mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-07-31 17:39:05 +00:00
RM-692 (The RM groups are no longer 'public')
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@50465 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Tuna Aksoy
@@ -63,7 +63,7 @@
|
|||||||
<property name="filePlanService" ref="FilePlanService"/>
|
<property name="filePlanService" ref="FilePlanService"/>
|
||||||
<property name="capabilityService" ref="CapabilityService"/>
|
<property name="capabilityService" ref="CapabilityService"/>
|
||||||
</bean>
|
</bean>
|
||||||
|
|
||||||
<bean id="org_alfresco_module_rm_RMv21CapabilityPatch"
|
<bean id="org_alfresco_module_rm_RMv21CapabilityPatch"
|
||||||
parent="module.baseComponent"
|
parent="module.baseComponent"
|
||||||
class="org.alfresco.module.org_alfresco_module_rm.patch.RMv21CapabilityPatch">
|
class="org.alfresco.module.org_alfresco_module_rm.patch.RMv21CapabilityPatch">
|
||||||
@@ -76,7 +76,7 @@
|
|||||||
<property name="filePlanRoleService" ref="FilePlanRoleService"/>
|
<property name="filePlanRoleService" ref="FilePlanRoleService"/>
|
||||||
<property name="capabilityService" ref="CapabilityService"/>
|
<property name="capabilityService" ref="CapabilityService"/>
|
||||||
</bean>
|
</bean>
|
||||||
|
|
||||||
<bean id="org_alfresco_module_rm_RMv2RMAdminUserPatch"
|
<bean id="org_alfresco_module_rm_RMv2RMAdminUserPatch"
|
||||||
parent="module.baseComponent"
|
parent="module.baseComponent"
|
||||||
class="org.alfresco.module.org_alfresco_module_rm.patch.RMv2RMAdminUserPatch">
|
class="org.alfresco.module.org_alfresco_module_rm.patch.RMv2RMAdminUserPatch">
|
||||||
@@ -92,7 +92,7 @@
|
|||||||
<property name="filePlanAuthenticationService" ref="FilePlanAuthenticationService" />
|
<property name="filePlanAuthenticationService" ref="FilePlanAuthenticationService" />
|
||||||
<property name="password" value="${bootstrap.rmadmin.pwd}" />
|
<property name="password" value="${bootstrap.rmadmin.pwd}" />
|
||||||
</bean>
|
</bean>
|
||||||
|
|
||||||
<bean id="org_alfresco_module_rm_RMv21RecordInheritancePatch"
|
<bean id="org_alfresco_module_rm_RMv21RecordInheritancePatch"
|
||||||
parent="module.baseComponent"
|
parent="module.baseComponent"
|
||||||
class="org.alfresco.module.org_alfresco_module_rm.patch.RMv21RecordInheritancePatch">
|
class="org.alfresco.module.org_alfresco_module_rm.patch.RMv21RecordInheritancePatch">
|
||||||
@@ -108,4 +108,17 @@
|
|||||||
<property name="filePlanPermissionServiceImpl" ref="filePlanPermissionService"/>
|
<property name="filePlanPermissionServiceImpl" ref="filePlanPermissionService"/>
|
||||||
</bean>
|
</bean>
|
||||||
|
|
||||||
|
<bean id="org_alfresco_module_rm_RMv21RolesPatch"
|
||||||
|
parent="module.baseComponent"
|
||||||
|
class="org.alfresco.module.org_alfresco_module_rm.patch.RMv21RolesPatch">
|
||||||
|
<property name="moduleId" value="org_alfresco_module_rm"/>
|
||||||
|
<property name="name" value="org_alfresco_module_rm_RMv21RolesPatch"/>
|
||||||
|
<property name="description" value="Add existing roles to the rm zone."/>
|
||||||
|
<property name="sinceVersion" value="2.1"/>
|
||||||
|
<property name="appliesFromVersion" value="2.1"/>
|
||||||
|
<property name="filePlanService" ref="FilePlanService"/>
|
||||||
|
<property name="filePlanRoleService" ref="FilePlanRoleService"/>
|
||||||
|
<property name="authorityService" ref="AuthorityService"></property>
|
||||||
|
</bean>
|
||||||
|
|
||||||
</beans>
|
</beans>
|
||||||
@@ -1479,4 +1479,49 @@
|
|||||||
<property name="path" value="alfresco/module/org_alfresco_module_rm/dod5015/DODExampleFilePlan.xml" />
|
<property name="path" value="alfresco/module/org_alfresco_module_rm/dod5015/DODExampleFilePlan.xml" />
|
||||||
</bean>
|
</bean>
|
||||||
|
|
||||||
|
<bean id="authorityDAO" class="org.alfresco.repo.security.authority.RMAuthorityDAOImpl" init-method="init">
|
||||||
|
