From 583b4412a812f6740db54f9a5271ec14f2dc20b2 Mon Sep 17 00:00:00 2001
From: Tuna Aksoy <tuna.aksoy@alfresco.com>
Date: Mon, 3 Dec 2012 11:41:28 +0000
Subject: [PATCH] RM-563 (Add group id and title to Capability API and
 definitions) * Changed the Role class so that the i18n properties don't have
 to be maintained on both sides (server and share)

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@44244 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
---
 .../alfresco/rma/admin/rmrole/rmrole.lib.ftl  |  16 +-
 .../security/ModelSecurityServiceImpl.java    | 107 +++--
 .../RecordsManagementSecurityServiceImpl.java | 381 +++++++++---------
 .../org_alfresco_module_rm/security/Role.java |  12 +-
 .../DeclarativeCapabilityTest.java            | 204 +++++-----
 5 files changed, 359 insertions(+), 361 deletions(-)

diff --git a/rm-server/config/alfresco/templates/webscripts/org/alfresco/rma/admin/rmrole/rmrole.lib.ftl b/rm-server/config/alfresco/templates/webscripts/org/alfresco/rma/admin/rmrole/rmrole.lib.ftl
index 48b4c854d8..bd43652d08 100644
--- a/rm-server/config/alfresco/templates/webscripts/org/alfresco/rma/admin/rmrole/rmrole.lib.ftl
+++ b/rm-server/config/alfresco/templates/webscripts/org/alfresco/rma/admin/rmrole/rmrole.lib.ftl
@@ -2,14 +2,14 @@
 <#macro roleJSON role>
 <#escape x as jsonUtils.encodeJSONString(x)>
 {
-	"name": "${role.name}",
-	"displayLabel": "${role.displayLabel}",
-	"capabilities" :
-	[
-	<#list role.capabilities as capability>
-		"${capability}"<#if capability_has_next>,</#if>
-	</#list>
-	]
+   "name": "${role.name}",
+   "displayLabel": "${role.displayLabel}",
+   "capabilities":
+   {
+   <#list role.capabilities?keys as capability>
+      "${capability}": "${role.capabilities[capability]}" <#if capability_has_next>,</#if>
+   </#list>
+   }
 }
 </#escape>
 </#macro>
\ No newline at end of file
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/model/security/ModelSecurityServiceImpl.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/model/security/ModelSecurityServiceImpl.java
index efa8173611..99a908916c 100644
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/model/security/ModelSecurityServiceImpl.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/model/security/ModelSecurityServiceImpl.java
@@ -25,14 +25,13 @@ import java.util.Map;
 import java.util.Set;
 
 import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService;
-import org.alfresco.module.org_alfresco_module_rm.capability.CapabilityService;
 import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
 import org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService;
 import org.alfresco.module.org_alfresco_module_rm.security.Role;
 import org.alfresco.repo.node.NodeServicePolicies;
+import org.alfresco.repo.policy.Behaviour.NotificationFrequency;
 import org.alfresco.repo.policy.JavaBehaviour;
 import org.alfresco.repo.policy.PolicyComponent;
-import org.alfresco.repo.policy.Behaviour.NotificationFrequency;
 import org.alfresco.repo.security.authentication.AuthenticationUtil;
 import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.cmr.repository.NodeService;
@@ -45,7 +44,7 @@ import org.alfresco.util.EqualsHelper;
  * Model security service implementation.
  * <p>
  * This service records the protected properties and aspects, ensuring that only those with the appropriate capabilities can edit them.
- * 
+ *
  * @author Roy Wetherall
  * @since 2.1
  */
@@ -57,39 +56,39 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
 {
     /** Indicates whether model security is enabled or not */
     private boolean enabled = true;
-    
+
     /** Policy component */
     private PolicyComponent policyComponent;
-    
+
     /** Node service */
     private NodeService nodeService;
-    
+
     /** Namespace service */
     private NamespaceService namespaceService;
-    
+
     /** Security service */
     private RecordsManagementSecurityService securityService;
-    
+
     /** Records management service */
     private RecordsManagementService recordsManagementService;
-    
+
     /** Map of protected properties keyed by name */
     private Map<QName, ProtectedProperty> protectedProperties = new HashMap<QName, ProtectedProperty>(21);
-    
+
     /** Map of protected aspects keyed by name */
     private Map<QName, ProtectedAspect> protectedAspects= new HashMap<QName, ProtectedAspect>(21);
-    
+
     /** Behaviour instances */
-    private JavaBehaviour beforeAddAspectBehaviour = new JavaBehaviour(this, 
-                                                                       "beforeAddAspect", 
+    private JavaBehaviour beforeAddAspectBehaviour = new JavaBehaviour(this,
+                                                                       "beforeAddAspect",
                                                                        NotificationFrequency.EVERY_EVENT);
-    private JavaBehaviour beforeRemoveAspectBehaviour = new JavaBehaviour(this, 
-                                                                          "beforeRemoveAspect", 
+    private JavaBehaviour beforeRemoveAspectBehaviour = new JavaBehaviour(this,
+                                                                          "beforeRemoveAspect",
                                                                           NotificationFrequency.EVERY_EVENT);
-    private JavaBehaviour onUpdatePropertiesBehaviour = new JavaBehaviour(this, 
-                                                                          "onUpdateProperties", 
+    private JavaBehaviour onUpdatePropertiesBehaviour = new JavaBehaviour(this,
+                                                                          "onUpdateProperties",
                                                                           NotificationFrequency.EVERY_EVENT);
-    
+
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityService#setEnabled(boolean)
      */
@@ -97,7 +96,7 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
     {
         this.enabled = enabled;
     }
-    
+
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityService#isEnabled()
      */
@@ -105,7 +104,7 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
     {
         return enabled;
     }
-    
+
     /**
      * @param policyComponent   policy component
      */
@@ -113,7 +112,7 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
     {
         this.policyComponent = policyComponent;
     }
-    
+
     /**
      * @param nodeService   node service
      */
@@ -121,7 +120,7 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
     {
         this.nodeService = nodeService;
     }
-    
+
     /**
      * @param namespaceService  namespace service
      */
@@ -129,7 +128,7 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
     {
         this.namespaceService = namespaceService;
     }
-    
+
     /**
      * @param securityService   records management security service
      */
@@ -137,7 +136,7 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
     {
         this.securityService = securityService;
     }
-    
+
     /**
      * @param recordsManagementService  records management service
      */
@@ -145,7 +144,7 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
     {
         this.recordsManagementService = recordsManagementService;
     }
-    
+
     /**
      * Init method
      */
@@ -153,19 +152,19 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
     {
         // bind model security behaviours to all records management artifacts components
         policyComponent.bindClassBehaviour(
-                NodeServicePolicies.BeforeAddAspectPolicy.QNAME, 
-                this, 
+                NodeServicePolicies.BeforeAddAspectPolicy.QNAME,
+                this,
                 beforeAddAspectBehaviour);
         policyComponent.bindClassBehaviour(
-                NodeServicePolicies.BeforeRemoveAspectPolicy.QNAME, 
-                this, 
+                NodeServicePolicies.BeforeRemoveAspectPolicy.QNAME,
+                this,
                 beforeRemoveAspectBehaviour);
         policyComponent.bindClassBehaviour(
-                NodeServicePolicies.OnUpdatePropertiesPolicy.QNAME, 
-                this, 
+                NodeServicePolicies.OnUpdatePropertiesPolicy.QNAME,
+                this,
                 onUpdatePropertiesBehaviour);
     }
-    
+
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityService#register(org.alfresco.module.org_alfresco_module_rm.model.security.ProtectedModelArtifact)
      */
@@ -173,7 +172,7 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
     public void register(ProtectedModelArtifact artifact)
     {
         // TODO validate that the artifact has a valid property and has a capability set ...
