diff --git a/rm-server/config/alfresco/module/org_alfresco_module_rm/action-context.xml b/rm-server/config/alfresco/module/org_alfresco_module_rm/action-context.xml
index f9d640678c..46cc7a2483 100644
--- a/rm-server/config/alfresco/module/org_alfresco_module_rm/action-context.xml
+++ b/rm-server/config/alfresco/module/org_alfresco_module_rm/action-context.xml
@@ -14,7 +14,6 @@
-
diff --git a/rm-server/config/alfresco/module/org_alfresco_module_rm/alfresco-global.properties b/rm-server/config/alfresco/module/org_alfresco_module_rm/alfresco-global.properties
index 4d2732cd98..60f0b0e0d6 100644
--- a/rm-server/config/alfresco/module/org_alfresco_module_rm/alfresco-global.properties
+++ b/rm-server/config/alfresco/module/org_alfresco_module_rm/alfresco-global.properties
@@ -25,17 +25,9 @@ cache.writersSharedCache.maxItems=10000
cache.writersSharedCache.cluster.type=fully-distributed
#
-# Global RM admin default bootstrap details
+# Indicates whether RM rules will be run as Admin or not by default
#
-# Note: rmadmin is created with a randomly generated password. This can be changed by 'admin' if
-# required.
-#
-bootstrap.rmadmin.name=rmadmin
-
-#
-# Indicates whether RM rules will be run as RM Admin or not by default
-#
-rm.rule.runasrmadmin=true
+rm.rule.runasadmin=true
#
# Auto-complete suggestion parameters
diff --git a/rm-server/config/alfresco/module/org_alfresco_module_rm/extended-repository-context.xml b/rm-server/config/alfresco/module/org_alfresco_module_rm/extended-repository-context.xml
index 9a741ca3d0..25a396e069 100644
--- a/rm-server/config/alfresco/module/org_alfresco_module_rm/extended-repository-context.xml
+++ b/rm-server/config/alfresco/module/org_alfresco_module_rm/extended-repository-context.xml
@@ -219,10 +219,9 @@
-
-
- ${rm.rule.runasrmadmin}
+
+ ${rm.rule.runasadmin}
diff --git a/rm-server/config/alfresco/module/org_alfresco_module_rm/messages/rm-system.properties b/rm-server/config/alfresco/module/org_alfresco_module_rm/messages/rm-system.properties
index 65f3c6dd0e..649a76b2bd 100644
--- a/rm-server/config/alfresco/module/org_alfresco_module_rm/messages/rm-system.properties
+++ b/rm-server/config/alfresco/module/org_alfresco_module_rm/messages/rm-system.properties
@@ -1,6 +1,3 @@
-bootstrap.rmadmin.firstName=Records Management
-bootstrap.rmadmin.lastName=System Administrator
-
rm.hold.name=Hold
## Defaut roles
diff --git a/rm-server/config/alfresco/module/org_alfresco_module_rm/patch/rm-patch-v21-context.xml b/rm-server/config/alfresco/module/org_alfresco_module_rm/patch/rm-patch-v21-context.xml
index 65930dcf9a..d6abeca930 100755
--- a/rm-server/config/alfresco/module/org_alfresco_module_rm/patch/rm-patch-v21-context.xml
+++ b/rm-server/config/alfresco/module/org_alfresco_module_rm/patch/rm-patch-v21-context.xml
@@ -52,21 +52,6 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -118,5 +103,5 @@
-
+
\ No newline at end of file
diff --git a/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-service-context.xml b/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-service-context.xml
index 9902ed0040..387c006d04 100644
--- a/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-service-context.xml
+++ b/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-service-context.xml
@@ -41,7 +41,6 @@
-
@@ -496,10 +495,6 @@
-
-
-
-
@@ -1088,7 +1083,7 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementServiceRegistry.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementServiceRegistry.java
index 9ffc7237c3..6eabd7d7e8 100644
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementServiceRegistry.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementServiceRegistry.java
@@ -31,7 +31,6 @@ import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
import org.alfresco.module.org_alfresco_module_rm.recordfolder.RecordFolderService;
import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService;
import org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityService;
-import org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService;
import org.alfresco.module.org_alfresco_module_rm.security.FilePlanPermissionService;
import org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService;
import org.alfresco.module.org_alfresco_module_rm.transfer.TransferService;
@@ -163,12 +162,6 @@ public interface RecordsManagementServiceRegistry extends ServiceRegistry
@NotAuditable
FilePlanPermissionService getFilePlanPermissionService();
- /**
- * @return file plan authentication service
- * @since 2.1
- */
- FilePlanAuthenticationService getFilePlanAuthenticationService();
-
/**
* @return identifier service
* @since 2.1
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementServiceRegistryImpl.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementServiceRegistryImpl.java
index 612381d096..ba8ce301d9 100644
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementServiceRegistryImpl.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementServiceRegistryImpl.java
@@ -30,7 +30,6 @@ import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
import org.alfresco.module.org_alfresco_module_rm.recordfolder.RecordFolderService;
import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService;
import org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityService;
-import org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService;
import org.alfresco.module.org_alfresco_module_rm.security.FilePlanPermissionService;
import org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService;
import org.alfresco.module.org_alfresco_module_rm.transfer.TransferService;
@@ -171,15 +170,6 @@ public class RecordsManagementServiceRegistryImpl extends ServiceDescriptorRegis
return (FilePlanPermissionService) getService(FILE_PLAN_PERMISSION_SERVICE);
}
- /**
- * @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getFilePlanAuthenticationService()
- */
- @Override
- public FilePlanAuthenticationService getFilePlanAuthenticationService()
- {
- return (FilePlanAuthenticationService) getService(FILE_PLAN_AUTHENTICATION_SERVICE);
- }
-
/**
* @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getIdentifierService()
*/
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/dm/CreateRecordAction.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/dm/CreateRecordAction.java
index 4a59c127b7..f8174a1059 100644
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/dm/CreateRecordAction.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/dm/CreateRecordAction.java
@@ -26,8 +26,8 @@ import org.alfresco.module.org_alfresco_module_rm.action.AuditableActionExecuter
import org.alfresco.module.org_alfresco_module_rm.fileplan.FilePlanService;
import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
-import org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService;
import org.alfresco.repo.action.ParameterDefinitionImpl;
+import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
import org.alfresco.service.cmr.action.Action;
import org.alfresco.service.cmr.action.ParameterDefinition;
@@ -76,9 +76,6 @@ public class CreateRecordAction extends AuditableActionExecuterAbstractBase
/** Dictionary service */
private DictionaryService dictionaryService;
- /** File plan authentication service */
- private FilePlanAuthenticationService filePlanAuthenticationService;
-
/**
* @param recordService record service
*/
@@ -111,14 +108,6 @@ public class CreateRecordAction extends AuditableActionExecuterAbstractBase
this.dictionaryService = dictionaryService;
}
- /**
- * @param filePlanAuthenticationService file plan authentication service
- */
- public void setFilePlanAuthenticationService(FilePlanAuthenticationService filePlanAuthenticationService)
