inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-06-30 18:15:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
alfresco-community-repo/source/java/org/alfresco/repo/security/sync/ChainingUserRegistrySynchronizerTest.java
Dave Ward 890d3795ce Merged V3.3 to HEAD 
20440: RM: CapabilitiesTest.testDestroyRecordsCapability (MS SQL Server build) - use non-public nodeService
   20441: Include virtual tomcat in installers
   20442: Change bitrock builder version to use.
   20443: Merged BRANCHES/DEV/V3.3-BUG-FIX to BRANCHES/V3.3: (Fixed tabs and removed 'svn:executable' and 'svn:eol-style')
      20384: Merged BRANCHES/DEV/BELARUS/HEAD-2010_04_28 to BRANCHES/DEV/V3.3-BUG-FIX:
         20271: ALF-803: Asset Service Improvements
      20386: Merged V2.2 to V3.3-BUG-FIX
         20385: Merged DEV/BELARUS/V2.2-2010_04_06 to V2.2
            20379: V2.2-ALF-1888 AssociationQuery was corrected to filter ...
      20387: Version Migrator (ALF-1000) - approx x3 boost (policies ignore version2 store)
      20388: Merged BRANCHES/DEV/BELARUS/HEAD-2010_04_28 to BRANCHES/DEV/V3.3-BUG-FIX:
         20372: ALF-897: It is impossible to create content when default value selected in ContentHeadlineBackground field for intranet_rssi_landing_template web-form (also fixes ALF-2798 & ALF-791)
      20389: Merged BRANCHES/DEV/BELARUS/HEAD-2010_04_28 to BRANCHES/DEV/V3.3-BUG-FIX:
         20374: ALF-2723: WCM - Http 500 creating content via webform
      20394: Fix for ALF-2257 - It's impossible to find and add group at Records Manage Permissions page
      20396: Fixed ALF-2956 "XSS attack is made when a rule is being deleted"
      20397: Fix for ALF-922: Mysql does not support unique keys that contain nulls as one would expect
      20402: ALF-2186 : Rules not being fired on datalist items - because it's a zero byte file?
      20404: Fixed ALF-2109 "Rule doesn't apply to the files in sub-folders when 'Run rule for this folder and its subfolders' action was performed"
      20406: Fix for ALF-2985 - Share document library throws error if document modifier or creator is deleted from Alfresco
      20409: Improved FormServiceImplTest, added more content related tests and some edge case tests using the FDK model (this test needs to be manually enabled though as the FDK model is not available by default)
      20414: Merged DEV/BELARUS/HEAD-2010_04_28 to DEV/V3.3-BUG-FIX
         20401: ALF-2616: Serious Web Form layout performance issues on IE8. This fix contains:
      20427: Merged DEV/BELARUS/HEAD-2010_04_28 to DEV/V3.3-BUG-FIX
         20042: ALF-1523: Failed Kerberos SSO auth doesn't fail through, simply returns a blank page
         20323: ALF-1523: Failed Kerberos SSO auth doesn't fail through, simply returns a blank page
      20428: Merged DEV/BELARUS/HEAD-2010_04_28 to DEV/V3.3-BUG-FIX
         20417: ALF-736: WebDAV Folder Renaming fails on Mac but works on Windows.
      20430: Fix for ALF-2313 - Accessing a Doclib folder in Share which has a link to a deleted node fails
      20431: Version Migrator (ALF-1000) - migrate 1st batch independently
      20432: Fix for ALF-2327 - Can not have more than one Transfer Step in a disposal schedule
      20438: ALF-479: Merged DEV/BELARUS/V3.2-2010_01_11 to DEV/V3.3-BUG-FIX
         18448: ETHREEOH-4044: External Authentication Subsystem does not perform user mapping for WebDAV requests
   20444: Fix for ConcurrentModificationException in file server quota manager. ALF-2970.
   20445: Merged HEAD to BRANCHES/V3.3: (RECORD ONLY)
      20413: Added clean of quickr project
   20446: Changed version to 3.3.1dev
   20447: Merged V3.3-BUG-FIX to V3.3
      20294: Fixes: ALF-1020 & ALF-1013 for all views except agenda.
   20451: Merged V2.2 to V3.3
      20450: Merged DEV/BELARUS/V2.2-2010_04_06 to V2.2
         20412: ALF-1887: too easy to break alfresco - one can remove the guest user and recreate it but then access to RSS is broken
            - PersonServiceImpl.beforeDeleteNode prohibits attempts to delete a guest user.
   20452: Fix for transaction error from NFS server file expiry thread. ALF-3016.
