diff --git a/rm-server/config/alfresco/module/org_alfresco_module_rm/module.properties b/rm-server/config/alfresco/module/org_alfresco_module_rm/module.properties
index 22b955cd83..8f76b05392 100644
--- a/rm-server/config/alfresco/module/org_alfresco_module_rm/module.properties
+++ b/rm-server/config/alfresco/module/org_alfresco_module_rm/module.properties
@@ -6,6 +6,6 @@ module.aliases=org_alfresco_module_dod5015
module.title=Records Management
module.description=Alfresco Record Management Extension
-module.version=2.0.1
+module.version=2.1
module.repo.version.min=4.0.2
\ No newline at end of file
diff --git a/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-patch-context.xml b/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-patch-context.xml
index 8c0dd0e455..88b15c0626 100644
--- a/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-patch-context.xml
+++ b/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-patch-context.xml
@@ -31,5 +31,19 @@
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-service-context.xml b/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-service-context.xml
index 2977a419c1..5e8913befb 100644
--- a/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-service-context.xml
+++ b/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-service-context.xml
@@ -482,6 +482,7 @@
org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService.updateRole=RM_ALLOW
org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService.deleteRole=RM_ALLOW
org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService.assignRoleToAuthority=RM_ALLOW
+ org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService.getAllRolesContainerGroup=RM_ALLOW
org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService.*=RM_DENY
]]>
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/RMv21InPlacePatch.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/RMv21InPlacePatch.java
new file mode 100644
index 0000000000..7920fd6caa
--- /dev/null
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/RMv21InPlacePatch.java
@@ -0,0 +1,168 @@
+/*
+ * Copyright (C) 2005-2011 Alfresco Software Limited.
+ *
+ * This file is part of Alfresco
+ *
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see .
+ */
+package org.alfresco.module.org_alfresco_module_rm.patch;
+
+import java.io.Serializable;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import org.alfresco.model.ContentModel;
+import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService;
+import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
+import org.alfresco.module.org_alfresco_module_rm.dod5015.DOD5015Model;
+import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
+import org.alfresco.module.org_alfresco_module_rm.security.ExtendedReaderDynamicAuthority;
+import org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService;
+import org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityServiceImpl;
+import org.alfresco.repo.module.AbstractModuleComponent;
+import org.alfresco.service.cmr.repository.NodeRef;
+import org.alfresco.service.cmr.repository.NodeService;
+import org.alfresco.service.cmr.security.PermissionService;
+import org.alfresco.service.namespace.QName;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.springframework.beans.factory.BeanNameAware;
+
+/**
+ * RM v2.1 patch to support InPlace functional updates
+ *
+ * @author Roy Wetherall
+ * @since 2.1
+ */
+public class RMv21InPlacePatch extends AbstractModuleComponent
+ implements BeanNameAware, RecordsManagementModel, DOD5015Model
+{
+ /** Logger */
+ private static Log logger = LogFactory.getLog(RMv21InPlacePatch.class);
+
+ /** Node service */
+ private NodeService nodeService;
+
+ /** Permission service */
+ private PermissionService permissionService;
+
+ /** Records management service */
+ private RecordsManagementService recordsManagementService;
+
+ /** Records management security service */
+ private RecordsManagementSecurityService recordsManagementSecurityService;
+
+ /**
+ * @param nodeService node service
+ */
+ public void setNodeService(NodeService nodeService)
+ {
+ this.nodeService = nodeService;
+ }
+
+ /**
+ * @param permissionService permission service
+ */
+ public void setPermissionService(PermissionService permissionService)
+ {
+ this.permissionService = permissionService;
+ }
+
+ /**
+ * @param recordsManagementService records management service
+ */
+ public void setRecordsManagementService(RecordsManagementService recordsManagementService)
+ {
+ this.recordsManagementService = recordsManagementService;
+ }
+
+ /**
+ * @param recordsManagementSecurityService records management security service
+ */
+ public void setRecordsManagementSecurityService(RecordsManagementSecurityService recordsManagementSecurityService)
+ {
+ this.recordsManagementSecurityService = recordsManagementSecurityService;
+ }
+
+ /**
+ * @see org.alfresco.repo.module.AbstractModuleComponent#executeInternal()
+ */
+ @Override
+ protected void executeInternal() throws Throwable
+ {
+ if (logger.isDebugEnabled() == true)
+ {
+ logger.debug("RM module: RMv21InPlacePatch executing ...");
+ }
+
+ List filePlans = recordsManagementService.getFilePlans();
+
+ if (logger.isDebugEnabled() == true)
+ {
+ logger.debug(" ... updating " + filePlans.size() + " file plans");
+ }
+
+ for (NodeRef filePlan : filePlans)
+ {
+ if (logger.isDebugEnabled() == true)
+ {
+ logger.debug(" ... updating file plan " + filePlan.toString());
+ }
+
+ // set permissions
+ recordsManagementSecurityService.setPermission(filePlan, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.READ_RECORDS);
+ permissionService.setPermission(filePlan, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.VIEW_RECORDS, true);
+
+ // create unfiled container
+ createUnfiledContainer(filePlan);
+ }
+
+ if (logger.isDebugEnabled() == true)
+ {
+ logger.debug(" ... complete");
+ }
+ }
+
+ /**
+ * TODO .. this should really be moved to a service call ... should be on the FilPlanService?
