inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-31 17:39:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Improvements to extended dynamic authorities

Browse Source 
* requiredFor set
  * direct access to extended permission information, not via service



git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/BRANCHES/V2.1.0.x@84678 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Roy Wetherall
2014-09-18 23:57:43 +00:00
parent 2de55cb0e9
commit 8f6d6328f2
4 changed files with 80 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
rm-server/config/alfresco/module/org_alfresco_module_rm/rm-public-services-security-context.xml
View File

@@ -45,7 +45,7 @@
<bean id="RMSecurityCommon" abstract="true">
<property name="nodeService" ref="nodeService"/>
<property name="permissionService" ref="permissionService"/>
<property name="permissionService" ref="permissionServiceImpl"/>
<property name="recordsManagementService" ref="recordsManagementService"/>
<property name="caveatConfigComponent" ref="caveatConfigComponent"/>
<property name="filePlanService" ref="filePlanService"/>

29
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/ExtendedReaderDynamicAuthority.java
View File

@@ -18,8 +18,12 @@
*/
package org.alfresco.module.org_alfresco_module_rm.security;
import java.util.Collections;
import java.util.Map;
import java.util.Set;
import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
import org.alfresco.repo.security.permissions.PermissionReference;
import org.alfresco.service.cmr.repository.NodeRef;
/**
@@ -42,12 +46,35 @@ public class ExtendedReaderDynamicAuthority extends ExtendedSecurityBaseDynamicA
return EXTENDED_READER;
}
/**
* @see org.alfresco.repo.security.permissions.DynamicAuthority#requiredFor()
*/
@Override
public Set<PermissionReference> requiredFor()
{
if (requiredFor == null)
{
requiredFor = Collections.singleton(getModelDAO().getPermissionReference(null, RMPermissionModel.READ_RECORDS));
}
return requiredFor;
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityBaseDynamicAuthority#getAuthorites(org.alfresco.service.cmr.repository.NodeRef)
*/
@SuppressWarnings("unchecked")
protected Set<String> getAuthorites(NodeRef nodeRef)
{
return getExtendedSecurityService().getExtendedReaders(nodeRef);
Set<String> result = null;
Map<String, Integer> readerMap = (Map<String, Integer>)getNodeService().getProperty(nodeRef, PROP_READERS);
if (readerMap != null)
{
result = readerMap.keySet();
}
return result;
}
/**

32
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/ExtendedSecurityBaseDynamicAuthority.java
View File

@@ -24,6 +24,7 @@ import java.util.Set;
import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
import org.alfresco.repo.security.permissions.DynamicAuthority;
import org.alfresco.repo.security.permissions.PermissionReference;
import org.alfresco.repo.security.permissions.impl.ModelDAO;
import org.alfresco.repo.transaction.TransactionalResourceHelper;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
@@ -55,6 +56,12 @@ public abstract class ExtendedSecurityBaseDynamicAuthority implements DynamicAut
/** Application context */
protected ApplicationContext applicationContext;
/** model DAO */
protected ModelDAO modelDAO;
/** permission reference */
protected Set<PermissionReference> requiredFor;
// NOTE: we get the services directly from the application context in this way to avoid
// cyclic relationships and issues when loading the application context
@@ -89,11 +96,23 @@ public abstract class ExtendedSecurityBaseDynamicAuthority implements DynamicAut
{
if (nodeService == null)
{
nodeService = (NodeService)applicationContext.getBean("nodeService");
nodeService = (NodeService)applicationContext.getBean("dbNodeService");
}
return nodeService;
}
/**
* @return model DAO
*/
protected ModelDAO getModelDAO()
{
if (modelDAO == null)
{
modelDAO = (ModelDAO)applicationContext.getBean("permissionsModelDAO");
}
return modelDAO;
}
/**
* @return String transaction cache name
*/
@@ -161,15 +180,4 @@ public abstract class ExtendedSecurityBaseDynamicAuthority implements DynamicAut
return result;
}
/**
* Base implementation
*
* @see org.alfresco.repo.security.permissions.DynamicAuthority#requiredFor()
*/
@Override
public Set<PermissionReference> requiredFor()
{
return null;
}
}

29
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/ExtendedWriterDynamicAuthority.java
View File

@@ -18,8 +18,12 @@
*/
package org.alfresco.module.org_alfresco_module_rm.security;
import java.util.Collections;
import java.util.Map;
import java.util.Set;
import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
import org.alfresco.repo.security.permissions.PermissionReference;
import org.alfresco.service.cmr.repository.NodeRef;
/**
@@ -42,12 +46,35 @@ public class ExtendedWriterDynamicAuthority extends ExtendedSecurityBaseDynamicA
return EXTENDED_WRITER;
}
/**
* @see org.alfresco.repo.security.permissions.DynamicAuthority#requiredFor()
*/
@Override
public Set<PermissionReference> requiredFor()
{
if (requiredFor == null)
{
requiredFor = Collections.singleton(getModelDAO().getPermissionReference(null, RMPermissionModel.FILE_RECORDS));
}
return requiredFor;
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityBaseDynamicAuthority#getAuthorites(org.alfresco.service.cmr.repository.NodeRef)
*/
@SuppressWarnings("unchecked")
protected Set<String> getAuthorites(NodeRef nodeRef)
{
return getExtendedSecurityService().getExtendedWriters(nodeRef);
Set<String> result = null;
Map<String, Integer> map = (Map<String, Integer>)getNodeService().getProperty(nodeRef, PROP_WRITERS);
if (map != null)
{
result = map.keySet();
}
return result;
}
/**