- {
- this.filePlanAuthenticationService = filePlanAuthenticationService;
- }
-
/**
* @see org.alfresco.repo.action.executer.ActionExecuterAbstractBase#executeImpl(org.alfresco.service.cmr.action.Action, org.alfresco.service.cmr.repository.NodeRef)
*/
@@ -181,14 +170,15 @@ public class CreateRecordAction extends AuditableActionExecuterAbstractBase
if (filePlan == null)
{
// TODO .. eventually make the file plan parameter required
- filePlan = filePlanAuthenticationService.runAsRmAdmin(new RunAsWork()
+
+ filePlan = AuthenticationUtil.runAs(new RunAsWork()
{
@Override
public NodeRef doWork()
{
return filePlanService.getFilePlanBySiteId(FilePlanService.DEFAULT_RM_SITE_ID);
}
- });
+ }, AuthenticationUtil.getAdminUserName());
// if the file plan is still null, raise an exception
if (filePlan == null)
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/disposition/DispositionSelectionStrategy.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/disposition/DispositionSelectionStrategy.java
index 93b3374f37..191468ee7c 100644
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/disposition/DispositionSelectionStrategy.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/disposition/DispositionSelectionStrategy.java
@@ -25,7 +25,7 @@ import java.util.SortedSet;
import java.util.TreeSet;
import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
-import org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService;
+import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
import org.alfresco.service.cmr.repository.NodeRef;
import org.apache.commons.logging.Log;
@@ -47,9 +47,6 @@ public class DispositionSelectionStrategy implements RecordsManagementModel
/** Disposition service */
private DispositionService dispositionService;
- /** File plan authentication service */
- private FilePlanAuthenticationService filePlanAuthenticationService;
-
/**
* Set the disposition service
*
@@ -60,14 +57,6 @@ public class DispositionSelectionStrategy implements RecordsManagementModel
this.dispositionService = dispositionService;
}
- /**
- * @param filePlanAuthenticationService file plan authentication service
- */
- public void setFilePlanAuthenticationService(FilePlanAuthenticationService filePlanAuthenticationService)
- {
- this.filePlanAuthenticationService = filePlanAuthenticationService;
- }
-
/**
* Select the disposition schedule to use given there is more than one
*
@@ -130,14 +119,13 @@ public class DispositionSelectionStrategy implements RecordsManagementModel
public int compare(final NodeRef f1, final NodeRef f2)
{
// Run as admin user
- return filePlanAuthenticationService.runAsRmAdmin(new RunAsWork()
+ return AuthenticationUtil.runAs(new RunAsWork()
{
public Integer doWork()
{
return compareImpl(f1, f2);
}
-
- });
+ }, AuthenticationUtil.getAdminUserName());
}
private int compareImpl(NodeRef f1, NodeRef f2)
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/v20/RMv2FilePlanNodeRefPatch.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/v20/RMv2FilePlanNodeRefPatch.java
index 5a0adb629d..721620c5e2 100644
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/v20/RMv2FilePlanNodeRefPatch.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/v20/RMv2FilePlanNodeRefPatch.java
@@ -132,7 +132,7 @@ public class RMv2FilePlanNodeRefPatch extends ModulePatchComponent
nodeService.setProperty(filePlanComponentNodeRef, PROP_ROOT_NODEREF, filePlan);
}
- // only set the rmadmin permissions on record categories, record folders and records
+ // only set the admin permissions on record categories, record folders and records
FilePlanComponentKind kind = filePlanService.getFilePlanComponentKind(filePlanComponentNodeRef);
if (FilePlanComponentKind.RECORD_CATEGORY.equals(kind) ||
FilePlanComponentKind.RECORD_FOLDER.equals(kind) ||
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/v21/RMv21RMAdminUserPatch.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/v21/RMv21RMAdminUserPatch.java
deleted file mode 100644
index f8441071ae..0000000000
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/v21/RMv21RMAdminUserPatch.java
+++ /dev/null
@@ -1,160 +0,0 @@
-/*
- * Copyright (C) 2005-2014 Alfresco Software Limited.
- *
- * This file is part of Alfresco
- *
- * Alfresco is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * Alfresco is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with Alfresco. If not, see .
- */
-package org.alfresco.module.org_alfresco_module_rm.patch.v21;
-
-import java.io.Serializable;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Set;
-
-import org.alfresco.model.ContentModel;
-import org.alfresco.module.org_alfresco_module_rm.fileplan.FilePlanService;
-import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService;
-import org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService;
-import org.alfresco.service.cmr.repository.NodeRef;
-import org.alfresco.service.cmr.security.MutableAuthenticationService;
-import org.alfresco.service.cmr.security.PersonService;
-import org.alfresco.service.namespace.QName;
-import org.alfresco.util.GUID;
-import org.springframework.beans.factory.BeanNameAware;
-import org.springframework.extensions.surf.util.I18NUtil;
-
-/**
- * RM v2.1: RM admin user patch
- *
- * @author Roy Wetherall
- */
-@SuppressWarnings("deprecation")
-public class RMv21RMAdminUserPatch extends RMv21PatchComponent implements BeanNameAware
-{
- /** I18N */
- private static final String MSG_FIRST_NAME = "bootstrap.rmadmin.firstName";
- private static final String MSG_LAST_NAME = "bootstrap.rmadmin.lastName";
-
- /** generate rm admin password */
- private String password = GUID.generate();
-
- /** mutable authenticaiton service */
- private MutableAuthenticationService authenticationService;
-
- /** person service */
- private PersonService personService;
-
- /** file plan service */
- private FilePlanService filePlanService;
-
- /** file plan role service */
- private FilePlanRoleService filePlanRoleService;
-
- /** file plan authentication service */
- private FilePlanAuthenticationService filePlanAuthenticationService;
-
- /**
- * @param personService person service
- */
- public void setPersonService(PersonService personService)
- {
- this.personService = personService;
- }
-
- /**
- * @param authenticationService mutable authentication service
- */
- public void setAuthenticationService(MutableAuthenticationService authenticationService)
- {
- this.authenticationService = authenticationService;
- }
-
- /**
- * @param filePlanService file plan service
- */
- public void setFilePlanService(FilePlanService filePlanService)
- {
- this.filePlanService = filePlanService;
- }
-
- /**
- * @param filePlanRoleService file plan role service
- */
- public void setFilePlanRoleService(FilePlanRoleService filePlanRoleService)
- {
- this.filePlanRoleService = filePlanRoleService;
- }
-
- /**
- * @param filePlanAuthenticationService file plan authentication service
- */
- public void setFilePlanAuthenticationService(FilePlanAuthenticationService filePlanAuthenticationService)
- {
- this.filePlanAuthenticationService = filePlanAuthenticationService;
- }
-
- /**
- * @see org.alfresco.repo.module.AbstractModuleComponent#executeInternal()
- */
- @Override
- protected void executePatch()
- {
- String user = filePlanAuthenticationService.getRmAdminUserName();
- String firstName = I18NUtil.getMessage(MSG_FIRST_NAME);
- String lastName = I18NUtil.getMessage(MSG_LAST_NAME);
-
- if (!authenticationService.authenticationExists(user))
- {
- if (logger.isDebugEnabled())
- {
- logger.debug(" ... creating RM Admin user");
- }
-
- authenticationService.createAuthentication(user, password.toCharArray());
