
return null;
}
}
private void createUser(String username, String password)
{
if (!personService.personExists(username))
{
this.authenticationService.createAuthentication(username, password.toCharArray());
PropertyMap personProps = new PropertyMap();
personProps.put(ContentModel.PROP_USERNAME, username);
personProps.put(ContentModel.PROP_FIRSTNAME, "testFirstName");
personProps.put(ContentModel.PROP_LASTNAME, "testLastName");
personProps.put(ContentModel.PROP_EMAIL, username + "@email.com");
this.personService.createPerson(personProps);
}
}
}

252
remote-api/src/test/java/org/alfresco/repo/web/scripts/bulkimport/BulkImportParametersExtractorTest.java Normal file
View File

@@ -0,0 +1,252 @@
/*
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
* the paid license agreement will prevail. Otherwise, the software is
* provided under the following open source license terms:
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
* #L%
*/
package org.alfresco.repo.web.scripts.bulkimport;
import static org.alfresco.repo.web.scripts.bulkimport.AbstractBulkFileSystemImportWebScript.PARAMETER_BATCH_SIZE;
import static org.alfresco.repo.web.scripts.bulkimport.AbstractBulkFileSystemImportWebScript.PARAMETER_DISABLE_RULES;
import static org.alfresco.repo.web.scripts.bulkimport.AbstractBulkFileSystemImportWebScript.PARAMETER_NUM_THREADS;
import static org.alfresco.repo.web.scripts.bulkimport.AbstractBulkFileSystemImportWebScript.PARAMETER_TARGET_NODEREF;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertThrows;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
import java.util.Map;
import org.alfresco.repo.bulkimport.BulkImportParameters;
import org.alfresco.repo.bulkimport.BulkImportParameters.ExistingFileMode;
import org.alfresco.repo.web.scripts.bulkimport.AbstractBulkFileSystemImportWebScript.BulkImportParametersExtractor;
import org.alfresco.service.cmr.model.FileNotFoundException;
import org.alfresco.service.cmr.repository.NodeRef;
import org.junit.Test;
import org.springframework.extensions.webscripts.WebScriptException;
public class BulkImportParametersExtractorTest
{
private static final String TEST_NODE_REF = "workspace://SpacesStore/this-is-just-a-test-ref";
private static final String TEST_MISSING_NODE_REF = "workspace://SpacesStore/this-is-just-a-not-existing-test-ref";
private static final Integer DEFAULT_BATCH_SIZE = 1234;
private static final Integer DEFAULT_NUMBER_OF_THREADS = 4321;
@Test
public void shouldExtractTargetRef() throws FileNotFoundException
{
final BulkImportParametersExtractor extractor = givenExtractor(Map.of(
PARAMETER_TARGET_NODEREF, TEST_NODE_REF));
final BulkImportParameters params = extractor.extract();
assertNotNull(params);
assertNotNull(params.getTarget());
assertEquals(TEST_NODE_REF, params.getTarget().toString());
}
@Test
public void shouldFallbackToDefaultValues() throws FileNotFoundException
{
final BulkImportParametersExtractor extractor = givenExtractor(Map.of(
PARAMETER_TARGET_NODEREF, TEST_NODE_REF));
final BulkImportParameters params = extractor.extract();
assertEquals(DEFAULT_BATCH_SIZE, params.getBatchSize());
assertEquals(DEFAULT_NUMBER_OF_THREADS, params.getNumThreads());
assertFalse(params.isDisableRulesService());
assertEquals(ExistingFileMode.SKIP, params.getExistingFileMode());
assertNull(params.getLoggingInterval());
}
@Test
public void shouldExtractDisableFolderRulesFlagWhenSetToTrue() throws FileNotFoundException
{
final BulkImportParametersExtractor extractor = givenExtractor(Map.of(
PARAMETER_TARGET_NODEREF, TEST_NODE_REF,
PARAMETER_DISABLE_RULES, "true"
));
final BulkImportParameters params = extractor.extract();
assertTrue(params.isDisableRulesService());
}
@Test
public void shouldExtractDisableFolderRulesFlagWhenSetToFalse() throws FileNotFoundException
{
final BulkImportParametersExtractor extractor = givenExtractor(Map.of(
PARAMETER_TARGET_NODEREF, TEST_NODE_REF,
PARAMETER_DISABLE_RULES, "false"
));
final BulkImportParameters params = extractor.extract();
assertFalse(params.isDisableRulesService());
}
@Test
public void shouldExtractDisableFolderRulesFlagWhenSetToNotBooleanValue() throws FileNotFoundException
{
final BulkImportParametersExtractor extractor = givenExtractor(Map.of(
PARAMETER_TARGET_NODEREF, TEST_NODE_REF,
PARAMETER_DISABLE_RULES, "unknown"
));
final BulkImportParameters params = extractor.extract();
assertFalse(params.isDisableRulesService());
}
@Test
public void shouldPropagateFileNotFoundExceptionWhenTargetIsNotFound()
{
final BulkImportParametersExtractor extractor = givenExtractor(Map.of(
PARAMETER_TARGET_NODEREF, TEST_MISSING_NODE_REF));
assertThrows(FileNotFoundException.class, extractor::extract);
}
@Test
public void shouldExtractValidBatchSize() throws FileNotFoundException
{
final BulkImportParametersExtractor extractor = givenExtractor(Map.of(
PARAMETER_TARGET_NODEREF, TEST_NODE_REF,
PARAMETER_BATCH_SIZE, "1"));
final BulkImportParameters params = extractor.extract();
assertEquals(Integer.valueOf(1), params.getBatchSize());
}
@Test
public void shouldFailWithWebScriptExceptionWhenInvalidBatchSizeIsRequested() throws FileNotFoundException
{
final BulkImportParametersExtractor extractor = givenExtractor(Map.of(
PARAMETER_TARGET_NODEREF, TEST_NODE_REF,
PARAMETER_BATCH_SIZE, "not-a-number"));
try
{
extractor.extract();
} catch (WebScriptException e)
{
assertNotNull(e.getMessage());
assertTrue(e.getMessage().contains(PARAMETER_BATCH_SIZE));
return;
}
fail("Expected exception to be thrown.");
}
@Test
public void shouldFailWithWebScriptExceptionWhenNegativeBatchSizeIsRequested() throws FileNotFoundException
{
final BulkImportParametersExtractor extractor = givenExtractor(Map.of(
PARAMETER_TARGET_NODEREF, TEST_NODE_REF,
PARAMETER_BATCH_SIZE, "-1"));
try
{
extractor.extract();
} catch (WebScriptException e)
{
assertNotNull(e.getMessage());
assertTrue(e.getMessage().contains(PARAMETER_BATCH_SIZE));
return;
}
fail("Expected exception to be thrown.");
}
@Test
public void shouldExtractValidNumberOfThreads() throws FileNotFoundException
{
final BulkImportParametersExtractor extractor = givenExtractor(Map.of(
PARAMETER_TARGET_NODEREF, TEST_NODE_REF,
PARAMETER_NUM_THREADS, "1"));
final BulkImportParameters params = extractor.extract();
assertEquals(Integer.valueOf(1), params.getNumThreads());
}
@Test
public void shouldFailWithWebScriptExceptionWhenInvalidNumberOfThreadsIsRequested() throws FileNotFoundException
{
final BulkImportParametersExtractor extractor = givenExtractor(Map.of(
PARAMETER_TARGET_NODEREF, TEST_NODE_REF,
PARAMETER_NUM_THREADS, "not-a-number"));
try
{
extractor.extract();
} catch (WebScriptException e)
{
assertNotNull(e.getMessage());
assertTrue(e.getMessage().contains(PARAMETER_NUM_THREADS));
return;
}
fail("Expected exception to be thrown.");
}
@Test
public void shouldFailWithWebScriptExceptionWhenNegativeNumberOfThreadsIsRequested() throws FileNotFoundException
{
final BulkImportParametersExtractor extractor = givenExtractor(Map.of(
PARAMETER_TARGET_NODEREF, TEST_NODE_REF,
PARAMETER_NUM_THREADS, "-1"));
try
{
extractor.extract();
} catch (WebScriptException e)
{
assertNotNull(e.getMessage());
assertTrue(e.getMessage().contains(PARAMETER_NUM_THREADS));
return;
}
fail("Expected exception to be thrown.");
}
private BulkImportParametersExtractor givenExtractor(Map<String, String> params)
{
return new BulkImportParametersExtractor(params::get, this::testRefCreator, DEFAULT_BATCH_SIZE, DEFAULT_NUMBER_OF_THREADS);
}
private NodeRef testRefCreator(String nodeRef, String path) throws FileNotFoundException
{
if (TEST_MISSING_NODE_REF.equals(nodeRef))
{
throw new FileNotFoundException(new NodeRef(nodeRef));
}
return new NodeRef(nodeRef);
}
}

