From f1825c7ab1ff857cecc567e8f5ad8e4b4dec8583 Mon Sep 17 00:00:00 2001
From: Mark Rogers <mark.rogers@alfresco.com>
Date: Wed, 30 Apr 2014 16:36:27 +0000
Subject: [PATCH] Merged HEAD-BUG-FIX (4.3/Cloud) to HEAD (4.3/Cloud)    68227:
 Merged V4.2-BUG-FIX (4.2.3) to HEAD-BUG-FIX (4.3/Cloud)       68017: Merged
 V4.1-BUG-FIX (4.1.9) to V4.2-BUG-FIX (4.2.3)          68002: Merged V4.1.5
 (4.1.5.13) to V4.1-BUG-FIX (4.1.9)             67573: MNT-11107: Merged DEV
 to PATCHES/V4.1.5 (4.1.5.13)                66906: MNT-11107: Documents
 uploaded by another user are not filtered via tags in My Files               
    - For SolrDAO.getAcls select ACLs that are directly related to nodes or
 their defining acl is related to a node. Add the regression test.            
 67575: MNT-11055: Merged DEV to PATCHES/V4.1.5 (4.1.5.13)               
 57903: MNT-9964: DB2 unit tests failing                   - Move 'exists'
 subquery from 'join on' to 'where' clause             67658: MNT-11107:
 Documents uploaded by another user are not filtered via tags in My Files     
           For ChangeSets Summary select also take into account ACLs that have
 defining ACL related to a node.

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@68475 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
---
 .../solr-common-SqlMap.xml                    |   4 +-
 .../repo/domain/solr/SOLRDAOTest.java         | 104 +++++++++++++++++-
 2 files changed, 104 insertions(+), 4 deletions(-)

diff --git a/config/alfresco/ibatis/org.hibernate.dialect.Dialect/solr-common-SqlMap.xml b/config/alfresco/ibatis/org.hibernate.dialect.Dialect/solr-common-SqlMap.xml
index b7a325da57..2a190892f3 100644
--- a/config/alfresco/ibatis/org.hibernate.dialect.Dialect/solr-common-SqlMap.xml
+++ b/config/alfresco/ibatis/org.hibernate.dialect.Dialect/solr-common-SqlMap.xml
@@ -41,7 +41,7 @@
             alf_acl_change_set acs
         join alf_access_control_list acl on (acl.acl_change_set = acs.id)
         <where>
-           exists (select 1 from alf_node admnode where admnode.acl_id = acl.id)
+           exists (select 1 from alf_node admnode where admnode.acl_id = acl.id OR admnode.acl_id = acl.inherits_from)
            <if test="fromCommitTimeInclusive != null">
                and <![CDATA[acs.commit_time_ms >= #{fromCommitTimeInclusive}]]>
            </if>
@@ -66,7 +66,7 @@
         from
             alf_access_control_list acl
         <where>
-            exists (select 1 from alf_node admnode where admnode.acl_id = acl.id)
+            exists (select 1 from alf_node admnode where admnode.acl_id = acl.id OR admnode.acl_id = acl.inherits_from)
             <if test="fromIdInclusive != null">
                and <![CDATA[acl.id >= #{fromIdInclusive}]]>
             </if>
diff --git a/source/test-java/org/alfresco/repo/domain/solr/SOLRDAOTest.java b/source/test-java/org/alfresco/repo/domain/solr/SOLRDAOTest.java
index 11f45a8519..ffd5ffa033 100644
--- a/source/test-java/org/alfresco/repo/domain/solr/SOLRDAOTest.java
+++ b/source/test-java/org/alfresco/repo/domain/solr/SOLRDAOTest.java
@@ -27,17 +27,26 @@ import java.util.Set;
 
 import junit.framework.TestCase;
 
+import org.alfresco.model.ContentModel;
 import org.alfresco.repo.domain.node.Node;
+import org.alfresco.repo.domain.permissions.AclDAO;
 import org.alfresco.repo.security.authentication.AuthenticationComponent;
+import org.alfresco.repo.security.permissions.ACLType;
+import org.alfresco.repo.security.permissions.AccessControlListProperties;
 import org.alfresco.repo.solr.Acl;
 import org.alfresco.repo.solr.AclChangeSet;
 import org.alfresco.repo.solr.NodeParameters;
 import org.alfresco.repo.solr.Transaction;
 import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback;
+import org.alfresco.service.cmr.repository.NodeRef;
+import org.alfresco.service.cmr.repository.NodeService;
 import org.alfresco.service.cmr.repository.StoreRef;
+import org.alfresco.service.cmr.security.MutableAuthenticationService;
+import org.alfresco.service.cmr.security.PersonService;
 import org.alfresco.service.transaction.TransactionService;
 import org.alfresco.test_category.OwnJVMTestsCategory;
 import org.alfresco.util.ApplicationContextHelper;
+import org.alfresco.util.PropertyMap;
 import org.junit.experimental.categories.Category;
 import org.springframework.context.ConfigurableApplicationContext;
 
