inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-31 17:39:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

RM: In-place filing prototype WIP

Browse Source 
* dynamic authority set ReadRecord permission on new record and ViewRecord capability on containing file plan
 * dynamic 'Record Readers' authority working correctly (checking whether current user is contained in the users/groups snap shoted as readers when the document was made a record)
 * unit test showing document in collab site being made a record and the existing collab user having record read permissions without being added to the RM site or given an RM role.
 * this check-in is sufficient to demonstrate that collaboration users can create records and view them without having to introduce any form of noticable mapping between the RM and Collab sites.  (relates to RM-485)



git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/DEV/INPLACE@41708 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Roy Wetherall
2012-09-18 08:16:53 +00:00
parent 7b9912626c
commit 58bb845f42
8 changed files with 284 additions and 111 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
rm-server/config/alfresco/module/org_alfresco_module_rm/rm-service-context.xml
View File

@@ -839,8 +839,6 @@
<![CDATA[ <![CDATA[
org.alfresco.module.org_alfresco_module_rm.record.RecordService.getRecordMetaDataAspects=RM_ALLOW org.alfresco.module.org_alfresco_module_rm.record.RecordService.getRecordMetaDataAspects=RM_ALLOW
org.alfresco.module.org_alfresco_module_rm.record.RecordService.isDeclared=RM.Read.0 org.alfresco.module.org_alfresco_module_rm.record.RecordService.isDeclared=RM.Read.0
org.alfresco.module.org_alfresco_module_rm.record.RecordService.getNewRecordContainer=RM.Read.0
org.alfresco.module.org_alfresco_module_rm.record.RecordService.createRecord=RM.Write.0.1
org.alfresco.module.org_alfresco_module_rm.record.RecordService.*=RM_DENY org.alfresco.module.org_alfresco_module_rm.record.RecordService.*=RM_DENY
]]> ]]>
</value> </value>

19
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/dm/CreateRecordAction.java
View File

@@ -41,6 +41,7 @@ import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService; import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.security.PermissionService; import org.alfresco.service.cmr.security.PermissionService;
import org.alfresco.service.namespace.QName; import org.alfresco.service.namespace.QName;
import org.alfresco.service.namespace.RegexQNamePattern;
/** /**
* Creates a new record from an existing content object. * Creates a new record from an existing content object.
@@ -52,6 +53,8 @@ import org.alfresco.service.namespace.QName;
public class CreateRecordAction extends ActionExecuterAbstractBase public class CreateRecordAction extends ActionExecuterAbstractBase
implements RecordsManagementModel implements RecordsManagementModel
{ {
public static final String NAME = "create-record";
private RecordsManagementService recordsManagementService; private RecordsManagementService recordsManagementService;
private RecordService recordService; private RecordService recordService;
@@ -103,7 +106,7 @@ public class CreateRecordAction extends ActionExecuterAbstractBase
ChildAssociationRef parentAssoc = nodeService.getPrimaryParent(actionedUponNodeRef); ChildAssociationRef parentAssoc = nodeService.getPrimaryParent(actionedUponNodeRef);
/// get the new record container for the file plan /// get the new record container for the file plan
NodeRef newRecordContainer = recordService.getNewRecordContainer(filePlan); NodeRef newRecordContainer = getNewRecordContainer(filePlan);
if (newRecordContainer == null) if (newRecordContainer == null)
{ {
throw new AlfrescoRuntimeException("Unable to create record, because new record container could not be found."); throw new AlfrescoRuntimeException("Unable to create record, because new record container could not be found.");
@@ -127,6 +130,10 @@ public class CreateRecordAction extends ActionExecuterAbstractBase
RecordReadersDynamicAuthority.RECORD_READERS, RecordReadersDynamicAuthority.RECORD_READERS,
RMPermissionModel.READ_RECORDS, RMPermissionModel.READ_RECORDS,
true); true);
permissionService.setPermission(filePlan,
RecordReadersDynamicAuthority.RECORD_READERS,
RMPermissionModel.VIEW_RECORDS,
true);
return null; return null;
} }
@@ -137,6 +144,16 @@ public class CreateRecordAction extends ActionExecuterAbstractBase
throw new AlfrescoRuntimeException("Unable to file file plan."); throw new AlfrescoRuntimeException("Unable to file file plan.");
} }
} }
private NodeRef getNewRecordContainer(NodeRef filePlan)
{
List<ChildAssociationRef> assocs = nodeService.getChildAssocs(filePlan, ASSOC_NEW_RECORDS, RegexQNamePattern.MATCH_ALL);
if (assocs.size() != 1)
{
throw new AlfrescoRuntimeException("Error getting the new record container, because the container cannot be indentified.");
}
return assocs.get(0).getChildRef();
}
@Override @Override
protected void addParameterDefinitions(List<ParameterDefinition> params) protected void addParameterDefinitions(List<ParameterDefinition> params)

