Java Code Examples for org.alfresco.repo.security.authentication.AuthenticationUtil#isMtEnabled()

The following examples show how to use org.alfresco.repo.security.authentication.AuthenticationUtil#isMtEnabled() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: MultiTServiceImpl.java    From alfresco-repository with GNU Lesser General Public License v3.0 6 votes vote down vote up
@Override
public StoreRef getName(String username, StoreRef storeRef)
{
    if (storeRef == null)
    {
        return null;
    }

    if ((username != null) && (AuthenticationUtil.isMtEnabled()))
    {
        int idx = username.lastIndexOf(SEPARATOR);
        if ((idx > 0) && (idx < (username.length() - 1)))
        {
            String tenantDomain = username.substring(idx + 1);
            return new StoreRef(storeRef.getProtocol(), getName(storeRef.getIdentifier(), tenantDomain));
        }
    }

    return storeRef;
}
 
Example 2
Source File: MultiTServiceImpl.java    From alfresco-repository with GNU Lesser General Public License v3.0 6 votes vote down vote up
@Override
public String getUserDomain(String username)
{
    // can be null (e.g. for System user / during app ctx init)
    if ((username != null) && AuthenticationUtil.isMtEnabled())
    {
        int idx = username.lastIndexOf(SEPARATOR);
        if ((idx > 0) && (idx < (username.length() - 1)))
        {
            String tenantDomain = getTenantDomain(username.substring(idx + 1));
            checkTenantEnabled(tenantDomain);

            return tenantDomain;
        }
    }

    return DEFAULT_DOMAIN; // default domain - non-tenant user
}
 
Example 3
Source File: MultiTServiceImpl.java    From alfresco-repository with GNU Lesser General Public License v3.0 6 votes vote down vote up
/**
 * Get the primary domain for the given user, if a tenant for that domain exists.
 * 
 * For user names of the form "user@tenantdomain", the tenant domain the part of the string 
 * after the @ symbol. A check is then made to see if tenant with that domain name exists.  
 * If it does, then the identified domain is returned. If no tenant exists then null is 
 * returned.
 * 
 * If the username does not end with a domain, as described above, then the default domain is 
 * returned. 
 */
@Override
public String getPrimaryDomain(String username)
{
    String result = null;
    // can be null (e.g. for System user / during app ctx init)
    if (username != null && AuthenticationUtil.isMtEnabled())
    {
        int idx = username.lastIndexOf(SEPARATOR);
        if ((idx > 0) && (idx < (username.length() - 1)))
        {
            String tenantDomain = getTenantDomain(username.substring(idx + 1));

            if (getTenant(tenantDomain) != null)
            {
                result = tenantDomain;
            }
        }
        else
        {
            result = DEFAULT_DOMAIN;
        }
    }

    return result; // default domain - non-tenant user
}
 
Example 4
Source File: RenameSiteAuthorityDisplayName.java    From alfresco-repository with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Override
protected String applyInternal() throws Exception
{
 // NOTE: SiteService is not currently MT-enabled (eg. getSiteRoot) so skip if applied to tenant
    if (AuthenticationUtil.isRunAsUserTheSystemUser() || !AuthenticationUtil.isMtEnabled())
    {
        // Set all the sites in the repository
        List<SiteInfo> sites = this.siteService.listSites(null, null);
        renameDispayNames(sites);
    }
    // Report status
    return I18NUtil.getMessage(SUCCESS_MSG);
}
 
Example 5
Source File: MultiTServiceImpl.java    From alfresco-repository with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Override
public boolean isTenantUser(String username)
{
    // can be null (e.g. for System user / during app ctx init)
    if (username != null && AuthenticationUtil.isMtEnabled())
    {
        int idx = username.lastIndexOf(SEPARATOR);
        if ((idx > 0) && (idx < (username.length() - 1)))
        {
            return true;
        }
    }
    return false;
}
 
Example 6
Source File: BaseWebScriptTest.java    From alfresco-repository with GNU Lesser General Public License v3.0 5 votes vote down vote up
/**
 * Send Local Request to Test Web Script Server
 * 
 * @param req Request
 * @param expectedStatus int
 * @param asUser String
 * @return response
 * @throws IOException
 */
protected Response sendLocalRequest(final Request req, final int expectedStatus, String asUser)
    throws IOException
{
    asUser = (asUser == null) ? defaultRunAs : asUser;
    
    TestWebScriptServer tws = getServer();
    if (AuthenticationUtil.isMtEnabled())
    {
        // MT repository container requires non-none authentication (ie. guest or higher)
        // If the servlet authenticator is still the default, substitute in a custom one
        // (If they test has already changed the authenticator, then stay with that)
        if (customAuthenticatorFactory == null)
        {
            tws.setServletAuthenticatorFactory(new LocalTestRunAsAuthenticatorFactory());
        }
    }
    
    if (asUser == null)
    {
        return getServer().submitRequest(req.getMethod(), req.getFullUri(), req.getHeaders(), req.getBody(), req.getEncoding(), req.getType());
    }
    else
    {
        // send request in context of specified user
        return AuthenticationUtil.runAs(new RunAsWork<Response>()
        {
            @SuppressWarnings("synthetic-access")
            public Response doWork() throws Exception
            {
                return getServer().submitRequest(req.getMethod(), req.getFullUri(), req.getHeaders(), req.getBody(), req.getEncoding(), req.getType());
            }
        }, asUser);
    }
}
 
