mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-10-22 15:12:38 +00:00
43628: Fix for ALF-16299 - On full user profile, in the 'Sites' tab, the site descriptions are not aligned when a long site description is provided. 43639: ALF-16701: use newly released Spring Surf 1.2.0-M1 rather than a SNAPSHOT 43644: ALF-16527: webscript person.lib.ftl does not include all attributes for users out of the box. - added missing organizationId attribute. 43649: ALF-16756: WebDAV: An error occurs on drag&drop content from local machine to alfresco when inbound move rule configured. 43651: ALF-16756: Fixed typos - I took this code in good faith! 43659: ALF-16006: MT: Document Library is absent after upgrade from 3.4.x to 4.1.x (eg. 3.4.10 -> 4.1.1) - More patch dependencies required 43666: ALF-16833 / MNT-187: Fixed regression in inbound rule firing caused by the fix to ALF-14744 - Inbound rules were not firing for newly created content nodes that had null content properties (e.g. dataListItems) - Now the ALF-14744 fix has been revised so that inbound rules are only not fired for new nodes with zero-length content, as possibly created by the OSX / Windows 7 WebDAV clients during an upload, and only if policy.content.update.ignoreEmpty=true (the default) - OnContentUpdateRuleTrigger removed. Now all content property updates are handled by OnPropertyUpdateRuleTrigger so that we can have this subtle treatment of 'empty' content properties. - Reverted ALF-14744 changes to RuleServiceCoverageTest and added new tests for 'empty' content and ASPECT_NO_CONTENT - Updated RuleTriggerTest in line with changes 43675: Merged V4.1 to V4.1-BUG-FIX 43674: Merged PATCHES/V4.1.1 to V4.1 43673: Merged V3.4-BUG-FIX to PATCHES/V4.1.1 43672: ALF-16834, ALF-16833, MNT-187: Fix unit test failures and 'fine tune' logic to handle multiple updates within a single transaction creating a node 43676: ALF-12324: Can't delete site with WQS content - Don't try to add nodes to the publish queue on site deletion 43689: Fix for ALF-14207 - cm:link not correctly handled in Share's doclist when users don't have permission 43690: Fix for ALF-16538 - Wrong label on change group permission message 43696: ALF-16348 (Inconsistent error message when latest manager leaves a site) 43719: ALF-16031: "CMISChangeLog does not log Created events" 43720: ALF-14137: "When calling CMIS getAllVersions method using the OpenCMIS Browser the PreparedStatement is executed multiple times" 43722: ALF-16352: Re-instated manage permissions action to document list view 43745: Fix for ALF-15351. ContentModelFormProcessor had a TODO to handle associations defined on aspects other than those aspects already on the node for which a form is being submitted. I've added code that, when an association is added to a node, will check if the association is defined on any aspect in the system and if it is, it will let the association be created. 43757: ALF-16171: If a password for admin user is specified with a space in the end during the installation Alfresco startup fails - Added validation that will not allow the specified password to contain leading to trailing white space 43760: Fixed ALF-16317 "Labels not displaying full text when creating a rule on a folder with IE8" part 2 43769: Fix for ALF-13461. Merged PATCHES/V3.4.8 to BRANCHES/DEV/V4.1-BUG-FIX: 43344: MNT-162: Merged DEV to PATCHES/V3.4.8 43254: MNT-162: CLONE - Hidden folder "Comments" is available to searching - Removed last '/' from COMMENT_QNAMEPATH constant. 43770: ALF-15616: Merged V3.4-BUG-FIX (3.4.12) to V4.1-BUG-FIX (4.1.3) 43768: Merged Dev to V3.4-BUG-FIX (3.4.12) 43743: ALF-11956: WCM accessibility The problem with absence of initial focus on the first Web form element has been resolved in 'alfresco.xforms.XForm._loadHandler()'. This method creates all controls, defined in the form. 'alfresco.xforms.FocusResolver._findControl()' has been renamed to a public-like method ('alfresco.xforms.FocusResolver.findControl()'). Also it has been modified to introduce a possibility of searching elements, using root XForms widgets container. Some other minor fixes. 43772: Fixed ALF-16497 "Selected Items drop down box is expanded to the right in IE9" 43787: Merged in Philippe's fix for ALF-16313:unmakeTranslation() called on pivot language gives exception 43794: ALF-16155: "Notification digest accumulates and is repeatedly sent if 1 or more notification email fails" 43805: ALF-16212: Fixes double encoding issue. 43835: Fixed ALF-13595: Patches third party library date.js to prevent infinite loop. 43836: ALF-16480: Merged PATCHES/V4.1.1 to V4.1-BUG-FIX 43252: MNT-166: Document lock not removed after the lock expiry date has been reached - Changed evaluator "evaluator.doclib.metadata.isLocked" to use "evaluator.doclib.indicator.nodeLocked" and "evaluator.doclib.indicator.lockOwner" evaluator. 43253: MNT-165: "Cancel Editing" does not completely remove lock from document - Added documentLibrary cancel editing action for locked documents. 43300: MNT-171: Merged V4.1-BUG-FIX to PATCHES/V4.1.1 (modified) 43096: Fix for ALF-16283 - When document is checked out, 'Edit Online' and 'Upload New Version' options should not be visible on the original document. 43311: MNT-165: "Cancel Editing" does not completely remove lock from document - Fix for page refresh problem when cancel editing on details page 43421: MNT-186: 4.1.1.7 HF: Webscipt error on doclib page, containing locked by other users files - Change evaluator.doclib.metadata.isLocked to break circular dependency 43755: MNT-202: Upload New Version not available for a document that has been edited offline - Upload New Version is now available if editable by user (respecting locks, type of checkout, etc). 43844: ALF-16696: Merged DEV to V4.1-BUG-FIX 43734: Share nodebrowser is unable to access node of a document with MS residual properties - Use localname if no prefix is registered for a namespace uri 43864: Fixed ALF-16320 "Properties side panel collapses after editing properties in document preview window with IE8" 43866: Fixed ALF-16320 "Properties side panel collapses after editing properties in document preview window with IE8" part 2 - Checking using YAHOO.util.Event.getTarget instead 43867: Fixed ALF-16276 "'"Web View' dahslet displays 2 scrollbars in IE8." 43872: Merged V4.1 to V4.1-BUG-FIX 43622: ALF-16757: Sharepoint doesn't work correct with SSO - Fix by Pavel 43633: Latest translations from Gloria (r43623) 43636: Merged PATCHES/V4.1.1 to V4.1 43301: ALF-16811 / MNT-173: SOLR tracking spending too long evaluating paths - Too much time was being spent fetching the individual nodes in each path and there could be potentially thousands - Now we traverse all the ancestor parent associations in the cache before switching shared cache reads off, then bulk load them in one shot! 43303: ALF-16812 / MNT-174: "dictionaryDAO.init() called, yet no namespace registry for domain" after node rejoins cluster - namespaceRegistryCache is secondary to the clustered dictionaryRegistryCache, so can be a non-clustered cache. Synchronization and thread locals already in use so still thread safe. - dictionaryDAO.init() now has sole responsibility of establishing the NamespaceRegistry threadlocal within its locks, so no more risk of cyclic dependencies, race conditions, partial initialization, or registries dropping out of the cache - To avoid being confused by the 'consistent read' behaviour of a transactional cache, DictionaryDAOImpl now reads / writes directly to a shared cache. Again locks and thread locals still used so still thread safe 43334: ALF-16812 / MNT-174: Fixed failing unit tests - Because DictionaryDAOImpl now reads directly from the shared cache we need to reset it on initialization to avoid problems in multi-context unit tests 43337: ALF-16811 / MNT-173: Fix test failure. Cope with IDs of deleted nodes in getCachedAncestors() 43356: ALF-16811 / MNT-173: If we are disabling shared cache reads for the transaction, convert all existing reads and updates to avoid 'consistent read' behaviour giving us a potentially out of date node already accessed - Existing read buckets are simply thrown away - Updates are converted to removes to avoid any assumptions about existing shared cache content - New entries are left alone as they haven't come from the shared cache anyway 43410: ALF-16813 / MNT-185: Web Scripts are being endlessly re-registering in clustered environment - Due to 'consistent read' behaviour of transactional cache - As accesses are regulated by RW locks we can read straight through to the shared cache instead 43565: ALF-16814 / MNT-190: Bmlab Solr Node 2 threw unhandled NullPointerException (and possibly made solr unresponsive) - Added missing return statement 43646: ALF-15755: Rationalization of WebDAVMethod.checkNode() 43681: Merged HEAD to V4.1 43656: Fix for ALF-16683 CMIS: cannot navigate to original document was created through CMIS with CHECKED OUT version state. 43698: Latest Russian translations from Gloria 43838: ALF-16875: Merged V4.1-BUG-FIX to V4.1 43836: ALF-16480: Merged PATCHES/V4.1.1 to V4.1-BUG-FIX 43252: MNT-166: Document lock not removed after the lock expiry date has been reached - Changed evaluator "evaluator.doclib.metadata.isLocked" to use "evaluator.doclib.indicator.nodeLocked" and "evaluator.doclib.indicator.lockOwner" evaluator. 