inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fixed minor issues reported by sonar (Collapsible If Statements)

Browse Source 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@63800 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Tuna Aksoy
2014-03-09 21:33:14 +00:00
parent f52a5c6f5d
commit 5d5d659456
22 changed files with 537 additions and 632 deletions
Download Patch File Download Diff File Expand all files Collapse all files

231
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/impl/DeclareRecordAction.java
View File

@@ -48,151 +48,144 @@ import org.springframework.extensions.surf.util.I18NUtil;
*/ */
public class DeclareRecordAction extends RMActionExecuterAbstractBase public class DeclareRecordAction extends RMActionExecuterAbstractBase
{ {
/** I18N */ /** I18N */
private static final String MSG_UNDECLARED_ONLY_RECORDS = "rm.action.undeclared-only-records"; private static final String MSG_UNDECLARED_ONLY_RECORDS = "rm.action.undeclared-only-records";
private static final String MSG_NO_DECLARE_MAND_PROP = "rm.action.no-declare-mand-prop"; private static final String MSG_NO_DECLARE_MAND_PROP = "rm.action.no-declare-mand-prop";
/** Logger */ /** Logger */
private static Log logger = LogFactory.getLog(DeclareRecordAction.class); private static Log logger = LogFactory.getLog(DeclareRecordAction.class);
/** /**
* @see org.alfresco.repo.action.executer.ActionExecuterAbstractBase#executeImpl(org.alfresco.service.cmr.action.Action, org.alfresco.service.cmr.repository.NodeRef) * @see org.alfresco.repo.action.executer.ActionExecuterAbstractBase#executeImpl(org.alfresco.service.cmr.action.Action, org.alfresco.service.cmr.repository.NodeRef)
*/ */
@Override @Override
protected void executeImpl(final Action action, final NodeRef actionedUponNodeRef) protected void executeImpl(final Action action, final NodeRef actionedUponNodeRef)
{ {
if (nodeService.exists(actionedUponNodeRef) == true && if (nodeService.exists(actionedUponNodeRef) == true &&
recordService.isRecord(actionedUponNodeRef) == true && recordService.isRecord(actionedUponNodeRef) == true &&
freezeService.isFrozen(actionedUponNodeRef) == false) freezeService.isFrozen(actionedUponNodeRef) == false)
{ {
if (recordService.isDeclared(actionedUponNodeRef) == false) if (recordService.isDeclared(actionedUponNodeRef) == false)
{
List<String> missingProperties = new ArrayList<String>(5);
// Aspect not already defined - check mandatory properties then add
if (mandatoryPropertiesSet(actionedUponNodeRef, missingProperties) == true)
{ {
recordService.disablePropertyEditableCheck(); List<String> missingProperties = new ArrayList<String>(5);
try // Aspect not already defined - check mandatory properties then add
if (mandatoryPropertiesSet(actionedUponNodeRef, missingProperties) == true)
{ {
// Add the declared aspect recordService.disablePropertyEditableCheck();
Map<QName, Serializable> declaredProps = new HashMap<QName, Serializable>(2); try
declaredProps.put(PROP_DECLARED_AT, new Date());
declaredProps.put(PROP_DECLARED_BY, AuthenticationUtil.getRunAsUser());
this.nodeService.addAspect(actionedUponNodeRef, ASPECT_DECLARED_RECORD, declaredProps);
AuthenticationUtil.runAsSystem(new RunAsWork<Void>()
{ {
@Override // Add the declared aspect
public Void doWork() throws Exception Map<QName, Serializable> declaredProps = new HashMap<QName, Serializable>(2);
declaredProps.put(PROP_DECLARED_AT, new Date());
declaredProps.put(PROP_DECLARED_BY, AuthenticationUtil.getRunAsUser());
this.nodeService.addAspect(actionedUponNodeRef, ASPECT_DECLARED_RECORD, declaredProps);
AuthenticationUtil.runAsSystem(new RunAsWork<Void>()
{ {
// remove all owner related rights @Override
ownableService.setOwner(actionedUponNodeRef, OwnableService.NO_OWNER); public Void doWork() throws Exception
return null; {
} // remove all owner related rights
}); ownableService.setOwner(actionedUponNodeRef, OwnableService.NO_OWNER);
return null;
}
});
}
finally
{
recordService.enablePropertyEditableCheck();
}
} }
finally else
{ {
recordService.enablePropertyEditableCheck(); logger.debug(buildMissingPropertiesErrorString(missingProperties));
action.setParameterValue(ActionExecuterAbstractBase.PARAM_RESULT, "missingProperties");
} }
} }
else }
{ else
logger.debug(buildMissingPropertiesErrorString(missingProperties)); {
action.setParameterValue(ActionExecuterAbstractBase.PARAM_RESULT, "missingProperties");
}
}
}
else
{
if (logger.isWarnEnabled()) if (logger.isWarnEnabled())
{ {
logger.warn(I18NUtil.getMessage(MSG_UNDECLARED_ONLY_RECORDS, actionedUponNodeRef.toString())); logger.warn(I18NUtil.getMessage(MSG_UNDECLARED_ONLY_RECORDS, actionedUponNodeRef.toString()));
} }
} }
}
private String buildMissingPropertiesErrorString(List<String> missingProperties)
{
StringBuilder builder = new StringBuilder(255);
builder.append(I18NUtil.getMessage(MSG_NO_DECLARE_MAND_PROP));
builder.append(" ");
for (String missingProperty : missingProperties)
{
builder.append(missingProperty)
.append(", ");
}
return builder.toString();
} }
/** private String buildMissingPropertiesErrorString(List<String> missingProperties)
* Helper method to check whether all the mandatory properties of the node have been set {
* StringBuilder builder = new StringBuilder(255);
* @param nodeRef node reference builder.append(I18NUtil.getMessage(MSG_NO_DECLARE_MAND_PROP));
* @return boolean true if all mandatory properties are set, false otherwise builder.append(" ");
*/ for (String missingProperty : missingProperties)
private boolean mandatoryPropertiesSet(NodeRef nodeRef, List<String> missingProperties) {
{ builder.append(missingProperty).append(", ");
boolean result = true; }
return builder.toString();
}
Map<QName, Serializable> nodeRefProps = this.nodeService.getProperties(nodeRef); /**
* Helper method to check whether all the mandatory properties of the node have been set
*
* @param nodeRef node reference
* @return boolean true if all mandatory properties are set, false otherwise
*/
private boolean mandatoryPropertiesSet(NodeRef nodeRef, List<String> missingProperties)
{
boolean result = true;
QName nodeRefType = this.nodeService.getType(nodeRef); Map<QName, Serializable> nodeRefProps = this.nodeService.getProperties(nodeRef);
TypeDefinition typeDef = this.dictionaryService.getType(nodeRefType); QName nodeRefType = this.nodeService.getType(nodeRef);
for (PropertyDefinition propDef : typeDef.getProperties().values())
{ TypeDefinition typeDef = this.dictionaryService.getType(nodeRefType);
if (propDef.isMandatory() == true) for (PropertyDefinition propDef : typeDef.getProperties().values())
{ {
if (nodeRefProps.get(propDef.getName()) == null) if (propDef.isMandatory() && nodeRefProps.get(propDef.getName()) == null)
{ {
logMissingProperty(propDef, missingProperties); logMissingProperty(propDef, missingProperties);
result = false; result = false;
break; break;
} }
} }
}
if (result != false) if (result != false)
{ {
Set<QName> aspects = this.nodeService.getAspects(nodeRef); Set<QName> aspects = this.nodeService.getAspects(nodeRef);
for (QName aspect : aspects) for (QName aspect : aspects)
{
AspectDefinition aspectDef = this.dictionaryService.getAspect(aspect);
for (PropertyDefinition propDef : aspectDef.getProperties().values())
{ {
if (propDef.isMandatory() == true) AspectDefinition aspectDef = this.dictionaryService.getAspect(aspect);
{ for (PropertyDefinition propDef : aspectDef.getProperties().values())
if (nodeRefProps.get(propDef.getName()) == null) {
{ if (propDef.isMandatory() && nodeRefProps.get(propDef.getName()) == null)
logMissingProperty(propDef, missingProperties); {
logMissingProperty(propDef, missingProperties);
result = false; result = false;
break; break;
} }
} }
} }
} }
}
return result; return result;
} }
/** /**
* Log information about missing properties. * Log information about missing properties.
* *
* @param propDef property definition * @param propDef property definition
* @param missingProperties missing properties * @param missingProperties missing properties
*/ */
private void logMissingProperty(PropertyDefinition propDef, List<String> missingProperties) private void logMissingProperty(PropertyDefinition propDef, List<String> missingProperties)
{ {
if (logger.isWarnEnabled()) if (logger.isWarnEnabled())
{ {
StringBuilder msg = new StringBuilder(); StringBuilder msg = new StringBuilder();
msg.append("Mandatory property missing: ").append(propDef.getName()); msg.append("Mandatory property missing: ").append(propDef.getName());
logger.warn(msg.toString()); logger.warn(msg.toString());
} }
missingProperties.add(propDef.getName().toString()); missingProperties.add(propDef.getName().toString());
} }
} }

