RM-895: Ensure RM actions with side effects don't try and execute if things are frozen

RM-965: Unable to declare a record from the repository view. git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@55371 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-07-31 17:39:05 +00:00 · 2013-09-17 00:52:58 +00:00
parent 11ec6eea5f
commit 90a63d7c71
15 changed files with 256 additions and 117 deletions
--- a/rm-server/source/java/org/alfresco/repo/rule/ExtendedRuleServiceImpl.java
+++ b/rm-server/source/java/org/alfresco/repo/rule/ExtendedRuleServiceImpl.java
@@ -23,6 +23,7 @@ import java.util.Set;

 import org.alfresco.module.org_alfresco_module_rm.fileplan.FilePlanService;
 import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
+import org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityService;
 import org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService;
 import org.alfresco.repo.security.authentication.AuthenticationUtil;
 import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
@@ -39,36 +40,67 @@ import org.alfresco.service.namespace.QName;
 */
 public class ExtendedRuleServiceImpl extends RuleServiceImpl
 {
+	/** indicates whether the rules should be run as rmadmin or not */
    private boolean runAsRmAdmin = true;

+    /** ignore types */
    private Set<QName> ignoredTypes = new HashSet<QName>();
    
+    /** file plan service */
    private FilePlanService filePlanService;

+    /** file plan authentication service */
    private FilePlanAuthenticationService filePlanAuthenticationService;

+    /** node service */
    protected NodeService nodeService;

+    /** model security service */
+    protected ModelSecurityService modelSecurityService;
+    
+    /**
+     * @param runAsRmAdmin	true if run rules as rmadmin, false otherwise
+     */
    public void setRunAsRmAdmin(boolean runAsRmAdmin)
    {
        this.runAsRmAdmin = runAsRmAdmin;
    }

+    /**
+     * @param filePlanAuthenticationService	file plan authentication service
+     */
    public void setFilePlanAuthenticationService(FilePlanAuthenticationService filePlanAuthenticationService)
    {
        this.filePlanAuthenticationService = filePlanAuthenticationService;
    }

+    /**
+     * @param nodeService	node service
+     */
    public void setNodeService2(NodeService nodeService)
    {
        this.nodeService = nodeService;
    }
    
+    /**
+     * @param filePlanService	file plan service
+     */
    public void setFilePlanService(FilePlanService filePlanService) 
    {
 		this.filePlanService = filePlanService;
 	}
+    
+    /**
+     * @param modelSecurityService	model security service
+     */
+    public void setModelSecurityService(ModelSecurityService modelSecurityService) 
+    {
+		this.modelSecurityService = modelSecurityService;
+	}

+    /**
+     * Init method
+     */
    @Override
    public void init()
    {
@@ -81,10 +113,13 @@ public class ExtendedRuleServiceImpl extends RuleServiceImpl
        ignoredTypes.add(RecordsManagementModel.TYPE_EVENT_EXECUTION);
    }

+    /**
+     * @see org.alfresco.repo.rule.RuleServiceImpl#saveRule(org.alfresco.service.cmr.repository.NodeRef, org.alfresco.service.cmr.rule.Rule)
+     */
    @Override
    public void saveRule(final NodeRef nodeRef, final Rule rule)
    {
-        if (filePlanService.isFilePlanComponent(nodeRef) == true && runAsRmAdmin == true)
+        if (filePlanService.isFilePlanComponent(nodeRef) == true)
        {
            AuthenticationUtil.runAsSystem(new RunAsWork<Void>()
            {
@@ -103,10 +138,13 @@ public class ExtendedRuleServiceImpl extends RuleServiceImpl
        }
    }

+    /**
+     * @see org.alfresco.repo.rule.RuleServiceImpl#removeRule(org.alfresco.service.cmr.repository.NodeRef, org.alfresco.service.cmr.rule.Rule)
+     */
    @Override
    public void removeRule(final NodeRef nodeRef, final Rule rule)
    {
-        if (filePlanService.isFilePlanComponent(nodeRef) == true && runAsRmAdmin == true)
+        if (filePlanService.isFilePlanComponent(nodeRef) == true)
        {
            AuthenticationUtil.runAsSystem(new RunAsWork<Void>()
            {
@@ -125,27 +163,50 @@ public class ExtendedRuleServiceImpl extends RuleServiceImpl
        }
    }

+    /**
+     * @see org.alfresco.repo.rule.RuleServiceImpl#executeRule(org.alfresco.service.cmr.rule.Rule, org.alfresco.service.cmr.repository.NodeRef, java.util.Set)
+     */
    @Override
    public void executeRule(final Rule rule, final NodeRef nodeRef, final Set<ExecutedRuleData> executedRules)
    {
        QName typeQName = nodeService.getType(nodeRef);

-        if (filePlanService.isFilePlanComponent(nodeRef) == true
-                && isFilePlanComponentRule(rule) == true && runAsRmAdmin == true)
+        // check if this is a rm rule on a rm artifact
+        if (filePlanService.isFilePlanComponent(nodeRef) == true && 
+        	isFilePlanComponentRule(rule) == true)
        {
+        	// ignore and
            if (isIgnoredType(typeQName) == false)
-            {
-                String user = AuthenticationUtil.getFullyAuthenticatedUser();
-                try
-                {
-                    AuthenticationUtil.setFullyAuthenticatedUser(filePlanAuthenticationService.getRmAdminUserName());
-                    ExtendedRuleServiceImpl.super.executeRule(rule, nodeRef, executedRules);
-                }
-                finally
-                {
-                    AuthenticationUtil.setFullyAuthenticatedUser(user);
-                }
-            }
+	        {
+	        	// disable model security whilst we execute the RM rule
+	        	//modelSecurityService.disable();
+	        	//try
+	        	//{
+	            	if (runAsRmAdmin == true)
+	            	{
+	            		// run as rmadmin
+		            	filePlanAuthenticationService.runAsRmAdmin(new RunAsWork<Void>() 
+		            	{
+							@Override
+							public Void doWork() throws Exception 
+							{
+								ExtendedRuleServiceImpl.super.executeRule(rule, nodeRef, executedRules);
+								return null;
+							}
+						});
+	            	}
+	            	else
+	            	{
+	            		// run as current user
+	            		ExtendedRuleServiceImpl.super.executeRule(rule, nodeRef, executedRules);
+	            	}	            
+	        	//}
+	        	//finally
+	        	//{
+	        		// enable model security
+	        	//	modelSecurityService.enable();
+	        	//}
+	        }
        }
        else
        {
@@ -154,6 +215,12 @@ public class ExtendedRuleServiceImpl extends RuleServiceImpl
        }
    }

+    /**
+     * Indicates whether the rule is a file plan component
+     * 
+     * @param rule		rule
+     * @return boolean	true if rule is set on a file plan component, false otherwise
+     */
    private boolean isFilePlanComponentRule(Rule rule)
    {
        NodeRef nodeRef = getOwningNodeRef(rule);
@@ -161,7 +228,8 @@ public class ExtendedRuleServiceImpl extends RuleServiceImpl
    }

    /**
-     * @param typeQName
+     * @param  typeQName	type qname 
+     * @return boolean		true if ignore type, false otherwise
     */
    private boolean isIgnoredType(QName typeQName)
    {