71
remote-api/src/test/java/org/alfresco/rest/DeletedNodesTest.java
View File

@@ -2,7 +2,7 @@
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2020 Alfresco Software Limited
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
@@ -78,8 +78,6 @@ public class DeletedNodesTest extends AbstractSingleNetworkSiteTest
protected static final String URL_DELETED_NODES = "deleted-nodes";
private static final String URL_RENDITIONS = "renditions";
private final static long DELAY_IN_MS = 500;
@Override
public void setup() throws Exception
@@ -704,6 +702,73 @@ public class DeletedNodesTest extends AbstractSingleNetworkSiteTest
assertNull("We don't show the parent id for a deleted node",aNode.getParentId());
}
@Test
public void testRequestArchivedContentDirectUrl() throws Exception
{
setRequestContext(user1);
String myNodeId = getMyNodeId();
String fileName = "TestDocumentToArchive.txt";
Document testDocumentToArchive = new Document();
testDocumentToArchive.setName(fileName);
testDocumentToArchive.setNodeType(TYPE_CM_CONTENT);
// create *empty* text file
HttpResponse response = post(getNodeChildrenUrl(myNodeId), toJsonAsStringNonNull(testDocumentToArchive), 201);
Document document = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
final String contentNodeId = document.getId();
deleteNode(contentNodeId);
// Check the upload response
assertEquals(fileName, document.getName());
ContentInfo contentInfo = document.getContent();
assertNotNull(contentInfo);
assertEquals(MimetypeMap.MIMETYPE_TEXT_PLAIN, contentInfo.getMimeType());
HttpResponse dauResponse = post(getRequestArchivedContentDirectUrl(contentNodeId), null, null, null, null, 501);
}
@Test
public void testRequestArchivedRenditionDirectUrl() throws Exception
{
setRequestContext(user1);
// Create a folder within the site document's library
Date now = new Date();
String folder1 = "folder" + now.getTime() + "_1";
Folder createdFolder = createFolder(tDocLibNodeId, folder1, null);
assertNotNull(createdFolder);
String f1Id = createdFolder.getId();
// Create multipart request using an existing file
String fileName = "quick.pdf";
File file = getResourceFile(fileName);
MultiPartBuilder multiPartBuilder = MultiPartBuilder.create().setFileData(new MultiPartBuilder.FileData(fileName, file));
MultiPartBuilder.MultiPartRequest reqBody = multiPartBuilder.build();
// Upload quick.pdf file into 'folder'
HttpResponse response = post(getNodeChildrenUrl(f1Id), reqBody.getBody(), null, reqBody.getContentType(), 201);
Document document = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
String contentNodeId = document.getId();
Rendition rendition = createAndGetRendition(contentNodeId, "doclib");
assertNotNull(rendition);
String renditionID = rendition.getId();
assertEquals(Rendition.RenditionStatus.CREATED, rendition.getStatus());
deleteNode(contentNodeId);
HttpResponse dauResponse = post(getRequestArchivedRenditonContentDirectUrl(contentNodeId, renditionID), null, null, null, null, 501);
}
private String addToDocumentLibrary(String name, String nodeType, String userId) throws Exception
{
String parentId = getSiteContainerNodeId(Nodes.PATH_MY, "documentLibrary");
return createNode(parentId, name, nodeType, null).getId();
}
private String getDeletedNodeRenditionsUrl(String nodeId)
{
return URL_DELETED_NODES + "/" + nodeId + "/" + URL_RENDITIONS;

