Beispiel #1
1
  /* (non-Javadoc)
   * @see org.alfresco.repo.tenant.TenantService#getRootNode(org.alfresco.service.cmr.repository.NodeService, org.alfresco.service.cmr.search.SearchService, org.alfresco.service.namespace.NamespaceService, java.lang.String, org.alfresco.service.cmr.repository.NodeRef)
   */
  public NodeRef getRootNode(
      NodeService nodeService,
      SearchService searchService,
      NamespaceService namespaceService,
      String rootPath,
      NodeRef rootNodeRef) {
    // Check that all the passed values are not null
    ParameterCheck.mandatory("NodeService", nodeService);
    ParameterCheck.mandatory("SearchService", searchService);
    ParameterCheck.mandatory("NamespaceService", namespaceService);
    ParameterCheck.mandatory("RootPath", rootPath);
    ParameterCheck.mandatory("RootNodeRef", rootNodeRef);

    String username = AuthenticationUtil.getFullyAuthenticatedUser();
    StoreRef storeRef = getName(username, rootNodeRef.getStoreRef());

    AuthenticationUtil.RunAsWork<NodeRef> action =
        new GetRootNode(
            nodeService, searchService, namespaceService, rootPath, rootNodeRef, storeRef);
    return getBaseName(AuthenticationUtil.runAs(action, AuthenticationUtil.getSystemUserName()));
  }
  /** {@inheritDoc} */
  public void auditQuery(
      AuditQueryCallback callback, AuditQueryParameters parameters, int maxResults) {
    ParameterCheck.mandatory("callback", callback);
    ParameterCheck.mandatory("parameters", parameters);

    // Shortcuts
    if (parameters.isZeroResultQuery()) {
      return;
    }

    auditDAO.findAuditEntries(callback, parameters, maxResults);
  }
Beispiel #3
0
  /* (non-Javadoc)
   * @see org.alfresco.repo.tenant.TenantService#getName(org.alfresco.service.cmr.repository.NodeRef, org.alfresco.service.namespace.QName)
   */
  public QName getName(NodeRef inNodeRef, QName name) {
    // Check that all the passed values are not null
    ParameterCheck.mandatory("InNodeRef", inNodeRef);
    ParameterCheck.mandatory("Name", name);

    int idx = inNodeRef.getStoreRef().getIdentifier().lastIndexOf(SEPARATOR);
    if (idx != -1) {
      String tenantDomain = inNodeRef.getStoreRef().getIdentifier().substring(1, idx);
      checkTenantEnabled(tenantDomain);
      return getName(name, tenantDomain);
    }

    return name;
  }
  /**
   * {@inheritDoc}
   *
   * @since 3.2
   */
  public void enableAudit(String applicationName, String path) {
    ParameterCheck.mandatory("applicationName", applicationName);
    ParameterCheck.mandatory("path", path);
    AlfrescoTransactionSupport.checkTransactionReadState(true);

    AuditApplication application = auditModelRegistry.getAuditApplicationByName(applicationName);
    if (application == null) {
      if (logger.isDebugEnabled()) {
        logger.debug("No audit application named '" + applicationName + "' has been registered.");
      }
      return;
    }
    // Check the path against the application
    application.checkPath(path);

    Long disabledPathsId = application.getDisabledPathsId();
    Set<String> disabledPaths = getDisabledPaths(application);

    // Remove any paths that start with the given path
    boolean changed = false;
    Iterator<String> iterateDisabledPaths = disabledPaths.iterator();
    while (iterateDisabledPaths.hasNext()) {
      String disabledPath = iterateDisabledPaths.next();
      if (disabledPath.startsWith(path)) {
        iterateDisabledPaths.remove();
        changed = true;
      }
    }
    // Persist, if necessary
    if (changed) {
      propertyValueDAO.updateProperty(disabledPathsId, (Serializable) disabledPaths);
      if (logger.isDebugEnabled()) {
        logger.debug(
            "Audit disabled paths updated: \n"
                + "   Application: "
                + applicationName
                + "\n"
                + "   Disabled:    "
                + disabledPaths);
      }
    }
    // Done
  }
  /**
   * {@inheritDoc}
   *
   * @since 3.2
   */
  public boolean isAuditPathEnabled(String applicationName, String path) {
    ParameterCheck.mandatory("applicationName", applicationName);
    ParameterCheck.mandatory("path", path);
    AlfrescoTransactionSupport.checkTransactionReadState(false);

    AuditApplication application = auditModelRegistry.getAuditApplicationByName(applicationName);
    if (application == null) {
      if (logger.isDebugEnabled()) {
        logger.debug("No audit application named '" + applicationName + "' has been registered.");
      }
      return false;
    }
    // Check the path against the application
    application.checkPath(path);

