RM-571 - Refactor: Role Service

* deprecated approprite methods on old service
 * deprecated and moved role to new package loaction
 * fallout
 * also repackaged Record and RecordFolder services
 * TODO remove deprecation warnings



git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@44828 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261

rm-server/config/alfresco/module/org_alfresco_module_rm/rm-service-context.xml

@@ -416,18 +416,85 @@
 
     <!-- Records Management Security Service -->
 
-    <bean id="recordsManagementSecurityService"
+    <bean id="filePlanRoleService"
-          class="org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityServiceImpl"
+          class="org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleServiceImpl"
-          depends-on="org_alfresco_module_rm_dictionaryBootstrap"
           init-method="init">
         <property name="capabilityService" ref="CapabilityService"/>
         <property name="authorityService" ref="AuthorityService"/>
         <property name="permissionService" ref="PermissionService"/>
         <property name="nodeService" ref="NodeService"/>
         <property name="policyComponent" ref="policyComponent"/>   
+        <property name="recordService" ref="RecordService" />     
+    </bean>
+
+    <bean id="FilePlanRoleService" class="org.springframework.aop.framework.ProxyFactoryBean">
+        <property name="proxyInterfaces">
+            <value>org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService</value>
+        </property>
+        <property name="target">
+            <ref bean="filePlanRoleService"/>
+        </property>
+        <property name="interceptorNames">
+            <list>
+                <idref local="FilePlanRoleService_transaction"/>
+                <idref bean="exceptionTranslator"/>
+                <idref local="FilePlanRoleService_security"/>
+            </list>
+        </property>
+    </bean>
+
+    <bean id="FilePlanRoleService_transaction" class="org.springframework.transaction.interceptor.TransactionInterceptor">
+        <property name="transactionManager">
+            <ref bean="transactionManager"/>
+        </property>
+        <property name="transactionAttributes">
+            <props>
+                <prop key="*">${server.transaction.mode.default}</prop>
+            </props>
+        </property>
+    </bean>
+
+    <bean id="FilePlanRoleService_security" class="org.alfresco.repo.security.permissions.impl.acegi.MethodSecurityInterceptor">
+        <property name="authenticationManager">
+            <ref bean="authenticationManager"/>
+        </property>
+        <property name="accessDecisionManager">
+            <ref bean="accessDecisionManager"/>
+        </property>
+        <property name="afterInvocationManager">
+            <ref bean="afterInvocationManager"/>
+        </property>
+        <property name="objectDefinitionSource">
+            <value>
+                <![CDATA[
+                org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService.getRoles=RM_ALLOW
+                org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService.getRolesByUser=RM_ALLOW
+                org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService.getRole=RM_ALLOW
+                org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService.existsRole=RM_ALLOW
+                org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService.hasRMAdminRole=RM_ALLOW
+                org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService.createRole=RM_ALLOW
+                org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService.updateRole=RM_ALLOW
+                org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService.deleteRole=RM_ALLOW
+                org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService.assignRoleToAuthority=RM_ALLOW
+                org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService.getAllRolesContainerGroup=RM_ALLOW
+    			org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService.*=RM_DENY
+                ]]>
+            </value>
+        </property>
+    </bean>
+
+    <!-- Records Management Security Service -->
+
+    <bean id="recordsManagementSecurityService"
+          class="org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityServiceImpl"
+          depends-on="org_alfresco_module_rm_dictionaryBootstrap"
+          init-method="init">
+        <property name="permissionService" ref="PermissionService"/>
+        <property name="nodeService" ref="NodeService"/>
+        <property name="policyComponent" ref="policyComponent"/>
         <property name="recordsManagementService" ref="RecordsManagementService"/>
         <property name="modelSecurityService" ref="modelSecurityService" />
-        <property name="recordService" ref="RecordService" />
+        <property name="filePlanRoleService" ref="FilePlanRoleService" />
     </bean>
 
     <bean id="RecordsManagementSecurityService" class="org.springframework.aop.framework.ProxyFactoryBean">
@@ -970,7 +1037,7 @@
     
     <!--  Record Folder Service -->
     
-    <bean id="recordFolderService" class="org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordFolderServiceImpl" init-method="init">
+    <bean id="recordFolderService" class="org.alfresco.module.org_alfresco_module_rm.recordfolder.RecordFolderServiceImpl" init-method="init">
         <property name="nodeService" ref="NodeService"/>
         <property name="policyComponent" ref="policyComponent" />
         <property name="dispositionService" ref="DispositionService" />
@@ -978,7 +1045,7 @@
 
     <!--  Record Service -->
 
-    <bean id="recordService" class="org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordServiceImpl" init-method="init">
+    <bean id="recordService" class="org.alfresco.module.org_alfresco_module_rm.record.RecordServiceImpl" init-method="init">
         <property name="nodeService" ref="NodeService"/>
         <property name="dictionaryService" ref="DictionaryService"/>
         <property name="identifierService" ref="recordsManagementIdentifierService"/>
@@ -991,7 +1058,7 @@
 
     <bean id="RecordService" class="org.springframework.aop.framework.ProxyFactoryBean">
         <property name="proxyInterfaces">
-            <value>org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService</value>
+            <value>org.alfresco.module.org_alfresco_module_rm.record.RecordService</value>
         </property>
         <property name="target">
             <ref bean="recordService"/>
@@ -1029,13 +1096,13 @@
         <property name="objectDefinitionSource">
             <value>
                 <![CDATA[
-                org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService.getRecordMetaDataAspects=RM_ALLOW
+                org.alfresco.module.org_alfresco_module_rm.record.RecordService.getRecordMetaDataAspects=RM_ALLOW
-                org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService.isRecord=RM_ALLOW
+                org.alfresco.module.org_alfresco_module_rm.record.RecordService.isRecord=RM_ALLOW
-                org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService.isDeclared=RM.Read.0
+                org.alfresco.module.org_alfresco_module_rm.record.RecordService.isDeclared=RM.Read.0
-                org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService.isFiled=RM.Read.0
+                org.alfresco.module.org_alfresco_module_rm.record.RecordService.isFiled=RM.Read.0
-                org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService.createRecord=RM_ALLOW
+                org.alfresco.module.org_alfresco_module_rm.record.RecordService.createRecord=RM_ALLOW
-                org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService.getUnfiledContainer=RM.Read.0
+                org.alfresco.module.org_alfresco_module_rm.record.RecordService.getUnfiledContainer=RM.Read.0
-                org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService.*=RM_DENY
+                org.alfresco.module.org_alfresco_module_rm.record.RecordService.*=RM_DENY
                 ]]>
             </value>
         </property>

rm-server/source/compatibility/org/alfresco/module/org_alfresco_module_rm/security/Role.java

@@ -0,0 +1,64 @@
+/*
+ * Copyright (C) 2005-2011 Alfresco Software Limited.
+ *
+ * This file is part of Alfresco
+ *
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
+ */
+package org.alfresco.module.org_alfresco_module_rm.security;
+
+import java.util.HashSet;
+import java.util.Set;
+
+import org.alfresco.module.org_alfresco_module_rm.capability.Capability;
+
+/**
+ * Records management role class
+ *
+ * @author Roy Wetherall
+ * 
+ * @deprecated As of release 2.1, see {@link org.alfresco.module.org_alfresco_module_rm.role.Role}
+ */
+public class Role extends org.alfresco.module.org_alfresco_module_rm.role.Role
+{
+    /**
+     * Compatibility method
+     */
+    public static Role toRole(org.alfresco.module.org_alfresco_module_rm.role.Role role)
+    {
+        return new Role(role.getName(), role.getDisplayLabel(), role.getCapabilities(), role.getRoleGroupName());
+    }
+    
+    /**
+     * Compatibility method
+     */
+    public static Set<Role> toRoleSet(Set<org.alfresco.module.org_alfresco_module_rm.role.Role> roles)
+    {
+        Set<Role> result = new HashSet<Role>(roles.size());
+        for (org.alfresco.module.org_alfresco_module_rm.role.Role role : roles)
+        {
+            result.add(Role.toRole(role));
+        }
+        return result;
+    }
+    
+    /**
+     * Constructor
+     */
+    @Deprecated
+    public Role(String name, String displayLabel, Set<Capability> capabilities, String roleGroupName)
+    {
+        super(name, displayLabel, capabilities, roleGroupName);
+    }
+}

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementService.java

@@ -23,8 +23,8 @@ import java.util.List;
 import java.util.Map;
 import java.util.Set;
 
-import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService;
 import org.alfresco.module.org_alfresco_module_rm.freeze.FreezeService;
+import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
 import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.namespace.QName;
 

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementServiceRegistry.java

@@ -21,10 +21,11 @@ package org.alfresco.module.org_alfresco_module_rm;
 import org.alfresco.module.org_alfresco_module_rm.action.RecordsManagementActionService;
 import org.alfresco.module.org_alfresco_module_rm.audit.RecordsManagementAuditService;
 import org.alfresco.module.org_alfresco_module_rm.capability.CapabilityService;
-import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService;
 import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionService;
 import org.alfresco.module.org_alfresco_module_rm.event.RecordsManagementEventService;
 import org.alfresco.module.org_alfresco_module_rm.freeze.FreezeService;
+import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
+import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService;
 import org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityService;
 import org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService;
 import org.alfresco.service.NotAuditable;
@@ -51,6 +52,7 @@ public interface RecordsManagementServiceRegistry extends ServiceRegistry
     static final QName RECORD_SERVICE = QName.createQName(NamespaceService.ALFRESCO_URI, "RecordService");
     static final QName FREEZE_SERVICE = QName.createQName(NamespaceService.ALFRESCO_URI, "FreezeService");
     static final QName EXTENDED_SECURITY_SERVICE = QName.createQName(NamespaceService.ALFRESCO_URI, "ExtendedSecurityService");
+    static final QName FILE_PLAN_ROLE_SERVICE = QName.createQName(NamespaceService.ALFRESCO_URI, "FilePlanRoleService");
     
     /**
      * @return  records management service
@@ -117,4 +119,10 @@ public interface RecordsManagementServiceRegistry extends ServiceRegistry
      */
     @NotAuditable
     ExtendedSecurityService getExtendedSecurityService();
+    
+    /**
+     * @return  file plan role service
+     */
+    @NotAuditable
+    FilePlanRoleService getFilePlanRoleService();
 }

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/RecordsManagementServiceRegistryImpl.java