87
remote-api/src/test/java/org/alfresco/rest/api/discovery/DiscoveryApiWebscriptUnitTest.java Normal file
View File

@@ -0,0 +1,87 @@
/*
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
* the paid license agreement will prevail. Otherwise, the software is
* provided under the following open source license terms:
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
* #L%
*/
package org.alfresco.rest.api.discovery;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.assertEquals;
import org.alfresco.rest.api.impl.directurl.RestApiDirectUrlConfig;
import org.alfresco.service.cmr.repository.ContentService;
import org.junit.Test;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
/**
* @author Mikołaj Brzeziński
*/
public class DiscoveryApiWebscriptUnitTest
{
private static final Boolean ENABLED = Boolean.TRUE;
private static final Boolean DISABLED = Boolean.FALSE;
private DiscoveryApiWebscript discoveryApiWebscript = mock(DiscoveryApiWebscript.class);
private RestApiDirectUrlConfig restApiDirectUrlConfig = mock(RestApiDirectUrlConfig.class);
private ContentService contentService = mock(ContentService.class);
public void mockedAsserts(boolean restEnabled, boolean systemwideEnabled)
{
when(contentService.isContentDirectUrlEnabled()).thenReturn(systemwideEnabled);
when(restApiDirectUrlConfig.isEnabled()).thenReturn(restEnabled);
assertEquals(systemwideEnabled, contentService.isContentDirectUrlEnabled());
assertEquals(restEnabled, restApiDirectUrlConfig.isEnabled());
when(discoveryApiWebscript.isContentDirectUrlEnabled()).thenReturn(restEnabled && systemwideEnabled);
}
@Test
public void testEnabledConfig_RestEnabledAndSystemwideEnabled()
{
mockedAsserts(ENABLED,ENABLED);
assertTrue("Direct Acess URLs are enabled",discoveryApiWebscript.isContentDirectUrlEnabled());
}
@Test
public void testDisabledConfig_RestEnabledAndSystemwideDisabled()
{
mockedAsserts(ENABLED,DISABLED);
assertFalse("Direct Access URLs are disabled system-wide",discoveryApiWebscript.isContentDirectUrlEnabled());
}
@Test
public void testDisabledConfig_RestDisabledAndSystemwideDisabled()
{
mockedAsserts(DISABLED,DISABLED);
assertFalse("REST API Direct Access URLs are disabled and Direct Access URLs are disabled system-wide ",discoveryApiWebscript.isContentDirectUrlEnabled());
}
@Test
public void testDisabledConfig_RestDisabledAndSystemwideEnabled()
{
mockedAsserts(DISABLED,ENABLED);
assertFalse("REST API direct access URLs are disabled",discoveryApiWebscript.isContentDirectUrlEnabled());
}
}

132
remote-api/src/test/java/org/alfresco/rest/api/impl/RestApiDirectUrlConfigUnitTest.java Normal file
View File