<property name="storeUrl">
|
||||||
|
<value>${spaces.store}</value>
|
||||||
|
</property>
|
||||||
|
<property name="nodeService">
|
||||||
|
<ref bean="mlAwareNodeService" />
|
||||||
|
</property>
|
||||||
|
<property name="searchService">
|
||||||
|
<ref bean="admSearchService" />
|
||||||
|
</property>
|
||||||
|
<property name="namespacePrefixResolver">
|
||||||
|
<ref bean="namespaceService" />
|
||||||
|
</property>
|
||||||
|
<property name="dictionaryService">
|
||||||
|
<ref bean="dictionaryService" />
|
||||||
|
</property>
|
||||||
|
<property name="personService">
|
||||||
|
<ref bean="personService" />
|
||||||
|
</property>
|
||||||
|
<property name="tenantService">
|
||||||
|
<ref bean="tenantService" />
|
||||||
|
</property>
|
||||||
|
<property name="authorityLookupCache">
|
||||||
|
<ref bean="authorityLookupCache" />
|
||||||
|
</property>
|
||||||
|
<property name="userAuthorityCache">
|
||||||
|
<ref bean="userToAuthorityCache" />
|
||||||
|
</property>
|
||||||
|
<property name="childAuthorityCache">
|
||||||
|
<ref bean="authorityToChildAuthorityCache" />
|
||||||
|
</property>
|
||||||
|
<property name="zoneAuthorityCache">
|
||||||
|
<ref bean="zoneToAuthorityCache" />
|
||||||
|
</property>
|
||||||
|
<property name="policyComponent">
|
||||||
|
<ref bean="policyComponent"/>
|
||||||
|
</property>
|
||||||
|
<property name="cannedQueryRegistry">
|
||||||
|
<ref bean="cannedQueryRegistry" />
|
||||||
|
</property>
|
||||||
|
<property name="aclDAO">
|
||||||
|
<ref bean="aclDAO" />
|
||||||
|
</property>
|
||||||
|
</bean>
|
||||||
|
|
||||||
</beans>
|
</beans>
|
||||||
@@ -6,7 +6,9 @@ import java.io.InputStreamReader;
|
|||||||
import java.io.Reader;
|
import java.io.Reader;
|
||||||
import java.io.Serializable;
|
import java.io.Serializable;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
|
import java.util.Arrays;
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
|
import java.util.HashSet;
|
||||||
import java.util.Iterator;
|
import java.util.Iterator;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
@@ -24,6 +26,7 @@ import org.alfresco.module.org_alfresco_module_rm.recordfolder.RecordFolderServi
|
|||||||
import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService;
|
import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService;
|
||||||
import org.alfresco.module.org_alfresco_module_rm.role.Role;
|
import org.alfresco.module.org_alfresco_module_rm.role.Role;
|
||||||
import org.alfresco.repo.security.authentication.AuthenticationUtil;
|
import org.alfresco.repo.security.authentication.AuthenticationUtil;
|
||||||
|
import org.alfresco.repo.security.authority.RMAuthority;
|
||||||
import org.alfresco.service.cmr.repository.NodeRef;
|
import org.alfresco.service.cmr.repository.NodeRef;
|
||||||
import org.alfresco.service.cmr.repository.NodeService;
|
import org.alfresco.service.cmr.repository.NodeService;
|
||||||
import org.alfresco.service.cmr.repository.StoreRef;
|
import org.alfresco.service.cmr.repository.StoreRef;
|
||||||
@@ -374,7 +377,7 @@ public class DataSetServiceImpl implements DataSetService, RecordsManagementMode
|
|||||||
|
|
||||||
// Create "all" role group for root node
|
// Create "all" role group for root node
|
||||||
String allRoles = authorityService.createAuthority(AuthorityType.GROUP, allRoleShortName,
|
String allRoles = authorityService.createAuthority(AuthorityType.GROUP, allRoleShortName,
|
||||||
"All Roles", null);
|
"All Roles", new HashSet<String>(Arrays.asList(RMAuthority.ZONE_APP_RM)));
|
||||||
|
|
||||||
// Put all the role groups in it
|
// Put all the role groups in it
|
||||||
Set<Role> roles = filePlanRoleService.getRoles(rmRoot);
|
Set<Role> roles = filePlanRoleService.getRoles(rmRoot);
|
||||||
|
|||||||
@@ -0,0 +1,88 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (C) 2005-2013 Alfresco Software Limited.