-        
+
         if (artifact instanceof ProtectedProperty)
         {
             protectedProperties.put(artifact.getQName(), (ProtectedProperty)artifact);
@@ -183,7 +182,7 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
             protectedAspects.put(artifact.getQName(), (ProtectedAspect)artifact);
         }
     }
-    
+
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityService#isProtectedProperty(org.alfresco.service.namespace.QName)
      */
@@ -210,7 +209,7 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
     {
         return protectedProperties.get(name);
     }
-    
+
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityService#canEditProtectedProperty(org.alfresco.service.cmr.repository.NodeRef, org.alfresco.service.namespace.QName)
      */
@@ -218,7 +217,7 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
     public boolean canEditProtectedProperty(NodeRef nodeRef, QName property)
     {
         boolean result = false;
-        
+
         ProtectedModelArtifact artifact = getProtectedProperty(property);
         if (artifact == null)
         {
@@ -228,14 +227,14 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
         {
             result = canEdit(nodeRef, artifact);
         }
-        
+
         return result;
     }
-    
+
     /**
      * Indicates whether the current user can edit protected model artifact in the context
      * of a given node or not.
-     * 
+     *
      * @param nodeRef   node reference
      * @param artifact  protected model artifact
      * @return boolean  true if the current user can edit the protected model artifact, false otherwise
@@ -243,24 +242,24 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
     private boolean canEdit(NodeRef nodeRef, ProtectedModelArtifact artifact)
     {
         boolean result = false;
-        
+
         NodeRef filePlan = recordsManagementService.getFilePlan(nodeRef);
         if (filePlan != null)
         {
             Set<Role> roles = securityService.getRolesByUser(filePlan, AuthenticationUtil.getFullyAuthenticatedUser());
             for (Role role : roles)
             {
-                if (Collections.disjoint(role.getCapabilities(), artifact.getCapilityNames()) == false)
+                if (Collections.disjoint(role.getCapabilities().keySet(), artifact.getCapilityNames()) == false)
                 {
                     result = true;
                     break;
                 }
             }
         }
-                
+
         return result;
     }
-    
+
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityService#isProtectedAspect(org.alfresco.service.namespace.QName)
      */
@@ -269,7 +268,7 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
     {
         return protectedAspects.containsKey(aspect);
     }
-    
+
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityService#getProtectedAspects()
      */
@@ -278,7 +277,7 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
     {
         return Collections.unmodifiableSet(protectedAspects.keySet());
     }
-    
+
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityService#getProtectedAspect(org.alfresco.service.namespace.QName)
      */
@@ -295,7 +294,7 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
     public boolean canEditProtectedAspect(NodeRef nodeRef, QName aspect)
     {
         boolean result = false;
-        
+
         ProtectedModelArtifact artifact = getProtectedAspect(aspect);
         if (artifact == null)
         {
@@ -305,10 +304,10 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
         {
             result = canEdit(nodeRef, artifact);
         }
-        
+
         return result;
     }
-    
+
     /**
      * @see org.alfresco.repo.node.NodeServicePolicies.BeforeAddAspectPolicy#beforeAddAspect(org.alfresco.service.cmr.repository.NodeRef, org.alfresco.service.namespace.QName)
      */
@@ -320,12 +319,12 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
             if (AuthenticationUtil.getFullyAuthenticatedUser() != null &&
                 AuthenticationUtil.isRunAsUserTheSystemUser() == false &&
                 isProtectedAspect(aspect) == true &&
-                nodeService.exists(nodeRef) == true && 
+                nodeService.exists(nodeRef) == true &&
                 canEditProtectedAspect(nodeRef, aspect) == false)
             {
                 // the user can't edit the protected aspect
                 throw new ModelAccessDeniedException(
-                        "The user " + AuthenticationUtil.getFullyAuthenticatedUser() + 
+                        "The user " + AuthenticationUtil.getFullyAuthenticatedUser() +
                         " does not have the permission to add the protected aspect " + aspect.toPrefixString(namespaceService) +
                         " from the node " + nodeRef.toString());
             }
@@ -343,12 +342,12 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
             if (AuthenticationUtil.getFullyAuthenticatedUser() != null &&
                 AuthenticationUtil.isRunAsUserTheSystemUser() == false &&
                 isProtectedAspect(aspect) == true &&
-                nodeService.exists(nodeRef) == true && 
+                nodeService.exists(nodeRef) == true &&
                 canEditProtectedAspect(nodeRef, aspect) == false)
             {
                 // the user can't edit the protected aspect
                 throw new ModelAccessDeniedException(
-                        "The user " + AuthenticationUtil.getFullyAuthenticatedUser() + 
+                        "The user " + AuthenticationUtil.getFullyAuthenticatedUser() +
                         " does not have the permission to remove the protected aspect " + aspect.toPrefixString(namespaceService) +
                         " from the node " + nodeRef.toString());
             }
@@ -376,7 +375,7 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
                         {
                             return;
                         }
-                        
+
                         if (EqualsHelper.nullSafeEquals(before.get(property), after.get(property)) == false &&
                            canEditProtectedProperty(nodeRef, property) == false)
                         {
@@ -385,7 +384,7 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
                                 "The user " + AuthenticationUtil.getFullyAuthenticatedUser() +
                                 " does not have the permission to edit the protected property " + property.toPrefixString(namespaceService) +
                                 " on the node " + nodeRef.toString());
-                        }                    
+                        }
                     }
                 }
             }
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityServiceImpl.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityServiceImpl.java
index eea3c7eaab..bf47bae4df 100644
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityServiceImpl.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityServiceImpl.java
@@ -62,103 +62,103 @@ import org.json.JSONObject;
 
 /**
  * Records management permission service implementation
- * 
+ *
  * @author Roy Wetherall
  */
-public class RecordsManagementSecurityServiceImpl implements RecordsManagementSecurityService, 
+public class RecordsManagementSecurityServiceImpl implements RecordsManagementSecurityService,
                                                              RecordsManagementModel
-                                                             
+
 {
     /** Capability service */
     private CapabilityService capabilityService;
-    
+
     /** Authority service */
     private AuthorityService authorityService;
-    
+
     /** Permission service */
     private PermissionService permissionService;
-    
+
     /** Policy component */
     private PolicyComponent policyComponent;
-    
+
     /** Records management service */
     private RecordsManagementService recordsManagementService;
-    
+
     /** Model security service */
     private ModelSecurityService modelSecurityService;
-    
+
     /** Node service */
     private NodeService nodeService;
-    
+
     /** Records management role zone */
     public static final String RM_ROLE_ZONE_PREFIX = "rmRoleZone";
-    
+
     /** Unfiled record container name */
     private static final String NAME_UNFILED_CONTAINER = "Unfiled Records";
-    
+
     /** Logger */
     private static Log logger = LogFactory.getLog(RecordsManagementSecurityServiceImpl.class);
-    
+
     /**
      * Set the capability service
-     * 
+     *
      * @param capabilityService
      */
     public void setCapabilityService(CapabilityService capabilityService)
     {
         this.capabilityService = capabilityService;
     }
-    
+
     /**
      * Set the authortiy service
-     * 
+     *
      * @param authorityService
      */
     public void setAuthorityService(AuthorityService authorityService)
     {
         this.authorityService = authorityService;
     }
-    
+
     /**
      * Set the permission service
-     * 
+     *
      * @param permissionService
      */
     public void setPermissionService(PermissionService permissionService)
     {
         this.permissionService = permissionService;
-    }  
-    
+    }
+
     /**
      * Set the policy component
-     * 
+     *
      * @param policyComponent
      */
     public void setPolicyComponent(PolicyComponent policyComponent)
     {
         this.policyComponent = policyComponent;
     }
-    
+
     /**
      * Set records management service
-     * 
+     *
      * @param recordsManagementService  records management service
      */
     public void setRecordsManagementService(RecordsManagementService recordsManagementService)
     {
         this.recordsManagementService = recordsManagementService;
     }
-    
+
     /**
      * Set the node service
-     * 
+     *
      * @param nodeService
      */
     public void setNodeService(NodeService nodeService)
     {
         this.nodeService = nodeService;
     }
-    
+
     /**
      * @param modelSecurityService  model security service
      */
@@ -166,46 +166,46 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
     {