@@ -0,0 +1,132 @@
/*
* #%L
* Alfresco Repository
* %%
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
* the paid license agreement will prevail. Otherwise, the software is
* provided under the following open source license terms:
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
* #L%
*/
package org.alfresco.rest.api.impl;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertTrue;
import org.alfresco.repo.content.directurl.SystemWideDirectUrlConfig;
import org.alfresco.rest.api.impl.directurl.RestApiDirectUrlConfig;
import org.junit.Before;
import org.junit.Test;
/**
* Tests for REST API direct access URL configuration settings.
*
* @author Sara Aspery
*/
public class RestApiDirectUrlConfigUnitTest
{
private static final Boolean ENABLED = Boolean.TRUE;
private static final Boolean DISABLED = Boolean.FALSE;
private static final Long DEFAULT_EXPIRY_TIME_IN_SECS = 20L;
private RestApiDirectUrlConfig restApiDirectUrlConfig;
@Before
public void setup()
{
this.restApiDirectUrlConfig = new RestApiDirectUrlConfig();
SystemWideDirectUrlConfig sysConfig = new SystemWideDirectUrlConfig();
sysConfig.setEnabled(ENABLED);
sysConfig.setDefaultExpiryTimeInSec(30L);
sysConfig.setMaxExpiryTimeInSec(300L);
restApiDirectUrlConfig.setSystemWideDirectUrlConfig(sysConfig);
}
@Test
public void testValidConfig_RemainsEnabled()
{
setupDirectAccessConfig(ENABLED, DEFAULT_EXPIRY_TIME_IN_SECS);
assertTrue("Expected REST API direct URLs to be enabled", restApiDirectUrlConfig.isEnabled());
restApiDirectUrlConfig.validate();
assertTrue("Expected REST API direct URLs to be enabled", restApiDirectUrlConfig.isEnabled());
}
@Test
public void testValidConfig_RemainsDisabled()
{
setupDirectAccessConfig(DISABLED, DEFAULT_EXPIRY_TIME_IN_SECS);
assertFalse("Expected REST API direct URLs to be disabled", restApiDirectUrlConfig.isEnabled());
restApiDirectUrlConfig.validate();
assertFalse("Expected REST API direct URLs to be disabled", restApiDirectUrlConfig.isEnabled());
}
@Test
public void testValidConfig_DefaultExpiryTimeMissing()
{
setupDirectAccessConfig(ENABLED, null);
assertNull("Expected REST API default expiry time to be null", restApiDirectUrlConfig.getDefaultExpiryTimeInSec());
restApiDirectUrlConfig.validate();
Long expectedDefaultExpiryTime = restApiDirectUrlConfig.getSysWideDefaultExpiryTimeInSec();
assertEquals("Expected REST API default expiry time to be set to the system-wide default", expectedDefaultExpiryTime, restApiDirectUrlConfig.getDefaultExpiryTimeInSec());
assertTrue("Expected REST API direct URLs to be enabled", restApiDirectUrlConfig.isEnabled());
}
@Test
public void testInvalidConfig_DefaultExpiryTimeZero()
{
setupDirectAccessConfig(ENABLED, 0L);
assertTrue("Expected REST API direct URLs to be enabled", restApiDirectUrlConfig.isEnabled());
restApiDirectUrlConfig.validate();
assertFalse("Expected REST API direct URLs to be disabled", restApiDirectUrlConfig.isEnabled());
}
@Test
public void testInvalidConfig_DefaultExpiryTimeNegative()
{
setupDirectAccessConfig(ENABLED, -1L);
assertTrue("Expected REST API direct URLs to be enabled", restApiDirectUrlConfig.isEnabled());
restApiDirectUrlConfig.validate();
assertFalse("Expected REST API direct URLs to be disabled", restApiDirectUrlConfig.isEnabled());
}
@Test
public void testInvalidConfig_DefaultExpiryTimeExceedsSystemMax()
{
Long systemMax = restApiDirectUrlConfig.getSysWideMaxExpiryTimeInSec();
setupDirectAccessConfig(ENABLED, systemMax + 1);
assertTrue("Expected REST API direct URLs to be enabled", restApiDirectUrlConfig.isEnabled());
restApiDirectUrlConfig.validate();
assertFalse("Expected REST API direct URLs to be disabled", restApiDirectUrlConfig.isEnabled());
}
/* Helper method to set system-wide direct access url configuration settings */
private void setupDirectAccessConfig(Boolean isEnabled, Long defaultExpiryTime)
{
restApiDirectUrlConfig.setEnabled(isEnabled);
restApiDirectUrlConfig.setDefaultExpiryTimeInSec(defaultExpiryTime);
}
}

20
remote-api/src/test/java/org/alfresco/rest/api/tests/AbstractBaseApiTest.java
View File

@@ -2,7 +2,7 @@
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2020 Alfresco Software Limited
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
@@ -96,6 +96,7 @@ public abstract class AbstractBaseApiTest extends EnterpriseTestApi
private static final String RESOURCE_PREFIX = "publicapi/upload/";
protected static final String URL_NODES = "nodes";
protected static final String URL_DELETED_NODES = "deleted-nodes";
protected static final String URL_RENDITIONS = "renditions";
protected static final String URL_VERSIONS = "versions";
@@ -136,6 +137,8 @@ public abstract class AbstractBaseApiTest extends EnterpriseTestApi
protected static PersonService personService;
protected final String RUNID = System.currentTimeMillis()+"";
private static final String REQUEST_DIRECT_ACCESS_URL = "request-direct-access-url";
@Override
@Before
@@ -211,6 +214,21 @@ public abstract class AbstractBaseApiTest extends EnterpriseTestApi
setRequestContext(null);
}
protected String getRequestContentDirectUrl(String nodeId)
{
return URL_NODES + "/" + nodeId + "/" + REQUEST_DIRECT_ACCESS_URL;
}
protected String getRequestArchivedContentDirectUrl(String nodeId)
{
return URL_DELETED_NODES + "/" + nodeId + "/" + REQUEST_DIRECT_ACCESS_URL;
}
protected String getRequestArchivedRenditonContentDirectUrl(String nodeId, String renditionID)
{
return URL_DELETED_NODES + "/" + nodeId + "/" + URL_RENDITIONS + "/" + renditionID + "/" + REQUEST_DIRECT_ACCESS_URL;
}
/**
* The api scope. either public or private
*

