inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-31 17:39:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

RM-769 (Impossible to add access for several values)

Browse Source 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/BRANCHES/V2.0@52294 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Tuna Aksoy
2013-07-09 15:49:51 +00:00
parent caf766123f
commit 9eb525f63d
1 changed files with 145 additions and 145 deletions
Download Patch File Download Diff File Expand all files Collapse all files

290
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/caveat/RMCaveatConfigComponentImpl.java
View File

@@ -70,7 +70,7 @@ import org.json.JSONObject;
/** /**
* RM Caveat Config component impl * RM Caveat Config component impl
* *
* @author janv * @author janv
*/ */
public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnContentUpdatePolicy, public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnContentUpdatePolicy,
@@ -79,7 +79,7 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
RMCaveatConfigComponent RMCaveatConfigComponent
{ {
private static Log logger = LogFactory.getLog(RMCaveatConfigComponentImpl.class); private static Log logger = LogFactory.getLog(RMCaveatConfigComponentImpl.class);
private PolicyComponent policyComponent; private PolicyComponent policyComponent;
private ContentService contentService; private ContentService contentService;
private DictionaryService dictionaryService; private DictionaryService dictionaryService;
@@ -87,90 +87,90 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
private AuthorityService authorityService; private AuthorityService authorityService;
private PersonService personService; private PersonService personService;
private NodeService nodeService; private NodeService nodeService;
// Default // Default
private StoreRef storeRef = new StoreRef(StoreRef.PROTOCOL_WORKSPACE, "SpacesStore"); private StoreRef storeRef = new StoreRef(StoreRef.PROTOCOL_WORKSPACE, "SpacesStore");
private List<String> caveatAspectURINames = new ArrayList<String>(0); private List<String> caveatAspectURINames = new ArrayList<String>(0);
private List<QName> caveatAspectQNames = new ArrayList<QName>(0); private List<QName> caveatAspectQNames = new ArrayList<QName>(0);
private List<String> caveatModelURINames = new ArrayList<String>(0); private List<String> caveatModelURINames = new ArrayList<String>(0);
private List<QName> caveatModelQNames = new ArrayList<QName>(0); private List<QName> caveatModelQNames = new ArrayList<QName>(0);
private static final String CAVEAT_CONFIG_NAME = "caveatConfig.json"; private static final String CAVEAT_CONFIG_NAME = "caveatConfig.json";
private static final QName DATATYPE_TEXT = DataTypeDefinition.TEXT; private static final QName DATATYPE_TEXT = DataTypeDefinition.TEXT;
/** /**
* Lock objects * Lock objects
*/ */
private ReadWriteLock lock = new ReentrantReadWriteLock(); private ReadWriteLock lock = new ReentrantReadWriteLock();
private Lock readLock = lock.readLock(); private Lock readLock = lock.readLock();
private Lock writeLock = lock.writeLock(); private Lock writeLock = lock.writeLock();
/* /*
* Caveat Config (Shared) config * Caveat Config (Shared) config
* first string is property name * first string is property name
* second string is authority name (user or group full name) * second string is authority name (user or group full name)
* third string is list of values of property * third string is list of values of property
*/ */
private SimpleCache<String, Map<String, List<String>>> caveatConfig; private SimpleCache<String, Map<String, List<String>>> caveatConfig;
public void setCaveatConfig(SimpleCache<String, Map<String, List<String>>> caveatConfig) public void setCaveatConfig(SimpleCache<String, Map<String, List<String>>> caveatConfig)
{ {
this.caveatConfig = caveatConfig; this.caveatConfig = caveatConfig;
} }
public void setPolicyComponent(PolicyComponent policyComponent) public void setPolicyComponent(PolicyComponent policyComponent)
{ {
this.policyComponent = policyComponent; this.policyComponent = policyComponent;
} }
public void setNodeService(NodeService nodeService) public void setNodeService(NodeService nodeService)
{ {
this.nodeService = nodeService; this.nodeService = nodeService;
} }
public void setContentService(ContentService contentService) public void setContentService(ContentService contentService)
{ {
this.contentService = contentService; this.contentService = contentService;
} }
public void setDictionaryService(DictionaryService dictionaryService) public void setDictionaryService(DictionaryService dictionaryService)
{ {
this.dictionaryService = dictionaryService; this.dictionaryService = dictionaryService;
} }
public void setNamespaceService(NamespaceService namespaceService) public void setNamespaceService(NamespaceService namespaceService)
{ {
this.namespaceService = namespaceService; this.namespaceService = namespaceService;
} }
public void setAuthorityService(AuthorityService authorityService) public void setAuthorityService(AuthorityService authorityService)
{ {
this.authorityService = authorityService; this.authorityService = authorityService;
