org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork Java Examples
The following examples show how to use
org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: ActivitiScriptBase.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
/** * Checks that the specified 'runAs' field * specifies a valid username. */ private void validateRunAsUser(final String runAsUser) { Boolean runAsExists = AuthenticationUtil.runAs(new RunAsWork<Boolean>() { // Validate using System user to ensure sufficient permissions available to access person node. public Boolean doWork() throws Exception { return getServiceRegistry().getPersonService().personExists(runAsUser); } }, AuthenticationUtil.getSystemUserName()); if (!runAsExists) { throw new WorkflowException("runas user '" + runAsUser + "' does not exist."); } }
Example #2
Source File: LockOwnerDynamicAuthority.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
public boolean hasAuthority(final NodeRef nodeRef, final String userName) { return AuthenticationUtil.runAs(new RunAsWork<Boolean>(){ public Boolean doWork() throws Exception { if (lockService.getLockStatus(nodeRef, userName) == LockStatus.LOCK_OWNER) { return true; } NodeRef original = checkOutCheckInService.getCheckedOut(nodeRef); if (original != null) { return (lockService.getLockStatus(original, userName) == LockStatus.LOCK_OWNER); } else { return false; } }}, AuthenticationUtil.getSystemUserName()); }
Example #3
Source File: AbstractBulkFilesystemImporter.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
public void asyncBulkImport(final BulkImportParameters bulkImportParameters, final NodeImporter nodeImporter) { final String currentUser = AuthenticationUtil.getFullyAuthenticatedUser(); Runnable backgroundLogic = new Runnable() { public void run() { AuthenticationUtil.runAs(new RunAsWork<Object>() { public Object doWork() { bulkImport(bulkImportParameters, nodeImporter); return null; } }, currentUser); } }; Thread backgroundThread = new Thread(backgroundLogic, "BulkFilesystemImport-BackgroundThread"); backgroundThread.start(); }
Example #4
Source File: BaseCustomModelApiTest.java From alfresco-remote-api with GNU Lesser General Public License v3.0 | 6 votes |
@Before public void setup() throws Exception { authenticationService = applicationContext.getBean("authenticationService", MutableAuthenticationService.class); personService = applicationContext.getBean("personService", PersonService.class); customModelService = applicationContext.getBean("customModelService", CustomModelService.class); final AuthorityService authorityService = applicationContext.getBean("authorityService", AuthorityService.class); this.nonAdminUserName = createUser("nonAdminUser" + System.currentTimeMillis(), "password", null); this.customModelAdmin = createUser("customModelAdmin" + System.currentTimeMillis(), "password", null); users.add(nonAdminUserName); users.add(customModelAdmin); // Add 'customModelAdmin' user into 'ALFRESCO_MODEL_ADMINISTRATORS' group AuthenticationUtil.runAsSystem((RunAsWork<Void>) () -> { transactionHelper.doInTransaction((RetryingTransactionCallback<Void>) () -> { authorityService.addAuthority(CustomModelServiceImpl.GROUP_ALFRESCO_MODEL_ADMINISTRATORS_AUTHORITY, customModelAdmin); return null; }); return null; }); }
Example #5
Source File: TestUserComponentImpl.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
@Override public void deleteTestUser(final String userName) { // And tear down afterwards. AuthenticationUtil.runAs(new RunAsWork<Void>() { @Override public Void doWork() throws Exception { try { if (personService.personExists(userName)) { log.debug("Deleting person " + userName + "..."); personService.deletePerson(userName); } } catch (InvalidNodeRefException ignoreIfThrown) { // It seems that in cloud code, asking if a person exists when the tenant they would be in also doesn't // exist, can give this exception. } return null; } }, AuthenticationUtil.getAdminUserName()); }
Example #6
Source File: FacetRestApiTest.java From alfresco-remote-api with GNU Lesser General Public License v3.0 | 6 votes |
