mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-07-31 17:39:05 +00:00
[MNT-24195] Added fix for ags capability issue (#2648)
* [MNT-24195] added fix for ags capability issue * [MNT-24195] Build Issue Resolved * [MNT-24195] Removed unused import * [MNT-24195] Build issue changes * [MNT-24195] added fix for ags capability issue * [MNT-24195] Added fix for ags capability issue * [MNT-24195] Fix for Review Comment * [MNT-24195] Fix for Review Comment --------- Co-authored-by: Sathish Kumar <ST28@ford.com>
This commit is contained in:
SathishK-T
GitHub
@@ -31,7 +31,6 @@ import java.util.HashMap;
|
|||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
|
||||||
import org.alfresco.model.ContentModel;
|
import org.alfresco.model.ContentModel;
|
||||||
import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
|
|
||||||
import org.alfresco.module.org_alfresco_module_rm.capability.declarative.DeclarativeCapability;
|
import org.alfresco.module.org_alfresco_module_rm.capability.declarative.DeclarativeCapability;
|
||||||
import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
|
import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
|
||||||
import org.alfresco.module.org_alfresco_module_rm.recordfolder.RecordFolderService;
|
import org.alfresco.module.org_alfresco_module_rm.recordfolder.RecordFolderService;
|
||||||
@@ -76,7 +75,7 @@ public class CreateCapability extends DeclarativeCapability
|
|||||||
@Override
|
@Override
|
||||||
public int evaluate(NodeRef nodeRef)
|
public int evaluate(NodeRef nodeRef)
|
||||||
{
|
{
|
||||||
return evaluate(nodeRef, null, null);
|
return evaluate(nodeRef, null, null, null);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -85,9 +84,10 @@ public class CreateCapability extends DeclarativeCapability
|
|||||||
* @param destination destination node reference
|
* @param destination destination node reference
|
||||||
* @param linkee linkee node reference, can be null
|
* @param linkee linkee node reference, can be null
|
||||||
* @param assocType association type, can be null
|
* @param assocType association type, can be null
|
||||||
|
* @param recordType record type, can be null
|
||||||
* @return
|
* @return
|
||||||
*/
|
*/
|
||||||
public int evaluate(NodeRef destination, NodeRef linkee, QName assocType)
|
public int evaluate(NodeRef destination, NodeRef linkee, QName assocType, QName recordType)
|
||||||
{
|
{
|
||||||
if (linkee != null)
|
if (linkee != null)
|
||||||
{
|
{
|
||||||
@@ -105,7 +105,7 @@ public class CreateCapability extends DeclarativeCapability
|
|||||||
{
|
{
|
||||||
if (recordService.isRecord(destination) &&
|
if (recordService.isRecord(destination) &&
|
||||||
!recordService.isDeclared(destination) &&
|
!recordService.isDeclared(destination) &&
|
||||||
permissionService.hasPermission(destination, RMPermissionModel.FILE_RECORDS) == AccessStatus.ALLOWED)
|
permissionService.hasPermission(destination, FILE_RECORDS) == AccessStatus.ALLOWED)
|
||||||
{
|
{
|
||||||
return AccessDecisionVoter.ACCESS_GRANTED;
|
return AccessDecisionVoter.ACCESS_GRANTED;
|
||||||
}
|
}
|
||||||
@@ -115,7 +115,7 @@ public class CreateCapability extends DeclarativeCapability
|
|||||||
if (recordService.isRecord(linkee) &&
|
if (recordService.isRecord(linkee) &&
|
||||||
recordService.isRecord(destination) &&
|