@@ -51,8 +60,12 @@ public class SOLRDAOTest extends TestCase
 {
     private ConfigurableApplicationContext ctx = (ConfigurableApplicationContext) ApplicationContextHelper.getApplicationContext();
 
-    private TransactionService transactionService;
     private AuthenticationComponent authenticationComponent;
+    private MutableAuthenticationService authenticationService;
+    private PersonService personService;
+    private TransactionService transactionService;
+    private NodeService nodeService;
+    private AclDAO aclDaoComponent;
     private SOLRDAO solrDAO;
     
     @Override
@@ -60,7 +73,12 @@ public class SOLRDAOTest extends TestCase
     {
         solrDAO = (SOLRDAO)ctx.getBean("solrDAO");
         authenticationComponent = (AuthenticationComponent)ctx.getBean("authenticationComponent");
-        transactionService = (TransactionService) ctx.getBean("TransactionService");
+        
+        authenticationService = (MutableAuthenticationService)ctx.getBean("authenticationService");
+        personService = (PersonService)ctx.getBean("PersonService");
+        transactionService = (TransactionService)ctx.getBean("transactionComponent");
+        nodeService = (NodeService) ctx.getBean("NodeService");
+        aclDaoComponent = (AclDAO) ctx.getBean("aclDAO");
         
         authenticationComponent.setSystemUserAsCurrentUser();
     }
@@ -342,4 +360,86 @@ public class SOLRDAOTest extends TestCase
         
         return txnIds;
     }
+
+    private boolean containsAclId(List<Acl> acls, Long id)
+    {
+        for (Acl acl : acls)
+        {
+            if (acl.getId().equals(id))
+            {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    /**
+     * MNT-11107: during User Home creation Shared Acl is created that is inherited from Acl
+     * which is assigned to User Home folder node. This Shared Acl is not assigned to any node.
+     * However, solrDAO should be able to find it so that it can be indexed.
+     */
+    public void testInheritedAclIndexing() throws Exception
+    {
+        final String USER_MNT11107 = "TestUserMNT11107";
+
+        Long sharedAclId = transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionCallback<Long>()
+        {
+            @Override
+            public Long execute() throws Throwable
+            {
+                // Create a user
+                if (authenticationService.authenticationExists(USER_MNT11107))
+                    authenticationService.deleteAuthentication(USER_MNT11107);
+                if (personService.personExists(USER_MNT11107))
+                    personService.deletePerson(USER_MNT11107);
+
+                authenticationService.createAuthentication(USER_MNT11107, "PWD".toCharArray());
+                PropertyMap personProperties = new PropertyMap();
+                personProperties.put(ContentModel.PROP_USERNAME, USER_MNT11107);
+                personProperties.put(ContentModel.PROP_AUTHORITY_DISPLAY_NAME, "title" + USER_MNT11107);
+                personProperties.put(ContentModel.PROP_FIRSTNAME, "firstName");
+                personProperties.put(ContentModel.PROP_LASTNAME, "lastName");
+                personProperties.put(ContentModel.PROP_EMAIL, USER_MNT11107 + "@example.com");
+                personProperties.put(ContentModel.PROP_JOBTITLE, "jobTitle");
+                NodeRef person = personService.createPerson(personProperties);
+
+                NodeRef testUserHomeFolder = (NodeRef) nodeService.getProperty(person, ContentModel.PROP_HOMEFOLDER);
+                assertNotNull("testUserHomeFolder is null", testUserHomeFolder);
+
+                Long aclIdForUserHomeFolder = nodeService.getNodeAclId(testUserHomeFolder);
+                Long inheritedAclId = aclDaoComponent.getInheritedAccessControlList(aclIdForUserHomeFolder);
+
+                return inheritedAclId;
+            }
+        });
+
+        try
+        {
+            assertNotNull("Acl for User Home folder should have inherited Acl", sharedAclId);
+            AccessControlListProperties aclProps = aclDaoComponent.getAccessControlListProperties(sharedAclId);
+            assertEquals("Inherited Acl should be of SHARED type", aclProps.getAclType(), ACLType.SHARED);
+            assertTrue("Acl should inherit", aclProps.getInherits());
+            assertNotNull("AclChangeSet for inherited Acl should not be NULL", aclProps.getAclChangeSetId());
+
+            List<Long> aclChangeSetIds = new ArrayList<Long>();
+            aclChangeSetIds.add(aclProps.getAclChangeSetId());
+            List<Acl> acls = solrDAO.getAcls(aclChangeSetIds, null, 1000);
+            assertTrue("Shared Acl should be found by solrDAO so that it can be indexed", containsAclId(acls, sharedAclId));
+        }
+        finally
+        {
+            transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionCallback<Void>()
+            {
+                @Override
+                public Void execute() throws Throwable
+                {
+                    // Tidy up
+                    authenticationComponent.setSystemUserAsCurrentUser();
+                    authenticationService.deleteAuthentication(USER_MNT11107);
+                    personService.deletePerson(USER_MNT11107);
+                    return null;
+                }
+            });
+        }
+    }
 }