   20458: ALF-2729 - rationalise (and deprecate) VersionLabelComparator
   20460: Fix for ALF-2430
      - AVM nodes are not checked for exclusion - the default ACLEntryVoter will always vote for AVM
      - avoids embedded AVM permission checks for getType/getAspect and anything else that may be added
      - seems AVM read is not checked upon "lookup" for the last node in the PATH (getType should have failed too)
   20466: Merged V2.2 to V3.3
      20243: (RECORD ONLY) ALF-2814: Merged V3.2 to V2.2
         17891: Merged DEV_TEMPORARY to V3.2
            17873: ETHREEOH-3810: WCM - Recursion detector erroring
   20467: Merged V3.1 to V3.3 (RECORD ONLY)
      20276: Incremented version label
      20275: ALF-2845: Merged V3.2 to V3.1
         17768: Merged DEV/BELARUS/V3.2-2009_11_24 to V3.2
            17758: ETHREEOH-3757: Oracle upgrade issue: failed "inviteEmailTemplate" patch - also causes subsequent patches to not be applied
      19573: Merged V3.2 to V3.1
         19539: Merged HEAD to V3.2
            19538: Build fix - fix build speed
   20468: Merged PATCHES/V3.2.r to V3.3 (RECORD ONLY)
      20357: Merged PATCHES/V3.2.0 to PATCHES/V3.2.r
         20349: Merged V3.3 to PATCHES/V3.2.0
            20346: ALF-2839: Node pre-loading generates needless resultset rows
               - Added missing Criteria.list() call
      20339: Incremented version label
      20338: Merged PATCHES/V3.2.0 to PATCHES/V3.2.r
         20280: Fixed ALF-2839: Node pre-loading generates needless resultset rows
            - Split Criteria query to retrieve properties and aspects separately
         20272: Backports to help fix ALF-2839: Node pre-loading generates needless resultset rows
            Merged BRANCHES/V3.2 to PATCHES/V3.2.0:
               18490: Added cache for alf_content_data
            Merged BRANCHES/DEV/V3.3-BUG-FIX to PATCHES/V3.2.0:
               20231: Fixed ALF-2784: Degradation of performance between 3.1.1 and 3.2x (observed in JSF)
         20266: Test reproduction of ALF-2839 failure: Node pre-loading generates needless resultset rows
   20469: Merged PATCHES/V3.1.2 to V3.3 (RECORD ONLY)
      20393: Eclipse classpath fix to avoid problems in JBoss
      20309: ALF-2777: PrimaryChildAssocCopyBehaviour from MOB-388 corrupts cm:name attributes of copied child nodes
         - Folded example behaviours from previous AMP into repository
         - Fixed PrimaryChildAssocCopyBehaviour to back-up and set the cm:name property on copied children
   20470: Merged PATCHES/V3.2.0 to V3.3 (RECORD ONLY)
      20465: Incremented version label
      20464: ALF-3060: Merged V3.2 to PATCHES/V3.2.0
         19920: Merged HEAD to BRANCHES/V3.2:
            19918: Fix ALF-2499 (Deleting a web project also deletes similarly named web projects - Potential Data Loss)
      20448: Merged DEV/V3.3-BUG-FIX to PATCHES/V3.2.0
         20414: Merged DEV/BELARUS/HEAD-2010_04_28 to DEV/V3.3-BUG-FIX
            20401: ALF-2616: Serious Web Form layout performance issues on IE8. This fix contains:
               a) X-UA-Compatible head tag with IE=EmulateIE7 value
               b) alfresco.ieVersion and alfresco.ieEngine in common.js
               c) recurseOnChildren in _updateDisplay
               d) Some performance modifications in xforms.js
      20350: Increment version label
      20349: Merged V3.3 to PATCHES/V3.2.0
         20346: ALF-2839: Node pre-loading generates needless resultset rows
            - Added missing Criteria.list() call
   20471: Fix for offline sync losing metadata properties, due to rename/delete of original file. ALF-575.
   20478: Merged HEAD to BRANCHES/V3.3: (RECORD ONLY)
      20477: Fix ALF-3086: CMIS checkin of a non-versionable document should make it versionable
   20479: ALF-2110: Make it possible to determine which person properties are synced via LDAP and hence immutable
      - Added Set<QName> UserRegistrySynchronizer.getPersonMappedProperties(String username)
      - UI/Services Fix to follow
   20481: Latest SpringSurf libs:
      - Fix for ALF-1518 - Added support for HTTP and HTTPS proxies for Surf application remote api calls - via the standard JVM cmd line properties such as -Dhttp.proxyHost=...
   20484: ALF-2886: LDAP sync defaults display names incorrectly and can't cope with DNs containing escaped trailing whitespace.
      - Had to work around a JDK bug in LDAP RDN parsing
   20486: Added case sensitive flag to the file state cache. Part of ALF-570.
   20487: Fix for copy/rename of folders causing file exists errors in some cases. ALF-570.
   20488: Fix ALF-680: Previously valid content models now fail with CMISAbstractDictionaryService$DictionaryRegistry exception
   20489: Uploaded correct version of spring source jars and reunited them with 3rd-party/.classpath
   20490: Fix for cannot delete folders via CIFS from Mac OSX, due to desktop actions. ALF-2553.
   20491: Merged DEV/TEMPORARY to V3.3 (With corrections)
      20485: ALF-2290: a HTTP GET request of a document redirects to the Home Location when using NTLM SSO
         The logic related to ADB-61 in NTLMAuthenticationFilter clears previous location and redirects request to default home location. NTLMAuthenticationFilter was changed to process GET requests to documents correctly. Now, fix to ADB-61 processes only “/faces” requests and GET requests to documents are processed correctly.
         The same fix was made to KerberosAuthenticationFilter
   20492: Fix ALF-680: Previously valid content models now fail with CMISAbstractDictionaryService$DictionaryRegistry exception
      - missing remove directory
   20493: Fix ALF-2837: ClassCastException in getProperties()
   20498: Fix for ALF-2818: Failure to close index writer under certain conditions.
      - fix for index writer to close indexes when stopped by exceptions during FTS
      - fix FTS job to handle exceptions better
      - debug for FTS background operations
   20499: ALF-3094: In ticket authenticate method in AuthenticationHelper, invalidate the current session if its cached ticket doesn't match
   20500: Fix for ALF-2858 "Zero KB sized bin files will be created in the contentstore when new sites are created" (RECORD ONLY)
   20503: AVMTestSuite: minor fixes to cleanup ctx usage (avoid re-loading)
   20505: Merged BRANCHES/V2.2 to BRANCHES/V3.3 (record-only)
      13859: (record-only) Removed dev from version label
      14003: (record-only) Updated version to 2.2.5dev
      14566: (record-only) ETWOTWO-1239 - remove workflow interpreter/console bootstrap
      14572: (record-only) ETWOTWO-1239 - fix PersonTest to fix JBPMEngineTest (part-sourced from r13247)
      14776: (record-only) Merged V3.1 to V2.2
         14748: ETHREEOH-2225 - WCM upgrade (performance improvements for MySQL)
   20506: NFS ReadDir/ReadDirPlus skips some folder entries. JLAN-98. 