74
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/impl/FileToAction.java
View File

@@ -74,50 +74,48 @@ public class FileToAction extends RMActionExecuterAbstractBase
@Override @Override
protected void executeImpl(final Action action, final NodeRef actionedUponNodeRef) protected void executeImpl(final Action action, final NodeRef actionedUponNodeRef)
{ {
if (nodeService.exists(actionedUponNodeRef) == true && if (nodeService.exists(actionedUponNodeRef) &&
freezeService.isFrozen(actionedUponNodeRef) == false) freezeService.isFrozen(actionedUponNodeRef) == false &&
recordService.isFiled(actionedUponNodeRef) == false)
{ {
if (recordService.isFiled(actionedUponNodeRef) == false) // first look to see if the destination record folder has been specified
NodeRef recordFolder = (NodeRef)action.getParameterValue(PARAM_DESTINATION_RECORD_FOLDER);
if (recordFolder == null)
{ {
// first look to see if the destination record folder has been specified // get the reference to the record folder based on the relative path
NodeRef recordFolder = (NodeRef)action.getParameterValue(PARAM_DESTINATION_RECORD_FOLDER); recordFolder = createOrResolveRecordFolder(action, actionedUponNodeRef);
if (recordFolder == null) }
{
// get the reference to the record folder based on the relative path
recordFolder = createOrResolveRecordFolder(action, actionedUponNodeRef);
}
if (recordFolder == null) if (recordFolder == null)
{ {
throw new AlfrescoRuntimeException("Unable to execute file to action, because the destination record folder could not be determined."); throw new AlfrescoRuntimeException("Unable to execute file to action, because the destination record folder could not be determined.");
} }
if (recordFolderService.isRecordFolder(recordFolder) == true) if (recordFolderService.isRecordFolder(recordFolder))
{ {
final NodeRef finalRecordFolder = recordFolder; final NodeRef finalRecordFolder = recordFolder;
AuthenticationUtil.runAsSystem(new RunAsWork<Void>() AuthenticationUtil.runAsSystem(new RunAsWork<Void>()
{
@Override
public Void doWork() throws Exception
{ {
@Override try
public Void doWork() throws Exception
{ {
try fileFolderService.move(actionedUponNodeRef, finalRecordFolder, null);
{
fileFolderService.move(actionedUponNodeRef, finalRecordFolder, null);
}
catch (FileNotFoundException fileNotFound)
{
throw new AlfrescoRuntimeException("Unable to execute file to action, because the move operation failed.", fileNotFound);
}
return null;
} }
}); catch (FileNotFoundException fileNotFound)
} {
else throw new AlfrescoRuntimeException("Unable to execute file to action, because the move operation failed.", fileNotFound);
{ }
throw new AlfrescoRuntimeException("Unable to execute file to action, becuase the destination was not a record folder.");
} return null;
}
});
}
else
{
throw new AlfrescoRuntimeException("Unable to execute file to action, becuase the destination was not a record folder.");
} }
} }
} }
@@ -164,7 +162,7 @@ public class FileToAction extends RMActionExecuterAbstractBase
if (recordFolder == null) if (recordFolder == null)
{ {
if (create == true) if (create)
{ {
// get the parent into which we are going to create the new record folder // get the parent into which we are going to create the new record folder
NodeRef parent = resolveParent(context, pathValues, create); NodeRef parent = resolveParent(context, pathValues, create);
@@ -259,7 +257,7 @@ public class FileToAction extends RMActionExecuterAbstractBase
{ {
NodeRef result = null; NodeRef result = null;
if (ArrayUtils.isEmpty(pathValues) == true) if (ArrayUtils.isEmpty(pathValues))
{ {
// this should never occur since if the path is empty then the context it the resolution of the // this should never occur since if the path is empty then the context it the resolution of the
// path .. the context must already exist // path .. the context must already exist

49
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/admin/RecordsManagementAdminServiceImpl.java
View File

