inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged V3.1 to HEAD

Browse Source 
12943: Port of support for ADB-47 from V2.1-A to 3.1
   12948: Port of tests from CHK-2235 for ADB-20 from V2.1-A to 3.1
   12965: Activated index tracker Quartz job by default
   12974: Port for lazy creation of home folders with configuration from V2.1-A to V3.1: original CHK-2619, CHK-2716
   12976: Merged V2.1A to V3.1
      8562: (record-only) Fix to lazily create home folders - DO NOT MERGE
      8694: (record-only) Added configuration for lazy or eager creation of home folders
   12978: Merged V3.0 to V3.1
      12920: Merged V2.2 to V3.0
         12456: Wire up AVM locking service by interface to allow for potential over-ride
         12457: Make AVM ChildKey case insensitive
         12470: Merged V2.2.1-NBC-FIXES to V2.2
            12156: Optimizations to WCMWorkflowEvaluator and WCMWorkflowDeletedEvaluator    
            12605: Hide annoying "Virtualisation Server not started" warnings (by making them debug)
         12707: AVM console - "snap" also allows tag and description to be specified
   12979: Build/test fix
   ___________________________________________________________________
   Modified: svn:mergeinfo
      Merged /alfresco/BRANCHES/DEV/V2.2.1-NBC-FIXES:r12156
      Merged /alfresco/BRANCHES/V2.1-A:r8562,8694
      Merged /alfresco/BRANCHES/V3.0:r12920
      Merged /alfresco/BRANCHES/V2.2:r12456-12457,12470,12605,12707
      Merged /alfresco/BRANCHES/V3.1:r12943,12948,12965,12974,12976,12978-12979


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@13544 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Derek Hulley
2009-03-11 01:06:49 +00:00
parent b30c8f915b
commit f77e816467
16 changed files with 423 additions and 196 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
source/java/org/alfresco/repo/security/authentication/AuthenticationTest.java
View File

@@ -51,6 +51,7 @@ import org.alfresco.repo.cache.SimpleCache;
import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
import org.alfresco.repo.security.authentication.InMemoryTicketComponentImpl.ExpiryMode;
import org.alfresco.repo.security.authentication.InMemoryTicketComponentImpl.Ticket;
import org.alfresco.repo.security.person.UserNameMatcher;
import org.alfresco.repo.tenant.TenantService;
import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback;
import org.alfresco.service.ServiceRegistry;
@@ -118,6 +119,8 @@ public class AuthenticationTest extends TestCase
private PersonService personService;
private UserNameMatcher userNameMatcher;
public AuthenticationTest()
{
super();
@@ -143,6 +146,7 @@ public class AuthenticationTest extends TestCase
authenticationComponentImpl = (AuthenticationComponent) ctx.getBean("authenticationComponent");
pubPersonService = (PersonService) ctx.getBean("PersonService");
personService = (PersonService) ctx.getBean("personService");
userNameMatcher = (UserNameMatcher) ctx.getBean("userNameMatcher");
// permissionServiceSPI = (PermissionServiceSPI)
// ctx.getBean("permissionService");
ticketsCache = (SimpleCache<String, Ticket>) ctx.getBean("ticketsCache");
@@ -182,6 +186,8 @@ public class AuthenticationTest extends TestCase
dao.setDictionaryService(dictionaryService);
dao.setNamespaceService(getNamespacePrefixReolsver(""));
dao.setPasswordEncoder(passwordEncoder);
dao.setUserNameMatcher(userNameMatcher);
dao.setRetryingTransactionHelper(transactionService.getRetryingTransactionHelper());
if (dao.getUserOrNull("andy") != null)
{
@@ -388,6 +394,8 @@ public class AuthenticationTest extends TestCase
dao.setDictionaryService(dictionaryService);
dao.setNamespaceService(getNamespacePrefixReolsver(""));
dao.setPasswordEncoder(passwordEncoder);
dao.setUserNameMatcher(userNameMatcher);
dao.setRetryingTransactionHelper(transactionService.getRetryingTransactionHelper());
dao.createUser("Andy", "cabbage".toCharArray());
assertNotNull(dao.getUserOrNull("Andy"));

152
source/java/org/alfresco/repo/security/authentication/RepositoryAuthenticationDao.java
View File