@@ -21,10 +21,11 @@ package org.alfresco.module.org_alfresco_module_rm;
 import org.alfresco.module.org_alfresco_module_rm.action.RecordsManagementActionService;
 import org.alfresco.module.org_alfresco_module_rm.audit.RecordsManagementAuditService;
 import org.alfresco.module.org_alfresco_module_rm.capability.CapabilityService;
-import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService;
 import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionService;
 import org.alfresco.module.org_alfresco_module_rm.event.RecordsManagementEventService;
 import org.alfresco.module.org_alfresco_module_rm.freeze.FreezeService;
+import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
+import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService;
 import org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityService;
 import org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService;
 import org.alfresco.repo.service.ServiceDescriptorRegistry;
@@ -43,7 +44,7 @@ public class RecordsManagementServiceRegistryImpl extends ServiceDescriptorRegis
     @Override
     public RecordsManagementActionService getRecordsManagementActionService()
     {
-      return (RecordsManagementActionService)getService(RECORDS_MANAGEMENT_ACTION_SERVICE);
+        return (RecordsManagementActionService) getService(RECORDS_MANAGEMENT_ACTION_SERVICE);
     }
 
     /**
@@ -52,7 +53,7 @@ public class RecordsManagementServiceRegistryImpl extends ServiceDescriptorRegis
     @Override
     public RecordsManagementAdminService getRecordsManagementAdminService()
     {
-      return (RecordsManagementAdminService)getService(RECORDS_MANAGEMENT_ADMIN_SERVICE);
+        return (RecordsManagementAdminService) getService(RECORDS_MANAGEMENT_ADMIN_SERVICE);
     }
 
     /**
@@ -61,7 +62,7 @@ public class RecordsManagementServiceRegistryImpl extends ServiceDescriptorRegis
     @Override
     public RecordsManagementEventService getRecordsManagementEventService()
     {
-      return (RecordsManagementEventService)getService(RECORDS_MANAGEMENT_EVENT_SERVICE);
+        return (RecordsManagementEventService) getService(RECORDS_MANAGEMENT_EVENT_SERVICE);
     }
 
     /**
@@ -70,7 +71,7 @@ public class RecordsManagementServiceRegistryImpl extends ServiceDescriptorRegis
     @Override
     public RecordsManagementService getRecordsManagementService()
     {
-      return (RecordsManagementService)getService(RECORDS_MANAGEMENT_SERVICE);
+        return (RecordsManagementService) getService(RECORDS_MANAGEMENT_SERVICE);
     }
 
     /**
@@ -78,7 +79,7 @@ public class RecordsManagementServiceRegistryImpl extends ServiceDescriptorRegis
      */
     public RecordService getRecordService()
     {
-        return (RecordService)getService(RECORD_SERVICE);
+        return (RecordService) getService(RECORD_SERVICE);
     }
 
     /**
@@ -87,7 +88,7 @@ public class RecordsManagementServiceRegistryImpl extends ServiceDescriptorRegis
     @Override
     public RecordsManagementSecurityService getRecordsManagementSecurityService()
     {
-      return (RecordsManagementSecurityService)getService(RECORDS_MANAGEMENT_SECURITY_SERVICE);
+        return (RecordsManagementSecurityService) getService(RECORDS_MANAGEMENT_SECURITY_SERVICE);
     }
 
     /**
@@ -96,7 +97,7 @@ public class RecordsManagementServiceRegistryImpl extends ServiceDescriptorRegis
     @Override
     public RecordsManagementAuditService getRecordsManagementAuditService()
     {
-      return (RecordsManagementAuditService)getService(RECORDS_MANAGEMENT_AUDIT_SERVICE);
+        return (RecordsManagementAuditService) getService(RECORDS_MANAGEMENT_AUDIT_SERVICE);
     }
 
     /**
@@ -105,7 +106,7 @@ public class RecordsManagementServiceRegistryImpl extends ServiceDescriptorRegis
     @Override
     public DispositionService getDispositionService()
     {
-      return (DispositionService)getService(DISPOSITION_SERVICE);
+        return (DispositionService) getService(DISPOSITION_SERVICE);
     }
 
     /**
@@ -114,7 +115,7 @@ public class RecordsManagementServiceRegistryImpl extends ServiceDescriptorRegis
     @Override
     public CapabilityService getCapabilityService()
     {
-      return (CapabilityService)getService(CAPABILITY_SERVICE);
+        return (CapabilityService) getService(CAPABILITY_SERVICE);
     }
 
     /**
@@ -123,7 +124,7 @@ public class RecordsManagementServiceRegistryImpl extends ServiceDescriptorRegis
     @Override
     public FreezeService getFreezeService()
     {
-      return (FreezeService)getService(FREEZE_SERVICE);
+        return (FreezeService) getService(FREEZE_SERVICE);
     }
 
     /**
@@ -132,6 +133,15 @@ public class RecordsManagementServiceRegistryImpl extends ServiceDescriptorRegis
     @Override
     public ExtendedSecurityService getExtendedSecurityService()
     {
-       return (ExtendedSecurityService)getService(EXTENDED_SECURITY_SERVICE);
+        return (ExtendedSecurityService) getService(EXTENDED_SECURITY_SERVICE);
+    }
+
+    /**
+     * @see org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry#getFilePlanRoleService()
+     */
+    @Override
+    public FilePlanRoleService getFilePlanRoleService()
+    {
+        return (FilePlanRoleService) getService(FILE_PLAN_ROLE_SERVICE);
     }
 }

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/RMActionExecuterAbstractBase.java

@@ -27,7 +27,6 @@ import java.util.Map;
 import org.alfresco.module.org_alfresco_module_rm.RecordsManagementAdminService;
 import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService;
 import org.alfresco.module.org_alfresco_module_rm.audit.RecordsManagementAuditService;
-import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService;
 import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionAction;
 import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionActionDefinition;
 import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionSchedule;
@@ -38,6 +37,7 @@ import org.alfresco.module.org_alfresco_module_rm.event.RecordsManagementEventSe
 import org.alfresco.module.org_alfresco_module_rm.event.RecordsManagementEventType;
 import org.alfresco.module.org_alfresco_module_rm.freeze.FreezeService;
 import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
+import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
 import org.alfresco.module.org_alfresco_module_rm.vital.VitalRecordService;
 import org.alfresco.repo.action.executer.ActionExecuterAbstractBase;
 import org.alfresco.service.cmr.action.Action;

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/dm/CreateRecordAction.java

@@ -23,8 +23,8 @@ import java.util.List;
 import org.alfresco.error.AlfrescoRuntimeException;
 import org.alfresco.model.ContentModel;
 import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService;
-import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService;
 import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
+import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
 import org.alfresco.repo.action.ParameterDefinitionImpl;
 import org.alfresco.repo.action.executer.ActionExecuterAbstractBase;
 import org.alfresco.service.cmr.action.Action;

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/declarative/AbstractCapabilityCondition.java

@@ -19,9 +19,9 @@
 package org.alfresco.module.org_alfresco_module_rm.capability.declarative;
 
 import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService;
-import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService;
 import org.alfresco.module.org_alfresco_module_rm.freeze.FreezeService;
 import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
+import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
 import org.alfresco.service.cmr.repository.NodeService;
 import org.alfresco.service.cmr.security.PermissionService;
 import org.springframework.beans.factory.BeanNameAware;

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/CreateCapability.java

@@ -26,7 +26,7 @@ import net.sf.acegisecurity.vote.AccessDecisionVoter;
 import org.alfresco.model.ContentModel;
 import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
 import org.alfresco.module.org_alfresco_module_rm.capability.declarative.DeclarativeCapability;
-import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService;
+import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
 import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.cmr.security.AccessStatus;
 import org.alfresco.service.namespace.QName;

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/dataset/DataSetServiceImpl.java

@@ -17,11 +17,11 @@ import org.alfresco.model.ContentModel;
 import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService;
 import org.alfresco.module.org_alfresco_module_rm.action.RecordsManagementActionService;
 import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
-import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordFolderServiceImpl;
 import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionSchedule;
 import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionService;
 import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
 import org.alfresco.module.org_alfresco_module_rm.model.behaviour.RecordsManagementSearchBehaviour;
+import org.alfresco.module.org_alfresco_module_rm.recordfolder.RecordFolderServiceImpl;
 import org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService;
 import org.alfresco.module.org_alfresco_module_rm.security.Role;
 import org.alfresco.repo.security.authentication.AuthenticationUtil;

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/forms/RecordsManagementFormFilter.java

@@ -25,7 +25,7 @@ import java.util.Map;
 import org.alfresco.module.org_alfresco_module_rm.RecordsManagementAdminService;
 import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService;
 import org.alfresco.module.org_alfresco_module_rm.RecordsManagementServiceRegistry;
-import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService;
+import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
 import org.alfresco.repo.forms.Field;
 import org.alfresco.repo.forms.FieldGroup;
 import org.alfresco.repo.forms.Form;

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/jscript/app/BaseEvaluator.java

@@ -27,9 +27,9 @@ import org.alfresco.module.org_alfresco_module_rm.FilePlanComponentKind;
 import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService;
 import org.alfresco.module.org_alfresco_module_rm.capability.Capability;
 import org.alfresco.module.org_alfresco_module_rm.capability.CapabilityService;
-import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService;
 import org.alfresco.module.org_alfresco_module_rm.freeze.FreezeService;
 import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
+import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
 import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.cmr.repository.NodeService;
 import org.alfresco.service.cmr.security.AccessStatus;

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/jscript/app/JSONConversionComponent.java

@@ -25,7 +25,7 @@ import org.alfresco.module.org_alfresco_module_rm.FilePlanComponentKind;
 import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService;
 import org.alfresco.module.org_alfresco_module_rm.capability.CapabilityService;
 import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
-import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService;
+import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
 import org.alfresco.service.cmr.model.FileInfo;
 import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.cmr.security.AccessStatus;

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/patch/RMv21InPlacePatch.java

@@ -28,6 +28,7 @@ import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService;
 import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
 import org.alfresco.module.org_alfresco_module_rm.dod5015.DOD5015Model;
 import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
+import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleServiceImpl;
 import org.alfresco.module.org_alfresco_module_rm.security.ExtendedReaderDynamicAuthority;
 import org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService;
 import org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityServiceImpl;
@@ -144,13 +145,13 @@ public class RMv21InPlacePatch extends AbstractModuleComponent
         
         // create the properties map
         Map<QName, Serializable> properties = new HashMap<QName, Serializable>(1);
-        properties.put(ContentModel.PROP_NAME, RecordsManagementSecurityServiceImpl.NAME_UNFILED_CONTAINER);
+        properties.put(ContentModel.PROP_NAME, FilePlanRoleServiceImpl.NAME_UNFILED_CONTAINER);
 
