From a2d46ff862a07ea21017e8879ff9396f32205317 Mon Sep 17 00:00:00 2001 From: Roy Wetherall Date: Wed, 19 Dec 2012 06:10:57 +0000 Subject: [PATCH] RM-571 - Refactor: Role Service * deprecated approprite methods on old service * deprecated and moved role to new package loaction * fallout * also repackaged Record and RecordFolder services * TODO remove deprecation warnings git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@44828 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261 --- .../rm-service-context.xml | 95 ++- .../org_alfresco_module_rm/security/Role.java | 64 ++ .../RecordsManagementService.java | 2 +- .../RecordsManagementServiceRegistry.java | 10 +- .../RecordsManagementServiceRegistryImpl.java | 176 ++-- .../action/RMActionExecuterAbstractBase.java | 2 +- .../action/dm/CreateRecordAction.java | 2 +- .../AbstractCapabilityCondition.java | 2 +- .../capability/impl/CreateCapability.java | 2 +- .../dataset/DataSetServiceImpl.java | 2 +- .../forms/RecordsManagementFormFilter.java | 2 +- .../jscript/app/BaseEvaluator.java | 2 +- .../jscript/app/JSONConversionComponent.java | 2 +- .../patch/RMv21InPlacePatch.java | 5 +- .../RecordService.java | 2 +- .../RecordServiceImpl.java | 2 +- .../RecordFolderService.java | 2 +- .../RecordFolderServiceImpl.java | 2 +- .../role/FilePlanRoleService.java | 124 +++ .../role/FilePlanRoleServiceImpl.java | 719 +++++++++++++++++ .../{security => role}/Role.java | 2 +- .../script/BootstrapTestDataGet.java | 2 +- .../script/RecordMetaDataAspectsGet.java | 2 +- .../slingshot/RMSearchPropertiesGet.java | 2 +- .../security/ExtendedSecurityServiceImpl.java | 2 +- .../RecordsManagementSecurityService.java | 40 +- .../RecordsManagementSecurityServiceImpl.java | 760 +++--------------- .../test/service/RecordServiceImplTest.java | 2 +- .../test/util/BaseRMTestCase.java | 2 +- 29 files changed, 1275 insertions(+), 758 deletions(-) create mode 100644 rm-server/source/compatibility/org/alfresco/module/org_alfresco_module_rm/security/Role.java rename rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/{disposableitem => record}/RecordService.java (94%) rename rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/{disposableitem => record}/RecordServiceImpl.java (97%) rename rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/{disposableitem => recordfolder}/RecordFolderService.java (90%) rename rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/{disposableitem => recordfolder}/RecordFolderServiceImpl.java (95%) create mode 100644 rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/role/FilePlanRoleService.java create mode 100644 rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/role/FilePlanRoleServiceImpl.java rename rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/{security => role}/Role.java (93%) diff --git a/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-service-context.xml b/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-service-context.xml index c19cdd615b..e8c4868a69 100644 --- a/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-service-context.xml +++ b/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-service-context.xml @@ -416,18 +416,85 @@ - + + + + + + + org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService + + + + + + + + + + + + + + + + + + + + ${server.transaction.mode.default} + + + + + + + + + + + + + + + + + + + + + + + + + + - + @@ -970,7 +1037,7 @@ - + @@ -978,7 +1045,7 @@ - + @@ -991,7 +1058,7 @@ - org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService + org.alfresco.module.org_alfresco_module_rm.record.RecordService @@ -1029,13 +1096,13 @@ diff --git a/rm-server/source/compatibility/org/alfresco/module/org_alfresco_module_rm/security/Role.java b/rm-server/source/compatibility/org/alfresco/module/org_alfresco_module_rm/security/Role.java new file mode 100644 index 0000000000..6bcff592f4 --- /dev/null +++ b/rm-server/source/compatibility/org/alfresco/module/org_alfresco_module_rm/security/Role.java @@ -0,0 +1,64 @@ +/* + * Copyright (C) 2005-2011 Alfresco Software Limited. + * + * This file is part of Alfresco + * + * Alfresco is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * Alfresco is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with Alfresco. If not, see . + */ +package org.alfresco.module.org_alfresco_module_rm.security; + +import java.util.HashSet; +import java.util.Set; + +import org.alfresco.module.org_alfresco_module_rm.capability.Capability; + +/** + * Records management role class + * + * @author Roy Wetherall + * + * @deprecated As of release 2.1, see {@link org.alfresco.module.org_alfresco_module_rm.role.Role} + */ +public class Role extends org.alfresco.module.org_alfresco_module_rm.role.Role +{ + /** + * Compatibility method + */ + public static Role toRole(org.alfresco.module.org_alfresco_module_rm.role.Role role) + { + return new Role(role.getName(), role.getDisplayLabel(), role.getCapabilities(), role.getRoleGroupName()); + } + + /** + * Compatibility method + */ + public static Set toRoleSet(Set roles) + { + Set result = new HashSet(roles.size()); + for (org.alfresco.module.org_alfresco_module_rm.role.Role role : roles) + { + result.add(Role.toRole(role)); + } + return result; + } + + /** + * Constructor + */ + @Deprecated + public Role(String name, String displayLabel, Set capabilities, String roleGroupName) + { + super(name, displayLabel, capabilities, roleGroupName); + } +} diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementService.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementService.java index 9e8c2abdb3..3703074787 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementService.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementService.java @@ -23,8 +23,8 @@ import java.util.List; import java.util.Map; import java.util.Set; -import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService; import org.alfresco.module.org_alfresco_module_rm.freeze.FreezeService; +import org.alfresco.module.org_alfresco_module_rm.record.RecordService; import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.namespace.QName; diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementServiceRegistry.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementServiceRegistry.java index c43e310367..f0e8283cf7 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementServiceRegistry.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementServiceRegistry.java @@ -21,10 +21,11 @@ package org.alfresco.module.org_alfresco_module_rm; import org.alfresco.module.org_alfresco_module_rm.action.RecordsManagementActionService; import org.alfresco.module.org_alfresco_module_rm.audit.RecordsManagementAuditService; import org.alfresco.module.org_alfresco_module_rm.capability.CapabilityService; -import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService; import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionService; import org.alfresco.module.org_alfresco_module_rm.event.RecordsManagementEventService; import org.alfresco.module.org_alfresco_module_rm.freeze.FreezeService; +import org.alfresco.module.org_alfresco_module_rm.record.RecordService; +import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService; import org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityService; import org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService; import org.alfresco.service.NotAuditable; @@ -51,6 +52,7 @@ public interface RecordsManagementServiceRegistry extends ServiceRegistry static final QName RECORD_SERVICE = QName.createQName(NamespaceService.ALFRESCO_URI, "RecordService"); static final QName FREEZE_SERVICE = QName.createQName(NamespaceService.ALFRESCO_URI, "FreezeService"); static final QName EXTENDED_SECURITY_SERVICE = QName.createQName(NamespaceService.ALFRESCO_URI, "ExtendedSecurityService"); + static final QName FILE_PLAN_ROLE_SERVICE = QName.createQName(NamespaceService.ALFRESCO_URI, "FilePlanRoleService"); /** * @return records management service @@ -117,4 +119,10 @@ public interface RecordsManagementServiceRegistry extends ServiceRegistry */ @NotAuditable ExtendedSecurityService getExtendedSecurityService(); + + /** + * @return file plan role service + */ + @NotAuditable + FilePlanRoleService getFilePlanRoleService(); } diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementServiceRegistryImpl.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementServiceRegistryImpl.java index d46e73b6d6..52dcfde275 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementServiceRegistryImpl.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementServiceRegistryImpl.java @@ -21,10 +21,11 @@ package org.alfresco.module.org_alfresco_module_rm; import org.alfresco.module.org_alfresco_module_rm.action.RecordsManagementActionService; import org.alfresco.module.org_alfresco_module_rm.audit.RecordsManagementAuditService; import org.alfresco.module.org_alfresco_module_rm.capability.CapabilityService; -import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService; import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionService; import org.alfresco.module.org_alfresco_module_rm.event.RecordsManagementEventService; import org.alfresco.module.org_alfresco_module_rm.freeze.FreezeService; +import org.alfresco.module.org_alfresco_module_rm.record.RecordService; +import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService; import org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityService; import org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService; import org.alfresco.repo.service.ServiceDescriptorRegistry; @@ -37,101 +38,110 @@ import org.alfresco.repo.service.ServiceDescriptorRegistry; public class RecordsManagementServiceRegistryImpl extends ServiceDescriptorRegistry implements RecordsManagementServiceRegistry { - /** - * @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getRecordsManagementActionService() - */ - @Override - public RecordsManagementActionService getRecordsManagementActionService() - { - return (RecordsManagementActionService)getService(RECORDS_MANAGEMENT_ACTION_SERVICE); - } + /** + * @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getRecordsManagementActionService() + */ + @Override + public RecordsManagementActionService getRecordsManagementActionService() + { + return (RecordsManagementActionService) getService(RECORDS_MANAGEMENT_ACTION_SERVICE); + } - /** - * @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getRecordsManagementAdminService() - */ - @Override - public RecordsManagementAdminService getRecordsManagementAdminService() - { - return (RecordsManagementAdminService)getService(RECORDS_MANAGEMENT_ADMIN_SERVICE); - } + /** + * @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getRecordsManagementAdminService() + */ + @Override + public RecordsManagementAdminService getRecordsManagementAdminService() + { + return (RecordsManagementAdminService) getService(RECORDS_MANAGEMENT_ADMIN_SERVICE); + } - /** - * @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getRecordsManagementEventService() - */ - @Override - public RecordsManagementEventService getRecordsManagementEventService() - { - return (RecordsManagementEventService)getService(RECORDS_MANAGEMENT_EVENT_SERVICE); - } + /** + * @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getRecordsManagementEventService() + */ + @Override + public RecordsManagementEventService getRecordsManagementEventService() + { + return (RecordsManagementEventService) getService(RECORDS_MANAGEMENT_EVENT_SERVICE); + } + + /** + * @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getRecordsManagementService() + */ + @Override + public RecordsManagementService getRecordsManagementService() + { + return (RecordsManagementService) getService(RECORDS_MANAGEMENT_SERVICE); + } - /** - * @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getRecordsManagementService() - */ - @Override - public RecordsManagementService getRecordsManagementService() - { - return (RecordsManagementService)getService(RECORDS_MANAGEMENT_SERVICE); - } - /** * @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getRecordService() */ public RecordService getRecordService() { - return (RecordService)getService(RECORD_SERVICE); + return (RecordService) getService(RECORD_SERVICE); } - /** - * @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getRecordsManagementSecurityService() - */ - @Override - public RecordsManagementSecurityService getRecordsManagementSecurityService() - { - return (RecordsManagementSecurityService)getService(RECORDS_MANAGEMENT_SECURITY_SERVICE); - } + /** + * @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getRecordsManagementSecurityService() + */ + @Override + public RecordsManagementSecurityService getRecordsManagementSecurityService() + { + return (RecordsManagementSecurityService) getService(RECORDS_MANAGEMENT_SECURITY_SERVICE); + } - /** - * @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getRecordsManagementAuditService() - */ - @Override - public RecordsManagementAuditService getRecordsManagementAuditService() - { - return (RecordsManagementAuditService)getService(RECORDS_MANAGEMENT_AUDIT_SERVICE); - } + /** + * @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getRecordsManagementAuditService() + */ + @Override + public RecordsManagementAuditService getRecordsManagementAuditService() + { + return (RecordsManagementAuditService) getService(RECORDS_MANAGEMENT_AUDIT_SERVICE); + } - /** - * @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getDictionaryService() - */ - @Override - public DispositionService getDispositionService() - { - return (DispositionService)getService(DISPOSITION_SERVICE); - } + /** + * @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getDictionaryService() + */ + @Override + public DispositionService getDispositionService() + { + return (DispositionService) getService(DISPOSITION_SERVICE); + } - /** - * @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getCapabilityService() - */ - @Override - public CapabilityService getCapabilityService() - { - return (CapabilityService)getService(CAPABILITY_SERVICE); - } + /** + * @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getCapabilityService() + */ + @Override + public CapabilityService getCapabilityService() + { + return (CapabilityService) getService(CAPABILITY_SERVICE); + } - /** - * @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getFreezeService() - */ - @Override - public FreezeService getFreezeService() - { - return (FreezeService)getService(FREEZE_SERVICE); - } + /** + * @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getFreezeService() + */ + @Override + public FreezeService getFreezeService() + { + return (FreezeService) getService(FREEZE_SERVICE); + } - /** - * @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getExtendedSecurityService() - */ - @Override - public ExtendedSecurityService getExtendedSecurityService() - { - return (ExtendedSecurityService)getService(EXTENDED_SECURITY_SERVICE); - } + /** + * @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getExtendedSecurityService() + */ + @Override + public ExtendedSecurityService getExtendedSecurityService() + { + return (ExtendedSecurityService) getService(EXTENDED_SECURITY_SERVICE); + } + + /** + * @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getFilePlanRoleService() + */ + @Override + public FilePlanRoleService getFilePlanRoleService() + { + return (FilePlanRoleService) getService(FILE_PLAN_ROLE_SERVICE); + } } diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/RMActionExecuterAbstractBase.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/RMActionExecuterAbstractBase.java index 8445f2bef4..f3b6a56988 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/RMActionExecuterAbstractBase.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/RMActionExecuterAbstractBase.java @@ -27,7 +27,6 @@ import java.util.Map; import org.alfresco.module.org_alfresco_module_rm.RecordsManagementAdminService; import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService; import org.alfresco.module.org_alfresco_module_rm.audit.RecordsManagementAuditService; -import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService; import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionAction; import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionActionDefinition; import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionSchedule; @@ -38,6 +37,7 @@ import org.alfresco.module.org_alfresco_module_rm.event.RecordsManagementEventSe import org.alfresco.module.org_alfresco_module_rm.event.RecordsManagementEventType; import org.alfresco.module.org_alfresco_module_rm.freeze.FreezeService; import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel; +import org.alfresco.module.org_alfresco_module_rm.record.RecordService; import org.alfresco.module.org_alfresco_module_rm.vital.VitalRecordService; import org.alfresco.repo.action.executer.ActionExecuterAbstractBase; import org.alfresco.service.cmr.action.Action; diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/dm/CreateRecordAction.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/dm/CreateRecordAction.java index cae82f6e79..e405fa0034 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/dm/CreateRecordAction.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/dm/CreateRecordAction.java @@ -23,8 +23,8 @@ import java.util.List; import org.alfresco.error.AlfrescoRuntimeException; import org.alfresco.model.ContentModel; import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService; -import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService; import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel; +import org.alfresco.module.org_alfresco_module_rm.record.RecordService; import org.alfresco.repo.action.ParameterDefinitionImpl; import org.alfresco.repo.action.executer.ActionExecuterAbstractBase; import org.alfresco.service.cmr.action.Action; diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/declarative/AbstractCapabilityCondition.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/declarative/AbstractCapabilityCondition.java index 912588b833..4d8e8fbc5e 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/declarative/AbstractCapabilityCondition.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/declarative/AbstractCapabilityCondition.java @@ -19,9 +19,9 @@ package org.alfresco.module.org_alfresco_module_rm.capability.declarative; import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService; -import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService; import org.alfresco.module.org_alfresco_module_rm.freeze.FreezeService; import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel; +import org.alfresco.module.org_alfresco_module_rm.record.RecordService; import org.alfresco.service.cmr.repository.NodeService; import org.alfresco.service.cmr.security.PermissionService; import org.springframework.beans.factory.BeanNameAware; diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/CreateCapability.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/CreateCapability.java index 971f87c018..9c00f2320c 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/CreateCapability.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/CreateCapability.java @@ -26,7 +26,7 @@ import net.sf.acegisecurity.vote.AccessDecisionVoter; import org.alfresco.model.ContentModel; import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel; import org.alfresco.module.org_alfresco_module_rm.capability.declarative.DeclarativeCapability; -import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService; +import org.alfresco.module.org_alfresco_module_rm.record.RecordService; import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.cmr.security.AccessStatus; import org.alfresco.service.namespace.QName; diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/dataset/DataSetServiceImpl.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/dataset/DataSetServiceImpl.java index 3377921ded..df2ac18bc9 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/dataset/DataSetServiceImpl.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/dataset/DataSetServiceImpl.java @@ -17,11 +17,11 @@ import org.alfresco.model.ContentModel; import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService; import org.alfresco.module.org_alfresco_module_rm.action.RecordsManagementActionService; import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel; -import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordFolderServiceImpl; import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionSchedule; import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionService; import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel; import org.alfresco.module.org_alfresco_module_rm.model.behaviour.RecordsManagementSearchBehaviour; +import org.alfresco.module.org_alfresco_module_rm.recordfolder.RecordFolderServiceImpl; import org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService; import org.alfresco.module.org_alfresco_module_rm.security.Role; import org.alfresco.repo.security.authentication.AuthenticationUtil; diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/forms/RecordsManagementFormFilter.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/forms/RecordsManagementFormFilter.java index 167d78367d..5768888b3c 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/forms/RecordsManagementFormFilter.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/forms/RecordsManagementFormFilter.java @@ -25,7 +25,7 @@ import java.util.Map; import org.alfresco.module.org_alfresco_module_rm.RecordsManagementAdminService; import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService; import org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry; -import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService; +import org.alfresco.module.org_alfresco_module_rm.record.RecordService; import org.alfresco.repo.forms.Field; import org.alfresco.repo.forms.FieldGroup; import org.alfresco.repo.forms.Form; diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/jscript/app/BaseEvaluator.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/jscript/app/BaseEvaluator.java index 92318836d9..c8302ffa1c 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/jscript/app/BaseEvaluator.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/jscript/app/BaseEvaluator.java @@ -27,9 +27,9 @@ import org.alfresco.module.org_alfresco_module_rm.FilePlanComponentKind; import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService; import org.alfresco.module.org_alfresco_module_rm.capability.Capability; import org.alfresco.module.org_alfresco_module_rm.capability.CapabilityService; -import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService; import org.alfresco.module.org_alfresco_module_rm.freeze.FreezeService; import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel; +import org.alfresco.module.org_alfresco_module_rm.record.RecordService; import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.cmr.repository.NodeService; import org.alfresco.service.cmr.security.AccessStatus; diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/jscript/app/JSONConversionComponent.