Merged 5.1-MNT1 (5.1.0) to HEAD (5.1)

115455 adavis: Merged 5.1.N (5.1.1) to 5.1-MNT1 (5.1.0) 113248 adavis: Merged 5.0.N (5.0.3) to 5.1.N (5.1.1) 113032 adavis: Merged V4.2-BUG-FIX (4.2.6) to 5.0.N (5.0.3) 112701 vshikunets: Merged DEV to V4.2-BUG-FIX (4.2.6). 112128: MNT-11220: Access Denied thrown if model is missing. git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@115665 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-10-15 15:02:20 +00:00 · 2015-10-30 00:09:47 +00:00
parent 1bf5fb2b73
commit 4948a79966
2 changed files with 129 additions and 1 deletions
--- a/source/java/org/alfresco/repo/security/permissions/impl/PermissionServiceImpl.java
+++ b/source/java/org/alfresco/repo/security/permissions/impl/PermissionServiceImpl.java
@@ -680,9 +680,20 @@ public class PermissionServiceImpl extends AbstractLifecycleBean implements Perm
        }, AuthenticationUtil.getSystemUserName());
        available.add(getAllPermissionReference());
        available.add(OLD_ALL_PERMISSIONS_REFERENCE);
-
+        
        if (!(available.contains(permission)))
        {
+            Set<PermissionReference> permissionsSystemBase = AuthenticationUtil.runAsSystem(new RunAsWork<Set<PermissionReference>>()
+                    {
+                        public Set<PermissionReference> doWork() throws Exception
+                        {
+                            return modelDAO.getAllPermissions(ContentModel.TYPE_BASE, aspectQNames);
+                        }
+                    });
+            if(permissionsSystemBase.contains(permission) && authorisations.contains(AuthenticationUtil.getAdminRoleName()))
+            {
+                return AccessStatus.ALLOWED;
+            }
            return AccessStatus.DENIED;
        }