DM Usages/Quotas fixes - protect system/admin-maintained properties, make store(s) configurable

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@7500 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-07-24 17:32:48 +00:00 · 2007-12-03 11:34:20 +00:00
parent 9a2a27ebc0
commit ffb980ec5f
7 changed files with 266 additions and 102 deletions
--- a/config/alfresco/application-context.xml
+++ b/config/alfresco/application-context.xml
@@ -25,6 +25,7 @@
    <import resource="classpath:alfresco/index-recovery-context.xml" />
    <import resource="classpath:alfresco/authority-services-context.xml" />
    <import resource="classpath:alfresco/authentication-services-context.xml" />
    <import resource="classpath:alfresco/usage-services-context.xml" />
    <import resource="classpath:alfresco/policy-context.xml" />
    <import resource="classpath:alfresco/import-export-context.xml" />
    <import resource="classpath:alfresco/bootstrap-context.xml" />
--- a/config/alfresco/model/contentModel.xml
+++ b/config/alfresco/model/contentModel.xml
@@ -201,9 +201,11 @@
            <!-- system maintained values -->
            <property name="cm:sizeCurrent">
                <type>d:long</type>
                <protected>true</protected>
            </property>
            <property name="cm:sizeQuota">
                <type>d:long</type>
                <protected>true</protected>
            </property>
         </properties>
--- a/config/alfresco/node-services-context.xml
+++ b/config/alfresco/node-services-context.xml
@@ -197,26 +197,4 @@
      </property>
   </bean>
   <bean id="usageService" class="org.alfresco.repo.usage.UsageServiceImpl">
      <property name="usageDeltaDao">
         <ref bean="usageDeltaDao"/>
      </property>
      <property name="nodeDaoService">
         <ref bean="nodeDaoService" />
      </property>
      <property name="tenantService">
         <ref bean="tenantService"/>
      </property>    
   </bean>
   <bean id="contentUsageImpl" class="org.alfresco.repo.usage.ContentUsageImpl" init-method="init">
      <property name="personService" ref="personService"/>
      <property name="nodeService" ref="nodeService"/>
      <property name="policyComponent" ref="policyComponent"/>
      <property name="usageService" ref="usageService"/>
      <property name="enabled">
            <value>${system.usages.enabled}</value>
      </property>
   </bean>
 </beans>
--- a/config/alfresco/usage-services-context.xml
+++ b/config/alfresco/usage-services-context.xml
@@ -0,0 +1,41 @@
 <?xml version='1.0' encoding='UTF-8'?>
 <!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>
 <!-- Beans pertinent to content usage / quota service -->
 <beans>
   <bean id="usageService" class="org.alfresco.repo.usage.UsageServiceImpl">
      <property name="usageDeltaDao">
         <ref bean="usageDeltaDao"/>
      </property>
      <property name="nodeDaoService">
         <ref bean="nodeDaoService" />
      </property>
      <property name="tenantService">
         <ref bean="tenantService"/>
      </property>    
   </bean>
   <bean id="contentUsageImpl" class="org.alfresco.repo.usage.ContentUsageImpl" init-method="init">
      <property name="personService" ref="personService"/>
      <property name="nodeService" ref="nodeService"/>
      <property name="policyComponent" ref="policyComponent"/>
      <property name="usageService" ref="usageService"/>
      <property name="enabled">
         <value>${system.usages.enabled}</value>
      </property>
      <property name="stores">
         <list>
            <value>workspace://SpacesStore</value>
         </list>
      </property>
   </bean>
   <bean id="usageQuotaProtector" class="org.alfresco.repo.usage.UsageQuotaProtector" init-method="init">
      <property name="authorityService" ref="authorityService"/>
      <property name="authenticationService" ref="authenticationService"/>
      <property name="policyComponent" ref="policyComponent"/>
      <property name="contentUsageService" ref="ContentUsageService"/>
   </bean>
 </beans>
--- a/source/java/org/alfresco/repo/usage/ContentUsageImpl.java
+++ b/source/java/org/alfresco/repo/usage/ContentUsageImpl.java
@@ -25,6 +25,7 @@
 package org.alfresco.repo.usage;
 import java.io.Serializable;
 import java.util.List;
 import java.util.Map;
 import org.alfresco.model.ContentModel;
@@ -35,7 +36,6 @@ import org.alfresco.service.cmr.repository.ChildAssociationRef;
 import org.alfresco.service.cmr.repository.ContentData;
 import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.cmr.repository.NodeService;
 import org.alfresco.service.cmr.repository.StoreRef;
 import org.alfresco.service.cmr.security.PersonService;
 import org.alfresco.service.cmr.usage.ContentQuotaException;
