From 5e095e827a9a4c9fc2c0a146ea98bb86da01d45e Mon Sep 17 00:00:00 2001 From: Roy Wetherall Date: Tue, 4 Dec 2012 01:55:49 +0000 Subject: [PATCH] RM: A couple adjustments to the Role API git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@44278 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261 --- .../alfresco/rma/admin/rmrole/rmrole.lib.ftl | 4 +-- .../security/ModelSecurityServiceImpl.java | 2 +- .../RecordsManagementSecurityServiceImpl.java | 34 ++++++------------- .../org_alfresco_module_rm/security/Role.java | 10 +++--- .../DeclarativeCapabilityTest.java | 4 +-- 5 files changed, 21 insertions(+), 33 deletions(-) diff --git a/rm-server/config/alfresco/templates/webscripts/org/alfresco/rma/admin/rmrole/rmrole.lib.ftl b/rm-server/config/alfresco/templates/webscripts/org/alfresco/rma/admin/rmrole/rmrole.lib.ftl index bd43652d08..f1404c3d2a 100644 --- a/rm-server/config/alfresco/templates/webscripts/org/alfresco/rma/admin/rmrole/rmrole.lib.ftl +++ b/rm-server/config/alfresco/templates/webscripts/org/alfresco/rma/admin/rmrole/rmrole.lib.ftl @@ -6,8 +6,8 @@ "displayLabel": "${role.displayLabel}", "capabilities": { - <#list role.capabilities?keys as capability> - "${capability}": "${role.capabilities[capability]}" <#if capability_has_next>, + <#list role.capabilities as capability> + "${capability.name}": "${capability.title}" <#if capability_has_next>, } } diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/model/security/ModelSecurityServiceImpl.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/model/security/ModelSecurityServiceImpl.java index 99a908916c..79bbfa3b0c 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/model/security/ModelSecurityServiceImpl.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/model/security/ModelSecurityServiceImpl.java @@ -249,7 +249,7 @@ public class ModelSecurityServiceImpl implements ModelSecurityService, Set roles = securityService.getRolesByUser(filePlan, AuthenticationUtil.getFullyAuthenticatedUser()); for (Role role : roles) { - if (Collections.disjoint(role.getCapabilities().keySet(), artifact.getCapilityNames()) == false) + if (Collections.disjoint(role.getCapabilities(), artifact.getCapabilities()) == false) { result = true; break; diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityServiceImpl.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityServiceImpl.java index bf47bae4df..ee40f1a1a5 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityServiceImpl.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityServiceImpl.java @@ -578,9 +578,8 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe { String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode); String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority); - Map capabilities = getCapabilitiesImpl(rmRootNode, roleAuthority); - Role role = new Role(name, displayLabel, capabilities, roleAuthority); + Role role = new Role(name, displayLabel, getCapabilitiesImpl(rmRootNode, roleAuthority), roleAuthority); result.add(role); } @@ -608,9 +607,8 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe { String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode); String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority); - Map capabilities = getCapabilitiesImpl(rmRootNode, roleAuthority); - - Role role = new Role(name, displayLabel, capabilities, roleAuthority); + + Role role = new Role(name, displayLabel, getCapabilitiesImpl(rmRootNode, roleAuthority), roleAuthority); result.add(role); } } @@ -670,7 +668,7 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe { String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode); String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority); - Map capabilities = getCapabilitiesImpl(rmRootNode, roleAuthority); + Set capabilities = getCapabilitiesImpl(rmRootNode, roleAuthority); result = new Role(name, displayLabel, capabilities, roleAuthority); } @@ -686,10 +684,10 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe * @param roleAuthority * @return */ - private Map getCapabilitiesImpl(NodeRef rmRootNode, String roleAuthority) + private Set getCapabilitiesImpl(NodeRef rmRootNode, String roleAuthority) { Set permissions = permissionService.getAllSetPermissions(rmRootNode); - Map capabilities = new HashMap(52); + Set capabilities = new HashSet(52); for (AccessPermission permission : permissions) { if (permission.getAuthority().equals(roleAuthority) == true) @@ -698,7 +696,7 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe Capability capability = capabilityService.getCapability(capabilityName); if (capability != null) { - capabilities.put(capabilityName, capability.getTitle()); + capabilities.add(capability); } } } @@ -777,22 +775,15 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe authorityService.addAuthority(allRoleGroup, roleGroup); // Assign the various capabilities to the group on the root records management node - Map capStrings = new HashMap(53); if (capabilities != null) { for (Capability capability : capabilities) { permissionService.setPermission(rmRootNode, roleGroup, capability.getName(), true); - } - - // Create the role - for (Capability capability : capabilities) - { - capStrings.put(capability.getName(), capability.getTitle()); - } + } } - return new Role(role, roleDisplayLabel, capStrings, roleGroup); + return new Role(role, roleDisplayLabel, capabilities, roleGroup); } }, AuthenticationUtil.getSystemUserName()); } @@ -822,12 +813,7 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe permissionService.setPermission(rmRootNode, roleAuthority, capability.getName(), true); } - Map capStrings = new HashMap(capabilities.size()); - for (Capability capability : capabilities) - { - capStrings.put(capability.getName(), capability.getTitle()); - } - return new Role(role, roleDisplayLabel, capStrings, roleAuthority); + return new Role(role, roleDisplayLabel, capabilities, roleAuthority); } }, AuthenticationUtil.getSystemUserName()); diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/Role.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/Role.java index bb194870e1..cfa6cfaffc 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/Role.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/Role.java @@ -18,7 +18,9 @@ */ package org.alfresco.module.org_alfresco_module_rm.security; -import java.util.Map; +import java.util.Set; + +import org.alfresco.module.org_alfresco_module_rm.capability.Capability; /** * Records management role class @@ -29,7 +31,7 @@ public class Role { private String name; private String displayLabel; - private Map capabilities; + private Set capabilities; private String roleGroupName; /** @@ -37,7 +39,7 @@ public class Role * @param displayLabel * @param capabilities */ - public Role(String name, String displayLabel, Map capabilities, String roleGroupName) + public Role(String name, String displayLabel, Set capabilities, String roleGroupName) { this.name = name; this.displayLabel = displayLabel; @@ -64,7 +66,7 @@ public class Role /** * @return the capabilities */ - public Map getCapabilities() + public Set getCapabilities() { return capabilities; } diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/DeclarativeCapabilityTest.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/DeclarativeCapabilityTest.java index 8169c7241b..9b3df0110e 100644 --- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/DeclarativeCapabilityTest.java +++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/DeclarativeCapabilityTest.java @@ -200,8 +200,8 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase Role role = new ArrayList(roles).get(0); assertNotNull(role); - Map roleCapabilities = role.getCapabilities(); - if (roleCapabilities.containsKey(capability.getName()) == true && conditionResult == true) + Set roleCapabilities = role.getCapabilities(); + if (roleCapabilities.contains(capability) == true && conditionResult == true) { assertEquals("User " + userName + " has the role " + role.getDisplayLabel() + " so we expect access to be allowed for capability " + capability.getName() + " on the object " +