43253: MNT-165: "Cancel Editing" does not completely remove lock from document - Added documentLibrary cancel editing action for locked documents. 43300: MNT-171: Merged V4.1-BUG-FIX to PATCHES/V4.1.1 (modified) 43096: Fix for ALF-16283 - When document is checked out, 'Edit Online' and 'Upload New Version' options should not be visible on the original document. 43311: MNT-165: "Cancel Editing" does not completely remove lock from document - Fix for page refresh problem when cancel editing on details page 43421: MNT-186: 4.1.1.7 HF: Webscipt error on doclib page, containing locked by other users files - Change evaluator.doclib.metadata.isLocked to break circular dependency 43755: ALF-16890 / MNT-202: Upload New Version not available for a document that has been edited offline - Upload New Version is now available if editable by user (respecting locks, type of checkout, etc). 43868: Reverse merging r43838 - Merge in wrong direction introducing duplicate fragment into share-documentlibrary-config.xml 43871: ALF-16890: Merged PATCHES/V4.1.1 to V4.1 43755: MNT-202: Upload New Version not available for a document that has been edited offline - Upload New Version is now available if editable by user (respecting locks, type of checkout, etc). 43873: Merged V4.1 to V4.1-BUG-FIX (RECORD ONLY) 43602: ALF-16254: Merged V4.1-BUG-FIX to V4.1 43598: Merged HEAD to BRANCHES/DEV/V4.1-BUG-FIX 41906: ALF-11378: REST API has been modified to return extra information about a user whether s/he belongs to a group or not. 43612: ALF-16598: Merged V4.1-BUG-FIX to V4.1 43252: MNT-166: Document lock not removed after the lock expiry date has been reached - Changed evaluator "evaluator.doclib.metadata.isLocked" to use "evaluator.doclib.indicator.nodeLocked" and "evaluator.doclib.indicator.lockOwner" evaluator. 43254: MNT-165: "Cancel Editing" does not completely remove lock from document - Added documentLibrary cancel editing action for locked documents. 43300: MNT-171: Merged V4.1-BUG-FIX to PATCHES/V4.1.1 (modified) 43096: Fix for ALF-16283 - When document is checked out, 'Edit Online' and 'Upload New Version' options should not be visible on the original document. 43311: MNT-165: "Cancel Editing" does not completely remove lock from document - Fix for page refresh problem when cancel editing on details page 43421: MNT-186: 4.1.1.7 HF: Webscipt error on doclib page, containing locked by other users files - Change evaluator.doclib.metadata.isLocked to break circular dependency 43615: ALF-16794: Merged V4.1-BUG-FIX to V4.1 43478: MNT-181: Now WebDAV will ALWAYS preserve the original metadata and versions of ANY node that is temporarily 'moved out' in ANY kind of 'shuffle' operation - To make the source node temporarily invisible to WebDAV the client specific HIDDEN aspect features are used - WebDAVHelper.isRenameShuffle() method introduced, to parallel ALF-3856 CIFS fix and using similar system.webdav.renameShufflePattern global property to detect the start of a shuffle - WebDAVHelper converted to use proper dependency injection - CopyMethod has become a simple subclass of MoveMethod as all the hidden aspect munging is done by it - DeleteMethod now preserves hidden nodes - PropFindMethod now ignores hidden nodes - Listing methods will hide hidden nodes from WebDAV 43483: MNT-181: Corrected typo 43523: MNT-181: Corrections - WebDAVLockService.unlock() made 'harmless' to call on already-unlocked nodes - Delete method hides rather than deletes versioned nodes and working copes in case it is called by OSX Finder during a 'replace' operation 43524: MNT-181: Correction - PutMethod now 'unhides' hidden nodes and behaves as though it created them 43570: MNT-181: More corrections researched by Valery - Don't treat all moves to temporary locations as copies - just those from non-temporary locations. Avoids initial upload leaving lots of hidden files around. - Only copy the content, not the whole node including aspects to avoid versioning temporary files! - Don't version on changes to sys:clientVisibilityMask - avoids 'double versioning' - Recognize Mac .TemporaryItems folder and ._ files as temporary 43586: MNT-181: Final correction researched by Valery - Corrected system.webdav.renameShufflePattern so that it matches .TemporaryItems folder and ._ files as a full match 43616: ALF-15755: Merged V4.1-BUG-FIX to V4.1 43591: ALF-16772: If the WebDAV path of a document exceeds 255 characters, documents opened in MSOffice cannot be saved back - Interpret null nodeLockToken as not locked. 43629: Merged V4.1-BUG-FIX to V4.1 (4.1.2) 43498: Fix for ALF-16648 - Alfresco Enterprise artifacts in artifacts.alfresco.com do not provide POM files / dependencies declarations: Merged HEAD to V4.1-BUG-FIX (4.1.2) 43380: -- added site content for alfresco-platform-distribution POM 43379: -- added site documentation for alfresco-platform-distribution POM 43378: -- added site documentation for alfresco-platform-distribution POM -- deployed site for 4.2.b Community at https://artifacts.alfresco.com/nexus/content/repositories/alfresco-docs/alfresco-platform-distribution/latest/index.html -- created repository for Enterprise docs and added url in the appropriate edition properties 43273: Use property to define POI version 42966: ALF-14353 - Added platform distribution POM to standard maven-deploy procedure 42965: ALF-14353 - added alfresco-platform-distribution to provide a Maven release descriptor (dependencyManagement) per each Community / Enterprise release -- moved maven-ant-tasks not to be in the runtime lib -- added platform distribution pom in the SDK folder -- updated maven.xml to deploy filter and deploy the appropriate platform-distribution POM per each releae -- in maven.xml moved configure-release and configure-snapshot goals to maven-env-prerequisites -- updated sdk readme to explain the presence of alfresco-platform-distribution POM 42912: -- updated README header on the POM specifying it's NOT usable to build Alfresco -- make a clear reference to the POMs that get deployed by pom-experimental.xml being usable for development 42842: ALF-14353: Fix artifactId alfresco-jlan -> alfresco-jlan-embed 41883: ALF-14353 - fixed multiple Maven build issues. Now mvn clean install -f pom-experimental.xml works fine. Also deployed Spring Surf 1.2.0-SNAPSHOT so proper Surf version is retrieved 41882: added pre-requisites to build POMs successfully with mvn clean install -f pom-experimental.xml 43634: Merged V4.1-BUG-FIX to V4.1 43386: ALF-13091: Prevent bean post processor propagation to child application contexts. Remove Jsr250BeanPostPorcessor from the CXF configuration, to prevent strange interaction with component scanning. 43641: Merged V4.1-BUG-FIX to V4.1 (4.1.2) 43639: ALF-16701: use newly released Spring Surf 1.2.0-M1 in POM files rather than a SNAPSHOT 43645: Merged V4.1-BUG-FIX to V4.1 43644: ALF-16527: webscript person.lib.ftl does not include all attributes for users out of the box. - added missing organizationId attribute. 43660: Merged V4.1-BUG-FIX to V4.1 43659: ALF-16006: MT: Document Library is absent after upgrade from 3.4.x to 4.1.x (eg. 3.4.10 -> 4.1.1) - More patch dependencies required 43669: Merged V4.1-BUG-FIX to V4.1 43666: ALF-16833 / MNT-187: Fixed regression in inbound rule firing caused by the fix to ALF-14744 - Inbound rules were not firing for newly created content nodes that had null content properties (e.g. dataListItems) - Now the ALF-14744 fix has been revised so that inbound rules are only not fired for new nodes with zero-length content, as possibly created by the OSX / Windows 7 WebDAV clients during an upload, and only if policy.content.update.ignoreEmpty=true (the default) - OnContentUpdateRuleTrigger removed. Now all content property updates are handled by OnPropertyUpdateRuleTrigger so that we can have this subtle treatment of 'empty' content properties. - Reverted ALF-14744 changes to RuleServiceCoverageTest and added new tests for 'empty' content and ASPECT_NO_CONTENT - Updated RuleTriggerTest in line with changes 43697: Merged V4.1-BUG-FIX to V4.1 43689: Fix for ALF-14207 - cm:link not correctly handled in Share's doclist when users don't have permission 43761: Merged V4.1-BUG-FIX to V4.1 43760: Fixed ALF-16317 "Labels not displaying full text when creating a rule on a folder with IE8" part 2 43796: Merged V4.1-BUG-FIX to V4.1 43795: Fix for ALF-16254 - "Leave Site" behaviour for group based site membership: Blah, Blah, Blah! 43883: Fix for ALF-12711. Separated preparation of email message from sending of email message as described in analysis in JIRA. Did not merge the fix provided as MailActionExecuter.java.diff but reimplemented a fix based on that. 43888: ALF-16781: Merged V3.4-BUG-FIX (3.4.12) to V4.1-BUG-FIX (4.1.3) 43887: ALF-16898 CLONE - Transformation Server history shows incorrect transformation "To" type for images - ImageTransformActionExecuter ("Transform and Copy Image") re-factored to use ContentService rather than hard coded to ImageMagick 43900: Merged V4.1 to V4.1-BUG-FIX 43898: Merged PATCHES/V4.1.1 to V4.1 43708: ALF-16903 / MNT-203: ACL changes not propagated between two non clustered Alfresco instances hitting same Solr and Database - Although SOLRTrackingComponentImpl was not trusting the cache when tracking node transactions, it was still trusting the cache for ACL change sets - This mean that when the SOLR node