mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-07-07 18:25:23 +00:00
41641: Merged from THOR1_SPRINTS to HEAD_QUICK_SHARE_TMP 36472: Merged DEV/THOR1_QUICK_SHARE to DEV/THOR1_SPRINTS Improvements for THOR-1270 "F387: As the link receiver, I can view the Document Preview in the browser without having to login" - Added new component evaluator for bringing in different components based on page id - The title of the quickshare page now contains the document's name (to improve the social "Share with:" experience) - Added new icon for page not found screen 36601: Merge from THOR1_QUICK_SHARE to THOR1_SPRINTS 36599: Improvements for THOR-1270 "F387: As the link receiver, I can view the Document Preview in the browser without having to login" - Made the "Preparing previewer... text get rendered using javascript so Google+ won't include it in its description when sharing quickshare links 36735: THOR-1430: QuickShare link breaks after uploading a new version of a shared file 41656: Merged from CLOUD1 to HEAD_QUICK_SHARE_TMP 37200: Fix issue from "V4.0-BUG-FIX to CLOUD1 merge" r37178 - Removed trailing === of property "system.quickshare.enabled" 37226: Fix issue from "V4.0-BUG-FIX to CLOUD1 merge" r37178 part 3 - When "date-format.defaultFTL" was removed from common.properties freemarker code in node-header that depended upon it got an exception, code is now refactored to use client side date handling instead. 41659: Merged CLOUD1 to HEAD_QUICK_SHARE_TMP 39206 Fixed CLOUD-198 "WASA - XSS issue with quickshare" 41661: Merge from CLOUD1-BUG-FIX to HEAD_QUICK_SHARE_TMP 41680: Merged BRANCHES/DEV/V4.1-BUG-FIX to BRANCHES/DEV/HEAD_QUICK_SHARE_TMP: 41679: Minor: fix for non-MT (required for QuickShare Unshare when running non-MT) 41681: Fix pesky solrcore.properties 41715: QuickShare: fix test and add to suite git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@41738 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
181 lines
6.1 KiB
Java
181 lines
6.1 KiB
Java
/*
|
||
* Copyright (C) 2005-2012 Alfresco Software Limited.
|
||
*
|
||
* This file is part of Alfresco
|
||
*
|
||
* Alfresco is free software: you can redistribute it and/or modify
|
||
* it under the terms of the GNU Lesser General Public License as published by
|
||
* the Free Software Foundation, either version 3 of the License, or
|
||
* (at your option) any later version.
|
||
*
|
||
* Alfresco is distributed in the hope that it will be useful,
|
||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||
* GNU Lesser General Public License for more details.
|
||
*
|
||
* You should have received a copy of the GNU Lesser General Public License
|
||
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
||
*/
|
||
package org.alfresco.repo.tenant;
|
||
|
||
import org.alfresco.repo.security.authentication.AuthenticationUtil;
|
||
|
||
/**
|
||
* Utility helper methods to change the tenant context for threads.
|
||
*
|
||
* @since Thor
|
||
*/
|
||
public class TenantUtil
|
||
{
|
||
public interface TenantRunAsWork<Result>
|
||
{
|
||
/**
|
||
* Method containing the work to be done
|
||
*
|
||
* @return Return the result of the operation
|
||
*/
|
||
Result doWork() throws Exception;
|
||
}
|
||
|
||
/**
|
||
* Execute a unit of work in a given tenant context. The thread's tenant context will be returned to its normal state
|
||
* after the call.
|
||
*
|
||
* @param runAsWork the unit of work to do
|
||
* @param uid the user ID
|
||
* @return Returns the work's return value
|
||
*/
|
||
public static <R> R runAsPrimaryTenant(final TenantRunAsWork<R> runAsWork, String user)
|
||
{
|
||
// TODO need to differentiate between
|
||
// - tenant user - with implied context (in MT Ent world)
|
||
// - system users as a tenant
|
||
// - super tenant only
|
||
// etc
|
||
|
||
// TODO for now, this is just a brute force change of tenant regardless of above
|
||
// scenarios
|
||
String runAsUser = AuthenticationUtil.getRunAsUser();
|
||
if (runAsUser == null || runAsUser.equals(user))
|
||
{
|
||
return runAsWork(runAsWork);
|
||
}
|
||
else
|
||
{
|
||
return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<R>()
|
||
{
|
||
public R doWork()
|
||
{
|
||
return runAsWork(runAsWork);
|
||
}
|
||
}, user);
|
||
}
|
||
}
|
||
|
||
/**
|
||
* Execute a unit of work in a given tenant context. The thread's tenant context will be returned to its normal state
|
||
* after the call.