recordService.isRecord(destination) &&
|
||||||
!recordService.isDeclared(destination) &&
|
!recordService.isDeclared(destination) &&
|
||||||
permissionService.hasPermission(destination, RMPermissionModel.FILE_RECORDS) == AccessStatus.ALLOWED)
|
permissionService.hasPermission(destination, FILE_RECORDS) == AccessStatus.ALLOWED)
|
||||||
{
|
{
|
||||||
return AccessDecisionVoter.ACCESS_GRANTED;
|
return AccessDecisionVoter.ACCESS_GRANTED;
|
||||||
}
|
}
|
||||||
@@ -132,14 +132,15 @@ public class CreateCapability extends DeclarativeCapability
|
|||||||
|
|
||||||
// if the destination folder is not a record folder and the user has filling capability on it, grant access to create the record
|
// if the destination folder is not a record folder and the user has filling capability on it, grant access to create the record
|
||||||
if (checkConditions(destination, conditions) &&
|
if (checkConditions(destination, conditions) &&
|
||||||
!recordFolderService.isRecordFolder(destination) )
|
!recordFolderService.isRecordFolder(destination) &&
|
||||||
|
permissionService.hasPermission(destination, CREATE_MODIFY_DESTROY_FILEPLAN_METADATA) == AccessStatus.ALLOWED)
|
||||||
{
|
{
|
||||||
return AccessDecisionVoter.ACCESS_GRANTED;
|
return AccessDecisionVoter.ACCESS_GRANTED;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (checkConditions(destination, conditions) &&
|
if (checkConditions(destination, conditions) &&
|
||||||
recordFolderService.isRecordFolder(destination) &&
|
recordFolderService.isRecordFolder(destination) &&
|
||||||
permissionService.hasPermission(destination, RMPermissionModel.FILE_RECORDS) == AccessStatus.ALLOWED)
|
permissionService.hasPermission(destination, FILE_RECORDS) == AccessStatus.ALLOWED)
|
||||||
{
|
{
|
||||||
return AccessDecisionVoter.ACCESS_GRANTED;
|
return AccessDecisionVoter.ACCESS_GRANTED;
|
||||||
}
|
}
|
||||||
@@ -147,7 +148,7 @@ public class CreateCapability extends DeclarativeCapability
|
|||||||
conditions.put("capabilityCondition.closed", Boolean.TRUE);
|
conditions.put("capabilityCondition.closed", Boolean.TRUE);
|
||||||
if (checkConditions(destination, conditions) &&
|
if (checkConditions(destination, conditions) &&
|
||||||
recordFolderService.isRecordFolder(destination) &&
|
recordFolderService.isRecordFolder(destination) &&
|
||||||
permissionService.hasPermission(getFilePlanService().getFilePlan(destination), RMPermissionModel.DECLARE_RECORDS_IN_CLOSED_FOLDERS) == AccessStatus.ALLOWED)
|
permissionService.hasPermission(getFilePlanService().getFilePlan(destination), DECLARE_RECORDS_IN_CLOSED_FOLDERS) == AccessStatus.ALLOWED)
|
||||||
{
|
{
|
||||||
return AccessDecisionVoter.ACCESS_GRANTED;
|
return AccessDecisionVoter.ACCESS_GRANTED;
|
||||||
}
|
}
|
||||||
@@ -156,32 +157,32 @@ public class CreateCapability extends DeclarativeCapability
|
|||||||
conditions.put("capabilityCondition.cutoff", Boolean.TRUE);
|
conditions.put("capabilityCondition.cutoff", Boolean.TRUE);
|
||||||
if (checkConditions(destination, conditions) &&
|
if (checkConditions(destination, conditions) &&
|
||||||
recordFolderService.isRecordFolder(destination) &&
|
recordFolderService.isRecordFolder(destination) &&
|
||||||
permissionService.hasPermission(getFilePlanService().getFilePlan(destination), RMPermissionModel.CREATE_MODIFY_RECORDS_IN_CUTOFF_FOLDERS) == AccessStatus.ALLOWED)