public void testGetAllFacetableProperties() throws Exception { AuthenticationUtil.runAs(new RunAsWork<Void>() { @Override public Void doWork() throws Exception { final Response rsp = sendRequest(new GetRequest(GET_ALL_FACETABLE_PROPERTIES_URL), 200); // For now, we'll only perform limited testing of the response as we primarily // want to know that the GET call succeeded and that it correctly identified // *some* facetable properties. JSONObject jsonRsp = new JSONObject(new JSONTokener(rsp.getContentAsString())); JSONObject data = jsonRsp.getJSONObject("data"); JSONArray properties = data.getJSONArray(FacetablePropertiesGet.PROPERTIES_KEY); final int arbitraryLimit = 25; assertTrue("Expected 'many' properties, but found 'not very many'", properties.length() > arbitraryLimit); return null; } }, SEARCH_ADMIN_USER); }
Example #7
Source File: FailedThumbnailSourceAspect.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
@Override public void onContentUpdate(final NodeRef nodeRef, boolean newContent) { AuthenticationUtil.runAsSystem(new RunAsWork<Object>() { @Override public Object doWork() { if (nodeService.exists(nodeRef) && lockService.getLockStatus(nodeRef) != LockStatus.LOCKED) { deleteFailedThumbnailChildren(nodeRef); } return null; } }); }
Example #8
Source File: PublicApiTenantAuthentication.java From alfresco-remote-api with GNU Lesser General Public License v3.0 | 6 votes |
/** * Determine whether tenant exists and enabled * * @param tenant String * @return true => it exists, no it doesn't */ public boolean tenantExists(final String tenant) { if (tenant == null || TenantService.DEFAULT_DOMAIN.equalsIgnoreCase(tenant)) { return true; } return AuthenticationUtil.runAsSystem(new RunAsWork<Boolean>() { public Boolean doWork() throws Exception { return tenantAdminService.existsTenant(tenant) && tenantAdminService.isEnabled(); } }); }
Example #9
Source File: QuickShareServiceIntegrationTest.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
@Test public void cloud928() { final NodeRef node = testNodes.createNodeWithTextContent(userHome, "CLOUD-928 Test Node", ContentModel.TYPE_CONTENT, user1.getUsername(), "Quick Share Test Node Content"); QuickShareDTO dto = share(node, user1.getUsername()); attributeService.removeAttribute(QuickShareServiceImpl.ATTR_KEY_SHAREDIDS_ROOT, dto.getId()); AuthenticationUtil.runAs(new RunAsWork<Object>(){ @Override public Object doWork() throws Exception { nodeService.deleteNode(node); return null; } }, user1.getUsername()); AuthenticationUtil.setAdminUserAsFullyAuthenticatedUser(); Assert.assertFalse(nodeService.exists(node)); }
Example #10
Source File: SiteServiceImpl.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
/** * @see org.alfresco.service.cmr.site.SiteService#deleteSite(java.lang.String) */ public void deleteSite(final String shortName) { if (isSiteAdmin(AuthenticationUtil.getFullyAuthenticatedUser())) { AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Void>() { public Void doWork() throws Exception { // Delete the site deleteSiteImpl(shortName); return null; } }, AuthenticationUtil.getAdminUserName()); } else { // Delete the site deleteSiteImpl(shortName); } }
Example #11
Source File: DocumentLinkServiceImplTest.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
/** * Tests the deletion of a document's links, with and without write * permissions * * @throws Exception */ public void testDeleteLinks() throws Exception { DeleteLinksStatusReport report = AuthenticationUtil.runAs(new RunAsWork<DeleteLinksStatusReport>() { @Override public DeleteLinksStatusReport doWork() throws Exception { return documentLinkService.deleteLinksToDocument(site1File2); } }, TEST_USER); // check if the service found 2 links of the document assertEquals(2, report.getTotalLinksFoundCount()); // check if the service successfully deleted one assertEquals(1, report.getDeletedLinksCount()); assertEquals(true, nodeService.hasAspect(site1File2, ApplicationModel.ASPECT_LINKED)); // check if the second one failed with access denied Throwable ex = report.getErrorDetails().get(linkOfFile1Site2); assertNotNull(ex); assertEquals(ex.getClass(), AccessDeniedException.class); }
Example #12
Source File: ModuleStarter.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
@Override protected void onBootstrap(ApplicationEvent event) { PropertyCheck.mandatory(this, "moduleService", moduleService); final RetryingTransactionCallback<Object> startModulesCallback = new RetryingTransactionCallback<Object>() { public Object execute() throws Throwable { moduleService.startModules(); return null; } }; AuthenticationUtil.runAs(new RunAsWork<Object>() { @Override public Object doWork() throws Exception { transactionService.getRetryingTransactionHelper().doInTransaction(startModulesCallback, transactionService.isReadOnly()); return null; } }, AuthenticationUtil.getSystemUserName()); }
