Merged V1.3 to HEAD (3325:3411)

svn merge svn://www.alfresco.org:3691/alfresco/BRANCHES/V1.3@3325 svn://www.alfresco.org:3691/alfresco/BRANCHES/V1.3@3334 . svn merge svn://www.alfresco.org:3691/alfresco/BRANCHES/V1.3@3334 svn://www.alfresco.org:3691/alfresco/BRANCHES/V1.3@3411 . git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@3412 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-07-24 17:32:48 +00:00 · 2006-07-26 11:30:27 +00:00
parent dcb735c5e3
commit 0c3112b44c
5 changed files with 207 additions and 4 deletions
--- a/source/java/org/alfresco/repo/security/permissions/dynamic/LockOwnerDynamicAuthority.java
+++ b/source/java/org/alfresco/repo/security/permissions/dynamic/LockOwnerDynamicAuthority.java
@@ -16,10 +16,13 @@
 */
 package org.alfresco.repo.security.permissions.dynamic;

+import org.alfresco.model.ContentModel;
 import org.alfresco.repo.security.permissions.DynamicAuthority;
 import org.alfresco.service.cmr.lock.LockService;
 import org.alfresco.service.cmr.lock.LockStatus;
 import org.alfresco.service.cmr.repository.NodeRef;
+import org.alfresco.service.cmr.repository.NodeService;
+import org.alfresco.service.cmr.repository.datatype.DefaultTypeConverter;
 import org.alfresco.service.cmr.security.PermissionService;
 import org.springframework.beans.factory.InitializingBean;

@@ -28,6 +31,9 @@ public class LockOwnerDynamicAuthority implements DynamicAuthority, Initializing
 {
    
    private LockService lockService;
+    
+    private NodeService nodeService;
+    

    public LockOwnerDynamicAuthority()
    {
@@ -36,7 +42,19 @@ public class LockOwnerDynamicAuthority implements DynamicAuthority, Initializing

    public boolean hasAuthority(NodeRef nodeRef, String userName)
    {
-        return lockService.getLockStatus(nodeRef) == LockStatus.LOCK_OWNER;
+        if(lockService.getLockStatus(nodeRef) == LockStatus.LOCK_OWNER)
+        {
+            return true;
+        }
+        if(nodeService.hasAspect(nodeRef, ContentModel.ASPECT_WORKING_COPY))
+        {
+            NodeRef originial =  DefaultTypeConverter.INSTANCE.convert(NodeRef.class, nodeService.getProperty(nodeRef, ContentModel.PROP_COPY_REFERENCE));
+            return  (lockService.getLockStatus(originial) == LockStatus.LOCK_OWNER);
+        }
+        else
+        {
+            return false;
+        }
    }

    public String getAuthority()
@@ -48,7 +66,11 @@ public class LockOwnerDynamicAuthority implements DynamicAuthority, Initializing
    {
        if(lockService == null)
        {
-            throw new IllegalStateException("A lock service must be set");
+            throw new IllegalStateException("The LockService must be set");
+        }
+        if(nodeService == null)
+        {
+            throw new IllegalStateException("The NodeService service must be set");
        }
        
    }
@@ -58,6 +80,12 @@ public class LockOwnerDynamicAuthority implements DynamicAuthority, Initializing
        this.lockService = lockService;
    }
    
+
+    public void setNodeService(NodeService nodeService)
+    {
+        this.nodeService = nodeService;
+    }
+    
    

 }
--- a/source/java/org/alfresco/repo/security/permissions/dynamic/LockOwnerDynamicAuthorityTest.java
+++ b/source/java/org/alfresco/repo/security/permissions/dynamic/LockOwnerDynamicAuthorityTest.java
@@ -24,6 +24,7 @@ import org.alfresco.model.ContentModel;
 import org.alfresco.repo.security.authentication.AuthenticationComponent;
 import org.alfresco.repo.security.authentication.MutableAuthenticationDao;
 import org.alfresco.service.ServiceRegistry;
+import org.alfresco.service.cmr.coci.CheckOutCheckInService;
 import org.alfresco.service.cmr.lock.LockService;
 import org.alfresco.service.cmr.lock.LockStatus;
 import org.alfresco.service.cmr.lock.LockType;
@@ -32,6 +33,7 @@ import org.alfresco.service.cmr.repository.NodeService;
 import org.alfresco.service.cmr.repository.StoreRef;
 import org.alfresco.service.cmr.security.AccessStatus;
 import org.alfresco.service.cmr.security.AuthenticationService;
+import org.alfresco.service.cmr.security.OwnableService;
 import org.alfresco.service.cmr.security.PermissionService;
 import org.alfresco.service.transaction.TransactionService;
 import org.alfresco.util.ApplicationContextHelper;
@@ -59,6 +61,10 @@ public class LockOwnerDynamicAuthorityTest extends TestCase

    private LockOwnerDynamicAuthority dynamicAuthority;