44
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/permission/RecordReadersDynamicAuthority.java
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (C) 2005-2012 Alfresco Software Limited. ` * Copyright (C) 2005-2012 Alfresco Software Limited.
* *
* This file is part of Alfresco * This file is part of Alfresco
* *
@@ -18,6 +18,7 @@
*/ */
package org.alfresco.module.org_alfresco_module_rm.permission; package org.alfresco.module.org_alfresco_module_rm.permission;
import java.util.List;
import java.util.Set; import java.util.Set;
import org.alfresco.module.org_alfresco_module_rm.FilePlanComponentKind; import org.alfresco.module.org_alfresco_module_rm.FilePlanComponentKind;
@@ -28,6 +29,7 @@ import org.alfresco.repo.security.permissions.PermissionReference;
import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService; import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.security.AuthorityService; import org.alfresco.service.cmr.security.AuthorityService;
import org.alfresco.service.cmr.security.AuthorityType;
import org.springframework.beans.BeansException; import org.springframework.beans.BeansException;
import org.springframework.context.ApplicationContext; import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware; import org.springframework.context.ApplicationContextAware;
@@ -104,17 +106,39 @@ public class RecordReadersDynamicAuthority implements DynamicAuthority, RecordsM
{ {
if (getNodeService().hasAspect(nodeRef, ASPECT_EXTENDED_RECORD_SECURITY) == true) if (getNodeService().hasAspect(nodeRef, ASPECT_EXTENDED_RECORD_SECURITY) == true)
{ {
result = true; List<String> readers = (List<String>)nodeService.getProperty(nodeRef, PROP_READERS);
for (String reader : readers)
System.out.println("Setting hasAuthority to true! - " + userName + " - " + nodeRef.toString()); {
if (reader.startsWith("GROUP_") == true)
// Set<String> readers = (Set<String>)nodeService.getProperty(nodeRef, PROP_READERS); {
// for (String reader : readers) Set<String> contained = getAuthorityService().getContainedAuthorities(AuthorityType.USER, reader, false);
// { if (contained.isEmpty() == false &&
// // check to see if the user is one of the readers or is contained there within contained.contains(userName) == true)
// } {
System.out.println("User " + userName + " is contained in the read group " + reader);
result = true;
break;
}
}
else
{
// presume we have a user
if (reader.equals(userName) == true)
{
System.out.println("User " + userName + " matches read user " + reader);
result = true;
break;
}
}
}
} }
} }
else if (FilePlanComponentKind.FILE_PLAN.equals(kind) == true)
{
result = true;
}
return result; return result;
} }

4
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/record/RecordService.java
View File

@@ -49,9 +49,9 @@ public interface RecordService
// TODO boolean isRecordFiled(NodeRef record); // TODO boolean isRecordFiled(NodeRef record);
// TODO boolean isRecordClassified(NodeRef record); // TODO boolean isRecordClassified(NodeRef record);
NodeRef getNewRecordContainer(NodeRef filePlan); // NodeRef getNewRecordContainer(NodeRef filePlan);
NodeRef createRecord(NodeRef filePlan, NodeRef document); //NodeRef createRecord(NodeRef filePlan, NodeRef document);
// TODO NodeRef createAndFileRecord(NodeRef recordFolder, NodeRef document); // TODO NodeRef createAndFileRecord(NodeRef recordFolder, NodeRef document);

113
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/record/RecordServiceImpl.java
View File

