From fd46bb7addbf8341bbf7bf9a2a51dabe414f454d Mon Sep 17 00:00:00 2001 From: Jan Vonka Date: Thu, 31 Jan 2008 10:58:47 +0000 Subject: [PATCH] =?UTF-8?q?MT=20-=20tenant=20bootstrap=20nows=20runs=20in?= =?UTF-8?q?=20'System'=20ctx=20(rather=20than=20tenant=20'admin'=20ctx)?= =?UTF-8?q?=C2=A0+=20minor=20cleanup.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@8137 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261 --- .../alfresco/repo/audit/AuditableAspect.java | 6 +- .../TenantRoutingFileContentStore.java | 2 +- .../repo/dictionary/DictionaryDAOImpl.java | 14 +- .../repo/dictionary/DictionaryModelType.java | 43 ++-- .../repo/i18n/MessageServiceImpl.java | 14 +- .../repo/tenant/MultiTAdminServiceImpl.java | 197 +++++++++--------- .../repo/tenant/MultiTServiceImpl.java | 11 +- .../tenant/SingleTDeployerServiceImpl.java | 3 +- 8 files changed, 132 insertions(+), 158 deletions(-) diff --git a/source/java/org/alfresco/repo/audit/AuditableAspect.java b/source/java/org/alfresco/repo/audit/AuditableAspect.java index 7ec284f6ed..6f1e662889 100644 --- a/source/java/org/alfresco/repo/audit/AuditableAspect.java +++ b/source/java/org/alfresco/repo/audit/AuditableAspect.java @@ -222,7 +222,11 @@ public class AuditableAspect String currentUserName = authenticationService.getCurrentUserName(); if (currentUserName != null) { - return currentUserName; + if (tenantService.isEnabled() && authenticationService.isCurrentUserTheSystemUser()) + { + return tenantService.getBaseNameUser(currentUserName); + } + return currentUserName; } return USERNAME_UNKNOWN; } diff --git a/source/java/org/alfresco/repo/content/TenantRoutingFileContentStore.java b/source/java/org/alfresco/repo/content/TenantRoutingFileContentStore.java index 8622731268..ab8d386f44 100755 --- a/source/java/org/alfresco/repo/content/TenantRoutingFileContentStore.java +++ b/source/java/org/alfresco/repo/content/TenantRoutingFileContentStore.java @@ -101,7 +101,7 @@ public class TenantRoutingFileContentStore extends AbstractRoutingContentStore i public void init() { - String tenantDomain = ""; + String tenantDomain = TenantService.DEFAULT_DOMAIN; String rootDir = defaultRootDirectory; Tenant tenant = tenantService.getTenant(tenantService.getCurrentUserDomain()); diff --git a/source/java/org/alfresco/repo/dictionary/DictionaryDAOImpl.java b/source/java/org/alfresco/repo/dictionary/DictionaryDAOImpl.java index 76eb8e3e87..87ac8dc222 100644 --- a/source/java/org/alfresco/repo/dictionary/DictionaryDAOImpl.java +++ b/source/java/org/alfresco/repo/dictionary/DictionaryDAOImpl.java @@ -188,17 +188,7 @@ public class DictionaryDAOImpl implements DictionaryDAO { logger.debug("Resetting dictionary ..."); } - - String userName; - if (tenantDomain == "") - { - userName = AuthenticationUtil.getSystemUserName(); - } - else - { - userName = tenantService.getDomainUser(TenantService.ADMIN_BASENAME, tenantDomain); - } - + AuthenticationUtil.runAs(new RunAsWork() { public Object doWork() @@ -208,7 +198,7 @@ public class DictionaryDAOImpl implements DictionaryDAO return null; } - }, userName); + }, tenantService.getDomainUser(AuthenticationUtil.getSystemUserName(), tenantDomain)); if (logger.isDebugEnabled()) { diff --git a/source/java/org/alfresco/repo/dictionary/DictionaryModelType.java b/source/java/org/alfresco/repo/dictionary/DictionaryModelType.java index e8078a7018..ac438be7c1 100644 --- a/source/java/org/alfresco/repo/dictionary/DictionaryModelType.java +++ b/source/java/org/alfresco/repo/dictionary/DictionaryModelType.java @@ -584,36 +584,31 @@ public class DictionaryModelType implements ContentServicePolicies.OnContentUpda if (tenantService.isEnabled() && tenantService.isTenantUser() == false) { // shared model - need to check all tenants (whether enabled or disabled) unless they have overridden - List tenants = tenantDeployerService.getAllTenants(); - - if (tenants != null) + List tenants = tenantDeployerService.getAllTenants(); + for (Tenant tenant : tenants) { - for (Tenant tenant : tenants) + // validate model delete within context of tenant domain + AuthenticationUtil.runAs(new RunAsWork() { - // switch to admin in order to validate model delete within context of tenant domain - // assumes each tenant has default "admin" user - AuthenticationUtil.runAs(new RunAsWork() + public Object doWork() { - public Object doWork() + if (dictionaryDAO.isModelInherited(modelName)) { - if (dictionaryDAO.isModelInherited(modelName)) - { - validateModelDelete(modelName, true); - } - return null; - } - }, tenantService.getDomainUser(TenantService.ADMIN_BASENAME, tenant.getTenantDomain())); - } + validateModelDelete(modelName, true); + } + return null; + } + }, tenantService.getDomainUser(AuthenticationUtil.getSystemUserName(), tenant.getTenantDomain())); } } } private void validateModelDelete(QName modelName, boolean sharedModel) { - String tenantDomainCtx = ""; + String tenantDomain = TenantService.DEFAULT_DOMAIN; if (sharedModel) { - tenantDomainCtx = " for tenant [" + tenantService.getCurrentUserDomain() + "]"; + tenantDomain = " for tenant [" + tenantService.getCurrentUserDomain() + "]"; } // check workflow namespace usage @@ -625,7 +620,7 @@ public class DictionaryModelType implements ContentServicePolicies.OnContentUpda { if (workflowNamespaceURI.equals(namespace.getUri())) { - throw new AlfrescoRuntimeException("Failed to validate model delete" + tenantDomainCtx + " - found workflow process definition " + workflowDefName + " using model namespace '" + namespace.getUri() + "'"); + throw new AlfrescoRuntimeException("Failed to validate model delete" + tenantDomain + " - found workflow process definition " + workflowDefName + " using model namespace '" + namespace.getUri() + "'"); } } } @@ -633,17 +628,17 @@ public class DictionaryModelType implements ContentServicePolicies.OnContentUpda // check for type usages for (TypeDefinition type : dictionaryDAO.getTypes(modelName)) { - validateClass(tenantDomainCtx, type); + validateClass(tenantDomain, type); } // check for aspect usages for (AspectDefinition aspect : dictionaryDAO.getAspects(modelName)) { - validateClass(tenantDomainCtx, aspect); + validateClass(tenantDomain, aspect); } } - private void validateClass(String tenantDomainCtx, ClassDefinition classDef) + private void validateClass(String tenantDomain, ClassDefinition classDef) { QName className = classDef.getName(); @@ -661,7 +656,7 @@ public class DictionaryModelType implements ContentServicePolicies.OnContentUpda ResultSet rs = searchService.query(store, SearchService.LANGUAGE_LUCENE, classType+":\""+className+"\""); if (rs.length() > 0) { - throw new AlfrescoRuntimeException("Failed to validate model delete" + tenantDomainCtx + " - found " + rs.length() + " nodes in store " + store + " with " + classType + " '" + className + "'" ); + throw new AlfrescoRuntimeException("Failed to validate model delete" + tenantDomain + " - found " + rs.length() + " nodes in store " + store + " with " + classType + " '" + className + "'" ); } } @@ -673,7 +668,7 @@ public class DictionaryModelType implements ContentServicePolicies.OnContentUpda TypeDefinition workflowTypeDef = workflowTaskDef.metadata; if (workflowTypeDef.getName().toString().equals(className)) { - throw new AlfrescoRuntimeException("Failed to validate model delete" + tenantDomainCtx + " - found task definition in