    Set<String> disabledPaths = getDisabledPaths(application);

    // Check if there are any entries that match or superced the given path
    String disablingPath = null;
    ;
    for (String disabledPath : disabledPaths) {
      if (path.startsWith(disabledPath)) {
        disablingPath = disabledPath;
        break;
      }
    }
    // Done
    if (logger.isDebugEnabled()) {
      logger.debug(
          "Audit path enabled check: \n"
              + "   Application:    "
              + applicationName
              + "\n"
              + "   Path:           "
              + path
              + "\n"
              + "   Disabling Path: "
              + disablingPath);
    }
    return disablingPath == null;
  }
Beispiel #6
0
  protected String getName(String name, String tenantDomain) {
    // Check that all the passed values are not null
    ParameterCheck.mandatory("name", name);
    ParameterCheck.mandatory("tenantDomain", tenantDomain);

    checkTenantEnabled(tenantDomain);

    int idx1 = name.indexOf(SEPARATOR);
    if (idx1 != 0) {
      // no domain, so add it as a prefix (between two domain separators)
      name = SEPARATOR + tenantDomain + SEPARATOR + name;
    } else {
      int idx2 = name.indexOf(SEPARATOR, 1);
      String nameDomain = name.substring(1, idx2);
      if (!tenantDomain.equals(nameDomain)) {
        throw new AlfrescoRuntimeException(
            "domain mismatch: expected = " + tenantDomain + ", actual = " + nameDomain);
      }
    }

    return name;
  }
Beispiel #7
0
  /* (non-Javadoc)
   * @see org.alfresco.repo.tenant.TenantService#getName(org.alfresco.service.namespace.QName)
   */
  public QName getName(QName name) {
    // Check that all the passed values are not null
    ParameterCheck.mandatory("Name", name);

    String tenantDomain = getCurrentUserDomain();

    if (!tenantDomain.equals(DEFAULT_DOMAIN)) {
      checkTenantEnabled(tenantDomain);
      name = getName(name, tenantDomain);
    }

    return name;
  }
Beispiel #8
0
  public static String getMultiTenantDomainName(String name) {
    // Check that all the passed values are not null
    ParameterCheck.mandatory("name", name);

    int idx1 = name.indexOf(SEPARATOR);
    if (idx1 == 0) {
      int idx2 = name.indexOf(SEPARATOR, 1);
      if (idx2 != -1) {
        return name.substring(1, idx2);
      }
    }

    return null;
  }
Beispiel #9
0
 /**
  * Sends an invitation email.
  *
  * @param properties A Map containing the properties needed to send the email.
  */
 public void sendMail(Map<String, String> properties) {
   checkProperties(properties);
   ParameterCheck.mandatory("Properties", properties);
   NodeRef inviter = personService.getPerson(properties.get(wfVarInviterUserName));
   String inviteeName = properties.get(wfVarInviteeUserName);
   NodeRef invitee = personService.getPerson(inviteeName);
   Action mail = actionService.createAction(MailActionExecuter.NAME);
   mail.setParameterValue(MailActionExecuter.PARAM_FROM, getEmail(inviter));
   mail.setParameterValue(MailActionExecuter.PARAM_TO, getEmail(invitee));
   mail.setParameterValue(MailActionExecuter.PARAM_SUBJECT, buildSubject(properties));
   mail.setParameterValue(MailActionExecuter.PARAM_TEMPLATE, getEmailTemplateNodeRef());
   mail.setParameterValue(
       MailActionExecuter.PARAM_TEMPLATE_MODEL,
       (Serializable) buildMailTextModel(properties, inviter, invitee));
   mail.setParameterValue(MailActionExecuter.PARAM_IGNORE_SEND_FAILURE, true);
   actionService.executeAction(mail, getWorkflowPackage(properties));
 }
  /**
   * {@inheritDoc}
   *
   * @since 3.2
   */
  public Map<String, Serializable> recordAuditValues(
      String rootPath, Map<String, Serializable> values) {
    ParameterCheck.mandatory("rootPath", rootPath);
    AuditApplication.checkPathFormat(rootPath);

    if (values == null || values.isEmpty() || !isSourcePathMapped(rootPath)) {
      return Collections.emptyMap();
    }

    // Build the key paths using the session root path
    Map<String, Serializable> pathedValues = new HashMap<String, Serializable>(values.size() * 2);
    for (Map.Entry<String, Serializable> entry : values.entrySet()) {
      String pathElement = entry.getKey();
      String path = AuditApplication.buildPath(rootPath, pathElement);
      pathedValues.put(path, entry.getValue());
    }

    // Translate the values map
    PathMapper pathMapper = auditModelRegistry.getAuditPathMapper();
    final Map<String, Serializable> mappedValues = pathMapper.convertMap(pathedValues);
    if (mappedValues.isEmpty()) {
      return mappedValues;
    }

