org.alfresco.service.cmr.security.AuthorityType Java Examples

@Override
protected String applyInternal() throws Exception
{
    StringBuilder result = new StringBuilder(I18NUtil.getMessage(MSG_START));

    String groupAuthorityName = PermissionService.GROUP_PREFIX + this.groupAuthorityDetails.groupName;
    if (!authorityService.authorityExists(groupAuthorityName))
    {
        groupAuthorityName = authorityService.createAuthority(AuthorityType.GROUP,
                    this.groupAuthorityDetails.groupName,
                    this.groupAuthorityDetails.groupDisplayName,
                    this.groupAuthorityDetails.authorityZones);

        authorityService.addAuthority(groupAuthorityName, AuthenticationUtil.getAdminUserName());

        result.append(I18NUtil.getMessage(MSG_RESULT, groupAuthorityName));
    }
    else
    {
        result.append(I18NUtil.getMessage(MSG_EXIST, groupAuthorityName));
    }
    return result.toString();
}
 

/**
 * Get the root groups, those without a parent group.
 * @param zone zone to search in.
    * @param maxItems Maximum number of items returned.
    * @param skipCount number of items to skip.
 * @return The root groups (empty if there are no root groups)
 */
public ScriptGroup[] getAllRootGroupsInZone(String zone, int maxItems, int skipCount)
{
	Set<String> authorities;
	try
	{
	    authorities= authorityService.getAllRootAuthoritiesInZone(zone, AuthorityType.GROUP);
       }
       catch(UnknownAuthorityException e)
       {
           authorities = Collections.emptySet();
       }

	return makeScriptGroups(authorities, new ScriptPagingDetails(maxItems, skipCount), 
	            null, serviceRegistry, this.getScope());
}
 

/**
 * {@inheritDoc}
 */
public void deleteAuthority(String name, boolean cascade)
{
    AuthorityType type = AuthorityType.getAuthorityType(name);
    checkTypeIsMutable(type);
    if (cascade)
    {
        for (String child : getContainedAuthorities(type, name, true))
        {
            deleteAuthority(child, true);
        }
    }
    authorityDAO.deleteAuthority(name);
    permissionServiceSPI.deletePermissions(name);
    
    if (isGroup(type))
    {
        OnGroupDeleted onGroupDelete = onGroupDeletedDelegate.get(ContentModel.TYPE_AUTHORITY);
        onGroupDelete.onGroupDeleted(name, cascade);
    }
}
 

public void deleteGroupMembership(String groupId, String groupMemberId)
{
    validateGroupId(groupId, false);

    // Not allowed to modify a GROUP_EVERYONE member.
    if (PermissionService.ALL_AUTHORITIES.equals(groupId))
    {
        throw new ConstraintViolatedException(ERR_MSG_MODIFY_FIXED_AUTHORITY);
    }

    validateGroupMemberId(groupMemberId);

    // Verify if groupMemberId is member of groupId
    AuthorityType authorityType = AuthorityType.getAuthorityType(groupMemberId);
    Set<String> parents = authorityService.getContainingAuthorities(AuthorityType.GROUP, groupMemberId, true);
    if (!parents.contains(groupId))
    {
        throw new NotFoundException(groupMemberId + " is not member of " + groupId);
    }

    authorityService.removeAuthority(groupId, groupMemberId);
}
 

private PagingResults<AuthorityInfo> getAuthoritiesInfo(AuthorityType authorityType, String groupId, Pair<String, Boolean> sortProp, Paging paging)
{
    Set<String> authorities;
    try
    {
        authorities = authorityService.findAuthorities(authorityType, groupId, true, null, null);
    }
    catch (UnknownAuthorityException e)
    {
        authorities = Collections.emptySet();
    }

    List<AuthorityInfo> authorityInfoList = new ArrayList<>(authorities.size());
    authorityInfoList.addAll(authorities.stream().map(this::getAuthorityInfo).collect(Collectors.toList()));