|
||||||
|
*
|
||||||
|
* This file is part of Alfresco
|
||||||
|
*
|
||||||
|
* Alfresco is free software: you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU Lesser General Public License as published by
|
||||||
|
* the Free Software Foundation, either version 3 of the License, or
|
||||||
|
* (at your option) any later version.
|
||||||
|
*
|
||||||
|
* Alfresco is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU Lesser General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU Lesser General Public License
|
||||||
|
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
package org.alfresco.module.org_alfresco_module_rm.patch;
|
||||||
|
|
||||||
|
import java.util.Arrays;
|
||||||
|
import java.util.HashSet;
|
||||||
|
import java.util.Set;
|
||||||
|
|
||||||
|
import org.alfresco.module.org_alfresco_module_rm.fileplan.FilePlanService;
|
||||||
|
import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService;
|
||||||
|
import org.alfresco.module.org_alfresco_module_rm.role.Role;
|
||||||
|
import org.alfresco.repo.module.AbstractModuleComponent;
|
||||||
|
import org.alfresco.repo.security.authority.RMAuthority;
|
||||||
|
import org.alfresco.service.cmr.repository.NodeRef;
|
||||||
|
import org.alfresco.service.cmr.security.AuthorityService;
|
||||||
|
import org.alfresco.service.cmr.security.AuthorityType;
|
||||||
|
import org.springframework.beans.factory.BeanNameAware;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Adds the existing rm roles to a new zone "APP.RM"
|
||||||
|
*
|
||||||
|
* @author Tuna Aksoy
|
||||||
|
* @since 2.1
|
||||||
|
*/
|
||||||
|
public class RMv21RolesPatch extends AbstractModuleComponent implements BeanNameAware
|
||||||
|
{
|
||||||
|
private FilePlanService filePlanService;
|
||||||
|
private FilePlanRoleService filePlanRoleService;
|
||||||
|
private AuthorityService authorityService;
|
||||||
|
|
||||||
|
public void setFilePlanService(FilePlanService filePlanService)
|
||||||
|
{
|
||||||
|
this.filePlanService = filePlanService;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setFilePlanRoleService(FilePlanRoleService filePlanRoleService)
|
||||||
|
{
|
||||||
|
this.filePlanRoleService = filePlanRoleService;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setAuthorityService(AuthorityService authorityService)
|
||||||
|
{
|
||||||
|
this.authorityService = authorityService;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
protected void executeInternal() throws Throwable
|
||||||
|
{
|
||||||
|
Set<NodeRef> filePlans = filePlanService.getFilePlans();
|
||||||
|
for (NodeRef filePlan : filePlans)
|
||||||
|
{
|
||||||
|
boolean parentAddedToZone = false;
|
||||||
|
Set<Role> roles = filePlanRoleService.getRoles(filePlan);
|
||||||
|
for (Role role : roles)
|
||||||
|
{
|
||||||
|
String roleGroupName = role.getRoleGroupName();
|
||||||
|
addAuthorityToZone(roleGroupName);
|
||||||
|
if (parentAddedToZone == false)
|
||||||
|
{
|
||||||
|
String allRolesGroup = authorityService.getName(AuthorityType.GROUP, "AllRoles" + filePlan.getId());
|
||||||
|
addAuthorityToZone(allRolesGroup);
|
||||||
|
parentAddedToZone = true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private void addAuthorityToZone(String roleGroupName)
|
||||||
|
{
|
||||||
|
authorityService.addAuthorityToZones(roleGroupName, new HashSet<String>(Arrays.asList(RMAuthority.ZONE_APP_RM)));
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -22,6 +22,7 @@ import java.io.BufferedReader;
|
|||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.io.InputStream;
|
import java.io.InputStream;
|
||||||
import java.io.InputStreamReader;
|
import java.io.InputStreamReader;
|
||||||
|
import java.util.Arrays;
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
|
||||||
@@ -39,6 +40,7 @@ import org.alfresco.repo.policy.JavaBehaviour;
|
|||||||
import org.alfresco.repo.policy.PolicyComponent;
|
import org.alfresco.repo.policy.PolicyComponent;