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/jscript/app/JSONConversionComponent.java index ffec926eed..e94d1a1ae2 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/jscript/app/JSONConversionComponent.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/jscript/app/JSONConversionComponent.java @@ -25,7 +25,7 @@ import org.alfresco.module.org_alfresco_module_rm.FilePlanComponentKind; import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService; import org.alfresco.module.org_alfresco_module_rm.capability.CapabilityService; import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel; -import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService; +import org.alfresco.module.org_alfresco_module_rm.record.RecordService; import org.alfresco.service.cmr.model.FileInfo; import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.cmr.security.AccessStatus; diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/RMv21InPlacePatch.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/RMv21InPlacePatch.java index 7920fd6caa..befe398219 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/RMv21InPlacePatch.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/RMv21InPlacePatch.java @@ -28,6 +28,7 @@ import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService; import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel; import org.alfresco.module.org_alfresco_module_rm.dod5015.DOD5015Model; import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel; +import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleServiceImpl; import org.alfresco.module.org_alfresco_module_rm.security.ExtendedReaderDynamicAuthority; import org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService; import org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityServiceImpl; @@ -144,13 +145,13 @@ public class RMv21InPlacePatch extends AbstractModuleComponent // create the properties map Map properties = new HashMap(1); - properties.put(ContentModel.PROP_NAME, RecordsManagementSecurityServiceImpl.NAME_UNFILED_CONTAINER); + properties.put(ContentModel.PROP_NAME, FilePlanRoleServiceImpl.NAME_UNFILED_CONTAINER); // create the unfiled container NodeRef container = nodeService.createNode( filePlan, ASSOC_UNFILED_RECORDS, - QName.createQName(RM_URI, RecordsManagementSecurityServiceImpl.NAME_UNFILED_CONTAINER), + QName.createQName(RM_URI, FilePlanRoleServiceImpl.NAME_UNFILED_CONTAINER), TYPE_UNFILED_RECORD_CONTAINER, properties).getChildRef(); diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/disposableitem/RecordService.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/record/RecordService.java similarity index 94% rename from rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/disposableitem/RecordService.java rename to rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/record/RecordService.java index 6a4001b5fd..234b0f1ba4 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/disposableitem/RecordService.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/record/RecordService.java @@ -17,7 +17,7 @@ * along with Alfresco. If not, see . */ -package org.alfresco.module.org_alfresco_module_rm.disposableitem; +package org.alfresco.module.org_alfresco_module_rm.record; import java.util.Set; diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/disposableitem/RecordServiceImpl.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/record/RecordServiceImpl.java similarity index 97% rename from rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/disposableitem/RecordServiceImpl.java rename to rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/record/RecordServiceImpl.java index 31f0304c01..f9d6cc198a 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/disposableitem/RecordServiceImpl.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/record/RecordServiceImpl.java @@ -16,7 +16,7 @@ * You should have received a copy of the GNU Lesser General Public License * along with Alfresco. If not, see . */ -package org.alfresco.module.org_alfresco_module_rm.disposableitem; +package org.alfresco.module.org_alfresco_module_rm.record; import java.util.Calendar; import java.util.Collection; diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/disposableitem/RecordFolderService.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/recordfolder/RecordFolderService.java similarity index 90% rename from rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/disposableitem/RecordFolderService.java rename to rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/recordfolder/RecordFolderService.java index fa119df470..9ed54bdf32 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/disposableitem/RecordFolderService.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/recordfolder/RecordFolderService.java @@ -16,7 +16,7 @@ * You should have received a copy of the GNU Lesser General Public License * along with Alfresco. If not, see . */ -package org.alfresco.module.org_alfresco_module_rm.disposableitem; +package org.alfresco.module.org_alfresco_module_rm.recordfolder; /** * Record folder service interface diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/disposableitem/RecordFolderServiceImpl.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/recordfolder/RecordFolderServiceImpl.java similarity index 95% rename from rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/disposableitem/RecordFolderServiceImpl.java rename to rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/recordfolder/RecordFolderServiceImpl.java index 2a06648e16..737da325da 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/disposableitem/RecordFolderServiceImpl.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/recordfolder/RecordFolderServiceImpl.java @@ -16,7 +16,7 @@ * You should have received a copy of the GNU Lesser General Public License * along with Alfresco. If not, see . */ -package org.alfresco.module.org_alfresco_module_rm.disposableitem; +package org.alfresco.module.org_alfresco_module_rm.recordfolder; import org.alfresco.model.ContentModel; import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionSchedule; diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/role/FilePlanRoleService.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/role/FilePlanRoleService.java new file mode 100644 index 0000000000..ff9c072143 --- /dev/null +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/role/FilePlanRoleService.java @@ -0,0 +1,124 @@ +/* + * Copyright (C) 2005-2012 Alfresco Software Limited. + * + * This file is part of Alfresco + * + * Alfresco is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * Alfresco is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with Alfresco. If not, see . + */ +package org.alfresco.module.org_alfresco_module_rm.role; + +import java.util.Set; + +import org.alfresco.module.org_alfresco_module_rm.capability.Capability; +import org.alfresco.service.cmr.repository.NodeRef; + +/** + * Role service interface + * + * @author Roy Wetherall + * @since 2.1 + */ +public interface FilePlanRoleService +{ + /** + * Returns the name of the container group for all roles of a specified file + * plan. + * + * @param filePlan file plan node reference + * @return String group name + */ + String getAllRolesContainerGroup(NodeRef filePlan); + + /** + * Get all the available roles for the given records management root node + * + * @param filePlan file plan + * @return + */ + Set getRoles(NodeRef filePlan); + + /** + * Gets the roles for a given user + * + * @param filePlan file plan + * @param user user + * @return + */ + Set getRolesByUser(NodeRef filePlan, String user); + + /** + * Get a role by name + * + * @param filePlan file plan + * @param role role + * @return + */ + Role getRole(NodeRef filePlan, String role); + + /** + * Indicate whether a role exists for a given records management root node + * @param filePlan file plan + * @param role role + * @return + */ + boolean existsRole(NodeRef filePlan, String role); + + /** + * Determines whether the given user has the RM Admin role + * + * @param filePlan filePlan + * @param user user name to check + * @return true if the user has the RM Admin role, false otherwise + */ + boolean hasRMAdminRole(NodeRef filePlan, String user); + + /** + * Create a new role + * + * @param filePlan file plan + * @param role + * @param roleDisplayLabel + * @param capabilities + * @return + */ + Role createRole(NodeRef filePlan, String role, String roleDisplayLabel, Set capabilities); + + /** + * Update an existing role + * + * @param filePlan file plan + * @param role + * @param roleDisplayLabel + * @param capabilities + * @return + */ + Role updateRole(NodeRef filePlan, String role, String roleDisplayLabel, Set capabilities); + + /** + * Delete a role + * + * @param filePlan file plan + * @param role role + */ + void deleteRole(NodeRef filePlan, String role); + + /** + * Assign a role to an authority + * + * @param filePlan file plan + * @param role role + * @param authorityName authority name + */ + void assignRoleToAuthority(NodeRef filePlan, String role, String authorityName); +} diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/role/FilePlanRoleServiceImpl.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/role/FilePlanRoleServiceImpl.java new file mode 100644 index 0000000000..e5913077fb --- /dev/null +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/role/FilePlanRoleServiceImpl.java @@ -0,0 +1,719 @@ +/* + * Copyright (C) 2005-2012 Alfresco Software Limited. + * + * This file is part of Alfresco + * + * Alfresco is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * Alfresco is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with Alfresco. If not, see . + */ +package org.alfresco.module.org_alfresco_module_rm.role; + +import java.io.BufferedReader; +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.Serializable; +import java.util.HashMap; +import java.util.HashSet; +import java.util.Map; +import java.util.Set; + +import org.alfresco.error.AlfrescoRuntimeException; +import org.alfresco.model.ContentModel; +import org.alfresco.module.org_alfresco_module_rm.capability.Capability; +import org.alfresco.module.org_alfresco_module_rm.capability.CapabilityService; +import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel; +import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel; +import org.alfresco.module.org_alfresco_module_rm.record.RecordService; +import org.alfresco.module.org_alfresco_module_rm.security.ExtendedReaderDynamicAuthority; +import org.alfresco.repo.node.NodeServicePolicies; +import org.alfresco.repo.policy.JavaBehaviour; +import org.alfresco.repo.policy.PolicyComponent; +import org.alfresco.repo.policy.Behaviour.NotificationFrequency; +import org.alfresco.repo.security.authentication.AuthenticationUtil; +import org.alfresco.service.cmr.repository.ChildAssociationRef; +import org.alfresco.service.cmr.repository.NodeRef; +import org.alfresco.service.cmr.repository.NodeService; +import org.alfresco.service.cmr.repository.StoreRef; +import org.alfresco.service.cmr.security.AccessPermission; +import