Example #13
Source File: PeopleImpl.java From alfresco-remote-api with GNU Lesser General Public License v3.0 | 6 votes |
/** * Write the description to a content file and store the content URL in * ContentModel.PROP_PERSONDESC * * @param description * @param nodeRef */ private void savePersonDescription(final String description, final NodeRef nodeRef) { AuthenticationUtil.runAsSystem(new RunAsWork<Void>() { @Override public Void doWork() throws Exception { if (description != null) { ContentWriter writer = contentService.getWriter(nodeRef, ContentModel.PROP_PERSONDESC, true); writer.putContent(description); } else { nodeService.setProperty(nodeRef, ContentModel.PROP_PERSONDESC, null); } return null; } }); }
Example #14
Source File: RepoTransferReceiverImpl.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
public void run() { RunAsWork<Object> actionRunAs = new RunAsWork<Object>() { public Object doWork() throws Exception { return transactionService.getRetryingTransactionHelper().doInTransaction( new RetryingTransactionCallback<Object>() { public Object execute() { commit(transferId); return null; } }, false, true); } }; AuthenticationUtil.runAs(actionRunAs, runAsUser); }
Example #15
Source File: VersionableAspect.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
/** * Before add aspect policy behaviour * * @param nodeRef NodeRef * @param aspectTypeQName QName */ public void beforeAddAspect(final NodeRef nodeRef, QName aspectTypeQName) { AuthenticationUtil.runAsSystem(new RunAsWork<Void>() { @Override public Void doWork() throws Exception { if (nodeService.hasAspect(nodeRef, ContentModel.ASPECT_VERSIONABLE) == false && versionService.getVersionHistory(nodeRef) != null) { versionService.deleteVersionHistory(nodeRef); logger.warn("The version history of node " + nodeRef + " that doesn't have versionable aspect was deleted"); } return null; } }); }
Example #16
Source File: AbstractNodeCleanupWorker.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
private List<String> doCleanAsSystem() { final RunAsWork<List<String>> doCleanRunAs = new RunAsWork<List<String>>() { public List<String> doWork() throws Exception { try { return doCleanInternal(); } catch (Throwable e) { logger.error(e); return Collections.emptyList(); } } }; return AuthenticationUtil.runAs(doCleanRunAs, AuthenticationUtil.getSystemUserName()); }
Example #17
Source File: QuickShareRestApiTest.java From alfresco-remote-api with GNU Lesser General Public License v3.0 | 6 votes |
private void checkTransformer() { AuthenticationUtil.runAs(new RunAsWork<Void>() { @Override public Void doWork() throws Exception { if (!synchronousTransformClient.isSupported(MimetypeMap.MIMETYPE_IMAGE_JPEG, -1, null, MimetypeMap.MIMETYPE_IMAGE_PNG, Collections.emptyMap(), null, null )) { fail("Image transformer is not working. Please check your image conversion command setup."); } return null; } }, AuthenticationUtil.getAdminUserName()); }
Example #18
Source File: FileFolderLoaderTest.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
@Override public void tearDown() throws Exception { RunAsWork<Void> tearDownWork = new RunAsWork<Void>() { @Override public Void doWork() throws Exception { transactionService.getRetryingTransactionHelper().doInTransaction((RetryingTransactionCallback<Void>) () -> { fileFolderService.delete(hiddenFolderNodeRef); fileFolderService.delete(readOnlyFolderNodeRef); fileFolderService.delete(writeFolderNodeRef); return null; }); // Done return null; } }; AuthenticationUtil.runAsSystem(tearDownWork); AuthenticationUtil.popAuthentication(); }
Example #19
Source File: CMMDownloadTestUtil.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
public DownloadStatus getDownloadStatus(final NodeRef downloadNode) { return AuthenticationUtil.runAsSystem(new RunAsWork<DownloadStatus>() { @Override public DownloadStatus doWork() throws Exception { return transactionHelper.doInTransaction(new RetryingTransactionCallback<DownloadStatus>() { @Override public DownloadStatus execute() throws Throwable { return downloadService.getDownloadStatus(downloadNode); } }); } }); }
Example #20
Source File: ImapServiceImpl.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