    // We have something to record.  Start a transaction, if necessary
    TxnReadState txnState = AlfrescoTransactionSupport.getTransactionReadState();
    switch (txnState) {
      case TXN_NONE:
      case TXN_READ_ONLY:
        // New transaction
        RetryingTransactionCallback<Map<String, Serializable>> callback =
            new RetryingTransactionCallback<Map<String, Serializable>>() {
              public Map<String, Serializable> execute() throws Throwable {
                return recordAuditValuesImpl(mappedValues);
              }
            };
        return transactionService
            .getRetryingTransactionHelper()
            .doInTransaction(callback, false, true);
      case TXN_READ_WRITE:
        return recordAuditValuesImpl(mappedValues);
      default:
        throw new IllegalStateException("Unknown txn state: " + txnState);
    }
  }
  /**
   * {@inheritDoc}
   *
   * @since 3.2
   */
  public void resetDisabledPaths(String applicationName) {
    ParameterCheck.mandatory("applicationName", applicationName);
    AlfrescoTransactionSupport.checkTransactionReadState(true);

    AuditApplication application = auditModelRegistry.getAuditApplicationByName(applicationName);
    if (application == null) {
      if (logger.isDebugEnabled()) {
        logger.debug("No audit application named '" + applicationName + "' has been registered.");
      }
      return;
    }
    Long disabledPathsId = application.getDisabledPathsId();
    propertyValueDAO.updateProperty(disabledPathsId, (Serializable) Collections.emptySet());
    // Done
    if (logger.isDebugEnabled()) {
      logger.debug("Removed all disabled paths for application " + applicationName);
    }
  }
Beispiel #12
0
  /* (non-Javadoc)
   * @see org.alfresco.repo.tenant.TenantUserService#getDomainUser(java.lang.String, java.lang.String)
   */
  public String getDomainUser(String baseUsername, String tenantDomain) {
    // Check that all the passed values are not null
    ParameterCheck.mandatory("baseUsername", baseUsername);

    if ((tenantDomain == null) || (tenantDomain.equals(DEFAULT_DOMAIN))) {
      return baseUsername;
    } else {
      if (baseUsername.contains(SEPARATOR)) {
        throw new AlfrescoRuntimeException("Invalid base username: "******"Invalid tenant domain: " + tenantDomain);
      }

      tenantDomain = getTenantDomain(tenantDomain);
      return baseUsername + SEPARATOR + tenantDomain;
    }
  }
Beispiel #13
0
  /* (non-Javadoc)
   * @see org.alfresco.repo.tenant.TenantService#checkDomainUser(java.lang.String)
   */
  public void checkDomainUser(String username) {
    // Check that all the passed values are not null
    ParameterCheck.mandatory("Username", username);

    String tenantDomain = getCurrentUserDomain();

    if (!tenantDomain.equals(DEFAULT_DOMAIN)) {
      int idx2 = username.lastIndexOf(SEPARATOR);
      if ((idx2 > 0) && (idx2 < (username.length() - 1))) {
        String tenantUserDomain = username.substring(idx2 + 1);

        if ((tenantUserDomain == null) || (!tenantDomain.equals(tenantUserDomain))) {
          throw new TenantDomainMismatchException(tenantDomain, tenantUserDomain);
        }
      } else {
        throw new TenantDomainMismatchException(tenantDomain, null);
      }
    }
  }
Beispiel #14
0
  /* (non-Javadoc)
   * @see org.alfresco.repo.tenant.TenantService#checkDomain(java.lang.String)
   */
  public void checkDomain(String name) {
    // Check that all the passed values are not null
    ParameterCheck.mandatory("Name", name);

    String nameDomain = null;

    int idx1 = name.indexOf(SEPARATOR);
    if (idx1 == 0) {
      int idx2 = name.indexOf(SEPARATOR, 1);
      nameDomain = name.substring(1, idx2);
    }

    String tenantDomain = getCurrentUserDomain();

    if (((nameDomain == null) && (!tenantDomain.equals(DEFAULT_DOMAIN)))
        || ((nameDomain != null) && (!nameDomain.equals(tenantDomain)))) {
      throw new AlfrescoRuntimeException(
          "domain mismatch: expected = " + tenantDomain + ", actual = " + nameDomain);
    }
  }
  /**
   * {@inheritDoc}
   *
   * @since 3.2
   */
  public void deleteAuditEntries(String applicationName, Long fromTime, Long toTime) {
    ParameterCheck.mandatory("applicationName", applicationName);
    AlfrescoTransactionSupport.checkTransactionReadState(true);

    AuditApplication application = auditModelRegistry.getAuditApplicationByName(applicationName);
    if (application == null) {
      if (logger.isDebugEnabled()) {
        logger.debug("No audit application named '" + applicationName + "' has been registered.");
      }
      return;
    }