is using an Alfresco out of the cluster (which we are supposed to support) it could see stale ACLs - Fixed this by using the same strategy we use in AbstractNodeDAO - Now the main acl CRUD cache is set to ignore the shared cache during SOLR tracking - All secondary ACL caches are keyed by ACL ID AND version, so it prevents the possibility of retrieving a stale cached ACL for an old version 43713: ALF-16903 / MNT-203: ACL changes not propagated between two non clustered Alfresco instances hitting same Solr and Database - Fix test failures - deleteAccessControlEntries must 'touch' all the ACLs it affects to keep caches valid - createAccessControlList should return the newly-versioned ACL 43736: ALF-16904 / MNT-204: Index showing no progress on Solr server - SAP's tracking thread got stuck indefinitely waiting on a content response after sending a request, probably due to some misbehaving proxy or balancer - Now we make it possible to recover from this - A new alfresco.socketTimeout parameter is now supported in solrcore.properties - It specifies the number of milliseconds SOLR will wait before giving up waiting for data on an HTTP connection - The default is still zero which means wait indefinitely 43759: ALF-16904 / MNT-204: Fixed compilation error 43899: Merged PATCHES/V4.1.1 to V4.1 (RECORD ONLY) 43667: Merged V4.1-BUG-FIX to PATCHES/V4.1.1 43666: ALF-16833 / MNT-187: Fixed regression in inbound rule firing caused by the fix to ALF-14744 - Inbound rules were not firing for newly created content nodes that had null content properties (e.g. dataListItems) - Now the ALF-14744 fix has been revised so that inbound rules are only not fired for new nodes with zero-length content, as possibly created by the OSX / Windows 7 WebDAV clients during an upload, and only if policy.content.update.ignoreEmpty=true (the default) - OnContentUpdateRuleTrigger removed. Now all content property updates are handled by OnPropertyUpdateRuleTrigger so that we can have this subtle treatment of 'empty' content properties. - Reverted ALF-14744 changes to RuleServiceCoverageTest and added new tests for 'empty' content and ASPECT_NO_CONTENT - Updated RuleTriggerTest in line with changes 43901: Merged V3.4-BUG-FIX to V4.1-BUG-FIX 43571: Merged DEV to V3.4-BUG-FIX 43569: ALF-16222: It's impossible to delete a file/message via IMAP using Microsoft Entourage 2008 in MacOSX 10.8 fixed: UID failed.Existing file or folder error on attempt to delete file if deleted items already contains file with the same name. modified: AttachmentExtractor modified to avoid code dublication. 43599: Fix for ALF-16505 - Discussion topics are sorted in ascending order (oldest first and newest last) when selecting 'All topics' 43610: Merged Dev to V3.4-BUGFIX (3.4.12) 43416: ALF-16470: SPP:Meeting recurent events are displayed incorrect in share calendar in all tabs (Day, Week, Month) Incorrect lucene query to search for events (it was search for events ONLY after fromDate, that gets from browser query. And recursive events, that have startDate before browser's query date, wasn't included into summary query for search for events. Start date is incorrect and is sets two times. Interval for month of end date is to small. Recursive event, that was started in previous month, and ends in current month, isn't included into result of search. For events, that ends on next date after start date, displays (view by month) only start date. 43625: ALF-11817: Cope with incomplete lock token headers from Microsoft-WebDAV-MiniRedir without the enclosing <> by just consuming the whole string 43670: ALF-11817: Prevent auto-hidden dot underscore files from reappearing on a put by checking for a shuffle path before 'unhiding' 43746: Merged DEV to V3.4-BUG-FIX (with corrections) 43692: ALF-16808 Webdav: Two versions of document have been added after the document has been rewritten once more via drag and drop action. 1. Checked whether the current content property is empty. 2. Disabled the versionable aspect. 3. Added the new content to the node. 43763: Fix for ALF-14828 - Incorrect behavior on delete action (WCMQS site) 43771: Fix for ALF-12752 - Custom form appearance parameters not accounted for causing ovverlapped textareas xforms changing their height 43773: Merged DEV to V3.4-BUG-FIX (3.4.12) 42010: ALF-14040: Event start/end time displays incorrect on MS Outlook Calendar and Calendar of created Meeting workspace 1) Send a date for "Site Calendar" dashlet in ISO-8601 format (like in v4.1.1), then after transformation to client's time zone it is displayed correct 2) For "My Calendar" dashlet we need to take into account that if the event is "all day event", then date should be used without time zone transformation 43804: ALF-12326 HomeFolderProviderSynchronizer fails to move any user space which has a rule configured on it 43837: Fixes ALF-12145: Date.js patches merged to 3.4 Merged BRANCHES/DEV/V4.0-BUG-FIX to BRANCHES/DEV/V3.4-BUG-FIX: 36202: ALF-13483: Japanese: Incorrect date handle in a date Input filed Merged BRANCHES/DEV/V4.1-BUG-FIX to BRANCHES/DEV/V3.4-BUG-FIX: 43835: Fixed ALF-13595: Patches third party library date.js to prevent infinite loop. 43839: ALF-16869: Merged PATCHES/V3.4.8 to V3.4-BUG-FIX 43344: MNT-162: Merged DEV to PATCHES/V3.4.8 43254: MNT-162: CLONE - Hidden folder "Comments" is available to searching - Removed last '/' from COMMENT_QNAMEPATH constant. 43902: Merged V3.4-BUG-FIX to V4.1-BUG-FIX (RECORD ONLY) 43177: Merged DEV to V3.4-BUG-FIX 43087: ALF-16474: Records Management groups were not deleted after removing RM site - Delete Records Management groups on ASPECT_RECORDS_MANAGEMENT_ROOT delete - Backport of RM-190 from RM 2.0 43228: ALF-16266: Merged HEAD to V3.4-BUG-FIX 32846: Fixes: ALF-10519: Issues with translation of roles. 31413: Fixes: ALF-10519 - Internationalises the role names for the repo browser's manage permissions page & makes these available to other pages through common.properties 43229: ALF-16266: Fix conflict data left in the properties file. 43624: ALF-11817: Merged PATCHES/V4.0.2 to V3.4-BUG-FIX 43587: Merged BRANCHES/V4.1-BUG-FIX to PATCHES/V4.0.2 42363: ALF-16213: renaming versioned file results in file being deleted. 43478: MNT-181: Now WebDAV will ALWAYS preserve the original metadata and versions of ANY node that is temporarily 'moved out' in ANY kind of 'shuffle' operation - To make the source node temporarily invisible to WebDAV the client specific HIDDEN aspect features are used - WebDAVHelper.isRenameShuffle() method introduced, to parallel ALF-3856 CIFS fix and using similar system.webdav.renameShufflePattern global property to detect the start of a shuffle - WebDAVHelper converted to use proper dependency injection - CopyMethod has become a simple subclass of MoveMethod as all the hidden aspect munging is done by it - DeleteMethod now preserves hidden nodes - PropFindMethod now ignores hidden nodes - Listing methods will hide hidden nodes from WebDAV 43483: MNT-181: Corrected typo 43523: MNT-181: Corrections - WebDAVLockService.unlock() made 'harmless' to call on already-unlocked nodes - Delete method hides rather than deletes versioned nodes and working copies in case it is called by OSX Finder during a 'replace' operation 43524: MNT-181: Correction - PutMethod now 'unhides' hidden nodes and behaves as though it created them 43570: MNT-181: More corrections researched by Valery - Don't treat all moves to temporary locations as copies - just those from non-temporary locations. Avoids initial upload leaving lots of hidden files around. - Only copy the content, not the whole node including aspects to avoid versioning temporary files! - Don't version on changes to sys:clientVisibilityMask - avoids 'double versioning' - Recognize Mac .TemporaryItems folder and ._ files as temporary 43586: MNT-181: Final correction researched by Valery - Corrected system.webdav.renameShufflePattern so that it matches .TemporaryItems folder and ._ files as a full match 43671: ALF-16834: Merged V4.1-BUG-FIX to V3.4-BUG-FIX 43666: ALF-16833 / MNT-187: Fixed regression in inbound rule firing caused by the fix to ALF-14744 - Inbound rules were not firing for newly created content nodes that had null content properties (e.g. dataListItems) - Now the ALF-14744 fix has been revised so that inbound rules are only not fired for new nodes with zero-length content, as possibly created by the OSX / Windows 7 WebDAV clients during an upload, and only if policy.content.update.ignoreEmpty=true (the default) - OnContentUpdateRuleTrigger removed. Now all content property updates are handled by OnPropertyUpdateRuleTrigger so that we can have this subtle treatment of 'empty' content properties. - Reverted ALF-14744 changes to RuleServiceCoverageTest and added new tests for 'empty' content and ASPECT_NO_CONTENT - Updated RuleTriggerTest in line with changes 43842: Merged V4.0-BUG-FIX to V3.4-BUG-FIX 33387: ALF-12492 - Email with empty subject sent to Alfresco by SMTP cause Null pointer Exception 43843: ALF-16717: Merged V4.1-BUG-FIX to V3.4-BUG-FIX 43314: ALF-16575 - Email server does not accept email where Subject ends with a period git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@43914 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
1073 lines
37 KiB
Java
1073 lines
37 KiB
Java
/*
|
|
* Copyright (C) 2005-2010 Alfresco Software Limited.