@@ -20,7 +20,6 @@ package org.alfresco.module.org_alfresco_module_rm.record;
import java.util.Collection; import java.util.Collection;
import java.util.HashSet; import java.util.HashSet;
import java.util.List;
import java.util.Set; import java.util.Set;
import org.alfresco.error.AlfrescoRuntimeException; import org.alfresco.error.AlfrescoRuntimeException;
@@ -31,6 +30,8 @@ import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
import org.alfresco.repo.policy.JavaBehaviour; import org.alfresco.repo.policy.JavaBehaviour;
import org.alfresco.repo.policy.PolicyComponent; import org.alfresco.repo.policy.PolicyComponent;
import org.alfresco.repo.policy.Behaviour.NotificationFrequency; import org.alfresco.repo.policy.Behaviour.NotificationFrequency;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
import org.alfresco.service.cmr.dictionary.AspectDefinition; import org.alfresco.service.cmr.dictionary.AspectDefinition;
import org.alfresco.service.cmr.dictionary.DictionaryService; import org.alfresco.service.cmr.dictionary.DictionaryService;
import org.alfresco.service.cmr.repository.ChildAssociationRef; import org.alfresco.service.cmr.repository.ChildAssociationRef;
@@ -38,7 +39,6 @@ import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService; import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.namespace.NamespaceService; import org.alfresco.service.namespace.NamespaceService;
import org.alfresco.service.namespace.QName; import org.alfresco.service.namespace.QName;
import org.alfresco.service.namespace.RegexQNamePattern;
/** /**
* @author Roy Wetherall * @author Roy Wetherall
@@ -93,22 +93,31 @@ public class RecordServiceImpl implements RecordService, RecordsManagementModel
new JavaBehaviour(this, "onCreateNewRecord", NotificationFrequency.TRANSACTION_COMMIT)); new JavaBehaviour(this, "onCreateNewRecord", NotificationFrequency.TRANSACTION_COMMIT));
} }
public void onCreateNewRecord(ChildAssociationRef childAssocRef, boolean bNew) public void onCreateNewRecord(final ChildAssociationRef childAssocRef, boolean bNew)
{ {
NodeRef nodeRef = childAssocRef.getChildRef(); AuthenticationUtil.runAsSystem(new RunAsWork<Void>()
if (nodeService.exists(nodeRef) == true)
{ {
QName type = nodeService.getType(nodeRef); @Override
if (ContentModel.TYPE_CONTENT.equals(type) == true || public Void doWork() throws Exception
dictionaryService.isSubClass(type, ContentModel.TYPE_CONTENT) == true)
{ {
makeRecord(nodeRef); NodeRef nodeRef = childAssocRef.getChildRef();
} if (nodeService.exists(nodeRef) == true)
else {
{ QName type = nodeService.getType(nodeRef);
throw new AlfrescoRuntimeException("Only content can be created as a record."); if (ContentModel.TYPE_CONTENT.equals(type) == true ||
} dictionaryService.isSubClass(type, ContentModel.TYPE_CONTENT) == true)
} {
makeRecord(nodeRef);
}
else
{
throw new AlfrescoRuntimeException("Only content can be created as a record.");
}
}
return null;
}
});
} }
/** /**
@@ -147,44 +156,44 @@ public class RecordServiceImpl implements RecordService, RecordsManagementModel
/** /**
* @see org.alfresco.module.org_alfresco_module_rm.record.RecordService#getNewRecordContainer(org.alfresco.service.cmr.repository.NodeRef) * @see org.alfresco.module.org_alfresco_module_rm.record.RecordService#getNewRecordContainer(org.alfresco.service.cmr.repository.NodeRef)
*/ */
public NodeRef getNewRecordContainer(NodeRef filePlan) // public NodeRef getNewRecordContainer(NodeRef filePlan)
{ // {
NodeRef result = null; // NodeRef result = null;
//
if (recordsManagementService.isFilePlan(filePlan) == true) // if (recordsManagementService.isFilePlan(filePlan) == true)
{ // {
List<ChildAssociationRef> assocs = nodeService.getChildAssocs(filePlan, ASSOC_NEW_RECORDS, RegexQNamePattern.MATCH_ALL); // List<ChildAssociationRef> assocs = nodeService.getChildAssocs(filePlan, ASSOC_NEW_RECORDS, RegexQNamePattern.MATCH_ALL);
if (assocs.size() != 1) // if (assocs.size() != 1)
{ // {
throw new AlfrescoRuntimeException("Error getting the new record container, because the container cannot be indentified."); // throw new AlfrescoRuntimeException("Error getting the new record container, because the container cannot be indentified.");
} // }
result = assocs.get(0).getChildRef(); // result = assocs.get(0).getChildRef();
} // }
//
return result; // return result;
} // }
@Override // @Override
public NodeRef createRecord(NodeRef filePlan, NodeRef document) // public NodeRef createRecord(NodeRef filePlan, NodeRef document)
{ // {
// get the documents primary parent assoc // // get the documents primary parent assoc
ChildAssociationRef parentAssoc = nodeService.getPrimaryParent(document); // ChildAssociationRef parentAssoc = nodeService.getPrimaryParent(document);
//
/// get the new record container for the file plan // /// get the new record container for the file plan
NodeRef newRecordContainer = getNewRecordContainer(filePlan); // NodeRef newRecordContainer = getNewRecordContainer(filePlan);
if (newRecordContainer == null) // if (newRecordContainer == null)
{ // {
throw new AlfrescoRuntimeException("Unable to create record, because new record container could not be found."); // throw new AlfrescoRuntimeException("Unable to create record, because new record container could not be found.");
} // }
//
// move the document into the file plan // // move the document into the file plan
nodeService.moveNode(document, newRecordContainer, ContentModel.ASSOC_CONTAINS, parentAssoc.getQName()); // nodeService.moveNode(document, newRecordContainer, ContentModel.ASSOC_CONTAINS, parentAssoc.getQName());
//
// maintain the original primary location // // maintain the original primary location
nodeService.addChild(parentAssoc.getParentRef(), document, parentAssoc.getTypeQName(), parentAssoc.getQName()); // nodeService.addChild(parentAssoc.getParentRef(), document, parentAssoc.getTypeQName(), parentAssoc.getQName());
//
return document; // return document;
} // }
/** /**
* *

