Merged HEAD-BUG-FIX (5.0/Cloud) to HEAD (5.0/Cloud)

78403: Merged EOL (5.0/Cloud) to HEAD-BUG-FIX (5.0/Cloud)
      75700: ACE-2149: EOL AVM / WCM
       - Remove most of the AVM and WCM beans, scripts, classes, patches, etc
       - The Explorer client is very broken for compilation
         - TODO: Remove all WCM-related functionality, which I thought would be best left to a UI dev
                 I've murdered many of the classes and beans but there's more to do
       - The repository compiles
         TODO: Get it running again
       - TODO: Check if we can wipe the 'deployment' project as well


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@82540 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261

source/java/org/alfresco/repo/security/permissions/impl/PermissionServiceImpl.java

@@ -31,8 +31,6 @@ import net.sf.acegisecurity.GrantedAuthority;
 import net.sf.acegisecurity.providers.dao.User;
 
 import org.alfresco.model.ContentModel;
-import org.alfresco.repo.avm.AVMNodeConverter;
-//import org.alfresco.repo.avm.AVMRepository;
 import org.alfresco.repo.cache.SimpleCache;
 import org.alfresco.repo.domain.permissions.AclDAO;
 import org.alfresco.repo.policy.JavaBehaviour;
@@ -479,12 +477,6 @@ public class PermissionServiceImpl extends AbstractLifecycleBean implements Perm
             return AccessStatus.DENIED;
         }
 
-        // AVM nodes - test for existence underneath
-        if (passedNodeRef.getStoreRef().getProtocol().equals(StoreRef.PROTOCOL_AVM))
-        {
-            return doAvmCan(passedNodeRef, permIn);
-        }
-        
         // Note: if we're directly accessing a frozen state (version) node (ie. in the 'version' store) we need to check permissions for the versioned node (ie. in the 'live' store)
         if (isVersionNodeRef(passedNodeRef))
         {
@@ -611,36 +603,16 @@ public class PermissionServiceImpl extends AbstractLifecycleBean implements Perm
 
     }
 
-    private AccessStatus doAvmCan(NodeRef nodeRef, PermissionReference permission)
-    {
-        /* Sparta: remove WCM/AVM
-        org.alfresco.util.Pair<Integer, String> avmVersionPath = AVMNodeConverter.ToAVMVersionPath(nodeRef);
-        int version = avmVersionPath.getFirst();
-        String path = avmVersionPath.getSecond();
-        boolean result = AVMRepository.GetInstance().can(nodeRef.getStoreRef().getIdentifier(), version, path, permission.getName());
-        AccessStatus status = result ? AccessStatus.ALLOWED : AccessStatus.DENIED;
-        return status;
-        */
-        return AccessStatus.DENIED;
-    }
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see org.alfresco.service.cmr.security.PermissionService#hasPermission(java.lang.Long, java.lang.String,
-     *      java.lang.String)
-     */
     public AccessStatus hasPermission(Long aclID, PermissionContext context, String permission)
     {
         return hasPermission(aclID, context, getPermissionReference(permission));
     }
 
-   
     protected AccessStatus hasPermission(Long aclId, PermissionContext context, PermissionReference permission)
     {
         if (aclId == null)
         {
-            // Enforce store ACLs if set - the AVM default was to "allow" if there are no permissions set ...
+            // Enforce store ACLs if set
             if (context.getStoreAcl() == null)
             {
                 return AccessStatus.ALLOWED;

source/java/org/alfresco/repo/security/permissions/impl/acegi/ACLEntryVoter.java

@@ -574,29 +574,24 @@ public class ACLEntryVoter implements AccessDecisionVoter, InitializingBean
                 // now we know the node - we can abstain for certain types and aspects (eg. RM)
                 if(abstainForClassQNames.size() > 0)
                 {
-                    // For AVM we can not get type and aspect without going through internal AVM security checks
-                    // AVM is never excluded
-                    if(!testNodeRef.getStoreRef().getProtocol().equals(StoreRef.PROTOCOL_AVM))
+                    // check node exists
+                    if (nodeService.exists(testNodeRef))
                     {
-                        // check node exists (note: for AVM deleted nodes, will skip the abstain check, since exists/getType is accessed via AVMNodeService)
-                        if (nodeService.exists(testNodeRef))
+                        QName typeQName = nodeService.getType(testNodeRef);
+                        if(abstainForClassQNames.contains(typeQName))
                         {
-                            QName typeQName = nodeService.getType(testNodeRef);
-                            if(abstainForClassQNames.contains(typeQName))
+                            return AccessDecisionVoter.ACCESS_ABSTAIN;
+                        }
+                       
+                        Set<QName> aspectQNames = nodeService.getAspects(testNodeRef);
+                        for(QName abstain : abstainForClassQNames)
+                        {
+                            if(aspectQNames.contains(abstain))
                             {
                                 return AccessDecisionVoter.ACCESS_ABSTAIN;
                             }
-                           
-                            Set<QName> aspectQNames = nodeService.getAspects(testNodeRef);
-                            for(QName abstain : abstainForClassQNames)
-                            {
-                                if(aspectQNames.contains(abstain))
-                                {
-                                    return AccessDecisionVoter.ACCESS_ABSTAIN;
-                                }
-                            }
                         }
-                   }
+                    }
                 }
                 
                 if (log.isDebugEnabled())