|
|
*
|
|
* This file is part of Alfresco
|
|
*
|
|
* Alfresco is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU Lesser General Public License as published by
|
|
* the Free Software Foundation, either version 3 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* Alfresco is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU Lesser General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Lesser General Public License
|
|
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
package org.alfresco.repo.domain.permissions;
|
|
|
|
import java.io.Serializable;
|
|
import java.util.ArrayList;
|
|
import java.util.Iterator;
|
|
import java.util.List;
|
|
import java.util.Map;
|
|
|
|
import org.alfresco.error.AlfrescoRuntimeException;
|
|
import org.alfresco.repo.cache.SimpleCache;
|
|
import org.alfresco.repo.cache.TransactionalCache;
|
|
import org.alfresco.repo.cache.lookup.EntityLookupCache;
|
|
import org.alfresco.repo.cache.lookup.EntityLookupCache.EntityLookupCallbackDAO;
|
|
import org.alfresco.repo.domain.CrcHelper;
|
|
import org.alfresco.repo.domain.qname.QNameDAO;
|
|
import org.alfresco.repo.security.permissions.ACEType;
|
|
import org.alfresco.repo.security.permissions.PermissionReference;
|
|
import org.alfresco.repo.security.permissions.impl.SimplePermissionReference;
|
|
import org.alfresco.service.cmr.security.AccessStatus;
|
|
import org.alfresco.service.namespace.QName;
|
|
import org.alfresco.util.Pair;
|
|
import org.springframework.dao.ConcurrencyFailureException;
|
|
import org.springframework.extensions.surf.util.ParameterCheck;
|
|
|
|
|
|
/**
|
|
* Abstract implementation for ACL crud DAO.
|
|
* <p>
|
|
* This provides basic services such as caching, but defers to the underlying implementation
|
|
* for CRUD operations for:
|
|
*
|
|
* <b>alf_access_control_list</b>
|
|
* <b>alf_acl_member</b>
|
|
* <b>alf_acl_change_set</b>
|
|
* <b>alf_access_control_entry</b>
|
|
* <b>alf_permission</b>
|
|
* <b>alf_authority</b>
|
|
*
|
|
* Also, following are currently unused:
|
|
*
|
|
* <b>alf_ace_context</b>
|
|
* <b>alf_authority_alias</b>
|
|
*
|
|
*
|
|
*
|
|
* @author janv
|
|
* @since 3.4
|
|
*/
|
|
public abstract class AbstractAclCrudDAOImpl implements AclCrudDAO
|
|
{
|
|
private static final String CACHE_REGION_ACL = "Acl";
|
|
private static final String CACHE_REGION_AUTHORITY = "Authority";
|
|
private static final String CACHE_REGION_PERMISSION = "Permission";
|
|
|
|
private final AclEntityCallbackDAO aclEntityDaoCallback;
|
|
private final AuthorityEntityCallbackDAO authorityEntityDaoCallback;
|
|
private final PermissionEntityCallbackDAO permissionEntityDaoCallback;
|
|
|
|
private QNameDAO qnameDAO;
|
|
private static int batchSize = 500;
|
|
|
|
public void setQnameDAO(QNameDAO qnameDAO)
|
|
{
|
|
this.qnameDAO = qnameDAO;
|
|
}
|
|
|
|
public void setBatchSize(int batchSizeOverride)
|
|
{
|
|
batchSize = batchSizeOverride;
|
|
}
|
|
|
|
/**
|
|
* Cache for the ACL entity:<br/>
|
|
* KEY: ID (ACL)<br/>
|
|
* VALUE: AclEntity<br/>
|
|
* VALUE KEY: None<br/>
|
|
*/
|
|
private EntityLookupCache<Long, AclEntity, Serializable> aclEntityCache;
|
|
|
|
/**
|
|
* Backing transactional cache to allow read-through requests to be honoured
|
|
*/
|
|
private TransactionalCache<Serializable, Object> aclEntityTransactionalCache;
|
|
|
|
|
|
/**
|
|
* Cache for the Authority entity:<br/>
|
|
* KEY: ID (Authority)<br/>
|
|
* VALUE: AuthorityEntity<br/>
|
|
* VALUE KEY: Name<br/>
|
|
*/
|
|
private EntityLookupCache<Long, AuthorityEntity, String> authorityEntityCache;
|
|
|
|
/**
|
|
* Cache for the Permission entity:<br/>
|
|
* KEY: ID (Permission)<br/>
|
|
* VALUE: PermissionEntity<br/>
|
|
* VALUE KEY: PermissionEntity (compound key: qnameId + name)<br/>
|
|
*/
|
|
private EntityLookupCache<Long, PermissionEntity, PermissionEntity> permissionEntityCache;
|
|
|
|
/**
|
|
* Set the cache to use for <b>alf_access_control_list</b> lookups (optional).
|
|
*
|
|
* @param aclEntityCache the cache of IDs to AclEntities
|
|
*/
|
|
public void setAclEntityCache(TransactionalCache<Serializable, Object> aclEntityCache)
|
|
{
|
|
this.aclEntityCache = new EntityLookupCache<Long, AclEntity, Serializable>(
|
|
aclEntityCache,
|
|
CACHE_REGION_ACL,
|
|
aclEntityDaoCallback);
|
|
this.aclEntityTransactionalCache = aclEntityCache;
|
|
}
|
|
|
|
/**
|
|
* Set the cache to use for <b>alf_authority</b> lookups (optional).
|
|
*
|
|
* @param authorityEntityCache the cache of IDs to AclEntities
|
|
*/
|
|
public void setAuthorityEntityCache(SimpleCache<Serializable, Object> authorityEntityCache)
|
|
{
|
|
this.authorityEntityCache = new EntityLookupCache<Long, AuthorityEntity, String>(
|
|
authorityEntityCache,
|
|
CACHE_REGION_AUTHORITY,
|
|
authorityEntityDaoCallback);
|
|
}
|
|
|
|
/**
|
|
* Set the cache to use for <b>alf_permission</b> lookups (optional).
|
|
*
|
|
* @param permissionEntityCache the cache of IDs to PermissionEntities
|
|
*/
|
|
public void setPermissionEntityCache(SimpleCache<Serializable, Object> permissionEntityCache)
|
|
{
|
|
this.permissionEntityCache = new EntityLookupCache<Long, PermissionEntity, PermissionEntity>(
|
|
permissionEntityCache,
|
|
CACHE_REGION_PERMISSION,
|
|
permissionEntityDaoCallback);
|
|
}
|
|
|
|
|
|
/**
|
|
* Default constructor.
|
|
* <p>
|
|
* This sets up the DAO accessors to bypass any caching to handle the case where the caches are not
|
|
* supplied in the setters.
