mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-07-31 17:39:05 +00:00
RM: A couple adjustments to the Role API
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@44278 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Roy Wetherall
@@ -6,8 +6,8 @@
|
||||
"displayLabel": "${role.displayLabel}",
|
||||
"capabilities":
|
||||
{
|
||||
<#list role.capabilities?keys as capability>
|
||||
"${capability}": "${role.capabilities[capability]}" <#if capability_has_next>,</#if>
|
||||
<#list role.capabilities as capability>
|
||||
"${capability.name}": "${capability.title}" <#if capability_has_next>,</#if>
|
||||
</#list>
|
||||
}
|
||||
}
|
||||
|
||||
@@ -249,7 +249,7 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
|
||||
Set<Role> roles = securityService.getRolesByUser(filePlan, AuthenticationUtil.getFullyAuthenticatedUser());
|
||||
for (Role role : roles)
|
||||
{
|
||||
if (Collections.disjoint(role.getCapabilities().keySet(), artifact.getCapilityNames()) == false)
|
||||
if (Collections.disjoint(role.getCapabilities(), artifact.getCapabilities()) == false)
|
||||
{
|
||||
result = true;
|
||||
break;
|
||||
|
||||
@@ -578,9 +578,8 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
|
||||
{
|
||||
String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode);
|
||||
String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority);
|
||||
Map<String, String> capabilities = getCapabilitiesImpl(rmRootNode, roleAuthority);
|
||||
|
||||
Role role = new Role(name, displayLabel, capabilities, roleAuthority);
|
||||
Role role = new Role(name, displayLabel, getCapabilitiesImpl(rmRootNode, roleAuthority), roleAuthority);
|
||||
result.add(role);
|
||||
}
|
||||
|
||||
@@ -608,9 +607,8 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
|
||||
{
|
||||
String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode);
|
||||
String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority);
|
||||
Map<String, String> capabilities = getCapabilitiesImpl(rmRootNode, roleAuthority);
|
||||
|
||||
Role role = new Role(name, displayLabel, capabilities, roleAuthority);
|
||||
Role role = new Role(name, displayLabel, getCapabilitiesImpl(rmRootNode, roleAuthority), roleAuthority);
|
||||
result.add(role);
|
||||
}
|
||||
}
|
||||
@@ -670,7 +668,7 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
|
||||
{
|
||||
String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode);
|
||||
String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority);
|
||||
Map<String, String> capabilities = getCapabilitiesImpl(rmRootNode, roleAuthority);
|
||||
Set<Capability> capabilities = getCapabilitiesImpl(rmRootNode, roleAuthority);
|
||||
|
||||
result = new Role(name, displayLabel, capabilities, roleAuthority);
|
||||
}
|
||||
@@ -686,10 +684,10 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
|
||||
* @param roleAuthority
|
||||
* @return
|
||||
*/
|
||||
private Map<String, String> getCapabilitiesImpl(NodeRef rmRootNode, String roleAuthority)
|
||||
private Set<Capability> getCapabilitiesImpl(NodeRef rmRootNode, String roleAuthority)
|
||||
{
|
||||
Set<AccessPermission> permissions = permissionService.getAllSetPermissions(rmRootNode);
|
||||
Map<String, String> capabilities = new HashMap<String, String>(52);
|
||||
Set<Capability> capabilities = new HashSet<Capability>(52);
|
||||
for (AccessPermission permission : permissions)
|
||||
{
|
||||
if (permission.getAuthority().equals(roleAuthority) == true)
|
||||
@@ -698,7 +696,7 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
|
||||
Capability capability = capabilityService.getCapability(capabilityName);
|
||||
if (capability != null)
|
||||
{
|
||||
capabilities.put(capabilityName, capability.getTitle());
|
||||
capabilities.add(capability);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -777,22 +775,15 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
|
||||
authorityService.addAuthority(allRoleGroup, roleGroup);
|
||||
|
||||
// Assign the various capabilities to the group on the root records management node
|
||||
Map<String, String> capStrings = new HashMap<String, String>(53);
|
||||
if (capabilities != null)
|
||||
{
|
||||
for (Capability capability : capabilities)
|
||||
{
|
||||
permissionService.setPermission(rmRootNode, roleGroup, capability.getName(), true);
|
||||
}
|
||||
|
||||
// Create the role
|
||||
for (Capability capability : capabilities)
|
||||
{
|
||||
capStrings.put(capability.getName(), capability.getTitle());
|
||||
}
|
||||
}
|
||||
|
||||
return new Role(role, roleDisplayLabel, capStrings, roleGroup);
|
||||
return new Role(role, roleDisplayLabel, capabilities, roleGroup);
|
||||
}
|
||||
}, AuthenticationUtil.getSystemUserName());
|
||||
}
|
||||
@@ -822,12 +813,7 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
|
||||
permissionService.setPermission(rmRootNode, roleAuthority, capability.getName(), true);
|
||||
}
|
||||
|
||||
Map<String, String> capStrings = new HashMap<String, String>(capabilities.size());
|
||||
for (Capability capability : capabilities)
|
||||
{
|
||||
capStrings.put(capability.getName(), capability.getTitle());
|
||||
}
|
||||
return new Role(role, roleDisplayLabel, capStrings, roleAuthority);
|
||||
return new Role(role, roleDisplayLabel, capabilities, roleAuthority);
|
||||
|
||||
}
|
||||
}, AuthenticationUtil.getSystemUserName());
|
||||
|
||||
@@ -18,7 +18,9 @@
|
||||
*/
|
||||
package org.alfresco.module.org_alfresco_module_rm.security;
|
||||
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.module.org_alfresco_module_rm.capability.Capability;
|
||||
|
||||
/**
|
||||
* Records management role class
|
||||
@@ -29,7 +31,7 @@ public class Role
|
||||
{
|
||||
private String name;
|
||||
private String displayLabel;
|
||||
private Map<String, String> capabilities;
|
||||
private Set<Capability> capabilities;
|
||||
private String roleGroupName;
|
||||
|
||||
/**
|
||||
@@ -37,7 +39,7 @@ public class Role
|
||||
* @param displayLabel
|
||||
* @param capabilities
|
||||
*/
|
||||
public Role(String name, String displayLabel, Map<String, String> capabilities, String roleGroupName)
|
||||
public Role(String name, String displayLabel, Set<Capability> capabilities, String roleGroupName)
|
||||
{
|
||||
this.name = name;
|
||||
this.displayLabel = displayLabel;
|
||||
@@ -64,7 +66,7 @@ public class Role
|
||||
/**
|
||||
* @return the capabilities
|
||||
*/
|
||||
public Map<String, String> getCapabilities()
|
||||
public Set<Capability> getCapabilities()
|
||||
{
|
||||
return capabilities;
|
||||
}
|
||||
|
||||
@@ -200,8 +200,8 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase
|
||||
Role role = new ArrayList<Role>(roles).get(0);
|
||||
assertNotNull(role);
|
||||
|
||||
Map<String, String> roleCapabilities = role.getCapabilities();
|
||||
if (roleCapabilities.containsKey(capability.getName()) == true && conditionResult == true)
|
||||
Set<Capability> roleCapabilities = role.getCapabilities();
|
||||
if (roleCapabilities.contains(capability) == true && conditionResult == true)
|
||||
{
|
||||
assertEquals("User " + userName + " has the role " + role.getDisplayLabel() +
|
||||
" so we expect access to be allowed for capability " + capability.getName() + " on the object " +
|
||||
|
||||
Reference in New Issue
Block a user