MNT-18083 Merge release/V2.5 into master.

2025-07-31 17:39:05 +00:00 · 2017-07-24 18:45:10 +01:00
parent ff31236cd5 9e750f7f2b
commit 7e1b33dad7
5 changed files with 80 additions and 31 deletions
--- a/rm-community/rm-community-repo/config/alfresco/module/org_alfresco_module_rm/log4j.properties
+++ b/rm-community/rm-community-repo/config/alfresco/module/org_alfresco_module_rm/log4j.properties
@@ -13,7 +13,7 @@ log4j.logger.org.alfresco.module.org_alfresco_module_rm.patch=info
 # Set to 'debug' to see details of capability failures when AccessDenied is thrown.  May be
 # removed to enhance performance.
 #
-log4j.logger.org.alfresco.module.org_alfresco_module_rm.security.RMMethodSecurityInterceptor=debug
+log4j.logger.org.alfresco.module.org_alfresco_module_rm.security.RMMethodSecurityInterceptor=info

 #
 # RM permission debug
--- a/rm-community/rm-community-repo/config/alfresco/module/org_alfresco_module_rm/rm-ui-evaluators-context.xml
+++ b/rm-community/rm-community-repo/config/alfresco/module/org_alfresco_module_rm/rm-ui-evaluators-context.xml
@@ -35,9 +35,10 @@
      <property name="nodeService" ref="NodeService"/>
      <property name="namespaceService" ref="NamespaceService"/>
      <property name="capabilityService" ref="CapabilityService"/>
-      <property name="filePlanService" ref="FilePlanService" />
+      <property name="filePlanService" ref="filePlanService" /> 
      <property name="dispositionService" ref="DispositionService" />
      <property name="recordFolderService" ref="RecordFolderService" />
+      <property name="transactionalResourceHelper" ref="rm.transactionalResourceHelper" />
   </bean>

   <bean id="jsonConversionComponent.baseIndicator"
--- a/rm-community/rm-community-repo/source/java/org/alfresco/module/org_alfresco_module_rm/capability/RMSecurityCommon.java
+++ b/rm-community/rm-community-repo/source/java/org/alfresco/module/org_alfresco_module_rm/capability/RMSecurityCommon.java
@@ -149,8 +149,11 @@ public class RMSecurityCommon implements ApplicationContextAware
    protected int getTransactionCache(String prefix, NodeRef nodeRef)
    {
        int result = NOSET_VALUE;
-        String user = AuthenticationUtil.getRunAsUser();
-        Integer value = (Integer)AlfrescoTransactionSupport.getResource(prefix + nodeRef.toString() + user);
+        StringBuffer key = new StringBuffer(prefix)
+                .append(nodeRef)
+                .append(AuthenticationUtil.getRunAsUser());
+        
+        Integer value = (Integer)AlfrescoTransactionSupport.getResource(key);
        if (value != null)
        {
            result = value.intValue();
--- a/rm-community/rm-community-repo/source/java/org/alfresco/module/org_alfresco_module_rm/capability/declarative/DeclarativeCapability.java
+++ b/rm-community/rm-community-repo/source/java/org/alfresco/module/org_alfresco_module_rm/capability/declarative/DeclarativeCapability.java
@@ -29,9 +29,12 @@ package org.alfresco.module.org_alfresco_module_rm.capability.declarative;

 import java.util.ArrayList;
 import java.util.Collections;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;

+import net.sf.acegisecurity.vote.AccessDecisionVoter;
 import org.alfresco.error.AlfrescoRuntimeException;
 import org.alfresco.module.org_alfresco_module_rm.capability.AbstractCapability;
 import org.alfresco.module.org_alfresco_module_rm.capability.Capability;
@@ -44,8 +47,6 @@ import org.alfresco.service.cmr.security.AccessStatus;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;

-import net.sf.acegisecurity.vote.AccessDecisionVoter;
-
 /**
 * Declarative capability implementation.
 *
@@ -70,6 +71,9 @@ public class DeclarativeCapability extends AbstractCapability

    /** Indicates whether to return an undetermined result */
    protected boolean isUndetermined = false;
+    
+    /** List of available kinds */
+    private Set<FilePlanComponentKind> availableKinds;

    /**
     * @param permissions   permissions
@@ -258,6 +262,27 @@ public class DeclarativeCapability extends AbstractCapability
    {
        return checkConditions(nodeRef, conditions);
    }
+    
+    /**
+     * Get list of available kinds
+     * 
+     * @return  list of available kinds
+     */
+    
+    private Set<FilePlanComponentKind> getAvailableKinds()
+    {
+        if (kinds != null && availableKinds == null)
+        {
+            availableKinds = new HashSet<FilePlanComponentKind>(kinds.size());
+            for (String kindString : kinds)
+            {
+                FilePlanComponentKind kind = FilePlanComponentKind.valueOf(kindString);
+                availableKinds.add(kind);
+            }
+        }
+        
+        return availableKinds;
+    }