} }
public void setPersonService(PersonService personService) public void setPersonService(PersonService personService)
{ {
this.personService = personService; this.personService = personService;
} }
public void setStoreRef(String storeRef) public void setStoreRef(String storeRef)
{ {
this.storeRef = new StoreRef(storeRef); this.storeRef = new StoreRef(storeRef);
} }
public void setCaveatAspects(List<String> caveatAspectNames) public void setCaveatAspects(List<String> caveatAspectNames)
{ {
this.caveatAspectURINames = caveatAspectNames; this.caveatAspectURINames = caveatAspectNames;
} }
public void setCaveatModels(List<String> caveatModelNames) public void setCaveatModels(List<String> caveatModelNames)
{ {
this.caveatModelURINames = caveatModelNames; this.caveatModelURINames = caveatModelNames;
} }
/** /**
* Initialise behaviours and caveat config cache * Initialise behaviours and caveat config cache
*/ */
@@ -181,26 +181,26 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
ContentServicePolicies.OnContentUpdatePolicy.QNAME, ContentServicePolicies.OnContentUpdatePolicy.QNAME,
RecordsManagementModel.TYPE_CAVEAT_CONFIG, RecordsManagementModel.TYPE_CAVEAT_CONFIG,
new JavaBehaviour(this, "onContentUpdate")); new JavaBehaviour(this, "onContentUpdate"));
// Register interest in the beforeDeleteNode policy // Register interest in the beforeDeleteNode policy
policyComponent.bindClassBehaviour( policyComponent.bindClassBehaviour(
QName.createQName(NamespaceService.ALFRESCO_URI, "beforeDeleteNode"), QName.createQName(NamespaceService.ALFRESCO_URI, "beforeDeleteNode"),
RecordsManagementModel.TYPE_CAVEAT_CONFIG, RecordsManagementModel.TYPE_CAVEAT_CONFIG,
new JavaBehaviour(this, "beforeDeleteNode")); new JavaBehaviour(this, "beforeDeleteNode"));
// Register interest in the onCreateNode policy // Register interest in the onCreateNode policy
policyComponent.bindClassBehaviour( policyComponent.bindClassBehaviour(
QName.createQName(NamespaceService.ALFRESCO_URI, "onCreateNode"), QName.createQName(NamespaceService.ALFRESCO_URI, "onCreateNode"),
RecordsManagementModel.TYPE_CAVEAT_CONFIG, RecordsManagementModel.TYPE_CAVEAT_CONFIG,
new JavaBehaviour(this, "onCreateNode")); new JavaBehaviour(this, "onCreateNode"));
if (caveatAspectURINames.size() > 0) if (caveatAspectURINames.size() > 0)
{ {
for (String caveatAspectURIName : caveatAspectURINames) for (String caveatAspectURIName : caveatAspectURINames)
{ {
caveatAspectQNames.add(QName.createQName(caveatAspectURIName)); caveatAspectQNames.add(QName.createQName(caveatAspectURIName));
} }
if (logger.isInfoEnabled()) if (logger.isInfoEnabled())
{ {
logger.info("Caveat aspects configured "+caveatAspectQNames); logger.info("Caveat aspects configured "+caveatAspectQNames);
@@ -210,14 +210,14 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
{ {
logger.warn("No caveat aspects configured - caveats will not be applied"); logger.warn("No caveat aspects configured - caveats will not be applied");
} }
if (caveatModelURINames.size() > 0) if (caveatModelURINames.size() > 0)
{ {
for (String caveatModelURIName : caveatModelURINames) for (String caveatModelURIName : caveatModelURINames)
{ {
caveatModelQNames.add(QName.createQName(caveatModelURIName)); caveatModelQNames.add(QName.createQName(caveatModelURIName));
} }
if (logger.isInfoEnabled()) if (logger.isInfoEnabled())
{ {
logger.info("Caveat models configured "+caveatModelQNames); logger.info("Caveat models configured "+caveatModelQNames);
@@ -227,44 +227,44 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
{ {
logger.info("No caveat models configured - all models will be checked"); logger.info("No caveat models configured - all models will be checked");
} }
NodeRef caveatConfigNodeRef = getCaveatConfigNode(); NodeRef caveatConfigNodeRef = getCaveatConfigNode();
if (caveatConfigNodeRef != null) if (caveatConfigNodeRef != null)
{ {
validateAndReset(caveatConfigNodeRef); validateAndReset(caveatConfigNodeRef);
} }
} }
public void onContentUpdate(NodeRef nodeRef, boolean newContent) public void onContentUpdate(NodeRef nodeRef, boolean newContent)
{ {
if (logger.isInfoEnabled()) if (logger.isInfoEnabled())
{ {
logger.info("onContentUpdate: "+nodeRef+", "+newContent); logger.info("onContentUpdate: "+nodeRef+", "+newContent);
} }
validateAndReset(nodeRef); validateAndReset(nodeRef);
} }
public void beforeDeleteNode(NodeRef nodeRef) public void beforeDeleteNode(NodeRef nodeRef)
{ {
if (logger.isInfoEnabled()) if (logger.isInfoEnabled())
{ {
logger.info("beforeDeleteNode: "+nodeRef); logger.info("beforeDeleteNode: "+nodeRef);
} }
validateAndReset(nodeRef); validateAndReset(nodeRef);
} }
public void onCreateNode(ChildAssociationRef childAssocRef) public void onCreateNode(ChildAssociationRef childAssocRef)
{ {
if (logger.isInfoEnabled()) if (logger.isInfoEnabled())
{ {
logger.info("onCreateNode: "+childAssocRef); logger.info("onCreateNode: "+childAssocRef);
} }
validateAndReset(childAssocRef.getChildRef()); validateAndReset(childAssocRef.getChildRef());
} }
/** /**
* Validate the caveat config and optionally update the cache. * Validate the caveat config and optionally update the cache.