 import org.alfresco.service.cmr.usage.ContentUsageService;
@@ -64,8 +64,7 @@ public class ContentUsageImpl implements ContentUsageService,
    private boolean enabled = true;
-    public static final StoreRef SPACES_STOREREF = new StoreRef(StoreRef.PROTOCOL_WORKSPACE, "SpacesStore");
+    private List<String> stores;
    public void setNodeService(NodeService nodeService)
    {
@@ -92,6 +91,15 @@ public class ContentUsageImpl implements ContentUsageService,
        this.enabled = enabled;
    }
    public void setStores(List<String> stores)
    {
        this.stores = stores;
    }
    public List<String> getStores()
    {
        return this.stores;
    }
    /**
     * The initialise method     
@@ -129,7 +137,7 @@ public class ContentUsageImpl implements ContentUsageService,
    public void onCreateNode(ChildAssociationRef childAssocRef)
    {
        NodeRef nodeRef = childAssocRef.getChildRef();
-        if (nodeRef.getStoreRef().equals(SPACES_STOREREF))
+        if (stores.contains(nodeRef.getStoreRef().toString()))
        {
            // Get content size
@@ -165,7 +173,7 @@ public class ContentUsageImpl implements ContentUsageService,
            Map<QName, Serializable> before,
            Map<QName, Serializable> after)
    {
-        if (nodeRef.getStoreRef().equals(SPACES_STOREREF))
+        if (stores.contains(nodeRef.getStoreRef().toString()))
        {
            // Check for change in content size
@@ -258,7 +266,7 @@ public class ContentUsageImpl implements ContentUsageService,
     */
    public void beforeDeleteNode(NodeRef nodeRef)
    {   
-        if (nodeRef.getStoreRef().equals(SPACES_STOREREF))
+        if (stores.contains(nodeRef.getStoreRef().toString()))
        {
            // TODO use data dictionary to get content property
            ContentData contentData = (ContentData)nodeService.getProperty(nodeRef, ContentModel.PROP_CONTENT);
--- a/source/java/org/alfresco/repo/usage/UsageQuotaProtector.java
+++ b/source/java/org/alfresco/repo/usage/UsageQuotaProtector.java
@@ -0,0 +1,118 @@
 /*
 * Copyright (C) 2005-2007 Alfresco Software Limited.
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 * As a special exception to the terms and conditions of version 2.0 of 
 * the GPL, you may redistribute this Program in connection with Free/Libre 
 * and Open Source Software ("FLOSS") applications as described in Alfresco's 
 * FLOSS exception.  You should have recieved a copy of the text describing 
 * the FLOSS exception, and it is also available here: 
 * http://www.alfresco.com/legal/licensing"
 */
 package org.alfresco.repo.usage;
 import java.io.Serializable;
 import java.util.Map;
 import org.alfresco.error.AlfrescoRuntimeException;
 import org.alfresco.model.ContentModel;
 import org.alfresco.repo.node.NodeServicePolicies;
 import org.alfresco.repo.policy.JavaBehaviour;
 import org.alfresco.repo.policy.PolicyComponent;
 import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.cmr.security.AuthenticationService;
 import org.alfresco.service.cmr.security.AuthorityService;
 import org.alfresco.service.cmr.usage.ContentUsageService;
 import org.alfresco.service.namespace.NamespaceService;
 import org.alfresco.service.namespace.QName;
 /**
 * Implements policies/behaviour for protecting system/admin-maintained person properties
 *
 */
 public class UsageQuotaProtector implements NodeServicePolicies.OnUpdatePropertiesPolicy
 {
    private AuthorityService authorityService;
    private AuthenticationService authenticationService;
    private PolicyComponent policyComponent;
    private ContentUsageService contentUsageService;
    public void setAuthorityService(AuthorityService authorityService)
    {
        this.authorityService = authorityService;
    }
    public void setAuthenticationService(AuthenticationService authenticationService)
    {
        this.authenticationService = authenticationService;
    }
    public void setContentUsageService(ContentUsageService contentUsageService)
    {
        this.contentUsageService = contentUsageService;
    }
    public void setPolicyComponent(PolicyComponent policyComponent)
    {
        this.policyComponent = policyComponent;
    }
    /**
     * The initialise method     
     */
    public void init()
    {    
        if (contentUsageService.getEnabled())
        {
            // Register interest in the onUpdateProperties policy
            policyComponent.bindClassBehaviour(
                    QName.createQName(NamespaceService.ALFRESCO_URI, "onUpdateProperties"), 
                    ContentModel.TYPE_PERSON, 
                    new JavaBehaviour(this, "onUpdateProperties"));
        }
    }    
    /**
     * Called after a node's properties have been changed.