    Long applicationId = application.getApplicationId();

    auditDAO.deleteAuditEntries(applicationId, fromTime, toTime);
    // Done
    if (logger.isDebugEnabled()) {
      logger.debug(
          "Delete audit entries for " + applicationName + " (" + fromTime + " to " + toTime);
    }
  }
Beispiel #16
0
  /* (non-Javadoc)
   * @see org.alfresco.repo.tenant.TenantService#getName(java.lang.String)
   */
  public String getName(String name) {
    // Check that all the passed values are not null
    ParameterCheck.mandatory("name", name);

    String tenantDomain = getCurrentUserDomain();

    if (!tenantDomain.equals(DEFAULT_DOMAIN)) {
      int idx1 = name.indexOf(SEPARATOR);
      if (idx1 != 0) {
        // no tenant domain prefix, so add it
        name = SEPARATOR + tenantDomain + SEPARATOR + name;
      } else {
        int idx2 = name.indexOf(SEPARATOR, 1);
        String nameDomain = name.substring(1, idx2);
        if (!tenantDomain.equals(nameDomain)) {
          throw new AlfrescoRuntimeException(
              "domain mismatch: expected = " + tenantDomain + ", actual = " + nameDomain);
        }
      }
    }

    return name;
  }
Beispiel #17
0
  /* (non-Javadoc)
   * @see org.alfresco.repo.tenant.TenantService#getBaseName(java.lang.String, boolean)
   */
  public String getBaseName(String name, boolean forceForNonTenant) {
    // Check that all the passed values are not null
    ParameterCheck.mandatory("name", name);

    String tenantDomain = getCurrentUserDomain();

    int idx1 = name.indexOf(SEPARATOR);
    if (idx1 == 0) {
      int idx2 = name.indexOf(SEPARATOR, 1);
      String nameDomain = name.substring(1, idx2);

      if ((!tenantDomain.equals(DEFAULT_DOMAIN)) && (!tenantDomain.equals(nameDomain))) {
        throw new AlfrescoRuntimeException(
            "domain mismatch: expected = " + tenantDomain + ", actual = " + nameDomain);
      }

      if ((!tenantDomain.equals(DEFAULT_DOMAIN)) || (forceForNonTenant)) {
        // remove tenant domain
        name = name.substring(idx2 + 1);
      }
    }

    return name;
  }
Beispiel #18
0
 protected String getTenantDomain(String tenantDomain) {
   ParameterCheck.mandatory("tenantDomain", tenantDomain);
   return tenantDomain.toLowerCase(I18NUtil.getLocale());
 }
  /**
   * {@inheritDoc}
   *
   * @since 3.2
   */
  public void disableAudit(String applicationName, String path) {
    ParameterCheck.mandatory("applicationName", applicationName);
    ParameterCheck.mandatory("path", path);
    AlfrescoTransactionSupport.checkTransactionReadState(true);

    AuditApplication application = auditModelRegistry.getAuditApplicationByName(applicationName);
    if (application == null) {
      if (logger.isDebugEnabled()) {
        logger.debug("No audit application named '" + applicationName + "' has been registered.");
      }
      return;
    }
    // Check the path against the application
    application.checkPath(path);

    Long disabledPathsId = application.getDisabledPathsId();
    Set<String> disabledPaths = getDisabledPaths(application);

    // Shortcut if the disabled paths contain the exact path
    if (disabledPaths.contains(path)) {
      if (logger.isDebugEnabled()) {
        logger.debug("Audit disable path already present: \n" + "   Path:       " + path);
      }
      return;
    }

    // Bring the set up to date by stripping out unwanted paths
    Iterator<String> iterateDisabledPaths = disabledPaths.iterator();
    while (iterateDisabledPaths.hasNext()) {
      String disabledPath = iterateDisabledPaths.next();
      if (disabledPath.startsWith(path)) {
        // We will be superceding this
        iterateDisabledPaths.remove();
      } else if (path.startsWith(disabledPath)) {
        // There is already a superceding path
        if (logger.isDebugEnabled()) {
          logger.debug(
              "Audit disable path superceded: \n"
                  + "   Path:          "
                  + path
                  + "\n"
                  + "   Superceded by: "
                  + disabledPath);
        }
        return;
      }
    }
    // Add our path in
    disabledPaths.add(path);
    // Upload the new set
    propertyValueDAO.updateProperty(disabledPathsId, (Serializable) disabledPaths);
    // Done
    if (logger.isDebugEnabled()) {
      logger.debug(
          "Audit disabled paths updated: \n"
              + "   Application: "
              + applicationName
              + "\n"
              + "   Disabled:    "
              + disabledPaths);
    }
  }