org.alfresco.service.cmr.security.AuthorityService; +import org.alfresco.service.cmr.security.AuthorityType; +import org.alfresco.service.cmr.security.PermissionService; +import org.alfresco.service.namespace.QName; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.json.JSONArray; +import org.json.JSONException; +import org.json.JSONObject; + +/** + * Role service implementation + * + * @author Roy Wetherall + * @since 2.1 + */ +public class FilePlanRoleServiceImpl implements FilePlanRoleService, + RecordsManagementModel +{ + /** Capability service */ + private CapabilityService capabilityService; + + /** Authority service */ + private AuthorityService authorityService; + + /** Permission service */ + private PermissionService permissionService; + + /** Policy component */ + private PolicyComponent policyComponent; + + /** Record service */ + private RecordService recordService; + + /** Node service */ + private NodeService nodeService; + + /** Records management role zone */ + public static final String RM_ROLE_ZONE_PREFIX = "rmRoleZone"; + + /** Unfiled record container name */ + public static final String NAME_UNFILED_CONTAINER = "Unfiled Records"; + + /** Logger */ + private static Log logger = LogFactory.getLog(FilePlanRoleServiceImpl.class); + + /** + * @param capabilityService capability service + */ + public void setCapabilityService(CapabilityService capabilityService) + { + this.capabilityService = capabilityService; + } + + /** + * @param authorityService authority service + */ + public void setAuthorityService(AuthorityService authorityService) + { + this.authorityService = authorityService; + } + + /** + * @param permissionService permission service + */ + public void setPermissionService(PermissionService permissionService) + { + this.permissionService = permissionService; + } + + /** + * @param policyComponent policy component + */ + public void setPolicyComponent(PolicyComponent policyComponent) + { + this.policyComponent = policyComponent; + } + + /** + * @param nodeService node service + */ + public void setNodeService(NodeService nodeService) + { + this.nodeService = nodeService; + } + + /** + * @param recordService record service + */ + public void setRecordService(RecordService recordService) + { + this.recordService = recordService; + } + + /** + * Initialisation method + */ + public void init() + { + policyComponent.bindClassBehaviour( + NodeServicePolicies.OnCreateNodePolicy.QNAME, + TYPE_FILE_PLAN, + new JavaBehaviour(this, "onCreateRootNode", NotificationFrequency.TRANSACTION_COMMIT)); + policyComponent.bindClassBehaviour( + NodeServicePolicies.OnDeleteNodePolicy.QNAME, + TYPE_FILE_PLAN, + new JavaBehaviour(this, "onDeleteRootNode", NotificationFrequency.TRANSACTION_COMMIT)); + } + + /** + * Create root node behaviour + * + * @param childAssocRef + */ + public void onCreateRootNode(ChildAssociationRef childAssocRef) + { + final NodeRef rmRootNode = childAssocRef.getChildRef(); + + // Do not execute behaviour if this has been created in the archive store + if(rmRootNode.getStoreRef().equals(StoreRef.STORE_REF_ARCHIVE_SPACESSTORE) == true) + { + // This is not the spaces store - probably the archive store + return; + } + + if (nodeService.exists(rmRootNode) == true) + { + NodeRef unfiledContainer = AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork() + { + public NodeRef doWork() + { + // Create "all" role group for root node + String allRoles = authorityService.createAuthority(AuthorityType.GROUP, getAllRolesGroupShortName(rmRootNode), "All Roles", null); + + // Set the permissions + permissionService.setInheritParentPermissions(rmRootNode, false); + permissionService.setPermission(rmRootNode, allRoles, RMPermissionModel.READ_RECORDS, true); + permissionService.setPermission(rmRootNode, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.READ_RECORDS, true); + permissionService.setPermission(rmRootNode, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.VIEW_RECORDS, true); + + // Create the unfiled record container + return createUnfiledContainer(rmRootNode, allRoles); + } + }, AuthenticationUtil.getSystemUserName()); + + // Bootstrap in the default set of roles for the newly created root node + bootstrapDefaultRoles(rmRootNode, unfiledContainer); + } + } + + /** + * Creates unfiled container node and sets up permissions + * + * @param rmRootNode + * @param allRoles + */ + private NodeRef createUnfiledContainer(NodeRef rmRootNode, String allRoles) + { + NodeRef container = recordService.getUnfiledContainer(rmRootNode); + + if (container == null) + { + // create the properties map + Map properties = new HashMap(1); + properties.put(ContentModel.PROP_NAME, NAME_UNFILED_CONTAINER); + + // create the unfiled container + container = nodeService.createNode( + rmRootNode, + ASSOC_UNFILED_RECORDS, + QName.createQName(RM_URI, NAME_UNFILED_CONTAINER), + TYPE_UNFILED_RECORD_CONTAINER, + properties).getChildRef(); + + // set inheritance to false + permissionService.setInheritParentPermissions(container, false); + permissionService.setPermission(container, allRoles, RMPermissionModel.READ_RECORDS, true); + permissionService.setPermission(container, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.READ_RECORDS, true); + } + + return container; + } + + /** + * Delete root node behaviour + * + * @param childAssocRef + */ + public void onDeleteRootNode(ChildAssociationRef childAssocRef, boolean isNodeArchived) + { + logger.debug("onDeleteRootNode called"); + + // get the deleted node + final NodeRef rmRootNode = childAssocRef.getChildRef(); + + AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork() + { + public Object doWork() + { + // cascade delete the 'all' roles group for the site + String allRolesGroup = authorityService.getName(AuthorityType.GROUP, getAllRolesGroupShortName(rmRootNode)); + Set groups = authorityService.getContainedAuthorities(AuthorityType.GROUP, allRolesGroup, true); + for (String group : groups) + { + authorityService.deleteAuthority(group); + } + + authorityService.deleteAuthority(allRolesGroup, false); + + return null; + } + }, AuthenticationUtil.getSystemUserName()); + } + + /** + * Get all the roles by short name + * + * @param rmRootNode + * @return + */ + private String getAllRolesGroupShortName(NodeRef rmRootNode) + { + return "AllRoles" + rmRootNode.getId(); + } + + /** + * + * @param rmRootNode + * @param unfiledContainer + */ + private void bootstrapDefaultRoles(final NodeRef rmRootNode, final NodeRef unfiledContainer) + { + AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork() + { + public Object doWork() + { + try + { + JSONArray array = null; + try + { + // Load up the default roles from JSON + InputStream is = getClass().getClassLoader().getResourceAsStream("alfresco/module/org_alfresco_module_rm/security/rm-default-roles-bootstrap.json"); + if (is == null) + { + throw new AlfrescoRuntimeException("Could not load default bootstrap roles configuration"); + } + array = new JSONArray(convertStreamToString(is)); + } + catch (IOException ioe) + { + throw new AlfrescoRuntimeException("Unable to load rm-default-roles-bootstrap.json configuration file.", ioe); + } + + // Add each role to the rm root node + for (int i = 0; i < array.length(); i++) + { + JSONObject object = array.getJSONObject(i); + + // Get the name of the role + String name = null; + if (object.has("name") == true) + { + name = object.getString("name"); + if (existsRole(rmRootNode, name) == true) + { + throw new AlfrescoRuntimeException("The bootstrap role " + name + " already exists on the rm root node " + rmRootNode.toString()); + } + } + else + { + throw new AlfrescoRuntimeException("No name given to default bootstrap role. Check json configuration file."); + } + + + // Get the role's display label + String displayLabel = name; + if (object.has("displayLabel") == true) + { + displayLabel = object.getString("displayLabel"); + } + + // Determine whether the role is an admin role or not + boolean isAdmin = false; + if (object.has("isAdmin") == true) + { + isAdmin = object.getBoolean("isAdmin"); + } + + // Get the roles capabilities + Set capabilities = new HashSet(30); + if (object.has("capabilities") == true) + { + JSONArray arrCaps = object.getJSONArray("capabilities"); + for (int index = 0; index < arrCaps.length(); index++) + { + String capName = arrCaps.getString(index); + Capability capability = capabilityService.getCapability(capName); + if (capability == null) + { + throw new AlfrescoRuntimeException("The capability '" + capName + "' configured for the deafult boostrap role '" + name + "' is invalid."); + } + capabilities.add(capability); + } + } + + // Create the role + Role role = createRole(rmRootNode, name, displayLabel, capabilities); + + // Add any additional admin permissions + if (isAdmin == true) + { + // Admin has filing + permissionService.setPermission(rmRootNode, role.getRoleGroupName(), RMPermissionModel.FILING, true); + if (unfiledContainer != null) + { + permissionService.setPermission(unfiledContainer, role.getRoleGroupName(), RMPermissionModel.FILING, true); + } + + // Add the creating user to the administration group + String user = AuthenticationUtil.getFullyAuthenticatedUser(); + authorityService.addAuthority(role.getRoleGroupName(), user); + } + } + } + catch (JSONException exception) + { + throw new AlfrescoRuntimeException("Error loading json configuration file rm-default-roles-bootstrap.json", exception); + } + + return null; + } + }, AuthenticationUtil.getSystemUserName()); + } + + /** + * Helper method to convert a stream to a string. + * + * @param is input stream + * @return {@link String} string + * @throws IOException + */ + public String convertStreamToString(InputStream is) throws IOException + { + /* + * To convert the InputStream to String we use the BufferedReader.readLine() + * method. We iterate until the BufferedReader return null which means + * there's no more data to read. Each line will appended to a StringBuilder + * and returned as String. + */ + BufferedReader reader = new BufferedReader(new InputStreamReader(is)); + StringBuilder sb = new StringBuilder(); + + String line = null; + try + { + while ((line = reader.readLine()) != null) + { + sb.append(line + "\n"); + } + } + finally + { + try {is.close();} catch (IOException e) {} + } + + return sb.toString(); + } + + /** + * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRoles() + */ + public Set getRoles(final NodeRef rmRootNode) + { + return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork>() + { + public Set doWork() throws Exception + { + Set result = new HashSet(13); + + Set roleAuthorities = authorityService.getAllAuthoritiesInZone(getZoneName(rmRootNode), AuthorityType.GROUP); + for (String roleAuthority : roleAuthorities) + { + String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode); + String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority); + + Role role = new Role(name, displayLabel, getCapabilitiesImpl(rmRootNode, roleAuthority), roleAuthority); + result.add(role); + } + + return result; + } + }, AuthenticationUtil.getSystemUserName()); + } + + /** + * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRolesByUser(org.alfresco.service.cmr.repository.NodeRef, java.lang.String) + */ + public Set getRolesByUser(final NodeRef rmRootNode, final String user) + { + return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork>() + { + public Set doWork() throws Exception + { + Set result = new