     * 
     * @param nodeRef reference to the updated node
     * @param before the node's properties before the change
     * @param after the node's properties after the change 
     */
    public void onUpdateProperties(
            NodeRef nodeRef,
            Map<QName, Serializable> before,
            Map<QName, Serializable> after)
    {    
        Long sizeCurrentBefore = (Long)before.get(ContentModel.PROP_SIZE_CURRENT);
        Long sizeCurrentAfter = (Long)after.get(ContentModel.PROP_SIZE_CURRENT); 
        Long sizeQuotaBefore = (Long)before.get(ContentModel.PROP_SIZE_QUOTA);
        Long sizeQuotaAfter = (Long)after.get(ContentModel.PROP_SIZE_QUOTA); 
        // Check for change in sizeCurrent
        if ((sizeCurrentBefore != sizeCurrentAfter) && (! (authorityService.hasAdminAuthority() || authenticationService.isCurrentUserTheSystemUser())))
        {
            throw new AlfrescoRuntimeException("Update failed: protected property 'sizeCurrent'");
        }
        // Check for change in sizeQuota
        if ((sizeQuotaBefore != sizeQuotaAfter) && (! authorityService.hasAdminAuthority()))
        {
            throw new AlfrescoRuntimeException("Update failed: protected property 'sizeQuota'");
        }
    }
 }
--- a/source/java/org/alfresco/repo/usage/UserUsageTrackingComponent.java
+++ b/source/java/org/alfresco/repo/usage/UserUsageTrackingComponent.java
@@ -26,11 +26,13 @@ package org.alfresco.repo.usage;
 import java.util.Collection;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Set;
 import org.alfresco.model.ContentModel;
 import org.alfresco.repo.domain.Node;
 import org.alfresco.repo.node.db.NodeDaoService;
 import org.alfresco.repo.security.authentication.AuthenticationUtil;
 import org.alfresco.repo.transaction.RetryingTransactionHelper;
 import org.alfresco.repo.transaction.TransactionServiceImpl;
 import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback;
@@ -201,10 +203,14 @@ public class UserUsageTrackingComponent
                else
                {
                    // Collapse usage deltas (if a person has initial usage set)
-                    RetryingTransactionHelper txnHelper = transactionService.getRetryingTransactionHelper();
+                    final RetryingTransactionHelper txnHelper = transactionService.getRetryingTransactionHelper();
-                    // wrap to make the request in a transaction
+                    // wrap to make the request in a transaction and run as System user
-                    RetryingTransactionCallback<Object> collapseUsages = new RetryingTransactionCallback<Object>()
+                    AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
                    {
                        public Object doWork() throws Exception
                        {
                            return txnHelper.doInTransaction(new RetryingTransactionCallback<Object>()
                            {
                                public Object execute() throws Throwable
                                {
@@ -244,9 +250,9 @@ public class UserUsageTrackingComponent
                                    }  
                                    return null;
                                }
-                    };
+                            });
-                    
+                        }
-                    txnHelper.doInTransaction(collapseUsages, false);
+                    }, AuthenticationUtil.getSystemUserName());
                }
            }
        }
@@ -265,19 +271,23 @@ public class UserUsageTrackingComponent
     */
    public void recalculateUsage(final String userName)
    { 
-        final StoreRef storeRef = ContentUsageImpl.SPACES_STOREREF;
+        final RetryingTransactionHelper txnHelper = transactionService.getRetryingTransactionHelper();
        RetryingTransactionHelper txnHelper = transactionService.getRetryingTransactionHelper();
        // wrap to make the request in a transaction
        RetryingTransactionCallback<Long> calculatePersonCurrentUsage = new RetryingTransactionCallback<Long>()
        {
            public Long execute() throws Throwable
            {
                List<String> stores = contentUsageImpl.getStores();
                long totalUsage = 0;
                for (String store : stores)
                {
                    StoreRef storeRef = new StoreRef(store);
                    // get nodes for which user is owner
                    Collection<Node> ownerNodes = nodeDaoService.getNodesWithPropertyStringValueForStore(storeRef, ContentModel.PROP_OWNER, userName);
                long totalUsage = 0;
                    for (Node ownerNode : ownerNodes)
                    {
                        if (ownerNode.getTypeQName().equals(ContentModel.TYPE_CONTENT))
@@ -305,6 +315,7 @@ public class UserUsageTrackingComponent
                        long quotaSize = contentUsageImpl.getUserQuota(userName);
                        logger.debug("Recalc usage ("+ userName+") totalUsage="+totalUsage+", quota="+quotaSize);
                    }
                }
                return totalUsage;
            }
@@ -312,8 +323,12 @@ public class UserUsageTrackingComponent
        // execute in READ-ONLY txn
        final Long currentUsage = txnHelper.doInTransaction(calculatePersonCurrentUsage, true);
-        // wrap to make the request in a transaction
+        // wrap to make the request in a transaction and run as System user
-        RetryingTransactionCallback<Object> setUserCurrentUsage = new RetryingTransactionCallback<Object>()
+        AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
        {
            public Object doWork() throws Exception
            {
                return txnHelper.doInTransaction(new RetryingTransactionCallback<Object>()
                {
                    public Object execute() throws Throwable
                    {
@@ -322,7 +337,8 @@ public class UserUsageTrackingComponent
                        usageService.deleteDeltas(personNodeRef);
                        return null;
                    }
-        };
+                });
-        txnHelper.doInTransaction(setUserCurrentUsage, false);           
+            }
        }, AuthenticationUtil.getSystemUserName());
    }
 }