    // Post process sorting - this should be moved to service
    // layer. It is done here because sorting is not supported at
    // service layer.
    AuthorityInfoComparator authorityComparator = new AuthorityInfoComparator(sortProp.getFirst(), sortProp.getSecond());
    Collections.sort(authorityInfoList, authorityComparator);

    // Post process paging - this should be moved to service layer.
    return Util.wrapPagingResults(paging, authorityInfoList);
}
 

/**
 * Gets the groups that contain the specified authority
 * 
 * @param person       the user (cm:person) to get the containing groups for
 * 
 * @return the containing groups as a List of TemplateNode objects, can be null
 */
public List<TemplateNode> getContainerGroups(TemplateNode person)
{
    ParameterCheck.mandatory("Person", person);
    List<TemplateNode> parents;
    Set<String> authorities = this.authorityService.getContainingAuthoritiesInZone(
            AuthorityType.GROUP,
            (String)person.getProperties().get(ContentModel.PROP_USERNAME),
            AuthorityService.ZONE_APP_DEFAULT, null, 1000);
    parents = new ArrayList<TemplateNode>(authorities.size());
    for (String authority : authorities)
    {
        TemplateNode group = getGroup(authority);
        if (group != null)
        {
            parents.add(group); 
        }
    }
    return parents;
}
 

public void testAuthorityDisplayNames()
{
    String authOne = pubAuthorityService.createAuthority(AuthorityType.GROUP, "One");
    assertEquals(pubAuthorityService.getAuthorityDisplayName(authOne), "One");
    pubAuthorityService.setAuthorityDisplayName(authOne, "Selfish Crocodile");
    assertEquals(pubAuthorityService.getAuthorityDisplayName(authOne), "Selfish Crocodile");

    String authTwo = pubAuthorityService.createAuthority(AuthorityType.GROUP, "Two", "Lamp posts", authorityService.getDefaultZones());
    assertEquals(pubAuthorityService.getAuthorityDisplayName(authTwo), "Lamp posts");
    pubAuthorityService.setAuthorityDisplayName(authTwo, "Happy Hippos");
    assertEquals(pubAuthorityService.getAuthorityDisplayName(authTwo), "Happy Hippos");

    assertEquals(pubAuthorityService.getAuthorityDisplayName("GROUP_Loon"), "Loon");
    assertEquals(pubAuthorityService.getAuthorityDisplayName("ROLE_Gibbon"), "Gibbon");
    assertEquals(pubAuthorityService.getAuthorityDisplayName("Monkey"), "Monkey");

    authenticationComponent.setCurrentUser("andy");
    assertEquals(pubAuthorityService.getAuthorityDisplayName(authOne), "Selfish Crocodile");
    assertEquals(pubAuthorityService.getAuthorityDisplayName(authTwo), "Happy Hippos");
    assertEquals(pubAuthorityService.getAuthorityDisplayName("GROUP_Loon"), "Loon");
    assertEquals(pubAuthorityService.getAuthorityDisplayName("GROUP_Loon"), "Loon");
    assertEquals(pubAuthorityService.getAuthorityDisplayName("ROLE_Gibbon"), "Gibbon");
    assertEquals(pubAuthorityService.getAuthorityDisplayName("Monkey"), "Monkey");
}
 

/**
 * Gets the NodeRefs for cm:person nodes in the specified site - excluding admin, guest.
 * @since 4.1.5
 */
private List<NodeRef> getPersonNodesInSiteGroup(SiteInfo site)
{
    // Find the root group
    String siteGroup = AbstractSiteWebScript.buildSiteGroup(site);
    
    // Now get all people in the child groups
    Set<String> siteUsers = authorityService.getContainedAuthorities(
            AuthorityType.USER, siteGroup, false);
    
