RM-1089: CLONE - Group added twice for default categories

RM-1314: Permissions can be added twice git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@73619 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-07-31 17:39:05 +00:00 · 2014-06-12 06:39:15 +00:00
parent f660c5a7ba
commit 4c8615b9c0
1 changed files with 35 additions and 10 deletions
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanPermissionServiceImpl.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanPermissionServiceImpl.java
@@ -55,7 +55,8 @@ import org.apache.commons.logging.LogFactory;
 */
@BehaviourBean
 public class FilePlanPermissionServiceImpl extends    ServiceBaseImpl
-                                           implements FilePlanPermissionService
+                                           implements FilePlanPermissionService,
+                                                      RMPermissionModel
 {
    /** Permission service */
    protected PermissionService permissionService;
@@ -512,21 +513,45 @@ public class FilePlanPermissionServiceImpl extends    ServiceBaseImpl
    /**
     * Set the permission, taking into account that filing is a superset of read
     *
-     * @param nodeRef
-     * @param authority
-     * @param permission
+     * @param nodeRef       node reference
+     * @param authority     authority
+     * @param permission    permission
     */
    private void setPermissionImpl(NodeRef nodeRef, String authority, String permission)
    {
-        if (RMPermissionModel.FILING.equals(permission))
+        boolean hasRead = false;
+        boolean hasFilling = false;
+        
+        Set<AccessPermission> perms = permissionService.getAllSetPermissions(nodeRef);
+        for (AccessPermission perm : perms)
        {
-            // Remove record read permission before adding filing permission
-            permissionService.deletePermission(nodeRef, authority, RMPermissionModel.READ_RECORDS);
+            if (perm.getAuthority().equals(authority))
+            {
+                if (perm.getPermission().equals(FILING))
+                {
+                    hasFilling = true;
+                }
+                else if (perm.getPermission().equals(READ_RECORDS))
+                {
+                    hasRead = true;
+                }
+            } 
        }
-
-        permissionService.setPermission(nodeRef, authority, permission, true);
+        
+        if (FILING.equals(permission) && hasRead)
+        {
+            // remove read permission
+            permissionService.deletePermission(nodeRef, authority, RMPermissionModel.READ_RECORDS);       
+            hasRead = false;
+        }
+        
+        if (!hasRead && !hasFilling)
+        {
+            // add permission
+            permissionService.setPermission(nodeRef, authority, permission, true);            
+        }        
    }
-
+    
    /**
     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#deletePermission(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String)
     */