inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-31 17:39:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

RM-1644 (Possible to create "report" records and copy records without Create Record capability)

Browse Source 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/BRANCHES/V2.3@96905 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Tuna Aksoy
2015-02-12 11:08:43 +00:00
parent c5d9f3c43f
commit 798d7f7cb9
1 changed files with 3 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/CreateCapability.java
View File

@@ -80,10 +80,6 @@ public class CreateCapability extends DeclarativeCapability
*/
public int evaluate(NodeRef destination, NodeRef linkee, QName assocType)
{
//if the user doesn't have Create Record capability deny access
if(capabilityService.getCapabilityAccessState(destination, RMPermissionModel.CREATE_RECORDS) == AccessStatus.DENIED)
return AccessDecisionVoter.ACCESS_DENIED;
if (linkee != null)
{
int state = checkRead(linkee, true);
@@ -98,7 +94,7 @@ public class CreateCapability extends DeclarativeCapability
{
if (linkee == null)
{
if (recordService.isRecord(destination) &&
if (recordService.isRecord(destination) &&
!recordService.isDeclared(destination) &&
permissionService.hasPermission(destination, RMPermissionModel.FILE_RECORDS) == AccessStatus.ALLOWED)
{
@@ -124,14 +120,14 @@ public class CreateCapability extends DeclarativeCapability
conditions.put("capabilityCondition.frozen", Boolean.FALSE);
conditions.put("capabilityCondition.closed", Boolean.FALSE);
conditions.put("capabilityCondition.cutoff", Boolean.FALSE);
// if the destination folder is not a record folder and the user has filling capability on it, grant access to create the record
if (checkConditions(destination, conditions) &&
!recordFolderService.isRecordFolder(destination) )
{
return AccessDecisionVoter.ACCESS_GRANTED;
}
if (checkConditions(destination, conditions) &&
recordFolderService.isRecordFolder(destination) &&
permissionService.hasPermission(destination, RMPermissionModel.FILE_RECORDS) == AccessStatus.ALLOWED)