1 17 package org.alfresco.repo.security.authority; 18 19 import java.io.Serializable ; 20 import java.util.ArrayList ; 21 import java.util.Collection ; 22 import java.util.Collections ; 23 import java.util.HashMap ; 24 import java.util.HashSet ; 25 import java.util.List ; 26 import java.util.Set ; 27 28 import org.alfresco.error.AlfrescoRuntimeException; 29 import org.alfresco.model.ContentModel; 30 import org.alfresco.repo.cache.SimpleCache; 31 import org.alfresco.repo.search.impl.lucene.QueryParser; 32 import org.alfresco.service.cmr.dictionary.DictionaryService; 33 import org.alfresco.service.cmr.repository.ChildAssociationRef; 34 import org.alfresco.service.cmr.repository.NodeRef; 35 import org.alfresco.service.cmr.repository.NodeService; 36 import org.alfresco.service.cmr.repository.StoreRef; 37 import org.alfresco.service.cmr.repository.datatype.DefaultTypeConverter; 38 import org.alfresco.service.cmr.search.ResultSet; 39 import org.alfresco.service.cmr.search.ResultSetRow; 40 import org.alfresco.service.cmr.search.SearchParameters; 41 import org.alfresco.service.cmr.search.SearchService; 42 import org.alfresco.service.cmr.security.AuthorityType; 43 import org.alfresco.service.namespace.NamespacePrefixResolver; 44 import org.alfresco.service.namespace.QName; 45 import org.alfresco.service.namespace.RegexQNamePattern; 46 import org.alfresco.util.ISO9075; 47 48 public class AuthorityDAOImpl implements AuthorityDAO 49 { 50 private static final StoreRef STOREREF_USERS = new StoreRef("user", "alfrescoUserStore"); 51 52 private NodeService nodeService; 53 private NamespacePrefixResolver namespacePrefixResolver; 54 private QName qnameAssocSystem; 55 private QName qnameAssocAuthorities; 56 private SearchService searchService; 57 private DictionaryService dictionaryService; 58 private SimpleCache<String , ArrayList <NodeRef>> userToAuthorityCache; 59 60 public AuthorityDAOImpl() 61 { 62 super(); 63 } 64 65 public void setDictionaryService(DictionaryService dictionaryService) 66 { 67 this.dictionaryService = dictionaryService; 68 } 69 70 public void setNamespacePrefixResolver(NamespacePrefixResolver namespacePrefixResolver) 71 { 72 this.namespacePrefixResolver = namespacePrefixResolver; 73 qnameAssocSystem = QName.createQName("sys", "system", namespacePrefixResolver); 74 qnameAssocAuthorities = QName.createQName("sys", "authorities", namespacePrefixResolver); 75 } 76 77 public void setNodeService(NodeService nodeService) 78 { 79 this.nodeService = nodeService; 80 } 81 82 public void setSearchService(SearchService searchService) 83 { 84 this.searchService = searchService; 85 } 86 87 public void setUserToAuthorityCache(SimpleCache<String , ArrayList <NodeRef>> userToAuthorityCache) 88 { 89 this.userToAuthorityCache = userToAuthorityCache; 90 } 91 92 public void addAuthority(String parentName, String childName) 93 { 94 NodeRef parentRef = getAuthorityOrNull(parentName); 95 if (parentRef == null) 96 { 97 throw new UnknownAuthorityException("An authority was not found for " + parentName); 98 } 99 if (AuthorityType.getAuthorityType(childName).equals(AuthorityType.USER)) 100 { 101 Collection <String > memberCollection = DefaultTypeConverter.INSTANCE.getCollection(String .class, nodeService 102 .getProperty(parentRef, ContentModel.PROP_MEMBERS)); 103 HashSet <String > members = new HashSet <String >(); 104 members.addAll(memberCollection); 