RM-559: 2.0.1 -> 2.1 unfiled records patch

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@44438 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/RMv21InPlacePatch.java

@@ -0,0 +1,168 @@
+/*
+ * Copyright (C) 2005-2011 Alfresco Software Limited.
+ *
+ * This file is part of Alfresco
+ *
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
+ */
+package org.alfresco.module.org_alfresco_module_rm.patch;
+
+import java.io.Serializable;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import org.alfresco.model.ContentModel;
+import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService;
+import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
+import org.alfresco.module.org_alfresco_module_rm.dod5015.DOD5015Model;
+import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
+import org.alfresco.module.org_alfresco_module_rm.security.ExtendedReaderDynamicAuthority;
+import org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService;
+import org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityServiceImpl;
+import org.alfresco.repo.module.AbstractModuleComponent;
+import org.alfresco.service.cmr.repository.NodeRef;
+import org.alfresco.service.cmr.repository.NodeService;
+import org.alfresco.service.cmr.security.PermissionService;
+import org.alfresco.service.namespace.QName;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.springframework.beans.factory.BeanNameAware;
+
+/**
+ * RM v2.1 patch to support InPlace functional updates
+ * 
+ * @author Roy Wetherall
+ * @since 2.1
+ */
+public class RMv21InPlacePatch extends AbstractModuleComponent 
+                               implements BeanNameAware, RecordsManagementModel, DOD5015Model
+{
+    /** Logger */
+    private static Log logger = LogFactory.getLog(RMv21InPlacePatch.class);  
+    
+    /** Node service */
+    private NodeService nodeService;
+    
+    /** Permission service */
+    private PermissionService permissionService;
+    
+    /** Records management service */
+    private RecordsManagementService recordsManagementService;
+    
+    /** Records management security service */
+    private RecordsManagementSecurityService recordsManagementSecurityService;
+    
+    /**
+     * @param nodeService   node service
+     */
+    public void setNodeService(NodeService nodeService)
+    {
+        this.nodeService = nodeService;
+    }
+    
+    /**
+     * @param permissionService permission service
+     */
+    public void setPermissionService(PermissionService permissionService)
+    {
+        this.permissionService = permissionService;
+    }
+    
+    /**
+     * @param recordsManagementService  records management service
+     */
+    public void setRecordsManagementService(RecordsManagementService recordsManagementService)
+    {
+        this.recordsManagementService = recordsManagementService;
+    }
+    
+    /**
+     * @param recordsManagementSecurityService  records management security service
+     */
+    public void setRecordsManagementSecurityService(RecordsManagementSecurityService recordsManagementSecurityService)
+    {
+        this.recordsManagementSecurityService = recordsManagementSecurityService;
+    }
+    
+    /**
+     * @see org.alfresco.repo.module.AbstractModuleComponent#executeInternal()
+     */
+    @Override
+    protected void executeInternal() throws Throwable
+    {
+        if (logger.isDebugEnabled() == true)
+        {
+            logger.debug("RM module: RMv21InPlacePatch executing ...");
+        }
+        
+        List<NodeRef> filePlans = recordsManagementService.getFilePlans();
+        
+        if (logger.isDebugEnabled() == true)
+        {
+            logger.debug("  ... updating " + filePlans.size() + " file plans");
+        }
+        
+        for (NodeRef filePlan : filePlans)
+        {
+            if (logger.isDebugEnabled() == true)
+            {
+                logger.debug("  ... updating file plan " + filePlan.toString());
+            }
+            
+            // set permissions
+            recordsManagementSecurityService.setPermission(filePlan, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.READ_RECORDS);
+            permissionService.setPermission(filePlan, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.VIEW_RECORDS, true);
+            
+            // create unfiled container
+            createUnfiledContainer(filePlan);            
+        }
+        
+        if (logger.isDebugEnabled() == true)
+        {
+            logger.debug(" ... complete");
+        }
+    }   
+    
+    /**
+     * TODO .. this should really be moved to a service call ... should be on the FilPlanService?
+     */
+    private NodeRef createUnfiledContainer(NodeRef filePlan)
+    {
+        String allRoles = recordsManagementSecurityService.getAllRolesContainerGroup(filePlan);
+        
+        // create the properties map
+        Map<QName, Serializable> properties = new HashMap<QName, Serializable>(1);
+        properties.put(ContentModel.PROP_NAME, RecordsManagementSecurityServiceImpl.NAME_UNFILED_CONTAINER);
+
+        // create the unfiled container
+        NodeRef container = nodeService.createNode(
+                        filePlan,
+                        ASSOC_UNFILED_RECORDS,
+                        QName.createQName(RM_URI, RecordsManagementSecurityServiceImpl.NAME_UNFILED_CONTAINER),
+                        TYPE_UNFILED_RECORD_CONTAINER,
+                        properties).getChildRef();
+
+        // set inheritance to false
+        permissionService.setInheritParentPermissions(container, false);
+        permissionService.setPermission(container, allRoles, RMPermissionModel.READ_RECORDS, true);
+        permissionService.setPermission(container, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.READ_RECORDS, true);
+        
+        // TODO set the admin users to have filing permissions on the unfiled container!!!
+        // TODO we will need to be able to get a list of the admin roles from the service
+
+        return container;
+    }
+    
+}

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityService.java

@@ -39,6 +39,15 @@ public interface RecordsManagementSecurityService
      */
     void bootstrapDefaultRoles(NodeRef rmRootNode);
     
+    /**
+     * Returns the name of the container group for all roles of a specified file
+     * plan.
+     * 
+     * @param filePlan  file plan node reference
+     * @return String   group name
+     */
+    String getAllRolesContainerGroup(NodeRef filePlan);
+    
     /**
      * Get all the available roles for the given records management root node
      * 

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityServiceImpl.java

@@ -94,7 +94,7 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
     public static final String RM_ROLE_ZONE_PREFIX = "rmRoleZone";
 
     /** Unfiled record container name */
-    private static final String NAME_UNFILED_CONTAINER = "Unfiled Records";
+    public static final String NAME_UNFILED_CONTAINER = "Unfiled Records";
 
     /** Logger */
     private static Log logger = LogFactory.getLog(RecordsManagementSecurityServiceImpl.class);
@@ -787,6 +787,15 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
             }
         }, AuthenticationUtil.getSystemUserName());
     }
+    
+    /**
+     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getAllRolesContainerGroup(org.alfresco.service.cmr.repository.NodeRef)
+     */
+    @Override
+    public String getAllRolesContainerGroup(NodeRef filePlan)
+    {
+        return authorityService.getName(AuthorityType.GROUP, getAllRolesGroupShortName(filePlan));
+    }
 
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#updateRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String, java.util.Set)

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/Role.java

@@ -29,9 +29,16 @@ import org.alfresco.module.org_alfresco_module_rm.capability.Capability;
  */
 public class Role
 {
+    /** Role name */
     private String name;
+    
+    /** Role label */
     private String displayLabel;
+    
+    /** Role capabilities */
     private Set<Capability> capabilities;
+    
+    /** Role group name */
     private String roleGroupName;
 
     /**

rm-server/source/java/org/alfresco/repo/security/permissions/impl/RMPermissionServiceImpl.java

@@ -25,7 +25,6 @@ import java.util.Set;
 import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
 import org.alfresco.repo.security.permissions.AccessControlEntry;
 import org.alfresco.repo.security.permissions.AccessControlList;
-import org.alfresco.repo.security.permissions.PermissionReference;
 import org.alfresco.service.cmr.security.PermissionService;
 
 /**