-
- if (!personService.personExists(user))
- {
- if (logger.isDebugEnabled())
- {
- logger.debug(" ... creating RM Admin person");
- }
-
- Map properties = new HashMap();
- properties.put(ContentModel.PROP_USERNAME, user);
- properties.put(ContentModel.PROP_FIRSTNAME, firstName);
- properties.put(ContentModel.PROP_LASTNAME, lastName);
- personService.createPerson(properties);
- }
- else
- {
- if (logger.isInfoEnabled())
- {
- logger.debug(" ... RM Admin person already exists");
- }
- }
-
- if (logger.isDebugEnabled())
- {
- logger.debug(" ... assigning RM Admin user to file plans");
- }
-
- Set filePlans = filePlanService.getFilePlans();
- for (NodeRef filePlan : filePlans)
- {
- filePlanRoleService.assignRoleToAuthority(filePlan, FilePlanRoleService.ROLE_ADMIN, user);
- }
- }
- }
-}
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/role/FilePlanRoleServiceImpl.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/role/FilePlanRoleServiceImpl.java
index db042d002f..43386b0210 100644
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/role/FilePlanRoleServiceImpl.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/role/FilePlanRoleServiceImpl.java
@@ -22,18 +22,14 @@ import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
-import java.io.Serializable;
import java.nio.charset.Charset;
import java.util.ArrayList;
import java.util.Arrays;
-import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
-import java.util.Map;
import java.util.Set;
import org.alfresco.error.AlfrescoRuntimeException;
-import org.alfresco.model.ContentModel;
import org.alfresco.module.org_alfresco_module_rm.bootstrap.BootstrapImporterModuleComponent;
import org.alfresco.module.org_alfresco_module_rm.capability.Capability;
import org.alfresco.module.org_alfresco_module_rm.capability.CapabilityService;
@@ -42,7 +38,6 @@ import org.alfresco.module.org_alfresco_module_rm.fileplan.FilePlanService;
import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
import org.alfresco.module.org_alfresco_module_rm.security.ExtendedReaderDynamicAuthority;
import org.alfresco.module.org_alfresco_module_rm.security.ExtendedWriterDynamicAuthority;
-import org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.repo.security.authority.RMAuthority;
import org.alfresco.service.cmr.repository.NodeRef;
@@ -51,15 +46,9 @@ import org.alfresco.service.cmr.repository.StoreRef;
import org.alfresco.service.cmr.security.AccessPermission;
import org.alfresco.service.cmr.security.AuthorityService;
import org.alfresco.service.cmr.security.AuthorityType;
-import org.alfresco.service.cmr.security.MutableAuthenticationService;
import org.alfresco.service.cmr.security.PermissionService;
-import org.alfresco.service.cmr.security.PersonService;
-import org.alfresco.service.namespace.QName;
-import org.alfresco.util.GUID;
import org.alfresco.util.ParameterCheck;
import org.apache.commons.lang.StringUtils;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;
@@ -75,8 +64,6 @@ public class FilePlanRoleServiceImpl implements FilePlanRoleService,
RecordsManagementModel
{
/** I18N */
- private static final String MSG_FIRST_NAME = "bootstrap.rmadmin.firstName";
- private static final String MSG_LAST_NAME = "bootstrap.rmadmin.lastName";
private static final String MSG_ALL_ROLES = "rm.role.all";
/** Location of bootstrap role JSON */
@@ -103,15 +90,6 @@ public class FilePlanRoleServiceImpl implements FilePlanRoleService,
/** Node service */
private NodeService nodeService;
- /** File plan authentication service */
- private FilePlanAuthenticationService filePlanAuthenticationService;
-
- /** mutable authenticaiton service */
- private MutableAuthenticationService authenticationService;
-
- /** person service */
- private PersonService personService;
-
private BootstrapImporterModuleComponent bootstrapImporterModule;
/** Records management role zone */
@@ -120,9 +98,6 @@ public class FilePlanRoleServiceImpl implements FilePlanRoleService,
/** Records Management Config Node */
private static final String CONFIG_NODEID = "rm_config_folder";
- /** Logger */
- private static Log logger = LogFactory.getLog(FilePlanRoleServiceImpl.class);
-
/**
* @param capabilityService capability service
*/
@@ -163,30 +138,6 @@ public class FilePlanRoleServiceImpl implements FilePlanRoleService,
this.filePlanService = filePlanService;
}
- /**
- * @param filePlanAuthenticationService file plan authentication service
- */
- public void setFilePlanAuthenticationService(FilePlanAuthenticationService filePlanAuthenticationService)
- {
- this.filePlanAuthenticationService = filePlanAuthenticationService;
- }
-
- /**
- * @param personService person service
- */
- public void setPersonService(PersonService personService)
- {
- this.personService = personService;
- }
-
- /**
- * @param authenticationService mutable authentication service
- */
- public void setAuthenticationService(MutableAuthenticationService authenticationService)
- {
- this.authenticationService = authenticationService;
- }
-
/**
*
* @param bootstrapImporterModuleComponent
@@ -391,13 +342,10 @@ public class FilePlanRoleServiceImpl implements FilePlanRoleService,
String user = AuthenticationUtil.getFullyAuthenticatedUser();
authorityService.addAuthority(role.getRoleGroupName(), user);
- if (!filePlanAuthenticationService.getRmAdminUserName().equals(user))
+ if (!AuthenticationUtil.getAdminUserName().equals(user))
{
- // Create the RM Admin User if it does not already exist
- createRMAdminUser();
-
// add the dynamic admin authority
- authorityService.addAuthority(role.getRoleGroupName(), filePlanAuthenticationService.getRmAdminUserName());
+ authorityService.addAuthority(role.getRoleGroupName(), AuthenticationUtil.getAdminUserName());
}
}
}
@@ -670,7 +618,7 @@ public class FilePlanRoleServiceImpl implements FilePlanRoleService,
*/
public boolean hasRMAdminRole(NodeRef rmRootNode, String user)
{
- boolean isRMAdmin = false;
+ boolean isAdmin = false;
Set userRoles = this.getRolesByUser(rmRootNode, user);
if (userRoles != null)
@@ -679,13 +627,13 @@ public class FilePlanRoleServiceImpl implements FilePlanRoleService,
{
if (role.getName().equals("Administrator"))
{
- isRMAdmin = true;
+ isAdmin = true;
break;
}
}
}
- return isRMAdmin;
+ return isAdmin;
}
/**
@@ -921,32 +869,4 @@ public class FilePlanRoleServiceImpl implements FilePlanRoleService,
{
return authorityService.getName(AuthorityType.GROUP, getAllRolesGroupShortName(filePlan));
}
-
- /**
- * Create the RMAdmin user if it does not already exist
- */
- private void createRMAdminUser()
- {
- /** generate rm admin password */
- String password = GUID.generate();
-
- String user = filePlanAuthenticationService.getRmAdminUserName();
- String firstName = I18NUtil.getMessage(MSG_FIRST_NAME);
- String lastName = I18NUtil.getMessage(MSG_LAST_NAME);
-
- if (!authenticationService.authenticationExists(user))
- {
- if (logger.isDebugEnabled())
- {
- logger.debug(" ... creating RM Admin user");
- }
-
- authenticationService.createAuthentication(user, password.toCharArray());
- Map properties = new HashMap();
- properties.put(ContentModel.PROP_USERNAME, user);
- properties.put(ContentModel.PROP_FIRSTNAME, firstName);
- properties.put(ContentModel.PROP_LASTNAME, lastName);
- personService.createPerson(properties);
- }
- }
}
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanAuthenticationService.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanAuthenticationService.java
deleted file mode 100644
index 2ae21b3594..0000000000
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanAuthenticationService.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Copyright (C) 2005-2014 Alfresco Software Limited.