         // create the unfiled container
         NodeRef container = nodeService.createNode(
                         filePlan,
                         ASSOC_UNFILED_RECORDS,
-                        QName.createQName(RM_URI, RecordsManagementSecurityServiceImpl.NAME_UNFILED_CONTAINER),
+                        QName.createQName(RM_URI, FilePlanRoleServiceImpl.NAME_UNFILED_CONTAINER),
                         TYPE_UNFILED_RECORD_CONTAINER,
                         properties).getChildRef();
 

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/record/RecordService.java

@@ -17,7 +17,7 @@
  * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
  */
 
-package org.alfresco.module.org_alfresco_module_rm.disposableitem;
+package org.alfresco.module.org_alfresco_module_rm.record;
 
 import java.util.Set;
 

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/record/RecordServiceImpl.java

@@ -16,7 +16,7 @@
  * You should have received a copy of the GNU Lesser General Public License
  * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
  */
-package org.alfresco.module.org_alfresco_module_rm.disposableitem;
+package org.alfresco.module.org_alfresco_module_rm.record;
 
 import java.util.Calendar;
 import java.util.Collection;

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/recordfolder/RecordFolderService.java

@@ -16,7 +16,7 @@
  * You should have received a copy of the GNU Lesser General Public License
  * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
  */
-package org.alfresco.module.org_alfresco_module_rm.disposableitem;
+package org.alfresco.module.org_alfresco_module_rm.recordfolder;
 
 /**
  * Record folder service interface

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/recordfolder/RecordFolderServiceImpl.java

@@ -16,7 +16,7 @@
  * You should have received a copy of the GNU Lesser General Public License
  * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
  */
-package org.alfresco.module.org_alfresco_module_rm.disposableitem;
+package org.alfresco.module.org_alfresco_module_rm.recordfolder;
 
 import org.alfresco.model.ContentModel;
 import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionSchedule;

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/role/FilePlanRoleService.java

@@ -0,0 +1,124 @@
+/*
+ * Copyright (C) 2005-2012 Alfresco Software Limited.
+ *
+ * This file is part of Alfresco
+ *
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
+ */
+package org.alfresco.module.org_alfresco_module_rm.role;
+
+import java.util.Set;
+
+import org.alfresco.module.org_alfresco_module_rm.capability.Capability;
+import org.alfresco.service.cmr.repository.NodeRef;
+
+/**
+ * Role service interface 
+ * 
+ * @author Roy Wetherall
+ * @since 2.1
+ */
+public interface FilePlanRoleService
+{
+    /**
+     * Returns the name of the container group for all roles of a specified file
+     * plan.
+     * 
+     * @param filePlan  file plan node reference
+     * @return String   group name
+     */
+    String getAllRolesContainerGroup(NodeRef filePlan);
+    
+    /**
+     * Get all the available roles for the given records management root node
+     * 
+     * @param filePlan  file plan
+     * @return
+     */
+    Set<Role> getRoles(NodeRef filePlan);
+    
+    /**
+     * Gets the roles for a given user
+     * 
+     * @param filePlan  file plan
+     * @param user      user
+     * @return
+     */
+    Set<Role> getRolesByUser(NodeRef filePlan, String user);
+    
+    /**
+     * Get a role by name
+     * 
+     * @param filePlan  file plan
+     * @param role      role
+     * @return
+     */
+    Role getRole(NodeRef filePlan, String role);    
+    
+    /**
+     * Indicate whether a role exists for a given records management root node
+     * @param filePlan  file plan
+     * @param role      role
+     * @return
+     */
+    boolean existsRole(NodeRef filePlan, String role);
+    
+    /**
+     * Determines whether the given user has the RM Admin role
+     * 
+     * @param filePlan  filePlan
+     * @param user user name to check
+     * @return true if the user has the RM Admin role, false otherwise
+     */
+    boolean hasRMAdminRole(NodeRef filePlan, String user);
+    
+    /**
+     * Create a new role
+     * 
+     * @param filePlan  file plan
+     * @param role
+     * @param roleDisplayLabel
+     * @param capabilities
+     * @return
+     */
+    Role createRole(NodeRef filePlan, String role, String roleDisplayLabel, Set<Capability> capabilities);
+    
+    /**
+     * Update an existing role
+     * 
+     * @param filePlan  file plan
+     * @param role
+     * @param roleDisplayLabel
+     * @param capabilities
+     * @return
+     */
+    Role updateRole(NodeRef filePlan, String role, String roleDisplayLabel, Set<Capability> capabilities);
+    
+    /**
+     * Delete a role
+     * 
+     * @param filePlan  file plan
+     * @param role      role
+     */
+    void deleteRole(NodeRef filePlan, String role);
+    
+    /**
+     * Assign a role to an authority
+     * 
+     * @param filePlan      file plan
+     * @param role          role
+     * @param authorityName authority name
+     */
+    void assignRoleToAuthority(NodeRef filePlan, String role, String authorityName);
+}

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/role/FilePlanRoleServiceImpl.java