42
remote-api/src/test/java/org/alfresco/rest/api/tests/BufferedResponseTest.java
View File

@@ -26,23 +26,23 @@
*/
package org.alfresco.rest.api.tests;
import org.alfresco.repo.web.scripts.BufferedResponse;
import org.alfresco.repo.web.scripts.TempOutputStream;
import org.alfresco.repo.web.scripts.TempOutputStreamFactory;
import org.alfresco.util.TempFileProvider;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import java.io.File;
import java.io.IOException;
import java.io.OutputStream;
import java.io.RandomAccessFile;
import java.nio.file.Files;
import java.util.Arrays;
import java.util.function.Supplier;
import java.util.stream.Stream;
import org.alfresco.repo.web.scripts.BufferedResponse;
import org.alfresco.repo.web.scripts.TempOutputStream;
import org.alfresco.util.TempFileProvider;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
/**
* Test that BufferedResponse uses a temp file instead of buffering the entire output stream in memory
*
@@ -82,17 +82,25 @@ public class BufferedResponseTest
public void testOutputStream() throws IOException
{
File bufferTempDirectory = TempFileProvider.getTempDir(TEMP_DIRECTORY_NAME);
TempOutputStreamFactory streamFactory = new TempOutputStreamFactory(bufferTempDirectory, MEMORY_THRESHOLD, MAX_CONTENT_SIZE, false,true);
BufferedResponse response = new BufferedResponse(null, 0, streamFactory);
Supplier<TempOutputStream> streamFactory = TempOutputStream.factory(bufferTempDirectory,
MEMORY_THRESHOLD, MAX_CONTENT_SIZE, false);
long countBefore = countFilesInDirectoryWithPrefix(bufferTempDirectory, FILE_PREFIX );
copyFileToOutputStream(response);
long countAfter = countFilesInDirectoryWithPrefix(bufferTempDirectory, FILE_PREFIX);
response.getOutputStream().close();
final long countBefore = countFilesInDirectoryWithPrefix(bufferTempDirectory, FILE_PREFIX);
Assert.assertEquals(countBefore + 1, countAfter);
try (BufferedResponse response = new BufferedResponse(null, 0, streamFactory))
{
copyFileToOutputStream(response);
final long countBeforeClose = countFilesInDirectoryWithPrefix(bufferTempDirectory, FILE_PREFIX);
response.getOutputStream().close();
final long countAfterClose = countFilesInDirectoryWithPrefix(bufferTempDirectory, FILE_PREFIX);
Assert.assertEquals(countBefore + 1, countBeforeClose);
Assert.assertEquals(countBefore + 1, countAfterClose);
}
final long countAfterDestroy = countFilesInDirectoryWithPrefix(bufferTempDirectory, FILE_PREFIX);
Assert.assertEquals(countBefore, countAfterDestroy);
}
private void copyFileToOutputStream(BufferedResponse response) throws IOException

3
remote-api/src/test/java/org/alfresco/rest/api/tests/DiscoveryApiTest.java
View File

@@ -2,7 +2,7 @@
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2016 Alfresco Software Limited
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
@@ -185,6 +185,7 @@ public class DiscoveryApiTest extends AbstractSingleNetworkSiteTest
assertTrue(statusInfo.getIsAuditEnabled());
assertTrue(statusInfo.getIsQuickShareEnabled());
assertTrue(statusInfo.getIsThumbnailGenerationEnabled());
assertFalse(statusInfo.getIsDirectAccessUrlEnabled());
// Check modules
List<ModulePackage> modulePackageList = repositoryInfo.getModules();

4
remote-api/src/test/java/org/alfresco/rest/api/tests/GroupsTest.java
View File

@@ -836,13 +836,13 @@ public class GroupsTest extends AbstractSingleNetworkSiteTest
// Get network admin's groups by explicit ID.
{
ListResponse<Group> groups = groupsProxy.getGroupsByPersonId(networkAdmin, null, "Couldn't get user's groups", 200);
assertEquals(6L, (long) groups.getPaging().getTotalItems());
assertEquals(7L, (long) groups.getPaging().getTotalItems());
}
// test -me- alias (as network admin)
{
ListResponse<Group> groups = groupsProxy.getGroupsByPersonId("-me-", null, "Couldn't get user's groups", 200);
assertEquals(6L, (long) groups.getPaging().getCount());
assertEquals(7L, (long) groups.getPaging().getCount());
Iterator<Group> it = groups.getList().iterator();
assertEquals("GROUP_ALFRESCO_ADMINISTRATORS", it.next().getId());
}

118
remote-api/src/test/java/org/alfresco/rest/api/tests/NodeApiTest.java
View File