   20507: Fixed issue with folder search resume id being reset to the wrong value during NFS folder search. Part of JLAN-98.
   20508: Merged BRANCHES/V3.2 to BRANCHES/V3.3:
      18319: Merged BRANCHES/DEV/BELARUS/V3.2-2010_01_11 to V3.2
         18273: ETHREEOH-3834: WCM: An extral .xml.html file is created when editing newly created content
      19182: Merged V3.1 to V3.2
         18423: ETHREEOH-3850 - Content Manager unable to edit content items if there is a lock on a generated rendition
         18432: (RECORD ONLY) Added FTP data port range configuration via <dataPorts>n:n</dataPorts> config value. ETHREEOH-4103.
         18451: (RECORD ONLY) Fixed incorrect FTP debug level name.
         18577: (RECORD ONLY) Fix for ETHREEOH-4117, based on CHK-11154
         18792: Fix ETHREEOH-2729:  Import of property with @ symbol in name fails with "start tag unexpected character @ "
      19570: ALF-192 / ALF-1750:  System Error if user trying submit web content based on web form which was deleted
      19583: Merged DEV/BELARUS/V3.2-2010_03_17 to V3.2
         19545: ALF-1954: Regression: same item can be submitted multiple times to workflow
      19725: AVMStoreDescriptor - fix minor typo (for debugging)
      19917: (RECORD ONLY) Merged HEAD to BRANCHES/V3.2:
         19880: Fix ALF-898 - WCM: Deleting a file leads to error (only if RM/DOD installed)
      19920: (RECORD ONLY) Merged HEAD to BRANCHES/V3.2:
         19918: Fix ALF-2499 (Deleting a web project also deletes similarly named web projects - Potential Data Loss)
   20509: Merged BRANCHES/V3.2 to BRANCHES/V3.3 (RECORD ONLY):
      19825: (RECORD ONLY) Merged PATCHES/V3.2.r to BRANCHES/V3.2: 
         19804: Merged PATCHES/V3.2.0 to PATCHES/V3.2.r 
            Merged HEAD to V3.2.0 
            ...
   20510: Merged BRANCHES/V3.1 to BRANCHES/V3.3 (RECORD ONLY)
      17482: (RECORD ONLY) Merged V3.2 to V3.1
         17478: Fix ETHREEOH-3340 - WCM - Revert to snapshot failure (fix AVM getListing -> AVMSync compare -> WCM revertSnapshot)
      18783: (RECORD ONLY) MT: ensure group (EMAIL_CONTRIBUTORS) bootstraps tenant admin user (when creating tenant)
   20513: Added port change example for remote Alfresco server to share-config-custom.xml.sample
   20518: ALF-657 Created tests to check that the 'runas' functionality works in the AlfrescoJavaScript action handler. Also modified the handler to run as the System user if no Authentication is currently set, as may occur if the action handler is being executed asynchronously.
   20519: ALF-657 Created tests to check that the 'runas' functionality works in the AlfrescoJavaScript action handler. Also modified the handler to run as the System user if no Authentication is currently set, as may occur if the action handler is being executed asynchronously.
   20520: Removed dev version.label
   20522: ALF-3129: Map cm:organization property in LDAP as well as cm:organizationId, since cm:organization is what shows up in JSF and Share. Needed by ALF-2110.
   20523: First part of fix for ALF-2110:
      - Appropriate Person and webframework metadata APIs now return information on immutability of Person properties (as some properties are immutable when synced to LDAP etc.)
      - Share client  now correctly disables profile fields in User Profile and Admin User Console as appropriate based on individual user property mutability
      - Change Password button now correctly enabled/disabled based on account mutability
   20524: VersionMigrator - option to run as scheduled job (ALF-1000)
   20525: Fix for various IE6 CSS issues:
      ALF-3047 - It's impossible to destinate any action with data list item (IE6 specific)
      ALF-3049 - Incorrect layout of Manage aspects page
      ALF-3050 - Incorrect layout of Assign Workflow form
   20526: Fix for ALF-2915 - Select > None feature for Data Lists not working across multiple pages in IE
      Closed ALF-2846 - DataList UI not fully I18Ned [Old prototype code]
   20527: Fix for ALF-3082 - There is no Edit Offline action at Details page in Share site
   20528: Fix various script errors due to typo:
      ALF-3088 - Script error occurs on creating duplicated record seria
      ALF-3012 - Incorrect behaviour on creating duplicating folders
      ALF-3004 - Script error when submitting an item with long data in Prioprity field
   20529: Fix for ALF-3006 - Selected Items > Copy to... and Move to actions not working in Document Library
   20530: Dynamic Models - fix test(s)
      - fix concurrency test for Oracle build (retry if txn lock cannot be acquired)
      - when getting deployed models, skip if invalid (eg. cannot be parsed)
   20536: Remove @Override (ALF-657)
   20537: Activities - (minor) fix NPE for Oracle build/test
   20543: Final part of ALF-2110 - Appropriate person properties disabled for editing in Explorer Client if external mapped sync such as LDAP is used.
      Fixed issue with Change Password option being disabled incorrectly.
   20544: Follow-up fix to r20528
   20546: Fix for ALF-3151 - Freemarker causes NPE while deploying 3.3 enterprise onto WebSphere 7.0.0.7
      - NOTE: will need to submit patch to freemarker.org
   20552: Merged BRANCHES/V3.2 to BRANCHES/V3.3 (RECORD ONLY)
      20551: (RECORD ONLY) Merged BRANCHES/V3.3 to BRANCHES/V3.2:
         20090: Dynamic models: minor improvements to DictionaryModelType
   20553: Fix for escalated issue ALF-2856: Space returns to browse view after completing Add Content dialog; need a way to return to custom view (applied patch provided by customer).