* *
@@ -279,7 +279,7 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
{ {
// TODO - check who can change caveat config ! // TODO - check who can change caveat config !
// TODO - locking (or checkout/checkin) // TODO - locking (or checkout/checkin)
String caveatConfigData = cr.getContentString(); String caveatConfigData = cr.getContentString();
if (caveatConfigData != null) if (caveatConfigData != null)
{ {
@@ -288,18 +288,18 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
{ {
throw new AlfrescoRuntimeException("Cannot create more than one caveat config (existing="+existing+", new="+nodeRef+")"); throw new AlfrescoRuntimeException("Cannot create more than one caveat config (existing="+existing+", new="+nodeRef+")");
} }
try try
{ {
if (logger.isTraceEnabled()) if (logger.isTraceEnabled())
{ {
logger.trace(caveatConfigData); logger.trace(caveatConfigData);
} }
Set<QName> models = new HashSet<QName>(1); Set<QName> models = new HashSet<QName>(1);
Set<QName> props = new HashSet<QName>(10); Set<QName> props = new HashSet<QName>(10);
Set<String> expectedPrefixes = new HashSet<String>(10); Set<String> expectedPrefixes = new HashSet<String>(10);
if (caveatModelQNames.size() > 0) if (caveatModelQNames.size() > 0)
{ {
models.addAll(caveatModelQNames); models.addAll(caveatModelQNames);
@@ -308,18 +308,18 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
{ {
models.addAll(dictionaryService.getAllModels()); models.addAll(dictionaryService.getAllModels());
} }
if (logger.isTraceEnabled()) if (logger.isTraceEnabled())
{ {
logger.trace("validateAndReset: models to check "+models); logger.trace("validateAndReset: models to check "+models);
} }
for (QName model : models) for (QName model : models)
{ {
props.addAll(dictionaryService.getProperties(model, DATATYPE_TEXT)); props.addAll(dictionaryService.getProperties(model, DATATYPE_TEXT));
expectedPrefixes.addAll(namespaceService.getPrefixes(model.getNamespaceURI())); expectedPrefixes.addAll(namespaceService.getPrefixes(model.getNamespaceURI()));
} }
if (props.size() == 0) if (props.size() == 0)
{ {
logger.warn("validateAndReset: no caveat properties found"); logger.warn("validateAndReset: no caveat properties found");
@@ -331,15 +331,15 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
logger.trace("validateAndReset: properties to check "+props); logger.trace("validateAndReset: properties to check "+props);
} }
} }
Map<String, Object> caveatConfigMap = JSONtoFmModel.convertJSONObjectToMap(caveatConfigData); Map<String, Object> caveatConfigMap = JSONtoFmModel.convertJSONObjectToMap(caveatConfigData);
for (Map.Entry<String, Object> conEntry : caveatConfigMap.entrySet()) for (Map.Entry<String, Object> conEntry : caveatConfigMap.entrySet())
{ {
String conStr = conEntry.getKey(); String conStr = conEntry.getKey();
QName conQName = QName.resolveToQName(namespaceService, conStr); QName conQName = QName.resolveToQName(namespaceService, conStr);
// check prefix // check prefix
String conPrefix = QName.splitPrefixedQName(conStr)[0]; String conPrefix = QName.splitPrefixedQName(conStr)[0];
boolean prefixFound = false; boolean prefixFound = false;
@@ -350,17 +350,17 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
prefixFound = true; prefixFound = true;
} }
} }
if (! prefixFound) if (! prefixFound)
{ {
throw new AlfrescoRuntimeException("Unexpected prefix: "+ conPrefix + " (" + conStr +") expected one of "+expectedPrefixes+")"); throw new AlfrescoRuntimeException("Unexpected prefix: "+ conPrefix + " (" + conStr +") expected one of "+expectedPrefixes+")");
} }
Map<String, List<String>> caveatMap = (Map<String, List<String>>)conEntry.getValue(); Map<String, List<String>> caveatMap = (Map<String, List<String>>)conEntry.getValue();
List<String> allowedValues = null; List<String> allowedValues = null;
boolean found = false; boolean found = false;
for (QName propertyName : props) for (QName propertyName : props)
{ {
PropertyDefinition propDef = dictionaryService.getProperty(propertyName); PropertyDefinition propDef = dictionaryService.getProperty(propertyName);
@@ -381,31 +381,31 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
return ((RMListOfValuesConstraint)con).getAllowedValues(); return ((RMListOfValuesConstraint)con).getAllowedValues();
} }
}, AuthenticationUtil.getSystemUserName()); }, AuthenticationUtil.getSystemUserName());
found = true; found = true;
break; break;
} }
} }
} }
} }
if (! found) if (! found)
{ {
//throw new AlfrescoRuntimeException("Constraint does not exist (or is not used): "+conStr); //throw new AlfrescoRuntimeException("Constraint does not exist (or is not used): "+conStr);
} }