- *
- * This file is part of Alfresco
- *
- * Alfresco is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * Alfresco is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with Alfresco. If not, see .
- */
-package org.alfresco.module.org_alfresco_module_rm.security;
-
-import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
-
-/**
- * File plan authentication service.
- *
- * @author Roy Wetherall
- * @since 2.1
- */
-public interface FilePlanAuthenticationService
-{
- /**
- * @return rm admin user name
- */
- String getRmAdminUserName();
-
- /**
- * Run provided work as the global rm admin user.
- *
- * @param return type
- * @param runAsWork work to execute as the rm admin user
- * @return R result of work execution
- */
- R runAsRmAdmin(RunAsWork runAsWork);
-}
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanAuthenticationServiceImpl.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanAuthenticationServiceImpl.java
deleted file mode 100644
index dc1123e923..0000000000
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanAuthenticationServiceImpl.java
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * Copyright (C) 2005-2014 Alfresco Software Limited.
- *
- * This file is part of Alfresco
- *
- * Alfresco is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * Alfresco is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with Alfresco. If not, see .
- */
-package org.alfresco.module.org_alfresco_module_rm.security;
-
-import org.alfresco.repo.security.authentication.AuthenticationUtil;
-import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
-import org.alfresco.repo.tenant.TenantService;
-
-/**
- * @author Roy Wetherall
- * @since 2.1
- */
-public class FilePlanAuthenticationServiceImpl implements FilePlanAuthenticationService
-{
- /** Default rm admin user values */
- public static final String DEFAULT_RM_ADMIN_USER = "rmadmin";
-
- /** RM admin user name */
- private String rmAdminUserName = DEFAULT_RM_ADMIN_USER;
-
- /** tennant service */
- private TenantService tenantService;
-
- /**
- * The Tenant Service
- *
- * @param tenantService
- */
- public void setTenantService(TenantService tenantService)
- {
- this.tenantService = tenantService;
- }
-
- /**
- * @param rmAdminUserName rm admin user name
- */
- public void setRmAdminUserName(String rmAdminUserName)
- {
- this.rmAdminUserName = rmAdminUserName;
- }
-
- /**
- * @see org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService#getRMAdminUserName()
- */
- @Override
- public String getRmAdminUserName()
- {
- // Build the tenant domain string
- String tenantDomain = tenantService.isEnabled() ? "@" + tenantService.getCurrentUserDomain() : "";
-
- // if MT is enabled and we are in the non-tenant domain we need use the base rm admin user name
- return tenantDomain.length() > 1 ? rmAdminUserName + tenantDomain : rmAdminUserName;
- }
-
- /**
- * @see org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService#runAsRMAdmin(org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork)
- */
- @Override
- public R runAsRmAdmin(RunAsWork runAsWork)
- {
- return AuthenticationUtil.runAs(runAsWork, getRmAdminUserName());
- }
-}
diff --git a/rm-server/source/java/org/alfresco/repo/rule/ExtendedRuleServiceImpl.java b/rm-server/source/java/org/alfresco/repo/rule/ExtendedRuleServiceImpl.java
index efec98beeb..20ee4b2868 100644
--- a/rm-server/source/java/org/alfresco/repo/rule/ExtendedRuleServiceImpl.java
+++ b/rm-server/source/java/org/alfresco/repo/rule/ExtendedRuleServiceImpl.java
@@ -25,7 +25,6 @@ import org.alfresco.model.ContentModel;
import org.alfresco.module.org_alfresco_module_rm.fileplan.FilePlanService;
import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
-import org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
import org.alfresco.service.cmr.repository.NodeRef;
@@ -41,8 +40,8 @@ import org.alfresco.service.namespace.QName;
*/
public class ExtendedRuleServiceImpl extends RuleServiceImpl
{
- /** indicates whether the rules should be run as rmadmin or not */
- private boolean runAsRmAdmin = true;
+ /** indicates whether the rules should be run as admin or not */
+ private boolean runAsAdmin = true;
/** ignore types */
private Set ignoredTypes = new HashSet();
@@ -50,31 +49,12 @@ public class ExtendedRuleServiceImpl extends RuleServiceImpl
/** file plan service */
private FilePlanService filePlanService;
- /** file plan authentication service */
- private FilePlanAuthenticationService filePlanAuthenticationService;
-
/** node service */
protected NodeService nodeService;
/** Record service */
protected RecordService recordService;
- /**
- * @param runAsRmAdmin true if run rules as rmadmin, false otherwise
- */
- public void setRunAsRmAdmin(boolean runAsRmAdmin)
- {
- this.runAsRmAdmin = runAsRmAdmin;
- }
-
- /**
- * @param filePlanAuthenticationService file plan authentication service
- */
- public void setFilePlanAuthenticationService(FilePlanAuthenticationService filePlanAuthenticationService)
- {
- this.filePlanAuthenticationService = filePlanAuthenticationService;
- }
-
/**
* @param nodeService node service
*/
@@ -99,6 +79,14 @@ public class ExtendedRuleServiceImpl extends RuleServiceImpl
this.recordService = recordService;
}
+ /**
+ * @param runAsAdmin true if run rules as admin, false otherwise
+ */
+ public void setRunAsAdmin(boolean runAsAdmin)
+ {
+ this.runAsAdmin = runAsAdmin;
+ }
+
/**
* Init method
*/
@@ -181,18 +169,17 @@ public class ExtendedRuleServiceImpl extends RuleServiceImpl
// ignore and
if (!isIgnoredType(typeQName))
{
- if (runAsRmAdmin)
+ if (runAsAdmin)
{
- // run as rmadmin
- filePlanAuthenticationService.runAsRmAdmin(new RunAsWork()
- {
- @Override
- public Void doWork()
- {
- ExtendedRuleServiceImpl.super.executeRule(rule, nodeRef, executedRules);
- return null;
- }
- });
+ AuthenticationUtil.runAs(new RunAsWork()
+ {
+ @Override
+ public Void doWork()
+ {
+ ExtendedRuleServiceImpl.super.executeRule(rule, nodeRef, executedRules);
+ return null;
+ }
+ }, AuthenticationUtil.getAdminUserName());
}
else
{
diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/action/FileToActionTest.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/action/FileToActionTest.java
index 1efcd6f3f8..472aae4de1 100644
--- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/action/FileToActionTest.java
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/action/FileToActionTest.java
@@ -95,7 +95,7 @@ public class FileToActionTest extends BaseRMTestCase
return null;
}
- }, rmAdminName);
+ }, ADMIN_USER);
}
private void initRecord()
@@ -147,7 +147,7 @@ public class FileToActionTest extends BaseRMTestCase
return null;
}
- }, rmAdminName);
+ }, ADMIN_USER);
}
public void testFileToPath2()
@@ -175,7 +175,7 @@ public class FileToActionTest extends BaseRMTestCase
return null;
}
- }, rmAdminName);
+ }, ADMIN_USER);
}
public void testCreate() throws Exception
@@ -237,7 +237,7 @@ public class FileToActionTest extends BaseRMTestCase
return null;
}
- }, rmAdminName);
+ }, ADMIN_USER);
}
public void failureTests() throws Exception
diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/DeclarativeCapabilityTest.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/DeclarativeCapabilityTest.java
index 6467c31b84..a73d5b8b46 100644
--- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/DeclarativeCapabilityTest.java
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/DeclarativeCapabilityTest.java
@@ -60,7 +60,7 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase
private NodeRef moveToFolder;
private NodeRef moveToCategory;
-
+
private NodeRef hold;
@Override
@@ -109,9 +109,9 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase
utils.declareRecord(declaredRecord);
utils.declareRecord(frozenRecord);
utils.declareRecord(frozenRecord2);
-
+
hold = holdService.createHold(filePlan, GUID.generate(), "reason", "description");
-
+
holdService.addToHold(hold, frozenRecord);
holdService.addToHold(hold, frozenRecordFolder);
holdService.addToHold(hold, frozenRecord2);
@@ -349,7 +349,7 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase
}
return null;
}
- }, rmAdminName);
+ }, ADMIN_USER);
doTestInTransaction(new Test()
{
@@ -445,7 +445,7 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase
}
return null;
}
- }, rmAdminName);
+ }, ADMIN_USER);
doTestInTransaction(new Test()
{
diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/issue/RM1008Test.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/issue/RM1008Test.java
index ccdd38c3cc..4c611c7477 100755
--- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/issue/RM1008Test.java
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/issue/RM1008Test.java
@@ -92,7 +92,7 @@ public class RM1008Test extends BaseRMTestCase
return null;
}
- }, rmAdminName);
+ }, ADMIN_USER);
doTestInTransaction(new Test()
{
@@ -130,7 +130,7 @@ public class RM1008Test extends BaseRMTestCase
holdService.addToHold(hold, rmFolder);
return hold;
}
- }, rmAdminName);
+ }, ADMIN_USER);
doTestInTransaction(new Test()
{
@@ -145,7 +145,7 @@ public class RM1008Test extends BaseRMTestCase
return null;
}
- }, rmAdminName);
+ }, ADMIN_USER);
doTestInTransaction(new Test()
{
@@ -171,7 +171,7 @@ public class RM1008Test extends BaseRMTestCase
return null;
}
- }, rmAdminName);
+ }, ADMIN_USER);
doTestInTransaction(new Test()
{
@@ -197,7 +197,7 @@ public class RM1008Test extends BaseRMTestCase
return null;
}
- }, rmAdminName);
+ }, ADMIN_USER);
doTestInTransaction(new Test()
{
@@ -282,7 +282,7 @@ public class RM1008Test extends BaseRMTestCase
return null;
}
- }, rmAdminName);
+ }, ADMIN_USER);
doTestInTransaction(new Test()
{
@@ -308,7 +308,7 @@ public class RM1008Test extends BaseRMTestCase
return null;
}
- }, rmAdminName);
+ }, ADMIN_USER);
doTestInTransaction(new Test()
{
@@ -334,7 +334,7 @@ public class RM1008Test extends BaseRMTestCase
return null;
}
- }, rmAdminName);
+ }, ADMIN_USER);
doTestInTransaction(new Test()
{
diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/issue/RM804Test.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/issue/RM804Test.java
index 64f54640f0..99e012d2a1 100644
--- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/issue/RM804Test.java
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/issue/RM804Test.java
@@ -26,30 +26,30 @@ import org.alfresco.service.cmr.site.SiteRole;
/**
* Unit test for RM-804 .. site managers are able to delete file plans
- *
+ *
* @author Roy Wetherall
* @since 2.1
*/
-public class RM804Test extends BaseRMTestCase
-{
+public class RM804Test extends BaseRMTestCase
+{
@Override
protected void initServices()
{
super.initServices();
}
-
+
@Override
protected boolean isCollaborationSiteTest()
{
return true;
}
-
+
@Override
protected boolean isUserTest()
{
return true;
}
-
+
public void testUsersHaveDeletePermissionsOnFilePlan() throws Exception
{
// as rmuser
@@ -59,32 +59,32 @@ public class RM804Test extends BaseRMTestCase
public Void run()
{
assertEquals(AccessStatus.ALLOWED, capabilityService.getCapabilityAccessState(filePlan, "Delete"));
-
+
return null;
}
- }, "rmadmin");
-
+ }, ADMIN_USER);
+
doTestInTransaction(new Test()
{
@Override
public Void run()
{
assertEquals(AccessStatus.ALLOWED, capabilityService.getCapabilityAccessState(filePlan, "Delete"));
-
+
return null;
}
- }, "admin");
-
+ }, ADMIN_USER);
+
doTestInTransaction(new Test()
{
@Override
public Void run()
{
assertEquals(AccessStatus.ALLOWED, capabilityService.getCapabilityAccessState(filePlan, "Delete"));
-
+
return null;
}
- }, rmAdminName);
+ }, ADMIN_USER);
doTestInTransaction(new Test()
{
@@ -92,23 +92,23 @@ public class RM804Test extends BaseRMTestCase
public Void run()
{
assertEquals(AccessStatus.DENIED, capabilityService.getCapabilityAccessState(filePlan, "Delete"));
-
+
return null;
}
}, rmUserName);
-
+
doTestInTransaction(new Test()
{
@Override
public Void run()
{
assertEquals(AccessStatus.DENIED, capabilityService.getCapabilityAccessState(filePlan, "Delete"));
-
+
return null;
}
}, userName);
}
-
+
public void testTryAndDeleteSiteAsSiteManagerOnly()
{
doTestInTransaction(new Test()
@@ -117,25 +117,25 @@ public class RM804Test extends BaseRMTestCase
public Void run()
{
siteService.setMembership(siteId, userName, SiteRole.SiteManager.toString());
-
+
return null;
}
}, "admin");
-
+
doTestInTransaction(new FailureTest
(
"Should not be able to delete site as a site manager only.",
AlfrescoRuntimeException.class
)
- {
+ {
@Override
public void run() throws Exception
{
siteService.deleteSite(siteId);
-
+
}
}, userName);
-
+
// give the user a RM role (but not sufficient to delete the file plan node ref)
doTestInTransaction(new Test()
{
@@ -143,47 +143,47 @@ public class RM804Test extends BaseRMTestCase
public Void run()
{
filePlanRoleService.assignRoleToAuthority(filePlan, ROLE_NAME_USER, userName);
-
+
return null;
}
}, "admin");
-
+
doTestInTransaction(new FailureTest
(
"Should not be able to delete site as a site manager with an RM role that doesn't have the capability.",
AlfrescoRuntimeException.class
)
- {
+ {
@Override
public void run() throws Exception
{
siteService.deleteSite(siteId);
-
+
}
}, userName);
-
+
doTestInTransaction(new Test()
{
@Override
public Void run()
{
filePlanRoleService.assignRoleToAuthority(filePlan, ROLE_NAME_ADMINISTRATOR, userName);
-
+
return null;
}
}, "admin");
-
+
doTestInTransaction(new Test()
{
@Override
public Void run()
{
siteService.deleteSite(siteId);
-
+
return null;
}
}, userName);
-
+
}
-
+
}
diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/CustomEMailMappingServiceImplTest.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/CustomEMailMappingServiceImplTest.java
index 4ea0e97ff2..fd1362a539 100644
--- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/CustomEMailMappingServiceImplTest.java
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/CustomEMailMappingServiceImplTest.java
@@ -117,7 +117,7 @@ public class CustomEMailMappingServiceImplTest extends BaseRMTestCase
return null;
}
- }, rmAdminName);
+ }, ADMIN_USER);
}
private CustomMapping getCustomMapping(String from, String to)
diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/ModelSecurityServiceImplTest.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/ModelSecurityServiceImplTest.java
index 0272846faf..1bd3fb6d15 100644
--- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/ModelSecurityServiceImplTest.java
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/ModelSecurityServiceImplTest.java
@@ -29,7 +29,7 @@ import org.alfresco.service.namespace.QName;
/**
* Model security service test.