HashSet(13); + + Set roleAuthorities = authorityService.getAllAuthoritiesInZone(getZoneName(rmRootNode), AuthorityType.GROUP); + for (String roleAuthority : roleAuthorities) + { + Set users = authorityService.getContainedAuthorities(AuthorityType.USER, roleAuthority, false); + if (users.contains(user) == true) + { + String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode); + String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority); + + Role role = new Role(name, displayLabel, getCapabilitiesImpl(rmRootNode, roleAuthority), roleAuthority); + result.add(role); + } + } + + return result; + } + }, AuthenticationUtil.getSystemUserName()); + } + + /** + * + * @param rmRootNode + * @return + */ + private String getZoneName(NodeRef rmRootNode) + { + return RM_ROLE_ZONE_PREFIX + rmRootNode.getId(); + } + + /** + * Get the full role name + * + * @param role + * @param rmRootNode + * @return + */ + private String getFullRoleName(String role, NodeRef rmRootNode) + { + return role + rmRootNode.getId(); + } + + /** + * Get the short role name + * + * @param fullRoleName + * @param rmRootNode + * @return + */ + private String getShortRoleName(String fullRoleName, NodeRef rmRootNode) + { + return fullRoleName.replaceAll(rmRootNode.getId(), ""); + } + + /** + * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String) + */ + public Role getRole(final NodeRef rmRootNode, final String role) + { + return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork() + { + public Role doWork() throws Exception + { + Role result = null; + + String roleAuthority = authorityService.getName(AuthorityType.GROUP, getFullRoleName(role, rmRootNode)); + if (authorityService.authorityExists(roleAuthority) == true) + { + String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode); + String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority); + Set capabilities = getCapabilitiesImpl(rmRootNode, roleAuthority); + + result = new Role(name, displayLabel, capabilities, roleAuthority); + } + + return result; + } + }, AuthenticationUtil.getSystemUserName()); + } + + /** + * + * @param rmRootNode + * @param roleAuthority + * @return + */ + private Set getCapabilitiesImpl(NodeRef rmRootNode, String roleAuthority) + { + Set permissions = permissionService.getAllSetPermissions(rmRootNode); + Set capabilities = new HashSet(52); + for (AccessPermission permission : permissions) + { + if (permission.getAuthority().equals(roleAuthority) == true) + { + String capabilityName = permission.getPermission(); + Capability capability = capabilityService.getCapability(capabilityName); + if (capability != null) + { + capabilities.add(capability); + } + } + } + + return capabilities; + } + + /** + * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#existsRole(java.lang.String) + */ + public boolean existsRole(final NodeRef rmRootNode, final String role) + { + return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork() + { + public Boolean doWork() throws Exception + { + String fullRoleName = authorityService.getName(AuthorityType.GROUP, getFullRoleName(role, rmRootNode)); + + String zone = getZoneName(rmRootNode); + Set roles = authorityService.getAllAuthoritiesInZone(zone, AuthorityType.GROUP); + return new Boolean(roles.contains(fullRoleName)); + } + }, AuthenticationUtil.getSystemUserName()).booleanValue(); + } + + /** + * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#hasRMAdminRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String) + * + * TODO .. change this to check a property of the role its self + */ + public boolean hasRMAdminRole(NodeRef rmRootNode, String user) + { + boolean isRMAdmin = false; + + Set userRoles = this.getRolesByUser(rmRootNode, user); + if (userRoles != null) + { + for (Role role : userRoles) + { + if (role.getName().equals("Administrator")) + { + isRMAdmin = true; + break; + } + } + } + + return isRMAdmin; + } + + /** + * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#createRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String, java.util.Set) + */ + public Role createRole(final NodeRef rmRootNode, final String role, final String roleDisplayLabel, final Set capabilities) + { + return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork() + { + public Role doWork() throws Exception + { + String fullRoleName = getFullRoleName(role, rmRootNode); + + // Check that the role does not already exist for the rm root node + if (authorityService.authorityExists(authorityService.getName(AuthorityType.GROUP, fullRoleName))) + { + throw new AlfrescoRuntimeException("The role " + role + " already exists for root rm node " + rmRootNode.getId()); + } + + // Create a group that relates to the records management role + Set zones = new HashSet(2); + zones.add(getZoneName(rmRootNode)); + zones.add(AuthorityService.ZONE_APP_DEFAULT); + String roleGroup = authorityService.createAuthority(AuthorityType.GROUP, fullRoleName, roleDisplayLabel, zones); + + // Add the roleGroup to the "all" role group + String allRoleGroup = authorityService.getName(AuthorityType.GROUP, getAllRolesGroupShortName(rmRootNode)); + authorityService.addAuthority(allRoleGroup, roleGroup); + + // Assign the various capabilities to the group on the root records management node + if (capabilities != null) + { + for (Capability capability : capabilities) + { + permissionService.setPermission(rmRootNode, roleGroup, capability.getName(), true); + } + } + + return new Role(role, roleDisplayLabel, capabilities, roleGroup); + } + }, AuthenticationUtil.getSystemUserName()); + } + + + + /** + * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#updateRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String, java.util.Set) + */ + public Role updateRole(final NodeRef rmRootNode, final String role, final String roleDisplayLabel, final Set capabilities) + { + return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork() + { + public Role doWork() throws Exception + { + String roleAuthority = authorityService.getName(AuthorityType.GROUP, getFullRoleName(role, rmRootNode)); + + // Reset the role display name + authorityService.setAuthorityDisplayName(roleAuthority, roleDisplayLabel); + + // TODO this needs to be improved, removing all and reading is not ideal + + // Clear the current capabilities + permissionService.clearPermission(rmRootNode, roleAuthority); + + // Re-add the provided capabilities + for (Capability capability : capabilities) + { + permissionService.setPermission(rmRootNode, roleAuthority, capability.getName(), true); + } + + return new Role(role, roleDisplayLabel, capabilities, roleAuthority); + + } + }, AuthenticationUtil.getSystemUserName()); + } + + /** + * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#deleteRole(java.lang.String) + */ + public void deleteRole(final NodeRef rmRootNode, final String role) + { + AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork() + { + public Boolean doWork() throws Exception + { + String roleAuthority = authorityService.getName(AuthorityType.GROUP, getFullRoleName(role, rmRootNode)); + authorityService.deleteAuthority(roleAuthority); + return null; + + } + }, AuthenticationUtil.getSystemUserName()); + } + + /** + * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#assignRoleToAuthority(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String) + */ + public void assignRoleToAuthority(final NodeRef rmRootNode, final String role, final String authorityName) + { + AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork() + { + public Boolean doWork() throws Exception + { + String roleAuthority = authorityService.getName(AuthorityType.GROUP, getFullRoleName(role, rmRootNode)); + authorityService.addAuthority(roleAuthority, authorityName); + return null; + + } + }, AuthenticationUtil.getSystemUserName()); + } + + /** + * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getAllRolesContainerGroup(org.alfresco.service.cmr.repository.NodeRef) + */ + @Override + public String getAllRolesContainerGroup(NodeRef filePlan) + { + return authorityService.getName(AuthorityType.GROUP, getAllRolesGroupShortName(filePlan)); + } +} diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/Role.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/role/Role.java similarity index 93% rename from rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/Role.java rename to rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/role/Role.java index 816f2505f3..943a7eb361 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/Role.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/role/Role.java @@ -16,7 +16,7 @@ * You should have received a copy of the GNU Lesser General Public License * along with Alfresco. If not, see . */ -package org.alfresco.module.org_alfresco_module_rm.security; +package org.alfresco.module.org_alfresco_module_rm.role; import java.util.Set; diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/script/BootstrapTestDataGet.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/script/BootstrapTestDataGet.java index e67c5e894c..6620497524 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/script/BootstrapTestDataGet.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/script/BootstrapTestDataGet.java @@ -30,12 +30,12 @@ import org.alfresco.model.ContentModel; import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService; import org.alfresco.module.org_alfresco_module_rm.action.RecordsManagementActionService; import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel; -import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordFolderServiceImpl; import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionSchedule; import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionService; import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel; import org.alfresco.module.org_alfresco_module_rm.model.behaviour.RecordsManagementSearchBehaviour; import org.alfresco.module.org_alfresco_module_rm.model.behaviour.RmSiteType; +import org.alfresco.module.org_alfresco_module_rm.recordfolder.RecordFolderServiceImpl; import org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService; import org.alfresco.module.org_alfresco_module_rm.security.Role; import org.alfresco.repo.security.authentication.AuthenticationUtil; diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/script/RecordMetaDataAspectsGet.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/script/RecordMetaDataAspectsGet.java index 512e6fc0ab..bd826287ca 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/script/RecordMetaDataAspectsGet.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/script/RecordMetaDataAspectsGet.java @@ -24,7 +24,7 @@ import java.util.List; import java.util.Map; import java.util.Set; -import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService; +import org.alfresco.module.org_alfresco_module_rm.record.RecordService; import org.alfresco.service.cmr.dictionary.AspectDefinition; import org.alfresco.service.cmr.dictionary.DictionaryService; import org.alfresco.service.namespace.NamespaceService; diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/script/slingshot/RMSearchPropertiesGet.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/script/slingshot/RMSearchPropertiesGet.java index 1d4776e2e3..d97cc1a53e 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/script/slingshot/RMSearchPropertiesGet.