   20554: Improvement to model delete validation (investigating intermittent failure of RepoAdminServiceImplTest.testSimpleDynamicModelViaNodeService)
   20558: Merged DEV/BELARUS/V3.3-2010_06_08 to V3.3
      20550: ALF-922: Mysql does not support unique keys that contain nulls as one would expect ...... duplicates in the alf_access_control_entry table
   20562: ALF-3177 - security fix.
   20563: Merged BRANCHES/V3.2 to BRANCHES/V3.3:
      19412: Fix for ALF-865 "WCM / Cluster: unexpected error when concurrently submitting content"
         ALF-862 "WCM submit execution will require locking in a clustered WCM authoring env"
   20564: Merged BRANCHES/V3.1 to BRANCHES/V3.3:
      20542: Fixed ALF-3152: ImporterComponent transaction retry settings can cause IllegalArgumentException
   20568: Follow-up on fix ALF-3152.  Fix jobLockService's retryWaitIncrementMs


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@20572 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2010-06-09 14:53:24 +00:00

1012 lines
36 KiB
Java
Raw Blame History

/*
* Copyright (C) 2005-2010 Alfresco Software Limited.
*
* This file is part of Alfresco
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
*/
package org.alfresco.repo.security.sync;
import java.util.AbstractCollection;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Random;
import java.util.Set;
import junit.framework.TestCase;
import org.alfresco.model.ContentModel;
import org.alfresco.repo.management.subsystems.ChildApplicationContextManager;
import org.alfresco.repo.security.authentication.AuthenticationContext;
import org.alfresco.repo.transaction.RetryingTransactionHelper;
import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.security.AuthorityService;
import org.alfresco.service.cmr.security.AuthorityType;
import org.alfresco.service.cmr.security.PersonService;
import org.alfresco.service.namespace.QName;
import org.alfresco.util.GUID;
import org.alfresco.util.PropertyMap;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;
import org.springframework.context.support.StaticApplicationContext;
/**
* Tests the {@link ChainingUserRegistrySynchronizer} using a simulated {@link UserRegistry}.
*
* @author dward
*/
public class ChainingUserRegistrySynchronizerTest extends TestCase
{
/** The context locations, in reverse priority order. */
private static final String[] CONFIG_LOCATIONS =
{
"classpath:alfresco/application-context.xml", "classpath:sync-test-context.xml"
};
/** The Spring application context. */
private static ApplicationContext context = new ClassPathXmlApplicationContext(
ChainingUserRegistrySynchronizerTest.CONFIG_LOCATIONS);
/** The synchronizer we are testing. */
private UserRegistrySynchronizer synchronizer;
/** The application context manager. */
private MockApplicationContextManager applicationContextManager;
/** The person service. */
private PersonService personService;
/** The authority service. */
private AuthorityService authorityService;
/** The node service. */
private NodeService nodeService;
/** The authentication context. */
private AuthenticationContext authenticationContext;
/** The retrying transaction helper. */
private RetryingTransactionHelper retryingTransactionHelper;
/*
* (non-Javadoc)
* @see junit.framework.TestCase#setUp()
*/
@Override
protected void setUp() throws Exception
{
this.synchronizer = (UserRegistrySynchronizer) ChainingUserRegistrySynchronizerTest.context
.getBean("testUserRegistrySynchronizer");
this.applicationContextManager = (MockApplicationContextManager) ChainingUserRegistrySynchronizerTest.context
.getBean("testApplicationContextManager");
this.personService = (PersonService) ChainingUserRegistrySynchronizerTest.context.getBean("personService");
this.authorityService = (AuthorityService) ChainingUserRegistrySynchronizerTest.context
.getBean("authorityService");
this.nodeService = (NodeService) ChainingUserRegistrySynchronizerTest.context.getBean("nodeService");
this.authenticationContext = (AuthenticationContext) ChainingUserRegistrySynchronizerTest.context
.getBean("authenticationContext");
this.authenticationContext.setSystemUserAsCurrentUser();
this.retryingTransactionHelper = (RetryingTransactionHelper) ChainingUserRegistrySynchronizerTest.context
.getBean("retryingTransactionHelper");
}
/*
* (non-Javadoc)
* @see junit.framework.TestCase#tearDown()
*/
@Override
protected void tearDown() throws Exception
{
this.authenticationContext.clearCurrentSecurityContext();
}
/**
* Sets up the test users and groups in three zones, "Z0", "Z1" and "Z2", by doing a forced synchronize with a Mock
* user registry. Note that the zones have some overlapping entries. "Z0" is not used in subsequent synchronizations
* and is used to test that users and groups in zones that aren't in the authentication chain get 're-zoned'
* appropriately. The layout is as follows
*
* <pre>
* Z0
* G1
* U6
*
* Z1
* G2 - U1, G3 - U2, G4, G5
*
* Z2
* G2 - U1, U3, U4
* G6 - U3, U4, G7 - U5
* </pre>
*
* @throws Exception
* the exception
*/
private void setUpTestUsersAndGroups() throws Exception
{
this.applicationContextManager.setUserRegistries(new MockUserRegistry("Z0", new NodeDescription[]
{
newPerson("U6")
}, new NodeDescription[]
{
newGroup("G1")
}), new MockUserRegistry("Z1", new NodeDescription[]
{
newPerson("U1"), newPerson("U2"), newPerson("U7")
}, new NodeDescription[]
{
newGroup("G2", "U1", "G3"), newGroup("G3", "U2", "G4", "G5"), newGroup("G4"), newGroup("G5")
}), new MockUserRegistry("Z2", new NodeDescription[]
{
newPerson("U1"), newPerson("U3"), newPerson("U4"), newPerson("U5")
}, new NodeDescription[]
{
newGroup("G2", "U1", "U3", "U4"), newGroup("G6", "U3", "U4", "G7"), newGroup("G7", "U5")
}));
this.synchronizer.synchronize(true, true, true);
this.retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback<Object>()
{
public Object execute() throws Throwable
{
assertExists("Z0", "U6");
assertExists("Z0", "G1");
assertExists("Z1", "U1");
assertExists("Z1", "U2");
assertExists("Z1", "G2", "U1", "G3");
assertExists("Z1", "G3", "U2", "G4", "G5");
assertExists("Z1", "G4");
assertExists("Z1", "G5");
assertExists("Z2", "U3");
assertExists("Z2", "U4");
assertExists("Z2", "U5");
assertExists("Z2", "G6", "U3", "U4", "G7");
assertExists("Z2", "G7", "U5");
return null;
}
}, false, true);
}
/**
* Tear down test users and groups.