@@ -39,9 +39,9 @@ import net.sf.acegisecurity.providers.encoding.PasswordEncoder;
import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.model.ContentModel;
import org.alfresco.repo.security.person.UserNameMatcher;
import org.alfresco.repo.tenant.TenantService;
import org.alfresco.repo.transaction.RetryingTransactionHelper;
import org.alfresco.service.Managed;
import org.alfresco.service.cmr.dictionary.DictionaryService;
import org.alfresco.service.cmr.repository.ChildAssociationRef;
import org.alfresco.service.cmr.repository.InvalidNodeRefException;
@@ -63,6 +63,7 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
private static final StoreRef STOREREF_USERS = new StoreRef("user", "alfrescoUserStore");
private NodeService nodeService;
private TenantService tenantService;
private NamespacePrefixResolver namespacePrefixResolver;
@@ -71,22 +72,26 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
private DictionaryService dictionaryService;
private SearchService searchService;
private RetryingTransactionHelper retryingTransactionHelper;
private PasswordEncoder passwordEncoder;
private boolean userNamesAreCaseSensitive;
private UserNameMatcher userNameMatcher;
public RepositoryAuthenticationDao()
{
super();
}
public boolean getUserNamesAreCaseSensitive()
{
return userNamesAreCaseSensitive;
return userNameMatcher.getUserNamesAreCaseSensitive();
}
@Managed(category="Security")
public void setUserNamesAreCaseSensitive(boolean userNamesAreCaseSensitive)
public void setUserNameMatcher(UserNameMatcher userNameMatcher)
{
this.userNamesAreCaseSensitive = userNamesAreCaseSensitive;
this.userNameMatcher = userNameMatcher;
}
public void setDictionaryService(DictionaryService dictionaryService)
@@ -103,7 +108,7 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
{
this.nodeService = nodeService;
}
public void setRetryingTransactionHelper(RetryingTransactionHelper retryingTransactionHelper)
{
this.retryingTransactionHelper = retryingTransactionHelper;
@@ -124,8 +129,7 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
this.searchService = searchService;
}
public UserDetails loadUserByUsername(String incomingUserName) throws UsernameNotFoundException,
DataAccessException
public UserDetails loadUserByUsername(String incomingUserName) throws UsernameNotFoundException, DataAccessException
{
NodeRef userRef = getUserOrNull(incomingUserName);
if (userRef == null)
@@ -134,28 +138,25 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
}
Map<QName, Serializable> properties = nodeService.getProperties(userRef);
String password = DefaultTypeConverter.INSTANCE.convert(String.class, properties
.get(ContentModel.PROP_PASSWORD));
String password = DefaultTypeConverter.INSTANCE.convert(String.class, properties.get(ContentModel.PROP_PASSWORD));
// Report back the user name as stored on the user
String userName = DefaultTypeConverter.INSTANCE.convert(String.class, properties
.get(ContentModel.PROP_USER_USERNAME));
String userName = DefaultTypeConverter.INSTANCE.convert(String.class, properties.get(ContentModel.PROP_USER_USERNAME));
GrantedAuthority[] gas = new GrantedAuthority[1];
gas[0] = new GrantedAuthorityImpl("ROLE_AUTHENTICATED");
UserDetails ud = new User(userName, password, getEnabled(userRef), !getAccountHasExpired(userRef),
!getCredentialsHaveExpired(userRef), !getAccountlocked(userRef), gas);
UserDetails ud = new User(userName, password, getEnabled(userRef), !getAccountHasExpired(userRef), !getCredentialsHaveExpired(userRef), !getAccountlocked(userRef), gas);
return ud;
}
public NodeRef getUserOrNull(String searchUserName)
{
if(searchUserName == null)
if (searchUserName == null)
{
return null;
}
if(searchUserName.length() == 0)
if (searchUserName.length() == 0)
{
return null;
}
@@ -189,75 +190,37 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
final NodeRef nodeRef = row.getNodeRef();
if (nodeService.exists(nodeRef))
{
String realUserName = DefaultTypeConverter.INSTANCE.convert(String.class, nodeService.getProperty(
nodeRef, ContentModel.PROP_USER_USERNAME));
String realUserName = DefaultTypeConverter.INSTANCE.convert(String.class, nodeService.getProperty(nodeRef, ContentModel.PROP_USER_USERNAME));
if (userNamesAreCaseSensitive)
if(userNameMatcher.matches(realUserName, searchUserName))
{
if (realUserName.equals(searchUserName))
if (returnRef == null)
{
if(returnRef == null)
returnRef = nodeRef;
}
else
{
try
{
returnRef = nodeRef;
this.retryingTransactionHelper.doInTransaction(new RetryingTransactionHelper.RetryingTransactionCallback<Object>()
{
public Object execute() throws Throwable
{
// Delete the extra user node references
RepositoryAuthenticationDao.this.nodeService.deleteNode(nodeRef);
return null;
}
}, false, true);
}
else
catch (InvalidNodeRefException exception)
{
try
{
this.retryingTransactionHelper.doInTransaction(