Example 7
Source File: MultiTServiceImplTest.java    From alfresco-repository with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Before
public void setUp() throws Exception
{
    multiTServiceImpl = applicationContext.getBean("tenantService", MultiTServiceImpl.class);
    tenantAdminService = applicationContext.getBean("tenantAdminService", TenantAdminService.class);
    personService = applicationContext.getBean("PersonService", PersonService.class);
    tenantService = applicationContext.getBean("tenantService", TenantService.class);
    authenticationService = applicationContext.getBean("AuthenticationService", MutableAuthenticationService.class);
    transactionService = applicationContext.getBean("TransactionService", TransactionService.class);
    nodeService = applicationContext.getBean("NodeService", NodeService.class);
    searchService = applicationContext.getBean("SearchService", SearchService.class);
    namespaceService = applicationContext.getBean("NamespaceService", NamespaceService.class);

    DOMAIN = GUID.generate();
    USER1 = GUID.generate();
    USER2 = GUID.generate();
    USER3 = GUID.generate();
    USER2_WITH_DOMAIN = USER2 + TenantService.SEPARATOR + DOMAIN;
    STRING = GUID.generate();
    TENANT_STRING = addDomainToId(STRING, DOMAIN);
    STRING_WITH_EXISTENT_DOMAIN = TenantService.SEPARATOR + DOMAIN + TenantService.SEPARATOR;
    STRING_WITH_NONEXITENT_DOMAIN = TenantService.SEPARATOR + STRING + TenantService.SEPARATOR;
    TENANT_STORE = new StoreRef(StoreRef.PROTOCOL_WORKSPACE, addDomainToId("SpacesStore", DOMAIN));
    TENANT_NODE_REF = new NodeRef(PROTOCOL, addDomainToId(IDENTIFIER, DOMAIN), ID);
    TENANT_STORE_REF = new StoreRef(PROTOCOL, addDomainToId(IDENTIFIER, DOMAIN));
    TENANT_QNAME = QName.createQName(addDomainToId(NAMESPACE_URI, DOMAIN), LOCAL_NAME);
    tenantAssocRef = new AssociationRef(TENANT_NODE_REF, QNAME, TENANT_NODE_REF);
    childAssocRef = new ChildAssociationRef(QNAME, NODE_REF, QNAME, NODE_REF);
    tenantChildAssocRef = new ChildAssociationRef(QNAME, TENANT_NODE_REF, QNAME, TENANT_NODE_REF);

    AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getAdminUserName());

    mtEnabled = AuthenticationUtil.isMtEnabled();
    AuthenticationUtil.setMtEnabled(false);
}
 
Example 8
Source File: RepositoryContainer.java    From alfresco-remote-api with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Override
public RequiredAuthentication getRequiredAuthentication()
{
    if (AuthenticationUtil.isMtEnabled())
    {
        return RequiredAuthentication.guest; // user or guest (ie. at least guest)
    }
    
    return RequiredAuthentication.none;
}
 
Example 9
Source File: NodeResourceHelper.java    From alfresco-repository with GNU Lesser General Public License v3.0 4 votes vote down vote up
public UserInfo getUserInfo(String userName)
{
    UserInfo userInfo = null;
    if (userName != null)
    {
        String sysUserName = AuthenticationUtil.getSystemUserName();
        if (userName.equals(sysUserName) || (AuthenticationUtil.isMtEnabled()
                    && userName.startsWith(sysUserName + "@")))
        {
            userInfo = new UserInfo(userName, userName, "");
        }
        else
        {
            PersonService.PersonInfo pInfo = null;
            try
            {
                NodeRef pNodeRef = personService.getPersonOrNull(userName);
                if (pNodeRef != null)
                {
                    pInfo = personService.getPerson(pNodeRef);
                }
            }
            catch (NoSuchPersonException | AccessDeniedException ex)
            {
                // ignore
            }

            if (pInfo != null)
            {
                userInfo = new UserInfo(userName, pInfo.getFirstName(), pInfo.getLastName());
            }
            else
            {
                if (LOGGER.isDebugEnabled())
                {
                    LOGGER.debug("Unknown person: " + userName);
                }
                userInfo = new UserInfo(userName, userName, "");
            }
        }
    }
    return userInfo;
}
 
Example 10
Source File: MultiTServiceImpl.java    From alfresco-repository with GNU Lesser General Public License v3.0 4 votes vote down vote up
public boolean isEnabled()
{
    return AuthenticationUtil.isMtEnabled();
}
 
Example 11
Source File: SOLRTrackingComponentImpl.java    From alfresco-repository with GNU Lesser General Public License v3.0 4 votes vote down vote up
@Override
public List<AclReaders> getAclsReaders(List<Long> aclIds)
{
    if(enabled)
    {
        // We don't want the caches to lie and we may not be part of the cluster
        aclDAO.setCheckAclConsistency();