    // Turn these all into NodeRefs
    List<NodeRef> peopleNodes = new ArrayList<NodeRef>(siteUsers.size());
    for (String authority : siteUsers) 
    {
        if (!USERS_NOT_TO_EXPORT.contains(authority))
        {
            peopleNodes.add(authorityService.getAuthorityNodeRef(authority));
        }
    }
    return peopleNodes;
}
 

public void testAuthorities()
{
    assertEquals(1, getAllAuthorities(AuthorityType.ADMIN).size());
    assertTrue(getAllAuthorities(AuthorityType.ADMIN).contains(PermissionService.ADMINISTRATOR_AUTHORITY));
    assertEquals(1, getAllAuthorities(AuthorityType.EVERYONE).size());
    assertTrue(getAllAuthorities(AuthorityType.EVERYONE).contains(PermissionService.ALL_AUTHORITIES));
    // groups added for email and admin
    assertEquals(GRP_CNT, getAllAuthorities(AuthorityType.GROUP).size());
    assertFalse(getAllAuthorities(AuthorityType.GROUP).contains(PermissionService.ALL_AUTHORITIES));
    assertEquals(1, getAllAuthorities(AuthorityType.GUEST).size());
    assertTrue(getAllAuthorities(AuthorityType.GUEST).contains(PermissionService.GUEST_AUTHORITY));
    assertEquals(0, getAllAuthorities(AuthorityType.OWNER).size());
    assertEquals(0, getAllAuthorities(AuthorityType.ROLE).size());
    
    int peopleCnt = personService.getPeople(null, null, null, new PagingRequest(0, Integer.MAX_VALUE, null)).getPage().size();
    assertEquals(peopleCnt, getAllAuthorities(AuthorityType.USER).size());
}
 

public void testIncrementAuthorityCounts()
{
    long usersCountBefore = pubAuthorityService.countUsers();
    long groupCountBefore = pubAuthorityService.countGroups();

    // Add a user and check that the count increases
    String user = "userTest_" + System.currentTimeMillis();

    Map<QName, Serializable> props = new HashMap<QName, Serializable>(4, 1.0f);
    props.put(ContentModel.PROP_USERNAME, user);
    props.put(ContentModel.PROP_FIRSTNAME, user);
    props.put(ContentModel.PROP_LASTNAME, user);
    props.put(ContentModel.PROP_EMAIL, user + "@gmail.com");

    personService.createPerson(props);
    long usersCountAfter = pubAuthorityService.countUsers();
    assertEquals("Count of users must increment", (usersCountBefore+1), usersCountAfter);

    // Create new Group using Authentication Service and check that the count increases
    pubAuthorityService.createAuthority(AuthorityType.GROUP, "authority_test_" + System.currentTimeMillis());
    long groupCountAfter = pubAuthorityService.countGroups();
    assertEquals("Count of groups must increment", (groupCountBefore+1), groupCountAfter);
}
 

public String getShortName(String name)
{
    AuthorityType type = AuthorityType.getAuthorityType(name);
    if (type.isFixedString())
    {
        return "";
    }
    else if (type.isPrefixed())
    {
        return name.substring(type.getPrefixString().length());
    }
    else
    {
        return name;
    }
}
 

public void testDeletePermissions()
{
    authenticationComponent.setCurrentUser(authenticationComponent.getSystemUserName());
    personService.getPerson("andy");
    authenticationComponent.clearCurrentSecurityContext();
    
    runAs("andy");
    assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED);
    permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ),
            "GROUP_test", AccessStatus.ALLOWED));
    assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED);
    runAs("admin");
    authorityService.createAuthority(AuthorityType.GROUP, "test");
    authorityService.addAuthority("GROUP_test", "andy");
    runAs("andy");
    assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED);
    permissionService.deletePermissions("GROUP_test");
    assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED);

    //At the store level
    permissionService.clearPermission(testStoreRef, "GROUP_test");
    permissionService.deletePermission(testStoreRef, "GROUP_test", PermissionService.READ);
}
 