@Override public String getPathFromRepo(final ChildAssociationRef assocRef) { return doAsSystem(new RunAsWork<String>() { @Override public String doWork() throws Exception { NodeRef ref = assocRef.getParentRef(); String name = ((String) nodeService.getProperty(ref, ContentModel.PROP_NAME)).toLowerCase(); ChildAssociationRef parent = nodeService.getPrimaryParent(ref); QName qname = parent.getQName(); if (qname.equals(QName.createQName(NamespaceService.APP_MODEL_1_0_URI, "company_home"))) { return "repository"; } else { return getPathFromRepo(parent) + "/" + name; } } }); }
Example #21
Source File: ImapServiceImpl.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
@Override public void beforeDeleteNode(final NodeRef nodeRef) { doAsSystem(new RunAsWork<Void>() { @Override public Void doWork() throws Exception { for (ChildAssociationRef parentAssoc : nodeService.getParentAssocs(nodeRef)) { NodeRef folderRef = parentAssoc.getParentRef(); if (nodeService.hasAspect(folderRef, ImapModel.ASPECT_IMAP_FOLDER)) { messageCache.remove(nodeRef); // Force generation of a new change token getUidValidityTransactionListener(folderRef); } } return null; } }); }
Example #22
Source File: ImapServiceImpl.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
@Override public void onRestoreNode(final ChildAssociationRef childAssocRef) { doAsSystem(new RunAsWork<Void>() { @Override public Void doWork() throws Exception { NodeRef childNodeRef = childAssocRef.getChildRef(); if (serviceRegistry.getDictionaryService().isSubClass(nodeService.getType(childNodeRef), ContentModel.TYPE_CONTENT)) { setFlag(childNodeRef, Flags.Flag.DELETED, false); setFlag(childNodeRef, Flags.Flag.SEEN, false); } NodeRef folderRef = childAssocRef.getParentRef(); long newId = (Long) nodeService.getProperty(childNodeRef, ContentModel.PROP_NODE_DBID); if (nodeService.hasAspect(folderRef, ImapModel.ASPECT_IMAP_FOLDER)) { // Force generation of a new change token and updating the UIDVALIDITY getUidValidityTransactionListener(folderRef).recordNewUid(newId); } return null; } }); }
Example #23
Source File: InvitationServiceImpl.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
/** * Add Invitee to Site with the site role that the inviter "started" the invite process with * @param invitee * @param siteName * @param role * @param runAsUser * @param siteService * @param overrideExisting */ public void addSiteMembership(final String invitee, final String siteName, final String role, final String runAsUser, final boolean overrideExisting) { AuthenticationUtil.runAs(new RunAsWork<Void>() { public Void doWork() throws Exception { if (overrideExisting || !siteService.isMember(siteName, invitee)) { siteService.setMembership(siteName, invitee, role); } return null; } }, runAsUser); }
Example #24
Source File: InviteServiceTest.java From alfresco-remote-api with GNU Lesser General Public License v3.0 | 6 votes |
/** * https://issues.alfresco.com/jira/browse/ETHREEOH-520 */ public void testETHREEOH_520() throws Exception { final String userName = "userInviteServiceTest" + GUID.generate(); final String emailAddress = " "; // Create a person with a blank email address and AuthenticationUtil.runAs(new RunAsWork<Object>() { public Object doWork() throws Exception { createPerson(PERSON_FIRSTNAME, PERSON_LASTNAME, userName, " "); return null; } }, AuthenticationUtil.getSystemUserName()); // Try and add an existing person to the site with no email address // Should return bad request since the email address has not been provided startInvite(PERSON_FIRSTNAME, PERSON_LASTNAME, emailAddress, INVITEE_SITE_ROLE, SITE_SHORT_NAME_INVITE_1, Status.STATUS_BAD_REQUEST); }
Example #25
Source File: ImapServiceImpl.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
@Override protected void onShutdown(ApplicationEvent event) { AuthenticationUtil.runAs(new RunAsWork<Void>() { @Override public Void doWork() throws Exception { if (service.getImapServerEnabled()) { service.shutdown(); } return null; } }, AuthenticationUtil.getSystemUserName()); }
Example #26
Source File: FileFolderServicePropagationTest.java From alfresco-repository with GNU Lesser General Public License v3.0 | 6 votes |
@After public void tearDown() throws Exception { // Resetting to default value... fileFolderService.setPreserveAuditableData(defaultPreservationValue); transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionCallback<Void>() { @Override public Void execute() throws Throwable { return AuthenticationUtil.runAsSystem(new RunAsWork<Void>() { @Override public Void doWork() throws Exception { authenticationService.deleteAuthentication(TEST_USER_NAME); fileFolderService.delete(testRootFolder.getNodeRef()); return null; } }); } }); }