if (allowedValues != null) if (allowedValues != null)
{ {
if (logger.isInfoEnabled()) if (logger.isInfoEnabled())
{ {
logger.info("Processing constraint: "+conQName); logger.info("Processing constraint: "+conQName);
} }
for (Map.Entry<String, List<String>> caveatEntry : caveatMap.entrySet()) for (Map.Entry<String, List<String>> caveatEntry : caveatMap.entrySet())
{ {
String authorityName = caveatEntry.getKey(); String authorityName = caveatEntry.getKey();
List<String> caveatList = caveatEntry.getValue(); List<String> caveatList = caveatEntry.getValue();
// validate authority (user or group) - note: groups are configured with fullname (ie. GROUP_xxx) // validate authority (user or group) - note: groups are configured with fullname (ie. GROUP_xxx)
if ((! authorityService.authorityExists(authorityName) && ! personService.personExists(authorityName))) if ((! authorityService.authorityExists(authorityName) && ! personService.personExists(authorityName)))
{ {
@@ -413,7 +413,7 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
String msg = "User/group does not exist: "+authorityName+" (constraint="+conStr+")"; String msg = "User/group does not exist: "+authorityName+" (constraint="+conStr+")";
logger.warn(msg); logger.warn(msg);
} }
// validate caveat list // validate caveat list
for (String value : caveatList) for (String value : caveatList)
{ {
@@ -427,19 +427,19 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
} }
} }
} }
try try
{ {
writeLock.lock(); writeLock.lock();
// we can't just clear the cache, as all puts to the cache afterwards in this transaction will be ignored // we can't just clear the cache, as all puts to the cache afterwards in this transaction will be ignored
// first delete all keys that are now not in the config // first delete all keys that are now not in the config
caveatConfig.getKeys().retainAll(caveatConfigMap.keySet()); caveatConfig.getKeys().retainAll(caveatConfigMap.keySet());
for (Map.Entry<String, Object> conEntry : caveatConfigMap.entrySet()) for (Map.Entry<String, Object> conEntry : caveatConfigMap.entrySet())
{ {
String conStr = conEntry.getKey(); String conStr = conEntry.getKey();
Map<String, List<String>> caveatMap = (Map<String, List<String>>)conEntry.getValue(); Map<String, List<String>> caveatMap = (Map<String, List<String>>)conEntry.getValue();
Map<String, List<String>> cacheValue = caveatConfig.get(conStr); Map<String, List<String>> cacheValue = caveatConfig.get(conStr);
if (cacheValue == null || !cacheValue.equals(caveatMap)) if (cacheValue == null || !cacheValue.equals(caveatMap))
{ {
@@ -460,53 +460,53 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
} }
} }
} }
private NodeRef getCaveatConfigNode() private NodeRef getCaveatConfigNode()
{ {
NodeRef rootNode = nodeService.getRootNode(storeRef); NodeRef rootNode = nodeService.getRootNode(storeRef);
return nodeService.getChildByName(rootNode, RecordsManagementModel.ASSOC_CAVEAT_CONFIG, CAVEAT_CONFIG_NAME); return nodeService.getChildByName(rootNode, RecordsManagementModel.ASSOC_CAVEAT_CONFIG, CAVEAT_CONFIG_NAME);
} }
public NodeRef updateOrCreateCaveatConfig(InputStream is) public NodeRef updateOrCreateCaveatConfig(InputStream is)
{ {
NodeRef caveatConfig = getOrCreateCaveatConfig(); NodeRef caveatConfig = getOrCreateCaveatConfig();
// Update the content // Update the content
ContentWriter writer = this.contentService.getWriter(caveatConfig, ContentModel.PROP_CONTENT, true); ContentWriter writer = this.contentService.getWriter(caveatConfig, ContentModel.PROP_CONTENT, true);
writer.setMimetype(MimetypeMap.MIMETYPE_TEXT_PLAIN); writer.setMimetype(MimetypeMap.MIMETYPE_TEXT_PLAIN);
writer.setEncoding("UTF-8"); writer.setEncoding("UTF-8");
writer.putContent(is); writer.putContent(is);
return caveatConfig; return caveatConfig;
} }
public NodeRef updateOrCreateCaveatConfig(File jsonFile) public NodeRef updateOrCreateCaveatConfig(File jsonFile)
{ {
NodeRef caveatConfig = getOrCreateCaveatConfig(); NodeRef caveatConfig = getOrCreateCaveatConfig();
// Update the content // Update the content
ContentWriter writer = this.contentService.getWriter(caveatConfig, ContentModel.PROP_CONTENT, true); ContentWriter writer = this.contentService.getWriter(caveatConfig, ContentModel.PROP_CONTENT, true);
writer.setMimetype(MimetypeMap.MIMETYPE_TEXT_PLAIN); writer.setMimetype(MimetypeMap.MIMETYPE_TEXT_PLAIN);
writer.setEncoding("UTF-8"); writer.setEncoding("UTF-8");
writer.putContent(jsonFile); writer.putContent(jsonFile);
return caveatConfig; return caveatConfig;
} }
public NodeRef updateOrCreateCaveatConfig(String jsonString) public NodeRef updateOrCreateCaveatConfig(String jsonString)
{ {
