inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-31 17:39:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

RM: A couple adjustments to the Role API

Browse Source 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@44278 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Roy Wetherall
2012-12-04 01:55:49 +00:00
parent a06ba9d3c3
commit 5e095e827a
5 changed files with 21 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
rm-server/config/alfresco/templates/webscripts/org/alfresco/rma/admin/rmrole/rmrole.lib.ftl
View File

@@ -6,8 +6,8 @@
"displayLabel": "${role.displayLabel}", "displayLabel": "${role.displayLabel}",
"capabilities": "capabilities":
{ {
<#list role.capabilities?keys as capability> <#list role.capabilities as capability>
"${capability}": "${role.capabilities[capability]}" <#if capability_has_next>,</#if> "${capability.name}": "${capability.title}" <#if capability_has_next>,</#if>
</#list> </#list>
} }
} }

2
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/model/security/ModelSecurityServiceImpl.java
View File

@@ -249,7 +249,7 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
Set<Role> roles = securityService.getRolesByUser(filePlan, AuthenticationUtil.getFullyAuthenticatedUser()); Set<Role> roles = securityService.getRolesByUser(filePlan, AuthenticationUtil.getFullyAuthenticatedUser());
for (Role role : roles) for (Role role : roles)
{ {
if (Collections.disjoint(role.getCapabilities().keySet(), artifact.getCapilityNames()) == false) if (Collections.disjoint(role.getCapabilities(), artifact.getCapabilities()) == false)
{ {
result = true; result = true;
break; break;

34
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityServiceImpl.java
View File

@@ -578,9 +578,8 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
{ {
String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode); String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode);
String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority); String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority);
Map<String, String> capabilities = getCapabilitiesImpl(rmRootNode, roleAuthority);
Role role = new Role(name, displayLabel, capabilities, roleAuthority); Role role = new Role(name, displayLabel, getCapabilitiesImpl(rmRootNode, roleAuthority), roleAuthority);
result.add(role); result.add(role);
} }
@@ -608,9 +607,8 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
{ {
String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode); String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode);
String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority); String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority);
Map<String, String> capabilities = getCapabilitiesImpl(rmRootNode, roleAuthority);
Role role = new Role(name, displayLabel, getCapabilitiesImpl(rmRootNode, roleAuthority), roleAuthority);
Role role = new Role(name, displayLabel, capabilities, roleAuthority);
result.add(role); result.add(role);
} }
} }
@@ -670,7 +668,7 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
{ {
String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode); String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode);
String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority); String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority);
Map<String, String> capabilities = getCapabilitiesImpl(rmRootNode, roleAuthority); Set<Capability> capabilities = getCapabilitiesImpl(rmRootNode, roleAuthority);
result = new Role(name, displayLabel, capabilities, roleAuthority); result = new Role(name, displayLabel, capabilities, roleAuthority);
} }
@@ -686,10 +684,10 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
* @param roleAuthority * @param roleAuthority
* @return * @return
*/ */
private Map<String, String> getCapabilitiesImpl(NodeRef rmRootNode, String roleAuthority) private Set<Capability> getCapabilitiesImpl(NodeRef rmRootNode, String roleAuthority)
{ {
Set<AccessPermission> permissions = permissionService.getAllSetPermissions(rmRootNode); Set<AccessPermission> permissions = permissionService.getAllSetPermissions(rmRootNode);
Map<String, String> capabilities = new HashMap<String, String>(52); Set<Capability> capabilities = new HashSet<Capability>(52);
for (AccessPermission permission : permissions) for (AccessPermission permission : permissions)
{ {
if (permission.getAuthority().equals(roleAuthority) == true) if (permission.getAuthority().equals(roleAuthority) == true)
@@ -698,7 +696,7 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
Capability capability = capabilityService.getCapability(capabilityName); Capability capability = capabilityService.getCapability(capabilityName);
if (capability != null) if (capability != null)
{ {
capabilities.put(capabilityName, capability.getTitle()); capabilities.add(capability);
} }
} }
} }
@@ -777,22 +775,15 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
authorityService.addAuthority(allRoleGroup, roleGroup); authorityService.addAuthority(allRoleGroup, roleGroup);
// Assign the various capabilities to the group on the root records management node // Assign the various capabilities to the group on the root records management node
Map<String, String> capStrings = new HashMap<String, String>(53);
if (capabilities != null) if (capabilities != null)
{ {
for (Capability capability : capabilities) for (Capability capability : capabilities)
{ {
permissionService.setPermission(rmRootNode, roleGroup, capability.getName(), true); permissionService.setPermission(rmRootNode, roleGroup, capability.getName(), true);
} }
// Create the role
for (Capability capability : capabilities)
{
capStrings.put(capability.getName(), capability.getTitle());
}
} }
return new Role(role, roleDisplayLabel, capStrings, roleGroup); return new Role(role, roleDisplayLabel, capabilities, roleGroup);
} }
}, AuthenticationUtil.getSystemUserName()); }, AuthenticationUtil.getSystemUserName());
} }
@@ -822,12 +813,7 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
permissionService.setPermission(rmRootNode, roleAuthority, capability.getName(), true); permissionService.setPermission(rmRootNode, roleAuthority, capability.getName(), true);
} }
Map<String, String> capStrings = new HashMap<String, String>(capabilities.size()); return new Role(role, roleDisplayLabel, capabilities, roleAuthority);
for (Capability capability : capabilities)
{
capStrings.put(capability.getName(), capability.getTitle());
}
return new Role(role, roleDisplayLabel, capStrings, roleAuthority);
} }
}, AuthenticationUtil.getSystemUserName()); }, AuthenticationUtil.getSystemUserName());