         this.modelSecurityService = modelSecurityService;
     }
-        
+
     /**
      * Initialisation method
      */
     public void init()
     {
         policyComponent.bindClassBehaviour(
-                NodeServicePolicies.OnCreateNodePolicy.QNAME, 
-                TYPE_FILE_PLAN, 
+                NodeServicePolicies.OnCreateNodePolicy.QNAME,
+                TYPE_FILE_PLAN,
                 new JavaBehaviour(this, "onCreateRootNode", NotificationFrequency.TRANSACTION_COMMIT));
         policyComponent.bindClassBehaviour(
-                NodeServicePolicies.OnDeleteNodePolicy.QNAME, 
-                TYPE_FILE_PLAN, 
+                NodeServicePolicies.OnDeleteNodePolicy.QNAME,
+                TYPE_FILE_PLAN,
                 new JavaBehaviour(this, "onDeleteRootNode", NotificationFrequency.TRANSACTION_COMMIT));
         policyComponent.bindClassBehaviour(
-                NodeServicePolicies.OnCreateNodePolicy.QNAME, 
-                TYPE_RECORD_CATEGORY, 
+                NodeServicePolicies.OnCreateNodePolicy.QNAME,
+                TYPE_RECORD_CATEGORY,
                 new JavaBehaviour(this, "onCreateRMContainer", NotificationFrequency.TRANSACTION_COMMIT));
         policyComponent.bindClassBehaviour(
-                NodeServicePolicies.OnCreateNodePolicy.QNAME,  
-                TYPE_RECORD_FOLDER, 
-                new JavaBehaviour(this, "onCreateRecordFolder", NotificationFrequency.TRANSACTION_COMMIT));    
+                NodeServicePolicies.OnCreateNodePolicy.QNAME,
+                TYPE_RECORD_FOLDER,
+                new JavaBehaviour(this, "onCreateRecordFolder", NotificationFrequency.TRANSACTION_COMMIT));
     }
-    
+
     /**
      * Create root node behaviour
-     * 
+     *
      * @param childAssocRef
      */
     public void onCreateRootNode(ChildAssociationRef childAssocRef)
-    {       
+    {
         final NodeRef rmRootNode = childAssocRef.getChildRef();
-        
+
         // Do not execute behaviour if this has been created in the archive store
         if(rmRootNode.getStoreRef().equals(StoreRef.STORE_REF_ARCHIVE_SPACESSTORE) == true)
         {
             // This is not the spaces store - probably the archive store
             return;
         }
-        
+
         if (nodeService.exists(rmRootNode) == true)
         {
             NodeRef unfiledContainer = AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<NodeRef>()
@@ -213,27 +213,27 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
                 public NodeRef doWork()
                 {
                     // Create "all" role group for root node
-                    String allRoles = authorityService.createAuthority(AuthorityType.GROUP, getAllRolesGroupShortName(rmRootNode), "All Roles", null);                    
-                    
+                    String allRoles = authorityService.createAuthority(AuthorityType.GROUP, getAllRolesGroupShortName(rmRootNode), "All Roles", null);
+
                     // Set the permissions
                     permissionService.setInheritParentPermissions(rmRootNode, false);
                     permissionService.setPermission(rmRootNode, allRoles, RMPermissionModel.READ_RECORDS, true);
                     permissionService.setPermission(rmRootNode, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.READ_RECORDS, true);
                     permissionService.setPermission(rmRootNode, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.VIEW_RECORDS, true);
-                    
+
                     // Create the unfiled record container
                     return createUnfiledContainer(rmRootNode, allRoles);
                 }
             }, AuthenticationUtil.getSystemUserName());
-                        
+
             // Bootstrap in the default set of roles for the newly created root node
             bootstrapDefaultRoles(rmRootNode, unfiledContainer);
         }
     }
-    
+
     /**
      * Creates unfiled container node and sets up permissions
-     * 
+     *
      * @param rmRootNode
      * @param allRoles
      */
@@ -242,57 +242,57 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
         // create the properties map
         Map<QName, Serializable> properties = new HashMap<QName, Serializable>(1);
         properties.put(ContentModel.PROP_NAME, NAME_UNFILED_CONTAINER);
-        
+
         // create the unfiled container
         NodeRef container = nodeService.createNode(
-                        rmRootNode, 
-                        ASSOC_UNFILED_RECORDS, 
-                        QName.createQName(RM_URI, NAME_UNFILED_CONTAINER), 
+                        rmRootNode,
+                        ASSOC_UNFILED_RECORDS,
+                        QName.createQName(RM_URI, NAME_UNFILED_CONTAINER),
                         TYPE_UNFILED_RECORD_CONTAINER,
                         properties).getChildRef();
-        
+
         // set inheritance to false
         permissionService.setInheritParentPermissions(container, false);
         permissionService.setPermission(container, allRoles, RMPermissionModel.READ_RECORDS, true);
         permissionService.setPermission(container, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.READ_RECORDS, true);
-        
+
         return container;
     }
-    
+
     /**
      * Delete root node behaviour
-     * 
+     *
      * @param childAssocRef
      */
     public void onDeleteRootNode(ChildAssociationRef childAssocRef, boolean isNodeArchived)
     {
         logger.debug("onDeleteRootNode called");
-        
+
         // get the deleted node
         final NodeRef rmRootNode = childAssocRef.getChildRef();
-        
+
         AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
         {
             public Object doWork()
             {
                 // cascade delete the 'all' roles group for the site
-                String allRolesGroup = authorityService.getName(AuthorityType.GROUP, getAllRolesGroupShortName(rmRootNode));                                   
+                String allRolesGroup = authorityService.getName(AuthorityType.GROUP, getAllRolesGroupShortName(rmRootNode));
                 Set<String> groups = authorityService.getContainedAuthorities(AuthorityType.GROUP, allRolesGroup, true);
                 for (String group : groups)
                 {
                     authorityService.deleteAuthority(group);
                 }
-                
+
                 authorityService.deleteAuthority(allRolesGroup, false);
-                
+
                 return null;
             }
-        }, AuthenticationUtil.getSystemUserName());    
+        }, AuthenticationUtil.getSystemUserName());
     }
-    
+
     /**
      * Get all the roles by short name
-     * 
+     *
      * @param rmRootNode
      * @return
      */
@@ -300,7 +300,7 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
     {
         return "AllRoles" + rmRootNode.getId();
     }
-    
+
     /**
      * @param childAssocRef
      */
@@ -308,7 +308,7 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
     {
         final NodeRef recordCategory = childAssocRef.getChildRef();
         setUpPermissions(recordCategory);
-        
+
         // Pull any permissions found on the parent (ie the record category)
         final NodeRef parentNodeRef = childAssocRef.getParentRef();
         if (parentNodeRef != null && nodeService.exists(parentNodeRef) == true)
@@ -325,7 +325,7 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
 
                     // since this is not a root category, inherit from parent
                     Set<AccessPermission> perms = permissionService.getAllSetPermissions(parentNodeRef);
-                    for (AccessPermission perm : perms) 
+                    for (AccessPermission perm : perms)
                     {
                         if (fillingOnly == false ||
                             RMPermissionModel.FILING.equals(perm.getPermission()) == true)
@@ -337,19 +337,19 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
                                 allow = true;
                             }
                             permissionService.setPermission(
-                                    recordCategory, 
-                                    perm.getAuthority(), 
-                                    perm.getPermission(), 
+                                    recordCategory,
+                                    perm.getAuthority(),
+                                    perm.getPermission(),
                                     allow);
                         }
                     }
-                    
+
                     return null;
                 }
-            }, AuthenticationUtil.getSystemUserName()); 
+            }, AuthenticationUtil.getSystemUserName());
         }
     }
-    
+
     /**
      * @param childAssocRef
      */
@@ -357,7 +357,7 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
     {
       final NodeRef folderNodeRef = childAssocRef.getChildRef();
         setUpPermissions(folderNodeRef);
-        
+
         // Pull any permissions found on the parent (ie the record category)
         final NodeRef catNodeRef = childAssocRef.getParentRef();
         if (nodeService.exists(catNodeRef) == true)
@@ -367,7 +367,7 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
                 public Object doWork()
                 {
                 	Set<AccessPermission> perms = permissionService.getAllSetPermissions(catNodeRef);
-                	for (AccessPermission perm : perms) 
+                	for (AccessPermission perm : perms)
                 	{
                 	    if (ExtendedReaderDynamicAuthority.EXTENDED_READER.equals(perm.getAuthority()) == false)
                 	    {
@@ -378,43 +378,43 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
                     			allow = true;
                     		}
                     		permissionService.setPermission(
-                    				folderNodeRef, 
-                    				perm.getAuthority(), 
-                    				perm.getPermission(), 
+                    				folderNodeRef,
+                    				perm.getAuthority(),
+                    				perm.getPermission(),
                     				allow);
                 	    }
         			}
-                	
+
