Support user home in addition to group home

[gpl/argeo-slc.git] / org.argeo.slc.core / src / org / argeo / slc / core / execution / ProcessThread.java
diff --git a/org.argeo.slc.core/src/org/argeo/slc/core/execution/ProcessThread.java b/org.argeo.slc.core/src/org/argeo/slc/core/execution/ProcessThread.java

index 9b8f9cc3f2cdbb530a7c6b54b0df06de938580d7..926789677165b760d56d5519a5e3b0ea96ef04cc 100644 (file)
--- a/org.argeo.slc.core/src/org/argeo/slc/core/execution/ProcessThread.java
+++ b/org.argeo.slc.core/src/org/argeo/slc/core/execution/ProcessThread.java
@@ -15,12 +15,18 @@
   */
  package org.argeo.slc.core.execution;
  
+import java.security.AccessControlContext;
+import java.security.AccessController;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
  import java.util.ArrayList;
  import java.util.Collections;
  import java.util.HashSet;
  import java.util.List;
  import java.util.Set;
  
+import javax.security.auth.Subject;
+
  import org.apache.commons.logging.Log;
  import org.apache.commons.logging.LogFactory;
  import org.argeo.slc.SlcException;
@@ -28,8 +34,6 @@ import org.argeo.slc.execution.ExecutionModulesManager;
  import org.argeo.slc.execution.ExecutionProcess;
  import org.argeo.slc.execution.ExecutionStep;
  import org.argeo.slc.execution.RealizedFlow;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
  
  /**
   * Main thread coordinating an {@link ExecutionProcess}, launching parallel or
@@ -42,48 +46,64 @@ public class ProcessThread extends Thread {
         private final ExecutionProcess process;
         private final ProcessThreadGroup processThreadGroup;
  
-       private Set<ExecutionThread> executionThreads = Collections
-                       .synchronizedSet(new HashSet<ExecutionThread>());
+       private Set<ExecutionThread> executionThreads = Collections.synchronizedSet(new HashSet<ExecutionThread>());
  
         // private Boolean hadAnError = false;
         private Boolean killed = false;
  
-       public ProcessThread(ThreadGroup processesThreadGroup,
-                       ExecutionModulesManager executionModulesManager,
+       private final AccessControlContext accessControlContext;
+
+       public ProcessThread(ThreadGroup processesThreadGroup, ExecutionModulesManager executionModulesManager,
                         ExecutionProcess process) {
                 super(processesThreadGroup, "SLC Process #" + process.getUuid());
                 this.executionModulesManager = executionModulesManager;
                 this.process = process;
                 processThreadGroup = new ProcessThreadGroup(process);
+               accessControlContext = AccessController.getContext();
         }
  
         public final void run() {
                 // authenticate thread
-               Authentication authentication = getProcessThreadGroup()
-                               .getAuthentication();
-               if (authentication == null)
-                       throw new SlcException("Can only execute authenticated threads");
-               SecurityContextHolder.getContext().setAuthentication(authentication);
+               // Authentication authentication = getProcessThreadGroup()
+               // .getAuthentication();
+               // if (authentication == null)
+               // throw new SlcException("Can only execute authenticated threads");
+               // SecurityContextHolder.getContext().setAuthentication(authentication);
  
-               log.info("\n##\n## SLC Process #" + process.getUuid()
-                               + " STARTED\n##\n");
+               log.info("\n##\n## SLC Process #" + process.getUuid() + " STARTED\n##\n");
  
                 // Start logging
                 new LoggingThread().start();
  
                 process.setStatus(ExecutionProcess.RUNNING);
                 try {
-                       process();
+                       Subject subject = Subject.getSubject(accessControlContext);
+                       try {
+                               Subject.doAs(subject, new PrivilegedExceptionAction<Void>() {
+
+                                       @Override
+                                       public Void run() throws Exception {
+                                               process();
+                                               return null;
+                                       }
+
+                               });
+                       } catch (PrivilegedActionException privilegedActionException) {
+                               Throwable cause = privilegedActionException.getCause();
+                               if (cause instanceof InterruptedException)
+                                       throw (InterruptedException) cause;
+                               else
+                                       throw new SlcException("Cannot process", cause);
+                       }
+                       // process();
                 } catch (InterruptedException e) {
                         die();
                         return;
                 } catch (Exception e) {
-                       String msg = "Process " + getProcess().getUuid()
-                                       + " failed unexpectedly.";
+                       String msg = "Process " + getProcess().getUuid() + " failed unexpectedly.";
                         log.error(msg, e);
-                       getProcessThreadGroup().dispatchAddStep(
-                                       new ExecutionStep("Process", ExecutionStep.ERROR, msg + " "
-                                                       + e.getMessage()));
+                       getProcessThreadGroup()
+                                       .dispatchAddStep(new ExecutionStep("Process", ExecutionStep.ERROR, msg + " " + e.getMessage()));
                 }
  
                 // waits for all execution threads to complete (in case they were
@@ -114,8 +134,7 @@ public class ProcessThread extends Thread {
                         process.setStatus(ExecutionProcess.COMPLETED);
                 // executionModulesManager.dispatchUpdateStatus(process, oldStatus,
                 // process.getStatus());
-               log.info("\n## SLC Process #" + process.getUuid() + " "
-                               + process.getStatus() + "\n");
+               log.info("\n## SLC Process #" + process.getUuid() + " " + process.getStatus() + "\n");
         }
  
         /** Called when being killed */
@@ -146,13 +165,11 @@ public class ProcessThread extends Thread {
         }
  
         /** @return the (distinct) thread used for this execution */
-       protected final void execute(RealizedFlow realizedFlow, Boolean synchronous)
-                       throws InterruptedException {
+       protected final void execute(RealizedFlow realizedFlow, Boolean synchronous) throws InterruptedException {
                 if (killed)
                         return;
  
-               ExecutionThread thread = new ExecutionThread(processThreadGroup,
-                               executionModulesManager, realizedFlow);
+               ExecutionThread thread = new ExecutionThread(processThreadGroup, executionModulesManager, realizedFlow);
                 executionThreads.add(thread);
                 thread.start();
  
@@ -204,8 +221,7 @@ public class ProcessThread extends Thread {
                                         break;
                                 }
  
-                               if (!ProcessThread.this.isAlive()
-                                               && processThreadGroup.getSteps().size() == 0)
+                               if (!ProcessThread.this.isAlive() && processThreadGroup.getSteps().size() == 0)
                                         run = false;
                         }
                 }