10
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/Role.java
View File

@@ -18,7 +18,9 @@
*/ */
package org.alfresco.module.org_alfresco_module_rm.security; package org.alfresco.module.org_alfresco_module_rm.security;
import java.util.Map; import java.util.Set;
import org.alfresco.module.org_alfresco_module_rm.capability.Capability;
/** /**
* Records management role class * Records management role class
@@ -29,7 +31,7 @@ public class Role
{ {
private String name; private String name;
private String displayLabel; private String displayLabel;
private Map<String, String> capabilities; private Set<Capability> capabilities;
private String roleGroupName; private String roleGroupName;
/** /**
@@ -37,7 +39,7 @@ public class Role
* @param displayLabel * @param displayLabel
* @param capabilities * @param capabilities
*/ */
public Role(String name, String displayLabel, Map<String, String> capabilities, String roleGroupName) public Role(String name, String displayLabel, Set<Capability> capabilities, String roleGroupName)
{ {
this.name = name; this.name = name;
this.displayLabel = displayLabel; this.displayLabel = displayLabel;
@@ -64,7 +66,7 @@ public class Role
/** /**
* @return the capabilities * @return the capabilities
*/ */
public Map<String, String> getCapabilities() public Set<Capability> getCapabilities()
{ {
return capabilities; return capabilities;
} }

4
rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/DeclarativeCapabilityTest.java
View File

@@ -200,8 +200,8 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase
Role role = new ArrayList<Role>(roles).get(0); Role role = new ArrayList<Role>(roles).get(0);
assertNotNull(role); assertNotNull(role);
Map<String, String> roleCapabilities = role.getCapabilities(); Set<Capability> roleCapabilities = role.getCapabilities();
if (roleCapabilities.containsKey(capability.getName()) == true && conditionResult == true) if (roleCapabilities.contains(capability) == true && conditionResult == true)
{ {
assertEquals("User " + userName + " has the role " + role.getDisplayLabel() + assertEquals("User " + userName + " has the role " + role.getDisplayLabel() +
" so we expect access to be allowed for capability " + capability.getName() + " on the object " + " so we expect access to be allowed for capability " + capability.getName() + " on the object " +