RM: Run copy of permissions as Admin to allow records managers to copy record folders and records

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@16641 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-08-07 17:49:17 +00:00 · 2009-10-01 08:38:39 +00:00
parent 8df9d5d00b
commit 5ffcd36aa7
1 changed files with 28 additions and 18 deletions
--- a/source/java/org/alfresco/repo/copy/CopyServiceImpl.java
+++ b/source/java/org/alfresco/repo/copy/CopyServiceImpl.java
@@ -44,6 +44,7 @@ import org.alfresco.repo.copy.CopyBehaviourCallback.CopyChildAssociationDetails;
 import org.alfresco.repo.policy.ClassPolicyDelegate;
 import org.alfresco.repo.policy.JavaBehaviour;
 import org.alfresco.repo.policy.PolicyComponent;
 import org.alfresco.repo.security.authentication.AuthenticationUtil;
 import org.alfresco.service.cmr.dictionary.AspectDefinition;
 import org.alfresco.service.cmr.dictionary.AssociationDefinition;
 import org.alfresco.service.cmr.dictionary.ChildAssociationDefinition;
@@ -687,32 +688,41 @@ public class CopyServiceImpl implements CopyService
     * @param sourceNodeRef            the source node reference
     * @param destinationNodeRef    the destination node reference
     */
-    private void copyPermissions(NodeRef sourceNodeRef, NodeRef destinationNodeRef) 
+    private void copyPermissions(final NodeRef sourceNodeRef, final NodeRef destinationNodeRef) 
    {
-        if(this.permissionService.hasPermission(sourceNodeRef, PermissionService.READ_PERMISSIONS) == AccessStatus.ALLOWED)
+        AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
        {
-            // Get the permission details of the source node reference
+            public Object doWork() throws Exception
            Set<AccessPermission> permissions = this.permissionService.getAllSetPermissions(sourceNodeRef);
            boolean includeInherited = this.permissionService.getInheritParentPermissions(sourceNodeRef);
            AccessStatus writePermission = permissionService.hasPermission(destinationNodeRef, PermissionService.CHANGE_PERMISSIONS);
            if (writePermission.equals(AccessStatus.ALLOWED) || this.authenticationService.isCurrentUserTheSystemUser() )
            {
-                // Set the permission values on the destination node        
+
-                for (AccessPermission permission : permissions) 
+                if(permissionService.hasPermission(sourceNodeRef, PermissionService.READ_PERMISSIONS) == AccessStatus.ALLOWED)
                {
-                    if(permission.isSetDirectly())
+                    // Get the permission details of the source node reference
                    Set<AccessPermission> permissions = permissionService.getAllSetPermissions(sourceNodeRef);
                    boolean includeInherited = permissionService.getInheritParentPermissions(sourceNodeRef);
                    AccessStatus writePermission = permissionService.hasPermission(destinationNodeRef, PermissionService.CHANGE_PERMISSIONS);
                    if (writePermission.equals(AccessStatus.ALLOWED) || authenticationService.isCurrentUserTheSystemUser() )
                    {
-                        this.permissionService.setPermission(
+                        // Set the permission values on the destination node        
-                            destinationNodeRef, 
+                        for (AccessPermission permission : permissions) 
-                            permission.getAuthority(), 
+                        {
-                            permission.getPermission(), 
+                            if(permission.isSetDirectly())
-                            permission.getAccessStatus().equals(AccessStatus.ALLOWED));
+                            {
                                permissionService.setPermission(
                                    destinationNodeRef, 
                                    permission.getAuthority(), 
                                    permission.getPermission(), 
                                    permission.getAccessStatus().equals(AccessStatus.ALLOWED));
                            }
                        }
                        permissionService.setInheritParentPermissions(destinationNodeRef, includeInherited);
                    }
                }
-                this.permissionService.setInheritParentPermissions(destinationNodeRef, includeInherited);
+                
                return null;
            }
-        }
+       }, AuthenticationUtil.getAdminUserName());               
    }
    /**