                     return null;
                 }
-            }, AuthenticationUtil.getSystemUserName());  
+            }, AuthenticationUtil.getSystemUserName());
         }
     }
-    
+
     /**
-     * 
+     *
      * @param nodeRef
      */
     public void setUpPermissions(final NodeRef nodeRef)
     {
         if (nodeService.exists(nodeRef) == true)
-        {        
+        {
             AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
             {
                 public Object doWork()
                 {
-                    // break inheritance 
+                    // break inheritance
                     permissionService.setInheritParentPermissions(nodeRef, false);
-                    
-                    // set extended reader permissions    
+
+                    // set extended reader permissions
                     permissionService.setPermission(nodeRef, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.READ_RECORDS, true);
-                                    
+
                     return null;
                 }
-            }, AuthenticationUtil.getSystemUserName());         
+            }, AuthenticationUtil.getSystemUserName());
         }
     }
-    
+
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#bootstrapDefaultRoles(org.alfresco.service.cmr.repository.NodeRef)
      */
@@ -422,7 +422,7 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
     {
         bootstrapDefaultRoles(rmRootNode, null);
     }
-    
+
     private void bootstrapDefaultRoles(final NodeRef rmRootNode, final NodeRef unfiledContainer)
     {
         AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
@@ -446,12 +446,12 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
                     {
                         throw new AlfrescoRuntimeException("Unable to load rm-default-roles-bootstrap.json configuration file.", ioe);
                     }
-                    
+
                     // Add each role to the rm root node
                     for (int i = 0; i < array.length(); i++)
                     {
                         JSONObject object = array.getJSONObject(i);
-                        
+
                         // Get the name of the role
                         String name = null;
                         if (object.has("name") == true)
@@ -466,22 +466,22 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
                         {
                             throw new AlfrescoRuntimeException("No name given to default bootstrap role.  Check json configuration file.");
                         }
-                        
-                                                
+
+
                         // Get the role's display label
                         String displayLabel = name;
                         if (object.has("displayLabel") == true)
                         {
                             displayLabel = object.getString("displayLabel");
                         }
-                        
+
                         // Determine whether the role is an admin role or not
                         boolean isAdmin = false;
                         if (object.has("isAdmin") == true)
                         {
                             isAdmin = object.getBoolean("isAdmin");
                         }
-                                                
+
                         // Get the roles capabilities
                         Set<Capability> capabilities = new HashSet<Capability>(30);
                         if (object.has("capabilities") == true)
@@ -498,10 +498,10 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
                                 capabilities.add(capability);
                             }
                         }
-                        
+
                         // Create the role
                         Role role = createRole(rmRootNode, name, displayLabel, capabilities);
-                        
+
                         // Add any additional admin permissions
                         if (isAdmin == true)
                         {
@@ -511,7 +511,7 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
                             {
                                 permissionService.setPermission(unfiledContainer, role.getRoleGroupName(), RMPermissionModel.FILING, true);
                             }
-                            
+
                             // Add the creating user to the administration group
                             String user = AuthenticationUtil.getFullyAuthenticatedUser();
                             authorityService.addAuthority(role.getRoleGroupName(), user);
@@ -522,15 +522,15 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
                 {
                     throw new AlfrescoRuntimeException("Error loading json configuration file rm-default-roles-bootstrap.json", exception);
                 }
-                
+
                 return null;
             }
         }, AuthenticationUtil.getSystemUserName());
     }
-    
+
     /**
      * Helper method to convert a stream to a string.
-     * 
+     *
      * @param is    input stream
      * @return {@link String}   string
      * @throws IOException
@@ -545,50 +545,50 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
         */
         BufferedReader reader = new BufferedReader(new InputStreamReader(is));
         StringBuilder sb = new StringBuilder();
-         
+
         String line = null;
-        try 
+        try
         {
-            while ((line = reader.readLine()) != null) 
+            while ((line = reader.readLine()) != null)
             {
                 sb.append(line + "\n");
             }
         }
-        finally 
+        finally
         {
             try {is.close();} catch (IOException e) {}
         }
-         
+
         return sb.toString();
     }
-    
+
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRoles()
      */
     public Set<Role> getRoles(final NodeRef rmRootNode)
-    {  
+    {
         return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Set<Role>>()
         {
             public Set<Role> doWork() throws Exception
             {
                 Set<Role> result = new HashSet<Role>(13);
-                
-                Set<String> roleAuthorities = authorityService.getAllAuthoritiesInZone(getZoneName(rmRootNode), AuthorityType.GROUP);        
+
+                Set<String> roleAuthorities = authorityService.getAllAuthoritiesInZone(getZoneName(rmRootNode), AuthorityType.GROUP);
                 for (String roleAuthority : roleAuthorities)
                 {
                     String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode);
                     String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority);
-                    Set<String> capabilities = getCapabilitiesImpl(rmRootNode, roleAuthority);
-                    
+                    Map<String, String> capabilities = getCapabilitiesImpl(rmRootNode, roleAuthority);
+
                     Role role = new Role(name, displayLabel, capabilities, roleAuthority);
-                    result.add(role);            
+                    result.add(role);
                 }
-                
+
                 return result;
             }
         }, AuthenticationUtil.getSystemUserName());
     }
-    
+
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRolesByUser(org.alfresco.service.cmr.repository.NodeRef, java.lang.String)
      */
@@ -599,29 +599,29 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
             public Set<Role> doWork() throws Exception
             {
                 Set<Role> result = new HashSet<Role>(13);
-                
-                Set<String> roleAuthorities = authorityService.getAllAuthoritiesInZone(getZoneName(rmRootNode), AuthorityType.GROUP);        
+
+                Set<String> roleAuthorities = authorityService.getAllAuthoritiesInZone(getZoneName(rmRootNode), AuthorityType.GROUP);
                 for (String roleAuthority : roleAuthorities)
                 {
                     Set<String> users = authorityService.getContainedAuthorities(AuthorityType.USER, roleAuthority, false);
                     if (users.contains(user) == true)
-                    {                    
+                    {
                         String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode);
                         String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority);
-                        Set<String> capabilities = getCapabilitiesImpl(rmRootNode, roleAuthority);
-                        
+                        Map<String, String> capabilities = getCapabilitiesImpl(rmRootNode, roleAuthority);
+
                         Role role = new Role(name, displayLabel, capabilities, roleAuthority);
-                        result.add(role);  
+                        result.add(role);
                     }
                 }
-                
+
                 return result;
             }
         }, AuthenticationUtil.getSystemUserName());
     }
-    
+
     /**
-     * 
+     *
      * @param rmRootNode
      * @return
      */
@@ -629,10 +629,10 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
     {
         return RM_ROLE_ZONE_PREFIX + rmRootNode.getId();
     }
-    
+
     /**
      * Get the full role name
-     * 
+     *
      * @param role
      * @param rmRootNode
      * @return
@@ -641,10 +641,10 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
     {
         return role + rmRootNode.getId();
     }
-    
+
     /**
      * Get the short role name
-     * 
+     *
      * @param fullRoleName
      * @param rmRootNode
      * @return
@@ -653,7 +653,7 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
     {
         return fullRoleName.replaceAll(rmRootNode.getId(), "");
     }
-    
+
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String)
      */
@@ -662,46 +662,45 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
         return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Role>()
         {
             public Role doWork() throws Exception
-            {                
+            {
                 Role result = null;
-                
+