105 members.add(childName); 106 nodeService.setProperty(parentRef, ContentModel.PROP_MEMBERS, members); 107 userToAuthorityCache.remove(childName); 108 } 109 else 110 { 111 NodeRef childRef = getAuthorityOrNull(childName); 112 if (childRef == null) 113 { 114 throw new UnknownAuthorityException("An authority was not found for " + childName); 115 } 116 nodeService.addChild( 117 parentRef, 118 childRef, 119 ContentModel.ASSOC_MEMBER, 120 QName.createQName("usr", childName, namespacePrefixResolver)); 121 } 122 123 } 124 125 public void createAuthority(String parentName, String name) 126 { 127 HashMap <QName, Serializable > props = new HashMap <QName, Serializable >(); 128 props.put(ContentModel.PROP_AUTHORITY_NAME, name); 129 if (parentName != null) 130 { 131 NodeRef parentRef = getAuthorityOrNull(parentName); 132 if (parentRef == null) 133 { 134 throw new UnknownAuthorityException("An authority was not found for " + parentName); 135 } 136 nodeService.createNode( 137 parentRef, 138 ContentModel.ASSOC_MEMBER, 139 QName.createQName("usr", name, namespacePrefixResolver), 140 ContentModel.TYPE_AUTHORITY_CONTAINER, 141 props); 142 } 143 else 144 { 145 NodeRef authorityContainerRef = getAuthorityContainer(); 146 nodeService.createNode( 147 authorityContainerRef, 148 ContentModel.ASSOC_MEMBER, 149 QName.createQName("usr", name, namespacePrefixResolver), 150 ContentModel.TYPE_AUTHORITY_CONTAINER, 151 props); 152 } 153 } 154 155 public void deleteAuthority(String name) 156 { 157 NodeRef nodeRef = getAuthorityOrNull(name); 158 if (nodeRef == null) 159 { 160 throw new UnknownAuthorityException("An authority was not found for " + name); 161 } 162 nodeService.deleteNode(nodeRef); 163 164 } 165 166 public Set <String > getAllRootAuthorities(AuthorityType type) 167 { 168 HashSet <String > authorities = new HashSet <String >(); 169 NodeRef container = getAuthorityContainer(); 170 if (container != null) 171 { 172 findAuthorities(type, container, authorities, false, false, false); 173 } 174 return authorities; 175 } 176 177 public Set <String > getAllAuthorities(AuthorityType type) 178 { 179 HashSet <String > authorities = new HashSet <String >(); 180 NodeRef container = getAuthorityContainer(); 181 if (container != null) 182 { 183 findAuthorities(type, container, authorities, false, true, false); 184 } 185 return authorities; 186 } 187 188 public Set <String > getContainedAuthorities(AuthorityType type, String name, boolean immediate) 189 { 190 if (AuthorityType.getAuthorityType(name).equals(AuthorityType.USER)) 191 { 192 return Collections.<String > emptySet(); 193 } 194 else 195 { 196 NodeRef nodeRef = getAuthorityOrNull(name); 197 if (nodeRef == null) 198 { 199 throw new UnknownAuthorityException("An authority was not found for " + name); 200 } 201 HashSet <String > authorities = new HashSet <String >(); 202 findAuthorities(type, nodeRef, authorities, false, !immediate, false); 203 return authorities; 204 } 205 } 206 207 public void removeAuthority(String parentName, String childName) 208 { 209 NodeRef parentRef = getAuthorityOrNull(parentName); 210 if (parentRef == null) 211 { 212 throw new UnknownAuthorityException("An authority was not found for " + parentName); 213 } 214 if (AuthorityType.getAuthorityType(childName).equals(AuthorityType.USER)) 215 { 216 Collection <String > memberCollection = DefaultTypeConverter.INSTANCE.getCollection(String .class, nodeService 217 .getProperty(parentRef, ContentModel.PROP_MEMBERS)); 218 HashSet <String > members = new HashSet <String >(); 219 members.addAll(memberCollection); 220 members.remove(childName); 221 nodeService.setProperty(parentRef, ContentModel.PROP_MEMBERS, members); 222 userToAuthorityCache.remove(childName); 223 } 224 else 225 { 226 NodeRef childRef = getAuthorityOrNull(childName); 227 if (childRef == null) 228 { 229 throw new UnknownAuthorityException("An authority was not found for " + childName); 230 } 231 nodeService.removeChild(parentRef, childRef); 232 } 233 234 } 235 236 public Set <String > getContainingAuthorities(AuthorityType type, String name, boolean immediate) 237 { 238 HashSet <String > authorities = new HashSet <String >(); 239 findAuthorities(type, name, authorities, true, !immediate); 240 return authorities; 241 } 242 243 private void findAuthorities(AuthorityType type, String name, Set <String > authorities, boolean parents, 244 boolean recursive) 245 { 246 if (AuthorityType.getAuthorityType(name).equals(AuthorityType.GUEST)) 247 { 248 } 250 else if (AuthorityType.getAuthorityType(name).equals(AuthorityType.USER)) 251 { 252 for (NodeRef ref : getUserContainers(name)) 253 { 254 findAuthorities(type, ref, authorities, parents, recursive, true); 255 } 256 257 } 258 else 259 { 260 NodeRef ref = getAuthorityOrNull(name); 261 262 if (ref == null) 263 { 264 throw new UnknownAuthorityException("An authority was not found for " + name); 265 } 266 267 findAuthorities(type, ref, authorities, parents, recursive, false); 268 269 } 270 } 271 272 private ArrayList <NodeRef> getUserContainers(String name) 273 { 274 ArrayList <NodeRef> containers = userToAuthorityCache.get(name); 275 if (containers == null) 276 { 277 containers = findUserContainers(name); 278 userToAuthorityCache.put(name, containers); 279 } 280 return containers; 281 } 282 283 private ArrayList <NodeRef> findUserContainers(String name) 284 { 285 SearchParameters sp = new SearchParameters(); 286 sp.addStore(STOREREF_USERS); 287 sp.setLanguage("lucene"); 288 sp.setQuery("+TYPE:\"" 289 + ContentModel.TYPE_AUTHORITY_CONTAINER 290 + "\"" 291 + " +@" 292 + QueryParser.escape("{" 293 + ContentModel.PROP_MEMBERS.getNamespaceURI() + "}" 294 + ISO9075.encode(ContentModel.PROP_MEMBERS.getLocalName())) + ":\"" + name + "\""); 295 ResultSet rs = null; 296 try 297 { 298 rs = searchService.query(sp); 299 ArrayList <NodeRef> answer = new ArrayList <NodeRef>(rs.length()); 300 for (ResultSetRow row : rs) 301 { 302 answer.add(row.getNodeRef()); 303 } 304 return answer; 305 } 306 finally 307 { 308 if (rs != null) 309 { 310 rs.close(); 311 } 312 } 313 314 } 315 316 private void findAuthorities(AuthorityType type, NodeRef nodeRef, Set <String > authorities, boolean parents, 317 boolean recursive, boolean includeNode) 318 { 319 List <ChildAssociationRef> cars = parents ? nodeService.getParentAssocs(nodeRef) : nodeService 320 .getChildAssocs(nodeRef); 321 322 if (includeNode) 323 { 324 String authorityName = DefaultTypeConverter.INSTANCE.convert(String .class, nodeService.getProperty(nodeRef, 325 ContentModel.PROP_AUTHORITY_NAME)); 326 if (type == null) 327 { 328 authorities.add(authorityName); 329 } 330 else 331 { 332 AuthorityType authorityType = AuthorityType.getAuthorityType(authorityName); 333 if (authorityType.equals(type)) 334 { 335 authorities.add(authorityName); 