mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-07-31 17:39:05 +00:00
RM-872: "admin" can access all areas of the file plan without have been given an explicit role or permissions.
* it now valid for admin to have access to the file plan * rmadmin is still created and always has admin rights to file plans, but by default is created with a random password * admin has permissions to reset rmadmin password if administration of RM file plans needs to be delegated * rmadmin name I18n'ed * rmadmin patch and creation code updated git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@55205 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Roy Wetherall
@@ -60,8 +60,6 @@ public class FreezeAction extends RMActionExecuterAbstractBase
|
||||
recordsManagementService.isRecordFolder(actionedUponNodeRef) == true) &&
|
||||
freezeService.isFrozen(actionedUponNodeRef) == false)
|
||||
{
|
||||
System.out.println("I am trying to freeze " + actionedUponNodeRef.toString());
|
||||
|
||||
freezeService.freeze((String) action.getParameterValue(PARAM_REASON), actionedUponNodeRef);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -27,14 +27,15 @@ import org.alfresco.model.ContentModel;
|
||||
import org.alfresco.module.org_alfresco_module_rm.fileplan.FilePlanService;
|
||||
import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService;
|
||||
import org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService;
|
||||
import org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationServiceImpl;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.cmr.security.MutableAuthenticationService;
|
||||
import org.alfresco.service.cmr.security.PersonService;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
import org.alfresco.util.GUID;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.springframework.beans.factory.BeanNameAware;
|
||||
import org.springframework.extensions.surf.util.I18NUtil;
|
||||
|
||||
/**
|
||||
* RM v2.1: RM admin user patch
|
||||
@@ -43,11 +44,15 @@ import org.springframework.beans.factory.BeanNameAware;
|
||||
*/
|
||||
public class RMv2RMAdminUserPatch extends ModulePatchComponent implements BeanNameAware
|
||||
{
|
||||
/** I18N */
|
||||
private static final String MSG_FIRST_NAME = "bootstrap.rmadmin.firstName";
|
||||
private static final String MSG_LAST_NAME = "bootstrap.rmadmin.lastName";
|
||||
|
||||
/** Logger */
|
||||
private static Log logger = LogFactory.getLog(RMv2RMAdminUserPatch.class);
|
||||
|
||||
/** default rm admin password */
|
||||
private String password = FilePlanAuthenticationServiceImpl.DEFAULT_RM_ADMIN_PWD;
|
||||
/** generate rm admin password */
|
||||
private String password = GUID.generate();
|
||||
|
||||
/** mutable authenticaiton service */
|
||||
private MutableAuthenticationService authenticationService;
|
||||
@@ -64,14 +69,6 @@ public class RMv2RMAdminUserPatch extends ModulePatchComponent implements BeanNa
|
||||
/** file plan authentication service */
|
||||
private FilePlanAuthenticationService filePlanAuthenticationService;
|
||||
|
||||
/**
|
||||
* @param password rm admin password
|
||||
*/
|
||||
public void setPassword(String password)
|
||||
{
|
||||
this.password = password;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param personService person service
|
||||
*/
|
||||
@@ -124,8 +121,8 @@ public class RMv2RMAdminUserPatch extends ModulePatchComponent implements BeanNa
|
||||
}
|
||||
|
||||
String user = filePlanAuthenticationService.getRmAdminUserName();
|
||||
String firstName = filePlanAuthenticationService.getRmAdminFirstName();
|
||||
String lastName = filePlanAuthenticationService.getRmAdminLastName();
|
||||
String firstName = I18NUtil.getMessage(MSG_FIRST_NAME);
|
||||
String lastName = I18NUtil.getMessage(MSG_LAST_NAME);
|
||||
|
||||
if (authenticationService.authenticationExists(user) == false)
|
||||
{
|
||||
|
||||
@@ -40,7 +40,6 @@ import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
|
||||
import org.alfresco.module.org_alfresco_module_rm.security.ExtendedReaderDynamicAuthority;
|
||||
import org.alfresco.module.org_alfresco_module_rm.security.ExtendedWriterDynamicAuthority;
|
||||
import org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService;
|
||||
import org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationServiceImpl;
|
||||
import org.alfresco.repo.node.NodeServicePolicies;
|
||||
import org.alfresco.repo.policy.Behaviour.NotificationFrequency;
|
||||
import org.alfresco.repo.policy.JavaBehaviour;