new RetryingTransactionHelper.RetryingTransactionCallback<Object>()
{
public Object execute()
throws Throwable
{
// Delete the extra user node references
RepositoryAuthenticationDao.this.nodeService.deleteNode(nodeRef);
return null;
}
}, false, true);
}
catch (InvalidNodeRefException exception)
{
// Ignore this exception as the node has already been deleted
}
}
}
}
else
{
if (realUserName.equalsIgnoreCase(searchUserName))
{
if(returnRef == null)
{
returnRef = nodeRef;
}
else
{
try
{
this.retryingTransactionHelper.doInTransaction(
new RetryingTransactionHelper.RetryingTransactionCallback<Object>()
{
public Object execute()
throws Throwable
{
// Delete the extra user node references
RepositoryAuthenticationDao.this.nodeService.deleteNode(nodeRef);
return null;
}
}, false, true);
}
catch (InvalidNodeRefException exception)
{
// Ignore this exception as the node has already been deleted
}
// Ignore this exception as the node has already been deleted
}
}
}
}
}
@@ -291,8 +254,7 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
properties.put(ContentModel.PROP_CREDENTIALS_EXPIRE, Boolean.valueOf(false));
properties.put(ContentModel.PROP_ENABLED, Boolean.valueOf(true));
properties.put(ContentModel.PROP_ACCOUNT_LOCKED, Boolean.valueOf(false));
nodeService.createNode(typesNode, ContentModel.ASSOC_CHILDREN, ContentModel.TYPE_USER, ContentModel.TYPE_USER,
properties);
nodeService.createNode(typesNode, ContentModel.ASSOC_CHILDREN, ContentModel.TYPE_USER, ContentModel.TYPE_USER, properties);
}
private NodeRef getUserFolderLocation(String caseSensitiveUserName)
@@ -304,8 +266,7 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
// AR-527
NodeRef rootNode = nodeService.getRootNode(userStoreRef);
List<ChildAssociationRef> results = nodeService.getChildAssocs(rootNode, RegexQNamePattern.MATCH_ALL,
qnameAssocSystem);
List<ChildAssociationRef> results = nodeService.getChildAssocs(rootNode, RegexQNamePattern.MATCH_ALL, qnameAssocSystem);
NodeRef sysNodeRef = null;
if (results.size() == 0)
{
@@ -404,11 +365,9 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
{
return null;
}
if (DefaultTypeConverter.INSTANCE.booleanValue(nodeService.getProperty(userNode,
ContentModel.PROP_ACCOUNT_EXPIRES)))
if (DefaultTypeConverter.INSTANCE.booleanValue(nodeService.getProperty(userNode, ContentModel.PROP_ACCOUNT_EXPIRES)))
{
return DefaultTypeConverter.INSTANCE.convert(Date.class, nodeService.getProperty(userNode,
ContentModel.PROP_ACCOUNT_EXPIRY_DATE));
return DefaultTypeConverter.INSTANCE.convert(Date.class, nodeService.getProperty(userNode, ContentModel.PROP_ACCOUNT_EXPIRY_DATE));
}
else
{
@@ -427,11 +386,9 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
{
return false;
}
if (DefaultTypeConverter.INSTANCE.booleanValue(nodeService.getProperty(userNode,
ContentModel.PROP_ACCOUNT_EXPIRES)))
if (DefaultTypeConverter.INSTANCE.booleanValue(nodeService.getProperty(userNode, ContentModel.PROP_ACCOUNT_EXPIRES)))
{
Date date = DefaultTypeConverter.INSTANCE.convert(Date.class, nodeService.getProperty(userNode,
ContentModel.PROP_ACCOUNT_EXPIRY_DATE));
Date date = DefaultTypeConverter.INSTANCE.convert(Date.class, nodeService.getProperty(userNode, ContentModel.PROP_ACCOUNT_EXPIRY_DATE));
if (date == null)
{
return false;
@@ -498,11 +455,9 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
{
return null;
}
if (DefaultTypeConverter.INSTANCE.booleanValue(nodeService.getProperty(userNode,
ContentModel.PROP_CREDENTIALS_EXPIRE)))
if (DefaultTypeConverter.INSTANCE.booleanValue(nodeService.getProperty(userNode, ContentModel.PROP_CREDENTIALS_EXPIRE)))
{
return DefaultTypeConverter.INSTANCE.convert(Date.class, nodeService.getProperty(userNode,
ContentModel.PROP_CREDENTIALS_EXPIRY_DATE));
return DefaultTypeConverter.INSTANCE.convert(Date.class, nodeService.getProperty(userNode, ContentModel.PROP_CREDENTIALS_EXPIRY_DATE));
}
else
{
@@ -521,11 +476,9 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
{
return false;
}
if (DefaultTypeConverter.INSTANCE.booleanValue(nodeService.getProperty(userNode,
ContentModel.PROP_CREDENTIALS_EXPIRE)))
if (DefaultTypeConverter.INSTANCE.booleanValue(nodeService.getProperty(userNode, ContentModel.PROP_CREDENTIALS_EXPIRE)))
{
Date date = DefaultTypeConverter.INSTANCE.convert(Date.class, nodeService.getProperty(userNode,
ContentModel.PROP_CREDENTIALS_EXPIRY_DATE));
Date date = DefaultTypeConverter.INSTANCE.convert(Date.class, nodeService.getProperty(userNode, ContentModel.PROP_CREDENTIALS_EXPIRY_DATE));
if (date == null)
{
return false;
@@ -634,8 +587,7 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
}
else
{
String password = DefaultTypeConverter.INSTANCE.convert(String.class, nodeService.getProperty(userNode,
ContentModel.PROP_PASSWORD));
String password = DefaultTypeConverter.INSTANCE.convert(String.class, nodeService.getProperty(userNode, ContentModel.PROP_PASSWORD));
return password;
}
}