- *
+ *
* @author Roy Wetherall
* @since 2.1
*/
@@ -37,16 +37,16 @@ public class ModelSecurityServiceImplTest extends BaseRMTestCase
{
private static final QName CUSTOM_ASPECT = QName.createQName("http://www.alfresco.org/model/rmtest/1.0", "customAspect");
private static final QName CUSTOM_PROTECTED_ASPECT = QName.createQName("http://www.alfresco.org/model/rmtest/1.0", "customProtectedAspect");
-
+
private static final QName CUSTOM_PROPERTY = QName.createQName("http://www.alfresco.org/model/rmtest/1.0", "customProperty");
private static final QName CUSTOM_PROTECTED_PROPERTY = QName.createQName("http://www.alfresco.org/model/rmtest/1.0", "customProtectedProperty");
-
-
+
+
/** Model security service */
- private ModelSecurityService modelSecurityService;
-
+ private ModelSecurityService modelSecurityService;
+
private boolean enabled;
-
+
/**
* @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase#isUserTest()
*/
@@ -55,23 +55,23 @@ public class ModelSecurityServiceImplTest extends BaseRMTestCase
{
return true;
}
-
+
@Override
protected boolean isFillingForAllUsers()
{
return true;
}
-
+
/**
* @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase#initServices()
*/
@Override
protected void initServices()
{
- super.initServices();
+ super.initServices();
modelSecurityService = (ModelSecurityService)applicationContext.getBean("ModelSecurityService");
}
-
+
/**
* @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase#setupTestDataImpl()
*/
@@ -79,11 +79,11 @@ public class ModelSecurityServiceImplTest extends BaseRMTestCase
protected void setupTestDataImpl()
{
super.setupTestDataImpl();
-
+
enabled = modelSecurityService.isEnabled();
modelSecurityService.setEnabled(true);
}
-
+
/**
* @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase#tearDownImpl()
*/
@@ -93,77 +93,77 @@ public class ModelSecurityServiceImplTest extends BaseRMTestCase
super.tearDownImpl();
modelSecurityService.setEnabled(enabled);
}
-
+
/**
* test - getProtectedAspects(), isProtectedAspect(), getProtectedAspect()
*/
public void testProtectedAspects() throws Exception
{
doTestInTransaction(new VoidTest()
- {
+ {
@Override
public void runImpl() throws Exception
{
Set protectedAspects = modelSecurityService.getProtectedAspects();
-
+
assertNotNull(protectedAspects);
assertFalse(protectedAspects.isEmpty());
assertTrue(protectedAspects.contains(CUSTOM_PROTECTED_ASPECT));
assertFalse(protectedAspects.contains(CUSTOM_ASPECT));
-
+
assertTrue(modelSecurityService.isProtectedAspect(CUSTOM_PROTECTED_ASPECT));
assertFalse(modelSecurityService.isProtectedAspect(CUSTOM_ASPECT));
-
+
ProtectedAspect protectedAspect = modelSecurityService.getProtectedAspect(CUSTOM_ASPECT);
assertNull(protectedAspect);
protectedAspect = modelSecurityService.getProtectedAspect(CUSTOM_PROTECTED_ASPECT);
assertNotNull(protectedAspect);
assertNotNull(protectedAspect.getQName());
- assertNotNull(protectedAspect.getCapabilities());
+ assertNotNull(protectedAspect.getCapabilities());
}
- });
-
+ });
+
doTestInTransaction(new VoidTest()
- {
+ {
@Override
public void runImpl() throws Exception
{
assertTrue(modelSecurityService.isProtectedAspect(CUSTOM_PROTECTED_ASPECT));
- assertFalse(modelSecurityService.canEditProtectedAspect(rmFolder, CUSTOM_PROTECTED_ASPECT));
+ assertFalse(modelSecurityService.canEditProtectedAspect(rmFolder, CUSTOM_PROTECTED_ASPECT));
}
}, powerUserName);
-
+
doTestInTransaction(new FailureTest
(
- "Normal rm user should not have the permissions to add the protected aspect.",
+ "Normal rm user should not have the permissions to add the protected aspect.",
ModelAccessDeniedException.class
)
{
@Override
public void run() throws Exception
{
- // try and add the aspect
+ // try and add the aspect
nodeService.addAspect(rmFolder, CUSTOM_PROTECTED_ASPECT, null);
- }
+ }
}, powerUserName);
-
+
doTestInTransaction(new VoidTest()
- {
+ {
@Override
public void runImpl() throws Exception
{
assertTrue(modelSecurityService.canEditProtectedAspect(rmFolder, CUSTOM_PROTECTED_ASPECT));
-
+
// try and add the aspect
nodeService.addAspect(rmFolder, CUSTOM_PROTECTED_ASPECT, null);
assertTrue(nodeService.hasAspect(rmFolder, CUSTOM_PROTECTED_ASPECT));
}
- }, rmAdminName);
-
+ }, ADMIN_USER);
+
// check protected aspect via removeAspect
doTestInTransaction(new FailureTest
(
- "Normal rm user should not have the permissions to remove the custom aspect.",
+ "Normal rm user should not have the permissions to remove the custom aspect.",
ModelAccessDeniedException.class
)
{
@@ -171,20 +171,20 @@ public class ModelSecurityServiceImplTest extends BaseRMTestCase
public void run() throws Exception
{
nodeService.removeAspect(rmFolder, CUSTOM_PROTECTED_ASPECT);
- }
+ }
}, powerUserName);
-
+
doTestInTransaction(new VoidTest()
- {
+ {
@Override
public void runImpl() throws Exception
{
nodeService.removeAspect(rmFolder, CUSTOM_PROTECTED_ASPECT);
assertFalse(nodeService.hasAspect(rmFolder, CUSTOM_PROTECTED_ASPECT));
}
- }, rmAdminName);
+ }, ADMIN_USER);
}
-
+
/**
* test - getProtectedProperties(), isProtectedProperty(), getProtectedProperty()
*/
@@ -195,55 +195,55 @@ public class ModelSecurityServiceImplTest extends BaseRMTestCase
public void runImpl()
{
Set protectedProperties = modelSecurityService.getProtectedProperties();
-
+
assertNotNull(protectedProperties);
assertFalse(protectedProperties.isEmpty());
assertTrue(protectedProperties.contains(CUSTOM_PROTECTED_PROPERTY));
- assertFalse(protectedProperties.contains(CUSTOM_PROPERTY));
-
+ assertFalse(protectedProperties.contains(CUSTOM_PROPERTY));
+
assertTrue(modelSecurityService.isProtectedProperty(CUSTOM_PROTECTED_PROPERTY));
assertFalse(modelSecurityService.isProtectedProperty(CUSTOM_PROPERTY));
-
+
ProtectedProperty protectedProperty = modelSecurityService.getProtectedProperty(CUSTOM_PROPERTY);
assertNull(protectedProperty);
protectedProperty = modelSecurityService.getProtectedProperty(CUSTOM_PROTECTED_PROPERTY);
assertNotNull(protectedProperty);
assertNotNull(protectedProperty.getQName());
- assertNotNull(protectedProperty.getCapabilities());
+ assertNotNull(protectedProperty.getCapabilities());
}
- });