|
||||||
import org.alfresco.repo.policy.Behaviour.NotificationFrequency;
|
import org.alfresco.repo.policy.Behaviour.NotificationFrequency;
|
||||||
import org.alfresco.repo.security.authentication.AuthenticationUtil;
|
import org.alfresco.repo.security.authentication.AuthenticationUtil;
|
||||||
|
import org.alfresco.repo.security.authority.RMAuthority;
|
||||||
import org.alfresco.service.cmr.repository.ChildAssociationRef;
|
import org.alfresco.service.cmr.repository.ChildAssociationRef;
|
||||||
import org.alfresco.service.cmr.repository.NodeRef;
|
import org.alfresco.service.cmr.repository.NodeRef;
|
||||||
import org.alfresco.service.cmr.repository.NodeService;
|
import org.alfresco.service.cmr.repository.NodeService;
|
||||||
@@ -184,7 +186,7 @@ public class FilePlanRoleServiceImpl implements FilePlanRoleService,
|
|||||||
public NodeRef doWork()
|
public NodeRef doWork()
|
||||||
{
|
{
|
||||||
// Create "all" role group for root node
|
// Create "all" role group for root node
|
||||||
String allRoles = authorityService.createAuthority(AuthorityType.GROUP, getAllRolesGroupShortName(rmRootNode), "All Roles", null);
|
String allRoles = authorityService.createAuthority(AuthorityType.GROUP, getAllRolesGroupShortName(rmRootNode), "All Roles", new HashSet<String>(Arrays.asList(RMAuthority.ZONE_APP_RM)));
|
||||||
|
|
||||||
// Set the permissions
|
// Set the permissions
|
||||||
permissionService.setInheritParentPermissions(rmRootNode, false);
|
permissionService.setInheritParentPermissions(rmRootNode, false);
|
||||||
@@ -607,7 +609,7 @@ public class FilePlanRoleServiceImpl implements FilePlanRoleService,
|
|||||||
// Create a group that relates to the records management role
|
// Create a group that relates to the records management role
|
||||||
Set<String> zones = new HashSet<String>(2);
|
Set<String> zones = new HashSet<String>(2);
|
||||||
zones.add(getZoneName(rmRootNode));
|
zones.add(getZoneName(rmRootNode));
|
||||||
zones.add(AuthorityService.ZONE_APP_DEFAULT);
|
zones.add(RMAuthority.ZONE_APP_RM);
|
||||||
String roleGroup = authorityService.createAuthority(AuthorityType.GROUP, fullRoleName, roleDisplayLabel, zones);
|
String roleGroup = authorityService.createAuthority(AuthorityType.GROUP, fullRoleName, roleDisplayLabel, zones);
|
||||||
|
|
||||||
// Add the roleGroup to the "all" role group
|
// Add the roleGroup to the "all" role group
|
||||||
|
|||||||
@@ -22,7 +22,9 @@ import java.io.InputStream;
|
|||||||
import java.io.InputStreamReader;
|
import java.io.InputStreamReader;
|
||||||
import java.io.Reader;
|
import java.io.Reader;
|
||||||
import java.io.UnsupportedEncodingException;
|
import java.io.UnsupportedEncodingException;
|
||||||
|
import java.util.Arrays;
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
|
import java.util.HashSet;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
|
||||||
@@ -40,6 +42,7 @@ import org.alfresco.module.org_alfresco_module_rm.recordfolder.RecordFolderServi
|
|||||||
import org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService;
|
import org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService;
|
||||||
import org.alfresco.module.org_alfresco_module_rm.security.Role;
|
import org.alfresco.module.org_alfresco_module_rm.security.Role;
|
||||||
import org.alfresco.repo.security.authentication.AuthenticationUtil;
|
import org.alfresco.repo.security.authentication.AuthenticationUtil;
|
||||||
|
import org.alfresco.repo.security.authority.RMAuthority;
|
||||||
import org.alfresco.service.cmr.repository.NodeRef;
|
import org.alfresco.service.cmr.repository.NodeRef;
|
||||||
import org.alfresco.service.cmr.repository.NodeService;
|
import org.alfresco.service.cmr.repository.NodeService;
|
||||||
import org.alfresco.service.cmr.repository.StoreRef;
|
import org.alfresco.service.cmr.repository.StoreRef;
|
||||||
@@ -70,15 +73,15 @@ public class BootstrapTestDataGet extends DeclarativeWebScript
