Merge release/V2.3 into release/2.4

2025-07-31 17:39:05 +00:00 · 2016-09-21 11:58:40 +03:00
parent 3f321077e5 1bc18c7b85
commit 935d6319e1
48 changed files with 5055 additions and 1257 deletions
--- a/rm-community/rm-community-repo/source/java/org/alfresco/repo/security/permissions/impl/ExtendedPermissionService.java
+++ b/rm-community/rm-community-repo/source/java/org/alfresco/repo/security/permissions/impl/ExtendedPermissionService.java
@@ -29,7 +29,9 @@ package org.alfresco.repo.security.permissions.impl;

 import java.util.Set;

+import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.cmr.security.PermissionService;
+import org.alfresco.util.Pair;

 /**
 * Extended Permission Service Interface used in RM.
@@ -46,4 +48,18 @@ public interface ExtendedPermissionService extends PermissionService
 	 * @return {@link Set}<{@link String}>		set of authorities with write access
 	 */
    Set<String> getWriters(Long aclId);
+    
+    /**
+     * Get the readers and writers for a given node.
+     * <p>
+     * The writers list includes the owner for the node.
+     * 
+     * @param nodeRef                           node reference
+     * @return Pair<Set<String>, Set<String>>   first is a set containing all the authorities that have read permission on the 
+     *                                          document and second is a set containing all the authorities that have write
+     *                                          permission on the document, including the owner.
+     *                                          
+     * @since 2.5
+     */
+    Pair<Set<String>, Set<String>> getReadersAndWriters(NodeRef nodeRef);
 }
--- a/rm-community/rm-community-repo/source/java/org/alfresco/repo/security/permissions/impl/ExtendedPermissionServiceImpl.java
+++ b/rm-community/rm-community-repo/source/java/org/alfresco/repo/security/permissions/impl/ExtendedPermissionServiceImpl.java
@@ -39,8 +39,6 @@ import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
 import org.alfresco.module.org_alfresco_module_rm.fileplan.FilePlanService;
 import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
 import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService;
-import org.alfresco.module.org_alfresco_module_rm.security.ExtendedReaderDynamicAuthority;
-import org.alfresco.module.org_alfresco_module_rm.security.ExtendedWriterDynamicAuthority;
 import org.alfresco.repo.cache.SimpleCache;
 import org.alfresco.repo.security.permissions.AccessControlEntry;
 import org.alfresco.repo.security.permissions.AccessControlList;
@@ -50,8 +48,11 @@ import org.alfresco.repo.security.permissions.processor.PermissionProcessorRegis
 import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.cmr.security.AccessStatus;
 import org.alfresco.service.cmr.security.AuthorityType;
+import org.alfresco.service.cmr.security.OwnableService;
 import org.alfresco.service.cmr.security.PermissionService;
+import org.alfresco.util.Pair;
 import org.alfresco.util.PropertyCheck;
+import org.apache.commons.lang.StringUtils;
 import org.springframework.context.ApplicationEvent;

 /**
@@ -359,13 +360,17 @@ public class ExtendedPermissionServiceImpl extends PermissionServiceImpl
        final String adminRole = getAdminRole(nodeRef);
        if (nodeService.hasAspect(nodeRef, RecordsManagementModel.ASPECT_FILE_PLAN_COMPONENT) && isNotBlank(adminRole) && !inheritParentPermissions)
        {
-            setPermission(nodeRef, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.READ_RECORDS, true);
-            setPermission(nodeRef, ExtendedWriterDynamicAuthority.EXTENDED_WRITER, RMPermissionModel.FILING, true);
-            setPermission(nodeRef, adminRole, RMPermissionModel.FILING, true);
+           setPermission(nodeRef, adminRole, RMPermissionModel.FILING, true);
        }
        super.setInheritParentPermissions(nodeRef, inheritParentPermissions);
    }

+    /**
+     * Helper method to the RM admin role scoped by the correct file plan.
+     * 
+     * @param nodeRef   node reference
+     * @return String   RM admin role
+     */
    private String getAdminRole(NodeRef nodeRef)
    {
        String adminRole = null;
@@ -376,4 +381,28 @@ public class ExtendedPermissionServiceImpl extends PermissionServiceImpl
        }
        return adminRole;
    }
+    
+    /**
+     * @see org.alfresco.repo.security.permissions.impl.ExtendedPermissionService#getReadersAndWriters(org.alfresco.service.cmr.repository.NodeRef)
+     */
+    @Override
+    public Pair<Set<String>, Set<String>> getReadersAndWriters(NodeRef nodeRef)
+    {
+        // get the documents readers
+        Long aclId = nodeService.getNodeAclId(nodeRef);
+        Set<String> readers = getReaders(aclId);
+        Set<String> writers = getWriters(aclId);
+
+        // add the current owner to the list of extended writers
+        Set<String> modifiedWrtiers = new HashSet<String>(writers);    
+        String owner = ownableService.getOwner(nodeRef);
+        if (StringUtils.isNotBlank(owner) && 
+            !owner.equals(OwnableService.NO_OWNER) &&
+            authorityService.authorityExists(owner))
+        {
+            modifiedWrtiers.add(owner);
+        }        
+        
+        return new Pair<Set<String>, Set<String>> (readers, modifiedWrtiers);
+    }
 }