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/script/slingshot/RMSearchPropertiesGet.java @@ -25,7 +25,7 @@ import java.util.Map; import java.util.Set; import org.alfresco.module.org_alfresco_module_rm.RecordsManagementAdminService; -import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService; +import org.alfresco.module.org_alfresco_module_rm.record.RecordService; import org.alfresco.service.cmr.dictionary.AspectDefinition; import org.alfresco.service.cmr.dictionary.DictionaryService; import org.alfresco.service.cmr.dictionary.PropertyDefinition; diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/ExtendedSecurityServiceImpl.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/ExtendedSecurityServiceImpl.java index 9c0fe5ba3a..02c92e8ef7 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/ExtendedSecurityServiceImpl.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/ExtendedSecurityServiceImpl.java @@ -26,8 +26,8 @@ import java.util.Set; import org.alfresco.model.RenditionModel; import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService; -import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService; import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel; +import org.alfresco.module.org_alfresco_module_rm.record.RecordService; import org.alfresco.repo.node.NodeServicePolicies; import org.alfresco.repo.policy.JavaBehaviour; import org.alfresco.repo.policy.PolicyComponent; diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityService.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityService.java index 952faca337..27d69b5cb1 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityService.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityService.java @@ -22,6 +22,7 @@ import java.util.Set; import org.alfresco.module.org_alfresco_module_rm.capability.Capability; import org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityService; +import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService; import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.namespace.QName; @@ -35,8 +36,11 @@ public interface RecordsManagementSecurityService /** * Creates the initial set of default roles for a root records management node * - * @param rmRootNode + * @param rmRootNode root node + * + * @deprecatedAs of release 2.1, operation no longer supported */ + @Deprecated void bootstrapDefaultRoles(NodeRef rmRootNode); /** @@ -45,15 +49,21 @@ public interface RecordsManagementSecurityService * * @param filePlan file plan node reference * @return String group name + * + * @deprecated As of release 2.1, replaced by {@link FilePlanRoleService#getAllRolesContainerGroup(NodeRef)} */ + @Deprecated String getAllRolesContainerGroup(NodeRef filePlan); /** * Get all the available roles for the given records management root node * - * @param rmRootNode - * @return + * @param rmRootNode root node + * @return {@link Set}<{@link Role}> all roles for a given root node + * + * @deprecated As of release 2.1, replaced by {@link FilePlanRoleService#getRoles(NodeRef)} */ + @Deprecated Set getRoles(NodeRef rmRootNode); /** @@ -62,7 +72,10 @@ public interface RecordsManagementSecurityService * @param rmRootNode * @param user * @return + * + * @deprecated As of release 2.1, replaced by {@link FilePlanRoleService#getRolesByUser(NodeRef, String)} */ + @Deprecated Set getRolesByUser(NodeRef rmRootNode, String user); /** @@ -71,7 +84,10 @@ public interface RecordsManagementSecurityService * @param rmRootNode * @param role * @return + * + * @deprecated As of release 2.1, replaced by {@link FilePlanRoleService#getRole(NodeRef, String)} */ + @Deprecated Role getRole(NodeRef rmRootNode, String role); /** @@ -79,7 +95,10 @@ public interface RecordsManagementSecurityService * @param rmRootNode * @param role * @return + * + * @deprecated As of release 2.1, replaced by {@link FilePlanRoleService#existsRole(NodeRef, String)} */ + @Deprecated boolean existsRole(NodeRef rmRootNode, String role); /** @@ -88,7 +107,10 @@ public interface RecordsManagementSecurityService * @param rmRootNode RM root node * @param user user name to check * @return true if the user has the RM Admin role, false otherwise + * + * @deprecated As of release 2.1, replaced by {@link FilePlanRoleService#hasRMAdminRole(NodeRef, String)} */ + @Deprecated boolean hasRMAdminRole(NodeRef rmRootNode, String user); /** @@ -99,7 +121,10 @@ public interface RecordsManagementSecurityService * @param roleDisplayLabel * @param capabilities * @return + * + * @deprecated As of release 2.1, replaced by {@link FilePlanRoleService#createRole(NodeRef, String, String, Set)} */ + @Deprecated Role createRole(NodeRef rmRootNode, String role, String roleDisplayLabel, Set capabilities); /** @@ -110,7 +135,10 @@ public interface RecordsManagementSecurityService * @param roleDisplayLabel * @param capabilities * @return + * + * @deprecated As of release 2.1, replaced by {@link FilePlanRoleService#updateRole(NodeRef, String, String, Set)} */ + @Deprecated Role updateRole(NodeRef rmRootNode, String role, String roleDisplayLabel, Set capabilities); /** @@ -118,7 +146,10 @@ public interface RecordsManagementSecurityService * * @param rmRootNode * @param role + * + * @deprecated As of release 2.1, replaced by {@link FilePlanRoleService#deleteRole(NodeRef, String)} */ + @Deprecated void deleteRole(NodeRef rmRootNode, String role); /** @@ -127,7 +158,10 @@ public interface RecordsManagementSecurityService * @param authorityName * @param rmRootNode * @param role + * + * @deprecated As of release 2.1, replaced by {@link FilePlanRoleService#assignRoleToAuthority(NodeRef, String, String)} */ + @Deprecated void assignRoleToAuthority(NodeRef rmRootNode, String role, String authorityName); /** diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityServiceImpl.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityServiceImpl.java index 9ed2b88973..20b260bfd1 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityServiceImpl.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityServiceImpl.java @@ -18,26 +18,16 @@ */ package org.alfresco.module.org_alfresco_module_rm.security; -import java.io.BufferedReader; -import java.io.IOException; -import java.io.InputStream; -import java.io.InputStreamReader; -import java.io.Serializable; -import java.util.HashMap; -import java.util.HashSet; import java.util.List; -import java.util.Map; import java.util.Set; -import org.alfresco.error.AlfrescoRuntimeException; import org.alfresco.model.ContentModel; import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService; import org.alfresco.module.org_alfresco_module_rm.capability.Capability; -import org.alfresco.module.org_alfresco_module_rm.capability.CapabilityService; import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel; -import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService; import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel; import org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityService; +import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService; import org.alfresco.repo.node.NodeServicePolicies; import org.alfresco.repo.policy.JavaBehaviour; import org.alfresco.repo.policy.PolicyComponent; @@ -46,20 +36,14 @@ import org.alfresco.repo.security.authentication.AuthenticationUtil; import org.alfresco.service.cmr.repository.ChildAssociationRef; import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.cmr.repository.NodeService; -import org.alfresco.service.cmr.repository.StoreRef; import org.alfresco.service.cmr.security.AccessPermission; import org.alfresco.service.cmr.security.AccessStatus; -import org.alfresco.service.cmr.security.AuthorityService; -import org.alfresco.service.cmr.security.AuthorityType; import org.alfresco.service.cmr.security.PermissionService; import org.alfresco.service.namespace.QName; import org.alfresco.service.namespace.RegexQNamePattern; import org.alfresco.util.ParameterCheck; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.json.JSONArray; -import org.json.JSONException; -import org.json.JSONObject; /** * Records management permission service implementation @@ -68,14 +52,7 @@ import org.json.JSONObject; */ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSecurityService, RecordsManagementModel - { - /** Capability service */ - private CapabilityService capabilityService; - - /** Authority service */ - private AuthorityService authorityService; - /** Permission service */ private PermissionService permissionService; @@ -87,42 +64,16 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe /** Model security service */ private ModelSecurityService modelSecurityService; - - /** Record service */ - private RecordService recordService; /** Node service */ private NodeService nodeService; - - /** Records management role zone */ - public static final String RM_ROLE_ZONE_PREFIX = "rmRoleZone"; - - /** Unfiled record container name */ - public static final String NAME_UNFILED_CONTAINER = "Unfiled Records"; + + /** File plan role service */ + private FilePlanRoleService filePlanRoleService; /** Logger */ private static Log logger = LogFactory.getLog(RecordsManagementSecurityServiceImpl.class); - /** - * Set the capability service - * - * @param capabilityService - */ - public void setCapabilityService(CapabilityService capabilityService) - { - this.capabilityService = capabilityService; - } - - /** - * Set the authortiy service - * - * @param authorityService - */ - public void setAuthorityService(AuthorityService authorityService) - { - this.authorityService = authorityService; - } - /** * Set the permission service * @@ -152,16 +103,6 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe { this.recordsManagementService = recordsManagementService; } - - /** - * Set record service - * - * @param recordService record service - */ - public void setRecordService(RecordService recordService) - { - this.recordService = recordService; - } /** * Set the node service @@ -180,20 +121,20 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe { this.modelSecurityService = modelSecurityService; } + + /** + * @param filePlanRoleService file plan role service + */ + public void setFilePlanRoleService(FilePlanRoleService filePlanRoleService) + { + this.filePlanRoleService = filePlanRoleService; + } /** * Initialisation method */ public void init() { - policyComponent.bindClassBehaviour( - NodeServicePolicies.OnCreateNodePolicy.QNAME, - TYPE_FILE_PLAN, - new JavaBehaviour(this, "onCreateRootNode", NotificationFrequency.TRANSACTION_COMMIT)); - policyComponent.bindClassBehaviour( - NodeServicePolicies.OnDeleteNodePolicy.QNAME, - TYPE_FILE_PLAN, - new JavaBehaviour(this, "onDeleteRootNode", NotificationFrequency.TRANSACTION_COMMIT)); policyComponent.bindClassBehaviour( NodeServicePolicies.OnCreateNodePolicy.QNAME, TYPE_RECORD_CATEGORY, @@ -204,122 +145,6 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe new JavaBehaviour(this, "onCreateRecordFolder", NotificationFrequency.TRANSACTION_COMMIT)); } - /** - * Create root node behaviour - * - * @param childAssocRef - */ - public void onCreateRootNode(ChildAssociationRef childAssocRef) - { - final NodeRef rmRootNode = childAssocRef.getChildRef(); - - // Do not execute behaviour if this has been created in the archive store - if(rmRootNode.getStoreRef().equals(StoreRef.STORE_REF_ARCHIVE_SPACESSTORE) == true) - { - // This is not the spaces store - probably the archive store - return; - } - - if (nodeService.exists(rmRootNode) == true) - { - NodeRef unfiledContainer = AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork() - { - public NodeRef doWork() - { - // Create "all" role group for root node - String allRoles = authorityService.createAuthority(AuthorityType.GROUP, getAllRolesGroupShortName(rmRootNode), "All Roles", null); - - // Set the permissions - permissionService.setInheritParentPermissions(rmRootNode, false); - permissionService.setPermission(rmRootNode, allRoles, RMPermissionModel.READ_RECORDS, true); - permissionService.setPermission(rmRootNode, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.READ_RECORDS, true); - permissionService.setPermission(rmRootNode, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.VIEW_RECORDS, true); - - // Create the unfiled record container - return createUnfiledContainer(rmRootNode, allRoles); - } - }, AuthenticationUtil.getSystemUserName()); - - // Bootstrap in the default set of roles for the newly created root node - bootstrapDefaultRoles(rmRootNode, unfiledContainer); - } - } - - /** - * Creates unfiled container node and sets up permissions - * - * @param rmRootNode - * @param allRoles - */ - private NodeRef createUnfiledContainer(NodeRef rmRootNode, String allRoles) - { - NodeRef container = recordService.getUnfiledContainer(rmRootNode); - - if (container == null) - { - // create the properties map - Map properties = new HashMap(1); - properties.put(ContentModel.PROP_NAME, NAME_UNFILED_CONTAINER); - - // create the unfiled container - container = nodeService.createNode( - rmRootNode, - ASSOC_UNFILED_RECORDS, - QName.createQName(RM_URI, NAME_UNFILED_CONTAINER), - TYPE_UNFILED_RECORD_CONTAINER, - properties).getChildRef(); - - // set inheritance to false - permissionService.setInheritParentPermissions(container, false); - permissionService.setPermission(container, allRoles, RMPermissionModel.READ_RECORDS, true); - permissionService.setPermission(container, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.READ_RECORDS, true); - } - - return container; - } - - /** - * Delete root node behaviour - * - * @param childAssocRef - */ - public void onDeleteRootNode(ChildAssociationRef childAssocRef, boolean isNodeArchived) - { - logger.debug("onDeleteRootNode called"); - - // get the deleted node - final NodeRef rmRootNode = childAssocRef.getChildRef(); - - AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork() - { - public Object doWork() - { - // cascade delete the 'all' roles group for the site - String allRolesGroup = authorityService.getName(AuthorityType.GROUP, getAllRolesGroupShortName(rmRootNode)); - Set groups = authorityService.getContainedAuthorities(AuthorityType.GROUP, allRolesGroup, true); - for (String group : groups) - { - authorityService.deleteAuthority(group); - } - - authorityService.deleteAuthority(allRolesGroup, false); - - return null; - } - }, AuthenticationUtil.getSystemUserName()); - } - - /** - * Get all the roles by short name - * - * @param rmRootNode - * @return - */ - private String getAllRolesGroupShortName(NodeRef rmRootNode) - { - return "AllRoles" + rmRootNode.getId(); - } - /** * @param childAssocRef */ @@ -432,454 +257,7 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe } }, AuthenticationUtil.getSystemUserName()); } - } - - /** - * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#bootstrapDefaultRoles(org.alfresco.service.cmr.repository.NodeRef) - */ - public void bootstrapDefaultRoles(NodeRef rmRootNode) - { - bootstrapDefaultRoles(rmRootNode, null); - } - - private void bootstrapDefaultRoles(final NodeRef rmRootNode, final NodeRef unfiledContainer) - { - AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork() - { - public Object doWork() - { - try - { - JSONArray array = null; - try - { - // Load up the default roles from JSON - InputStream is = getClass().getClassLoader().getResourceAsStream("alfresco/module/org_alfresco_module_rm/security/rm-default-roles-bootstrap.json"); - if (is == null) - { - throw new AlfrescoRuntimeException("Could not load default bootstrap roles configuration"); - } - array = new JSONArray(convertStreamToString(is)); - } - catch (IOException ioe) - { - throw new AlfrescoRuntimeException("Unable to load rm-default-roles-bootstrap.json configuration file.", ioe); - } - - // Add each role to the rm root node - for (int i = 0; i < array.length(); i++) - { - JSONObject object = array.getJSONObject(i); - - // Get the name of the role - String name = null; - if (object.has("name") == true) - { - name = object.getString("name"); - if (existsRole(rmRootNode, name) == true) - { - throw new AlfrescoRuntimeException("The bootstrap role " + name + " already exists on the rm root node " + rmRootNode.toString()); - } - } - else - { - throw new AlfrescoRuntimeException("No name given to default bootstrap role. Check json configuration file."); - } - - - // Get the role's display label - String displayLabel = name; - if (object.has("displayLabel") == true) - { - displayLabel = object.getString("displayLabel"); - } - - // Determine whether the role is an admin role or not - boolean isAdmin = false; - if (object.has("isAdmin") == true) - { - isAdmin = object.getBoolean("isAdmin"); - } - - // Get the roles capabilities - Set capabilities = new HashSet(30); - if (object.has("capabilities") == true) - { - JSONArray arrCaps = object.getJSONArray("capabilities"); - for (int index = 0; index < arrCaps.length(); index++) - { - String capName = arrCaps.getString(index); - Capability capability = capabilityService.getCapability(capName); - if (capability == null) - { - throw new AlfrescoRuntimeException("The capability '" + capName + "' configured for the deafult boostrap role '" + name + "' is invalid."); - } - capabilities.add(capability); - } - } - - // Create the role - Role role = createRole(rmRootNode, name, displayLabel, capabilities); - - // Add any additional admin permissions - if (isAdmin == true) - { - // Admin has filing - permissionService.setPermission(rmRootNode, role.getRoleGroupName(), RMPermissionModel.FILING, true); - if (unfiledContainer != null) - { - permissionService.setPermission(unfiledContainer, role.getRoleGroupName(), RMPermissionModel.FILING, true); - } - - // Add the creating user to the administration group - String user = AuthenticationUtil.getFullyAuthenticatedUser(); - authorityService.addAuthority(role.getRoleGroupName(), user); - } - } - } - catch (JSONException exception) - { - throw new AlfrescoRuntimeException("Error loading json configuration file rm-default-roles-bootstrap.json", exception); - } - - return null; - } - }, AuthenticationUtil.getSystemUserName()); - } - - /** - * Helper method to convert a stream to a string. - * - * @param is input stream - * @return {@link String} string - * @throws IOException - */ - public String convertStreamToString(InputStream is) throws IOException - { - /* - * To convert the InputStream to String we use the BufferedReader.readLine() - * method. We iterate until the BufferedReader return null which means - * there's no more data to read. Each line will appended to a StringBuilder - * and returned as String. - */ - BufferedReader reader = new BufferedReader(new InputStreamReader(is)); - StringBuilder sb = new StringBuilder(); - - String line = null; - try - { - while ((line = reader.readLine()) != null) - { - sb.append(line + "\n"); - } - } - finally - { - try {is.close();} catch (IOException e) {} - } - - return sb.toString(); - } - - /** - * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRoles() - */ - public Set getRoles(final NodeRef rmRootNode) - { - return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork>() - { - public Set doWork() throws Exception - { - Set result = new HashSet(13); - - Set roleAuthorities = authorityService.getAllAuthoritiesInZone(getZoneName(rmRootNode), AuthorityType.GROUP); - for (String roleAuthority : roleAuthorities) - { - String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode); - String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority); - - Role role = new Role(name, displayLabel, getCapabilitiesImpl(rmRootNode, roleAuthority), roleAuthority); - result.add(role); - } - - return result; - } - }, AuthenticationUtil.getSystemUserName()); - } - - /** - * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRolesByUser(org.alfresco.service.cmr.repository.NodeRef, java.lang.String) - */ - public Set getRolesByUser(final NodeRef rmRootNode, final String user) - { - return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork>() - { - public Set doWork() throws Exception - { - Set result = new HashSet(13); - - Set roleAuthorities = authorityService.getAllAuthoritiesInZone(getZoneName(rmRootNode), AuthorityType.GROUP); - for (String roleAuthority : roleAuthorities) - { - Set users = authorityService.getContainedAuthorities(AuthorityType.USER, roleAuthority, false); - if (users.contains(user) == true) - { - String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode); - String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority); - - Role role = new Role(name, displayLabel, getCapabilitiesImpl(rmRootNode, roleAuthority), roleAuthority); - result.add(role); - } - } - - return result; - } - }, AuthenticationUtil.getSystemUserName()); - } - - /** - * - * @param rmRootNode - * @return - */ - private String getZoneName(NodeRef rmRootNode) - { - return RM_ROLE_ZONE_PREFIX + rmRootNode.getId(); - } - - /** - * Get the full role name - * - * @param role - * @param rmRootNode - * @return - */ - private String getFullRoleName(String role, NodeRef rmRootNode) - { - return role + rmRootNode.getId(); - } - - /** - * Get the short role name - * - * @param fullRoleName - * @param rmRootNode - * @return - */ - private String getShortRoleName(String fullRoleName, NodeRef rmRootNode) - { - return fullRoleName.replaceAll(rmRootNode.getId(), ""); - } - - /** - * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String) - */ - public Role getRole(final NodeRef rmRootNode, final String role) - { - return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork() - { - public Role doWork() throws Exception - { - Role result = null; - - String roleAuthority = authorityService.getName(AuthorityType.GROUP, getFullRoleName(role, rmRootNode)); - if (authorityService.authorityExists(roleAuthority) == true) - { - String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode); - String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority); - Set capabilities = getCapabilitiesImpl(rmRootNode, roleAuthority); - - result = new Role(name, displayLabel, capabilities, roleAuthority); - } - - return result; - } - }, AuthenticationUtil.getSystemUserName()); - } - - /** - * - * @param rmRootNode - * @param roleAuthority - * @return - */ - private Set getCapabilitiesImpl(NodeRef rmRootNode, String roleAuthority) - { - Set permissions = permissionService.getAllSetPermissions(rmRootNode); - Set capabilities = new HashSet(52); - for (AccessPermission permission : permissions) - { - if (permission.getAuthority().equals(roleAuthority) == true) - { - String capabilityName = permission.getPermission(); - Capability capability = capabilityService.getCapability(capabilityName); - if (capability != null) - { - capabilities.add(capability); - } - } - } - - return capabilities; - } - - /** - * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#existsRole(java.lang.String) - */ - public boolean existsRole(final NodeRef rmRootNode, final String role) - { - return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork() - { - public Boolean