diff --git a/source/java/org/alfresco/repo/security/authority/AuthorityDAOImpl.java b/source/java/org/alfresco/repo/security/authority/AuthorityDAOImpl.java index d709d91807..a61d25ffcc 100644 --- a/source/java/org/alfresco/repo/security/authority/AuthorityDAOImpl.java +++ b/source/java/org/alfresco/repo/security/authority/AuthorityDAOImpl.java @@ -279,12 +279,25 @@ public class AuthorityDAOImpl implements AuthorityDAO, NodeServicePolicies.Befor Pattern pattern = displayNamePattern == null ? null : Pattern.compile(SearchLanguageConversion.convert( SearchLanguageConversion.DEF_LUCENE, SearchLanguageConversion.DEF_REGEX, displayNamePattern), Pattern.CASE_INSENSITIVE); + // Use SQL to determine root authorities + Set rootAuthorities = null; if (parentAuthority == null && immediate) { - return getRootAuthoritiesUnderContainer(zoneName == null ? getAuthorityContainer() : getZone(zoneName), - type, pattern); + NodeRef container = zoneName == null ? getAuthorityContainer() : getZone(zoneName); + if (container == null) + { + // The zone doesn't even exist so there are no root authorities + return Collections.emptySet(); + } + rootAuthorities = getRootAuthoritiesUnderContainer(container, type, pattern); + if (pattern == null) + { + return rootAuthorities; + } } + + // Use a Lucene search for other criteria Set authorities = new TreeSet(); SearchParameters sp = new SearchParameters(); sp.addStore(this.storeRef); @@ -358,6 +371,12 @@ public class AuthorityDAOImpl implements AuthorityDAO, NodeServicePolicies.Befor addAuthorityNameIfMatches(authorities, DefaultTypeConverter.INSTANCE.convert(String.class, nodeService .getProperty(nodeRef, idProp)), type, pattern); } + + // If we asked for root authorities, we must do an intersection with the set of root authorities + if (rootAuthorities != null) + { + authorities.retainAll(rootAuthorities); + } return authorities; } finally