/**
 * Creates a group with the given name if one does not already exist.
 * @param groupShortName String
 * @return The group's full name.
 */
public String createGroupIfNotExist(String groupShortName)
{
    String fullName = authorityService.getName(AuthorityType.GROUP, groupShortName);
    if (groups.containsKey(groupShortName) == false)
    {
        if (authorityService.authorityExists(fullName) == false)
        {
            Set<String> zones = new HashSet<String>(2, 1.0f);
            zones.add(AuthorityService.ZONE_APP_DEFAULT);
            fullName = authorityService.createAuthority(AuthorityType.GROUP, groupShortName, groupShortName, zones);
            groups.put(groupShortName, findGroupNode(groupShortName));
        }
    }
    return fullName;
}
 

protected void addAuthorityNameIfMatches(Set<String> authorities, String authorityName, AuthorityType type, Pattern pattern)
{
    if (type == null || AuthorityType.getAuthorityType(authorityName).equals(type))
    {
        if (pattern == null)
        {
            authorities.add(getPooledName(authorityName));
        }
        else
        {
            if (pattern.matcher(getShortName(authorityName)).matches())
            {
                authorities.add(getPooledName(authorityName));
            }
            else
            {
                String displayName = getAuthorityDisplayName(authorityName);
                if (displayName != null && pattern.matcher(displayName).matches())
                {
                    authorities.add(getPooledName(authorityName));
                }
            }
        }
    }
}
 

private void listAuthorities(AuthorityType type, String name, Set<String> authorities, boolean parents, boolean recursive)
{
    AuthorityType localType = AuthorityType.getAuthorityType(name);
    if (localType.equals(AuthorityType.GUEST))
    {
        // Nothing to do
    }
    else
    {
        NodeRef ref = getAuthorityOrNull(name);
        
        if (ref != null)
        {
            listAuthorities(type, ref, authorities, parents, recursive, false);
        }
        else if (!localType.equals(AuthorityType.USER))
        {
            // Don't worry about missing person objects. It might be the system user or a user yet to be
            // auto-created
            throw new UnknownAuthorityException("An authority was not found for " + name);
        }
    }
}
 

private Set<String> getAllAuthoritiesInTxn(final String systemUserName)
{
    return AuthenticationUtil.runAs(new RunAsWork<Set<String>>()
    {
        public Set<String> doWork() throws Exception
        {
            RetryingTransactionHelper txnHelper = transactionService.getRetryingTransactionHelper();
            RetryingTransactionCallback<Set<String>> restoreCallback =
                new RetryingTransactionCallback<Set<String>>()
            {
                public Set<String> execute() throws Exception
                {
                    // Returns a sorted set (using natural ordering) rather than a hashCode
                    // so that it is more obvious what the order is for processing users.
                    Set<String> result = new TreeSet<String>();
                    result.addAll(authorityService.getAllAuthorities(AuthorityType.USER));
                    return result;
                }
            };
            return txnHelper.doInTransaction(restoreCallback, false, true);
        }
    }, systemUserName);
}
 

public void testNoUser()
{
    pubAuthorityService.createAuthority(AuthorityType.GROUP, "DEFAULT");

    authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
    PagingResults<String> results = pubAuthorityService.getAuthorities(
            AuthorityType.GROUP, null, null, true, true, new PagingRequest(10));
    AuthenticationUtil.clearCurrentSecurityContext();
    try
    {
        pubAuthorityService.getAuthorities(
                AuthorityType.GROUP, null, null, true, true, new PagingRequest(10));
        fail("Public AuthorityService should reject unauthorized use.");
    }
    catch (AuthenticationCredentialsNotFoundException e)
    {
        // Expected
    }
    PagingResults<String> resultsCheck = authorityService.getAuthorities(
            AuthorityType.GROUP, null, null, true, true, new PagingRequest(10));
    assertEquals(
            "Unauthorized use of private service should work just like 'admin'",
            results.getPage().size(), resultsCheck.getPage().size());
}
 

