inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-31 17:39:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

RM-1956: Create record capability allows user to edit metadata and copy category/folder /record

Browse Source 
* fixes issue relating to filing records with only CreateRecord capability



git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/BRANCHES/V2.3@97945 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Roy Wetherall
2015-02-24 21:38:10 +00:00
parent 60a75c4105
commit 890dd9417c
12 changed files with 322 additions and 117 deletions
Download Patch File Download Diff File Expand all files Collapse all files

63
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/EditNonRecordMetadataCapability.java Normal file
View File

@@ -0,0 +1,63 @@
/*
* Copyright (C) 2005-2014 Alfresco Software Limited.
*
* This file is part of Alfresco
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
*/
package org.alfresco.module.org_alfresco_module_rm.capability.impl;
import net.sf.acegisecurity.vote.AccessDecisionVoter;
import org.alfresco.module.org_alfresco_module_rm.capability.declarative.DeclarativeCapability;
import org.alfresco.module.org_alfresco_module_rm.record.RecordServiceImpl;
import org.alfresco.module.org_alfresco_module_rm.util.TransactionalResourceHelper;
import org.alfresco.service.cmr.repository.NodeRef;
/**
* Edit non record metadata capability
*
* @author Roy Wetherall
* @since 2.3
*/
public class EditNonRecordMetadataCapability extends DeclarativeCapability
{
/** transaction resource helper */
private TransactionalResourceHelper transactionalResourceHelper;
/**
* @param transactionalResourceHelper transaction resource helper
*/
public void setTransactionalResourceHelper(TransactionalResourceHelper transactionalResourceHelper)
{
this.transactionalResourceHelper = transactionalResourceHelper;
}
@Override
public int evaluate(NodeRef nodeRef)
{
// check if this node is a new record
if (transactionalResourceHelper.getSet(RecordServiceImpl.KEY_NEW_RECORDS).contains(nodeRef))
{
// since this is a new record created within this transaction, ignore the usual capability check
// under the assumption that the user has CreateRecord
// @see https://issues.alfresco.com/jira/browse/RM-1956
return AccessDecisionVoter.ACCESS_GRANTED;
}
return super.evaluate(nodeRef);
}
}

38
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/UpdateCapability.java
View File

@@ -19,16 +19,10 @@
package org.alfresco.module.org_alfresco_module_rm.capability.impl;
import java.io.Serializable;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import net.sf.acegisecurity.vote.AccessDecisionVoter;
import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
import org.alfresco.module.org_alfresco_module_rm.capability.declarative.DeclarativeCompositeCapability;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.security.AccessStatus;
import org.alfresco.service.namespace.QName;
/**
@@ -48,36 +42,6 @@ public class UpdateCapability extends DeclarativeCompositeCapability
*/
public int evaluate(NodeRef nodeRef, QName aspectQName, Map<QName, Serializable> properties)
{
int result = evaluate(nodeRef);
if (AccessDecisionVoter.ACCESS_GRANTED != result)
{
if (checkEligablePermissions(nodeRef))
{
result = AccessDecisionVoter.ACCESS_GRANTED;
}
}
return result;
}
private boolean checkEligablePermissions(NodeRef nodeRef)
{
boolean result = false;
List<String> permissions = Arrays.asList(
RMPermissionModel.CREATE_RECORDS
);
NodeRef filePlan = getFilePlanService().getFilePlan(nodeRef);
for (String permission : permissions)
{
if (permissionService.hasPermission(filePlan, permission) == AccessStatus.ALLOWED)
{
result = true;
break;
}
}
return result;
return evaluate(nodeRef);
}
}

41
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/policy/UpdatePropertiesPolicy.java
View File