|
||||
@@ -58,6 +57,7 @@ import org.alfresco.service.cmr.security.MutableAuthenticationService;
|
||||
import org.alfresco.service.cmr.security.PermissionService;
|
||||
import org.alfresco.service.cmr.security.PersonService;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
import org.alfresco.util.GUID;
|
||||
import org.alfresco.util.ParameterCheck;
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
import org.apache.commons.logging.Log;
|
||||
@@ -65,6 +65,7 @@ import org.apache.commons.logging.LogFactory;
|
||||
import org.json.JSONArray;
|
||||
import org.json.JSONException;
|
||||
import org.json.JSONObject;
|
||||
import org.springframework.extensions.surf.util.I18NUtil;
|
||||
|
||||
/**
|
||||
* Role service implementation
|
||||
@@ -75,6 +76,10 @@ import org.json.JSONObject;
|
||||
public class FilePlanRoleServiceImpl implements FilePlanRoleService,
|
||||
RecordsManagementModel
|
||||
{
|
||||
/** I18N */
|
||||
private static final String MSG_FIRST_NAME = "bootstrap.rmadmin.firstName";
|
||||
private static final String MSG_LAST_NAME = "bootstrap.rmadmin.lastName";
|
||||
|
||||
/** Capability service */
|
||||
private CapabilityService capabilityService;
|
||||
|
||||
@@ -916,12 +921,12 @@ public class FilePlanRoleServiceImpl implements FilePlanRoleService,
|
||||
*/
|
||||
private void createRMAdminUser()
|
||||
{
|
||||
/** default rm admin password */
|
||||
String password = FilePlanAuthenticationServiceImpl.DEFAULT_RM_ADMIN_PWD;
|
||||
/** generate rm admin password */
|
||||
String password = GUID.generate();
|
||||
|
||||
String user = filePlanAuthenticationService.getRmAdminUserName();
|
||||
String firstName = filePlanAuthenticationService.getRmAdminFirstName();
|
||||
String lastName = filePlanAuthenticationService.getRmAdminLastName();
|
||||
String firstName = I18NUtil.getMessage(MSG_FIRST_NAME);
|
||||
String lastName = I18NUtil.getMessage(MSG_LAST_NAME);
|
||||
|
||||
if (authenticationService.authenticationExists(user) == false)
|
||||
{
|
||||
|
||||
@@ -32,16 +32,6 @@ public interface FilePlanAuthenticationService
|
||||
* @return rm admin user name
|
||||
*/
|
||||
String getRmAdminUserName();
|
||||
|
||||
/**
|
||||
* @return rm admin first name
|
||||
*/
|
||||
String getRmAdminFirstName();
|
||||
|
||||
/**
|
||||
* @return rm admin last name
|
||||
*/
|
||||
String getRmAdminLastName();
|
||||
|
||||
/**
|
||||
* Run provided work as the global rm admin user.
|
||||
|
||||
@@ -30,14 +30,11 @@ public class FilePlanAuthenticationServiceImpl implements FilePlanAuthentication
|
||||
{
|
||||
/** Default rm admin user values */
|
||||
public static final String DEFAULT_RM_ADMIN_USER = "rmadmin";
|
||||
public static final String DEFAULT_RM_ADMIN_PWD = "rmadmin";
|
||||
public static final String DEFAULT_RM_ADMIN_FIRST_NAME = "Records Management";
|
||||
public static final String DEFAULT_RM_ADMIN_LAST_NAME = "Administrator";
|
||||
|
||||
/** RM admin user name */
|
||||
private String rmAdminUserName = DEFAULT_RM_ADMIN_USER;
|
||||
private String rmAdminFirstName = DEFAULT_RM_ADMIN_FIRST_NAME;
|
||||
private String rmAdminLastName = DEFAULT_RM_ADMIN_LAST_NAME;
|
||||
|
||||
/** tennant service */
|
||||
private TenantService tenantService;
|
||||
|
||||
/**
|
||||
@@ -71,40 +68,6 @@ public class FilePlanAuthenticationServiceImpl implements FilePlanAuthentication
|
||||
return tenantDomain.length() > 1 ? rmAdminUserName + tenantDomain : rmAdminUserName;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param rmAdminFirstName rm admin first name
|
||||
*/
|
||||
public void setRmAdminFirstName(String rmAdminFirstName)
|
||||
{
|
||||
this.rmAdminFirstName = rmAdminFirstName;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService#getRMAdminFirstName()
|
||||
*/
|
||||
@Override
|
||||
public String getRmAdminFirstName()
|
||||
{
|
||||
return rmAdminFirstName;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param rmAdminLastName rm admin last name
|
||||
*/
|
||||
public void setRmAdminLastName(String rmAdminLastName)
|
||||
{
|
||||
this.rmAdminLastName = rmAdminLastName;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService#getRMAdminLastName()
|
||||
*/
|
||||
@Override
|
||||
public String getRmAdminLastName()
|
||||
{
|
||||
return rmAdminLastName;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService#runAsRMAdmin(org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork)
|
||||
*/
|
||||
|
||||
Reference in New Issue
Block a user