NodeRef caveatConfig = getOrCreateCaveatConfig(); NodeRef caveatConfig = getOrCreateCaveatConfig();
// Update the content // Update the content
ContentWriter writer = this.contentService.getWriter(caveatConfig, ContentModel.PROP_CONTENT, true); ContentWriter writer = this.contentService.getWriter(caveatConfig, ContentModel.PROP_CONTENT, true);
writer.setMimetype(MimetypeMap.MIMETYPE_TEXT_PLAIN); writer.setMimetype(MimetypeMap.MIMETYPE_TEXT_PLAIN);
writer.setEncoding("UTF-8"); writer.setEncoding("UTF-8");
writer.putContent(jsonString); writer.putContent(jsonString);
return caveatConfig; return caveatConfig;
} }
private NodeRef getOrCreateCaveatConfig() private NodeRef getOrCreateCaveatConfig()
{ {
NodeRef caveatConfig = getCaveatConfigNode(); NodeRef caveatConfig = getCaveatConfigNode();
@@ -514,19 +514,19 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
{ {
NodeRef rootNode = nodeService.getRootNode(storeRef); NodeRef rootNode = nodeService.getRootNode(storeRef);
nodeService.addAspect(rootNode, VersionModel.ASPECT_VERSION_STORE_ROOT, null); nodeService.addAspect(rootNode, VersionModel.ASPECT_VERSION_STORE_ROOT, null);
// Create caveat config // Create caveat config
caveatConfig = nodeService.createNode(rootNode, caveatConfig = nodeService.createNode(rootNode,
RecordsManagementModel.ASSOC_CAVEAT_CONFIG, RecordsManagementModel.ASSOC_CAVEAT_CONFIG,
QName.createQName(RecordsManagementModel.RM_URI, CAVEAT_CONFIG_NAME), QName.createQName(RecordsManagementModel.RM_URI, CAVEAT_CONFIG_NAME),
RecordsManagementModel.TYPE_CAVEAT_CONFIG).getChildRef(); RecordsManagementModel.TYPE_CAVEAT_CONFIG).getChildRef();
nodeService.setProperty(caveatConfig, ContentModel.PROP_NAME, CAVEAT_CONFIG_NAME); nodeService.setProperty(caveatConfig, ContentModel.PROP_NAME, CAVEAT_CONFIG_NAME);
} }
return caveatConfig; return caveatConfig;
} }
// Get list of all caveat qualified names // Get list of all caveat qualified names
public Collection<String> getRMConstraintNames() public Collection<String> getRMConstraintNames()
{ {
@@ -542,30 +542,30 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
} }
return Collections.unmodifiableCollection(rmConstraintNames); return Collections.unmodifiableCollection(rmConstraintNames);
} }
// Get allowed values for given caveat (for current user) // Get allowed values for given caveat (for current user)
public List<String> getRMAllowedValues(String constraintName) public List<String> getRMAllowedValues(String constraintName)
{ {
List<String> allowedValues = new ArrayList<String>(0); List<String> allowedValues = new ArrayList<String>(0);
String userName = AuthenticationUtil.getRunAsUser(); String userName = AuthenticationUtil.getRunAsUser();
if (userName != null) if (userName != null)
{ {
if (! (AuthenticationUtil.isMtEnabled() && AuthenticationUtil.isRunAsUserTheSystemUser())) if (! (AuthenticationUtil.isMtEnabled() && AuthenticationUtil.isRunAsUserTheSystemUser()))
{ {
// note: userName and userGroupNames must not be null // note: userName and userGroupNames must not be null
Set<String> userGroupFullNames = authorityService.getAuthoritiesForUser(userName); Set<String> userGroupFullNames = authorityService.getAuthoritiesForUser(userName);
allowedValues = getRMAllowedValues(userName, userGroupFullNames, constraintName); allowedValues = getRMAllowedValues(userName, userGroupFullNames, constraintName);
} }
} }
return allowedValues; return allowedValues;
} }
private List<String> getRMAllowedValues(String userName, Set<String> userGroupFullNames, String constraintName) private List<String> getRMAllowedValues(String userName, Set<String> userGroupFullNames, String constraintName)
{ {
Set<String>allowedValues = new HashSet<String>(); Set<String>allowedValues = new HashSet<String>();
// note: userName and userGroupNames must not be null // note: userName and userGroupNames must not be null
Map<String, List<String>> caveatConstraintDef = null; Map<String, List<String>> caveatConstraintDef = null;
try try
@@ -577,7 +577,7 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
{ {
readLock.unlock(); readLock.unlock();
} }
if (caveatConstraintDef != null) if (caveatConstraintDef != null)
{ {
List<String> direct = caveatConstraintDef.get(userName); List<String> direct = caveatConstraintDef.get(userName);
@@ -585,7 +585,7 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
{ {
allowedValues.addAll(direct); allowedValues.addAll(direct);
} }
for (String group : userGroupFullNames) for (String group : userGroupFullNames)
{ {
List<String> values = caveatConstraintDef.get(group); List<String> values = caveatConstraintDef.get(group);
@@ -595,15 +595,15 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
} }