|
||
*
|
||
* @param runAsWork the unit of work to do
|
||
* @param uid the user ID
|
||
* @return Returns the work's return value
|
||
*/
|
||
public static <R> R runAsTenant(final TenantRunAsWork<R> runAsWork, String tenantDomain)
|
||
{
|
||
// TODO need to differentiate between
|
||
// - tenant user - with implied context (in MT Ent world)
|
||
// - system users as a tenant
|
||
// - super tenant only
|
||
// etc
|
||
|
||
// TODO for now, this is just a brute force change of tenant regardless of above
|
||
// scenarios
|
||
|
||
if (getCurrentDomain().equals(tenantDomain))
|
||
{
|
||
return runAsWork(runAsWork);
|
||
}
|
||
else
|
||
{
|
||
return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<R>()
|
||
{
|
||
public R doWork()
|
||
{
|
||
return runAsWork(runAsWork);
|
||
}
|
||
}, AuthenticationUtil.getRunAsUser() + TenantService.SEPARATOR + tenantDomain);
|
||
}
|
||
}
|
||
|
||
public static <R> R runAsDefaultTenant(final TenantRunAsWork<R> runAsWork)
|
||
{
|
||
// Note: with MT Enterprise, if you're current user is not already part of the default domain then this will switch to System
|
||
if (getCurrentDomain().equals(TenantService.DEFAULT_DOMAIN))
|
||
{
|
||
return runAsWork(runAsWork);
|
||
}
|
||
else
|
||
{
|
||
return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<R>()
|
||
{
|
||
public R doWork()
|
||
{
|
||
return runAsWork(runAsWork);
|
||
}
|
||
}, AuthenticationUtil.getSystemUserName() + TenantService.SEPARATOR); // force default domain;
|
||
}
|
||
}
|
||
|
||
// switch tenant and run as System within that tenant
|
||
public static <R> R runAsSystemTenant(final TenantRunAsWork<R> runAsWork, final String tenantDomain)
|
||
{
|
||
StringBuffer systemUser = new StringBuffer().append(AuthenticationUtil.getSystemUserName());
|
||
if (AuthenticationUtil.isMtEnabled())
|
||
{
|
||
systemUser.append(TenantService.SEPARATOR).append(tenantDomain);
|
||
}
|
||
|
||
return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<R>()
|
||
{
|
||
public R doWork()
|
||
{
|
||
return runAsWork(runAsWork);
|
||
}
|
||
}, systemUser.toString());
|
||
}
|
||
|
||
private static <R> R runAsWork(final TenantRunAsWork<R> runAsWork)
|
||
{
|
||
try
|
||
{
|
||
return runAsWork.doWork();
|
||
}
|
||
catch (Throwable exception)
|
||
{
|
||
// Re-throw the exception
|
||
if (exception instanceof RuntimeException)
|
||
{
|
||
throw (RuntimeException) exception;
|
||
}
|
||
throw new RuntimeException("Error during run as.", exception);
|
||
}
|
||
}
|
||
|
||
// note: this does not check if tenant is enabled (unlike non-static MultiTServiceImpl.getCurrentUserDomain)
|
||
public static String getCurrentDomain()
|
||
{
|
||
if (AuthenticationUtil.isMtEnabled())
|
||
{
|
||
String runAsUser = AuthenticationUtil.getRunAsUser();
|
||
if (runAsUser != null)
|
||
{
|
||
int idx = runAsUser.lastIndexOf(TenantService.SEPARATOR);
|
||
if ((idx > 0) && (idx < (runAsUser.length()-1)))
|
||
{
|
||
return runAsUser.substring(idx+1);
|
||
}
|
||
}
|
||
}
|
||
return TenantService.DEFAULT_DOMAIN;
|
||
}
|
||
} |