workflow " + workflowDef.getName() + " with " + classType + " '" + className + "'"); + throw new AlfrescoRuntimeException("Failed to validate model delete" + tenantDomain + " - found task definition in workflow " + workflowDef.getName() + " with " + classType + " '" + className + "'"); } } } diff --git a/source/java/org/alfresco/repo/i18n/MessageServiceImpl.java b/source/java/org/alfresco/repo/i18n/MessageServiceImpl.java index 913d1777a8..9924b30654 100644 --- a/source/java/org/alfresco/repo/i18n/MessageServiceImpl.java +++ b/source/java/org/alfresco/repo/i18n/MessageServiceImpl.java @@ -815,17 +815,7 @@ public class MessageServiceImpl implements MessageService { logger.debug("Resetting messages ..."); } - - String userName; - if (tenantDomain == "") - { - userName = AuthenticationUtil.getSystemUserName(); - } - else - { - userName = tenantService.getDomainUser(TenantService.ADMIN_BASENAME, tenantDomain); - } - + AuthenticationUtil.runAs(new RunAsWork() { public Object doWork() @@ -840,7 +830,7 @@ public class MessageServiceImpl implements MessageService return null; } - }, userName); + }, tenantService.getDomainUser(AuthenticationUtil.getSystemUserName(), tenantDomain)); if (logger.isDebugEnabled()) { diff --git a/source/java/org/alfresco/repo/tenant/MultiTAdminServiceImpl.java b/source/java/org/alfresco/repo/tenant/MultiTAdminServiceImpl.java index 2f90b34d05..71ac99903a 100755 --- a/source/java/org/alfresco/repo/tenant/MultiTAdminServiceImpl.java +++ b/source/java/org/alfresco/repo/tenant/MultiTAdminServiceImpl.java @@ -224,26 +224,23 @@ public class MultiTAdminServiceImpl extends AbstractLifecycleBean implements Ten int enabledCount = 0; int disabledCount = 0; - if (tenants != null) - { - for (Tenant tenant : tenants) - { - if (tenant.isEnabled()) - { - // this will also call tenant deployers registered so far ... - enableTenant(tenant.getTenantDomain(), true); - enabledCount++; - } - else - { - // explicitly disable, without calling disableTenant callback - disableTenant(tenant.getTenantDomain(), false); - disabledCount++; - } - } - - tenantService.register(this); // callback to refresh tenantStatus cache - } + for (Tenant tenant : tenants) + { + if (tenant.isEnabled()) + { + // this will also call tenant deployers registered so far ... + enableTenant(tenant.getTenantDomain(), true); + enabledCount++; + } + else + { + // explicitly disable, without calling disableTenant callback + disableTenant(tenant.getTenantDomain(), false); + disabledCount++; + } + } + + tenantService.register(this); // callback to refresh tenantStatus cache userTransaction.commit(); @@ -336,7 +333,7 @@ public class MultiTAdminServiceImpl extends AbstractLifecycleBean implements Ten return null; } - }, getTenantAdminUser(tenantDomain)); + }, getSystemUser(tenantDomain)); } logger.info("Tenant created: " + tenantDomain); @@ -354,7 +351,7 @@ public class MultiTAdminServiceImpl extends AbstractLifecycleBean implements Ten repositoryExporterService.export(directoryDestination, tenantDomain); return null; } - }, getTenantAdminUser(tenantDomain)); + }, getSystemUser(tenantDomain)); logger.info("Tenant exported: " + tenantDomain); } @@ -409,7 +406,7 @@ public class MultiTAdminServiceImpl extends AbstractLifecycleBean implements Ten return null; } - }, getTenantAdminUser(tenantDomain)); + }, getSystemUser(tenantDomain)); } logger.info("Tenant imported: " + tenantDomain); @@ -489,7 +486,7 @@ public class MultiTAdminServiceImpl extends AbstractLifecycleBean implements Ten } return null; } - }, getTenantAdminUser(tenantDomain)); + }, getSystemUser(tenantDomain)); } logger.info("Tenant enabled: " + tenantDomain); @@ -520,7 +517,7 @@ public