} }
} }
List<String>ret = new ArrayList<String>(); List<String>ret = new ArrayList<String>();
ret.addAll(allowedValues); ret.addAll(allowedValues);
return Collections.unmodifiableList(ret); return Collections.unmodifiableList(ret);
} }
/** /**
* Check whether access to 'record component' node is vetoed for current user due to caveat(s) * Check whether access to 'record component' node is vetoed for current user due to caveat(s)
* *
* @param nodeRef * @param nodeRef
* @return false, if caveat(s) veto access otherwise return true * @return false, if caveat(s) veto access otherwise return true
*/ */
@@ -614,7 +614,7 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
{ {
return true; return true;
} }
boolean found = false; boolean found = false;
for (QName caveatAspectQName : caveatAspectQNames) for (QName caveatAspectQName : caveatAspectQNames)
{ {
@@ -624,7 +624,7 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
break; break;
} }
} }
if (! found) if (! found)
{ {
// no caveat aspect // no caveat aspect
@@ -642,7 +642,7 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
{ {
QName propName = entry.getKey(); QName propName = entry.getKey();
PropertyDefinition propDef = dictionaryService.getProperty(propName); PropertyDefinition propDef = dictionaryService.getProperty(propName);
if ((propDef != null) && (propDef.getDataType().getName().equals(DATATYPE_TEXT))) if ((propDef != null) && (propDef.getDataType().getName().equals(DATATYPE_TEXT)))
{ {
List<ConstraintDefinition> conDefs = propDef.getConstraints(); List<ConstraintDefinition> conDefs = propDef.getConstraints();
@@ -654,7 +654,7 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
RMListOfValuesConstraint rmCon = ((RMListOfValuesConstraint)con); RMListOfValuesConstraint rmCon = ((RMListOfValuesConstraint)con);
String conName = rmCon.getShortName(); String conName = rmCon.getShortName();
MatchLogic matchLogic = rmCon.getMatchLogicEnum(); MatchLogic matchLogic = rmCon.getMatchLogicEnum();
Map<String, List<String>> caveatConstraintDef = caveatConfig.get(conName); Map<String, List<String>> caveatConstraintDef = caveatConfig.get(conName);
if (caveatConstraintDef == null) if (caveatConstraintDef == null)
{ {
continue; continue;
@@ -663,7 +663,7 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
{ {
Set<String> userGroupNames = authorityService.getAuthoritiesForUser(userName); Set<String> userGroupNames = authorityService.getAuthoritiesForUser(userName);
List<String> allowedValues = getRMAllowedValues(userName, userGroupNames, conName); List<String> allowedValues = getRMAllowedValues(userName, userGroupNames, conName);
List<String> propValues = null; List<String> propValues = null;
Object val = entry.getValue(); Object val = entry.getValue();
if (val instanceof String) if (val instanceof String)
@@ -675,7 +675,7 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
{ {
propValues = (List<String>)val; propValues = (List<String>)val;
} }
if (propValues != null && !isAllowed(propValues, allowedValues, matchLogic)) if (propValues != null && !isAllowed(propValues, allowedValues, matchLogic))
{ {
if (logger.isDebugEnabled()) if (logger.isDebugEnabled())
@@ -690,11 +690,11 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
} }
} }
} }
return true; return true;
} }
} }
private boolean isAllowed(List<String> propValues, List<String> userGroupValues, MatchLogic matchLogic) private boolean isAllowed(List<String> propValues, List<String> userGroupValues, MatchLogic matchLogic)
{ {
if (matchLogic.equals(MatchLogic.AND)) if (matchLogic.equals(MatchLogic.AND))
@@ -708,11 +708,11 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
{ {
logger.trace("Not allowed: "+propValues+", "+userGroupValues+", "+matchLogic); logger.trace("Not allowed: "+propValues+", "+userGroupValues+", "+matchLogic);
} }
return false; return false;
} }
} }
return true; return true;
} }
else if (matchLogic.equals(MatchLogic.OR)) else if (matchLogic.equals(MatchLogic.OR))
@@ -725,22 +725,22 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
return true; return true;
} }
} }
if (logger.isTraceEnabled()) if (logger.isTraceEnabled())
{ {
logger.trace("Not allowed: "+propValues+", "+userGroupValues+", "+matchLogic); logger.trace("Not allowed: "+propValues+", "+userGroupValues+", "+matchLogic);
} }
return false; return false;
} }
logger.error("Unexpected match logic type: "+matchLogic); logger.error("Unexpected match logic type: "+matchLogic);
return false; return false;
} }
/** /**
* Add a single value to an authority in a list. The existing values of the list remain. * Add a single value to an authority in a list. The existing values of the list remain.