    /**
     * Checks that the node ref is of the expected kind
@@ -273,23 +298,9 @@ public class DeclarativeCapability extends AbstractCapability

        if (actualKind != null)
        {
-            if (kinds != null && !kinds.isEmpty())
+            Set<FilePlanComponentKind> availableKinds = getAvailableKinds();
+            if (availableKinds == null || availableKinds.contains(actualKind))
            {
-                // need to check the actual file plan kind is in the list specified
-                for (String kindString : kinds)
-                {
-                    FilePlanComponentKind kind = FilePlanComponentKind.valueOf(kindString);
-                    if (actualKind.equals(kind))
-                    {
-                        result = true;
-                        break;
-                    }
-                }
-            }
-            else
-            {
-                // we don't have any specific kinds to check, so we pass since we have a file
-                // plan component in our hands
                result = true;
            }
        }
--- a/rm-community/rm-community-repo/source/java/org/alfresco/module/org_alfresco_module_rm/jscript/app/BaseEvaluator.java
+++ b/rm-community/rm-community-repo/source/java/org/alfresco/module/org_alfresco_module_rm/jscript/app/BaseEvaluator.java
@@ -40,20 +40,26 @@ import org.alfresco.module.org_alfresco_module_rm.fileplan.FilePlanService;
 import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
 import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
 import org.alfresco.module.org_alfresco_module_rm.recordfolder.RecordFolderService;
+import org.alfresco.module.org_alfresco_module_rm.util.TransactionalResourceHelper;
+import org.alfresco.repo.security.authentication.AuthenticationUtil;
 import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.cmr.repository.NodeService;
 import org.alfresco.service.cmr.security.AccessStatus;
 import org.alfresco.service.namespace.NamespaceService;
+import org.springframework.beans.factory.BeanNameAware;

 /**
 * Base evaluator.
 *
 * @author Roy Wetherall
 */
-public abstract class BaseEvaluator implements RecordsManagementModel
+public abstract class BaseEvaluator implements RecordsManagementModel, BeanNameAware
 {
    /** Name */
    protected String name;
+    
+    /** bean name */
+    protected String beanName;

    /** JSON conversion component */
    protected JSONConversionComponent jsonConversionComponent;
@@ -84,7 +90,19 @@ public abstract class BaseEvaluator implements RecordsManagementModel

    /** Record folder service */
    protected RecordFolderService recordFolderService;
+    
+    /** transactional resource helper */
+    protected TransactionalResourceHelper transactionalResourceHelper; 

+    /**
+     * @param   beanName  bean name
+     */
+    @Override
+    public void setBeanName(String beanName)
+    {
+        this.beanName = beanName;
+    }
+    
    /**
     * @param jsonConversionComponent   json conversion component
     */
@@ -148,6 +166,14 @@ public abstract class BaseEvaluator implements RecordsManagementModel
    {
        this.recordFolderService = recordFolderService;
    }
+    
+    /**
+     * @param transactionalResourceHelper   transactional resource helper
+     */
+    public void setTransactionalResourceHelper(TransactionalResourceHelper transactionalResourceHelper)
+    {
+        this.transactionalResourceHelper = transactionalResourceHelper;
+    }

    /**
     * @param name
@@ -217,17 +243,25 @@ public abstract class BaseEvaluator implements RecordsManagementModel
     */
    public boolean evaluate(NodeRef nodeRef)
    {
-        boolean result = false;
-
-        // Check that we are dealing with the correct kind of RM object
-        if ((kinds == null || checkKinds(nodeRef)) &&
-                // Check we have the required capabilities
-                (capabilities == null || checkCapabilities(nodeRef)))
+        Map<String, Boolean> results = transactionalResourceHelper.getMap("BaseEvaluator.evaluate");
+        String key = new StringBuffer(nodeRef.toString()).append(AuthenticationUtil.getRunAsUser()).append(beanName).toString();
+        
+        if (!results.containsKey(key))
        {
-            result = evaluateImpl(nodeRef);
+            boolean result = false;
+            
+            // Check that we are dealing with the correct kind of RM object
+            if ((kinds == null || checkKinds(nodeRef)) &&
+                    // Check we have the required capabilities
+                    (capabilities == null || checkCapabilities(nodeRef)))
+            {
+                result = evaluateImpl(nodeRef);
+            }
+            
+            results.put(key, result);
        }

-        return result;
+        return results.get(key);
    }

    /**