public void addAuthorityToZones(String authorityName, Set<String> zones)
{
    if ((zones != null) && (zones.size() > 0))
    {
        Set<NodeRef> zoneRefs = new HashSet<NodeRef>(zones.size() * 2);
        for (String authorityZone : zones)
        {
            zoneRefs.add(getOrCreateZone(authorityZone));
        }
        NodeRef authRef = getAuthorityOrNull(authorityName);
        if (authRef != null)
        {
            // Normalize the user name if necessary
            if (AuthorityType.getAuthorityType(authorityName) == AuthorityType.USER)
            {
                authorityName = (String) nodeService.getProperty(authRef, ContentModel.PROP_USERNAME);
            }
            
            nodeService.addChild(zoneRefs, authRef, ContentModel.ASSOC_IN_ZONE, QName.createQName("cm", authorityName, namespacePrefixResolver));
        }
    }
}
 

public PagingResults<String> getAuthorities(AuthorityType type, String zoneName, String displayNameFilter, boolean sortByDisplayName, boolean sortAscending, PagingRequest pagingRequest)
{
    checkGetAuthorityParams(type, zoneName, pagingRequest);
    
    if ((zoneName == null) && (type.equals(AuthorityType.USER)))
    {
        return getUserAuthoritiesImpl(displayNameFilter, sortByDisplayName, sortAscending, pagingRequest);
    }
    
    return getAuthoritiesImpl(type, getContainerRef(zoneName), displayNameFilter, (sortByDisplayName ? GetAuthoritiesCannedQuery.DISPLAY_NAME : null), sortAscending, pagingRequest, new PagingResultsString());
}
 

protected void addAuthorityNameIfMatches(Set<String> authorities, String authorityName, AuthorityType type)
{
    if (type == null || AuthorityType.getAuthorityType(authorityName).equals(type))
    {
        authorities.add(getPooledName(authorityName));
    }
}
 

public void testGroupNameTokenisation()
{
    assertEquals(GRP_CNT, getAllAuthorities(AuthorityType.GROUP).size());
    assertEquals(ROOT_GRP_CNT, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
    
    String auth1234 = pubAuthorityService.createAuthority(AuthorityType.GROUP, "1234");
    assertEquals(0, pubAuthorityService.getContainedAuthorities(AuthorityType.GROUP, auth1234, false).size());
    String authC1 = pubAuthorityService.createAuthority(AuthorityType.GROUP, "circle");
    pubAuthorityService.addAuthority(auth1234, authC1);
    assertEquals(1, pubAuthorityService.getContainedAuthorities(AuthorityType.GROUP, auth1234, false).size());
    assertEquals(0, pubAuthorityService.getContainedAuthorities(AuthorityType.GROUP, authC1, false).size());
    String authC2 = pubAuthorityService.createAuthority(AuthorityType.GROUP, "bigCircle");
    pubAuthorityService.addAuthority(authC1, authC2);
    assertEquals(2, pubAuthorityService.getContainedAuthorities(AuthorityType.GROUP, auth1234, false).size());
    assertEquals(1, pubAuthorityService.getContainedAuthorities(AuthorityType.GROUP, authC1, false).size());
    assertEquals(0, pubAuthorityService.getContainedAuthorities(AuthorityType.GROUP, authC2, false).size());
    String authStuff = pubAuthorityService.createAuthority(AuthorityType.GROUP, "|<>?~@:}{+_)(*&^%$£!¬`,.#';][=-0987654321 1234556678 '");
    pubAuthorityService.addAuthority(authC2, authStuff);
    assertEquals(3, pubAuthorityService.getContainedAuthorities(AuthorityType.GROUP, auth1234, false).size());
    assertEquals(2, pubAuthorityService.getContainedAuthorities(AuthorityType.GROUP, authC1, false).size());
    assertEquals(1, pubAuthorityService.getContainedAuthorities(AuthorityType.GROUP, authC2, false).size());
    assertEquals(0, pubAuthorityService.getContainedAuthorities(AuthorityType.GROUP, authStuff, false).size());
    String authSpace = pubAuthorityService.createAuthority(AuthorityType.GROUP, "  Circles     ");
    pubAuthorityService.addAuthority(authStuff, authSpace);
    assertEquals(4, pubAuthorityService.getContainedAuthorities(AuthorityType.GROUP, auth1234, false).size());
    assertEquals(3, pubAuthorityService.getContainedAuthorities(AuthorityType.GROUP, authC1, false).size());
    assertEquals(2, pubAuthorityService.getContainedAuthorities(AuthorityType.GROUP, authC2, false).size());
    assertEquals(1, pubAuthorityService.getContainedAuthorities(AuthorityType.GROUP, authStuff, false).size());
    assertEquals(0, pubAuthorityService.getContainedAuthorities(AuthorityType.GROUP, authSpace, false).size());
    