* *
* @param listName the name of the RMConstraintList * @param listName the name of the RMConstraintList
* @param authorityName * @param authorityName
* @param value * @param value
@@ -757,7 +757,7 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
{ {
throw new AlfrescoRuntimeException("unable to add to list, list not defined:"+ listName); throw new AlfrescoRuntimeException("unable to add to list, list not defined:"+ listName);
} }
try try
{ {
readLock.unlock(); readLock.unlock();
@@ -782,7 +782,7 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
finally finally
{ {
readLock.lock(); readLock.lock();
writeLock.unlock(); writeLock.unlock();
} }
} }
@@ -791,7 +791,7 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
readLock.unlock(); readLock.unlock();
} }
} }
/** /**
* Get the member details of the specified list * Get the member details of the specified list
* @param listName * @param listName
@@ -818,18 +818,18 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
return Collections.unmodifiableMap(listDetails); return Collections.unmodifiableMap(listDetails);
} }
} }
public List<QName> getRMCaveatModels() public List<QName> getRMCaveatModels()
{ {
return caveatModelQNames; return caveatModelQNames;
} }
/** /**
* Replace the values for an authority in a list. * Replace the values for an authority in a list.
* The existing values are removed. * The existing values are removed.
* *
* If the authority does not already exist in the list, it will be added * If the authority does not already exist in the list, it will be added
* *
* @param listName the name of the RMConstraintList * @param listName the name of the RMConstraintList
* @param authorityName * @param authorityName
* @param values * @param values
@@ -841,7 +841,7 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
{ {
writeLock.lock(); writeLock.lock();
members = caveatConfig.get(listName); members = caveatConfig.get(listName);
if(members == null) if(members == null)
{ {
// Create the new list, with the authority name // Create the new list, with the authority name
Map<String, List<String>> constraint = new HashMap<String, List<String>>(0); Map<String, List<String>> constraint = new HashMap<String, List<String>>(0);
@@ -852,43 +852,43 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
{ {
members.put(authorityName, new ArrayList<String>(values)); members.put(authorityName, new ArrayList<String>(values));
} }
caveatConfig.put(listName, members); caveatConfig.put(listName, members);
updateOrCreateCaveatConfig(convertToJSONString(caveatConfig)); updateOrCreateCaveatConfig(convertToJSONString(caveatConfig));
} }
finally finally
{ {
writeLock.unlock(); writeLock.unlock();
} }
} }
/** /**
* Replace the authorities for a value in a list * Replace the authorities for a value in a list
* *
* @param listName * @param listName
* @param valueName * @param valueName
* @param authorities * @param authorities
*/ */
public void updateRMConstraintListValue(String listName, String valueName, List<String>authorities) public void updateRMConstraintListValue(String listName, String valueName, List<String>authorities)
{ {
Map<String, List<String>> members = null; Map<String, List<String>> members = caveatConfig.get(listName);
try try
{ {
writeLock.lock(); writeLock.lock();
if(members == null) if(members == null)
{ {
// Members List does not exist // Members List does not exist
Map<String, List<String>> emptyConstraint = new HashMap<String, List<String>>(0); Map<String, List<String>> emptyConstraint = new HashMap<String, List<String>>(0);
caveatConfig.put(listName, emptyConstraint); caveatConfig.put(listName, emptyConstraint);
members = emptyConstraint; members = emptyConstraint;
} }
// authorities contains authority, values[] // authorities contains authority, values[]
// pivot contains value, members[] // pivot contains value, members[]
Map<String, List<String>> pivot = PivotUtil.getPivot(members); Map<String, List<String>> pivot = PivotUtil.getPivot(members);
// remove all authorities which have this value // remove all authorities which have this value
List<String> existingAuthorities = pivot.get(valueName); List<String> existingAuthorities = pivot.get(valueName);
if(existingAuthorities != null) if(existingAuthorities != null)
@@ -911,21 +911,21 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
vals.add(valueName); vals.add(valueName);
} }
caveatConfig.put(listName, members); caveatConfig.put(listName, members);
updateOrCreateCaveatConfig(convertToJSONString(caveatConfig)); updateOrCreateCaveatConfig(convertToJSONString(caveatConfig));
} }
finally finally
{ {
writeLock.unlock(); writeLock.unlock();
} }
} }
public void removeRMConstraintListValue(String listName, String valueName) public void removeRMConstraintListValue(String listName, String valueName)
{ {
Map<String, List<String>> members = null; Map<String, List<String>> members = null;
try try
{ {
readLock.lock(); readLock.lock();
members = caveatConfig.get(listName); members = caveatConfig.get(listName);
if(members == null) if(members == null)
{ {
@@ -948,7 +948,7 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
// authorities contains authority, values[] // authorities contains authority, values[]
// pivot contains value, members[] // pivot contains value, members[]
Map<String, List<String>> pivot = PivotUtil.getPivot(members); Map<String, List<String>> pivot = PivotUtil.getPivot(members);
// remove all authorities which have this value // remove all authorities which have this value
List<String> existingAuthorities = pivot.get(valueName); List<String> existingAuthorities = pivot.get(valueName);
if(existingAuthorities != null) if(existingAuthorities != null)
@@ -961,7 +961,7 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
caveatConfig.put(listName, members); caveatConfig.put(listName, members);
} }
} }
updateOrCreateCaveatConfig(convertToJSONString(caveatConfig)); updateOrCreateCaveatConfig(convertToJSONString(caveatConfig));
} }
finally finally
@@ -977,10 +977,10 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
readLock.unlock(); readLock.unlock();
} }
} }
/** /**
* Remove an authority from a list * Remove an authority from a list
* *
* @param listName the name of the RMConstraintList * @param listName the name of the RMConstraintList
* @param authorityName * @param authorityName
* @param values * @param values
@@ -996,7 +996,7 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
{ {
members.remove(listName); members.remove(listName);
} }
caveatConfig.put(listName, members); caveatConfig.put(listName, members);
updateOrCreateCaveatConfig(convertToJSONString(caveatConfig)); updateOrCreateCaveatConfig(convertToJSONString(caveatConfig));
@@ -1006,7 +1006,7 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
writeLock.unlock(); writeLock.unlock();
} }
} }
/** /**
* @param config the configuration to convert * @param config the configuration to convert
* @return a String containing the JSON representation of the configuration. * @return a String containing the JSON representation of the configuration.
@@ -1014,22 +1014,22 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
private String convertToJSONString(SimpleCache<String, Map<String, List<String>>> config) private String convertToJSONString(SimpleCache<String, Map<String, List<String>>> config)
{ {
JSONObject obj = new JSONObject(); JSONObject obj = new JSONObject();
try try
{ {
Collection<String> listNames = config.getKeys(); Collection<String> listNames = config.getKeys();
for(String listName : listNames) for(String listName : listNames)
{ {
Map<String, List<String>> members = config.get(listName); Map<String, List<String>> members = config.get(listName);
Set<String> authorityNames = members.keySet(); Set<String> authorityNames = members.keySet();
JSONObject listMembers = new JSONObject(); JSONObject listMembers = new JSONObject();
for(String authorityName : authorityNames) for(String authorityName : authorityNames)
{ {
listMembers.put(authorityName, members.get(authorityName)); listMembers.put(authorityName, members.get(authorityName));
} }
obj.put(listName, listMembers); obj.put(listName, listMembers);
} }
} }
@@ -1039,7 +1039,7 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
} }
return obj.toString(); return obj.toString();
} }
/** /**
* Get an RMConstraintInfo * Get an RMConstraintInfo
* @param listQName * @param listQName
@@ -1054,7 +1054,7 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
if (con instanceof RMListOfValuesConstraint) if (con instanceof RMListOfValuesConstraint)
{ {
final RMListOfValuesConstraint def = (RMListOfValuesConstraint)con; final RMListOfValuesConstraint def = (RMListOfValuesConstraint)con;
RMConstraintInfo info = new RMConstraintInfo(); RMConstraintInfo info = new RMConstraintInfo();
info.setName(listQName.toPrefixString()); info.setName(listQName.toPrefixString());
info.setTitle(con.getTitle()); info.setTitle(con.getTitle());
@@ -1065,7 +1065,7 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
return def.getAllowedValues(); return def.getAllowedValues();
} }
}, AuthenticationUtil.getSystemUserName()); }, AuthenticationUtil.getSystemUserName());
info.setAllowedValues(allowedValues.toArray(new String[allowedValues.size()])); info.setAllowedValues(allowedValues.toArray(new String[allowedValues.size()]));
info.setCaseSensitive(def.isCaseSensitive()); info.setCaseSensitive(def.isCaseSensitive());
return info; return info;
@@ -1076,7 +1076,7 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
/** /**
* Get RM Constraint detail. * Get RM Constraint detail.
* *
* @return the constraintInfo or null * @return the constraintInfo or null
*/ */
public RMConstraintInfo getRMConstraint(String listName) public RMConstraintInfo getRMConstraint(String listName)
@@ -1084,33 +1084,33 @@ public class RMCaveatConfigComponentImpl implements ContentServicePolicies.OnCon
QName listQName = QName.createQName(listName, namespaceService); QName listQName = QName.createQName(listName, namespaceService);
return getRMConstraint(listQName); return getRMConstraint(listQName);
} }
public void deleteRMConstraint(String listName) public void deleteRMConstraint(String listName)
{ {
try try
{ {
writeLock.lock(); writeLock.lock();
caveatConfig.remove(listName); caveatConfig.remove(listName);
updateOrCreateCaveatConfig(convertToJSONString(caveatConfig)); updateOrCreateCaveatConfig(convertToJSONString(caveatConfig));
} }
finally finally
{ {
writeLock.unlock(); writeLock.unlock();
} }
} }
public void addRMConstraint(String listName) public void addRMConstraint(String listName)
{ {
try try
{ {
writeLock.lock(); writeLock.lock();
Map<String, List<String>> emptyConstraint = new HashMap<String, List<String>>(0); Map<String, List<String>> emptyConstraint = new HashMap<String, List<String>>(0);
caveatConfig.put(listName, emptyConstraint); caveatConfig.put(listName, emptyConstraint);
updateOrCreateCaveatConfig(convertToJSONString(caveatConfig)); updateOrCreateCaveatConfig(convertToJSONString(caveatConfig));
} }
finally finally
{ {
writeLock.unlock(); writeLock.unlock();
} }
} }
} }