|
permissionService.hasPermission(getFilePlanService().getFilePlan(destination), CREATE_MODIFY_RECORDS_IN_CUTOFF_FOLDERS) == AccessStatus.ALLOWED)
|
||||||
{
|
{
|
||||||
return AccessDecisionVoter.ACCESS_GRANTED;
|
return AccessDecisionVoter.ACCESS_GRANTED;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (capabilityService.getCapability(RMPermissionModel.CREATE_MODIFY_DESTROY_FOLDERS).evaluate(destination) == AccessDecisionVoter.ACCESS_GRANTED)
|
if (null != recordType && recordType.equals(TYPE_RECORD_FOLDER) && capabilityService.getCapability(CREATE_MODIFY_DESTROY_FOLDERS).evaluate(destination) == AccessDecisionVoter.ACCESS_GRANTED)
|
||||||
{
|
{
|
||||||
return AccessDecisionVoter.ACCESS_GRANTED;
|
return AccessDecisionVoter.ACCESS_GRANTED;
|
||||||
}
|
}
|
||||||
if (capabilityService.getCapability(RMPermissionModel.DECLARE_RECORDS_IN_CLOSED_FOLDERS).evaluate(destination) == AccessDecisionVoter.ACCESS_GRANTED)
|
if (capabilityService.getCapability(DECLARE_RECORDS_IN_CLOSED_FOLDERS).evaluate(destination) == AccessDecisionVoter.ACCESS_GRANTED)
|
||||||
{
|
{
|
||||||
return AccessDecisionVoter.ACCESS_GRANTED;
|
return AccessDecisionVoter.ACCESS_GRANTED;
|
||||||
}
|
}
|
||||||
if (capabilityService.getCapability(RMPermissionModel.CREATE_MODIFY_RECORDS_IN_CUTOFF_FOLDERS).evaluate(destination) == AccessDecisionVoter.ACCESS_GRANTED)
|
if (capabilityService.getCapability(CREATE_MODIFY_RECORDS_IN_CUTOFF_FOLDERS).evaluate(destination) == AccessDecisionVoter.ACCESS_GRANTED)
|
||||||
{
|
{
|
||||||
return AccessDecisionVoter.ACCESS_GRANTED;
|
return AccessDecisionVoter.ACCESS_GRANTED;
|
||||||
}
|
}
|
||||||
if (capabilityService.getCapability(RMPermissionModel.CREATE_MODIFY_DESTROY_FILEPLAN_METADATA).evaluate(destination) == AccessDecisionVoter.ACCESS_GRANTED)
|
if (capabilityService.getCapability(CREATE_MODIFY_DESTROY_FILEPLAN_METADATA).evaluate(destination) == AccessDecisionVoter.ACCESS_GRANTED)
|
||||||
{
|
{
|
||||||
return AccessDecisionVoter.ACCESS_GRANTED;
|
return AccessDecisionVoter.ACCESS_GRANTED;
|
||||||
}
|
}
|
||||||
if (capabilityService.getCapability(RMPermissionModel.CREATE_HOLD).evaluate(destination) == AccessDecisionVoter.ACCESS_GRANTED)
|
if (capabilityService.getCapability(CREATE_HOLD).evaluate(destination) == AccessDecisionVoter.ACCESS_GRANTED)
|
||||||
{
|
{
|
||||||
return AccessDecisionVoter.ACCESS_GRANTED;
|
return AccessDecisionVoter.ACCESS_GRANTED;
|
||||||
}
|
}
|
||||||
if (((ChangeOrDeleteReferencesCapability)capabilityService.getCapability(RMPermissionModel.CHANGE_OR_DELETE_REFERENCES)).evaluate(destination, linkee) == AccessDecisionVoter.ACCESS_GRANTED)
|
if (((ChangeOrDeleteReferencesCapability)capabilityService.getCapability(CHANGE_OR_DELETE_REFERENCES)).evaluate(destination, linkee) == AccessDecisionVoter.ACCESS_GRANTED)
|
||||||
{
|
{
|
||||||
return AccessDecisionVoter.ACCESS_GRANTED;
|
return AccessDecisionVoter.ACCESS_GRANTED;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -28,6 +28,7 @@
|
|||||||
package org.alfresco.module.org_alfresco_module_rm.capability.policy;
|
package org.alfresco.module.org_alfresco_module_rm.capability.policy;
|
||||||
|
|
||||||
import org.alfresco.module.org_alfresco_module_rm.capability.impl.CreateCapability;
|
import org.alfresco.module.org_alfresco_module_rm.capability.impl.CreateCapability;
|