*
* @throws Exception
* the exception
*/
public void tearDownTestUsersAndGroups() throws Exception
{
// Wipe out everything that was in Z1 and Z2
this.applicationContextManager.setUserRegistries(new MockUserRegistry("Z0", new NodeDescription[] {},
new NodeDescription[] {}), new MockUserRegistry("Z1", new NodeDescription[] {},
new NodeDescription[] {}), new MockUserRegistry("Z2", new NodeDescription[] {},
new NodeDescription[] {}));
this.synchronizer.synchronize(true, true, true);
this.retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback<Object>()
{
public Object execute() throws Throwable
{
assertNotExists("U1");
assertNotExists("U2");
assertNotExists("U3");
assertNotExists("U4");
assertNotExists("U5");
assertNotExists("U6");
assertNotExists("U7");
assertNotExists("G1");
assertNotExists("G2");
assertNotExists("G3");
assertNotExists("G4");
assertNotExists("G5");
assertNotExists("G6");
assertNotExists("G7");
return null;
}
}, false, true);
}
/**
* Tests a differential update of the test users and groups. The layout is as follows
*
* <pre>
* Z1
* G1 - U1, U6
* G2 - U1
* G3 - U2, G4, G5 - U6
*
* Z2
* G2 - U1, U3, U4, U6
* G6 - U3, U4, G7
* </pre>
*
* @throws Exception
* the exception
*/
public void testDifferentialUpdate() throws Exception
{
setUpTestUsersAndGroups();
this.applicationContextManager.removeZone("Z0");
this.applicationContextManager.updateZone("Z1", new NodeDescription[]
{
newPerson("U1", "changeofemail@alfresco.com"), newPerson("U6"), newPerson("U7")
}, new NodeDescription[]
{
newGroup("G1", "U1", "U6", "UDangling"), newGroup("G2", "U1", "GDangling"), newGroupWithDisplayName("G5", "Amazing Group", "U6", "U7", "G4")
});
this.applicationContextManager.updateZone("Z2", new NodeDescription[]
{
newPerson("U1", "shouldbeignored@alfresco.com"), newPerson("U5", "u5email@alfresco.com"), newPerson("U6")
}, new NodeDescription[]
{
newGroup("G2", "U1", "U3", "U4", "U6"), newGroup("G7")
});
this.retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback<Object>()
{
public Object execute() throws Throwable
{
ChainingUserRegistrySynchronizerTest.this.synchronizer.synchronize(false, false, false);
// Stay in the same transaction
assertExists("Z1", "U1");
assertEmailEquals("U1", "changeofemail@alfresco.com");
assertExists("Z1", "U2");
assertExists("Z1", "U6");
assertExists("Z1", "U7");
assertExists("Z1", "G1", "U1", "U6");
assertExists("Z1", "G2", "U1");
assertExists("Z1", "G3", "U2", "G4", "G5");
assertExists("Z1", "G4");
assertExists("Z1", "G5", "U6", "U7", "G4");
assertGroupDisplayNameEquals("G5", "Amazing Group");
assertExists("Z2", "U3");
assertExists("Z2", "U4");
assertExists("Z2", "U5");
assertEmailEquals("U5", "u5email@alfresco.com");
assertExists("Z2", "G6", "U3", "U4", "G7");
assertExists("Z2", "G7");
return null;
}
});
tearDownTestUsersAndGroups();
}
/**
* Tests a forced update of the test users and groups. Also tests that groups and users that previously existed in
* Z2 get moved when they appear in Z1. Also tests that 'dangling references' to removed users (U4, U5) do not cause
* any problems. Also tests that case-sensitivity is not a problem when an occluded user is recreated with different
* case. The layout is as follows
*
* <pre>
* Z1
* G1 - U6
* G2 -
* G3 - U2, G5 - U6
* G6 - u3
*
* Z2
* G2 - U1, U3, U6
* G6 - U3, G7
* </pre>
*
* @throws Exception
* the exception
*/
public void testForcedUpdate() throws Exception
{
setUpTestUsersAndGroups();
this.applicationContextManager.setUserRegistries(new MockUserRegistry("Z1", new NodeDescription[]
{
newPerson("U2"), newPerson("u3"), newPerson("U6")
}, new NodeDescription[]
{
newGroup("G1", "U6"), newGroup("G2"), newGroup("G3", "U2", "G5"), newGroup("G5", "U6"),
newGroup("G6", "u3")
}), new MockUserRegistry("Z2", new NodeDescription[]
{
newPerson("U1", "somenewemail@alfresco.com"), newPerson("U3"), newPerson("U6")
}, new NodeDescription[]
{
newGroup("G2", "U1", "U3", "U4", "U6"), newGroup("G6", "U3", "U4", "G7"),
newGroupWithDisplayName("G7", "Late Arrival", "U4", "U5")
}));
this.synchronizer.synchronize(true, true, true);
this.retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback<Object>()
{
public Object execute() throws Throwable
{
assertExists("Z1", "U2");
assertExists("Z1", "u3");
assertExists("Z1", "U6");
assertExists("Z1", "G1", "U6");
assertExists("Z1", "G2");
assertExists("Z1", "G3", "U2", "G5");
assertNotExists("G4");
assertExists("Z1", "G5", "U6");
assertExists("Z1", "G6", "u3");
assertExists("Z2", "U1");
assertEmailEquals("U1", "somenewemail@alfresco.com");
assertNotExists("U4");
assertNotExists("U5");
assertExists("Z2", "G7");
assertGroupDisplayNameEquals("G7", "Late Arrival");
return null;
}
}, false, true);
tearDownTestUsersAndGroups();
}
/**
* Tests synchronization with a zone with a larger volume of authorities.
