inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-31 17:39:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Improvements to extended dynamic authorities

Browse Source 
* requiredFor set
  * direct access to extended permission information, not via service



git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/BRANCHES/V2.1.0.x@84678 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Roy Wetherall
2014-09-18 23:57:43 +00:00
parent 2de55cb0e9
commit 8f6d6328f2
4 changed files with 80 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
rm-server/config/alfresco/module/org_alfresco_module_rm/rm-public-services-security-context.xml
View File

@@ -45,7 +45,7 @@
<bean id="RMSecurityCommon" abstract="true"> <bean id="RMSecurityCommon" abstract="true">
<property name="nodeService" ref="nodeService"/> <property name="nodeService" ref="nodeService"/>
<property name="permissionService" ref="permissionService"/> <property name="permissionService" ref="permissionServiceImpl"/>
<property name="recordsManagementService" ref="recordsManagementService"/> <property name="recordsManagementService" ref="recordsManagementService"/>
<property name="caveatConfigComponent" ref="caveatConfigComponent"/> <property name="caveatConfigComponent" ref="caveatConfigComponent"/>
<property name="filePlanService" ref="filePlanService"/> <property name="filePlanService" ref="filePlanService"/>

31
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/ExtendedReaderDynamicAuthority.java
View File

@@ -18,8 +18,12 @@
*/ */
package org.alfresco.module.org_alfresco_module_rm.security; package org.alfresco.module.org_alfresco_module_rm.security;
import java.util.Collections;
import java.util.Map;
import java.util.Set; import java.util.Set;
import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
import org.alfresco.repo.security.permissions.PermissionReference;
import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.cmr.repository.NodeRef;
/** /**
@@ -40,14 +44,37 @@ public class ExtendedReaderDynamicAuthority extends ExtendedSecurityBaseDynamicA
public String getAuthority() public String getAuthority()
{ {
return EXTENDED_READER; return EXTENDED_READER;
}
/**
* @see org.alfresco.repo.security.permissions.DynamicAuthority#requiredFor()
*/
@Override
public Set<PermissionReference> requiredFor()
{
if (requiredFor == null)
{
requiredFor = Collections.singleton(getModelDAO().getPermissionReference(null, RMPermissionModel.READ_RECORDS));
}
return requiredFor;
} }
/** /**
* @see org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityBaseDynamicAuthority#getAuthorites(org.alfresco.service.cmr.repository.NodeRef) * @see org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityBaseDynamicAuthority#getAuthorites(org.alfresco.service.cmr.repository.NodeRef)
*/ */
protected Set<String> getAuthorites(NodeRef nodeRef) @SuppressWarnings("unchecked")
protected Set<String> getAuthorites(NodeRef nodeRef)
{ {
return getExtendedSecurityService().getExtendedReaders(nodeRef); Set<String> result = null;
Map<String, Integer> readerMap = (Map<String, Integer>)getNodeService().getProperty(nodeRef, PROP_READERS);
if (readerMap != null)
{
result = readerMap.keySet();
}
return result;
} }
/** /**

34
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/ExtendedSecurityBaseDynamicAuthority.java
View File

@@ -24,6 +24,7 @@ import java.util.Set;
import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel; import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
import org.alfresco.repo.security.permissions.DynamicAuthority; import org.alfresco.repo.security.permissions.DynamicAuthority;
import org.alfresco.repo.security.permissions.PermissionReference; import org.alfresco.repo.security.permissions.PermissionReference;
import org.alfresco.repo.security.permissions.impl.ModelDAO;
import org.alfresco.repo.transaction.TransactionalResourceHelper; import org.alfresco.repo.transaction.TransactionalResourceHelper;
import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService; import org.alfresco.service.cmr.repository.NodeService;
@@ -55,6 +56,12 @@ public abstract class ExtendedSecurityBaseDynamicAuthority implements DynamicAut
/** Application context */ /** Application context */
protected ApplicationContext applicationContext; protected ApplicationContext applicationContext;
/** model DAO */
protected ModelDAO modelDAO;
/** permission reference */
protected Set<PermissionReference> requiredFor;
// NOTE: we get the services directly from the application context in this way to avoid // NOTE: we get the services directly from the application context in this way to avoid
// cyclic relationships and issues when loading the application context // cyclic relationships and issues when loading the application context
@@ -89,11 +96,23 @@ public abstract class ExtendedSecurityBaseDynamicAuthority implements DynamicAut
{ {
if (nodeService == null) if (nodeService == null)
{ {
nodeService = (NodeService)applicationContext.getBean("nodeService"); nodeService = (NodeService)applicationContext.getBean("dbNodeService");
} }
return nodeService; return nodeService;
} }
/**
* @return model DAO
*/
protected ModelDAO getModelDAO()
{
if (modelDAO == null)
{
modelDAO = (ModelDAO)applicationContext.getBean("permissionsModelDAO");
}
return modelDAO;
}
/** /**
* @return String transaction cache name * @return String transaction cache name
*/ */
@@ -160,16 +179,5 @@ public abstract class ExtendedSecurityBaseDynamicAuthority implements DynamicAut
} }
return result; return result;
} }
/**
* Base implementation
*
* @see org.alfresco.repo.security.permissions.DynamicAuthority#requiredFor()
*/
@Override
public Set<PermissionReference> requiredFor()
{
return null;
}
} }

31
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/ExtendedWriterDynamicAuthority.java
View File

@@ -18,8 +18,12 @@
*/ */
package org.alfresco.module.org_alfresco_module_rm.security; package org.alfresco.module.org_alfresco_module_rm.security;
import java.util.Collections;
import java.util.Map;
import java.util.Set; import java.util.Set;
import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
import org.alfresco.repo.security.permissions.PermissionReference;
import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.cmr.repository.NodeRef;
/** /**
@@ -41,13 +45,36 @@ public class ExtendedWriterDynamicAuthority extends ExtendedSecurityBaseDynamicA
{ {
return EXTENDED_WRITER; return EXTENDED_WRITER;
} }
/**
* @see org.alfresco.repo.security.permissions.DynamicAuthority#requiredFor()
*/
@Override
public Set<PermissionReference> requiredFor()
{
if (requiredFor == null)
{
requiredFor = Collections.singleton(getModelDAO().getPermissionReference(null, RMPermissionModel.FILE_RECORDS));
}
return requiredFor;
}
/** /**
* @see org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityBaseDynamicAuthority#getAuthorites(org.alfresco.service.cmr.repository.NodeRef) * @see org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityBaseDynamicAuthority#getAuthorites(org.alfresco.service.cmr.repository.NodeRef)
*/ */
protected Set<String> getAuthorites(NodeRef nodeRef) @SuppressWarnings("unchecked")
protected Set<String> getAuthorites(NodeRef nodeRef)
{ {
return getExtendedSecurityService().getExtendedWriters(nodeRef); Set<String> result = null;
Map<String, Integer> map = (Map<String, Integer>)getNodeService().getProperty(nodeRef, PROP_WRITERS);
if (map != null)
{
result = map.keySet();
}
return result;
} }
/** /**