@@ -306,9 +306,9 @@ public class RecordsManagementAdminServiceImpl implements RecordsManagementAdmin
@Override @Override
public Void doWork() throws Exception public Void doWork() throws Exception
{ {
if (nodeService.exists(nodeRef) == true && if (nodeService.exists(nodeRef) &&
dictionaryService.getAllModels().contains(RM_CUSTOM_MODEL) == true && dictionaryService.getAllModels().contains(RM_CUSTOM_MODEL) &&
isCustomisable(aspectTypeQName) == true) isCustomisable(aspectTypeQName))
{ {
QName customPropertyAspect = getCustomAspect(aspectTypeQName); QName customPropertyAspect = getCustomAspect(aspectTypeQName);
nodeService.addAspect(nodeRef, customPropertyAspect, null); nodeService.addAspect(nodeRef, customPropertyAspect, null);
@@ -336,8 +336,8 @@ public class RecordsManagementAdminServiceImpl implements RecordsManagementAdmin
@Override @Override
public Void doWork() throws Exception public Void doWork() throws Exception
{ {
if (nodeService.exists(nodeRef) == true && if (nodeService.exists(nodeRef) &&
isCustomisable(aspectTypeQName) == true) isCustomisable(aspectTypeQName))
{ {
QName customPropertyAspect = getCustomAspect(aspectTypeQName); QName customPropertyAspect = getCustomAspect(aspectTypeQName);
nodeService.removeAspect(nodeRef, customPropertyAspect); nodeService.removeAspect(nodeRef, customPropertyAspect);
@@ -367,13 +367,13 @@ public class RecordsManagementAdminServiceImpl implements RecordsManagementAdmin
@Override @Override
public Void doWork() throws Exception public Void doWork() throws Exception
{ {
if (dictionaryService.getAllModels().contains(RecordsManagementCustomModel.RM_CUSTOM_MODEL) == true) if (dictionaryService.getAllModels().contains(RecordsManagementCustomModel.RM_CUSTOM_MODEL))
{ {
NodeRef nodeRef = childAssocRef.getChildRef(); NodeRef nodeRef = childAssocRef.getChildRef();
QName type = nodeService.getType(nodeRef); QName type = nodeService.getType(nodeRef);
while (type != null && ContentModel.TYPE_CMOBJECT.equals(type) == false) while (type != null && ContentModel.TYPE_CMOBJECT.equals(type) == false)
{ {
if (isCustomisable(type) == true) if (isCustomisable(type))
{ {
QName customPropertyAspect = getCustomAspect(type); QName customPropertyAspect = getCustomAspect(type);
nodeService.addAspect(nodeRef, customPropertyAspect, null); nodeService.addAspect(nodeRef, customPropertyAspect, null);
@@ -438,7 +438,7 @@ public class RecordsManagementAdminServiceImpl implements RecordsManagementAdmin
while (type != null && ContentModel.TYPE_CMOBJECT.equals(type) == false) while (type != null && ContentModel.TYPE_CMOBJECT.equals(type) == false)
{ {
// Add to the list if the type is customisable // Add to the list if the type is customisable
if (isCustomisable(type) == true) if (isCustomisable(type))
{ {
result.add(type); result.add(type);
} }
@@ -463,7 +463,7 @@ public class RecordsManagementAdminServiceImpl implements RecordsManagementAdmin
while (tempAspect != null) while (tempAspect != null)
{ {
// Add to the list if the aspect is customisable // Add to the list if the aspect is customisable
if (isCustomisable(tempAspect) == true) if (isCustomisable(tempAspect))
{ {
result.add(tempAspect); result.add(tempAspect);
} }
@@ -499,33 +499,31 @@ public class RecordsManagementAdminServiceImpl implements RecordsManagementAdmin
{ {
AspectDefinition aspectDef = dictionaryService.getAspect(aspect); AspectDefinition aspectDef = dictionaryService.getAspect(aspect);
String name = aspectDef.getName().getLocalName(); String name = aspectDef.getName().getLocalName();
if (name.endsWith("Properties") == true) if (name.endsWith("Properties"))
{ {
QName type = null; QName type = null;
String prefixString = aspectDef.getDescription(dictionaryService); String prefixString = aspectDef.getDescription(dictionaryService);
if (prefixString == null) if (prefixString == null)
{ {
// Backward compatibility from previous RM V1.0 custom models // Backward compatibility from previous RM V1.0 custom models
if (CompatibilityModel.NAME_CUSTOM_RECORD_PROPERTIES.equals(name) == true) if (CompatibilityModel.NAME_CUSTOM_RECORD_PROPERTIES.equals(name))
{ {
type = RecordsManagementModel.ASPECT_RECORD; type = RecordsManagementModel.ASPECT_RECORD;
} }
else if (CompatibilityModel.NAME_CUSTOM_RECORD_FOLDER_PROPERTIES.equals(name) == true) else if (CompatibilityModel.NAME_CUSTOM_RECORD_FOLDER_PROPERTIES.equals(name))
{ {
type = RecordsManagementModel.TYPE_RECORD_FOLDER; type = RecordsManagementModel.TYPE_RECORD_FOLDER;
} }
else if (CompatibilityModel.NAME_CUSTOM_RECORD_CATEGORY_PROPERTIES.equals(name) == true) else if (CompatibilityModel.NAME_CUSTOM_RECORD_CATEGORY_PROPERTIES.equals(name))
{ {
type = RecordsManagementModel.TYPE_RECORD_CATEGORY; type = RecordsManagementModel.TYPE_RECORD_CATEGORY;
} }
else if (CompatibilityModel.NAME_CUSTOM_RECORD_SERIES_PROPERTIES.equals(name) == true) else if (CompatibilityModel.NAME_CUSTOM_RECORD_SERIES_PROPERTIES.equals(name) &&
// Only add the deprecated record series type as customisable if
// a v1.0 installation has added custom properties
aspectDef.getProperties().size() != 0)
{ {
// Only add the deprecated record series type as customisable if type = CompatibilityModel.TYPE_RECORD_SERIES;
// a v1.0 installation has added custom properties
if (aspectDef.getProperties().size() != 0)
{
type = CompatibilityModel.TYPE_RECORD_SERIES;
}
} }
} }
else else
@@ -539,7 +537,7 @@ public class RecordsManagementAdminServiceImpl implements RecordsManagementAdmin
customisableTypes.put(type, aspect); customisableTypes.put(type, aspect);
// Remove customisable type from the pending list // Remove customisable type from the pending list
if (pendingCustomisableTypes != null && pendingCustomisableTypes.contains(type) == true) if (pendingCustomisableTypes != null && pendingCustomisableTypes.contains(type))
{ {
pendingCustomisableTypes.remove(type); pendingCustomisableTypes.remove(type);
} }
@@ -692,7 +690,7 @@ public class RecordsManagementAdminServiceImpl implements RecordsManagementAdmin
ParameterCheck.mandatory("propertyName", propertyName); ParameterCheck.mandatory("propertyName", propertyName);
boolean result = false; boolean result = false;
if (RM_CUSTOM_URI.equals(propertyName.getNamespaceURI()) == true && if (RM_CUSTOM_URI.equals(propertyName.getNamespaceURI()) &&
dictionaryService.getProperty(propertyName) != null) dictionaryService.getProperty(propertyName) != null)
{ {
result = true; result = true;
@@ -1403,12 +1401,9 @@ public class RecordsManagementAdminServiceImpl implements RecordsManagementAdmin
for (M2ClassAssociation assoc : customAssocsAspect.getAssociations()) for (M2ClassAssociation assoc : customAssocsAspect.getAssociations())
{ {
if (refQName.toPrefixString(namespaceService).equals(assoc.getName())) if (refQName.toPrefixString(namespaceService).equals(assoc.getName()) && newTitle != null)
{ {
if (newTitle != null) assoc.setTitle(newTitle);
{
assoc.setTitle(newTitle);
}
} }
} }
writeCustomContentModel(modelRef, deserializedModel); writeCustomContentModel(modelRef, deserializedModel);

7
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/CapabilityServiceImpl.java
View File

@@ -212,12 +212,9 @@ public class CapabilityServiceImpl implements CapabilityService
for (Capability capability : getCapabilities()) for (Capability capability : getCapabilities())
{ {
Group group = capability.getGroup(); Group group = capability.getGroup();
if (group != null) if (group != null && group.getId().equalsIgnoreCase(id))
{ {
if (group.getId().equalsIgnoreCase(id)) capabilities.add(capability);
{
capabilities.add(capability);
}
} }
} }

29
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/RMSecurityCommon.java
View File

@@ -331,28 +331,25 @@ public class RMSecurityCommon implements ApplicationContextAware
} }
} }
} }
else if (AssociationRef.class.isAssignableFrom(params[position])) else if (AssociationRef.class.isAssignableFrom(params[position]) && invocation.getArguments()[position] != null)
{ {
if (invocation.getArguments()[position] != null) if (parent)
{ {
if (parent) testNodeRef = ((AssociationRef) invocation.getArguments()[position]).getSourceRef();
}
else
{
testNodeRef = ((AssociationRef) invocation.getArguments()[position]).getTargetRef();
}
if (logger.isDebugEnabled())
{
if (nodeService.exists(testNodeRef))
{ {
testNodeRef = ((AssociationRef) invocation.getArguments()[position]).getSourceRef(); logger.debug("\tPermission test on node " + nodeService.getPath(testNodeRef));
} }
else else
{ {
testNodeRef = ((AssociationRef) invocation.getArguments()[position]).getTargetRef(); logger.debug("\tPermission test on non-existing node " + testNodeRef);
}
if (logger.isDebugEnabled())
{
if (nodeService.exists(testNodeRef))
{
logger.debug("\tPermission test on node " + nodeService.getPath(testNodeRef));
}
else
{
logger.debug("\tPermission test on non-existing node " + testNodeRef);
}
} }
} }
} }

