From 8b17d89b84eb3a49a7673022fd1cf864940f2da9 Mon Sep 17 00:00:00 2001 From: Roy Wetherall Date: Thu, 12 Jun 2014 06:39:15 +0000 Subject: [PATCH] RM-1089: CLONE - Group added twice for default categories RM-1314: Permissions can be added twice git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@73619 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261 --- .../FilePlanPermissionServiceImpl.java | 45 ++++++++++++++----- 1 file changed, 35 insertions(+), 10 deletions(-) diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanPermissionServiceImpl.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanPermissionServiceImpl.java index 6e580dae00..a9bf35c231 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanPermissionServiceImpl.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanPermissionServiceImpl.java @@ -55,7 +55,8 @@ import org.apache.commons.logging.LogFactory; */ @BehaviourBean public class FilePlanPermissionServiceImpl extends ServiceBaseImpl - implements FilePlanPermissionService + implements FilePlanPermissionService, + RMPermissionModel { /** Permission service */ protected PermissionService permissionService; @@ -512,21 +513,45 @@ public class FilePlanPermissionServiceImpl extends ServiceBaseImpl /** * Set the permission, taking into account that filing is a superset of read * - * @param nodeRef - * @param authority - * @param permission + * @param nodeRef node reference + * @param authority authority + * @param permission permission */ private void setPermissionImpl(NodeRef nodeRef, String authority, String permission) { - if (RMPermissionModel.FILING.equals(permission)) + boolean hasRead = false; + boolean hasFilling = false; + + Set perms = permissionService.getAllSetPermissions(nodeRef); + for (AccessPermission perm : perms) { - // Remove record read permission before adding filing permission - permissionService.deletePermission(nodeRef, authority, RMPermissionModel.READ_RECORDS); + if (perm.getAuthority().equals(authority)) + { + if (perm.getPermission().equals(FILING)) + { + hasFilling = true; + } + else if (perm.getPermission().equals(READ_RECORDS)) + { + hasRead = true; + } + } } - - permissionService.setPermission(nodeRef, authority, permission, true); + + if (FILING.equals(permission) && hasRead) + { + // remove read permission + permissionService.deletePermission(nodeRef, authority, RMPermissionModel.READ_RECORDS); + hasRead = false; + } + + if (!hasRead && !hasFilling) + { + // add permission + permissionService.setPermission(nodeRef, authority, permission, true); + } } - + /** * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#deletePermission(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String) */