@@ -2,7 +2,7 @@
* #%L
* Alfresco Remote API
* %%
* Copyright (C) 2005 - 2016 Alfresco Software Limited
* Copyright (C) 2005 - 2021 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
@@ -82,6 +82,7 @@ import org.alfresco.rest.api.tests.client.data.Folder;
import org.alfresco.rest.api.tests.client.data.Node;
import org.alfresco.rest.api.tests.client.data.PathInfo;
import org.alfresco.rest.api.tests.client.data.PathInfo.ElementInfo;
import org.alfresco.rest.api.tests.client.data.Rendition;
import org.alfresco.rest.api.tests.client.data.SiteRole;
import org.alfresco.rest.api.tests.client.data.UserInfo;
import org.alfresco.rest.api.tests.util.MultiPartBuilder;
@@ -6355,5 +6356,120 @@ public class NodeApiTest extends AbstractSingleNetworkSiteTest
assertFalse((Boolean) constraintParameters.get("requiresMatch"));
}
@Test
public void testRequestContentDirectUrl() throws Exception
{
setRequestContext(user1);
// Use existing test file
String fileName = "quick-1.txt";
File file = getResourceFile(fileName);
MultiPartBuilder multiPartBuilder = MultiPartBuilder.create().setFileData(new MultiPartBuilder.FileData(fileName, file));
MultiPartBuilder.MultiPartRequest reqBody = multiPartBuilder.build();
// Upload text content
HttpResponse response = post(getNodeChildrenUrl(Nodes.PATH_MY), reqBody.getBody(), null, reqBody.getContentType(), 201);
Document document = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
final String contentNodeId = document.getId();
// Check the upload response
assertEquals(fileName, document.getName());
ContentInfo contentInfo = document.getContent();
assertNotNull(contentInfo);
assertEquals(MimetypeMap.MIMETYPE_TEXT_PLAIN, contentInfo.getMimeType());
HttpResponse dauResponse = post(getRequestContentDirectUrl(contentNodeId), null, null, null, null, 501);
}
@Test
public void testRequestVersionsContentDirectUrl() throws Exception
{
setRequestContext(user1);
String myNodeId = getMyNodeId();
Document d1 = new Document();
d1.setName("d1.txt");
d1.setNodeType(TYPE_CM_CONTENT);
// create *empty* text file - as of now, versioning is not enabled by default
HttpResponse response = post(getNodeChildrenUrl(myNodeId), toJsonAsStringNonNull(d1), 201);
Document documentResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
String docId = documentResp.getId();
assertFalse(documentResp.getAspectNames().contains("cm:versionable"));
assertNull(documentResp.getProperties()); // no properties (ie. no "cm:versionLabel")
int majorVersion = 1;
int minorVersion = 0;
String content = "The quick brown fox jumps over the lazy dog ";
Map<String, String> params = new HashMap<>();
params.put("comment", "my version ");
documentResp = updateTextFile(docId, content, params);
assertTrue(documentResp.getAspectNames().contains("cm:versionable"));
assertNotNull(documentResp.getProperties());
assertEquals(majorVersion+"."+minorVersion, documentResp.getProperties().get("cm:versionLabel"));
final String contentNodeId = documentResp.getId();
// Check the upload response
assertNotNull(documentResp.getProperties());
assertTrue(documentResp.getAspectNames().contains("cm:versionable"));
ContentInfo contentInfo = documentResp.getContent();
assertNotNull(contentInfo);
assertEquals(MimetypeMap.MIMETYPE_TEXT_PLAIN, contentInfo.getMimeType());
HttpResponse dauResponse = post(getRequestContentDirectUrl(contentNodeId), null, null, null, null, 501);
}
@Test
public void testRequestRenditionContentDirectUrl() throws Exception
{
setRequestContext(user1);
RepoService.TestNetwork networkN1;
RepoService.TestPerson userOneN1;
Site userOneN1Site;
networkN1 = repoService.createNetworkWithAlias("ping", true);
networkN1.create();
userOneN1 = networkN1.createUser();
setRequestContext(networkN1.getId(), userOneN1.getId(), null);
String siteTitle = "RandomSite" + System.currentTimeMillis();
userOneN1Site = createSite(siteTitle, SiteVisibility.PRIVATE);
// Create a folder within the site document's library
String folderName = "folder" + System.currentTimeMillis();
String parentId = getSiteContainerNodeId(userOneN1Site.getId(), "documentLibrary");
String folder_Id = createNode(parentId, folderName, TYPE_CM_FOLDER, null).getId();
// Create multipart request - pdf file
String renditionName = "doclib";
String fileName = "quick.pdf";
File file = getResourceFile(fileName);
MultiPartRequest reqBody = MultiPartBuilder.create()
.setFileData(new FileData(fileName, file))
.setRenditions(Collections.singletonList(renditionName))
.build();
// Upload quick.pdf file into 'folder' - including request to create 'doclib' thumbnail
HttpResponse response = post(getNodeChildrenUrl(folder_Id), reqBody.getBody(), null, reqBody.getContentType(), 201);
Document document = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
String contentNodeId = document.getId();
// wait and check that rendition is created ...
Rendition rendition = waitAndGetRendition(contentNodeId, null, renditionName);
assertNotNull(rendition);
assertEquals(Rendition.RenditionStatus.CREATED, rendition.getStatus());
HttpResponse dauResponse = post(getRequestContentDirectUrl(contentNodeId), null, null, null, null, 501);
}
}

53
remote-api/src/test/java/org/alfresco/rest/api/tests/TempOutputStreamTest.java
View File