7
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/declarative/condition/HasDispositionDateCapabilityCondition.java
View File

@@ -57,12 +57,9 @@ public class HasDispositionDateCapabilityCondition extends AbstractCapabilityCon
result = true; result = true;
} }
} }
else if (filePlanService.isFilePlanComponent(nodeRef)) else if (filePlanService.isFilePlanComponent(nodeRef) && nodeService.getProperty(nodeRef, PROP_DISPOSITION_AS_OF) != null)
{ {
if (nodeService.getProperty(nodeRef, PROP_DISPOSITION_AS_OF) != null) result = true;
{
result = true;
}
} }
return result; return result;

18
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/declarative/condition/MayBeScheduledCapabilityCondition.java
View File

@@ -62,20 +62,16 @@ public class MayBeScheduledCapabilityCondition extends AbstractCapabilityConditi
boolean result = false; boolean result = false;
DispositionSchedule dispositionSchedule = dispositionService.getDispositionSchedule(nodeRef); DispositionSchedule dispositionSchedule = dispositionService.getDispositionSchedule(nodeRef);
if (dispositionSchedule != null) if (dispositionSchedule != null && checkDispositionLevel(nodeRef, dispositionSchedule))
{ {
if (checkDispositionLevel(nodeRef, dispositionSchedule) == true) for (DispositionActionDefinition dispositionActionDefinition : dispositionSchedule.getDispositionActionDefinitions())
{ {
for (DispositionActionDefinition dispositionActionDefinition : dispositionSchedule.getDispositionActionDefinitions()) if (dispositionActionDefinition.getName().equals(dispositionAction))
{ {
if (dispositionActionDefinition.getName().equals(dispositionAction) == true) result = true;
{ break;
result = true;
break;
}
} }
} }
} }
return result; return result;
} }
@@ -91,11 +87,11 @@ public class MayBeScheduledCapabilityCondition extends AbstractCapabilityConditi
{ {
boolean result = false; boolean result = false;
boolean isRecordLevelDisposition = dispositionSchedule.isRecordLevelDisposition(); boolean isRecordLevelDisposition = dispositionSchedule.isRecordLevelDisposition();
if (recordService.isRecord(nodeRef) == true && isRecordLevelDisposition == true) if (recordService.isRecord(nodeRef) && isRecordLevelDisposition)
{ {
result = true; result = true;
} }
else if (recordFolderService.isRecordFolder(nodeRef) == true && isRecordLevelDisposition == false) else if (recordFolderService.isRecordFolder(nodeRef) && isRecordLevelDisposition == false)
{ {
result = true; result = true;

22
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/ChangeOrDeleteReferencesCapability.java
View File

@@ -49,25 +49,21 @@ public class ChangeOrDeleteReferencesCapability extends DeclarativeCapability
{ {
if (target != null) if (target != null)
{ {
if (getFilePlanService().isFilePlanComponent(target) == true) if (getFilePlanService().isFilePlanComponent(target) &&
checkConditions(source) &&
checkConditions(target) &&
checkPermissions(source) &&
checkPermissions(target))
{ {
if (checkConditions(source) == true && checkConditions(target) == true) return AccessDecisionVoter.ACCESS_GRANTED;
{
if (checkPermissions(source) == true && checkPermissions(target) == true)
{
return AccessDecisionVoter.ACCESS_GRANTED;
}
}
} }
} }
else else
{ {
if (checkConditions(source) == true) if (checkConditions(source) &&
checkPermissions(source))
{ {
if (checkPermissions(source) == true) return AccessDecisionVoter.ACCESS_GRANTED;
{
return AccessDecisionVoter.ACCESS_GRANTED;
}
} }
} }

59
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/CreateCapability.java
View File

@@ -93,24 +93,21 @@ public class CreateCapability extends DeclarativeCapability
{ {
if ((assocType == null) || assocType.equals(ContentModel.ASSOC_CONTAINS) == false) if ((assocType == null) || assocType.equals(ContentModel.ASSOC_CONTAINS) == false)
{ {
if(linkee == null) if(linkee == null &&
recordService.isRecord(destination) &&
recordService.isDeclared(destination) == false &&
permissionService.hasPermission(destination, RMPermissionModel.FILE_RECORDS) == AccessStatus.ALLOWED)
{ {
if(recordService.isRecord(destination) && recordService.isDeclared(destination) == false) return AccessDecisionVoter.ACCESS_GRANTED;
{
if (permissionService.hasPermission(destination, RMPermissionModel.FILE_RECORDS) == AccessStatus.ALLOWED)
{
return AccessDecisionVoter.ACCESS_GRANTED;
}
}
} }
else else
{ {
if(recordService.isRecord(linkee) && recordService.isRecord(destination) && recordService.isDeclared(destination) == false) if (recordService.isRecord(linkee) &&
recordService.isRecord(destination) &&
recordService.isDeclared(destination) == false &&
permissionService.hasPermission(destination, RMPermissionModel.FILE_RECORDS) == AccessStatus.ALLOWED)
{ {
if (permissionService.hasPermission(destination, RMPermissionModel.FILE_RECORDS) == AccessStatus.ALLOWED) return AccessDecisionVoter.ACCESS_GRANTED;
{
return AccessDecisionVoter.ACCESS_GRANTED;
}
} }
} }
@@ -123,40 +120,28 @@ public class CreateCapability extends DeclarativeCapability
conditions.put("capabilityCondition.closed", Boolean.FALSE); conditions.put("capabilityCondition.closed", Boolean.FALSE);
conditions.put("capabilityCondition.cutoff", Boolean.FALSE); conditions.put("capabilityCondition.cutoff", Boolean.FALSE);
if (checkConditions(destination, conditions) == true) if (checkConditions(destination, conditions) &&
recordFolderService.isRecordFolder(destination) &&
permissionService.hasPermission(destination, RMPermissionModel.FILE_RECORDS) == AccessStatus.ALLOWED)
{ {
if (recordFolderService.isRecordFolder(destination)) return AccessDecisionVoter.ACCESS_GRANTED;
{
if (permissionService.hasPermission(destination, RMPermissionModel.FILE_RECORDS) == AccessStatus.ALLOWED)
{
return AccessDecisionVoter.ACCESS_GRANTED;
}
}
} }
conditions.put("capabilityCondition.closed", Boolean.TRUE); conditions.put("capabilityCondition.closed", Boolean.TRUE);
if (checkConditions(destination, conditions) == true) if (checkConditions(destination, conditions) &&
recordFolderService.isRecordFolder(destination) &&
permissionService.hasPermission(getFilePlanService().getFilePlan(destination), RMPermissionModel.DECLARE_RECORDS_IN_CLOSED_FOLDERS) == AccessStatus.ALLOWED)
{ {
if (recordFolderService.isRecordFolder(destination)) return AccessDecisionVoter.ACCESS_GRANTED;
{
if (permissionService.hasPermission(getFilePlanService().getFilePlan(destination), RMPermissionModel.DECLARE_RECORDS_IN_CLOSED_FOLDERS) == AccessStatus.ALLOWED)
{
return AccessDecisionVoter.ACCESS_GRANTED;
}
}
} }
conditions.remove("capabilityCondition.closed"); conditions.remove("capabilityCondition.closed");
conditions.put("capabilityCondition.cutoff", Boolean.TRUE); conditions.put("capabilityCondition.cutoff", Boolean.TRUE);
if (checkConditions(destination, conditions) == true) if (checkConditions(destination, conditions) &&
recordFolderService.isRecordFolder(destination) &&
permissionService.hasPermission(getFilePlanService().getFilePlan(destination), RMPermissionModel.CREATE_MODIFY_RECORDS_IN_CUTOFF_FOLDERS) == AccessStatus.ALLOWED)
{ {
if (recordFolderService.isRecordFolder(destination)) return AccessDecisionVoter.ACCESS_GRANTED;
{
if (permissionService.hasPermission(getFilePlanService().getFilePlan(destination), RMPermissionModel.CREATE_MODIFY_RECORDS_IN_CUTOFF_FOLDERS) == AccessStatus.ALLOWED)
{
return AccessDecisionVoter.ACCESS_GRANTED;
}
}
} }
} }
if (capabilityService.getCapability(RMPermissionModel.CREATE_MODIFY_DESTROY_FOLDERS).evaluate(destination) == AccessDecisionVoter.ACCESS_GRANTED) if (capabilityService.getCapability(RMPermissionModel.CREATE_MODIFY_DESTROY_FOLDERS).evaluate(destination) == AccessDecisionVoter.ACCESS_GRANTED)