                 String roleAuthority = authorityService.getName(AuthorityType.GROUP, getFullRoleName(role, rmRootNode));
                 if (authorityService.authorityExists(roleAuthority) == true)
                 {
                     String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode);
-                    String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority);                
-                    Set<String> capabilities = getCapabilitiesImpl(rmRootNode, roleAuthority);
-                    
+                    String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority);
+                    Map<String, String> capabilities = getCapabilitiesImpl(rmRootNode, roleAuthority);
+
                     result = new Role(name, displayLabel, capabilities, roleAuthority);
                 }
-                
+
                 return result;
             }
         }, AuthenticationUtil.getSystemUserName());
     }
-    
+
     /**
-     * 
+     *
      * @param rmRootNode
      * @param roleAuthority
      * @return
      */
-    private Set<String> getCapabilitiesImpl(NodeRef rmRootNode, String roleAuthority)
+    private Map<String, String> getCapabilitiesImpl(NodeRef rmRootNode, String roleAuthority)
     {
         Set<AccessPermission> permissions = permissionService.getAllSetPermissions(rmRootNode);
-        Set<String> capabilities = new HashSet<String>(52);
+        Map<String, String> capabilities = new HashMap<String, String>(52);
         for (AccessPermission permission : permissions)
-
         {
             if (permission.getAuthority().equals(roleAuthority) == true)
             {
                 String capabilityName = permission.getPermission();
-                if (capabilityService.getCapability(capabilityName) != null)
+                Capability capability = capabilityService.getCapability(capabilityName);
+                if (capability != null)
                 {
-                    capabilities.add(permission.getPermission());
+                    capabilities.put(capabilityName, capability.getTitle());
                 }
             }
-
         }
 
         return capabilities;
@@ -715,25 +714,25 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
         return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Boolean>()
         {
             public Boolean doWork() throws Exception
-            {                                
+            {
                 String fullRoleName = authorityService.getName(AuthorityType.GROUP, getFullRoleName(role, rmRootNode));
-            
+
                 String zone = getZoneName(rmRootNode);
                 Set<String> roles = authorityService.getAllAuthoritiesInZone(zone, AuthorityType.GROUP);
                 return new Boolean(roles.contains(fullRoleName));
             }
         }, AuthenticationUtil.getSystemUserName()).booleanValue();
     }
-    
+
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#hasRMAdminRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String)
-     * 
+     *
      * TODO .. change this to check a property of the role its self
      */
     public boolean hasRMAdminRole(NodeRef rmRootNode, String user)
     {
         boolean isRMAdmin = false;
-        
+
         Set<Role> userRoles = this.getRolesByUser(rmRootNode, user);
         if (userRoles != null)
         {
@@ -746,10 +745,10 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
                 }
             }
         }
-        
+
         return isRMAdmin;
     }
-    
+
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#createRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String, java.util.Set)
      */
@@ -760,44 +759,44 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
             public Role doWork() throws Exception
             {
                 String fullRoleName = getFullRoleName(role, rmRootNode);
-                
+
                 // Check that the role does not already exist for the rm root node
                 if (authorityService.authorityExists(authorityService.getName(AuthorityType.GROUP, fullRoleName)))
                 {
                     throw new AlfrescoRuntimeException("The role " + role + " already exists for root rm node " + rmRootNode.getId());
                 }
-                
+
                 // Create a group that relates to the records management role
                 Set<String> zones = new HashSet<String>(2);
                 zones.add(getZoneName(rmRootNode));
                 zones.add(AuthorityService.ZONE_APP_DEFAULT);
                 String roleGroup = authorityService.createAuthority(AuthorityType.GROUP, fullRoleName, roleDisplayLabel, zones);
-                
+
                 // Add the roleGroup to the "all" role group
                 String allRoleGroup = authorityService.getName(AuthorityType.GROUP, getAllRolesGroupShortName(rmRootNode));
                 authorityService.addAuthority(allRoleGroup, roleGroup);
-                
+
                 // Assign the various capabilities to the group on the root records management node
-                Set<String> capStrings = new HashSet<String>(53);
+                Map<String, String> capStrings = new HashMap<String, String>(53);
                 if (capabilities != null)
                 {
                     for (Capability capability : capabilities)
                     {
                         permissionService.setPermission(rmRootNode, roleGroup, capability.getName(), true);
                     }
-                    
+
                     // Create the role
                     for (Capability capability : capabilities)
                     {
-                        capStrings.add(capability.getName());
+                        capStrings.put(capability.getName(), capability.getTitle());
                     }
                 }
-                
+
                 return new Role(role, roleDisplayLabel, capStrings, roleGroup);
             }
         }, AuthenticationUtil.getSystemUserName());
     }
-    
+
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#updateRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String, java.util.Set)
      */
@@ -806,30 +805,30 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
         return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Role>()
         {
             public Role doWork() throws Exception
-            {                                
+            {
                 String roleAuthority = authorityService.getName(AuthorityType.GROUP, getFullRoleName(role, rmRootNode));
-                
+
                 // Reset the role display name
                 authorityService.setAuthorityDisplayName(roleAuthority, roleDisplayLabel);
 
                 // TODO this needs to be improved, removing all and readding is not ideal
-                
+
                 // Clear the current capabilities
                 permissionService.clearPermission(rmRootNode, roleAuthority);
-                
+
                 // Re-add the provided capabilities
                 for (Capability capability : capabilities)
                 {
                     permissionService.setPermission(rmRootNode, roleAuthority, capability.getName(), true);
                 }
-                
-                Set<String> capStrings = new HashSet<String>(capabilities.size());
+
+                Map<String, String> capStrings = new HashMap<String, String>(capabilities.size());
                 for (Capability capability : capabilities)
                 {
-                    capStrings.add(capability.getName());
+                    capStrings.put(capability.getName(), capability.getTitle());
                 }
                 return new Role(role, roleDisplayLabel, capStrings, roleAuthority);
-                
+
             }
         }, AuthenticationUtil.getSystemUserName());
     }
@@ -842,15 +841,15 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
         AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
         {
             public Boolean doWork() throws Exception
-            {                                
+            {
                 String roleAuthority = authorityService.getName(AuthorityType.GROUP, getFullRoleName(role, rmRootNode));
-                authorityService.deleteAuthority(roleAuthority);                
+                authorityService.deleteAuthority(roleAuthority);
                 return null;
-                
+
             }
         }, AuthenticationUtil.getSystemUserName());
     }
-    
+
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#assignRoleToAuthority(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String)
      */
@@ -859,15 +858,15 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
         AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
         {
             public Boolean doWork() throws Exception
-            {                                
+            {
                 String roleAuthority = authorityService.getName(AuthorityType.GROUP, getFullRoleName(role, rmRootNode));
-                authorityService.addAuthority(roleAuthority, authorityName);             
+                authorityService.addAuthority(roleAuthority, authorityName);
                 return null;
-                
+
             }
         }, AuthenticationUtil.getSystemUserName());
     }
-    
+
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#setPermission(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String, boolean)
      */
@@ -876,7 +875,7 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
         ParameterCheck.mandatory("nodeRef", nodeRef);
         ParameterCheck.mandatory("authority", authority);
         ParameterCheck.mandatory("permission", permission);
-        
+
         AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
         {
             public Boolean doWork() throws Exception
@@ -902,15 +901,15 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
                         logger.warn("Setting permissions for this node is not supported.  (nodeRef=" + nodeRef + ", authority=" + authority + ", permission=" + permission + ")");
                     }
                 }
-                
+
                 return null;
             }
         }, AuthenticationUtil.getSystemUserName());