+ */
+ private NodeRef createUnfiledContainer(NodeRef filePlan)
+ {
+ String allRoles = recordsManagementSecurityService.getAllRolesContainerGroup(filePlan);
+
+ // create the properties map
+ Map properties = new HashMap(1);
+ properties.put(ContentModel.PROP_NAME, RecordsManagementSecurityServiceImpl.NAME_UNFILED_CONTAINER);
+
+ // create the unfiled container
+ NodeRef container = nodeService.createNode(
+ filePlan,
+ ASSOC_UNFILED_RECORDS,
+ QName.createQName(RM_URI, RecordsManagementSecurityServiceImpl.NAME_UNFILED_CONTAINER),
+ TYPE_UNFILED_RECORD_CONTAINER,
+ properties).getChildRef();
+
+ // set inheritance to false
+ permissionService.setInheritParentPermissions(container, false);
+ permissionService.setPermission(container, allRoles, RMPermissionModel.READ_RECORDS, true);
+ permissionService.setPermission(container, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.READ_RECORDS, true);
+
+ // TODO set the admin users to have filing permissions on the unfiled container!!!
+ // TODO we will need to be able to get a list of the admin roles from the service
+
+ return container;
+ }
+
+}
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityService.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityService.java
index e5c2dade7f..952faca337 100644
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityService.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityService.java
@@ -39,6 +39,15 @@ public interface RecordsManagementSecurityService
*/
void bootstrapDefaultRoles(NodeRef rmRootNode);
+ /**
+ * Returns the name of the container group for all roles of a specified file
+ * plan.
+ *
+ * @param filePlan file plan node reference
+ * @return String group name
+ */
+ String getAllRolesContainerGroup(NodeRef filePlan);
+
/**
* Get all the available roles for the given records management root node
*
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityServiceImpl.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityServiceImpl.java
index ee40f1a1a5..43cf909c56 100644
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityServiceImpl.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityServiceImpl.java
@@ -94,7 +94,7 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
public static final String RM_ROLE_ZONE_PREFIX = "rmRoleZone";
/** Unfiled record container name */
- private static final String NAME_UNFILED_CONTAINER = "Unfiled Records";
+ public static final String NAME_UNFILED_CONTAINER = "Unfiled Records";
/** Logger */
private static Log logger = LogFactory.getLog(RecordsManagementSecurityServiceImpl.class);
@@ -787,6 +787,15 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
}
}, AuthenticationUtil.getSystemUserName());
}
+
+ /**
+ * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getAllRolesContainerGroup(org.alfresco.service.cmr.repository.NodeRef)
+ */
+ @Override
+ public String getAllRolesContainerGroup(NodeRef filePlan)
+ {
+ return authorityService.getName(AuthorityType.GROUP, getAllRolesGroupShortName(filePlan));
+ }
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#updateRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String, java.util.Set)
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/Role.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/Role.java
index cfa6cfaffc..816f2505f3 100644
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/Role.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/Role.java
@@ -29,9 +29,16 @@ import org.alfresco.module.org_alfresco_module_rm.capability.Capability;
*/
public class Role
{
+ /** Role name */
private String name;
+
+ /** Role label */
private String displayLabel;
+
+ /** Role capabilities */
private Set capabilities;
+
+ /** Role group name */
private String roleGroupName;
/**
diff --git a/rm-server/source/java/org/alfresco/repo/security/permissions/impl/RMPermissionServiceImpl.java b/rm-server/source/java/org/alfresco/repo/security/permissions/impl/RMPermissionServiceImpl.java
index 4b25a60aab..21649f23bc 100644
--- a/rm-server/source/java/org/alfresco/repo/security/permissions/impl/RMPermissionServiceImpl.java
+++ b/rm-server/source/java/org/alfresco/repo/security/permissions/impl/RMPermissionServiceImpl.java
@@ -25,7 +25,6 @@ import java.util.Set;
import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
import org.alfresco.repo.security.permissions.AccessControlEntry;
import org.alfresco.repo.security.permissions.AccessControlList;
-import org.alfresco.repo.security.permissions.PermissionReference;
import org.alfresco.service.cmr.security.PermissionService;
/**