RM-2119 Java API to change a user's security clearance.

+review RM

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@103777 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceService.java

@@ -44,4 +44,12 @@ public interface SecurityClearanceService
      * @return security clearances for the specified page of users.
      */
     PagingResults<SecurityClearance> getUsersSecurityClearance(UserQueryParams queryParams);
+
+    /**
+     * Set the clearance level for a user.
+     *
+     * @param userName The username of the user.
+     * @param clearanceId The identifier for the new clearance level.
+     */
+    void setUserSecurityClearance(String userName, String clearanceId);
 }

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImpl.java

@@ -21,18 +21,22 @@ package org.alfresco.module.org_alfresco_module_rm.classification;
 import static org.alfresco.module.org_alfresco_module_rm.classification.model.ClassifiedContentModel.ASPECT_SECURITY_CLEARANCE;
 import static org.alfresco.module.org_alfresco_module_rm.classification.model.ClassifiedContentModel.PROP_CLEARANCE_LEVEL;
 
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+
+import com.google.common.collect.ImmutableMap;
 import org.alfresco.module.org_alfresco_module_rm.util.ServiceBaseImpl;
 import org.alfresco.query.PagingRequest;
 import org.alfresco.query.PagingResults;
 import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.cmr.security.PersonService;
 import org.alfresco.service.cmr.security.PersonService.PersonInfo;
+import org.alfresco.service.namespace.QName;
 import org.alfresco.util.Pair;
 import org.alfresco.util.ParameterCheck;
 
-import java.util.ArrayList;
-import java.util.List;
-
 /**
  * @author Neil Mc Erlean
  * @since 3.0
@@ -45,6 +49,7 @@ public class SecurityClearanceServiceImpl extends ServiceBaseImpl implements Sec
     public void setClassificationService(ClassificationService service) { this.classificationService = service; }
     public void setPersonService        (PersonService service)         { this.personService = service; }
 
+    @Override
     public SecurityClearance getUserSecurityClearance()
     {
         final String currentUser = authenticationUtil.getFullyAuthenticatedUser();
@@ -72,6 +77,7 @@ public class SecurityClearanceServiceImpl extends ServiceBaseImpl implements Sec
         return new SecurityClearance(personInfo, classificationLevel);
     }
 
+    @Override
     public PagingResults<SecurityClearance> getUsersSecurityClearance(UserQueryParams queryParams)
     {
         final PagingRequest pagingRequest = new PagingRequest(queryParams.getSkipCount(),
@@ -102,4 +108,26 @@ public class SecurityClearanceServiceImpl extends ServiceBaseImpl implements Sec
             @Override public String                 getQueryExecutionId() { return p.getQueryExecutionId(); }
         };
     }
+
+    @Override
+    public void setUserSecurityClearance(String userName, String clearanceId)
+    {
+        ParameterCheck.mandatoryString("userName", userName);
+        ParameterCheck.mandatoryString("clearanceId", clearanceId);
+
+        final NodeRef personNode = personService.getPerson(userName, false);
+        // This is just used to check the current user has clearance to see the specified level; it will throw a
+        // LevelIdNotFound exception if not.
+        classificationService.getClassificationLevelById(clearanceId);
+
+        if (nodeService.hasAspect(personNode, ASPECT_SECURITY_CLEARANCE))
+        {
+            nodeService.setProperty(personNode, PROP_CLEARANCE_LEVEL, clearanceId);
+        }
+        else
+        {
+            Map<QName, Serializable> properties = ImmutableMap.of(PROP_CLEARANCE_LEVEL, clearanceId);
+            nodeService.addAspect(personNode, ASPECT_SECURITY_CLEARANCE, properties);
+        }
+    }
 }