@@ -0,0 +1,719 @@
+/*
+ * Copyright (C) 2005-2012 Alfresco Software Limited.
+ *
+ * This file is part of Alfresco
+ *
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
+ */
+package org.alfresco.module.org_alfresco_module_rm.role;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.io.Serializable;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+
+import org.alfresco.error.AlfrescoRuntimeException;
+import org.alfresco.model.ContentModel;
+import org.alfresco.module.org_alfresco_module_rm.capability.Capability;
+import org.alfresco.module.org_alfresco_module_rm.capability.CapabilityService;
+import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
+import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
+import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
+import org.alfresco.module.org_alfresco_module_rm.security.ExtendedReaderDynamicAuthority;
+import org.alfresco.repo.node.NodeServicePolicies;
+import org.alfresco.repo.policy.JavaBehaviour;
+import org.alfresco.repo.policy.PolicyComponent;
+import org.alfresco.repo.policy.Behaviour.NotificationFrequency;
+import org.alfresco.repo.security.authentication.AuthenticationUtil;
+import org.alfresco.service.cmr.repository.ChildAssociationRef;
+import org.alfresco.service.cmr.repository.NodeRef;
+import org.alfresco.service.cmr.repository.NodeService;
+import org.alfresco.service.cmr.repository.StoreRef;
+import org.alfresco.service.cmr.security.AccessPermission;
+import org.alfresco.service.cmr.security.AuthorityService;
+import org.alfresco.service.cmr.security.AuthorityType;
+import org.alfresco.service.cmr.security.PermissionService;
+import org.alfresco.service.namespace.QName;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.json.JSONArray;
+import org.json.JSONException;
+import org.json.JSONObject;
+
+/**
+ * Role service implementation
+ * 
+ * @author Roy Wetherall
+ * @since 2.1
+ */
+public class FilePlanRoleServiceImpl implements FilePlanRoleService,
+                                        RecordsManagementModel
+{
+    /** Capability service */
+    private CapabilityService capabilityService;
+    
+    /** Authority service */
+    private AuthorityService authorityService;
+
+    /** Permission service */
+    private PermissionService permissionService;
+
+    /** Policy component */
+    private PolicyComponent policyComponent;
+    
+    /** Record service */
+    private RecordService recordService;
+
+    /** Node service */
+    private NodeService nodeService;
+
+    /** Records management role zone */
+    public static final String RM_ROLE_ZONE_PREFIX = "rmRoleZone";
+
+    /** Unfiled record container name */
+    public static final String NAME_UNFILED_CONTAINER = "Unfiled Records";
+
+    /** Logger */
+    private static Log logger = LogFactory.getLog(FilePlanRoleServiceImpl.class);
+    
+    /**
+     * @param capabilityService capability service
+     */
+    public void setCapabilityService(CapabilityService capabilityService)
+    {
+        this.capabilityService = capabilityService;
+    }
+    
+    /**
+     * @param authorityService  authority service
+     */
+    public void setAuthorityService(AuthorityService authorityService)
+    {
+        this.authorityService = authorityService;
+    }
+    
+    /**
+     * @param permissionService permission service
+     */
+    public void setPermissionService(PermissionService permissionService)
+    {
+        this.permissionService = permissionService;
+    }
+    
+    /**
+     * @param policyComponent   policy component
+     */
+    public void setPolicyComponent(PolicyComponent policyComponent)
+    {
+        this.policyComponent = policyComponent;
+    }
+    
+    /**
+     * @param nodeService   node service
+     */
+    public void setNodeService(NodeService nodeService)
+    {
+        this.nodeService = nodeService;
+    }
+    
+    /**
+     * @param recordService record service
+     */
+    public void setRecordService(RecordService recordService)
+    {
+        this.recordService = recordService;
+    }
+    
+    /**
+     * Initialisation method
+     */
+    public void init()
+    {
+        policyComponent.bindClassBehaviour(
+                NodeServicePolicies.OnCreateNodePolicy.QNAME,
+                TYPE_FILE_PLAN,
+                new JavaBehaviour(this, "onCreateRootNode", NotificationFrequency.TRANSACTION_COMMIT));
+        policyComponent.bindClassBehaviour(
+                NodeServicePolicies.OnDeleteNodePolicy.QNAME,
+                TYPE_FILE_PLAN,
+                new JavaBehaviour(this, "onDeleteRootNode", NotificationFrequency.TRANSACTION_COMMIT));
+    }
+    
+    /**
+     * Create root node behaviour
+     *
+     * @param childAssocRef
+     */
+    public void onCreateRootNode(ChildAssociationRef childAssocRef)
+    {
+        final NodeRef rmRootNode = childAssocRef.getChildRef();
+
+        // Do not execute behaviour if this has been created in the archive store
+        if(rmRootNode.getStoreRef().equals(StoreRef.STORE_REF_ARCHIVE_SPACESSTORE) == true)
+        {
+            // This is not the spaces store - probably the archive store
+            return;
+        }
+
+        if (nodeService.exists(rmRootNode) == true)
+        {
+            NodeRef unfiledContainer = AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<NodeRef>()
+            {
+                public NodeRef doWork()
+                {
+                    // Create "all" role group for root node
+                    String allRoles = authorityService.createAuthority(AuthorityType.GROUP, getAllRolesGroupShortName(rmRootNode), "All Roles", null);
+
+                    // Set the permissions
+                    permissionService.setInheritParentPermissions(rmRootNode, false);
+                    permissionService.setPermission(rmRootNode, allRoles, RMPermissionModel.READ_RECORDS, true);
+                    permissionService.setPermission(rmRootNode, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.READ_RECORDS, true);
+                    permissionService.setPermission(rmRootNode, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.VIEW_RECORDS, true);
+
+                    // Create the unfiled record container
+                    return createUnfiledContainer(rmRootNode, allRoles);
+                }
+            }, AuthenticationUtil.getSystemUserName());
+
+            // Bootstrap in the default set of roles for the newly created root node
+            bootstrapDefaultRoles(rmRootNode, unfiledContainer);
+        }
+    }
+
+    /**
+     * Creates unfiled container node and sets up permissions
+     *
+     * @param rmRootNode
+     * @param allRoles
+     */
+    private NodeRef createUnfiledContainer(NodeRef rmRootNode, String allRoles)
+    {
+        NodeRef container = recordService.getUnfiledContainer(rmRootNode);
+        
+        if (container == null)
+        {
+            // create the properties map
+            Map<QName, Serializable> properties = new HashMap<QName, Serializable>(1);
+            properties.put(ContentModel.PROP_NAME, NAME_UNFILED_CONTAINER);
+    
+            // create the unfiled container
+            container = nodeService.createNode(
+                            rmRootNode,
+                            ASSOC_UNFILED_RECORDS,
+                            QName.createQName(RM_URI, NAME_UNFILED_CONTAINER),
+                            TYPE_UNFILED_RECORD_CONTAINER,
+                            properties).getChildRef();
+    
+            // set inheritance to false
+            permissionService.setInheritParentPermissions(container, false);
+            permissionService.setPermission(container, allRoles, RMPermissionModel.READ_RECORDS, true);
+            permissionService.setPermission(container, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.READ_RECORDS, true);
+        }
+
+        return container;
+    }
+
+    /**
+     * Delete root node behaviour
+     *
+     * @param childAssocRef
+     */
+    public void onDeleteRootNode(ChildAssociationRef childAssocRef, boolean isNodeArchived)
+    {
+        logger.debug("onDeleteRootNode called");
+
+        // get the deleted node
+        final NodeRef rmRootNode = childAssocRef.getChildRef();
+
+        AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
+        {
+            public Object doWork()
+            {
+                // cascade delete the 'all' roles group for the site
+                String allRolesGroup = authorityService.getName(AuthorityType.GROUP, getAllRolesGroupShortName(rmRootNode));
+                Set<String> groups = authorityService.getContainedAuthorities(AuthorityType.GROUP, allRolesGroup, true);
+                for (String group : groups)
+                {
+                    authorityService.deleteAuthority(group);
+                }
+
+                authorityService.deleteAuthority(allRolesGroup, false);
+
+                return null;
+            }
+        }, AuthenticationUtil.getSystemUserName());
+    }
+    
+    /**
+     * Get all the roles by short name
+     *
+     * @param rmRootNode
+     * @return
+     */
+    private String getAllRolesGroupShortName(NodeRef rmRootNode)
+    {
+        return "AllRoles" + rmRootNode.getId();
+    }
+
+    /**
+     * 
+     * @param rmRootNode
+     * @param unfiledContainer
+     */
+    private void bootstrapDefaultRoles(final NodeRef rmRootNode, final NodeRef unfiledContainer)
+    {
+        AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
+        {
+            public Object doWork()
+            {
+                try
+                {
+                    JSONArray array = null;
+                    try
+                    {
+                        // Load up the default roles from JSON
+                        InputStream is = getClass().getClassLoader().getResourceAsStream("alfresco/module/org_alfresco_module_rm/security/rm-default-roles-bootstrap.json");
+                        if  (is == null)
+                        {
+                            throw new AlfrescoRuntimeException("Could not load default bootstrap roles configuration");
+                        }
+                        array = new JSONArray(convertStreamToString(is));
+                    }
+                    catch (IOException ioe)
+                    {
+                        throw new AlfrescoRuntimeException("Unable to load rm-default-roles-bootstrap.json configuration file.", ioe);
+                    }
+
+                    // Add each role to the rm root node
+                    for (int i = 0; i < array.length(); i++)
+                    {
+                        JSONObject object = array.getJSONObject(i);
+
+                        // Get the name of the role
+                        String name = null;
+                        if (object.has("name") == true)
+                        {
+                            name = object.getString("name");
+                            if (existsRole(rmRootNode, name) == true)
+                            {
+                                throw new AlfrescoRuntimeException("The bootstrap role " + name + " already exists on the rm root node " + rmRootNode.toString());
+                            }
+                        }
+                        else
+                        {
+                            throw new AlfrescoRuntimeException("No name given to default bootstrap role.  Check json configuration file.");
+                        }
+
+
+                        // Get the role's display label
+                        String displayLabel = name;
+                        if (object.has("displayLabel") == true)
+                        {
+                            displayLabel = object.getString("displayLabel");
+                        }
+
+                        // Determine whether the role is an admin role or not
+                        boolean isAdmin = false;
+                        if (object.has("isAdmin") == true)
+                        {
+                            isAdmin = object.getBoolean("isAdmin");
+                        }
+
+                        // Get the roles capabilities
+                        Set<Capability> capabilities = new HashSet<Capability>(30);
+                        if (object.has("capabilities") == true)
+                        {
+                            JSONArray arrCaps = object.getJSONArray("capabilities");
+                            for (int index = 0; index < arrCaps.length(); index++)
+                            {
+                                String capName = arrCaps.getString(index);
+                                Capability capability = capabilityService.getCapability(capName);
+                                if (capability == null)
+                                {
+                                    throw new AlfrescoRuntimeException("The capability '" + capName + "' configured for the deafult boostrap role '" + name + "' is invalid.");
+                                }
+                                capabilities.add(capability);
+                            }
+                        }
+
+                        // Create the role
+                        Role role = createRole(rmRootNode, name, displayLabel, capabilities);
+
+                        // Add any additional admin permissions
+                        if (isAdmin == true)
+                        {
+                            // Admin has filing
+                            permissionService.setPermission(rmRootNode, role.getRoleGroupName(), RMPermissionModel.FILING, true);
+                            if (unfiledContainer != null)
+                            {
+                                permissionService.setPermission(unfiledContainer, role.getRoleGroupName(), RMPermissionModel.FILING, true);
+                            }
+
+                            // Add the creating user to the administration group
+                            String user = AuthenticationUtil.getFullyAuthenticatedUser();
+                            authorityService.addAuthority(role.getRoleGroupName(), user);
+                        }
+                    }
+                }
+                catch (JSONException exception)
+                {
+                    throw new AlfrescoRuntimeException("Error loading json configuration file rm-default-roles-bootstrap.json", exception);
+                }
+
+                return null;
+            }
+        }, AuthenticationUtil.getSystemUserName());
+    }
+
+    /**
+     * Helper method to convert a stream to a string.
+     *
+     * @param is    input stream
+     * @return {@link String}   string
+     * @throws IOException
+     */
+    public String convertStreamToString(InputStream is) throws IOException
+    {
+        /*
+        * To convert the InputStream to String we use the BufferedReader.readLine()
+        * method. We iterate until the BufferedReader return null which means
+        * there's no more data to read. Each line will appended to a StringBuilder
+        * and returned as String.
+        */
+        BufferedReader reader = new BufferedReader(new InputStreamReader(is));
+        StringBuilder sb = new StringBuilder();
+
+        String line = null;
+        try
+        {
+            while ((line = reader.readLine()) != null)
+            {
+                sb.append(line + "\n");
+            }
+        }
+        finally
+        {
+            try {is.close();} catch (IOException e) {}
+        }
+
+        return sb.toString();
+    }
+
+    /**
+     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRoles()
+     */
+    public Set<Role> getRoles(final NodeRef rmRootNode)
+    {
+        return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Set<Role>>()
+        {
+            public Set<Role> doWork() throws Exception
+            {
+                Set<Role> result = new HashSet<Role>(13);
+
+                Set<String> roleAuthorities = authorityService.getAllAuthoritiesInZone(getZoneName(rmRootNode), AuthorityType.GROUP);
+                for (String roleAuthority : roleAuthorities)
+                {
+                    String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode);
+                    String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority);
+
+                    Role role = new Role(name, displayLabel, getCapabilitiesImpl(rmRootNode, roleAuthority), roleAuthority);
+                    result.add(role);
+                }
+
+                return result;
+            }
+        }, AuthenticationUtil.getSystemUserName());
+    }
+
+    /**
+     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRolesByUser(org.alfresco.service.cmr.repository.NodeRef, java.lang.String)
+     */
+    public Set<Role> getRolesByUser(final NodeRef rmRootNode, final String user)
+    {
+        return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Set<Role>>()
+        {
+            public Set<Role> doWork() throws Exception
+            {
+                Set<Role> result = new HashSet<Role>(13);
+
+                Set<String> roleAuthorities = authorityService.getAllAuthoritiesInZone(getZoneName(rmRootNode), AuthorityType.GROUP);
+                for (String roleAuthority : roleAuthorities)
+                {
+                    Set<String> users = authorityService.getContainedAuthorities(AuthorityType.USER, roleAuthority, false);
+                    if (users.contains(user) == true)
+                    {
+                        String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode);
+                        String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority);
+                        
+                        Role role = new Role(name, displayLabel, getCapabilitiesImpl(rmRootNode, roleAuthority), roleAuthority);
+                        result.add(role);
+                    }
+                }
+
+                return result;
+            }
+        }, AuthenticationUtil.getSystemUserName());
+    }
+
+    /**
+     *
+     * @param rmRootNode
+     * @return
+     */
+    private String getZoneName(NodeRef rmRootNode)
+    {
+        return RM_ROLE_ZONE_PREFIX + rmRootNode.getId();
+    }
+
+    /**
+     * Get the full role name
+     *
+     * @param role
+     * @param rmRootNode
+     * @return
+     */
+    private String getFullRoleName(String role, NodeRef rmRootNode)
+    {
+        return role + rmRootNode.getId();
+    }
+
+    /**
+     * Get the short role name
+     *
+     * @param fullRoleName
+     * @param rmRootNode
+     * @return
+     */
+    private String getShortRoleName(String fullRoleName, NodeRef rmRootNode)
+    {
+        return fullRoleName.replaceAll(rmRootNode.getId(), "");
+    }
+
+    /**
+     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String)
+     */
+    public Role getRole(final NodeRef rmRootNode, final String role)
+    {
+        return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Role>()
+        {
+            public Role doWork() throws Exception
+            {
+                Role result = null;
+
+                String roleAuthority = authorityService.getName(AuthorityType.GROUP, getFullRoleName(role, rmRootNode));
+                if (authorityService.authorityExists(roleAuthority) == true)
+                {
+                    String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode);
+                    String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority);
+                    Set<Capability> capabilities = getCapabilitiesImpl(rmRootNode, roleAuthority);
+
+                    result = new Role(name, displayLabel, capabilities, roleAuthority);
+                }
+
+                return result;
+            }
+        }, AuthenticationUtil.getSystemUserName());
+    }
+
+    /**
+     *
+     * @param rmRootNode
+     * @param roleAuthority
+     * @return
+     */
+    private Set<Capability> getCapabilitiesImpl(NodeRef rmRootNode, String roleAuthority)
+    {
+        Set<AccessPermission> permissions = permissionService.getAllSetPermissions(rmRootNode);
+        Set<Capability> capabilities = new HashSet<Capability>(52);
+        for (AccessPermission permission : permissions)
+        {
+            if (permission.getAuthority().equals(roleAuthority) == true)
+            {
+                String capabilityName = permission.getPermission();
+                Capability capability = capabilityService.getCapability(capabilityName);
+                if (capability != null)
+                {
+                    capabilities.add(capability);
+                }
+            }
+        }
+
+        return capabilities;
+    }
+
+    /**
+     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#existsRole(java.lang.String)
+     */
+    public boolean existsRole(final NodeRef rmRootNode, final String role)
+    {
+        return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Boolean>()
+        {
+            public Boolean doWork() throws Exception
+            {
+                String fullRoleName = authorityService.getName(AuthorityType.GROUP, getFullRoleName(role, rmRootNode));
+
+                String zone = getZoneName(rmRootNode);
+                Set<String> roles = authorityService.getAllAuthoritiesInZone(zone, AuthorityType.GROUP);
+                return new Boolean(roles.contains(fullRoleName));
+            }
+        }, AuthenticationUtil.getSystemUserName()).booleanValue();
+    }
+
+    /**
+     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#hasRMAdminRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String)
+     *
+     * TODO .. change this to check a property of the role its self
+     */
+    public boolean hasRMAdminRole(NodeRef rmRootNode, String user)
+    {
+        boolean isRMAdmin = false;
+
+        Set<Role> userRoles = this.getRolesByUser(rmRootNode, user);
+        if (userRoles != null)
+        {
+            for (Role role : userRoles)
+            {
+                if (role.getName().equals("Administrator"))
+                {
+                    isRMAdmin = true;
+                    break;
+                }
+            }
+        }
+
+        return isRMAdmin;
+    }
+
+    /**
+     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#createRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String, java.util.Set)
+     */
+    public Role createRole(final NodeRef rmRootNode, final String role, final String roleDisplayLabel, final Set<Capability> capabilities)
+    {
+        return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Role>()
+        {
+            public Role doWork() throws Exception
+            {
+                String fullRoleName = getFullRoleName(role, rmRootNode);
+
+                // Check that the role does not already exist for the rm root node
+                if (authorityService.authorityExists(authorityService.getName(AuthorityType.GROUP, fullRoleName)))
+                {
+                    throw new AlfrescoRuntimeException("The role " + role + " already exists for root rm node " + rmRootNode.getId());
+                }
+
+                // Create a group that relates to the records management role
+                Set<String> zones = new HashSet<String>(2);
+                zones.add(getZoneName(rmRootNode));
+                zones.add(AuthorityService.ZONE_APP_DEFAULT);
+                String roleGroup = authorityService.createAuthority(AuthorityType.GROUP, fullRoleName, roleDisplayLabel, zones);
+
+                // Add the roleGroup to the "all" role group
+                String allRoleGroup = authorityService.getName(AuthorityType.GROUP, getAllRolesGroupShortName(rmRootNode));
+                authorityService.addAuthority(allRoleGroup, roleGroup);
+
+                // Assign the various capabilities to the group on the root records management node
+                if (capabilities != null)
+                {
+                    for (Capability capability : capabilities)
+                    {
+                        permissionService.setPermission(rmRootNode, roleGroup, capability.getName(), true);
+                    }                
+                }
+
+                return new Role(role, roleDisplayLabel, capabilities, roleGroup);
+            }
+        }, AuthenticationUtil.getSystemUserName());
+    }
+    
+    
+
+    /**
+     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#updateRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String, java.util.Set)
+     */
+    public Role updateRole(final NodeRef rmRootNode, final String role, final String roleDisplayLabel, final Set<Capability> capabilities)
+    {
+        return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Role>()
+        {
+            public Role doWork() throws Exception
+            {
+                String roleAuthority = authorityService.getName(AuthorityType.GROUP, getFullRoleName(role, rmRootNode));
+
+                // Reset the role display name
+                authorityService.setAuthorityDisplayName(roleAuthority, roleDisplayLabel);
+
+                // TODO this needs to be improved, removing all and reading is not ideal
+
+                // Clear the current capabilities
+                permissionService.clearPermission(rmRootNode, roleAuthority);
+
+                // Re-add the provided capabilities
+                for (Capability capability : capabilities)
+                {
+                    permissionService.setPermission(rmRootNode, roleAuthority, capability.getName(), true);
+                }
+
+                return new Role(role, roleDisplayLabel, capabilities, roleAuthority);
+
+            }
+        }, AuthenticationUtil.getSystemUserName());
+    }
+
+    /**
+     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#deleteRole(java.lang.String)
+     */
+    public void deleteRole(final NodeRef rmRootNode, final String role)
+    {
+        AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
+        {
+            public Boolean doWork() throws Exception
+            {
+                String roleAuthority = authorityService.getName(AuthorityType.GROUP, getFullRoleName(role, rmRootNode));
+                authorityService.deleteAuthority(roleAuthority);
+                return null;
+
+            }
+        }, AuthenticationUtil.getSystemUserName());
+    }
+
+    /**
+     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#assignRoleToAuthority(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String)
+     */
+    public void assignRoleToAuthority(final NodeRef rmRootNode, final String role, final String authorityName)
+    {
+        AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
+        {
+            public Boolean doWork() throws Exception
+            {
+                String roleAuthority = authorityService.getName(AuthorityType.GROUP, getFullRoleName(role, rmRootNode));
+                authorityService.addAuthority(roleAuthority, authorityName);
+                return null;
+
+            }
+        }, AuthenticationUtil.getSystemUserName());
+    }
+
+    /**
+     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getAllRolesContainerGroup(org.alfresco.service.cmr.repository.NodeRef)
+     */
+    @Override
+    public String getAllRolesContainerGroup(NodeRef filePlan)
+    {
+        return authorityService.getName(AuthorityType.GROUP, getAllRolesGroupShortName(filePlan));
+    }
+}

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/role/Role.java

@@ -16,7 +16,7 @@
  * You should have received a copy of the GNU Lesser General Public License
  * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
  */
-package org.alfresco.module.org_alfresco_module_rm.security;
+package org.alfresco.module.org_alfresco_module_rm.role;
 
 import java.util.Set;
 

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/script/BootstrapTestDataGet.java

@@ -30,12 +30,12 @@ import org.alfresco.model.ContentModel;
 import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService;
 import org.alfresco.module.org_alfresco_module_rm.action.RecordsManagementActionService;
 import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
-import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordFolderServiceImpl;
 import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionSchedule;
 import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionService;
 import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
 import org.alfresco.module.org_alfresco_module_rm.model.behaviour.RecordsManagementSearchBehaviour;
 import org.alfresco.module.org_alfresco_module_rm.model.behaviour.RmSiteType;
+import org.alfresco.module.org_alfresco_module_rm.recordfolder.RecordFolderServiceImpl;
 import org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService;
 import org.alfresco.module.org_alfresco_module_rm.security.Role;
 import org.alfresco.repo.security.authentication.AuthenticationUtil;

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/script/RecordMetaDataAspectsGet.java

@@ -24,7 +24,7 @@ import java.util.List;
 import java.util.Map;
 import java.util.Set;
 
-import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService;
+import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
 import org.alfresco.service.cmr.dictionary.AspectDefinition;
 import org.alfresco.service.cmr.dictionary.DictionaryService;
 import org.alfresco.service.namespace.NamespaceService;

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/script/slingshot/RMSearchPropertiesGet.java

@@ -25,7 +25,7 @@ import java.util.Map;
 import java.util.Set;
 
 import org.alfresco.module.org_alfresco_module_rm.RecordsManagementAdminService;
-import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService;
+import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
 import org.alfresco.service.cmr.dictionary.AspectDefinition;
 import org.alfresco.service.cmr.dictionary.DictionaryService;
 import org.alfresco.service.cmr.dictionary.PropertyDefinition;

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/ExtendedSecurityServiceImpl.java

@@ -26,8 +26,8 @@ import java.util.Set;
 
 import org.alfresco.model.RenditionModel;
 import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService;
-import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService;
 import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
+import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
 import org.alfresco.repo.node.NodeServicePolicies;
 import org.alfresco.repo.policy.JavaBehaviour;
 import org.alfresco.repo.policy.PolicyComponent;

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityService.java

@@ -22,6 +22,7 @@ import java.util.Set;
 
 import org.alfresco.module.org_alfresco_module_rm.capability.Capability;
 import org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityService;
+import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService;
 import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.namespace.QName;
 
@@ -35,8 +36,11 @@ public interface RecordsManagementSecurityService
     /**
      * Creates the initial set of default roles for a root records management node
      * 
-     * @param rmRootNode  
+     * @param rmRootNode    root node
+     * 
+     * @deprecatedAs of release 2.1, operation no longer supported 
      */
+    @Deprecated
     void bootstrapDefaultRoles(NodeRef rmRootNode);
     
     /**
@@ -45,15 +49,21 @@ public interface RecordsManagementSecurityService
      * 
      * @param filePlan  file plan node reference
      * @return String   group name
+     * 
+     * @deprecated As of release 2.1, replaced by {@link FilePlanRoleService#getAllRolesContainerGroup(NodeRef)}
      */
+    @Deprecated
     String getAllRolesContainerGroup(NodeRef filePlan);
     
     /**
      * Get all the available roles for the given records management root node
      * 
-     * @param rmRootNode
+     * @param rmRootNode    root node
-     * @return
+     * @return {@link Set}<{@link Role}>    all roles for a given root node
+     * 
+     * @deprecated As of release 2.1, replaced by {@link FilePlanRoleService#getRoles(NodeRef)}
      */
+    @Deprecated
     Set<Role> getRoles(NodeRef rmRootNode);
     
     /**
@@ -62,7 +72,10 @@ public interface RecordsManagementSecurityService
      * @param rmRootNode
      * @param user
      * @return
+     * 
+     * @deprecated As of release 2.1, replaced by {@link FilePlanRoleService#getRolesByUser(NodeRef, String)}
      */
+    @Deprecated
     Set<Role> getRolesByUser(NodeRef rmRootNode, String user);
     
     /**
@@ -71,7 +84,10 @@ public interface RecordsManagementSecurityService
      * @param rmRootNode
      * @param role
      * @return
+     * 
+     * @deprecated As of release 2.1, replaced by {@link FilePlanRoleService#getRole(NodeRef, String)}
      */
+    @Deprecated
     Role getRole(NodeRef rmRootNode, String role);    
     
     /**
@@ -79,7 +95,10 @@ public interface RecordsManagementSecurityService
      * @param rmRootNode
      * @param role
      * @return
+     * 
+     * @deprecated As of release 2.1, replaced by {@link FilePlanRoleService#existsRole(NodeRef, String)}
      */
+    @Deprecated
     boolean existsRole(NodeRef rmRootNode, String role);
     
     /**
@@ -88,7 +107,10 @@ public interface RecordsManagementSecurityService
      * @param rmRootNode RM root node
      * @param user user name to check
      * @return true if the user has the RM Admin role, false otherwise
+     * 
+     * @deprecated As of release 2.1, replaced by {@link FilePlanRoleService#hasRMAdminRole(NodeRef, String)}
      */
+    @Deprecated
     boolean hasRMAdminRole(NodeRef rmRootNode, String user);
     
     /**
@@ -99,7 +121,10 @@ public interface RecordsManagementSecurityService
      * @param roleDisplayLabel
      * @param capabilities
      * @return
+     * 
+     * @deprecated As of release 2.1, replaced by {@link FilePlanRoleService#createRole(NodeRef, String, String, Set)}
      */
+    @Deprecated
     Role createRole(NodeRef rmRootNode, String role, String roleDisplayLabel, Set<Capability> capabilities);
     
     /**
@@ -110,7 +135,10 @@ public interface RecordsManagementSecurityService
      * @param roleDisplayLabel
      * @param capabilities
      * @return
+     * 
+     * @deprecated As of release 2.1, replaced by {@link FilePlanRoleService#updateRole(NodeRef, String, String, Set)}
      */
+    @Deprecated
     Role updateRole(NodeRef rmRootNode, String role, String roleDisplayLabel, Set<Capability> capabilities);
     
     /**
@@ -118,7 +146,10 @@ public interface RecordsManagementSecurityService
      * 
      * @param rmRootNode
      * @param role
+     * 
+     * @deprecated As of release 2.1, replaced by {@link FilePlanRoleService#deleteRole(NodeRef, String)}
      */
+    @Deprecated
     void deleteRole(NodeRef rmRootNode, String role);
     
     /**
@@ -127,7 +158,10 @@ public interface RecordsManagementSecurityService
      * @param authorityName
      * @param rmRootNode
      * @param role
+     * 
+     * @deprecated As of release 2.1, replaced by {@link FilePlanRoleService#assignRoleToAuthority(NodeRef, String, String)}
      */
+    @Deprecated
     void assignRoleToAuthority(NodeRef rmRootNode, String role, String authorityName);
     
     /**

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityServiceImpl.java

@@ -18,26 +18,16 @@
  */
 package org.alfresco.module.org_alfresco_module_rm.security;
 
-import java.io.BufferedReader;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.io.Serializable;
-import java.util.HashMap;
-import java.util.HashSet;
 import java.util.List;
-import java.util.Map;
 import java.util.Set;
 
-import org.alfresco.error.AlfrescoRuntimeException;
 import org.alfresco.model.ContentModel;
 import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService;
 import org.alfresco.module.org_alfresco_module_rm.capability.Capability;
-import org.alfresco.module.org_alfresco_module_rm.capability.CapabilityService;
 import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
-import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService;
 import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
 import org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityService;
+import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService;
 import org.alfresco.repo.node.NodeServicePolicies;
 import org.alfresco.repo.policy.JavaBehaviour;
 import org.alfresco.repo.policy.PolicyComponent;
@@ -46,20 +36,14 @@ import org.alfresco.repo.security.authentication.AuthenticationUtil;
 import org.alfresco.service.cmr.repository.ChildAssociationRef;
 import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.cmr.repository.NodeService;
-import org.alfresco.service.cmr.repository.StoreRef;
 import org.alfresco.service.cmr.security.AccessPermission;
 import org.alfresco.service.cmr.security.AccessStatus;
-import org.alfresco.service.cmr.security.AuthorityService;
-import org.alfresco.service.cmr.security.AuthorityType;
 import org.alfresco.service.cmr.security.PermissionService;
 import org.alfresco.service.namespace.QName;
 import org.alfresco.service.namespace.RegexQNamePattern;
 import org.alfresco.util.ParameterCheck;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-import org.json.JSONArray;
-import org.json.JSONException;
-import org.json.JSONObject;
 
 /**
  * Records management permission service implementation
@@ -68,14 +52,7 @@ import org.json.JSONObject;
  */
 public class RecordsManagementSecurityServiceImpl implements RecordsManagementSecurityService,
                                                              RecordsManagementModel
-
 {
-    /** Capability service */
-    private CapabilityService capabilityService;
-
-    /** Authority service */
-    private AuthorityService authorityService;
-
     /** Permission service */
     private PermissionService permissionService;
 
@@ -88,41 +65,15 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
     /** Model security service */
     private ModelSecurityService modelSecurityService;
 
-    /** Record service */
-    private RecordService recordService;
-
     /** Node service */
     private NodeService nodeService;
     
-    /** Records management role zone */
+    /** File plan role service */
-    public static final String RM_ROLE_ZONE_PREFIX = "rmRoleZone";
+    private FilePlanRoleService filePlanRoleService;
-
-    /** Unfiled record container name */
-    public static final String NAME_UNFILED_CONTAINER = "Unfiled Records";
 
     /** Logger */
     private static Log logger = LogFactory.getLog(RecordsManagementSecurityServiceImpl.class);
 
-    /**
-     * Set the capability service
-     *
-     * @param capabilityService
-     */
-    public void setCapabilityService(CapabilityService capabilityService)
-    {
-        this.capabilityService = capabilityService;
-    }
-
-    /**
-     * Set the authortiy service
-     *
-     * @param authorityService
-     */
-    public void setAuthorityService(AuthorityService authorityService)
-    {
-        this.authorityService = authorityService;
-    }
-
     /**
      * Set the permission service
      *
@@ -153,16 +104,6 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
         this.recordsManagementService = recordsManagementService;
     }
 
-    /**
-     * Set record service
-     * 
-     * @param recordService record service
-     */
-    public void setRecordService(RecordService recordService)
-    {
-        this.recordService = recordService;
-    }
-
     /**
      * Set the node service
      *
@@ -181,19 +122,19 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
         this.modelSecurityService = modelSecurityService;
     }
     
+    /**
+     * @param filePlanRoleService   file plan role service
+     */
+    public void setFilePlanRoleService(FilePlanRoleService filePlanRoleService)
+    {
+        this.filePlanRoleService = filePlanRoleService;
+    }
+
     /**
      * Initialisation method
      */
     public void init()
     {
-        policyComponent.bindClassBehaviour(
-                NodeServicePolicies.OnCreateNodePolicy.QNAME,
-                TYPE_FILE_PLAN,
-                new JavaBehaviour(this, "onCreateRootNode", NotificationFrequency.TRANSACTION_COMMIT));
-        policyComponent.bindClassBehaviour(
-                NodeServicePolicies.OnDeleteNodePolicy.QNAME,
-                TYPE_FILE_PLAN,
-                new JavaBehaviour(this, "onDeleteRootNode", NotificationFrequency.TRANSACTION_COMMIT));
         policyComponent.bindClassBehaviour(
                 NodeServicePolicies.OnCreateNodePolicy.QNAME,
                 TYPE_RECORD_CATEGORY,
@@ -204,122 +145,6 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
                 new JavaBehaviour(this, "onCreateRecordFolder", NotificationFrequency.TRANSACTION_COMMIT));
     }
 
-    /**
-     * Create root node behaviour
-     *
-     * @param childAssocRef
-     */
-    public void onCreateRootNode(ChildAssociationRef childAssocRef)
-    {
-        final NodeRef rmRootNode = childAssocRef.getChildRef();
-
-        // Do not execute behaviour if this has been created in the archive store
-        if(rmRootNode.getStoreRef().equals(StoreRef.STORE_REF_ARCHIVE_SPACESSTORE) == true)
-        {
-            // This is not the spaces store - probably the archive store
-            return;
-        }
-
-        if (nodeService.exists(rmRootNode) == true)
-        {
-            NodeRef unfiledContainer = AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<NodeRef>()
-            {
-                public NodeRef doWork()
-                {
-                    // Create "all" role group for root node
-                    String allRoles = authorityService.createAuthority(AuthorityType.GROUP, getAllRolesGroupShortName(rmRootNode), "All Roles", null);
-
-                    // Set the permissions
-                    permissionService.setInheritParentPermissions(rmRootNode, false);
-                    permissionService.setPermission(rmRootNode, allRoles, RMPermissionModel.READ_RECORDS, true);
-                    permissionService.setPermission(rmRootNode, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.READ_RECORDS, true);
-                    permissionService.setPermission(rmRootNode, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.VIEW_RECORDS, true);
-
-                    // Create the unfiled record container
-                    return createUnfiledContainer(rmRootNode, allRoles);
-                }
-            }, AuthenticationUtil.getSystemUserName());
-
-            // Bootstrap in the default set of roles for the newly created root node
-            bootstrapDefaultRoles(rmRootNode, unfiledContainer);
-        }
-    }
-
-    /**
-     * Creates unfiled container node and sets up permissions
-     *
-     * @param rmRootNode
-     * @param allRoles
-     */
-    private NodeRef createUnfiledContainer(NodeRef rmRootNode, String allRoles)
-    {
-        NodeRef container = recordService.getUnfiledContainer(rmRootNode);
-        
-        if (container == null)
-        {
-            // create the properties map
-            Map<QName, Serializable> properties = new HashMap<QName, Serializable>(1);
-            properties.put(ContentModel.PROP_NAME, NAME_UNFILED_CONTAINER);
-    
-            // create the unfiled container
-            container = nodeService.createNode(
-                            rmRootNode,
-                            ASSOC_UNFILED_RECORDS,
-                            QName.createQName(RM_URI, NAME_UNFILED_CONTAINER),
-                            TYPE_UNFILED_RECORD_CONTAINER,
-                            properties).getChildRef();
-    
-            // set inheritance to false
-            permissionService.setInheritParentPermissions(container, false);
-            permissionService.setPermission(container, allRoles, RMPermissionModel.READ_RECORDS, true);
-            permissionService.setPermission(container, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.READ_RECORDS, true);
-        }
-
-        return container;
-    }
-
-    /**
-     * Delete root node behaviour
-     *
-     * @param childAssocRef
-     */
-    public void onDeleteRootNode(ChildAssociationRef childAssocRef, boolean isNodeArchived)
-    {
-        logger.debug("onDeleteRootNode called");
-
-        // get the deleted node
-        final NodeRef rmRootNode = childAssocRef.getChildRef();
-
-        AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
-        {
-            public Object doWork()
-            {
-                // cascade delete the 'all' roles group for the site
-                String allRolesGroup = authorityService.getName(AuthorityType.GROUP, getAllRolesGroupShortName(rmRootNode));
-                Set<String> groups = authorityService.getContainedAuthorities(AuthorityType.GROUP, allRolesGroup, true);
-                for (String group : groups)
-                {
-                    authorityService.deleteAuthority(group);
-                }
-
-                authorityService.deleteAuthority(allRolesGroup, false);
-
-                return null;
-            }
-        }, AuthenticationUtil.getSystemUserName());
-    }
-
-    /**
-     * Get all the roles by short name
-     *
-     * @param rmRootNode
-     * @return
-     */
-    private String getAllRolesGroupShortName(NodeRef rmRootNode)
-    {
-        return "AllRoles" + rmRootNode.getId();
-    }
-
     /**
      * @param childAssocRef
      */
@@ -434,453 +259,6 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
         }
     } 
 