*
* @throws Exception
* the exception
*/
public void testVolume() throws Exception
{
List<NodeDescription> persons = new ArrayList<NodeDescription>(new RandomPersonCollection(100));
List<NodeDescription> groups = new ArrayList<NodeDescription>(new RandomGroupCollection(50, persons));
this.applicationContextManager.setUserRegistries(new MockUserRegistry("Z0", persons, groups));
this.synchronizer.synchronize(true, true, true);
tearDownTestUsersAndGroups();
}
/**
* Tests synchronization of group associations in a zone with a larger volume of authorities.
*
* @throws Exception
* the exception
*/
public void dontTestAssocs() throws Exception
{
List<NodeDescription> groups = this.retryingTransactionHelper.doInTransaction(
new RetryingTransactionCallback<List<NodeDescription>>()
{
public List<NodeDescription> execute() throws Throwable
{
return new ArrayList<NodeDescription>(new RandomGroupCollection(1000,
ChainingUserRegistrySynchronizerTest.this.authorityService.getAllAuthoritiesInZone(
AuthorityService.ZONE_AUTH_EXT_PREFIX + "Z0", null)));
}
}, true, true);
ChainingUserRegistrySynchronizerTest.this.applicationContextManager.setUserRegistries(new MockUserRegistry(
"Z0", Collections.<NodeDescription> emptyList(), groups));
ChainingUserRegistrySynchronizerTest.this.synchronizer.synchronize(true, true, true);
tearDownTestUsersAndGroups();
}
/**
* Constructs a description of a test group.
*
* @param name
* the name
* @param members
* the members
* @return the node description
*/
private NodeDescription newGroup(String name, String... members)
{
return newGroupWithDisplayName(name, name, members);
}
/**
* Constructs a description of a test group with a display name.
*
* @param name
* the name
* @param displayName
* the display name
* @param members
* the members
* @return the node description
*/
private NodeDescription newGroupWithDisplayName(String name, String displayName, String... members)
{
String longName = longName(name);
NodeDescription group = new NodeDescription(longName);
PropertyMap properties = group.getProperties();
properties.put(ContentModel.PROP_AUTHORITY_NAME, longName);
properties.put(ContentModel.PROP_AUTHORITY_DISPLAY_NAME, displayName);
if (members.length > 0)
{
Set<String> assocs = group.getChildAssociations();
for (String member : members)
{
assocs.add(longName(member));
}
}
group.setLastModified(new Date());
return group;
}
/**
* Constructs a description of a test person with default email (userName@alfresco.com)
*
* @param userName
* the user name
* @return the node description
*/
private NodeDescription newPerson(String userName)
{
return newPerson(userName, userName + "@alfresco.com");
}
/**
* Constructs a description of a test person with a given email.
*
* @param userName
* the user name
* @param email
* the email
* @return the node description
*/
private NodeDescription newPerson(String userName, String email)
{
NodeDescription person = new NodeDescription(userName);
PropertyMap properties = person.getProperties();
properties.put(ContentModel.PROP_USERNAME, userName);
properties.put(ContentModel.PROP_FIRSTNAME, userName + "F");
properties.put(ContentModel.PROP_LASTNAME, userName + "L");
properties.put(ContentModel.PROP_EMAIL, email);
person.setLastModified(new Date());
return person;
}
/**
* Perform all the necessary assertions to ensure that an authority and its members exist in the correct zone.
*
* @param zone
* the zone
* @param name
* the name
* @param members
* the members
*/
private void assertExists(String zone, String name, String... members)
{
String longName = longName(name);
// Check authority exists
assertTrue(this.authorityService.authorityExists(longName));
// Check in correct zone
assertTrue(this.authorityService.getAuthorityZones(longName).contains(
AuthorityService.ZONE_AUTH_EXT_PREFIX + zone));
if (AuthorityType.getAuthorityType(longName).equals(AuthorityType.GROUP))
{
// Check groups have expected members
Set<String> memberSet = new HashSet<String>(members.length * 2);
for (String member : members)
{
memberSet.add(longName(member));
}
assertEquals(memberSet, this.authorityService.getContainedAuthorities(null, longName, true));
}
else
{
// Check users exist as persons
assertTrue(this.personService.personExists(name));
}
}
/**
* Perform all the necessary assertions to ensure that an authority does not exist.
*
* @param name
* the name
*/
private void assertNotExists(String name)
{
String longName = longName(name);
// Check authority does not exist
assertFalse(this.authorityService.authorityExists(longName));
// Check there is no zone
assertNull(this.authorityService.getAuthorityZones(longName));
if (!AuthorityType.getAuthorityType(longName).equals(AuthorityType.GROUP))
{
// Check person does not exist
assertFalse(this.personService.personExists(name));
}
}
/**
* Asserts that a person's email has the expected value.