-
+ });
+
doTestInTransaction(new VoidTest()
- {
+ {
@Override
public void runImpl() throws Exception
{
assertTrue(modelSecurityService.canEditProtectedProperty(rmFolder, CUSTOM_PROTECTED_PROPERTY));
}
- }, rmAdminName);
-
+ }, ADMIN_USER);
+
doTestInTransaction(new VoidTest()
- {
+ {
@Override
public void runImpl() throws Exception
{
- assertFalse(modelSecurityService.canEditProtectedProperty(rmFolder, CUSTOM_PROTECTED_PROPERTY));
+ assertFalse(modelSecurityService.canEditProtectedProperty(rmFolder, CUSTOM_PROTECTED_PROPERTY));
}
- }, powerUserName);
-
+ }, powerUserName);
+
doTestInTransaction(new VoidTest()
- {
+ {
@Override
public void runImpl() throws Exception
{
assertTrue(modelSecurityService.isProtectedProperty(CUSTOM_PROTECTED_PROPERTY));
- assertFalse(modelSecurityService.canEditProtectedProperty(rmFolder, CUSTOM_PROTECTED_PROPERTY));
+ assertFalse(modelSecurityService.canEditProtectedProperty(rmFolder, CUSTOM_PROTECTED_PROPERTY));
}
}, powerUserName);
-
+
doTestInTransaction(new FailureTest
(
- "Should not have the permissions to edit protected property.",
+ "Should not have the permissions to edit protected property.",
ModelAccessDeniedException.class
)
{
@@ -251,19 +251,19 @@ public class ModelSecurityServiceImplTest extends BaseRMTestCase
public void run() throws Exception
{
nodeService.setProperty(rmFolder, CUSTOM_PROTECTED_PROPERTY, "hello");
- }
+ }
}, powerUserName);
-
+
doTestInTransaction(new VoidTest()
- {
+ {
@Override
public void runImpl() throws Exception
{
assertTrue(modelSecurityService.canEditProtectedProperty(rmFolder, CUSTOM_PROTECTED_PROPERTY));
-
+
nodeService.setProperty(rmFolder, CUSTOM_PROTECTED_PROPERTY, "hello");
assertEquals("hello", nodeService.getProperty(rmFolder, CUSTOM_PROTECTED_PROPERTY));
}
- }, rmAdminName);
+ }, ADMIN_USER);
}
}
diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/RecordServiceImplTest.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/RecordServiceImplTest.java
index 566577e2d0..7e303c1d78 100644
--- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/RecordServiceImplTest.java
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/RecordServiceImplTest.java
@@ -501,7 +501,7 @@ public class RecordServiceImplTest extends BaseRMTestCase
return null;
}
- }, rmAdminName);
+ }, ADMIN_USER);
}
public void testFileNewContent() throws Exception
@@ -643,7 +643,7 @@ public class RecordServiceImplTest extends BaseRMTestCase
}
});
- // test rmadmin
+ // test admin
doTestInTransaction(new VoidTest()
{
@Override
@@ -738,11 +738,11 @@ public class RecordServiceImplTest extends BaseRMTestCase
}
});
- // test rmadmin
- canEditProperty(recordOne, ContentModel.PROP_DESCRIPTION, rmAdminName);
- canEditProperty(recordOne, RecordsManagementModel.PROP_LOCATION, rmAdminName);
- cantEditProperty(recordDeclaredOne, ContentModel.PROP_DESCRIPTION, rmAdminName);
- canEditProperty(recordDeclaredOne, RecordsManagementModel.PROP_LOCATION, rmAdminName);
+ // test admin
+ canEditProperty(recordOne, ContentModel.PROP_DESCRIPTION, ADMIN_USER);
+ canEditProperty(recordOne, RecordsManagementModel.PROP_LOCATION, ADMIN_USER);
+ cantEditProperty(recordDeclaredOne, ContentModel.PROP_DESCRIPTION, ADMIN_USER);
+ canEditProperty(recordDeclaredOne, RecordsManagementModel.PROP_LOCATION, ADMIN_USER);
// test normal user
cantEditProperty(recordOne, ContentModel.PROP_DESCRIPTION, rmUserName);
diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/RecordsManagementAuditServiceImplTest.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/RecordsManagementAuditServiceImplTest.java
index b5afcbeddb..63d4a67fbd 100644
--- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/RecordsManagementAuditServiceImplTest.java
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/RecordsManagementAuditServiceImplTest.java
@@ -138,7 +138,7 @@ public class RecordsManagementAuditServiceImplTest extends BaseRMTestCase
return null;
}
- }, rmAdminName);
+ }, ADMIN_USER);
}
/**
@@ -147,13 +147,13 @@ public class RecordsManagementAuditServiceImplTest extends BaseRMTestCase
public void testGetAuditTrail()
{
// show the audit is empty
- getAuditTrail(1, rmAdminName);
+ getAuditTrail(1, ADMIN_USER);
// make a change
- final String updatedProperty = updateTitle(filePlan, rmAdminName);
+ final String updatedProperty = updateTitle(filePlan, ADMIN_USER);
// show the audit has been updated
- List entries = getAuditTrail(3, rmAdminName);
+ List entries = getAuditTrail(3, ADMIN_USER);
final RecordsManagementAuditEntry entry = entries.get(2);
assertNotNull(entry);
@@ -182,15 +182,15 @@ public class RecordsManagementAuditServiceImplTest extends BaseRMTestCase
return null;
}
- }, rmAdminName);
+ }, ADMIN_USER);
// add some more title updates
- updateTitle(rmContainer, rmAdminName);
- updateTitle(rmFolder, rmAdminName);
- updateTitle(record, rmAdminName);
+ updateTitle(rmContainer, ADMIN_USER);
+ updateTitle(rmFolder, ADMIN_USER);
+ updateTitle(record, ADMIN_USER);
// show the audit has been updated
- getAuditTrail(7, rmAdminName);
+ getAuditTrail(7, ADMIN_USER);
// snap shot date
Date snapShot = new Date();
@@ -198,7 +198,7 @@ public class RecordsManagementAuditServiceImplTest extends BaseRMTestCase
// show the audit results can be limited
RecordsManagementAuditQueryParameters params = new RecordsManagementAuditQueryParameters();
params.setMaxEntries(2);
- getAuditTrail(params, 2, rmAdminName);
+ getAuditTrail(params, 2, ADMIN_USER);
// test filter by user
updateTitle(rmContainer, recordsManagerName);
@@ -207,39 +207,39 @@ public class RecordsManagementAuditServiceImplTest extends BaseRMTestCase
params = new RecordsManagementAuditQueryParameters();
params.setUser(recordsManagerName);
- getAuditTrail(params, 3, rmAdminName);
+ getAuditTrail(params, 3, ADMIN_USER);
// test filter by date
params = new RecordsManagementAuditQueryParameters();
params.setDateFrom(snapShot);
- getAuditTrail(params, 13, rmAdminName);
+ getAuditTrail(params, 13, ADMIN_USER);
params = new RecordsManagementAuditQueryParameters();
params.setDateTo(snapShot);
- getAuditTrail(params, 14, rmAdminName);
+ getAuditTrail(params, 14, ADMIN_USER);