-    /**
-     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#bootstrapDefaultRoles(org.alfresco.service.cmr.repository.NodeRef)
-     */
-    public void bootstrapDefaultRoles(NodeRef rmRootNode)
-    {
-        bootstrapDefaultRoles(rmRootNode, null);
-    }
-
-    private void bootstrapDefaultRoles(final NodeRef rmRootNode, final NodeRef unfiledContainer)
-    {
-        AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
-        {
-            public Object doWork()
-            {
-                try
-                {
-                    JSONArray array = null;
-                    try
-                    {
-                        // Load up the default roles from JSON
-                        InputStream is = getClass().getClassLoader().getResourceAsStream("alfresco/module/org_alfresco_module_rm/security/rm-default-roles-bootstrap.json");
-                        if  (is == null)
-                        {
-                            throw new AlfrescoRuntimeException("Could not load default bootstrap roles configuration");
-                        }
-                        array = new JSONArray(convertStreamToString(is));
-                    }
-                    catch (IOException ioe)
-                    {
-                        throw new AlfrescoRuntimeException("Unable to load rm-default-roles-bootstrap.json configuration file.", ioe);
-                    }
-
-                    // Add each role to the rm root node
-                    for (int i = 0; i < array.length(); i++)
-                    {
-                        JSONObject object = array.getJSONObject(i);
-
-                        // Get the name of the role
-                        String name = null;
-                        if (object.has("name") == true)
-                        {
-                            name = object.getString("name");
-                            if (existsRole(rmRootNode, name) == true)
-                            {
-                                throw new AlfrescoRuntimeException("The bootstrap role " + name + " already exists on the rm root node " + rmRootNode.toString());
-                            }
-                        }
-                        else
-                        {
-                            throw new AlfrescoRuntimeException("No name given to default bootstrap role.  Check json configuration file.");
-                        }
-
-
-                        // Get the role's display label
-                        String displayLabel = name;
-                        if (object.has("displayLabel") == true)
-                        {
-                            displayLabel = object.getString("displayLabel");
-                        }
-
-                        // Determine whether the role is an admin role or not
-                        boolean isAdmin = false;
-                        if (object.has("isAdmin") == true)
-                        {
-                            isAdmin = object.getBoolean("isAdmin");
-                        }
-
-                        // Get the roles capabilities
-                        Set<Capability> capabilities = new HashSet<Capability>(30);
-                        if (object.has("capabilities") == true)
-                        {
-                            JSONArray arrCaps = object.getJSONArray("capabilities");
-                            for (int index = 0; index < arrCaps.length(); index++)
-                            {
-                                String capName = arrCaps.getString(index);
-                                Capability capability = capabilityService.getCapability(capName);
-                                if (capability == null)
-                                {
-                                    throw new AlfrescoRuntimeException("The capability '" + capName + "' configured for the deafult boostrap role '" + name + "' is invalid.");
-                                }
-                                capabilities.add(capability);
-                            }
-                        }
-
-                        // Create the role
-                        Role role = createRole(rmRootNode, name, displayLabel, capabilities);
-
-                        // Add any additional admin permissions
-                        if (isAdmin == true)
-                        {
-                            // Admin has filing
-                            permissionService.setPermission(rmRootNode, role.getRoleGroupName(), RMPermissionModel.FILING, true);
-                            if (unfiledContainer != null)
-                            {
-                                permissionService.setPermission(unfiledContainer, role.getRoleGroupName(), RMPermissionModel.FILING, true);
-                            }
-
-                            // Add the creating user to the administration group
-                            String user = AuthenticationUtil.getFullyAuthenticatedUser();
-                            authorityService.addAuthority(role.getRoleGroupName(), user);
-                        }
-                    }
-                }
-                catch (JSONException exception)
-                {
-                    throw new AlfrescoRuntimeException("Error loading json configuration file rm-default-roles-bootstrap.json", exception);
-                }
-
-                return null;
-            }
-        }, AuthenticationUtil.getSystemUserName());
-    }
-
-    /**
-     * Helper method to convert a stream to a string.
-     *
-     * @param is    input stream
-     * @return {@link String}   string
-     * @throws IOException
-     */
-    public String convertStreamToString(InputStream is) throws IOException
-    {
-        /*
-        * To convert the InputStream to String we use the BufferedReader.readLine()
-        * method. We iterate until the BufferedReader return null which means
-        * there's no more data to read. Each line will appended to a StringBuilder
-        * and returned as String.
-        */
-        BufferedReader reader = new BufferedReader(new InputStreamReader(is));
-        StringBuilder sb = new StringBuilder();
-
-        String line = null;
-        try
-        {
-            while ((line = reader.readLine()) != null)
-            {
-                sb.append(line + "\n");
-            }
-        }
-        finally
-        {
-            try {is.close();} catch (IOException e) {}
-        }
-
-        return sb.toString();
-    }
-
-    /**
-     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRoles()
-     */
-    public Set<Role> getRoles(final NodeRef rmRootNode)
-    {
-        return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Set<Role>>()
-        {
-            public Set<Role> doWork() throws Exception
-            {
-                Set<Role> result = new HashSet<Role>(13);
-
-                Set<String> roleAuthorities = authorityService.getAllAuthoritiesInZone(getZoneName(rmRootNode), AuthorityType.GROUP);
-                for (String roleAuthority : roleAuthorities)
-                {
-                    String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode);
-                    String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority);
-
-                    Role role = new Role(name, displayLabel, getCapabilitiesImpl(rmRootNode, roleAuthority), roleAuthority);
-                    result.add(role);
-                }
-
-                return result;
-            }
-        }, AuthenticationUtil.getSystemUserName());
-    }
-
-    /**
-     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRolesByUser(org.alfresco.service.cmr.repository.NodeRef, java.lang.String)
-     */
-    public Set<Role> getRolesByUser(final NodeRef rmRootNode, final String user)
-    {
-        return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Set<Role>>()
-        {
-            public Set<Role> doWork() throws Exception
-            {
-                Set<Role> result = new HashSet<Role>(13);
-
-                Set<String> roleAuthorities = authorityService.getAllAuthoritiesInZone(getZoneName(rmRootNode), AuthorityType.GROUP);
-                for (String roleAuthority : roleAuthorities)
-                {
-                    Set<String> users = authorityService.getContainedAuthorities(AuthorityType.USER, roleAuthority, false);
-                    if (users.contains(user) == true)
-                    {
-                        String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode);
-                        String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority);
-                        
-                        Role role = new Role(name, displayLabel, getCapabilitiesImpl(rmRootNode, roleAuthority), roleAuthority);
-                        result.add(role);
-                    }
-                }
-
-                return result;
-            }
-        }, AuthenticationUtil.getSystemUserName());
-    }
-
-    /**
-     *
-     * @param rmRootNode
-     * @return
-     */
-    private String getZoneName(NodeRef rmRootNode)
-    {
-        return RM_ROLE_ZONE_PREFIX + rmRootNode.getId();
-    }
-
-    /**
-     * Get the full role name
-     *
-     * @param role
-     * @param rmRootNode
-     * @return
-     */
-    private String getFullRoleName(String role, NodeRef rmRootNode)
-    {
-        return role + rmRootNode.getId();
-    }
-
-    /**
-     * Get the short role name
-     *
-     * @param fullRoleName
-     * @param rmRootNode
-     * @return
-     */
-    private String getShortRoleName(String fullRoleName, NodeRef rmRootNode)
-    {
-        return fullRoleName.replaceAll(rmRootNode.getId(), "");
-    }
-
-    /**
-     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String)
-     */
-    public Role getRole(final NodeRef rmRootNode, final String role)
-    {
-        return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Role>()
-        {
-            public Role doWork() throws Exception
-            {
-                Role result = null;
-
-                String roleAuthority = authorityService.getName(AuthorityType.GROUP, getFullRoleName(role, rmRootNode));
-                if (authorityService.authorityExists(roleAuthority) == true)
-                {
-                    String name = getShortRoleName(authorityService.getShortName(roleAuthority), rmRootNode);
-                    String displayLabel = authorityService.getAuthorityDisplayName(roleAuthority);
-                    Set<Capability> capabilities = getCapabilitiesImpl(rmRootNode, roleAuthority);
-
-                    result = new Role(name, displayLabel, capabilities, roleAuthority);
-                }
-
-                return result;
-            }
-        }, AuthenticationUtil.getSystemUserName());
-    }
-
-    /**
-     *
-     * @param rmRootNode
-     * @param roleAuthority
-     * @return
-     */
-    private Set<Capability> getCapabilitiesImpl(NodeRef rmRootNode, String roleAuthority)
-    {
-        Set<AccessPermission> permissions = permissionService.getAllSetPermissions(rmRootNode);
-        Set<Capability> capabilities = new HashSet<Capability>(52);
-        for (AccessPermission permission : permissions)
-        {
-            if (permission.getAuthority().equals(roleAuthority) == true)
-            {
-                String capabilityName = permission.getPermission();
-                Capability capability = capabilityService.getCapability(capabilityName);
-                if (capability != null)
-                {
-                    capabilities.add(capability);
-                }
-            }
-        }
-
-        return capabilities;
-    }
-
-    /**
-     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#existsRole(java.lang.String)
-     */
-    public boolean existsRole(final NodeRef rmRootNode, final String role)
-    {
-        return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Boolean>()
-        {
-            public Boolean doWork() throws Exception
-            {
-                String fullRoleName = authorityService.getName(AuthorityType.GROUP, getFullRoleName(role, rmRootNode));
-
-                String zone = getZoneName(rmRootNode);
-                Set<String> roles = authorityService.getAllAuthoritiesInZone(zone, AuthorityType.GROUP);
-                return new Boolean(roles.contains(fullRoleName));
-            }
-        }, AuthenticationUtil.getSystemUserName()).booleanValue();
-    }
-
-    /**
-     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#hasRMAdminRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String)
-     *
-     * TODO .. change this to check a property of the role its self
-     */
-    public boolean hasRMAdminRole(NodeRef rmRootNode, String user)
-    {
-        boolean isRMAdmin = false;
-
-        Set<Role> userRoles = this.getRolesByUser(rmRootNode, user);
-        if (userRoles != null)
-        {
-            for (Role role : userRoles)
-            {
-                if (role.getName().equals("Administrator"))
-                {
-                    isRMAdmin = true;
-                    break;
-                }
-            }
-        }
-
-        return isRMAdmin;
-    }
-
-    /**
-     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#createRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String, java.util.Set)
-     */
-    public Role createRole(final NodeRef rmRootNode, final String role, final String roleDisplayLabel, final Set<Capability> capabilities)
-    {
-        return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Role>()
-        {
-            public Role doWork() throws Exception
-            {
-                String fullRoleName = getFullRoleName(role, rmRootNode);
-
-                // Check that the role does not already exist for the rm root node
-                if (authorityService.authorityExists(authorityService.getName(AuthorityType.GROUP, fullRoleName)))
-                {
-                    throw new AlfrescoRuntimeException("The role " + role + " already exists for root rm node " + rmRootNode.getId());
-                }
-
-                // Create a group that relates to the records management role
-                Set<String> zones = new HashSet<String>(2);
-                zones.add(getZoneName(rmRootNode));
-                zones.add(AuthorityService.ZONE_APP_DEFAULT);
-                String roleGroup = authorityService.createAuthority(AuthorityType.GROUP, fullRoleName, roleDisplayLabel, zones);
-
-                // Add the roleGroup to the "all" role group
-                String allRoleGroup = authorityService.getName(AuthorityType.GROUP, getAllRolesGroupShortName(rmRootNode));
-                authorityService.addAuthority(allRoleGroup, roleGroup);
-
-                // Assign the various capabilities to the group on the root records management node
-                if (capabilities != null)
-                {
-                    for (Capability capability : capabilities)
-                    {
-                        permissionService.setPermission(rmRootNode, roleGroup, capability.getName(), true);
-                    }                
-                }
-
-                return new Role(role, roleDisplayLabel, capabilities, roleGroup);
-            }
-        }, AuthenticationUtil.getSystemUserName());
-    }
-    
-    /**
-     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getAllRolesContainerGroup(org.alfresco.service.cmr.repository.NodeRef)
-     */
-    @Override
-    public String getAllRolesContainerGroup(NodeRef filePlan)
-    {
-        return authorityService.getName(AuthorityType.GROUP, getAllRolesGroupShortName(filePlan));
-    }
-
-    /**
-     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#updateRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String, java.util.Set)
-     */
-    public Role updateRole(final NodeRef rmRootNode, final String role, final String roleDisplayLabel, final Set<Capability> capabilities)
-    {
-        return AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Role>()
-        {
-            public Role doWork() throws Exception
-            {
-                String roleAuthority = authorityService.getName(AuthorityType.GROUP, getFullRoleName(role, rmRootNode));
-
-                // Reset the role display name
-                authorityService.setAuthorityDisplayName(roleAuthority, roleDisplayLabel);
-
-                // TODO this needs to be improved, removing all and readding is not ideal
-
-                // Clear the current capabilities
-                permissionService.clearPermission(rmRootNode, roleAuthority);
-
-                // Re-add the provided capabilities
-                for (Capability capability : capabilities)
-                {
-                    permissionService.setPermission(rmRootNode, roleAuthority, capability.getName(), true);
-                }
-
-                return new Role(role, roleDisplayLabel, capabilities, roleAuthority);
-
-            }
-        }, AuthenticationUtil.getSystemUserName());
-    }
-
-    /**
-     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#deleteRole(java.lang.String)
-     */
-    public void deleteRole(final NodeRef rmRootNode, final String role)
-    {
-        AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
-        {
-            public Boolean doWork() throws Exception
-            {
-                String roleAuthority = authorityService.getName(AuthorityType.GROUP, getFullRoleName(role, rmRootNode));
-                authorityService.deleteAuthority(roleAuthority);
-                return null;
-
-            }
-        }, AuthenticationUtil.getSystemUserName());
-    }
-
-    /**
-     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#assignRoleToAuthority(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String)
-     */
-    public void assignRoleToAuthority(final NodeRef rmRootNode, final String role, final String authorityName)
-    {
-        AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
-        {
-            public Boolean doWork() throws Exception
-            {
-                String roleAuthority = authorityService.getName(AuthorityType.GROUP, getFullRoleName(role, rmRootNode));
-                authorityService.addAuthority(roleAuthority, authorityName);
-                return null;
-
-            }
-        }, AuthenticationUtil.getSystemUserName());
-    }
-
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#setPermission(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String, boolean)
      */
@@ -1012,6 +390,8 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
         }, AuthenticationUtil.getSystemUserName());
     }
     