     }
-    
+
     /**
      * Helper method to set the read permission up the hierarchy
-     * 
+     *
      * @param nodeRef
      * @param authority
      */
@@ -924,10 +923,10 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
             setReadPermissionUp(parent, authority);
         }
     }
-    
+
     /**
      * Helper method to set the permission down the hierarchy
-     * 
+     *
      * @param nodeRef
      * @param authority
      * @param permission
@@ -949,10 +948,10 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
             }
         }
     }
-    
+
     /**
      * Set the permission, taking into account that filing is a superset of read
-     * 
+     *
      * @param nodeRef
      * @param authority
      * @param permission
@@ -964,10 +963,10 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
             // Remove record read permission before adding filing permission
             permissionService.deletePermission(nodeRef, authority, RMPermissionModel.READ_RECORDS);
         }
-        
+
         permissionService.setPermission(nodeRef, authority, permission, true);
     }
-    
+
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#deletePermission(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String)
      */
@@ -976,10 +975,10 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
         AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
         {
             public Boolean doWork() throws Exception
-            { 
+            {
                 // Delete permission on this node
                 permissionService.deletePermission(nodeRef, authority, permission);
-                
+
                 if (recordsManagementService.isRecordsManagementContainer(nodeRef) == true)
                 {
                     List<ChildAssociationRef> assocs = nodeService.getChildAssocs(nodeRef, ContentModel.ASSOC_CONTAINS, RegexQNamePattern.MATCH_ALL);
@@ -993,12 +992,12 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
                         }
                     }
                 }
-                
+
                 return null;
             }
-        }, AuthenticationUtil.getSystemUserName());        
+        }, AuthenticationUtil.getSystemUserName());
     }
-    
+
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getProtectedAspects()
      */
@@ -1008,7 +1007,7 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
     {
         return modelSecurityService.getProtectedAspects();
     }
-    
+
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getProtectedProperties()
      */
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/Role.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/Role.java
index 79b4986979..bb194870e1 100644
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/Role.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/Role.java
@@ -18,10 +18,10 @@
  */
 package org.alfresco.module.org_alfresco_module_rm.security;
 
-import java.util.Set;
+import java.util.Map;
 
 /**
- * Records management role class 
+ * Records management role class
  *
  * @author Roy Wetherall
  */
@@ -29,15 +29,15 @@ public class Role
 {
     private String name;
     private String displayLabel;
-    private Set<String> capabilities;
+    private Map<String, String> capabilities;
     private String roleGroupName;
-    
+
     /**
      * @param name
      * @param displayLabel
      * @param capabilities
      */
-    public Role(String name, String displayLabel, Set<String> capabilities, String roleGroupName)
+    public Role(String name, String displayLabel, Map<String, String> capabilities, String roleGroupName)
     {
         this.name = name;
         this.displayLabel = displayLabel;
@@ -64,7 +64,7 @@ public class Role
     /**
      * @return the capabilities
      */
-    public Set<String> getCapabilities()
+    public Map<String, String> getCapabilities()
     {
         return capabilities;
     }
diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/DeclarativeCapabilityTest.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/DeclarativeCapabilityTest.java
index ddbddd2dad..8169c7241b 100644
--- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/DeclarativeCapabilityTest.java
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/DeclarativeCapabilityTest.java
@@ -41,7 +41,7 @@ import org.alfresco.service.cmr.security.AccessStatus;
 
 /**
  * Declarative capability unit test
- * 
+ *
  * @author Roy Wetherall
  */
 public class DeclarativeCapabilityTest extends BaseRMTestCase
@@ -49,33 +49,33 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase
     private NodeRef record;
     private NodeRef declaredRecord;
     private NodeRef undeclaredRecord;
-    
-    private NodeRef recordFolderContainsFrozen;    
+
+    private NodeRef recordFolderContainsFrozen;
     private NodeRef frozenRecord;
     private NodeRef frozenRecord2;
     private NodeRef frozenRecordFolder;
-    
+
     private NodeRef closedFolder;
-    
+
     private NodeRef moveToFolder;
     private NodeRef moveToCategory;
-    
+
     @Override
     protected boolean isUserTest()
     {
         return true;
     }
-    
+
     @Override
     protected void setupTestDataImpl()
     {
         super.setupTestDataImpl();
-        
+
         // Pre-filed content
         record = utils.createRecord(rmFolder, "record.txt");
         declaredRecord = utils.createRecord(rmFolder, "declaredRecord.txt");
         undeclaredRecord = utils.createRecord(rmFolder, "undeclaredRecord.txt");
-        
+
         // Closed folder
         closedFolder = rmService.createRecordFolder(rmContainer, "closedFolder");
         utils.closeFolder(closedFolder);
@@ -85,36 +85,36 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase
         frozenRecord = utils.createRecord(rmFolder, "frozenRecord.txt");
         frozenRecord2 = utils.createRecord(recordFolderContainsFrozen, "frozen2.txt");
         frozenRecordFolder = rmService.createRecordFolder(rmContainer, "frozenRecordFolder");
-        
+
         // MoveTo artifacts
         moveToFolder = rmService.createRecordFolder(rmContainer, "moveToFolder");
-        moveToCategory = rmService.createRecordCategory(rmContainer, "moveToCategory");       
+        moveToCategory = rmService.createRecordCategory(rmContainer, "moveToCategory");
     }
-    
+
     @Override
     protected void setupTestData()
     {
         super.setupTestData();
-        
+
         retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback<Object>()
         {
             @Override
             public Object execute() throws Throwable
             {
                 AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getSystemUserName());
-                
+
                 utils.declareRecord(declaredRecord);
                 utils.declareRecord(frozenRecord);
                 utils.declareRecord(frozenRecord2);
                 utils.freeze(frozenRecord);
-                utils.freeze(frozenRecordFolder); 
+                utils.freeze(frozenRecordFolder);
                 utils.freeze(frozenRecord2);
-                
+
                 return null;
             }
         });
     }
-    
+
     @Override
     protected void tearDownImpl()
     {
@@ -122,30 +122,30 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase
     	utils.unfreeze(frozenRecord);
     	utils.unfreeze(frozenRecordFolder);
     	utils.unfreeze(frozenRecord2);
-        
+
         super.tearDownImpl();
     }
-    
+
     @Override
     protected void setupTestUsersImpl(NodeRef filePlan)
     {
         super.setupTestUsersImpl(filePlan);
-        
+
         // Give all the users file permission objects
         for (String user : testUsers)
         {
             securityService.setPermission(rmFolder, user, RMPermissionModel.FILING);
             securityService.setPermission(moveToFolder, user, RMPermissionModel.READ_RECORDS);
             securityService.setPermission(moveToCategory, user, RMPermissionModel.READ_RECORDS);
-        }                
+        }
     }
-    
+
     public void testDeclarativeCapabilities()
     {
         Set<Capability> capabilities = capabilityService.getCapabilities();
         for (Capability capability : capabilities)
         {
-            if (capability instanceof DeclarativeCapability && 
+            if (capability instanceof DeclarativeCapability &&
                 capability instanceof CompositeCapability == false &&
                 capability.isPrivate() == false &&
                 capability.getName().equals("MoveRecords") == false &&
@@ -156,84 +156,84 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase
             }
         }
     }
-    
+
     private void testDeclarativeCapability(final DeclarativeCapability capability)
-    {     
+    {
         for (String user : testUsers)
         {
             testDeclarativeCapability(capability, user, filePlan);
             testDeclarativeCapability(capability, user, rmContainer);
             testDeclarativeCapability(capability, user, rmFolder);
             testDeclarativeCapability(capability, user, record);
-        }        
-    } 
-    
+        }
+    }
+
     private void testDeclarativeCapability(final DeclarativeCapability capability, final String userName, final NodeRef filePlanComponent)
     {
         doTestInTransaction(new Test<Void>()
         {
             @Override
             public Void run()
-            { 
+            {
                 AccessStatus accessStatus = capability.hasPermission(filePlanComponent);
-                
+
                 Set<Role> roles = securityService.getRolesByUser(filePlan, userName);
                 if (roles.isEmpty() == true)
                 {
-                    assertEquals("User " + userName + " has no RM role so we expect access to be denied for capability " + capability.getName(), 
-                                 AccessStatus.DENIED, 
+                    assertEquals("User " + userName + " has no RM role so we expect access to be denied for capability " + capability.getName(),
+                                 AccessStatus.DENIED,
                                  accessStatus);
                 }
                 else
                 {
                     // Do the kind check here ...
-                    FilePlanComponentKind actualKind = rmService.getFilePlanComponentKind(filePlanComponent);                    
+                    FilePlanComponentKind actualKind = rmService.getFilePlanComponentKind(filePlanComponent);
                     List<String> kinds = capability.getKinds();
-                    
+
                     if (kinds == null ||
                         kinds.contains(actualKind.toString()) == true)
-                    {                    
+                    {
                         Map<String, Boolean> conditions = capability.getConditions();
                         boolean conditionResult = getConditionResult(filePlanComponent, conditions);
-                        
+
                         assertEquals("User is expected to only have one role.", 1, roles.size());
                         Role role = new ArrayList<Role>(roles).get(0);
                         assertNotNull(role);
-                        
-                        Set<String> roleCapabilities = role.getCapabilities();
-                        if (roleCapabilities.contains(capability.getName()) == true && conditionResult == true)
+
+                        Map<String, String> roleCapabilities = role.getCapabilities();
+                        if (roleCapabilities.containsKey(capability.getName()) == true && conditionResult == true)
                         {
-                            assertEquals("User " + userName + " has the role " + role.getDisplayLabel() + 
+                            assertEquals("User " + userName + " has the role " + role.getDisplayLabel() +
                                          " so we expect access to be allowed for capability " + capability.getName() + " on the object " +
                                          (String)nodeService.getProperty(filePlanComponent, ContentModel.PROP_NAME),
-                                         AccessStatus.ALLOWED, 
+                                         AccessStatus.ALLOWED,
                                          accessStatus);
                         }
                         else
                         {
-                            assertEquals("User " + userName + " has the role " + role.getDisplayLabel() + " so we expect access to be denied for capability " + capability.getName(), 
-                                         AccessStatus.DENIED, 
+                            assertEquals("User " + userName + " has the role " + role.getDisplayLabel() + " so we expect access to be denied for capability " + capability.getName(),
+                                         AccessStatus.DENIED,
                                          accessStatus);
                         }
                     }
                     else
                     {
                         // Expect fail since the kind is not expected by the capability
-                        assertEquals("NodeRef is of kind" + actualKind + " so we expect access to be denied for capability " + capability.getName(), 
-                                AccessStatus.DENIED, 
+                        assertEquals("NodeRef is of kind" + actualKind + " so we expect access to be denied for capability " + capability.getName(),
+                                AccessStatus.DENIED,
                                 accessStatus);
                     }
                 }
-                
+
                 return null;
             }
         }, userName);
     }
-    
+
     private boolean getConditionResult(NodeRef nodeRef, Map<String, Boolean> conditions)
     {
         boolean result = true;
-        
+
         if (conditions != null && conditions.size() != 0)
         {
             for (Map.Entry<String, Boolean> entry : conditions.entrySet())
@@ -241,7 +241,7 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase
                 // Get the condition bean
                 CapabilityCondition condition = (CapabilityCondition)applicationContext.getBean(entry.getKey());
                 assertNotNull("Invalid condition name.", condition);
-                
+
                 boolean actual = condition.evaluate(nodeRef);
                 if (actual != entry.getValue().booleanValue())
                 {
@@ -250,35 +250,17 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase
                 }
             }
         }
-        
+
         return result;
     }
-    
+
     /** Specific declarative capability tests */
-    
+
     public void testFileCapability()
     {
         final Capability capability = capabilityService.getCapability("File");
         assertNotNull(capability);
-        
-        doTestInTransaction(new Test<Void>()
-        {
-            @Override
-            public Void run()
-            {
-                assertEquals(AccessStatus.DENIED, capability.hasPermission(rmContainer));
-                assertEquals(AccessStatus.ALLOWED, capability.hasPermission(rmFolder)); 
-                assertEquals(AccessStatus.ALLOWED, capability.hasPermission(record));
-                assertEquals(AccessStatus.DENIED, capability.hasPermission(declaredRecord));
-                assertEquals(AccessStatus.DENIED, capability.hasPermission(frozenRecordFolder));
-                assertEquals(AccessStatus.DENIED, capability.hasPermission(recordFolderContainsFrozen));
-                assertEquals(AccessStatus.DENIED, capability.hasPermission(frozenRecord));
-                assertEquals(AccessStatus.DENIED, capability.hasPermission(closedFolder)); 
-                
-                return null;
-            }
-        }, recordsManagerName);
-        
+
         doTestInTransaction(new Test<Void>()
         {
             @Override
@@ -291,19 +273,37 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase
                 assertEquals(AccessStatus.DENIED, capability.hasPermission(frozenRecordFolder));
                 assertEquals(AccessStatus.DENIED, capability.hasPermission(recordFolderContainsFrozen));
                 assertEquals(AccessStatus.DENIED, capability.hasPermission(frozenRecord));
-                assertEquals(AccessStatus.DENIED, capability.hasPermission(closedFolder)); 
-                
+                assertEquals(AccessStatus.DENIED, capability.hasPermission(closedFolder));
+
+                return null;
+            }
+        }, recordsManagerName);
+
+        doTestInTransaction(new Test<Void>()
+        {
+            @Override
+            public Void run()
+            {
+                assertEquals(AccessStatus.DENIED, capability.hasPermission(rmContainer));
+                assertEquals(AccessStatus.ALLOWED, capability.hasPermission(rmFolder));
+                assertEquals(AccessStatus.ALLOWED, capability.hasPermission(record));
+                assertEquals(AccessStatus.DENIED, capability.hasPermission(declaredRecord));
+                assertEquals(AccessStatus.DENIED, capability.hasPermission(frozenRecordFolder));
+                assertEquals(AccessStatus.DENIED, capability.hasPermission(recordFolderContainsFrozen));
+                assertEquals(AccessStatus.DENIED, capability.hasPermission(frozenRecord));
+                assertEquals(AccessStatus.DENIED, capability.hasPermission(closedFolder));
+
                 return null;
             }
         }, rmUserName);
     }
-    
+
     public void testMoveRecordCapability()
     {
         // grab the move record capability
         final Capability capability = capabilityService.getCapability("MoveRecords");
         assertNotNull(capability);
-        
+
         doTestInTransaction(new Test<Void>()
         {
             @Override
@@ -317,21 +317,21 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase
                 assertEquals(AccessStatus.DENIED, capability.hasPermission(frozenRecordFolder));
                 assertEquals(AccessStatus.DENIED, capability.hasPermission(recordFolderContainsFrozen));
                 assertEquals(AccessStatus.DENIED, capability.hasPermission(frozenRecord));
-                assertEquals(AccessStatus.DENIED, capability.hasPermission(closedFolder)); 
+                assertEquals(AccessStatus.DENIED, capability.hasPermission(closedFolder));
                 assertEquals(AccessStatus.UNDETERMINED, capability.hasPermission(undeclaredRecord));
-                
+
                 // now lets take a look when we know what the destination is
-                // NOTE:  should be denied since we do not have file permission on the destination folder 
+                // NOTE:  should be denied since we do not have file permission on the destination folder
                 //        despite having the capability!