*
* @param personName
* the person name
* @param email
* the email
*/
private void assertEmailEquals(String personName, String email)
{
NodeRef personRef = this.personService.getPerson(personName);
assertEquals(email, this.nodeService.getProperty(personRef, ContentModel.PROP_EMAIL));
}
/**
* Asserts that a group's display name has the expected value.
*
* @param personName
* the person name
* @param email
* the email
*/
private void assertGroupDisplayNameEquals(String name, String displayName)
{
assertEquals(displayName, this.authorityService.getAuthorityDisplayName(longName(name)));
}
/**
* Converts the given short name to a full authority name, assuming that those short names beginning with 'G'
* correspond to groups and all others correspond to users.
*
* @param shortName
* the short name
* @return the full authority name
*/
private String longName(String shortName)
{
return this.authorityService.getName(shortName.startsWith("G") ? AuthorityType.GROUP : AuthorityType.USER,
shortName);
}
/**
* A Mock {@link UserRegistry} that returns a fixed set of users and groups.
*/
public static class MockUserRegistry implements UserRegistry
{
/** The zone id. */
private String zoneId;
/** The persons. */
private Collection<NodeDescription> persons;
/** The groups. */
private Collection<NodeDescription> groups;
/**
* Instantiates a new mock user registry.
*
* @param zoneId
* the zone id
* @param persons
* the persons
* @param groups
* the groups
*/
public MockUserRegistry(String zoneId, Collection<NodeDescription> persons, Collection<NodeDescription> groups)
{
this.zoneId = zoneId;
this.persons = persons;
this.groups = groups;
}
/**
* Modifies the state to match the arguments. Compares new with old and records new modification dates only for
* changes.
*
* @param persons
* the persons
* @param groups
* the groups
*/
public void updateState(Collection<NodeDescription> persons, Collection<NodeDescription> groups)
{
List<NodeDescription> newPersons = new ArrayList<NodeDescription>(this.persons);
mergeNodeDescriptions(newPersons, persons, ContentModel.PROP_USERNAME);
this.persons = newPersons;
List<NodeDescription> newGroups = new ArrayList<NodeDescription>(this.groups);
mergeNodeDescriptions(newGroups, groups, ContentModel.PROP_AUTHORITY_NAME);
this.groups = newGroups;
}
/**
* Merges together an old and new list of node descriptions. Retains the old node with its old modification date
* if it is the same in the new list, otherwises uses the node from the new list.
*
* @param oldNodes
* the old node list
* @param newNodes
* the new node list
* @param idProp
* the name of the ID property
*/
private void mergeNodeDescriptions(List<NodeDescription> oldNodes, Collection<NodeDescription> newNodes,
QName idProp)
{
Map<String, NodeDescription> nodeMap = new LinkedHashMap<String, NodeDescription>(newNodes.size() * 2);
for (NodeDescription node : newNodes)
{
nodeMap.put((String) node.getProperties().get(idProp), node);
}
for (int i = 0; i < oldNodes.size(); i++)
{
NodeDescription oldNode = oldNodes.get(i);
String id = (String) oldNode.getProperties().get(idProp);
NodeDescription newNode = nodeMap.remove(id);
if (newNode == null)
{
oldNodes.remove(i);
i--;
}
else if (!oldNode.getProperties().equals(newNode.getProperties())
|| !oldNode.getChildAssociations().equals(newNode.getChildAssociations()))
{
oldNodes.set(i, newNode);
}
}
oldNodes.addAll(nodeMap.values());
}
/**
* Instantiates a new mock user registry.
*
* @param zoneId
* the zone id
* @param persons
* the persons
* @param groups
* the groups
*/
public MockUserRegistry(String zoneId, NodeDescription[] persons, NodeDescription[] groups)
{
this(zoneId, Arrays.asList(persons), Arrays.asList(groups));
}
/**
* Gets the zone id.
*
* @return the zoneId
*/
public String getZoneId()
{
return this.zoneId;
}
/*
* (non-Javadoc)
* @see org.alfresco.repo.security.sync.UserRegistry#processDeletions(java.util.Set)
*/
public void processDeletions(Set<String> candidateAuthoritiesForDeletion)
{
for (NodeDescription person : this.persons)
{
candidateAuthoritiesForDeletion.remove(person.getProperties().get(ContentModel.PROP_USERNAME));
}
for (NodeDescription group : this.groups)
{
candidateAuthoritiesForDeletion.remove(group.getProperties().get(ContentModel.PROP_AUTHORITY_NAME));
}
}
/*
* (non-Javadoc)
* @see org.alfresco.repo.security.sync.UserRegistry#getGroups(java.util.Date)
*/
public Collection<NodeDescription> getGroups(Date modifiedSince)
{
return filterNodeDescriptions(this.groups, modifiedSince);
}
/**
* Filters the given list of node descriptions, retaining only those with a modification date greater than the
* given date.
*
* @param nodes
* the list of nodes
* @param modifiedSince
* the modified date
* @return the filter list of nodes
*/
private Collection<NodeDescription> filterNodeDescriptions(Collection<NodeDescription> nodes, Date modifiedSince)
{
if (modifiedSince == null)
{
return nodes;
}
List<NodeDescription> filteredNodes = new LinkedList<NodeDescription>();
for (NodeDescription node : nodes)
{
Date modified = node.getLastModified();
if (modifiedSince.compareTo(modified) < 0)
{
filteredNodes.add(node);
}
}
return filteredNodes;
}
/*
* (non-Javadoc)
* @see org.alfresco.repo.security.sync.UserRegistry#getPersons(java.util.Date)
*/
public Collection<NodeDescription> getPersons(Date modifiedSince)
{
return filterNodeDescriptions(this.persons, modifiedSince);
}
/* (non-Javadoc)
* @see org.alfresco.repo.security.sync.UserRegistry#getPersonMappedProperties()
*/
public Set<QName> getPersonMappedProperties()
{
return new HashSet<QName>(Arrays.asList(new QName[]
{
ContentModel.PROP_USERNAME, ContentModel.PROP_FIRSTNAME, ContentModel.PROP_LASTNAME,
ContentModel.PROP_EMAIL, ContentModel.PROP_ORGID, ContentModel.PROP_HOME_FOLDER_PROVIDER
}));
}
}
/**
* An {@link ChildApplicationContextManager} for a chain of application contexts containing mock user registries.