@@ -33,11 +33,11 @@ import java.io.IOException;
import java.io.RandomAccessFile;
import java.nio.charset.Charset;
import java.util.Arrays;
import java.util.function.Supplier;
import java.util.stream.Stream;
import org.alfresco.repo.content.ContentLimitViolationException;
import org.alfresco.repo.web.scripts.TempOutputStream;
import org.alfresco.repo.web.scripts.TempOutputStreamFactory;
import org.alfresco.util.TempFileProvider;
import org.junit.Assert;
import org.junit.Test;
@@ -57,11 +57,12 @@ public class TempOutputStreamTest
@Test
public void testInMemoryStream() throws IOException
{
TempOutputStreamFactory streamFactory = new TempOutputStreamFactory(bufferTempDirectory, MEMORY_THRESHOLD, MAX_CONTENT_SIZE, false, false);
Supplier<TempOutputStream> streamFactory = TempOutputStream.factory(bufferTempDirectory,
MEMORY_THRESHOLD, MAX_CONTENT_SIZE, false);
File file = createTextFileWithRandomContent(MEMORY_THRESHOLD - 1024L);
{
TempOutputStream outputStream = streamFactory.createOutputStream();
TempOutputStream outputStream = streamFactory.get();
long countBefore = countFilesInDirectoryWithPrefix(bufferTempDirectory);
@@ -83,8 +84,8 @@ public class TempOutputStreamTest
{
// Create stream factory that doesn't delete temp file on stream close
TempOutputStreamFactory streamFactory = new TempOutputStreamFactory(bufferTempDirectory, MEMORY_THRESHOLD, MAX_CONTENT_SIZE, false, false);
TempOutputStream outputStream = streamFactory.createOutputStream();
Supplier<TempOutputStream> streamFactory = TempOutputStream.factory(bufferTempDirectory, MEMORY_THRESHOLD, MAX_CONTENT_SIZE, false);
TempOutputStream outputStream = streamFactory.get();
long countBefore = countFilesInDirectoryWithPrefix(bufferTempDirectory);
@@ -107,26 +108,6 @@ public class TempOutputStreamTest
Assert.assertEquals(countBefore, countAfter);
}
{
// Create stream factory that deletes temp file on stream close
TempOutputStreamFactory streamFactory = new TempOutputStreamFactory(bufferTempDirectory, MEMORY_THRESHOLD, MAX_CONTENT_SIZE, false, true);
TempOutputStream outputStream = streamFactory.createOutputStream();
long countBefore = countFilesInDirectoryWithPrefix(bufferTempDirectory);
StreamUtils.copy(new BufferedInputStream(new FileInputStream(file)), outputStream);
// Check that temp file was created
long countAfter = countFilesInDirectoryWithPrefix(bufferTempDirectory);
Assert.assertEquals(countBefore + 1, countAfter);
outputStream.close();
// Check that file was deleted on close
countAfter = countFilesInDirectoryWithPrefix(bufferTempDirectory);
Assert.assertEquals(countBefore, countAfter);
}
file.delete();
}
@@ -140,9 +121,9 @@ public class TempOutputStreamTest
File file = createTextFileWithRandomContent(contentSize);
// Create stream factory that deletes temp file on stream close
TempOutputStreamFactory streamFactory = new TempOutputStreamFactory(bufferTempDirectory, MEMORY_THRESHOLD, maxContentSize, false, true);
TempOutputStream outputStream = streamFactory.createOutputStream();
// Create stream factory that deletes the temp file when the max Size is reached
Supplier<TempOutputStream> streamFactory = TempOutputStream.factory(bufferTempDirectory, MEMORY_THRESHOLD, maxContentSize, false);
TempOutputStream outputStream = streamFactory.get();
long countBefore = countFilesInDirectoryWithPrefix(bufferTempDirectory);
@@ -156,7 +137,7 @@ public class TempOutputStreamTest
// Expected
}
// Check that file was already deleted on close
// Check that file was already deleted on error
long countAfter = countFilesInDirectoryWithPrefix(bufferTempDirectory);
Assert.assertEquals(countBefore, countAfter);
@@ -170,9 +151,9 @@ public class TempOutputStreamTest
File file = createTextFileWithRandomContent(contentSize);
// Create stream factory that deletes temp file on stream close
TempOutputStreamFactory streamFactory = new TempOutputStreamFactory(bufferTempDirectory, MEMORY_THRESHOLD, maxContentSize, false, true);
TempOutputStream outputStream = streamFactory.createOutputStream();
// Create stream factory that deletes the temp file when the max Size is reached
Supplier<TempOutputStream> streamFactory = TempOutputStream.factory(bufferTempDirectory, MEMORY_THRESHOLD, maxContentSize, false);
TempOutputStream outputStream = streamFactory.get();
long countBefore = countFilesInDirectoryWithPrefix(bufferTempDirectory);
@@ -186,7 +167,7 @@ public class TempOutputStreamTest
// Expected
}
// Check that file was already deleted on close
// Check that file was already deleted on error
long countAfter = countFilesInDirectoryWithPrefix(bufferTempDirectory);
Assert.assertEquals(countBefore, countAfter);
@@ -200,9 +181,9 @@ public class TempOutputStreamTest
File file = createTextFileWithRandomContent(MEMORY_THRESHOLD + 1024L);
// Create stream factory that doesn't delete temp file on stream close
TempOutputStreamFactory streamFactory = new TempOutputStreamFactory(bufferTempDirectory, MEMORY_THRESHOLD, MAX_CONTENT_SIZE, true, false);
Supplier<TempOutputStream> streamFactory = TempOutputStream.factory(bufferTempDirectory, MEMORY_THRESHOLD, MAX_CONTENT_SIZE, true);
TempOutputStream outputStream = streamFactory.createOutputStream();
TempOutputStream outputStream = streamFactory.get();
long countBefore = countFilesInDirectoryWithPrefix(bufferTempDirectory);
@@ -220,7 +201,7 @@ public class TempOutputStreamTest
// Compare content
String contentWriten = StreamUtils.copyToString(new BufferedInputStream(new FileInputStream(file)), Charset.defaultCharset());
String contentRead = StreamUtils.copyToString(outputStream.getInputStream(), Charset.defaultCharset());
String contentRead = StreamUtils.copyToString(outputStream.toNewInputStream(), Charset.defaultCharset());
Assert.assertEquals(contentWriten, contentRead);
outputStream.destroy();