+    /** Deprecated method implementations */
+
     /**
      * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getProtectedAspects()
      */
@@ -1031,4 +411,114 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
     {
         return modelSecurityService.getProtectedProperties();
     }
+
+    /**
+     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#assignRoleToAuthority(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String)
+     */
+    @Deprecated
+    @Override
+    public void assignRoleToAuthority(NodeRef rmRootNode, String role, String authorityName)
+    {
+        filePlanRoleService.assignRoleToAuthority(rmRootNode, role, authorityName);
+    }
+
+    /**
+     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#bootstrapDefaultRoles(org.alfresco.service.cmr.repository.NodeRef)
+     */
+    @Deprecated
+    @Override
+    public void bootstrapDefaultRoles(NodeRef rmRootNode)
+    {
+        throw new UnsupportedOperationException("This method is no longer supported.");
+    }
+
+    /**
+     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#createRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String, java.util.Set)
+     */
+    @Deprecated
+    @Override
+    public Role createRole(NodeRef rmRootNode, String role, String roleDisplayLabel, Set<Capability> capabilities)
+    {
+        return Role.toRole(filePlanRoleService.createRole(rmRootNode, role, roleDisplayLabel, capabilities));
+    }
+
+    /**
+     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#deleteRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String)
+     */
+    @Deprecated
+    @Override
+    public void deleteRole(NodeRef rmRootNode, String role)
+    {
+        filePlanRoleService.deleteRole(rmRootNode, role);
+    }
+
+    /**
+     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#existsRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String)
+     */
+    @Deprecated
+    @Override
+    public boolean existsRole(NodeRef rmRootNode, String role)
+    {
+        return filePlanRoleService.existsRole(rmRootNode, role);
+    }
+
+    /**
+     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getAllRolesContainerGroup(org.alfresco.service.cmr.repository.NodeRef)
+     */
+    @Deprecated
+    @Override
+    public String getAllRolesContainerGroup(NodeRef filePlan)
+    {
+        return filePlanRoleService.getAllRolesContainerGroup(filePlan);
+    }
+
+    /**
+     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String)
+     */
+    @Deprecated
+    @Override
+    public Role getRole(NodeRef rmRootNode, String role)
+    {
+        return Role.toRole(filePlanRoleService.getRole(rmRootNode, role));
+    }
+
+    /**
+     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRoles(org.alfresco.service.cmr.repository.NodeRef)
+     */
+    @Deprecated
+    @Override
+    public Set<Role> getRoles(NodeRef rmRootNode)
+    {
+        return Role.toRoleSet(filePlanRoleService.getRoles(rmRootNode));
+    }
+
+    /**
+     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRolesByUser(org.alfresco.service.cmr.repository.NodeRef, java.lang.String)
+     */
+    @Deprecated
+    @Override
+    public Set<Role> getRolesByUser(NodeRef rmRootNode, String user)
+    {
+        return Role.toRoleSet(filePlanRoleService.getRolesByUser(rmRootNode, user));
+    }
+
+    /**
+     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#hasRMAdminRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String)
+     */
+    @Deprecated
+    @Override
+    public boolean hasRMAdminRole(NodeRef rmRootNode, String user)
+    {
+        return filePlanRoleService.hasRMAdminRole(rmRootNode, user);
+    }
+
+    /**
+     * @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#updateRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String, java.util.Set)
+     */
+    @Deprecated
+    @Override
+    public Role updateRole(NodeRef rmRootNode, String role, String roleDisplayLabel, Set<Capability> capabilities)
+    {
+        return updateRole(rmRootNode, role, roleDisplayLabel, capabilities);
+    }
 }

rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/RecordServiceImplTest.java

@@ -23,8 +23,8 @@ import java.util.List;
 import java.util.Set;
 
 import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
-import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService;
 import org.alfresco.module.org_alfresco_module_rm.dod5015.DOD5015Model;
+import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
 import org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityService;
 import org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase;
 import org.alfresco.repo.content.MimetypeMap;

rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/util/BaseRMTestCase.java

@@ -29,13 +29,13 @@ import org.alfresco.module.org_alfresco_module_rm.action.RecordsManagementAction
 import org.alfresco.module.org_alfresco_module_rm.capability.CapabilityService;
 import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
 import org.alfresco.module.org_alfresco_module_rm.dataset.DataSetService;
-import org.alfresco.module.org_alfresco_module_rm.disposableitem.RecordService;
 import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionSchedule;
 import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionService;
 import org.alfresco.module.org_alfresco_module_rm.event.RecordsManagementEventService;
 import org.alfresco.module.org_alfresco_module_rm.freeze.FreezeService;
 import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
 import org.alfresco.module.org_alfresco_module_rm.model.behaviour.RmSiteType;
+import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
 import org.alfresco.module.org_alfresco_module_rm.search.RecordsManagementSearchService;
 import org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService;
 import org.alfresco.module.org_alfresco_module_rm.vital.VitalRecordService;