|
|
*/
|
|
public AbstractAclCrudDAOImpl()
|
|
{
|
|
this.aclEntityDaoCallback = new AclEntityCallbackDAO();
|
|
this.aclEntityCache = new EntityLookupCache<Long, AclEntity, Serializable>(aclEntityDaoCallback);
|
|
|
|
this.authorityEntityDaoCallback = new AuthorityEntityCallbackDAO();
|
|
this.authorityEntityCache = new EntityLookupCache<Long, AuthorityEntity, String>(authorityEntityDaoCallback);
|
|
|
|
this.permissionEntityDaoCallback = new PermissionEntityCallbackDAO();
|
|
this.permissionEntityCache = new EntityLookupCache<Long, PermissionEntity, PermissionEntity>(permissionEntityDaoCallback);
|
|
}
|
|
|
|
//
|
|
// Access Control List (ACL)
|
|
//
|
|
|
|
public AclEntity createAcl(AclEntity entity)
|
|
{
|
|
ParameterCheck.mandatory("entity", entity);
|
|
|
|
ParameterCheck.mandatory("entity.aclId", entity.getAclId());
|
|
ParameterCheck.mandatory("entity.aclVersion", entity.getAclVersion());
|
|
|
|
entity.setVersion(0L);
|
|
|
|
Pair<Long, AclEntity> entityPair = aclEntityCache.getOrCreateByValue(entity);
|
|
return entityPair.getSecond();
|
|
}
|
|
|
|
public Acl getAcl(long id)
|
|
{
|
|
return getAclImpl(id);
|
|
}
|
|
|
|
private AclEntity getAclImpl(long id)
|
|
{
|
|
Pair<Long, AclEntity> entityPair = aclEntityCache.getByKey(id);
|
|
if (entityPair == null)
|
|
{
|
|
return null;
|
|
}
|
|
return entityPair.getSecond();
|
|
}
|
|
|
|
@Override
|
|
public void setCheckAclConsistency()
|
|
{
|
|
aclEntityTransactionalCache.setDisableSharedCacheReadForTransaction(true);
|
|
}
|
|
|
|
public AclUpdateEntity getAclForUpdate(long id)
|
|
{
|
|
AclEntity acl = getAclImpl(id);
|
|
if (acl == null)
|
|
{
|
|
return null;
|
|
}
|
|
|
|
// copy for update
|
|
AclUpdateEntity aclEntity = new AclUpdateEntity();
|
|
aclEntity.setId(acl.getId());
|
|
aclEntity.setVersion(acl.getVersion());
|
|
aclEntity.setAclChangeSetId(acl.getAclChangeSetId());
|
|
aclEntity.setAclId(acl.getAclId());
|
|
aclEntity.setAclType(acl.getAclType());
|
|
aclEntity.setAclVersion(acl.getAclVersion());
|
|
aclEntity.setInheritedAcl(acl.getInheritedAcl());
|
|
aclEntity.setInherits(acl.getInherits());
|
|
aclEntity.setInheritsFrom(acl.getInheritsFrom());
|
|
aclEntity.setLatest(acl.isLatest());
|
|
aclEntity.setVersioned(acl.isVersioned());
|
|
aclEntity.setRequiresVersion(acl.getRequiresVersion());
|
|
|
|
return aclEntity;
|
|
}
|
|
|
|
public List<Long> getAclsThatInheritFromAcl(long aclEntityId)
|
|
{
|
|
// not cached
|
|
return getAclEntitiesThatInheritFromAcl(aclEntityId);
|
|
}
|
|
|
|
public Long getLatestAclByGuid(String aclGuid)
|
|
{
|
|
// not cached
|
|
return getLatestAclEntityByGuid(aclGuid);
|
|
}
|
|
|
|
public List<Long> getADMNodesByAcl(long aclEntityId, int maxResults)
|
|
{
|
|
return getADMNodeEntityIdsByAcl(aclEntityId, maxResults);
|
|
}
|
|
|
|
public List<Long> getAVMNodesByAcl(long aclEntityId, int maxResults)
|
|
{
|
|
return getAVMNodeEntityIdsByAcl(aclEntityId, maxResults);
|
|
}
|
|
|
|
public void updateAcl(AclUpdateEntity entity)
|
|
{
|
|
ParameterCheck.mandatory("entity", entity);
|
|
ParameterCheck.mandatory("entity.id", entity.getId());
|
|
ParameterCheck.mandatory("entity.aclVersion", entity.getAclVersion());
|
|
ParameterCheck.mandatory("entity.version", entity.getVersion());
|
|
|
|
int updated = aclEntityCache.updateValue(entity.getId(), entity);
|
|
if (updated < 1)
|
|
{
|
|
aclEntityCache.removeByKey(entity.getId());
|
|
throw new ConcurrencyFailureException("AclEntity with ID (" + entity.getId() + ") no longer exists or has been updated concurrently");
|
|
}
|
|
}
|
|
|
|
public void deleteAcl(long id)
|
|
{
|
|
Pair<Long, AclEntity> entityPair = aclEntityCache.getByKey(id);
|
|
if (entityPair == null)
|
|
{
|
|
return;
|
|
}
|
|
|
|
int deleted = aclEntityCache.deleteByKey(id);
|
|
if (deleted < 1)
|
|
{
|
|
aclEntityCache.removeByKey(id);
|
|
throw new ConcurrencyFailureException("AclEntity with ID " + id + " no longer exists");
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Callback for <b>alf_access_control_list</b> DAO
|
|
*/
|
|
private class AclEntityCallbackDAO implements EntityLookupCallbackDAO<Long, AclEntity, Serializable>
|
|
{
|
|
private final Pair<Long, AclEntity> convertEntityToPair(AclEntity entity)
|
|
{
|
|
if (entity == null)
|
|
{
|
|
return null;
|
|
}
|
|
else
|
|
{
|
|
return new Pair<Long, AclEntity>(entity.getId(), entity);
|
|
}
|
|
}
|
|
|
|
public Serializable getValueKey(AclEntity value)
|
|
{
|
|
return null;
|
|
}
|
|
|
|
public Pair<Long, AclEntity> createValue(AclEntity value)
|
|
{
|
|
AclEntity entity = createAclEntity(value);
|
|
return convertEntityToPair(entity);
|
|
}
|
|
|
|
public Pair<Long, AclEntity> findByKey(Long key)
|
|
{
|
|
AclEntity entity = getAclEntity(key);
|
|
return convertEntityToPair(entity);
|
|
}
|
|
|
|
public Pair<Long, AclEntity> findByValue(AclEntity value)
|
|
{
|
|
if ((value != null) && (value.getId() != null))
|
|
{
|
|
return findByKey(value.getId());
|
|
}
|
|
return null;
|
|
}
|
|
|
|
public int updateValue(Long key, AclEntity value)
|
|
{
|
|
return updateAclEntity(value);
|
|
}
|
|
|
|
public int deleteByKey(Long key)
|
|
{
|
|
return deleteAclEntity(key);
|
|
}
|
|
|
|
public int deleteByValue(AclEntity value)
|
|
{
|
|
throw new UnsupportedOperationException("deleteByValue");
|
|
}
|
|
}
|
|
|
|
protected abstract AclEntity createAclEntity(AclEntity entity);
|
|
protected abstract AclEntity getAclEntity(long id);
|
|
protected abstract List<Long> getAclEntitiesThatInheritFromAcl(long idOfAcl);
|
|
protected abstract Long getLatestAclEntityByGuid(String aclGuid);
|
|
protected abstract int updateAclEntity(AclEntity entity);
|
|
protected abstract int deleteAclEntity(long id);
|
|
|
|
protected abstract List<Long> getADMNodeEntityIdsByAcl(long aclEntityId, int maxResults);
|
|
protected abstract List<Long> getAVMNodeEntityIdsByAcl(long aclEntityId, int maxResults);
|
|
|
|
//
|
|
// ACL Member
|
|
//
|
|
|
|
public void addAclMembersToAcl(long aclId, List<Long> aceIds, int depth)
|
|
{
|
|
ParameterCheck.mandatory("aceIds", aceIds);
|
|
|
|
List<AclMemberEntity> newMembers = new ArrayList<AclMemberEntity>(aceIds.size());
|
|
|
|
for (Long aceId : aceIds)
|
|
{
|
|
AclMemberEntity newMember = new AclMemberEntity();
|
|
newMember.setAclId(aclId);
|
|
newMember.setAceId(aceId);
|
|
newMember.setPos(depth);
|
|
|
|
AclMemberEntity result = createAclMemberEntity(newMember);
|
|
newMembers.add(result);
|
|
}
|
|
}
|
|
|
|
public void addAclMembersToAcl(long aclId, List<Pair<Long, Integer>> aceIdsWithDepths)
|
|
{
|
|
ParameterCheck.mandatory("aceIdsWithDepths", aceIdsWithDepths);
|
|
|
|
List<AclMemberEntity> newMembers = new ArrayList<AclMemberEntity>(aceIdsWithDepths.size());
|
|
|
|
for (Pair<Long,Integer> aceIdWithDepth : aceIdsWithDepths)
|
|
{
|
|
AclMemberEntity newMember = new AclMemberEntity();
|
|
newMember.setAclId(aclId);
|
|
newMember.setAceId(aceIdWithDepth.getFirst());