14
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/DeleteLinksCapability.java
View File

@@ -45,15 +45,15 @@ public class DeleteLinksCapability extends DeclarativeCapability
*/ */
public int evaluate(NodeRef source, NodeRef target) public int evaluate(NodeRef source, NodeRef target)
{ {
if (getFilePlanService().isFilePlanComponent(source) == true && if (getFilePlanService().isFilePlanComponent(source) &&
getFilePlanService().isFilePlanComponent(target) == true) getFilePlanService().isFilePlanComponent(target))
{ {
if (checkConditions(source) == true && checkConditions(target) == true) if (checkConditions(source) &&
checkConditions(target) &&
checkPermissions(source) &&
checkPermissions(target))
{ {
if (checkPermissions(source) == true && checkPermissions(target) == true) return AccessDecisionVoter.ACCESS_GRANTED;
{
return AccessDecisionVoter.ACCESS_GRANTED;
}
} }
return AccessDecisionVoter.ACCESS_DENIED; return AccessDecisionVoter.ACCESS_DENIED;
} }

36
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/policy/AbstractBasePolicy.java
View File

@@ -112,13 +112,10 @@ public abstract class AbstractBasePolicy extends RMSecurityCommon
return qname; return qname;
} }
} }
else if (NodeRef.class.isAssignableFrom(params[position])) else if (NodeRef.class.isAssignableFrom(params[position]) && invocation.getArguments()[position] != null)
{ {
if (invocation.getArguments()[position] != null) NodeRef nodeRef = (NodeRef) invocation.getArguments()[position];
{ return nodeService.getType(nodeRef);
NodeRef nodeRef = (NodeRef) invocation.getArguments()[position];
return nodeService.getType(nodeRef);
}
} }
return null; return null;
@@ -134,13 +131,10 @@ public abstract class AbstractBasePolicy extends RMSecurityCommon
@SuppressWarnings("rawtypes") @SuppressWarnings("rawtypes")
protected QName getQName(MethodInvocation invocation, Class[] params, int position) protected QName getQName(MethodInvocation invocation, Class[] params, int position)
{ {
if (QName.class.isAssignableFrom(params[position])) if (QName.class.isAssignableFrom(params[position]) && invocation.getArguments()[position] != null)
{ {
if (invocation.getArguments()[position] != null) QName qname = (QName) invocation.getArguments()[position];
{ return qname;
QName qname = (QName) invocation.getArguments()[position];
return qname;
}
} }
throw new ACLEntryVoterException("Unknown type"); throw new ACLEntryVoterException("Unknown type");
} }
@@ -159,13 +153,10 @@ public abstract class AbstractBasePolicy extends RMSecurityCommon
{ {
return null; return null;
} }
if (Serializable.class.isAssignableFrom(params[position])) if (Serializable.class.isAssignableFrom(params[position]) && invocation.getArguments()[position] != null)
{ {
if (invocation.getArguments()[position] != null) Serializable property = (Serializable) invocation.getArguments()[position];
{ return property;
Serializable property = (Serializable) invocation.getArguments()[position];
return property;
}
} }
throw new ACLEntryVoterException("Unknown type"); throw new ACLEntryVoterException("Unknown type");
} }
@@ -184,13 +175,10 @@ public abstract class AbstractBasePolicy extends RMSecurityCommon
{ {
return null; return null;
} }
if (Map.class.isAssignableFrom(params[position])) if (Map.class.isAssignableFrom(params[position]) && invocation.getArguments()[position] != null)
{ {
if (invocation.getArguments()[position] != null) Map<QName, Serializable> properties = (Map<QName, Serializable>) invocation.getArguments()[position];
{ return properties;
Map<QName, Serializable> properties = (Map<QName, Serializable>) invocation.getArguments()[position];
return properties;
}
} }
throw new ACLEntryVoterException("Unknown type"); throw new ACLEntryVoterException("Unknown type");
} }

14
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/policy/UpdatePolicy.java
View File

@@ -37,20 +37,14 @@ public class UpdatePolicy extends AbstractBasePolicy
{ {
NodeRef updatee = getTestNode(invocation, params, cad.getParameters().get(0), cad.isParent()); NodeRef updatee = getTestNode(invocation, params, cad.getParameters().get(0), cad.isParent());
QName aspectQName = null; QName aspectQName = null;
if (cad.getParameters().size() > 1) if (cad.getParameters().size() > 1 && cad.getParameters().get(1) > -1)
{ {
if (cad.getParameters().get(1) > -1) aspectQName = getQName(invocation, params, cad.getParameters().get(1));
{
aspectQName = getQName(invocation, params, cad.getParameters().get(1));
}
} }
Map<QName, Serializable> properties = null; Map<QName, Serializable> properties = null;
if (cad.getParameters().size() > 2) if (cad.getParameters().size() > 2 && cad.getParameters().get(2) > -1)
{ {
if (cad.getParameters().get(2) > -1) properties = getProperties(invocation, params, cad.getParameters().get(2));
{
properties = getProperties(invocation, params, cad.getParameters().get(2));
}
} }
UpdateCapability updateCapability = (UpdateCapability)capabilityService.getCapability("Update"); UpdateCapability updateCapability = (UpdateCapability)capabilityService.getCapability("Update");

13
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/caveat/RMCaveatConfigComponentImpl.java
View File

@@ -543,16 +543,13 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
List<String> allowedValues = new ArrayList<String>(0); List<String> allowedValues = new ArrayList<String>(0);
String userName = AuthenticationUtil.getRunAsUser(); String userName = AuthenticationUtil.getRunAsUser();
if (userName != null) if (userName != null && !(AuthenticationUtil.isMtEnabled() && AuthenticationUtil.isRunAsUserTheSystemUser()))
{ {
if (! (AuthenticationUtil.isMtEnabled() && AuthenticationUtil.isRunAsUserTheSystemUser())) // note: userName and userGroupNames must not be null
{ caveatConfig.get(constraintName);
// note: userName and userGroupNames must not be null
caveatConfig.get(constraintName);
Set<String> userGroupFullNames = authorityService.getAuthoritiesForUser(userName); Set<String> userGroupFullNames = authorityService.getAuthoritiesForUser(userName);
allowedValues = getRMAllowedValues(userName, userGroupFullNames, constraintName); allowedValues = getRMAllowedValues(userName, userGroupFullNames, constraintName);
}
} }
return allowedValues; return allowedValues;

7
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/caveat/RMCaveatConfigServiceImpl.java
View File