@@ -18,14 +18,7 @@
*/
package org.alfresco.module.org_alfresco_module_rm.capability.policy;
import java.util.Arrays;
import java.util.List;
import net.sf.acegisecurity.vote.AccessDecisionVoter;
import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.security.AccessStatus;
import org.aopalliance.intercept.MethodInvocation;
public class UpdatePropertiesPolicy extends AbstractBasePolicy
@@ -37,38 +30,6 @@ public class UpdatePropertiesPolicy extends AbstractBasePolicy
ConfigAttributeDefinition cad)
{
NodeRef nodeRef = getTestNode(invocation, params, cad.getParameters().get(0), cad.isParent());
int result = getCapabilityService().getCapability("UpdateProperties").evaluate(nodeRef);
if (AccessDecisionVoter.ACCESS_GRANTED != result)
{
if (checkEligablePermissions(nodeRef))
{
result = AccessDecisionVoter.ACCESS_GRANTED;
}
}
return result;
}
private boolean checkEligablePermissions(NodeRef nodeRef)
{
boolean result = false;
List<String> permissions = Arrays.asList(
RMPermissionModel.CREATE_RECORDS,
RMPermissionModel.CREATE_MODIFY_DESTROY_FOLDERS,
RMPermissionModel.CREATE_MODIFY_DESTROY_FILEPLAN_METADATA
);
NodeRef filePlan = getFilePlanService().getFilePlan(nodeRef);
for (String permission : permissions)
{
if (permissionService.hasPermission(filePlan, permission) == AccessStatus.ALLOWED)
{
result = true;
break;
}
}
return result;
return getCapabilityService().getCapability("UpdateProperties").evaluate(nodeRef);
}
}

49
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/record/RecordServiceImpl.java
View File

@@ -72,7 +72,6 @@ import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
import org.alfresco.repo.security.permissions.AccessDeniedException;
import org.alfresco.repo.security.permissions.impl.ExtendedPermissionService;
import org.alfresco.repo.transaction.TransactionalResourceHelper;
import org.alfresco.service.cmr.dictionary.AspectDefinition;
import org.alfresco.service.cmr.dictionary.ClassDefinition;
import org.alfresco.service.cmr.dictionary.PropertyDefinition;
@@ -128,7 +127,9 @@ public class RecordServiceImpl extends BaseBehaviourBean
private static Log logger = LogFactory.getLog(RecordServiceImpl.class);
/** transation data key */
private static final String IGNORE_ON_UPDATE = "ignoreOnUpdate";
private static final String KEY_IGNORE_ON_UPDATE = "ignoreOnUpdate";
private static final String KEY_PENDING_FILLING = "pendingFilling";
public static final String KEY_NEW_RECORDS = "newRecords";
/** I18N */
private static final String MSG_NODE_HAS_ASPECT = "rm.service.node-has-aspect";
@@ -413,7 +414,7 @@ public class RecordServiceImpl extends BaseBehaviourBean
else
{
// check whether filling is pending aspect removal
Set<NodeRef> pendingFilling = TransactionalResourceHelper.getSet("pendingFilling");
Set<NodeRef> pendingFilling = transactionalResourceHelper.getSet(KEY_PENDING_FILLING);
if (pendingFilling.contains(nodeRef))
{
file(nodeRef);
@@ -504,11 +505,20 @@ public class RecordServiceImpl extends BaseBehaviourBean
if (nodeService.hasAspect(nodeRef, ContentModel.ASPECT_NO_CONTENT))
{
// we need to postpone filling until the NO_CONTENT aspect is removed
Set<NodeRef> pendingFilling = TransactionalResourceHelper.getSet("pendingFilling");
Set<NodeRef> pendingFilling = transactionalResourceHelper.getSet(KEY_PENDING_FILLING);
pendingFilling.add(nodeRef);
}
else
{
// store information about the 'new' record in the transaction
// @since 2.3
// @see https://issues.alfresco.com/jira/browse/RM-1956
if (bNew)
{
Set<NodeRef> newRecords = transactionalResourceHelper.getSet(KEY_NEW_RECORDS);
newRecords.add(nodeRef);
}
// create and file the content as a record
file(nodeRef);
}
@@ -567,7 +577,7 @@ public class RecordServiceImpl extends BaseBehaviourBean
*/
public void disablePropertyEditableCheck(NodeRef nodeRef)
{
Set<NodeRef> ignoreOnUpdate = TransactionalResourceHelper.getSet(IGNORE_ON_UPDATE);
Set<NodeRef> ignoreOnUpdate = transactionalResourceHelper.getSet(KEY_IGNORE_ON_UPDATE);
ignoreOnUpdate.add(nodeRef);
}
@@ -598,7 +608,7 @@ public class RecordServiceImpl extends BaseBehaviourBean
!AuthenticationUtil.isRunAsUserTheSystemUser() &&
nodeService.exists(nodeRef) &&
isRecord(nodeRef) &&
!TransactionalResourceHelper.getSet(IGNORE_ON_UPDATE).contains(nodeRef))
!transactionalResourceHelper.getSet(KEY_IGNORE_ON_UPDATE).contains(nodeRef))
{
for (Map.Entry<QName, Serializable> entry : after.entrySet())
{
@@ -637,8 +647,7 @@ public class RecordServiceImpl extends BaseBehaviourBean
if (!propertyUnchanged &&
!(ContentModel.PROP_CONTENT.equals(property) && beforeValue == null) &&
!isPropertyEditable(nodeRef, property) &&
!checkEligablePermissions(nodeRef))
!isPropertyEditable(nodeRef, property))
{
// the user can't edit the record property
throw new ModelAccessDeniedException(
@@ -650,28 +659,6 @@ public class RecordServiceImpl extends BaseBehaviourBean
}
}
private boolean checkEligablePermissions(NodeRef nodeRef)
{
boolean result = false;
List<String> permissions = Arrays.asList(
RMPermissionModel.CREATE_RECORDS,
RMPermissionModel.CREATE_MODIFY_DESTROY_FOLDERS,
RMPermissionModel.CREATE_MODIFY_DESTROY_FILEPLAN_METADATA
);
NodeRef filePlan = getFilePlan(nodeRef);
for (String permission : permissions)
{
if (permissionService.hasPermission(filePlan, permission) == AccessStatus.ALLOWED)
{
result = true;
break;
}
}
return result;
}
/**
* Get map containing record metadata aspects.
*
@@ -1711,7 +1698,7 @@ public class RecordServiceImpl extends BaseBehaviourBean
// we can not link a record to the same location more than once
throw new AlfrescoRuntimeException("Can not link a record to the same record folder more than once");
}
}
}
// get the current name of the record
String name = nodeService.getProperty(record, ContentModel.PROP_NAME).toString();