                 assertEquals(AccessDecisionVoter.ACCESS_DENIED, capability.evaluate(record, moveToFolder));
                 assertEquals(AccessDecisionVoter.ACCESS_DENIED, capability.evaluate(declaredRecord, moveToFolder));
                 assertEquals(AccessDecisionVoter.ACCESS_DENIED, capability.evaluate(undeclaredRecord, moveToFolder));
                 assertEquals(AccessDecisionVoter.ACCESS_DENIED, capability.evaluate(frozenRecord, moveToFolder));
-                
+
                 return null;
             }
         }, recordsManagerName);
-        
+
         doTestInTransaction(new Test<Void>()
         {
             @Override
@@ -344,7 +344,7 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase
                 return null;
             }
         }, rmAdminName);
-        
+
         doTestInTransaction(new Test<Void>()
         {
             @Override
@@ -358,20 +358,20 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase
                 assertEquals(AccessStatus.DENIED, capability.hasPermission(frozenRecordFolder));
                 assertEquals(AccessStatus.DENIED, capability.hasPermission(recordFolderContainsFrozen));
                 assertEquals(AccessStatus.DENIED, capability.hasPermission(frozenRecord));
-                assertEquals(AccessStatus.DENIED, capability.hasPermission(closedFolder)); 
+                assertEquals(AccessStatus.DENIED, capability.hasPermission(closedFolder));
                 assertEquals(AccessStatus.UNDETERMINED, capability.hasPermission(undeclaredRecord));
-                
+
                 // now lets take a look when we know what the destination is
                 // NOTE:  should be allowed now since we have filling permission on the destination folder
                 assertEquals(AccessDecisionVoter.ACCESS_GRANTED, capability.evaluate(record, moveToFolder));
                 assertEquals(AccessDecisionVoter.ACCESS_GRANTED, capability.evaluate(declaredRecord, moveToFolder));
                 assertEquals(AccessDecisionVoter.ACCESS_GRANTED, capability.evaluate(undeclaredRecord, moveToFolder));
                 assertEquals(AccessDecisionVoter.ACCESS_DENIED, capability.evaluate(frozenRecord, moveToFolder));
-                
+
                 return null;
             }
         }, recordsManagerName);
-        
+
         doTestInTransaction(new Test<Void>()
         {
             @Override
@@ -385,27 +385,27 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase
                 assertEquals(AccessStatus.DENIED, capability.hasPermission(frozenRecordFolder));
                 assertEquals(AccessStatus.DENIED, capability.hasPermission(recordFolderContainsFrozen));
                 assertEquals(AccessStatus.DENIED, capability.hasPermission(frozenRecord));
-                assertEquals(AccessStatus.DENIED, capability.hasPermission(closedFolder)); 
+                assertEquals(AccessStatus.DENIED, capability.hasPermission(closedFolder));
                 assertEquals(AccessStatus.DENIED, capability.hasPermission(undeclaredRecord));
-                
+
                 // now lets take a look when we know what the destination is
                 // NOTE:  should be allowed now since we have filling permission on the destination folder
                 assertEquals(AccessDecisionVoter.ACCESS_DENIED, capability.evaluate(record, moveToFolder));
                 assertEquals(AccessDecisionVoter.ACCESS_DENIED, capability.evaluate(declaredRecord, moveToFolder));
                 assertEquals(AccessDecisionVoter.ACCESS_DENIED, capability.evaluate(undeclaredRecord, moveToFolder));
                 assertEquals(AccessDecisionVoter.ACCESS_DENIED, capability.evaluate(frozenRecord, moveToFolder));
-                
+
                 return null;
             }
         }, rmUserName);
     }
-    
+
     public void testMoveRecordFolderCapability()
     {
         // grab the move record capability
         final Capability capability = capabilityService.getCapability("MoveRecordFolder");
         assertNotNull(capability);
-        
+
         doTestInTransaction(new Test<Void>()
         {
             @Override
@@ -419,15 +419,15 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase
                 assertEquals(AccessStatus.DENIED, capability.hasPermission(frozenRecordFolder));
                 assertEquals(AccessStatus.DENIED, capability.hasPermission(recordFolderContainsFrozen));
                 assertEquals(AccessStatus.DENIED, capability.hasPermission(frozenRecord));
-                assertEquals(AccessStatus.DENIED, capability.hasPermission(closedFolder)); 
+                assertEquals(AccessStatus.DENIED, capability.hasPermission(closedFolder));
                 assertEquals(AccessStatus.DENIED, capability.hasPermission(undeclaredRecord));
-                
+
                 assertEquals(AccessDecisionVoter.ACCESS_DENIED, capability.evaluate(rmFolder, moveToCategory));
-                
+
                 return null;
             }
         }, recordsManagerName);
-        
+
         doTestInTransaction(new Test<Void>()
         {
             @Override
@@ -440,7 +440,7 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase
                 return null;
             }
         }, rmAdminName);
-        
+
         doTestInTransaction(new Test<Void>()
         {
             @Override
@@ -453,15 +453,15 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase
                 assertEquals(AccessStatus.DENIED, capability.hasPermission(frozenRecordFolder));
                 assertEquals(AccessStatus.DENIED, capability.hasPermission(recordFolderContainsFrozen));
                 assertEquals(AccessStatus.DENIED, capability.hasPermission(frozenRecord));
-                assertEquals(AccessStatus.DENIED, capability.hasPermission(closedFolder)); 
+                assertEquals(AccessStatus.DENIED, capability.hasPermission(closedFolder));
                 assertEquals(AccessStatus.DENIED, capability.hasPermission(undeclaredRecord));
-                
+
                 assertEquals(AccessDecisionVoter.ACCESS_GRANTED, capability.evaluate(rmFolder, moveToCategory));
-                
+
                 return null;
             }
         }, recordsManagerName);
-        
+
         doTestInTransaction(new Test<Void>()
         {
             @Override
@@ -474,11 +474,11 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase
                 assertEquals(AccessStatus.DENIED, capability.hasPermission(frozenRecordFolder));
                 assertEquals(AccessStatus.DENIED, capability.hasPermission(recordFolderContainsFrozen));
                 assertEquals(AccessStatus.DENIED, capability.hasPermission(frozenRecord));
-                assertEquals(AccessStatus.DENIED, capability.hasPermission(closedFolder)); 
+                assertEquals(AccessStatus.DENIED, capability.hasPermission(closedFolder));
                 assertEquals(AccessStatus.DENIED, capability.hasPermission(undeclaredRecord));
-                
+
                 assertEquals(AccessDecisionVoter.ACCESS_DENIED, capability.evaluate(rmFolder, moveToCategory));
-                
+
                 return null;
             }
         }, rmUserName);