@@ -370,13 +370,10 @@ public class RMCaveatConfigServiceImpl implements RMCaveatConfigService
*/ */
for(String newValue : allowedValueList) for(String newValue : allowedValueList)
{ {
if(!oldAllowedValues.contains(newValue)) if(!oldAllowedValues.contains(newValue) && logger.isDebugEnabled())
{ {
// This is an addition // This is an addition
if(logger.isDebugEnabled()) logger.debug("value added to list:" + listQName + ":" + newValue);
{
logger.debug("value added to list:" + listQName + ":" + newValue);
}
} }
} }

33
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/event/OnReferencedRecordActionedUpon.java
View File

@@ -170,24 +170,21 @@ public class OnReferencedRecordActionedUpon extends SimpleRecordsManagementEvent
{ {
public Object doWork() throws Exception public Object doWork() throws Exception
{ {
if (nodeService.exists(nodeRef) == true) if (nodeService.exists(nodeRef) && name.equals(actionName))
{ {
if (name.equals(actionName) == true) QName type = nodeService.getType(nodeRef);
if (TYPE_TRANSFER.equals(type))
{ {
QName type = nodeService.getType(nodeRef); List<ChildAssociationRef> assocs = nodeService.getChildAssocs(nodeRef, ASSOC_TRANSFERRED, RegexQNamePattern.MATCH_ALL);
if (TYPE_TRANSFER.equals(type) == true) for (ChildAssociationRef assoc : assocs)
{ {
List<ChildAssociationRef> assocs = nodeService.getChildAssocs(nodeRef, ASSOC_TRANSFERRED, RegexQNamePattern.MATCH_ALL); processRecordFolder(assoc.getChildRef());
for (ChildAssociationRef assoc : assocs)
{
processRecordFolder(assoc.getChildRef());
}
}
else
{
processRecordFolder(nodeRef);
} }
} }
else
{
processRecordFolder(nodeRef);
}
} }
return null; return null;
@@ -200,11 +197,11 @@ public class OnReferencedRecordActionedUpon extends SimpleRecordsManagementEvent
private void processRecordFolder(NodeRef recordFolder) private void processRecordFolder(NodeRef recordFolder)
{ {
if (recordService.isRecord(recordFolder) == true) if (recordService.isRecord(recordFolder))
{ {
processRecord(recordFolder); processRecord(recordFolder);
} }
else if (recordFolderService.isRecordFolder(recordFolder) == true) else if (recordFolderService.isRecordFolder(recordFolder))
{ {
for (NodeRef record : recordService.getRecords(recordFolder)) for (NodeRef record : recordService.getRecords(recordFolder))
{ {
@@ -218,7 +215,7 @@ public class OnReferencedRecordActionedUpon extends SimpleRecordsManagementEvent
List<AssociationRef> fromAssocs = recordsManagementAdminService.getCustomReferencesFrom(record); List<AssociationRef> fromAssocs = recordsManagementAdminService.getCustomReferencesFrom(record);
for (AssociationRef fromAssoc : fromAssocs) for (AssociationRef fromAssoc : fromAssocs)
{ {
if (reference.equals(fromAssoc.getTypeQName()) == true) if (reference.equals(fromAssoc.getTypeQName()))
{ {
NodeRef nodeRef = fromAssoc.getTargetRef(); NodeRef nodeRef = fromAssoc.getTargetRef();
doEventComplete(nodeRef); doEventComplete(nodeRef);
@@ -228,7 +225,7 @@ public class OnReferencedRecordActionedUpon extends SimpleRecordsManagementEvent
List<AssociationRef> toAssocs = recordsManagementAdminService.getCustomReferencesTo(record); List<AssociationRef> toAssocs = recordsManagementAdminService.getCustomReferencesTo(record);
for (AssociationRef toAssoc : toAssocs) for (AssociationRef toAssoc : toAssocs)
{ {
if (reference.equals(toAssoc.getTypeQName()) == true) if (reference.equals(toAssoc.getTypeQName()))
{ {
NodeRef nodeRef = toAssoc.getSourceRef(); NodeRef nodeRef = toAssoc.getSourceRef();
doEventComplete(nodeRef); doEventComplete(nodeRef);
@@ -246,7 +243,7 @@ public class OnReferencedRecordActionedUpon extends SimpleRecordsManagementEvent
{ {
RecordsManagementEvent rmEvent = recordsManagementEventService.getEvent(event.getEventName()); RecordsManagementEvent rmEvent = recordsManagementEventService.getEvent(event.getEventName());
if (event.isEventComplete() == false && if (event.isEventComplete() == false &&
rmEvent.getType().equals(getName()) == true) rmEvent.getType().equals(getName()))
{ {
// Complete the event // Complete the event
Map<String, Serializable> params = new HashMap<String, Serializable>(3); Map<String, Serializable> params = new HashMap<String, Serializable>(3);

25
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/job/DispositionLifecycleJobExecuter.java
View File

@@ -112,24 +112,21 @@ public class DispositionLifecycleJobExecuter extends RecordsManagementJobExecute
// Run "retain" and "cutoff" actions. // Run "retain" and "cutoff" actions.
if (dispAction != null) if (dispAction != null && (dispAction.equalsIgnoreCase("cutoff") ||
dispAction.equalsIgnoreCase("retain")))
{ {
if (dispAction.equalsIgnoreCase("cutoff") || ChildAssociationRef parent = nodeService.getPrimaryParent(currentNode);
dispAction.equalsIgnoreCase("retain")) if (parent.getTypeQName().equals(RecordsManagementModel.ASSOC_NEXT_DISPOSITION_ACTION))
{ {
ChildAssociationRef parent = nodeService.getPrimaryParent(currentNode); Map<String, Serializable> props = new HashMap<String, Serializable>(1);
if (parent.getTypeQName().equals(RecordsManagementModel.ASSOC_NEXT_DISPOSITION_ACTION)) props.put(RMDispositionActionExecuterAbstractBase.PARAM_NO_ERROR_CHECK, Boolean.FALSE);
recordsManagementActionService.executeRecordsManagementAction(parent.getParentRef(), dispAction, props);
if (logger.isDebugEnabled())
{ {
Map<String, Serializable> props = new HashMap<String, Serializable>(1); logger.debug("Processed action: " + dispAction + "on" + parent);
props.put(RMDispositionActionExecuterAbstractBase.PARAM_NO_ERROR_CHECK, Boolean.FALSE);
recordsManagementActionService.executeRecordsManagementAction(parent.getParentRef(), dispAction, props);
if (logger.isDebugEnabled())
{
logger.debug("Processed action: " + dispAction + "on" + parent);
}
} }
return null;
} }
return null;
} }
return Boolean.TRUE; return Boolean.TRUE;
} }
@@ -149,7 +146,7 @@ public class DispositionLifecycleJobExecuter extends RecordsManagementJobExecute
} }
catch (AlfrescoRuntimeException exception) catch (AlfrescoRuntimeException exception)
{ {
if (logger.isDebugEnabled() == true) if (logger.isDebugEnabled())
{ {
logger.debug(exception); logger.debug(exception);
} }

10
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/jscript/app/BaseEvaluator.java
View File

@@ -223,13 +223,11 @@ public abstract class BaseEvaluator implements RecordsManagementModel
boolean result = false; boolean result = false;
// Check that we are dealing with the correct kind of RM object // Check that we are dealing with the correct kind of RM object
if (kinds == null || checkKinds(nodeRef) == true) if ((kinds == null || checkKinds(nodeRef) == true) &&
// Check we have the required capabilities
(capabilities == null || checkCapabilities(nodeRef) == true))
{ {
// Check we have the required capabilities result = evaluateImpl(nodeRef);
if (capabilities == null || checkCapabilities(nodeRef) == true)
{
result = evaluateImpl(nodeRef);
}
} }
return result; return result;

78
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/model/security/ModelSecurityServiceImpl.java
View File