|
|
newMember.setPos(aceIdWithDepth.getSecond());
|
|
|
|
AclMemberEntity result = createAclMemberEntity(newMember);
|
|
newMembers.add(result);
|
|
}
|
|
}
|
|
|
|
public List<AclMember> getAclMembersByAcl(long idOfAcl)
|
|
{
|
|
List<AclMemberEntity> entities = getAclMemberEntitiesByAcl(idOfAcl);
|
|
List<AclMember> result = new ArrayList<AclMember>(entities.size());
|
|
result.addAll(entities);
|
|
return result;
|
|
}
|
|
|
|
public List<AclMemberEntity> getAclMembersByAclForUpdate(long idOfAcl)
|
|
{
|
|
List<AclMemberEntity> members = getAclMemberEntitiesByAcl(idOfAcl);
|
|
List<AclMemberEntity> membersForUpdate = new ArrayList<AclMemberEntity>(members.size());
|
|
for (AclMemberEntity member : members)
|
|
{
|
|
AclMemberEntity newMember = new AclMemberEntity();
|
|
newMember.setId(member.getId());
|
|
newMember.setVersion(member.getVersion());
|
|
newMember.setAceId(member.getAceId());
|
|
newMember.setAclId(member.getAclId());
|
|
newMember.setPos(member.getPos());
|
|
membersForUpdate.add(newMember);
|
|
}
|
|
return membersForUpdate;
|
|
}
|
|
|
|
public List<AclMember> getAclMembersByAuthority(String authorityName)
|
|
{
|
|
List<AclMemberEntity> entities = getAclMemberEntitiesByAuthority(authorityName);
|
|
List<AclMember> result = new ArrayList<AclMember>(entities.size());
|
|
result.addAll(entities);
|
|
return result;
|
|
}
|
|
|
|
public void updateAclMember(AclMemberEntity entity)
|
|
{
|
|
ParameterCheck.mandatory("entity", entity);
|
|
ParameterCheck.mandatory("entity.id", entity.getId());
|
|
ParameterCheck.mandatory("entity.version", entity.getVersion());
|
|
ParameterCheck.mandatory("entity.aceId", entity.getAceId());
|
|
ParameterCheck.mandatory("entity.aclId", entity.getAclId());
|
|
ParameterCheck.mandatory("entity.pos", entity.getPos());
|
|
|
|
int updated = updateAclMemberEntity(entity);
|
|
|
|
if (updated < 1)
|
|
{
|
|
aclEntityCache.removeByKey(entity.getId());
|
|
throw new ConcurrencyFailureException("AclMemberEntity with ID (" + entity.getId() + ") no longer exists or has been updated concurrently");
|
|
}
|
|
}
|
|
|
|
public int deleteAclMembers(List<Long> aclMemberIds)
|
|
{
|
|
int totalDeletedCount = 0;
|
|
|
|
if (aclMemberIds.size() == 0)
|
|
{
|
|
return 0;
|
|
}
|
|
else if (aclMemberIds.size() <= batchSize)
|
|
{
|
|
totalDeletedCount = deleteAclMemberEntities(aclMemberIds);
|
|
}
|
|
else
|
|
{
|
|
Iterator<Long> idIterator = aclMemberIds.iterator();
|
|
List<Long> batchIds = new ArrayList<Long>(batchSize);
|
|
|
|
while (idIterator.hasNext())
|
|
{
|
|
Long id = idIterator.next();
|
|
batchIds.add(id);
|
|
|
|
if (batchIds.size() == batchSize || (! idIterator.hasNext()))
|
|
{
|
|
int batchDeletedCount = deleteAclMemberEntities(batchIds);
|
|
|
|
totalDeletedCount = totalDeletedCount + batchDeletedCount;
|
|
batchIds.clear();
|
|
}
|
|
}
|
|
}
|
|
|
|
// TODO manually update the cache
|
|
|
|
return totalDeletedCount;
|
|
}
|
|
|
|
public int deleteAclMembersByAcl(long idOfAcl)
|
|
{
|
|
return deleteAclMemberEntitiesByAcl(idOfAcl);
|
|
}
|
|
|
|
protected abstract AclMemberEntity createAclMemberEntity(AclMemberEntity entity);
|
|
protected abstract List<AclMemberEntity> getAclMemberEntitiesByAcl(long idOfAcl);
|
|
protected abstract List<AclMemberEntity> getAclMemberEntitiesByAuthority(String authorityName);
|
|
protected abstract int updateAclMemberEntity(AclMemberEntity entity);
|
|
protected abstract int deleteAclMemberEntities(List<Long> aclMemberIds);
|
|
protected abstract int deleteAclMemberEntitiesByAcl(long idOfAcl);
|
|
|
|
//
|
|
// ACL Change Set
|
|
//
|
|
|
|
public Long createAclChangeSet()
|
|
{
|
|
return createAclChangeSetEntity();
|
|
}
|
|
|
|
@Override
|
|
public void updateAclChangeSet(Long aclChangeSetEntityId, long commitTimeMs)
|
|
{
|
|
int updated = updateChangeSetEntity(aclChangeSetEntityId, commitTimeMs);
|
|
if (updated != 1)
|
|
{
|
|
throw new ConcurrencyFailureException("Update by ID should delete exactly 1: " + aclChangeSetEntityId);
|
|
}
|
|
}
|
|
|
|
public AclChangeSetEntity getAclChangeSet(Long changeSetId)
|
|
{
|
|
return getAclChangeSetEntity(changeSetId);
|
|
}
|
|
|
|
public void deleteAclChangeSet(Long changeSetId)
|
|
{
|
|
int deleted = deleteAclChangeSetEntity(changeSetId);
|
|
if (deleted != 1)
|
|
{
|
|
aclEntityCache.removeByKey(changeSetId);
|
|
throw new ConcurrencyFailureException("Deleted by ID should delete exactly 1: " + changeSetId);
|
|
}
|
|
}
|
|
|
|
protected abstract Long createAclChangeSetEntity();
|
|
protected abstract AclChangeSetEntity getAclChangeSetEntity(Long changeSetId);
|
|
protected abstract int deleteAclChangeSetEntity(Long id);
|
|
protected abstract int updateChangeSetEntity(Long id, long commitTimeMs);
|
|
|
|
//
|
|
// Access Control Entry (ACE)
|
|
//
|
|
|
|
public Ace createAce(Permission permission, Authority authority, ACEType type, AccessStatus accessStatus)
|
|
{
|
|
ParameterCheck.mandatory("permission", permission);
|
|
ParameterCheck.mandatory("authority", authority);
|
|
ParameterCheck.mandatory("type", type);
|
|
ParameterCheck.mandatory("accessStatus", accessStatus);
|
|
|
|
AceEntity entity = new AceEntity();
|
|
|
|
entity.setApplies(type.getId()); // note: 'applies' stores the ACE type
|
|
entity.setAllowed((accessStatus == AccessStatus.ALLOWED) ? true : false);
|
|
entity.setAuthorityId(authority.getId());
|
|
entity.setPermissionId(permission.getId());
|
|
|
|
long aceId = createAceEntity(entity);
|
|
|
|
entity.setVersion(0L);
|
|
entity.setId(aceId);
|
|
|
|
return entity;
|
|
}
|
|
|
|
public Ace getAce(Permission permission, Authority authority, ACEType type, AccessStatus accessStatus)
|
|
{
|
|
ParameterCheck.mandatory("permission", permission);
|
|
ParameterCheck.mandatory("authority", authority);
|
|
ParameterCheck.mandatory("type", type);
|
|
ParameterCheck.mandatory("accessStatus", accessStatus);
|
|
|
|
return getAceEntity(permission.getId(),
|
|
authority.getId(),
|
|
((accessStatus == AccessStatus.ALLOWED) ? true : false),
|
|
type);
|
|
}
|
|
|
|
public Ace getAce(long aceEntityId)
|
|
{
|
|
return getAceEntity(aceEntityId);
|
|
}
|
|
|
|
public Ace getOrCreateAce(Permission permission, Authority authority, ACEType type, AccessStatus accessStatus)
|
|
{
|
|
Ace entity = getAce(permission, authority, type, accessStatus);
|
|
if (entity == null)
|
|
{
|
|
entity = createAce(permission, authority, type, accessStatus);
|
|
}
|
|
return entity;
|
|
}
|
|
|
|
public List<Ace> getAcesByAuthority(long authorityId)
|
|
{
|
|
return (List<Ace>)getAceEntitiesByAuthority(authorityId);
|
|
}
|
|
|
|
public List<Map<String, Object>> getAcesAndAuthoritiesByAcl(long idOfAcl)
|
|
{
|
|
return getAceAndAuthorityEntitiesByAcl(idOfAcl);
|
|
}
|
|
|
|
public int deleteAces(List<Long> aceIds)
|
|
{
|
|
int totalDeletedCount = 0;
|
|
|
|
if (aceIds.size() == 0)
|
|
{
|
|
return 0;
|
|
}
|
|
else if (aceIds.size() <= batchSize)