*/
public static class MockApplicationContextManager implements ChildApplicationContextManager
{
/** The contexts. */
private Map<String, ApplicationContext> contexts = Collections.emptyMap();
/**
* Sets the user registries.
*
* @param registries
* the new user registries
*/
public void setUserRegistries(MockUserRegistry... registries)
{
this.contexts = new LinkedHashMap<String, ApplicationContext>(registries.length * 2);
for (MockUserRegistry registry : registries)
{
StaticApplicationContext context = new StaticApplicationContext();
context.getDefaultListableBeanFactory().registerSingleton("userRegistry", registry);
this.contexts.put(registry.getZoneId(), context);
}
}
/**
* Removes the application context for the given zone ID (simulating a change in the authentication chain).
*
* @param zoneId
* the zone id
*/
public void removeZone(String zoneId)
{
this.contexts.remove(zoneId);
}
/**
* Updates the state of the given zone ID, oopying in new modification dates only where changes have been made.
*
* @param zoneId
* the zone id
* @param persons
* the new list of persons
* @param groups
* the new list of groups
*/
public void updateZone(String zoneId, NodeDescription[] persons, NodeDescription[] groups)
{
ApplicationContext context = this.contexts.get(zoneId);
MockUserRegistry registry = (MockUserRegistry) context.getBean("userRegistry");
registry.updateState(Arrays.asList(persons), Arrays.asList(groups));
}
/*
* (non-Javadoc)
* @see
* org.alfresco.repo.management.subsystems.ChildApplicationContextManager#getApplicationContext(java.lang.String
* )
*/
public ApplicationContext getApplicationContext(String id)
{
return this.contexts.get(id);
}
/*
* (non-Javadoc)
* @see org.alfresco.repo.management.subsystems.ChildApplicationContextManager#getInstanceIds()
*/
public Collection<String> getInstanceIds()
{
return this.contexts.keySet();
}
}
/**
* A collection whose iterator returns randomly generated persons.
*/
public class RandomPersonCollection extends AbstractCollection<NodeDescription>
{
/** The collection size. */
private final int size;
/**
* The Constructor.
*
* @param size
* the collection size
*/
public RandomPersonCollection(int size)
{
this.size = size;
}
/*
* (non-Javadoc)
* @see java.util.AbstractCollection#iterator()
*/
@Override
public Iterator<NodeDescription> iterator()
{
return new Iterator<NodeDescription>()
{
private int pos;
public boolean hasNext()
{
return this.pos < RandomPersonCollection.this.size;
}
public NodeDescription next()
{
this.pos++;
return newPerson("U" + GUID.generate());
}
public void remove()
{
throw new UnsupportedOperationException();
}
};
}
/*
* (non-Javadoc)
* @see java.util.AbstractCollection#size()
*/
@Override
public int size()
{
return this.size;
}
}
/**
* A collection whose iterator returns randomly generated groups with random associations to a given list of
* persons.
*/
public class RandomGroupCollection extends AbstractCollection<NodeDescription>
{
/** Use a fixed seed to give this class deterministic behaviour */
private Random generator = new Random(1628876500L);
/** The collection size. */
private final int size;
/** The authorities. */
private final List<String> authorities;
/**
* The Constructor.
*
* @param size
* the collection size
* @param authorities
* the authorities
*/
public RandomGroupCollection(int size, Set<String> authorities)
{
this.size = size;
this.authorities = new ArrayList<String>(authorities);
}
/**
* The Constructor.
*
* @param size
* the collection size
* @param authorities
* the authorities
*/
public RandomGroupCollection(int size, Collection<NodeDescription> persons)
{
this.size = size;
this.authorities = new ArrayList<String>(persons.size());
for (NodeDescription nodeDescription : persons)
{
this.authorities.add((String) nodeDescription.getProperties().get(ContentModel.PROP_USERNAME));
}
}
/*
* (non-Javadoc)
* @see java.util.AbstractCollection#iterator()
*/
@Override
public Iterator<NodeDescription> iterator()
{
return new Iterator<NodeDescription>()
{
private int pos;
public boolean hasNext()
{
return this.pos < RandomGroupCollection.this.size;
}
public NodeDescription next()
{
this.pos++;
String[] authorityNames = new String[17];
for (int i = 0; i < authorityNames.length; i++)
{
// Choose an authority at random from the list of known authorities
int index = RandomGroupCollection.this.generator.nextInt(RandomGroupCollection.this.authorities
.size());
authorityNames[i] = ChainingUserRegistrySynchronizerTest.this.authorityService
.getShortName((String) RandomGroupCollection.this.authorities.get(index));
}
NodeDescription group = newGroup("G" + GUID.generate(), authorityNames);
// Make this group a candidate for adding to other groups
RandomGroupCollection.this.authorities.add((String) group.getProperties().get(
ContentModel.PROP_AUTHORITY_NAME));
return group;
}
public void remove()
{
throw new UnsupportedOperationException();
}
};
}
/*
* (non-Javadoc)
* @see java.util.AbstractCollection#size()
*/
@Override
public int size()
{
return this.size;
}
}
}
Reference in New Issue View Git Blame Copy Permalink