    pubAuthorityService.deleteAuthority(authSpace);
    pubAuthorityService.deleteAuthority(authStuff);
    pubAuthorityService.deleteAuthority(authC2);
    pubAuthorityService.deleteAuthority(authC1);
    pubAuthorityService.deleteAuthority(auth1234);
    
    assertEquals(GRP_CNT, getAllAuthorities(AuthorityType.GROUP).size());
    assertEquals(ROOT_GRP_CNT, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
}
 

private NodeRef getAuthorityOrNull(final String name, final AuthorityType authType)
{
    try
    {
        switch (authType)
        {
            case USER:
                return personService.getPerson(name, false);
            case GUEST:
            case ADMIN:
            case EVERYONE:
            case OWNER:
                return null;
            default:
            {
                Pair<String, String> cacheKey = cacheKey(name);
                NodeRef result = authorityLookupCache.get(cacheKey);
                if (result == null)
                {
                    List<ChildAssociationRef> results = nodeService.getChildAssocs(getAuthorityContainer(), ContentModel.ASSOC_CHILDREN,
                                QName.createQName("cm", name, namespacePrefixResolver), false);
                    result = results.isEmpty() ? NULL_NODEREF : results.get(0).getChildRef();
                    authorityLookupCache.put(cacheKey, result);
                }
                return result.equals(NULL_NODEREF) ? null : result;
            }
        }
    }
    catch (NoSuchPersonException e)
    {
        return null;
    }
}
 

public Set<String> getAllAuthoritiesInZone(String zoneName, AuthorityType type)
{
    NodeRef zoneRef = getZone(zoneName);
    if (zoneRef == null)
    {
        return Collections.emptySet();
    }
    return new HashSet<String>(getAuthoritiesImpl(type, zoneRef, null, null, false,
            new PagingRequest(0, Integer.MAX_VALUE, null), new PagingResultsString()).getPage());
}
 

public void removeAuthority(String parentName, String childName, boolean cacheRefresh)
{
    NodeRef parentRef = getAuthorityOrNull(parentName);
    if (parentRef == null)
    {
        throw new UnknownAuthorityException("An authority was not found for " + parentName);
    }
    NodeRef childRef = getAuthorityOrNull(childName);
    if (childRef == null)
    {
        throw new UnknownAuthorityException("An authority was not found for " + childName);
    }
    nodeService.removeChild(parentRef, childRef);
    childAuthorityCache.remove(parentRef);
    if (AuthorityType.getAuthorityType(childName) == AuthorityType.USER)
    {
        // Normalize the user name
        childName = (String) nodeService.getProperty(childRef, ContentModel.PROP_USERNAME);
        userAuthorityCache.remove(childName);
    }
    else
    {
        userAuthorityCache.clear();
        if (cacheRefresh)
        {
            authorityBridgeTableCache.refresh();
        }
    }
}
 