params.setDateFrom(testStartTime);
- getAuditTrail(params, 15, rmAdminName);
+ getAuditTrail(params, 15, ADMIN_USER);
// test filter by object
- updateTitle(record, rmAdminName);
- updateTitle(record, rmAdminName);
- updateTitle(record, rmAdminName);
+ updateTitle(record, ADMIN_USER);
+ updateTitle(record, ADMIN_USER);
+ updateTitle(record, ADMIN_USER);
params = new RecordsManagementAuditQueryParameters();
params.setNodeRef(record);
- getAuditTrail(params, 5, rmAdminName);
+ getAuditTrail(params, 5, ADMIN_USER);
// test filter by event
params = new RecordsManagementAuditQueryParameters();
// params.setEvent("cutoff");
- // getAuditTrail(params, 0, rmAdminName);
+ // getAuditTrail(params, 0, ADMIN_USER);
params.setEvent("Update RM Object");
- getAuditTrail(params, 10, rmAdminName);
+ getAuditTrail(params, 10, ADMIN_USER);
// test filter by property
// params = new RecordsManagementAuditQueryParameters();
//params.setProperty(PROP_ADDRESSEES);
- //getAuditTrail(params, 0, rmAdminName);
+ //getAuditTrail(params, 0, ADMIN_USER);
// params.setProperty(PROP_TITLE);
- // getAuditTrail(params, 10, rmAdminName);
+ // getAuditTrail(params, 10, ADMIN_USER);
}
/**
@@ -260,16 +260,16 @@ public class RecordsManagementAuditServiceImplTest extends BaseRMTestCase
Thread.sleep(5000);
- List result1 = getAuditTrail(rmAdminName);
+ List result1 = getAuditTrail(ADMIN_USER);
assertNotNull(result1);
// Update the fileplan
- updateTitle(filePlan, rmAdminName);
+ updateTitle(filePlan, ADMIN_USER);
Thread.sleep(5000);
// There should be no new audit entries
- List result2 = getAuditTrail(rmAdminName);
+ List result2 = getAuditTrail(ADMIN_USER);
assertNotNull(result2);
assertEquals(
"Audit results should not have changed after auditing was disabled",
@@ -277,11 +277,11 @@ public class RecordsManagementAuditServiceImplTest extends BaseRMTestCase
// repeat with a start
rmAuditService.startAuditLog(filePlan);
- updateTitle(filePlan, rmAdminName);
+ updateTitle(filePlan, ADMIN_USER);
Thread.sleep(5000);
- List result3 = getAuditTrail(rmAdminName);
+ List result3 = getAuditTrail(ADMIN_USER);
assertNotNull(result3);
assertTrue(
"Expected more results after enabling audit",
@@ -294,7 +294,7 @@ public class RecordsManagementAuditServiceImplTest extends BaseRMTestCase
rmAuditService.clearAuditLog(filePlan);
// There should be no entries
- List result4 = getAuditTrail(rmAdminName);
+ List result4 = getAuditTrail(ADMIN_USER);
assertNotNull(result4);
assertEquals(
"Audit entries should have been cleared",
@@ -342,7 +342,7 @@ public class RecordsManagementAuditServiceImplTest extends BaseRMTestCase
AuthenticationUtil.popAuthentication();
}
rmAuditService.stopAuditLog(filePlan);
- List result1 = getAuditTrail(rmAdminName);
+ List result1 = getAuditTrail(ADMIN_USER);
// Check that the username is reflected correctly in the results
assertFalse("No audit results were generated for the failed login.", result1.isEmpty());
boolean found = false;
@@ -386,7 +386,7 @@ public class RecordsManagementAuditServiceImplTest extends BaseRMTestCase
AuthenticationUtil.popAuthentication();
}
rmAuditService.stopAuditLog(filePlan);
- List result2 = getAuditTrail(rmAdminName);
+ List result2 = getAuditTrail(ADMIN_USER);
found = false;
for (RecordsManagementAuditEntry entry : result2)
{
diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/util/BaseRMTestCase.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/util/BaseRMTestCase.java
index a2f3492adc..06394620ae 100644
--- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/util/BaseRMTestCase.java
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/util/BaseRMTestCase.java
@@ -45,7 +45,6 @@ import org.alfresco.module.org_alfresco_module_rm.report.ReportService;
import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService;
import org.alfresco.module.org_alfresco_module_rm.search.RecordsManagementSearchService;
import org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityService;
-import org.alfresco.module.org_alfresco_module_rm.security.FilePlanAuthenticationService;
import org.alfresco.module.org_alfresco_module_rm.security.FilePlanPermissionService;
import org.alfresco.module.org_alfresco_module_rm.vital.VitalRecordService;
import org.alfresco.repo.policy.BehaviourFilter;
@@ -104,12 +103,12 @@ public abstract class BaseRMTestCase extends RetryingTransactionHelperTestCase
protected QName ASPECT_CUSTOM_ASPECT = QName.createQName(URI, "customAspect");
protected QName ASPECT_RECORD_META_DATA = QName.createQName(URI, "recordMetaData");
+ /** admin user */
+ protected static final String ADMIN_USER = "admin";
+
/** Common test utils */
protected CommonRMTestUtils utils;
- /** RM Admin user name */
- protected String rmAdminUserName;
-
/** Services */
protected NodeService nodeService;
protected ContentService contentService;
@@ -143,7 +142,6 @@ public abstract class BaseRMTestCase extends RetryingTransactionHelperTestCase
protected FreezeService freezeService;
protected RecordService recordService;
protected FilePlanService filePlanService;
- protected FilePlanAuthenticationService filePlanAuthenticationService;
protected RecordFolderService recordFolderService;
protected ExtendedSecurityService extendedSecurityService;
protected ReportService reportService;
@@ -224,7 +222,6 @@ public abstract class BaseRMTestCase extends RetryingTransactionHelperTestCase
protected String powerUserName;
protected String securityOfficerName;
protected String recordsManagerName;
- protected String rmAdminName;
/** test people */
protected NodeRef userPerson;
@@ -232,7 +229,6 @@ public abstract class BaseRMTestCase extends RetryingTransactionHelperTestCase
protected NodeRef powerUserPerson;
protected NodeRef securityOfficerPerson;
protected NodeRef recordsManagerPerson;
- protected NodeRef rmAdminPerson;
/** test records */
protected NodeRef recordOne;
@@ -320,20 +316,6 @@ public abstract class BaseRMTestCase extends RetryingTransactionHelperTestCase
// Initialise the service beans
initServices();
- // grab the rmadmin user name
- retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback