From 798d7f7cb98b007b21769b90ff7f95c819e83e2f Mon Sep 17 00:00:00 2001
From: Tuna Aksoy <tuna.aksoy@alfresco.com>
Date: Thu, 12 Feb 2015 11:08:43 +0000
Subject: [PATCH] RM-1644 (Possible to create "report" records and copy records
 without Create Record capability)

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/BRANCHES/V2.3@96905 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
---
 .../capability/impl/CreateCapability.java              | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/CreateCapability.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/CreateCapability.java
index cb08db9dea..e05aebda12 100644
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/CreateCapability.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/CreateCapability.java
@@ -80,10 +80,6 @@ public class CreateCapability extends DeclarativeCapability
      */
     public int evaluate(NodeRef destination, NodeRef linkee, QName assocType)
     {
-        //if the user doesn't have Create Record capability deny access 
-        if(capabilityService.getCapabilityAccessState(destination, RMPermissionModel.CREATE_RECORDS) == AccessStatus.DENIED)
-            return AccessDecisionVoter.ACCESS_DENIED;
-        
         if (linkee != null)
         {
             int state = checkRead(linkee, true);
@@ -98,7 +94,7 @@ public class CreateCapability extends DeclarativeCapability
             {
                 if (linkee == null)
                 {
-                    if (recordService.isRecord(destination) && 
+                    if (recordService.isRecord(destination) &&
                         !recordService.isDeclared(destination) &&
                         permissionService.hasPermission(destination, RMPermissionModel.FILE_RECORDS) == AccessStatus.ALLOWED)
                     {
@@ -124,14 +120,14 @@ public class CreateCapability extends DeclarativeCapability
             conditions.put("capabilityCondition.frozen", Boolean.FALSE);
             conditions.put("capabilityCondition.closed", Boolean.FALSE);
             conditions.put("capabilityCondition.cutoff", Boolean.FALSE);
-        
+
             // if the destination folder is not a record folder and the user has filling capability on it, grant access to create the record
             if (checkConditions(destination, conditions) &&
                    !recordFolderService.isRecordFolder(destination) )
             {
                 return AccessDecisionVoter.ACCESS_GRANTED;
             }
-            
+
             if (checkConditions(destination, conditions) &&
                     recordFolderService.isRecordFolder(destination) &&
                     permissionService.hasPermission(destination, RMPermissionModel.FILE_RECORDS) == AccessStatus.ALLOWED)