@@ -206,7 +206,7 @@ public class ModelSecurityServiceImpl extends BaseBehaviourBean
{ {
for (Capability capability : artifact.getCapabilities()) for (Capability capability : artifact.getCapabilities())
{ {
if (capability.hasPermission(nodeRef).equals(AccessStatus.ALLOWED) == true) if (capability.hasPermission(nodeRef).equals(AccessStatus.ALLOWED))
{ {
result = true; result = true;
break; break;
@@ -277,20 +277,18 @@ public class ModelSecurityServiceImpl extends BaseBehaviourBean
) )
public void beforeAddAspect(NodeRef nodeRef, QName aspect) public void beforeAddAspect(NodeRef nodeRef, QName aspect)
{ {
if (enabled == true) if (enabled &&
{ AuthenticationUtil.getFullyAuthenticatedUser() != null &&
if (AuthenticationUtil.getFullyAuthenticatedUser() != null &&
AuthenticationUtil.isRunAsUserTheSystemUser() == false && AuthenticationUtil.isRunAsUserTheSystemUser() == false &&
isProtectedAspect(aspect) == true && isProtectedAspect(aspect) &&
nodeService.exists(nodeRef) == true && nodeService.exists(nodeRef) &&
canEditProtectedAspect(nodeRef, aspect) == false) canEditProtectedAspect(nodeRef, aspect) == false)
{ {
// the user can't edit the protected aspect // the user can't edit the protected aspect
throw new ModelAccessDeniedException( throw new ModelAccessDeniedException(
"The user " + AuthenticationUtil.getFullyAuthenticatedUser() + "The user " + AuthenticationUtil.getFullyAuthenticatedUser() +
" does not have the permission to add the protected aspect " + aspect.toPrefixString(namespaceService) + " does not have the permission to add the protected aspect " + aspect.toPrefixString(namespaceService) +
" from the node " + nodeRef.toString()); " from the node " + nodeRef.toString());
}
} }
} }
@@ -306,20 +304,18 @@ public class ModelSecurityServiceImpl extends BaseBehaviourBean
) )
public void beforeRemoveAspect(NodeRef nodeRef, QName aspect) public void beforeRemoveAspect(NodeRef nodeRef, QName aspect)
{ {
if (enabled == true) if (enabled &&
{ AuthenticationUtil.getFullyAuthenticatedUser() != null &&
if (AuthenticationUtil.getFullyAuthenticatedUser() != null &&
AuthenticationUtil.isRunAsUserTheSystemUser() == false && AuthenticationUtil.isRunAsUserTheSystemUser() == false &&
isProtectedAspect(aspect) == true && isProtectedAspect(aspect) &&
nodeService.exists(nodeRef) == true && nodeService.exists(nodeRef) &&
canEditProtectedAspect(nodeRef, aspect) == false) canEditProtectedAspect(nodeRef, aspect) == false)
{ {
// the user can't edit the protected aspect // the user can't edit the protected aspect
throw new ModelAccessDeniedException( throw new ModelAccessDeniedException(
"The user " + AuthenticationUtil.getFullyAuthenticatedUser() + "The user " + AuthenticationUtil.getFullyAuthenticatedUser() +
" does not have the permission to remove the protected aspect " + aspect.toPrefixString(namespaceService) + " does not have the permission to remove the protected aspect " + aspect.toPrefixString(namespaceService) +
" from the node " + nodeRef.toString()); " from the node " + nodeRef.toString());
}
} }
} }
@@ -335,31 +331,29 @@ public class ModelSecurityServiceImpl extends BaseBehaviourBean
) )
public void onUpdateProperties(NodeRef nodeRef, Map<QName, Serializable> before, Map<QName, Serializable> after) public void onUpdateProperties(NodeRef nodeRef, Map<QName, Serializable> before, Map<QName, Serializable> after)
{ {
if (enabled == true) if (enabled &&
{ AuthenticationUtil.getFullyAuthenticatedUser() != null &&
if (AuthenticationUtil.getFullyAuthenticatedUser() != null &&
AuthenticationUtil.isRunAsUserTheSystemUser() == false && AuthenticationUtil.isRunAsUserTheSystemUser() == false &&
nodeService.exists(nodeRef) == true) nodeService.exists(nodeRef))
{
for (QName property : after.keySet())
{ {
for (QName property : after.keySet()) if (isProtectedProperty(property))
{ {
if (isProtectedProperty(property) == true) // always allow if this is the first time we are setting the protected property
if (before == null || before.isEmpty() || before.get(property) == null)
{ {
// always allow if this is the first time we are setting the protected property return;
if (before == null || before.isEmpty() || before.get(property) == null) }
{
return;
}
if (EqualsHelper.nullSafeEquals(before.get(property), after.get(property)) == false && if (EqualsHelper.nullSafeEquals(before.get(property), after.get(property)) == false &&
canEditProtectedProperty(nodeRef, property) == false) canEditProtectedProperty(nodeRef, property) == false)
{ {
// the user can't edit the protected property // the user can't edit the protected property
throw new ModelAccessDeniedException( throw new ModelAccessDeniedException(
"The user " + AuthenticationUtil.getFullyAuthenticatedUser() + "The user " + AuthenticationUtil.getFullyAuthenticatedUser() +
" does not have the permission to edit the protected property " + property.toPrefixString(namespaceService) + " does not have the permission to edit the protected property " + property.toPrefixString(namespaceService) +
" on the node " + nodeRef.toString()); " on the node " + nodeRef.toString());
}
} }
} }
} }

64
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/record/RecordServiceImpl.java
View File

@@ -536,46 +536,44 @@ public class RecordServiceImpl extends BaseBehaviourBean
{ {
if (AuthenticationUtil.getFullyAuthenticatedUser() != null && if (AuthenticationUtil.getFullyAuthenticatedUser() != null &&
AuthenticationUtil.isRunAsUserTheSystemUser() == false && AuthenticationUtil.isRunAsUserTheSystemUser() == false &&
nodeService.exists(nodeRef) ) nodeService.exists(nodeRef) &&
isRecord(nodeRef))
{ {
if (isRecord(nodeRef) ) for (QName property : after.keySet())
{ {
for (QName property : after.keySet()) Serializable beforeValue = null;
if (before != null)
{ {
Serializable beforeValue = null; beforeValue = before.get(property);
if (before != null) }
{
beforeValue = before.get(property);
}
Serializable afterValue = null; Serializable afterValue = null;
if (after != null) if (after != null)
{ {
afterValue = after.get(property); afterValue = after.get(property);
} }
boolean propertyUnchanged = false; boolean propertyUnchanged = false;
if (beforeValue != null && afterValue != null && if (beforeValue != null && afterValue != null &&
beforeValue instanceof Date && afterValue instanceof Date) beforeValue instanceof Date && afterValue instanceof Date)
{ {
// deal with date values // deal with date values
propertyUnchanged = (((Date)beforeValue).compareTo((Date)afterValue) == 0); propertyUnchanged = (((Date)beforeValue).compareTo((Date)afterValue) == 0);
} }
else else
{ {
// otherwise // otherwise
propertyUnchanged = EqualsHelper.nullSafeEquals(beforeValue, afterValue); propertyUnchanged = EqualsHelper.nullSafeEquals(beforeValue, afterValue);
} }
if (propertyUnchanged == false && if (propertyUnchanged == false &&
isPropertyEditable(nodeRef, property) == false) isPropertyEditable(nodeRef, property) == false)
{ {
// the user can't edit the record property // the user can't edit the record property
throw new ModelAccessDeniedException( throw new ModelAccessDeniedException(
"The user " + AuthenticationUtil.getFullyAuthenticatedUser() + "The user " + AuthenticationUtil.getFullyAuthenticatedUser() +
" does not have the permission to edit the record property " + property.toString() + " does not have the permission to edit the record property " + property.toString() +
" on the node " + nodeRef.toString()); " on the node " + nodeRef.toString());
}
} }
} }
} }
@@ -1189,12 +1187,10 @@ public class RecordServiceImpl extends BaseBehaviourBean
} }
} }
if (permissionService.hasPermission(filePlan, RMPermissionModel.EDIT_NON_RECORD_METADATA).equals(AccessStatus.ALLOWED)) if (permissionService.hasPermission(filePlan, RMPermissionModel.EDIT_NON_RECORD_METADATA).equals(AccessStatus.ALLOWED) &&
logger.isDebugEnabled())
{ {
if (logger.isDebugEnabled() ) logger.debug(" ... user has the edit non record metadata permission on the file plan");
{
logger.debug(" ... user has the edit non record metadata permission on the file plan");
}
} }
// END DEBUG ... // END DEBUG ...