||||||
|
import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
|
||||||
import org.alfresco.service.cmr.repository.NodeRef;
|
import org.alfresco.service.cmr.repository.NodeRef;
|
||||||
import org.alfresco.service.namespace.QName;
|
import org.alfresco.service.namespace.QName;
|
||||||
import org.aopalliance.intercept.MethodInvocation;
|
import org.aopalliance.intercept.MethodInvocation;
|
||||||
@@ -42,10 +43,18 @@ public class CreatePolicy extends AbstractBasePolicy
|
|||||||
{
|
{
|
||||||
NodeRef linkee = null;
|
NodeRef linkee = null;
|
||||||
QName assocType = null;
|
QName assocType = null;
|
||||||
|
QName recordType = null;
|
||||||
|
|
||||||
// get the destination node
|
// get the destination node
|
||||||
NodeRef destination = getTestNode(invocation, params, cad.getParameters().get(0), cad.isParent());
|
NodeRef destination = getTestNode(invocation, params, cad.getParameters().get(0), cad.isParent());
|
||||||
|
|
||||||
|
//get the recordType
|
||||||
|
for (Object qname : invocation.getArguments()) {
|
||||||
|
if (qname != null && (qname.equals(RecordsManagementModel.TYPE_RECORD_FOLDER) || qname.equals(RecordsManagementModel.TYPE_RECORD_CATEGORY))) {
|
||||||
|
recordType = (QName) qname;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (cad.getParameters().size() > 1)
|
if (cad.getParameters().size() > 1)
|
||||||
{
|
{
|
||||||
// get the linkee when present
|
// get the linkee when present
|
||||||
@@ -58,7 +67,7 @@ public class CreatePolicy extends AbstractBasePolicy
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return ((CreateCapability) getCapabilityService().getCapability("Create")).evaluate(destination, linkee, assocType);
|
return ((CreateCapability) getCapabilityService().getCapability("Create")).evaluate(destination, linkee, assocType, recordType);
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -180,6 +180,7 @@ public class CreateRecordTest extends BaseRMTestCase
|
|||||||
Set<Capability> capabilities = new HashSet<>(2);
|
Set<Capability> capabilities = new HashSet<>(2);
|
||||||
capabilities.add(capabilityService.getCapability("ViewRecords"));
|
capabilities.add(capabilityService.getCapability("ViewRecords"));
|
||||||
capabilities.add(capabilityService.getCapability("CreateRecords"));
|
capabilities.add(capabilityService.getCapability("CreateRecords"));
|
||||||
|
capabilities.add(capabilityService.getCapability("CreateModifyDestroyFileplanMetadata"));
|
||||||
filePlanRoleService.createRole(filePlan, roleName, roleName, capabilities);
|
filePlanRoleService.createRole(filePlan, roleName, roleName, capabilities);
|
||||||
|
|
||||||
|
|
||||||
@@ -189,6 +190,7 @@ public class CreateRecordTest extends BaseRMTestCase
|
|||||||
|
|
||||||
//give read and file permission to user on unfiled records container
|
//give read and file permission to user on unfiled records container
|
||||||
filePlanPermissionService.setPermission(unfiledContainer , user, RMPermissionModel.FILING);
|
filePlanPermissionService.setPermission(unfiledContainer , user, RMPermissionModel.FILING);
|
||||||
|
filePlanPermissionService.setPermission(unfiledContainer , user, RMPermissionModel.CREATE_MODIFY_DESTROY_FILEPLAN_METADATA);
|
||||||
}
|
}
|
||||||
|
|
||||||
public void when()
|
public void when()
|
||||||
|
|||||||
Reference in New Issue
Block a user