/**
 * {@inheritDoc}
 */
public Set<String> findAuthorities(AuthorityType type, String parentAuthority, boolean immediate, String displayNamePattern, String zoneName)
{
    if (type == null || type == AuthorityType.GROUP || type == AuthorityType.USER)
    {
        return authorityDAO.findAuthorities(type, parentAuthority, immediate, displayNamePattern, zoneName);
    }
    else
    {
        throw new UnsupportedOperationException();
    }
}
 

private void createGroup(String shortName, String parentShortName)
{
    // create new Group using authority Service
    String groupName = this.authorityService.getName(AuthorityType.GROUP, shortName);
    if (this.authorityService.authorityExists(groupName) == false)
    {
       String parentGroupName = null;
       if (parentShortName != null)
       {
           parentGroupName = this.authorityService.getName(AuthorityType.GROUP, parentShortName);
           if (this.authorityService.authorityExists(parentGroupName) == false)
           {
               logger.warn("Parent group does not exist: " + parentShortName);
               return;
           }
       }
       
       this.authorityService.createAuthority(AuthorityType.GROUP, shortName);
       
       if (parentGroupName != null)
       {
           addToGroup(parentShortName, groupName);
       }
    }
    else
    {
        logger.warn("Group already exists: " + shortName);
    }
}
 

@Override protected void setUp() throws Exception
{
    super.setUp();
    authenticationService = getServer().getApplicationContext().getBean("AuthenticationService", MutableAuthenticationService.class);
    authorityService      = getServer().getApplicationContext().getBean("AuthorityService", AuthorityService.class);
    personService         = getServer().getApplicationContext().getBean("PersonService", PersonService.class);
    transactionHelper     = getServer().getApplicationContext().getBean("retryingTransactionHelper", RetryingTransactionHelper.class);

    AuthenticationUtil.clearCurrentSecurityContext();
    // Create test users. TODO Create these users @BeforeClass or at a testsuite scope.
    AuthenticationUtil.runAsSystem(new RunAsWork<Void>()
    {
        @Override public Void doWork() throws Exception
        {
            createUser(SEARCH_ADMIN_USER);
            createUser(NON_SEARCH_ADMIN_USER);

            if ( !authorityService.getContainingAuthorities(AuthorityType.GROUP,
                                                            SEARCH_ADMIN_USER,
                                                            true)
                                .contains(SolrFacetServiceImpl.GROUP_ALFRESCO_SEARCH_ADMINISTRATORS_AUTHORITY))
            {
                authorityService.addAuthority(SolrFacetServiceImpl.GROUP_ALFRESCO_SEARCH_ADMINISTRATORS_AUTHORITY,
                                              SEARCH_ADMIN_USER);
            }
            return null;
        }
    });
}
 

@Override
public boolean createMissingPerson(String userName)
{
    // synchronise or auto-create the missing person if we are allowed
    if (userName != null && !userName.equals(AuthenticationUtil.getSystemUserName()))
    {
        if (this.syncWhenMissingPeopleLogIn)
        {
            try
            {
                synchronizeInternal(false, false, false);
            }
            catch (Exception e)
            {
                // We don't want to fail the whole login if we can help it
                ChainingUserRegistrySynchronizer.logger.warn("User authenticated but failed to sync with user registry", e);
            }
            if (this.personService.personExists(userName))
            {
                return true;
            }
        }
        if (this.autoCreatePeopleOnLogin && this.personService.createMissingPeople())
        {
            AuthorityType authorityType = AuthorityType.getAuthorityType(userName);
            if (authorityType == AuthorityType.USER)
            {
                this.personService.getPerson(userName);
                return true;
            }
        }
    }
    return false;
}
 

/**
 * remove sub group from this group
 * @param newShortName the shortName of the sub group to remove from this group.
 */
public void removeGroup(String newShortName)
{
    String fullAuthorityName = authorityService.getName(AuthorityType.GROUP, newShortName);

    authorityService.removeAuthority(fullName, fullAuthorityName);
    clearCaches();
}
 

/**
 * Create a new group as a child of this group.
 * @return the new group
 */
public ScriptGroup createGroup(String newShortName, String newDisplayName)
{
    String authorityName = authorityService.createAuthority(AuthorityType.GROUP, newShortName, newDisplayName, authorityService.getDefaultZones());
    authorityService.addAuthority(fullName, authorityName);
    ScriptGroup childGroup = new ScriptGroup(authorityName, null, serviceRegistry, authorityService, this.scope);
    clearCaches();
    return childGroup;
}