class MultiTAdminServiceImpl extends AbstractLifecycleBean implements Ten } return null; } - }, getTenantAdminUser(tenantDomain)); + }, getSystemUser(tenantDomain)); } // update tenant attributes / tenant cache - need to disable after notifying listeners (else they cannot disable) @@ -580,7 +577,7 @@ public class MultiTAdminServiceImpl extends AbstractLifecycleBean implements Ten workflowDeployer.init(); return null; } - }, getTenantAdminUser(tenantDomain)); + }, getSystemUser(tenantDomain)); logger.info("Tenant workflows bootstrapped: " + tenantDomain); } @@ -598,8 +595,6 @@ public class MultiTAdminServiceImpl extends AbstractLifecycleBean implements Ten { try { - final String tenantAdminUser = getTenantAdminUser(tenantDomain); - AuthenticationUtil.runAs(new RunAsWork() { public Object doWork() @@ -633,8 +628,9 @@ public class MultiTAdminServiceImpl extends AbstractLifecycleBean implements Ten return null; } - }, tenantAdminUser); + }, getSystemUser(tenantDomain)); + final String tenantAdminUser = getTenantAdminUser(tenantDomain); // delete tenant-specific stores nodeService.deleteStore(tenantService.getName(tenantAdminUser, new StoreRef(PROTOCOL_STORE_WORKSPACE, STORE_BASE_ID_SPACES))); @@ -655,7 +651,7 @@ public class MultiTAdminServiceImpl extends AbstractLifecycleBean implements Ten } return null; } - }, tenantAdminUser); + }, getSystemUser(tenantDomain)); // remove tenant attributeService.removeAttribute(TENANTS_ATTRIBUTE_PATH, tenantDomain); @@ -911,46 +907,43 @@ public class MultiTAdminServiceImpl extends AbstractLifecycleBean implements Ten String currentUser = AuthenticationUtil.getCurrentUserName(); - if (tenants != null) + try { - try - { - for (Tenant tenant : tenants) - { - if (tenant.isEnabled()) - { - try - { - // switch to admin in order to deploy within context of tenant domain - // assumes each tenant has default "admin" user - AuthenticationUtil.runAs(new RunAsWork() - { - public Object doWork() - { - // init the service within tenant context - deployer.init(); - return null; - } - }, getTenantAdminUser(tenant.getTenantDomain())); - - } - catch (Throwable e) + for (Tenant tenant : tenants) + { + if (tenant.isEnabled()) + { + try + { + // switch to admin in order to deploy within context of tenant domain + // assumes each tenant has default "admin" user + AuthenticationUtil.runAs(new RunAsWork() { - logger.error("Deployment failed" + e); - - StringWriter stringWriter = new StringWriter(); - e.printStackTrace(new PrintWriter(stringWriter)); - logger.error(stringWriter.toString()); - - // tenant deploy failure should not necessarily affect other tenants - } + public Object doWork() + { + // init the service within tenant context + deployer.init(); + return null; + } + }, getSystemUser(tenant.getTenantDomain())); + + } + catch (Throwable e) + { + logger.error("Deployment failed" + e); + + StringWriter stringWriter = new StringWriter(); + e.printStackTrace(new PrintWriter(stringWriter)); + logger.error(stringWriter.toString()); + + // tenant deploy failure should not necessarily affect other tenants } } } - finally - { - if (currentUser != null) { AuthenticationUtil.setCurrentUser(currentUser); } - } + } + finally + { + if (currentUser != null) { AuthenticationUtil.setCurrentUser(currentUser); } } } } @@ -988,46 +981,43 @@ public class MultiTAdminServiceImpl extends AbstractLifecycleBean implements Ten String currentUser = AuthenticationUtil.getCurrentUserName(); - if (tenants != null) + try { - try - { - for (Tenant tenant : tenants) - { - if (tenant.isEnabled()) + for (Tenant tenant : tenants) + { + if (tenant.isEnabled()) + { + try { - try + // switch to admin in order to deploy within