|
|
{
|
|
totalDeletedCount = deleteAceEntities(aceIds);
|
|
}
|
|
else
|
|
{
|
|
Iterator<Long> idIterator = aceIds.iterator();
|
|
List<Long> batchIds = new ArrayList<Long>(batchSize);
|
|
|
|
while (idIterator.hasNext())
|
|
{
|
|
Long id = idIterator.next();
|
|
batchIds.add(id);
|
|
|
|
if (batchIds.size() == batchSize || (! idIterator.hasNext()))
|
|
{
|
|
int batchDeletedCount = deleteAceEntities(batchIds);
|
|
|
|
totalDeletedCount = totalDeletedCount + batchDeletedCount;
|
|
batchIds.clear();
|
|
}
|
|
}
|
|
}
|
|
|
|
return totalDeletedCount;
|
|
}
|
|
|
|
protected abstract long createAceEntity(AceEntity entity);
|
|
protected abstract AceEntity getAceEntity(long aceEntityId);
|
|
protected abstract AceEntity getAceEntity(long permissionId, long authorityId, boolean allowed, ACEType type);
|
|
protected abstract List<Ace> getAceEntitiesByAuthority(long authorityId);
|
|
protected abstract List<Map<String, Object>> getAceAndAuthorityEntitiesByAcl(long idOfAcl);
|
|
protected abstract int deleteAceEntities(List<Long> aceIds);
|
|
|
|
//
|
|
// Permission
|
|
//
|
|
|
|
public Permission createPermission(PermissionReference permissionReference)
|
|
{
|
|
ParameterCheck.mandatory("permissionReference", permissionReference);
|
|
|
|
PermissionEntity entity = null;
|
|
|
|
// Get the persistent ID for the QName
|
|
Pair<Long, QName> qnamePair = qnameDAO.getOrCreateQName(permissionReference.getQName());
|
|
if (qnamePair != null)
|
|
{
|
|
Long qnameId = qnamePair.getFirst();
|
|
entity = new PermissionEntity(qnameId, permissionReference.getName());
|
|
|
|
entity.setVersion(0L);
|
|
|
|
Pair<Long, PermissionEntity> entityPair = permissionEntityCache.getOrCreateByValue(entity);
|
|
entity = entityPair.getSecond();
|
|
}
|
|
return entity;
|
|
}
|
|
|
|
public Permission getPermission(long id)
|
|
{
|
|
Pair<Long, PermissionEntity> entityPair = permissionEntityCache.getByKey(id);
|
|
if (entityPair == null)
|
|
{
|
|
return null;
|
|
}
|
|
return entityPair.getSecond();
|
|
}
|
|
|
|
public Permission getPermission(PermissionReference permissionReference)
|
|
{
|
|
return getPermissionImpl(permissionReference);
|
|
}
|
|
|
|
private PermissionEntity getPermissionImpl(PermissionReference permissionReference)
|
|
{
|
|
ParameterCheck.mandatory("permissionReference", permissionReference);
|
|
|
|
PermissionEntity entity = null;
|
|
|
|
// Get the persistent ID for the QName
|
|
Pair<Long, QName> qnamePair = qnameDAO.getOrCreateQName(permissionReference.getQName());
|
|
if (qnamePair != null)
|
|
{
|
|
Long qnameId = qnamePair.getFirst();
|
|
|
|
PermissionEntity permission = new PermissionEntity(qnameId, permissionReference.getName());
|
|
Pair<Long, PermissionEntity> entityPair = permissionEntityCache.getByValue(permission);
|
|
if (entityPair != null)
|
|
{
|
|
entity = entityPair.getSecond();
|
|
}
|
|
}
|
|
|
|
return entity;
|
|
}
|
|
|
|
private PermissionEntity getPermissionForUpdate(PermissionReference permissionReference)
|
|
{
|
|
PermissionEntity perm = getPermissionImpl(permissionReference);
|
|
|
|
PermissionEntity newPerm = new PermissionEntity();
|
|
newPerm.setId(perm.getId());
|
|
newPerm.setVersion(perm.getVersion());
|
|
newPerm.setTypeQNameId(perm.getTypeQNameId());
|
|
newPerm.setName(perm.getName());
|
|
|
|
return newPerm;
|
|
}
|
|
|
|
public Permission getOrCreatePermission(PermissionReference permissionReference)
|
|
{
|
|
Permission entity = getPermission(permissionReference);
|
|
if (entity == null)
|
|
{
|
|
entity = createPermission(permissionReference);
|
|
}
|
|
return entity;
|
|
}
|
|
|
|
public void renamePermission(QName oldTypeQName, String oldName, QName newTypeQName, String newName)
|
|
{
|
|
ParameterCheck.mandatory("oldTypeQName", oldTypeQName);
|
|
ParameterCheck.mandatory("oldName", oldName);
|
|
ParameterCheck.mandatory("newTypeQName", newTypeQName);
|
|
ParameterCheck.mandatory("newName", newName);
|
|
|
|
if (oldTypeQName.equals(newTypeQName) && oldName.equals(newName))
|
|
{
|
|
throw new IllegalArgumentException("Cannot move permission to itself: " + oldTypeQName + "-" + oldName);
|
|
}
|
|
|
|
SimplePermissionReference oldPermRef = SimplePermissionReference.getPermissionReference(oldTypeQName, oldName);
|
|
PermissionEntity permission = getPermissionForUpdate(oldPermRef);
|
|
if (permission != null)
|
|
{
|
|
Long newTypeQNameId = qnameDAO.getOrCreateQName(newTypeQName).getFirst();
|
|
permission.setTypeQNameId(newTypeQNameId);
|
|
permission.setName(newName);
|
|
|
|
int updated = permissionEntityCache.updateValue(permission.getId(), permission);
|
|
if (updated < 1)
|
|
{
|
|
aclEntityCache.removeByKey(permission.getId());
|
|
throw new ConcurrencyFailureException("PermissionEntity with ID (" + permission.getId() + ") no longer exists or has been updated concurrently");
|
|
}
|
|
}
|
|
}
|
|
|
|
public void deletePermission(long id)
|
|
{
|
|
Pair<Long, PermissionEntity> entityPair = permissionEntityCache.getByKey(id);
|
|
if (entityPair == null)
|
|
{
|
|
return;
|
|
}
|
|
|
|
int deleted = permissionEntityCache.deleteByKey(id);
|
|
if (deleted < 1)
|
|
{
|
|
aclEntityCache.removeByKey(id);
|
|
throw new ConcurrencyFailureException("PermissionEntity with ID " + id + " no longer exists");
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Callback for <b>alf_permission</b> DAO
|
|
*/
|
|
private class PermissionEntityCallbackDAO implements EntityLookupCallbackDAO<Long, PermissionEntity, PermissionEntity>
|
|
{
|
|
private final Pair<Long, PermissionEntity> convertEntityToPair(PermissionEntity entity)
|
|
{
|
|
if (entity == null)
|
|
{
|
|
return null;
|
|
}
|
|
else
|
|
{
|
|
return new Pair<Long, PermissionEntity>(entity.getId(), entity);
|
|
}
|
|
}
|
|
|
|
public PermissionEntity getValueKey(PermissionEntity value)
|
|
{
|
|
return value;
|
|
}
|
|
|
|
public Pair<Long, PermissionEntity> createValue(PermissionEntity value)
|
|
{
|
|
PermissionEntity entity = createPermissionEntity(value);
|
|
return convertEntityToPair(entity);
|
|
}
|
|
|
|
public Pair<Long, PermissionEntity> findByKey(Long key)
|
|
{
|
|
PermissionEntity entity = getPermissionEntity(key);
|
|
return convertEntityToPair(entity);
|
|
}
|
|
|
|
public Pair<Long, PermissionEntity> findByValue(PermissionEntity value)
|
|
{
|
|
if ((value == null) || (value.getName() == null) || (value.getTypeQNameId() == null))
|
|
{
|
|
throw new AlfrescoRuntimeException("Unexpected: PermissionEntity / name / qnameId must not be null");
|
|
}
|
|
return convertEntityToPair(getPermissionEntity(value.getTypeQNameId(), value.getName()));
|
|
}
|
|
|
|
public int updateValue(Long key, PermissionEntity value)
|
|
{
|
|
return updatePermissionEntity(value);
|
|
}
|
|
|
|
public int deleteByKey(Long key)
|
|
{
|
|
return deletePermissionEntity(key);
|
|
}
|
|
|
|
public int deleteByValue(PermissionEntity value)
|
|
{
|
|
throw new UnsupportedOperationException("deleteByValue");