336 } 337 } 338 } 339 340 for (ChildAssociationRef car : cars) 342 { 343 NodeRef current = parents ? car.getParentRef() : car.getChildRef(); 344 QName currentType = nodeService.getType(current); 345 if (dictionaryService.isSubClass(currentType, ContentModel.TYPE_AUTHORITY)) 346 { 347 348 String authorityName = DefaultTypeConverter.INSTANCE.convert(String .class, nodeService.getProperty( 349 current, ContentModel.PROP_AUTHORITY_NAME)); 350 351 if (type == null) 352 { 353 authorities.add(authorityName); 354 if (recursive) 355 { 356 findAuthorities(type, current, authorities, parents, recursive, false); 357 } 358 } 359 else 360 { 361 AuthorityType authorityType = AuthorityType.getAuthorityType(authorityName); 362 if (authorityType.equals(type)) 363 { 364 authorities.add(authorityName); 365 } 366 if (recursive) 367 { 368 findAuthorities(type, current, authorities, parents, recursive, false); 369 } 370 } 371 } 372 } 373 if (!parents) 375 { 376 Collection <String > members = DefaultTypeConverter.INSTANCE.getCollection(String .class, nodeService 377 .getProperty(nodeRef, ContentModel.PROP_MEMBERS)); 378 if (members != null) 379 { 380 for (String user : members) 381 { 382 if (user != null) 383 { 384 if (type == null) 385 { 386 authorities.add(user); 387 } 388 else 389 { 390 AuthorityType authorityType = AuthorityType.getAuthorityType(user); 391 if (authorityType.equals(type)) 392 { 393 authorities.add(user); 394 } 395 } 396 } 397 } 398 } 399 } 400 } 401 402 private NodeRef getAuthorityOrNull(String name) 403 { 404 SearchParameters sp = new SearchParameters(); 405 sp.addStore(STOREREF_USERS); 406 sp.setLanguage("lucene"); 407 sp.setQuery("+TYPE:\"" 408 + ContentModel.TYPE_AUTHORITY_CONTAINER 409 + "\"" 410 + " +@" 411 + QueryParser.escape("{" 412 + ContentModel.PROP_AUTHORITY_NAME.getNamespaceURI() + "}" 413 + ISO9075.encode(ContentModel.PROP_AUTHORITY_NAME.getLocalName())) + ":\"" + name + "\""); 414 ResultSet rs = null; 415 try 416 { 417 rs = searchService.query(sp); 418 if (rs.length() == 0) 419 { 420 return null; 421 } 422 else 423 { 424 for (ResultSetRow row : rs) 425 { 426 String test = DefaultTypeConverter.INSTANCE.convert( 427 String .class, 428 nodeService.getProperty(row.getNodeRef(), ContentModel.PROP_AUTHORITY_NAME)); 429 if (test.equals(name)) 430 { 431 return row.getNodeRef(); 432 } 433 } 434 } 435 return null; 436 } 437 finally 438 { 439 if (rs != null) 440 { 441 rs.close(); 442 } 443 } 444 445 } 446 447 450 private NodeRef getAuthorityContainer() 451 { 452 NodeRef rootNodeRef = nodeService.getRootNode(STOREREF_USERS); 453 List <ChildAssociationRef> results = nodeService.getChildAssocs( 454 rootNodeRef, 455 RegexQNamePattern.MATCH_ALL, 456 qnameAssocSystem); 457 NodeRef sysNodeRef = null; 458 if (results.size() == 0) 459 { 460 throw new AlfrescoRuntimeException("Required authority system path not found: " + qnameAssocSystem); 461 } 462 else 463 { 464 sysNodeRef = results.get(0).getChildRef(); 465 } 466 results = nodeService.getChildAssocs( 467 sysNodeRef, 468 RegexQNamePattern.MATCH_ALL, 469 qnameAssocAuthorities); 470 NodeRef authNodeRef = null; 471 if (results.size() == 0) 472 { 473 throw new AlfrescoRuntimeException("Required authority path not found: " + qnameAssocAuthorities); 474 } 475 else 476 { 477 authNodeRef = results.get(0).getChildRef(); 478 } 479 return authNodeRef; 480 } 481 } 482 | Popular Tags |