Example #27
Source File: MessageServiceImpl.java From alfresco-repository with GNU Lesser General Public License v3.0 | 5 votes |
public ResourceBundle getRepoResourceBundle( final StoreRef storeRef, final String path, final Locale locale) throws IOException { // TODO - need to replace basic strategy with a more complete // search & instantiation strategy similar to ResourceBundle.getBundle() // Consider search query with basename* and then apply strategy ... // Avoid permission exceptions RunAsWork<ResourceBundle> getBundleWork = new RunAsWork<ResourceBundle>() { @Override public ResourceBundle doWork() throws Exception { NodeRef rootNode = nodeService.getRootNode(storeRef); // first attempt - with locale NodeRef nodeRef = getNode(rootNode, path+"_"+locale+PROPERTIES_FILE_SUFFIX); if (nodeRef == null) { // second attempt - basename nodeRef = getNode(rootNode, path+PROPERTIES_FILE_SUFFIX); } if (nodeRef == null) { logger.debug("Could not find message resource bundle " + storeRef + "/" + path); return null; } ContentReader cr = contentService.getReader(nodeRef, ContentModel.PROP_CONTENT); ResourceBundle resBundle = new MessagePropertyResourceBundle( new InputStreamReader(cr.getContentInputStream(), cr.getEncoding())); return resBundle; } }; return AuthenticationUtil.runAs(getBundleWork, AuthenticationUtil.getSystemUserName()); }
Example #28
Source File: FacetRestApiTest.java From alfresco-remote-api with GNU Lesser General Public License v3.0 | 5 votes |
@Override protected void setUp() throws Exception { super.setUp(); authenticationService = getServer().getApplicationContext().getBean("AuthenticationService", MutableAuthenticationService.class); authorityService = getServer().getApplicationContext().getBean("AuthorityService", AuthorityService.class); personService = getServer().getApplicationContext().getBean("PersonService", PersonService.class); transactionHelper = getServer().getApplicationContext().getBean("retryingTransactionHelper", RetryingTransactionHelper.class); AuthenticationUtil.clearCurrentSecurityContext(); // Create test users. TODO Create these users @BeforeClass or at a testsuite scope. AuthenticationUtil.runAsSystem(new RunAsWork<Void>() { @Override public Void doWork() throws Exception { createUser(SEARCH_ADMIN_USER); createUser(NON_SEARCH_ADMIN_USER); if ( !authorityService.getContainingAuthorities(AuthorityType.GROUP, SEARCH_ADMIN_USER, true) .contains(SolrFacetServiceImpl.GROUP_ALFRESCO_SEARCH_ADMINISTRATORS_AUTHORITY)) { authorityService.addAuthority(SolrFacetServiceImpl.GROUP_ALFRESCO_SEARCH_ADMINISTRATORS_AUTHORITY, SEARCH_ADMIN_USER); } return null; } }); }
Example #29
Source File: NodeArchiveServiceImpl.java From alfresco-repository with GNU Lesser General Public License v3.0 | 5 votes |
private Pair<NodeRef, QName> getArchiveNodeRefAssocTypePair(final NodeRef archiveStoreRootNodeRef) { final String currentUser = getCurrentUser(); if (archiveStoreRootNodeRef == null || !nodeService.exists(archiveStoreRootNodeRef)) { throw new InvalidNodeRefException("Invalid archive store root node Ref.", archiveStoreRootNodeRef); } if (hasAdminAccess(currentUser)) { return new Pair<NodeRef, QName>(archiveStoreRootNodeRef, ContentModel.ASSOC_CHILDREN); } else { List<ChildAssociationRef> list = AuthenticationUtil.runAs(new RunAsWork<List<ChildAssociationRef>>() { @Override public List<ChildAssociationRef> doWork() throws Exception { return nodeService.getChildrenByName(archiveStoreRootNodeRef, ContentModel.ASSOC_ARCHIVE_USER_LINK, Collections.singletonList(currentUser)); } }, AuthenticationUtil.getAdminUserName()); // Empty list means that the current user hasn't deleted anything yet. if (list == null || list.isEmpty()) { return new Pair<NodeRef, QName>(null, null); } NodeRef userArchive = list.get(0).getChildRef(); return new Pair<NodeRef, QName>(userArchive, ContentModel.ASSOC_ARCHIVED_LINK); } }
Example #30
Source File: HttpAlfrescoContentReader.java From alfresco-repository with GNU Lesser General Public License v3.0 | 5 votes |
@Override protected ReadableByteChannel getDirectReadableChannel() throws ContentIOException { RunAsWork<ReadableByteChannel> getChannelRunAs = new RunAsWork<ReadableByteChannel>() { public ReadableByteChannel doWork() throws Exception { return getDirectReadableChannelImpl(); } }; return AuthenticationUtil.runAs(getChannelRunAs, AuthenticationUtil.SYSTEM_USER_NAME); }