|
|
}
|
|
}
|
|
|
|
protected abstract PermissionEntity createPermissionEntity(PermissionEntity entity);
|
|
protected abstract PermissionEntity getPermissionEntity(long id);
|
|
protected abstract PermissionEntity getPermissionEntity(long qnameId, String name);
|
|
protected abstract int updatePermissionEntity(PermissionEntity updateEntity);
|
|
protected abstract int deletePermissionEntity(long id);
|
|
|
|
//
|
|
// Authority
|
|
//
|
|
|
|
public Authority createAuthority(String authorityName)
|
|
{
|
|
ParameterCheck.mandatory("authorityName", authorityName);
|
|
|
|
AuthorityEntity entity = new AuthorityEntity();
|
|
entity.setAuthority(authorityName);
|
|
entity.setCrc(CrcHelper.getStringCrcPair(authorityName, 32, true, true).getSecond());
|
|
|
|
entity.setVersion(0L);
|
|
|
|
Pair<Long, AuthorityEntity> entityPair = authorityEntityCache.getOrCreateByValue(entity);
|
|
return entityPair.getSecond();
|
|
}
|
|
|
|
public Authority getAuthority(long id)
|
|
{
|
|
Pair<Long, AuthorityEntity> entityPair = authorityEntityCache.getByKey(id);
|
|
if (entityPair == null)
|
|
{
|
|
return null;
|
|
}
|
|
return entityPair.getSecond();
|
|
}
|
|
|
|
public Authority getAuthority(String authorityName)
|
|
{
|
|
return getAuthorityImpl(authorityName);
|
|
}
|
|
|
|
private AuthorityEntity getAuthorityImpl(String authorityName)
|
|
{
|
|
ParameterCheck.mandatory("authorityName", authorityName);
|
|
|
|
AuthorityEntity authority = new AuthorityEntity();
|
|
authority.setAuthority(authorityName);
|
|
|
|
Pair<Long, AuthorityEntity> entityPair = authorityEntityCache.getByValue(authority);
|
|
if (entityPair == null)
|
|
{
|
|
return null;
|
|
}
|
|
return entityPair.getSecond();
|
|
}
|
|
|
|
private AuthorityEntity getAuthorityForUpdate(String authorityName)
|
|
{
|
|
AuthorityEntity auth = getAuthorityImpl(authorityName);
|
|
|
|
if (auth == null)
|
|
{
|
|
return null;
|
|
}
|
|
|
|
AuthorityEntity newAuth = new AuthorityEntity();
|
|
newAuth.setId(auth.getId());
|
|
newAuth.setVersion(auth.getVersion());
|
|
newAuth.setAuthority(auth.getAuthority());
|
|
newAuth.setCrc(auth.getCrc());
|
|
return newAuth;
|
|
}
|
|
|
|
public Authority getOrCreateAuthority(String name)
|
|
{
|
|
Authority entity = getAuthority(name);
|
|
|
|
if (entity == null)
|
|
{
|
|
entity = createAuthority(name);
|
|
}
|
|
|
|
return entity;
|
|
}
|
|
|
|
public void renameAuthority(String before, String after)
|
|
{
|
|
ParameterCheck.mandatory("before", before);
|
|
ParameterCheck.mandatory("after", after);
|
|
|
|
AuthorityEntity entity = getAuthorityForUpdate(before);
|
|
|
|
if (entity != null)
|
|
{
|
|
entity.setAuthority(after);
|
|
entity.setCrc(CrcHelper.getStringCrcPair(after, 32, true, true).getSecond());
|
|
|
|
int updated = authorityEntityCache.updateValue(entity.getId(), entity);
|
|
if (updated < 1)
|
|
{
|
|
aclEntityCache.removeByKey(entity.getId());
|
|
throw new ConcurrencyFailureException("AuthorityEntity with ID (" + entity.getId() + ") no longer exists or has been updated concurrently");
|
|
}
|
|
}
|
|
}
|
|
|
|
public void deleteAuthority(long id)
|
|
{
|
|
Pair<Long, AuthorityEntity> entityPair = authorityEntityCache.getByKey(id);
|
|
if (entityPair == null)
|
|
{
|
|
return;
|
|
}
|
|
|
|
int deleted = authorityEntityCache.deleteByKey(id);
|
|
if (deleted < 1)
|
|
{
|
|
aclEntityCache.removeByKey(id);
|
|
throw new ConcurrencyFailureException("AuthorityEntity with ID " + id + " no longer exists");
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Callback for <b>alf_authority</b> DAO
|
|
*/
|
|
private class AuthorityEntityCallbackDAO implements EntityLookupCallbackDAO<Long, AuthorityEntity, String>
|
|
{
|
|
private final Pair<Long, AuthorityEntity> convertEntityToPair(AuthorityEntity entity)
|
|
{
|
|
if (entity == null)
|
|
{
|
|
return null;
|
|
}
|
|
else
|
|
{
|
|
return new Pair<Long, AuthorityEntity>(entity.getId(), entity);
|
|
}
|
|
}
|
|
|
|
public String getValueKey(AuthorityEntity value)
|
|
{
|
|
return value.getAuthority();
|
|
}
|
|
|
|
public Pair<Long, AuthorityEntity> createValue(AuthorityEntity value)
|
|
{
|
|
AuthorityEntity entity = createAuthorityEntity(value);
|
|
return convertEntityToPair(entity);
|
|
}
|
|
|
|
public Pair<Long, AuthorityEntity> findByKey(Long key)
|
|
{
|
|
AuthorityEntity entity = getAuthorityEntity(key);
|
|
return convertEntityToPair(entity);
|
|
}
|
|
|
|
public Pair<Long, AuthorityEntity> findByValue(AuthorityEntity value)
|
|
{
|
|
if ((value == null) || (value.getAuthority() == null))
|
|
{
|
|
throw new AlfrescoRuntimeException("Unexpected: AuthorityEntity / name must not be null");
|
|
}
|
|
return convertEntityToPair(getAuthorityEntity(value.getAuthority()));
|
|
}
|
|
|
|
public int updateValue(Long key, AuthorityEntity value)
|
|
{
|
|
return updateAuthorityEntity(value);
|
|
}
|
|
|
|
public int deleteByKey(Long key)
|
|
{
|
|
return deleteAuthorityEntity(key);
|
|
}
|
|
|
|
public int deleteByValue(AuthorityEntity value)
|
|
{
|
|
throw new UnsupportedOperationException("deleteByValue");
|
|
}
|
|
}
|
|
|
|
protected abstract AuthorityEntity createAuthorityEntity(AuthorityEntity entity);
|
|
protected abstract AuthorityEntity getAuthorityEntity(long id);
|
|
protected abstract AuthorityEntity getAuthorityEntity(String authorityName);
|
|
protected abstract int updateAuthorityEntity(AuthorityEntity updateEntity);
|
|
protected abstract int deleteAuthorityEntity(long id);
|
|
|
|
// ACE Context (NOTE: currently unused - intended for possible future enhancement)
|
|
|
|
protected abstract long createAceContextEntity(AceContextEntity entity);
|
|
protected abstract AceContextEntity getAceContextEntity(long aceContextId);
|
|
protected abstract int deleteAceContextEntity(long aceContextId);
|
|
|
|
|
|
//
|
|
// Authority Alias (NOTE: currently unused - intended for possible future enhancement)
|
|
//
|
|
|
|
protected abstract long createAuthorityAliasEntity(AuthorityAliasEntity entity);
|
|
protected abstract int deleteAuthorityAliasEntity(long id);
|
|
|
|
|
|
/* (non-Javadoc)
|
|
* @see org.alfresco.repo.domain.permissions.AclCrudDAO#getMaxChangeSetCommitTime()
|
|
*/
|
|
@Override
|
|
public Long getMaxChangeSetCommitTime()
|
|
{
|
|
Long time = selectMaxChangeSetCommitTime();
|
|
return (time == null ? 0L : time);
|
|
}
|
|
|
|
|
|
/**
|
|
* @return
|
|
*/
|
|
protected abstract Long selectMaxChangeSetCommitTime();
|
|
|
|
|
|
/* (non-Javadoc)
|
|
* @see org.alfresco.repo.domain.permissions.AclCrudDAO#getMaxChangeSetIdByCommitTime(long)
|
|
*/
|
|
@Override
|
|
public Long getMaxChangeSetIdByCommitTime(long maxCommitTime)
|
|
{
|
|
Long id = selectMaxChangeSetIdBeforeCommitTime(maxCommitTime);
|
|
return (id == null ? 0L : id);
|
|
}
|
|
|
|
/**
|
|
* @param maxCommitTime
|
|
* @return
|
|
*/
|
|
protected abstract Long selectMaxChangeSetIdBeforeCommitTime(long maxCommitTime);
|
|
}
|