context of tenant domain + // assumes each tenant has default "admin" user + AuthenticationUtil.runAs(new RunAsWork() { - // switch to admin in order to deploy within context of tenant domain - // assumes each tenant has default "admin" user - AuthenticationUtil.runAs(new RunAsWork() - { - public Object doWork() - { - // destroy the service within tenant context - deployer.destroy(); - return null; - } - }, getTenantAdminUser(tenant.getTenantDomain())); + public Object doWork() + { + // destroy the service within tenant context + deployer.destroy(); + return null; + } + }, getSystemUser(tenant.getTenantDomain())); + + } + catch (Throwable e) + { + logger.error("Undeployment failed" + e); - } - catch (Throwable e) - { - logger.error("Undeployment failed" + e); - - StringWriter stringWriter = new StringWriter(); - e.printStackTrace(new PrintWriter(stringWriter)); - logger.error(stringWriter.toString()); - - // tenant undeploy failure should not necessarily affect other tenants - } + StringWriter stringWriter = new StringWriter(); + e.printStackTrace(new PrintWriter(stringWriter)); + logger.error(stringWriter.toString()); + + // tenant undeploy failure should not necessarily affect other tenants } } } - finally - { - if (currentUser != null) { AuthenticationUtil.setCurrentUser(currentUser); } - } + } + finally + { + if (currentUser != null) { AuthenticationUtil.setCurrentUser(currentUser); } } } } @@ -1114,13 +1104,18 @@ public class MultiTAdminServiceImpl extends AbstractLifecycleBean implements Ten } } - // local helper + // local helpers + + private String getSystemUser(String tenantDomain) + { + return tenantService.getDomainUser(AuthenticationUtil.getSystemUserName(), tenantDomain); + } + private String getTenantAdminUser(String tenantDomain) { return tenantService.getDomainUser(ADMIN_BASENAME, tenantDomain); } - - // local helper + private String getTenantGuestUser(String tenantDomain) { return tenantService.getDomainUser(authenticationComponent.getGuestUserName(), tenantDomain); diff --git a/source/java/org/alfresco/repo/tenant/MultiTServiceImpl.java b/source/java/org/alfresco/repo/tenant/MultiTServiceImpl.java index 6af72d993e..2c5652b292 100755 --- a/source/java/org/alfresco/repo/tenant/MultiTServiceImpl.java +++ b/source/java/org/alfresco/repo/tenant/MultiTServiceImpl.java @@ -485,9 +485,12 @@ public class MultiTServiceImpl implements TenantService { // Check that all the passed values are not null ParameterCheck.mandatory("baseUsername", baseUsername); - ParameterCheck.mandatory("tenantDomain", tenantDomain); - if (! tenantDomain.equals(DEFAULT_DOMAIN)) + if ((tenantDomain == null) || (tenantDomain.equals(DEFAULT_DOMAIN))) + { + return baseUsername; + } + else { if (baseUsername.contains(SEPARATOR)) { @@ -501,10 +504,6 @@ public class MultiTServiceImpl implements TenantService return baseUsername + SEPARATOR + tenantDomain; } - else - { - return baseUsername; - } } protected void checkTenantEnabled(String tenantDomain) diff --git a/source/java/org/alfresco/repo/tenant/SingleTDeployerServiceImpl.java b/source/java/org/alfresco/repo/tenant/SingleTDeployerServiceImpl.java index 0f59cfed49..6c910a6a9a 100644 --- a/source/java/org/alfresco/repo/tenant/SingleTDeployerServiceImpl.java +++ b/source/java/org/alfresco/repo/tenant/SingleTDeployerServiceImpl.java @@ -24,6 +24,7 @@ */ package org.alfresco.repo.tenant; +import java.util.ArrayList; import java.util.List; import org.apache.commons.logging.Log; @@ -56,6 +57,6 @@ public class SingleTDeployerServiceImpl implements TenantDeployerService public List getAllTenants() { - return null; + return new ArrayList(0); // empty list } } \ No newline at end of file