+    private CheckOutCheckInService checkOutCheckInService;
+    
+    private OwnableService ownableService;
+    
    public LockOwnerDynamicAuthorityTest()
    {
        super();
@@ -77,7 +83,9 @@ public class LockOwnerDynamicAuthorityTest extends TestCase
        lockService = (LockService) ctx.getBean("lockService");
        permissionService = (PermissionService) ctx.getBean("permissionService");
        authenticationDAO = (MutableAuthenticationDao) ctx.getBean("alfDaoImpl");
-
+        checkOutCheckInService = (CheckOutCheckInService) ctx.getBean("checkOutCheckInService");
+        ownableService = (OwnableService) ctx.getBean("ownableService");
+        
        authenticationComponent.setCurrentUser(authenticationComponent.getSystemUserName());

        TransactionService transactionService = (TransactionService) ctx.getBean(ServiceRegistry.TRANSACTION_SERVICE
@@ -150,7 +158,6 @@ public class LockOwnerDynamicAuthorityTest extends TestCase
        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(rootNodeRef, PermissionService.CHECK_OUT));
        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(rootNodeRef, PermissionService.CHECK_IN));
        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(rootNodeRef, PermissionService.CANCEL_CHECK_OUT));
-
    }
    
    public void testPermissionWithLockAspect()
@@ -212,5 +219,166 @@ public class LockOwnerDynamicAuthorityTest extends TestCase
        
