From 94770717299bb95601013112d373423a02f7d8c0 Mon Sep 17 00:00:00 2001 From: AFaust Date: Mon, 1 Feb 2021 19:09:26 +0100 Subject: [PATCH] Update actual user object, not just session attribute --- .../share/web/UserGroupsLoadFilter.java | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/share/src/main/java/de/acosix/alfresco/keycloak/share/web/UserGroupsLoadFilter.java b/share/src/main/java/de/acosix/alfresco/keycloak/share/web/UserGroupsLoadFilter.java index ca6354c..68919e9 100644 --- a/share/src/main/java/de/acosix/alfresco/keycloak/share/web/UserGroupsLoadFilter.java +++ b/share/src/main/java/de/acosix/alfresco/keycloak/share/web/UserGroupsLoadFilter.java @@ -27,6 +27,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpSession; import org.alfresco.util.PropertyCheck; +import org.alfresco.web.site.SlingshotUserFactory; import org.alfresco.web.site.servlet.SlingshotLoginController; import org.json.simple.JSONArray; import org.json.simple.JSONObject; @@ -37,6 +38,7 @@ import org.slf4j.LoggerFactory; import org.springframework.beans.factory.InitializingBean; import org.springframework.extensions.config.ConfigElement; import org.springframework.extensions.config.ConfigService; +import org.springframework.extensions.surf.UserFactory; import org.springframework.extensions.surf.exception.ConnectorServiceException; import org.springframework.extensions.surf.site.AuthenticationUtil; import org.springframework.extensions.surf.support.AlfrescoUserFactory; @@ -47,6 +49,7 @@ import org.springframework.extensions.webscripts.connector.ConnectorContext; import org.springframework.extensions.webscripts.connector.ConnectorService; import org.springframework.extensions.webscripts.connector.HttpMethod; import org.springframework.extensions.webscripts.connector.Response; +import org.springframework.extensions.webscripts.connector.User; import org.springframework.extensions.webscripts.servlet.DependencyInjectedFilter; /** @@ -116,6 +119,7 @@ public class UserGroupsLoadFilter implements DependencyInjectedFilter, Initializ { final String userId = AuthenticationUtil.getUserId((HttpServletRequest) request); final String userGroupsCSVList = (String) session.getAttribute(SlingshotLoginController.SESSION_ATTRIBUTE_KEY_USER_GROUPS); + final User user = (User) session.getAttribute(UserFactory.SESSION_ATTRIBUTE_KEY_USER_OBJECT); final Date lastLoaded = (Date) session.getAttribute(SESSION_ATTRIBUTE_KEY_USER_GROUPS_LAST_LOADED); long cachedUserGroupsTimeout = DEFAULT_CACHED_USER_GROUPS_TIMEOUT; @@ -139,11 +143,24 @@ public class UserGroupsLoadFilter implements DependencyInjectedFilter, Initializ if (reloadedUserGroupsCSVList != null) { session.setAttribute(SlingshotLoginController.SESSION_ATTRIBUTE_KEY_USER_GROUPS, reloadedUserGroupsCSVList); + if (user != null) + { + user.setProperty(SlingshotUserFactory.ALF_USER_GROUPS, reloadedUserGroupsCSVList); + } } else { LOGGER.debug( "User groups session attribute cannot be updated after failure to load - will retry after next cache timeout"); + // some scripts (*cough* faceted-search) can fail if attribute is not set + if (session.getAttribute(SlingshotLoginController.SESSION_ATTRIBUTE_KEY_USER_GROUPS) == null) + { + session.setAttribute(SlingshotLoginController.SESSION_ATTRIBUTE_KEY_USER_GROUPS, ""); + } + if (user != null && user.getProperty(SlingshotUserFactory.ALF_USER_GROUPS) == null) + { + user.setProperty(SlingshotUserFactory.ALF_USER_GROUPS, ""); + } } session.setAttribute(SESSION_ATTRIBUTE_KEY_USER_GROUPS_LAST_LOADED, new Date()); }