32
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/ExtendedSecurityServiceImpl.java
View File

@@ -181,7 +181,7 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
} }
// apply the readers to any renditions of the content // apply the readers to any renditions of the content
if (isRecord(nodeRef) == true) if (isRecord(nodeRef))
{ {
List<ChildAssociationRef> assocs = nodeService.getChildAssocs(nodeRef, RenditionModel.ASSOC_RENDITION, RegexQNamePattern.MATCH_ALL); List<ChildAssociationRef> assocs = nodeService.getChildAssocs(nodeRef, RenditionModel.ASSOC_RENDITION, RegexQNamePattern.MATCH_ALL);
for (ChildAssociationRef assoc : assocs) for (ChildAssociationRef assoc : assocs)
@@ -194,12 +194,12 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
// add to the extended security roles // add to the extended security roles
addExtendedSecurityRoles(nodeRef, readers, writers); addExtendedSecurityRoles(nodeRef, readers, writers);
if (applyToParents == true) if (applyToParents)
{ {
// apply the extended readers up the file plan primary hierarchy // apply the extended readers up the file plan primary hierarchy
NodeRef parent = nodeService.getPrimaryParent(nodeRef).getParentRef(); NodeRef parent = nodeService.getPrimaryParent(nodeRef).getParentRef();
if (parent != null && if (parent != null &&
filePlanService.isFilePlanComponent(parent) == true) filePlanService.isFilePlanComponent(parent))
{ {
addExtendedSecurityImpl(parent, readers, null, applyToParents); addExtendedSecurityImpl(parent, readers, null, applyToParents);
addExtendedSecurityImpl(parent, writers, null, applyToParents); addExtendedSecurityImpl(parent, writers, null, applyToParents);
@@ -238,15 +238,11 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
for (String authority : authorities) for (String authority : authorities)
{ {
if (authority.equals(PermissionService.ALL_AUTHORITIES) == false && if ((authority.equals(PermissionService.ALL_AUTHORITIES) == false && authority.equals(PermissionService.OWNER_AUTHORITY) == false) &&
authority.equals(PermissionService.OWNER_AUTHORITY) == false) (referenceCountMap == null || referenceCountMap.containsKey(authority) == false))
{ {
if (referenceCountMap == null || // add the authority to the role
referenceCountMap.containsKey(authority) == false) filePlanRoleService.assignRoleToAuthority(filePlan, roleName, authority);
{
// add the authority to the role
filePlanRoleService.assignRoleToAuthority(filePlan, roleName, authority);
}
} }
} }
@@ -273,7 +269,7 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
{ {
if (key.equals(PermissionService.ALL_AUTHORITIES) == false) if (key.equals(PermissionService.ALL_AUTHORITIES) == false)
{ {
if (map.containsKey(key) == true) if (map.containsKey(key))
{ {
// increment reference count // increment reference count
Integer count = map.get(key); Integer count = map.get(key);
@@ -305,12 +301,12 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
@Override @Override
public void removeExtendedSecurity(NodeRef nodeRef, Set<String> readers, Set<String>writers, boolean applyToParents) public void removeExtendedSecurity(NodeRef nodeRef, Set<String> readers, Set<String>writers, boolean applyToParents)
{ {
if (hasExtendedSecurity(nodeRef) == true) if (hasExtendedSecurity(nodeRef))
{ {
removeExtendedSecurityImpl(nodeRef, readers, writers); removeExtendedSecurityImpl(nodeRef, readers, writers);
// remove the readers from any renditions of the content // remove the readers from any renditions of the content
if (isRecord(nodeRef) == true) if (isRecord(nodeRef))
{ {
List<ChildAssociationRef> assocs = nodeService.getChildAssocs(nodeRef, RenditionModel.ASSOC_RENDITION, RegexQNamePattern.MATCH_ALL); List<ChildAssociationRef> assocs = nodeService.getChildAssocs(nodeRef, RenditionModel.ASSOC_RENDITION, RegexQNamePattern.MATCH_ALL);
for (ChildAssociationRef assoc : assocs) for (ChildAssociationRef assoc : assocs)
@@ -320,12 +316,12 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
} }
} }
if (applyToParents == true) if (applyToParents)
{ {
// apply the extended readers up the file plan primary hierarchy // apply the extended readers up the file plan primary hierarchy
NodeRef parent = nodeService.getPrimaryParent(nodeRef).getParentRef(); NodeRef parent = nodeService.getPrimaryParent(nodeRef).getParentRef();
if (parent != null && if (parent != null &&
filePlanService.isFilePlanComponent(parent) == true) filePlanService.isFilePlanComponent(parent))
{ {
removeExtendedSecurity(parent, readers, null, applyToParents); removeExtendedSecurity(parent, readers, null, applyToParents);
removeExtendedSecurity(parent, writers, null, applyToParents); removeExtendedSecurity(parent, writers, null, applyToParents);
@@ -394,7 +390,7 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
} }
// reset the map to null if now empty // reset the map to null if now empty
if (map != null && map.isEmpty() == true) if (map != null && map.isEmpty())
{ {
map = null; map = null;
} }
@@ -417,7 +413,7 @@ public class ExtendedSecurityServiceImpl extends ServiceBaseImpl
@Override @Override
public void removeAllExtendedSecurity(NodeRef nodeRef, boolean applyToParents) public void removeAllExtendedSecurity(NodeRef nodeRef, boolean applyToParents)
{ {
if (hasExtendedSecurity(nodeRef) == true) if (hasExtendedSecurity(nodeRef))
{ {
removeExtendedSecurity(nodeRef, getExtendedReaders(nodeRef), getExtendedWriters(nodeRef)); removeExtendedSecurity(nodeRef, getExtendedReaders(nodeRef), getExtendedWriters(nodeRef));
} }

7
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/transfer/TransferServiceImpl.java
View File

@@ -236,12 +236,9 @@ public class TransferServiceImpl extends ServiceBaseImpl implements TransferServ
nodeService.deleteNode(nodeRef); nodeService.deleteNode(nodeRef);
NodeRef transferNodeRef = (NodeRef) AlfrescoTransactionSupport.getResource(KEY_TRANSFER_NODEREF); NodeRef transferNodeRef = (NodeRef) AlfrescoTransactionSupport.getResource(KEY_TRANSFER_NODEREF);
if (transferNodeRef != null) if (transferNodeRef != null && transferNodeRef.equals(nodeRef))
{ {
if (transferNodeRef.equals(nodeRef)) AlfrescoTransactionSupport.bindResource(KEY_TRANSFER_NODEREF, null);
{
AlfrescoTransactionSupport.bindResource(KEY_TRANSFER_NODEREF, null);
}
} }
} }