    }

+    public void testCheckOutCheckInAuthorities()
+    {
+        permissionService.setPermission(rootNodeRef, "andy", PermissionService.ALL_PERMISSIONS, true);
+        permissionService.setPermission(rootNodeRef, "lemur", PermissionService.CHECK_OUT, true);
+        permissionService.setPermission(rootNodeRef, "lemur", PermissionService.WRITE, true);
+        permissionService.setPermission(rootNodeRef, "lemur", PermissionService.READ, true);
+        permissionService.setPermission(rootNodeRef, "frog", PermissionService.CHECK_OUT, true);
+        permissionService.setPermission(rootNodeRef, "frog", PermissionService.WRITE, true);
+        permissionService.setPermission(rootNodeRef, "frog", PermissionService.READ, true);
+
+        authenticationService.authenticate("andy", "andy".toCharArray());
+        NodeRef testNode = nodeService.createNode(rootNodeRef, ContentModel.ASSOC_CHILDREN, ContentModel.TYPE_PERSON,
+                ContentModel.TYPE_CMOBJECT, null).getChildRef();
+        permissionService.setPermission(rootNodeRef, "andy", PermissionService.ALL_PERMISSIONS, false);
+
+     
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(testNode,
+                PermissionService.LOCK));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(testNode,
+                PermissionService.UNLOCK));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(testNode, PermissionService.CHECK_OUT));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(testNode, PermissionService.CHECK_IN));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(testNode, PermissionService.CANCEL_CHECK_OUT));
+        
+        authenticationService.authenticate("lemur", "lemur".toCharArray());
+        
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(testNode,
+                PermissionService.LOCK));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(testNode,
+                PermissionService.UNLOCK));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(testNode, PermissionService.CHECK_OUT));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(testNode, PermissionService.CHECK_IN));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(testNode, PermissionService.CANCEL_CHECK_OUT));
+        
+        authenticationService.authenticate("frog", "frog".toCharArray());
+        
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(testNode,
+                PermissionService.LOCK));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(testNode,
+                PermissionService.UNLOCK));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(testNode, PermissionService.CHECK_OUT));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(testNode, PermissionService.CHECK_IN));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(testNode, PermissionService.CANCEL_CHECK_OUT));
+        
+        // Check out as frog
+        NodeRef workingCopy = checkOutCheckInService.checkout(testNode);
+        
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(testNode,
+                PermissionService.LOCK));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(testNode,
+                PermissionService.UNLOCK));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(testNode, PermissionService.CHECK_OUT));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(testNode, PermissionService.CHECK_IN));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(testNode, PermissionService.CANCEL_CHECK_OUT));
+        
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(workingCopy,
+                PermissionService.LOCK));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(workingCopy,
+                PermissionService.UNLOCK));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(workingCopy, PermissionService.CHECK_OUT));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(workingCopy, PermissionService.CHECK_IN));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(workingCopy, PermissionService.CANCEL_CHECK_OUT));
+     
+        authenticationService.authenticate("lemur", "lemur".toCharArray());
+        
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(testNode,
+                PermissionService.LOCK));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(testNode,
+                PermissionService.UNLOCK));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(testNode, PermissionService.CHECK_OUT));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(testNode, PermissionService.CHECK_IN));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(testNode, PermissionService.CANCEL_CHECK_OUT));
+        
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(workingCopy,
+                PermissionService.LOCK));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(workingCopy,
+                PermissionService.UNLOCK));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(workingCopy, PermissionService.CHECK_OUT));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(workingCopy, PermissionService.CHECK_IN));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(workingCopy, PermissionService.CANCEL_CHECK_OUT));
+        
+     
+        // set owner ...frog only has permissions of dynamic lock owner in wc and sourec
+        authenticationService.authenticate("frog", "frog".toCharArray());
+        ownableService.setOwner(workingCopy, "lemur");
+        
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(testNode,
+                PermissionService.LOCK));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(testNode,
+                PermissionService.UNLOCK));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(testNode, PermissionService.CHECK_OUT));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(testNode, PermissionService.CHECK_IN));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(testNode, PermissionService.CANCEL_CHECK_OUT));
+        
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(workingCopy,
+                PermissionService.LOCK));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(workingCopy,
+                PermissionService.UNLOCK));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(workingCopy, PermissionService.CHECK_OUT));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(workingCopy, PermissionService.CHECK_IN));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(workingCopy, PermissionService.CANCEL_CHECK_OUT));
+        
+        // test the new owner..
+        authenticationService.authenticate("lemur", "lemur".toCharArray());
+        
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(testNode,
+                PermissionService.LOCK));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(testNode,
+                PermissionService.UNLOCK));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(testNode, PermissionService.CHECK_OUT));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(testNode, PermissionService.CHECK_IN));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(testNode, PermissionService.CANCEL_CHECK_OUT));
+        
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(workingCopy,
+                PermissionService.LOCK));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(workingCopy,
+                PermissionService.UNLOCK));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(workingCopy, PermissionService.CHECK_OUT));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(workingCopy, PermissionService.CHECK_IN));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(workingCopy, PermissionService.CANCEL_CHECK_OUT));
+        
+        authenticationService.authenticate("frog", "frog".toCharArray());
+        checkOutCheckInService.cancelCheckout(workingCopy);
+        
+        authenticationService.authenticate("andy", "andy".toCharArray());
+        
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(testNode,
+                PermissionService.LOCK));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(testNode,
+                PermissionService.UNLOCK));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(testNode, PermissionService.CHECK_OUT));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(testNode, PermissionService.CHECK_IN));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(testNode, PermissionService.CANCEL_CHECK_OUT));
+        
+        authenticationService.authenticate("lemur", "lemur".toCharArray());
+        
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(testNode,
+                PermissionService.LOCK));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(testNode,
+                PermissionService.UNLOCK));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(testNode, PermissionService.CHECK_OUT));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(testNode, PermissionService.CHECK_IN));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(testNode, PermissionService.CANCEL_CHECK_OUT));
+        
+        authenticationService.authenticate("frog", "frog".toCharArray());
+        
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(testNode,
+                PermissionService.LOCK));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(testNode,
+                PermissionService.UNLOCK));
+        assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(testNode, PermissionService.CHECK_OUT));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(testNode, PermissionService.CHECK_IN));
+        assertEquals(AccessStatus.DENIED, permissionService.hasPermission(testNode, PermissionService.CANCEL_CHECK_OUT));
+       
+        
+        authenticationService.authenticate("frog", "frog".toCharArray());
+        workingCopy = checkOutCheckInService.checkout(testNode);
+        ownableService.setOwner(workingCopy, "lemur");
+        checkOutCheckInService.checkin(workingCopy, null);
+        
+    }
   
 }