doWork() throws Exception - { - String fullRoleName = authorityService.getName(AuthorityType.GROUP, getFullRoleName(role, rmRootNode)); - - String zone = getZoneName(rmRootNode); - Set roles = authorityService.getAllAuthoritiesInZone(zone, AuthorityType.GROUP); - return new Boolean(roles.contains(fullRoleName)); - } - }, AuthenticationUtil.getSystemUserName()).booleanValue(); - } - - /** - * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#hasRMAdminRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String) - * - * TODO .. change this to check a property of the role its self - */ - public boolean hasRMAdminRole(NodeRef rmRootNode, String user) - { - boolean isRMAdmin = false; - - Set userRoles = this.getRolesByUser(rmRootNode, user); - if (userRoles != null) - { - for (Role role : userRoles) - { - if (role.getName().equals("Administrator")) - { - isRMAdmin = true; - break; - } - } - } - - return isRMAdmin; - } - - /** - * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#createRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String, java.util.Set) - */ - public Role createRole(final NodeRef rmRootNode, final String role, final String roleDisplayLabel, final Set capabilities) - { - return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork() - { - public Role doWork() throws Exception - { - String fullRoleName = getFullRoleName(role, rmRootNode); - - // Check that the role does not already exist for the rm root node - if (authorityService.authorityExists(authorityService.getName(AuthorityType.GROUP, fullRoleName))) - { - throw new AlfrescoRuntimeException("The role " + role + " already exists for root rm node " + rmRootNode.getId()); - } - - // Create a group that relates to the records management role - Set zones = new HashSet(2); - zones.add(getZoneName(rmRootNode)); - zones.add(AuthorityService.ZONE_APP_DEFAULT); - String roleGroup = authorityService.createAuthority(AuthorityType.GROUP, fullRoleName, roleDisplayLabel, zones); - - // Add the roleGroup to the "all" role group - String allRoleGroup = authorityService.getName(AuthorityType.GROUP, getAllRolesGroupShortName(rmRootNode)); - authorityService.addAuthority(allRoleGroup, roleGroup); - - // Assign the various capabilities to the group on the root records management node - if (capabilities != null) - { - for (Capability capability : capabilities) - { - permissionService.setPermission(rmRootNode, roleGroup, capability.getName(), true); - } - } - - return new Role(role, roleDisplayLabel, capabilities, roleGroup); - } - }, AuthenticationUtil.getSystemUserName()); - } - - /** - * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getAllRolesContainerGroup(org.alfresco.service.cmr.repository.NodeRef) - */ - @Override - public String getAllRolesContainerGroup(NodeRef filePlan) - { - return authorityService.getName(AuthorityType.GROUP, getAllRolesGroupShortName(filePlan)); - } - - /** - * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#updateRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String, java.util.Set) - */ - public Role updateRole(final NodeRef rmRootNode, final String role, final String roleDisplayLabel, final Set capabilities) - { - return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork() - { - public Role doWork() throws Exception - { - String roleAuthority = authorityService.getName(AuthorityType.GROUP, getFullRoleName(role, rmRootNode)); - - // Reset the role display name - authorityService.setAuthorityDisplayName(roleAuthority, roleDisplayLabel); - - // TODO this needs to be improved, removing all and readding is not ideal - - // Clear the current capabilities - permissionService.clearPermission(rmRootNode, roleAuthority); - - // Re-add the provided capabilities - for (Capability capability : capabilities) - { - permissionService.setPermission(rmRootNode, roleAuthority, capability.getName(), true); - } - - return new Role(role, roleDisplayLabel, capabilities, roleAuthority); - - } - }, AuthenticationUtil.getSystemUserName()); - } - - /** - * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#deleteRole(java.lang.String) - */ - public void deleteRole(final NodeRef rmRootNode, final String role) - { - AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork() - { - public Boolean doWork() throws Exception - { - String roleAuthority = authorityService.getName(AuthorityType.GROUP, getFullRoleName(role, rmRootNode)); - authorityService.deleteAuthority(roleAuthority); - return null; - - } - }, AuthenticationUtil.getSystemUserName()); - } - - /** - * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#assignRoleToAuthority(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String) - */ - public void assignRoleToAuthority(final NodeRef rmRootNode, final String role, final String authorityName) - { - AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork() - { - public Boolean doWork() throws Exception - { - String roleAuthority = authorityService.getName(AuthorityType.GROUP, getFullRoleName(role, rmRootNode)); - authorityService.addAuthority(roleAuthority, authorityName); - return null; - - } - }, AuthenticationUtil.getSystemUserName()); - } + } /** * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#setPermission(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String, boolean) @@ -1011,6 +389,8 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe } }, AuthenticationUtil.getSystemUserName()); } + + /** Deprecated method implementations */ /** * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getProtectedAspects() @@ -1031,4 +411,114 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe { return modelSecurityService.getProtectedProperties(); } + + /** + * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#assignRoleToAuthority(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String) + */ + @Deprecated + @Override + public void assignRoleToAuthority(NodeRef rmRootNode, String role, String authorityName) + { + filePlanRoleService.assignRoleToAuthority(rmRootNode, role, authorityName); + } + + /** + * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#bootstrapDefaultRoles(org.alfresco.service.cmr.repository.NodeRef) + */ + @Deprecated + @Override + public void bootstrapDefaultRoles(NodeRef rmRootNode) + { + throw new UnsupportedOperationException("This method is no longer supported."); + } + + /** + * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#createRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String, java.util.Set) + */ + @Deprecated + @Override + public Role createRole(NodeRef rmRootNode, String role, String roleDisplayLabel, Set capabilities) + { + return Role.toRole(filePlanRoleService.createRole(rmRootNode, role, roleDisplayLabel, capabilities)); + } + + /** + * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#deleteRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String) + */ + @Deprecated + @Override + public void deleteRole(NodeRef rmRootNode, String role) + { + filePlanRoleService.deleteRole(rmRootNode, role); + } + + /** + * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#existsRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String) + */ + @Deprecated + @Override + public boolean existsRole(NodeRef rmRootNode, String role) + { + return filePlanRoleService.existsRole(rmRootNode, role); + } + + /** + * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getAllRolesContainerGroup(org.alfresco.service.cmr.repository.NodeRef) + */ + @Deprecated + @Override + public String getAllRolesContainerGroup(NodeRef filePlan) + { + return filePlanRoleService.getAllRolesContainerGroup(filePlan); + } + + /** + * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String) + */ + @Deprecated + @Override + public Role getRole(NodeRef rmRootNode, String role) + { + return Role.toRole(filePlanRoleService.getRole(rmRootNode, role)); + } + + /** + * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRoles(org.alfresco.service.cmr.repository.NodeRef) + */ + @Deprecated + @Override + public Set getRoles(NodeRef rmRootNode) + { + return Role.toRoleSet(filePlanRoleService.getRoles(rmRootNode)); + } + + /** + * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRolesByUser(org.alfresco.service.cmr.repository.NodeRef, java.lang.String) + */ + @Deprecated + @Override + public Set getRolesByUser(NodeRef rmRootNode, String user) + { + return Role.toRoleSet(filePlanRoleService.getRolesByUser(rmRootNode, user)); + } + + /** + * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#hasRMAdminRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String) + */ + @Deprecated + @Override + public boolean hasRMAdminRole(NodeRef rmRootNode, String user) + { + return filePlanRoleService.hasRMAdminRole(rmRootNode, user); + } + + /** + * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#updateRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String, java.util.Set) + */ + @Deprecated + @Override + public Role updateRole(NodeRef rmRootNode, String role, String roleDisplayLabel, Set capabilities) + { + return updateRole(rmRootNode, role, roleDisplayLabel, capabilities); + } } diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/RecordServiceImplTest.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/RecordServiceImplTest.java index 83c3a6cfe4..408d29824c 100644 --- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/RecordServiceImplTest.java +++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/RecordServiceImplTest.java @@ -23,8 +23,8 @@ import java.util.List; import java.util.Set; import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel; -import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService; import org.alfresco.module.org_alfresco_module_rm.dod5015.DOD5015Model; +import org.alfresco.module.org_alfresco_module_rm.record.RecordService; import org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityService; import org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase; import org.alfresco.repo.content.MimetypeMap; diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/util/BaseRMTestCase.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/util/BaseRMTestCase.java index e83b7d0b8c..849ce34036 100644 --- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/util/BaseRMTestCase.java +++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/util/BaseRMTestCase.java @@ -29,13 +29,13 @@ import org.alfresco.module.org_alfresco_module_rm.action.RecordsManagementAction import org.alfresco.module.org_alfresco_module_rm.capability.CapabilityService; import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel; import org.alfresco.module.org_alfresco_module_rm.dataset.DataSetService; -import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService; import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionSchedule; import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionService; import org.alfresco.module.org_alfresco_module_rm.event.RecordsManagementEventService; import org.alfresco.module.org_alfresco_module_rm.freeze.FreezeService; import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel; import org.alfresco.module.org_alfresco_module_rm.model.behaviour.RmSiteType; +import org.alfresco.module.org_alfresco_module_rm.record.RecordService; import org.alfresco.module.org_alfresco_module_rm.search.RecordsManagementSearchService; import org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService; import org.alfresco.module.org_alfresco_module_rm.vital.VitalRecordService;