166
rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/RecordServiceTestImpl.java Normal file
View File

@@ -0,0 +1,166 @@
/*
* Copyright (C) 2005-2011 Alfresco Software Limited.
*
* This file is part of Alfresco
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
*/
package org.alfresco.module.org_alfresco_module_rm.test.service;
import org.alfresco.model.ContentModel;
import org.alfresco.module.org_alfresco_module_rm.action.dm.CreateRecordAction;
import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
import org.alfresco.module.org_alfresco_module_rm.permission.RecordReadersDynamicAuthority;
import org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.repo.site.SiteModel;
import org.alfresco.repo.site.SiteServiceImpl;
import org.alfresco.service.cmr.action.Action;
import org.alfresco.service.cmr.action.ActionService;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.security.AccessStatus;
import org.alfresco.service.cmr.security.PermissionService;
import org.alfresco.service.cmr.site.SiteInfo;
import org.alfresco.service.cmr.site.SiteService;
import org.alfresco.service.cmr.site.SiteVisibility;
import org.alfresco.service.cmr.tagging.TaggingService;
import org.alfresco.util.GUID;
/**
* Record service implementation unit test.
*
* @author Roy Wetherall
*/
public class RecordServiceTestImpl extends BaseRMTestCase
{
protected static final String COLLABORATION_SITE_ID = "collab-site-id";
protected ActionService dmActionService;
protected TaggingService taggingService;
protected PermissionService dmPermissionService;
protected SiteInfo collaborationSite;
protected NodeRef documentLibrary;
protected NodeRef dmFolder;
protected NodeRef dmDocument;
protected String dmUserName;
protected NodeRef dmUserPerson;
@Override
protected void initServices()
{
super.initServices();
dmActionService = (ActionService)applicationContext.getBean("ActionService");
taggingService = (TaggingService)applicationContext.getBean("TaggingService");
dmPermissionService = (PermissionService)applicationContext.getBean("PermissionService");
}
@Override
protected boolean isUserTest()
{
return true;
}
@Override
protected void setupTestData()
{
super.setupTestData();
doTestInTransaction(new Test<Void>()
{
public Void run()
{
setupCollaborationSiteTestDataImpl();
return null;
}
},
AuthenticationUtil.getSystemUserName());
}
protected void setupCollaborationSiteTestDataImpl()
{
// create collaboration site
collaborationSite = siteService.createSite("preset", COLLABORATION_SITE_ID, "title", "description", SiteVisibility.PRIVATE);
documentLibrary = SiteServiceImpl.getSiteContainer(
COLLABORATION_SITE_ID,
SiteService.DOCUMENT_LIBRARY,
true,
siteService,
transactionService,
taggingService);
assertNotNull("Collaboration site document library component was not successfully created.", documentLibrary);
// create a folder and documents
dmFolder = fileFolderService.create(documentLibrary, "collabFolder", ContentModel.TYPE_FOLDER).getNodeRef();
dmDocument = fileFolderService.create(dmFolder, "collabDocument.txt", ContentModel.TYPE_CONTENT).getNodeRef();
}
@Override
protected void setupTestUsersImpl(NodeRef filePlan)
{
super.setupTestUsersImpl(filePlan);
dmUserName = GUID.generate();
dmUserPerson = createPerson(dmUserName);
siteService.setMembership(COLLABORATION_SITE_ID, dmUserName, SiteModel.SITE_COLLABORATOR);
}
@Override
protected void tearDownImpl()
{
super.tearDownImpl();
siteService.deleteSite(COLLABORATION_SITE_ID);
}
public void testCreateRecordAction()
{
doTestInTransaction(new Test<Void>()
{
public Void run()
{
//assertFalse(rmService.isRecord(dmDocument));
assertEquals(AccessStatus.DENIED, dmPermissionService.hasPermission(dmDocument, RMPermissionModel.READ_RECORDS));
assertEquals(AccessStatus.DENIED, dmPermissionService.hasPermission(filePlan, RMPermissionModel.VIEW_RECORDS));
Action action = dmActionService.createAction(CreateRecordAction.NAME);
dmActionService.executeAction(action, dmDocument);
return null;
}
public void test(Void result) throws Exception
{
assertEquals(AccessStatus.ALLOWED, dmPermissionService.hasPermission(dmDocument, RMPermissionModel.READ_RECORDS));
assertEquals(AccessStatus.ALLOWED, dmPermissionService.hasPermission(filePlan, RMPermissionModel.VIEW_RECORDS));
assertTrue(rmService.isRecord(dmDocument));
};
},
dmUserName);
doTestInTransaction(new Test<Void>()
{
public Void run()
{
return null;
}
});
}
}

41
rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/RecordsManagementServiceImplTest.java
View File

@@ -21,7 +21,6 @@ package org.alfresco.module.org_alfresco_module_rm.test.service;
import java.util.List; import java.util.List;
import java.util.Set; import java.util.Set;
import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.module.org_alfresco_module_rm.FilePlanComponentKind; import org.alfresco.module.org_alfresco_module_rm.FilePlanComponentKind;
import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService; import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService;
import org.alfresco.module.org_alfresco_module_rm.dod5015.DOD5015Model; import org.alfresco.module.org_alfresco_module_rm.dod5015.DOD5015Model;
@@ -612,46 +611,6 @@ public class RecordsManagementServiceImplTest extends BaseRMTestCase
// TODO void testGetRecordFolders(NodeRef record); // TODO void testGetRecordFolders(NodeRef record);
// TODO void testIsRecordDeclared(NodeRef nodeRef);
public void testGetNewRecordsContainer()
{
doTestInTransaction(new Test<Void>()
{
@Override
public Void run()
{
NodeRef result1 = recordService.getNewRecordContainer(filePlan);
assertNotNull(result1);
assertEquals(TYPE_NEW_RECORDS_CONTAINER, nodeService.getType(result1));
assertNull(recordService.getNewRecordContainer(rmContainer));
assertNull(recordService.getNewRecordContainer(rmFolder));
return null;
}
});
// Failure: File plan with no new record container
doTestInTransaction(new FailureTest
(
"The newly created file plan shouldn't yet have a new record container.",
AlfrescoRuntimeException.class
)
{
@Override
public void run()
{
NodeRef newFilePlan = rmService.createFilePlan(folder, GUID.generate());
recordService.getNewRecordContainer(newFilePlan);
}
});
}
public void testCreateRecord()
{
}
/********** RM2 - Multi-hierarchy record taxonomy's **********/ /********** RM2 - Multi-hierarchy record taxonomy's **********/

6
rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/util/BaseRMTestCase.java
View File

@@ -333,9 +333,9 @@ public abstract class BaseRMTestCase extends RetryingTransactionHelperTestCase
// check that the new records container has been created for the file plan // check that the new records container has been created for the file plan
public void test(Void arg0) throws Exception public void test(Void arg0) throws Exception
{ {
NodeRef newRecordsContainer = recordService.getNewRecordContainer(filePlan); // NodeRef newRecordsContainer = recordService.getNewRecordContainer(filePlan);
assertNotNull(newRecordsContainer); // assertNotNull(newRecordsContainer);
assertEquals(TYPE_NEW_RECORDS_CONTAINER, nodeService.getType(newRecordsContainer)); // assertEquals(TYPE_NEW_RECORDS_CONTAINER, nodeService.getType(newRecordsContainer));
}; };
}, },