        /*
         * This is an N+1 query that should, in theory, make use of cached ACL readers data.
         */

        Map<Long, String> aclChangeSetTenant = new HashMap<Long, String>(aclIds.size());
        
        List<AclReaders> aclsReaders = new ArrayList<AclReaders>(aclIds.size() * 10);
        for (Long aclId : aclIds)
        {
            AclReaders readers = new AclReaders();
            readers.setAclId(aclId);
            Set<String> readersSet = permissionService.getReaders(aclId);
            readers.setReaders(readersSet);
            Set<String> deniedSet = permissionService.getReadersDenied(aclId);
            readers.setDenied(deniedSet);
            
            Long aclChangeSetId = aclDAO.getAccessControlList(aclId).getProperties().getAclChangeSetId();
            readers.setAclChangeSetId(aclChangeSetId);
            
            if (AuthenticationUtil.isMtEnabled())
            {
            	// MT - for now, derive the tenant for acl (via acl change set)
                String tenantDomain = aclChangeSetTenant.get(aclChangeSetId);
                if (tenantDomain == null)
                {
                    tenantDomain = getTenant(aclId, aclChangeSetId);
                    if (tenantDomain == null)
                    {
                        // skip this acl !
                        continue;
                    }
                    aclChangeSetTenant.put(aclChangeSetId, tenantDomain);
                }
                readers.setTenantDomain(tenantDomain);
            }
            
            aclsReaders.add(readers);
        }
        
        return aclsReaders;
    }
    else
    {
        return Collections.<AclReaders>emptyList();
    }
}
 
Example 12
Source File: MessageServiceImpl.java    From alfresco-repository with GNU Lesser General Public License v3.0 4 votes vote down vote up
protected NodeRef resolveQNamePath(NodeRef rootNodeRef, String[] pathPrefixQNameStrings)
{
    if (pathPrefixQNameStrings.length == 0)
    {
        throw new IllegalArgumentException("Path array is empty");
    }
    // walk the path
    NodeRef parentNodeRef = rootNodeRef;
    for (int i = 0; i < pathPrefixQNameStrings.length; i++)
    {
        String pathPrefixQNameString = pathPrefixQNameStrings[i];
        
        QName pathQName = null;
        if (AuthenticationUtil.isMtEnabled())
        {
            String[] parts = QName.splitPrefixedQName(pathPrefixQNameString);
            if ((parts.length == 2) && (parts[0].equals(NamespaceService.APP_MODEL_PREFIX)))
            {
                String pathUriQNameString = new StringBuilder(64).
                    append(QName.NAMESPACE_BEGIN).
                    append(NamespaceService.APP_MODEL_1_0_URI).
                    append(QName.NAMESPACE_END).
                    append(parts[1]).toString();
                
                pathQName = QName.createQName(pathUriQNameString);
            }
            else
            {
                pathQName = QName.createQName(pathPrefixQNameString, namespaceService);
            }
        }
        else
        {
            pathQName = QName.createQName(pathPrefixQNameString, namespaceService);
        }
        
        List<ChildAssociationRef> childAssocRefs = nodeService.getChildAssocs(parentNodeRef, RegexQNamePattern.MATCH_ALL, pathQName);
        if (childAssocRefs.size() != 1)
        {
            return null;
        }
        parentNodeRef = childAssocRefs.get(0).getChildRef();
    }
    return parentNodeRef;
}
 
Example 13
Source File: Node.java    From alfresco-remote-api with GNU Lesser General Public License v3.0 4 votes vote down vote up
public static UserInfo lookupUserInfo(String userName, Map<String, UserInfo> mapUserInfo, PersonService personService, boolean displayNameOnly)
{
    UserInfo userInfo = mapUserInfo.get(userName);
    if ((userInfo == null) && (userName != null))
    {
        String sysUserName = AuthenticationUtil.getSystemUserName();
        if (userName.equals(sysUserName) || (AuthenticationUtil.isMtEnabled() && userName.startsWith(sysUserName + "@")))
        {
            userInfo = new UserInfo((displayNameOnly ? null : userName), userName, "");
        }
        else
        {
            PersonService.PersonInfo pInfo = null;
            try
            {
                NodeRef pNodeRef = personService.getPersonOrNull(userName);
                if (pNodeRef != null)
                {
                    pInfo = personService.getPerson(pNodeRef);
                }
            }
            catch (NoSuchPersonException nspe)
            {
                // drop-through
            }
            catch (AccessDeniedException ade)
            {
                // SFS-610
                // drop-through
            }

            if (pInfo != null)
            {
                userInfo = new UserInfo((displayNameOnly ? null : userName), pInfo.getFirstName(), pInfo.getLastName());
            }
            else
            {
                logger.warn("Unknown person: "+userName);
                userInfo = new UserInfo((displayNameOnly ? null : userName), userName, "");
            }
        }

        mapUserInfo.put(userName, userInfo);
    }
    return userInfo;
}