From 375f1ca5578dd078505ea36477f12e3058c43378 Mon Sep 17 00:00:00 2001 From: Roy Wetherall Date: Thu, 18 Sep 2014 06:27:51 +0000 Subject: [PATCH] Transaction level cahcing of declarative capability evaluation git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/BRANCHES/V2.1.0.x@84421 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261 --- .../declarative/DeclarativeCapability.java | 55 ++++++++++++------- 1 file changed, 35 insertions(+), 20 deletions(-) diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/declarative/DeclarativeCapability.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/declarative/DeclarativeCapability.java index cfb35470e2..bb9cfc393c 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/declarative/DeclarativeCapability.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/declarative/DeclarativeCapability.java @@ -29,6 +29,8 @@ import org.alfresco.error.AlfrescoRuntimeException; import org.alfresco.module.org_alfresco_module_rm.capability.AbstractCapability; import org.alfresco.module.org_alfresco_module_rm.capability.Capability; import org.alfresco.module.org_alfresco_module_rm.fileplan.FilePlanComponentKind; +import org.alfresco.repo.security.authentication.AuthenticationUtil; +import org.alfresco.repo.transaction.TransactionalResourceHelper; import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.cmr.security.AccessStatus; import org.apache.commons.logging.Log; @@ -297,29 +299,42 @@ public class DeclarativeCapability extends AbstractCapability { int result = AccessDecisionVoter.ACCESS_ABSTAIN; - // Check we are dealing with a file plan component - if (filePlanService.isFilePlanComponent(nodeRef) == true) + // check transaction cache + Map map = TransactionalResourceHelper.getMap("rm.declarativeCapability"); + String key = getName() + "|" + nodeRef.toString() + "|" + AuthenticationUtil.getRunAsUser(); + if (map.containsKey(key)) { - // Check the kind of the object, the permissions and the conditions - if (checkKinds(nodeRef) == true && checkPermissions(nodeRef) == true && checkConditions(nodeRef) == true) - { - // Opportunity for child implementations to extend - result = evaluateImpl(nodeRef); - } - else - { - result = AccessDecisionVoter.ACCESS_DENIED; - } + result = map.get(key); } - - // Last chance for child implementations to veto/change the result - result = onEvaluate(nodeRef, result); - - // log access denied to help with debug - if (logger.isDebugEnabled() == true && AccessDecisionVoter.ACCESS_DENIED == result) + else { - logger.debug("Capability " + getName() + " returned an Access Denied result during evaluation of node " + nodeRef.toString()); - } + // Check we are dealing with a file plan component + if (filePlanService.isFilePlanComponent(nodeRef) == true) + { + // Check the kind of the object, the permissions and the conditions + if (checkKinds(nodeRef) == true && checkPermissions(nodeRef) == true && checkConditions(nodeRef) == true) + { + // Opportunity for child implementations to extend + result = evaluateImpl(nodeRef); + } + else + { + result = AccessDecisionVoter.ACCESS_DENIED; + } + } + + // Last chance for child implementations to veto/change the result + result = onEvaluate(nodeRef, result); + + // log access denied to help with debug + if (logger.isDebugEnabled() == true && AccessDecisionVoter.ACCESS_DENIED == result) + { + logger.debug("Capability " + getName() + " returned an Access Denied result during evaluation of node " + nodeRef.toString()); + } + + result = evaluateImpl(nodeRef); + map.put(key, result); + } return result; }