16
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/util/ServiceBaseImpl.java
View File

@@ -26,7 +26,6 @@ import org.alfresco.module.org_alfresco_module_rm.fileplan.FilePlanComponentKind
import org.alfresco.module.org_alfresco_module_rm.fileplan.FilePlanService;
import org.alfresco.module.org_alfresco_module_rm.hold.HoldService;
import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
import org.alfresco.repo.transaction.TransactionalResourceHelper;
import org.alfresco.service.cmr.dictionary.DictionaryService;
import org.alfresco.service.cmr.rendition.RenditionService;
import org.alfresco.service.cmr.repository.ChildAssociationRef;
@@ -63,6 +62,9 @@ public class ServiceBaseImpl implements RecordsManagementModel, ApplicationConte
/** authentication helper */
protected AuthenticationUtil authenticationUtil;
/** transactional resource helper */
protected TransactionalResourceHelper transactionalResourceHelper;
/**
* @see org.springframework.context.ApplicationContextAware#setApplicationContext(org.springframework.context.ApplicationContext)
@@ -104,6 +106,14 @@ public class ServiceBaseImpl implements RecordsManagementModel, ApplicationConte
{
this.authenticationUtil = authenticationUtil;
}
/**
* @param transactionalResourceHelper transactional resource helper
*/
public void setTransactionalResourceHelper(TransactionalResourceHelper transactionalResourceHelper)
{
this.transactionalResourceHelper = transactionalResourceHelper;
}
/**
* Helper to get internal node service.
@@ -129,7 +139,7 @@ public class ServiceBaseImpl implements RecordsManagementModel, ApplicationConte
{
FilePlanComponentKind result = null;
Map<NodeRef, FilePlanComponentKind> map = TransactionalResourceHelper.getMap("rm.transaction.filePlanComponentByNodeRef");
Map<NodeRef, FilePlanComponentKind> map = transactionalResourceHelper.getMap("rm.transaction.filePlanComponentByNodeRef");
if (map.containsKey(nodeRef))
{
result = map.get(nodeRef);
@@ -387,7 +397,7 @@ public class ServiceBaseImpl implements RecordsManagementModel, ApplicationConte
NodeRef result = null;
if (nodeRef != null)
{
Map<NodeRef, NodeRef> transactionCache = TransactionalResourceHelper.getMap("rm.servicebase.getFilePlan");
Map<NodeRef, NodeRef> transactionCache = transactionalResourceHelper.getMap("rm.servicebase.getFilePlan");
if (transactionCache.containsKey(nodeRef))
{
result = transactionCache.get(nodeRef);