72
remote-api/src/test/java/org/alfresco/rest/api/tests/TestCMIS.java
View File

@@ -60,8 +60,11 @@ import org.alfresco.cmis.client.impl.AlfrescoObjectFactoryImpl;
import org.alfresco.cmis.client.type.AlfrescoType;
import org.alfresco.model.ContentModel;
import org.alfresco.model.RenditionModel;
import org.alfresco.opencmis.CMISDispatcher;
import org.alfresco.opencmis.CMISDispatcherRegistry.Binding;
import org.alfresco.opencmis.CMISServletDispatcher;
import org.alfresco.opencmis.PublicApiAlfrescoCmisServiceFactory;
import org.alfresco.opencmis.PublicApiBrowserCMISDispatcher;
import org.alfresco.opencmis.dictionary.CMISStrictDictionaryService;
import org.alfresco.opencmis.dictionary.QNameFilter;
import org.alfresco.opencmis.dictionary.QNameFilterImpl;
@@ -99,6 +102,7 @@ import org.alfresco.rest.api.tests.client.data.NodeRating.Aggregate;
import org.alfresco.rest.api.tests.client.data.Person;
import org.alfresco.rest.api.tests.client.data.SiteRole;
import org.alfresco.rest.api.tests.client.data.Tag;
import org.alfresco.rest.framework.core.exceptions.JsonpCallbackNotAllowedException;
import org.alfresco.service.cmr.lock.LockService;
import org.alfresco.service.cmr.lock.LockType;
import org.alfresco.service.cmr.model.FileFolderService;
@@ -153,6 +157,7 @@ import org.junit.Ignore;
import org.junit.Test;
import org.junit.experimental.categories.Category;
import org.springframework.context.ApplicationContext;
import org.springframework.extensions.surf.util.I18NUtil;
import org.springframework.extensions.surf.util.URLEncoder;
public class TestCMIS extends EnterpriseTestApi
@@ -517,6 +522,73 @@ public class TestCMIS extends EnterpriseTestApi
assertEquals(200, response.getStatusCode());
}
/**
* MNT-22428 Check the return from http://localhost:8080/alfresco/api/-default-/public/cmis/versions/1.1/browser/root&callback= when jsonp callback is disabled
*
* @throws Exception
*/
@Test
public void testBrowserDisabledJSONPCallback() throws Exception
{
// disables unsecure callback jsonp
final PublicApiBrowserCMISDispatcher dispatcher = ctx.getBean(PublicApiBrowserCMISDispatcher.class);
dispatcher.setAllowUnsecureCallbackJSONP(false);
final TestNetwork network1 = getTestFixture().getRandomNetwork();
Iterator<String> personIt = network1.getPersonIds().iterator();
final String personId = personIt.next();
assertNotNull(personId);
Person person = repoService.getPerson(personId);
assertNotNull(person);
publicApiClient.setRequestContext(new RequestContext(network1.getId(), personId));
// request with a callback parameter
HttpResponse response;
final Map<String, String> params = Map.of("callback", "");
response = publicApiClient.get(network1.getId() + "/public/cmis/versions/1.1/browser/root", params);
assertEquals(403, response.getStatusCode());
String exceptionMessage = I18NUtil.getMessage(JsonpCallbackNotAllowedException.DEFAULT_MESSAGE_ID, params);
assertTrue(response.getResponse().endsWith(exceptionMessage));
// request without a callback parameter
response = publicApiClient.get(network1.getId() + "/public/cmis/versions/1.1/browser/root", null);
assertEquals(200, response.getStatusCode());
}
/*
* MNT-22428 Check the return from http://localhost:8080/alfresco/api/-default-/public/cmis/versions/1.1/browser/root&callback= when jsonp callback is enabled
*
* @throws Exception
*/
@Test
public void testBrowserEnabledJSONPCallback() throws Exception
{
// enables unsecure callback jsonp
final PublicApiBrowserCMISDispatcher dispatcher = ctx.getBean(PublicApiBrowserCMISDispatcher.class);
dispatcher.setAllowUnsecureCallbackJSONP(true);
final TestNetwork network1 = getTestFixture().getRandomNetwork();
Iterator<String> personIt = network1.getPersonIds().iterator();
final String personId = personIt.next();
assertNotNull(personId);
Person person = repoService.getPerson(personId);
assertNotNull(person);
publicApiClient.setRequestContext(new RequestContext(network1.getId(), personId));
// request with a callback parameter
HttpResponse response;
final Map<String, String> params = Map.of("callback", "someFunction");
response = publicApiClient.get(network1.getId() + "/public/cmis/versions/1.1/browser/root", params);
assertEquals(200, response.getStatusCode());
// request without a callback parameter
response = publicApiClient.get(network1.getId() + "/public/cmis/versions/1.1/browser/root", null);
assertEquals(200, response.getStatusCode());
}
/**
* REPO-2041 / MNT-16236 Upload via cmis binding atom and browser files with different maxContentSize
*/