|
|||||||
implements RecordsManagementModel, ApplicationContextAware
|
implements RecordsManagementModel, ApplicationContextAware
|
||||||
{
|
{
|
||||||
private static Log logger = LogFactory.getLog(BootstrapTestDataGet.class);
|
private static Log logger = LogFactory.getLog(BootstrapTestDataGet.class);
|
||||||
|
|
||||||
private static final String ARG_SITE_NAME = "site";
|
private static final String ARG_SITE_NAME = "site";
|
||||||
private static final String ARG_IMPORT = "import";
|
private static final String ARG_IMPORT = "import";
|
||||||
|
|
||||||
private static final String XML_IMPORT = "alfresco/module/org_alfresco_module_rm/dod5015/DODExampleFilePlan.xml";
|
private static final String XML_IMPORT = "alfresco/module/org_alfresco_module_rm/dod5015/DODExampleFilePlan.xml";
|
||||||
private static final String charsetName = "UTF-8";
|
private static final String charsetName = "UTF-8";
|
||||||
|
|
||||||
private static final StoreRef SPACES_STORE = new StoreRef(StoreRef.PROTOCOL_WORKSPACE, "SpacesStore");
|
private static final StoreRef SPACES_STORE = new StoreRef(StoreRef.PROTOCOL_WORKSPACE, "SpacesStore");
|
||||||
|
|
||||||
private NodeService nodeService;
|
private NodeService nodeService;
|
||||||
private SearchService searchService;
|
private SearchService searchService;
|
||||||
private RecordsManagementService recordsManagementService;
|
private RecordsManagementService recordsManagementService;
|
||||||
@@ -89,70 +92,70 @@ public class BootstrapTestDataGet extends DeclarativeWebScript
|
|||||||
private RecordsManagementSecurityService recordsManagementSecurityService;
|
private RecordsManagementSecurityService recordsManagementSecurityService;
|
||||||
private AuthorityService authorityService;
|
private AuthorityService authorityService;
|
||||||
private RecordsManagementSearchBehaviour recordsManagementSearchBehaviour;
|
private RecordsManagementSearchBehaviour recordsManagementSearchBehaviour;
|
||||||
private DispositionService dispositionService;
|
private DispositionService dispositionService;
|
||||||
private ApplicationContext applicationContext;
|
private ApplicationContext applicationContext;
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void setApplicationContext(ApplicationContext applicationContext) throws BeansException
|
public void setApplicationContext(ApplicationContext applicationContext) throws BeansException
|
||||||
{
|
{
|
||||||
this.applicationContext = applicationContext;
|
this.applicationContext = applicationContext;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void setNodeService(NodeService nodeService)
|
public void setNodeService(NodeService nodeService)
|
||||||
{
|
{
|
||||||
this.nodeService = nodeService;
|
this.nodeService = nodeService;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void setSearchService(SearchService searchService)
|
public void setSearchService(SearchService searchService)
|
||||||
{
|
{
|
||||||
this.searchService = searchService;
|
this.searchService = searchService;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void setDispositionService(DispositionService dispositionService)
|
public void setDispositionService(DispositionService dispositionService)
|
||||||
{
|
{
|
||||||
this.dispositionService = dispositionService;
|
this.dispositionService = dispositionService;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void setRecordsManagementService(RecordsManagementService recordsManagementService)
|
public void setRecordsManagementService(RecordsManagementService recordsManagementService)
|
||||||
{
|
{
|
||||||
this.recordsManagementService = recordsManagementService;
|
this.recordsManagementService = recordsManagementService;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void setRecordsManagementActionService(RecordsManagementActionService recordsManagementActionService)
|
public void setRecordsManagementActionService(RecordsManagementActionService recordsManagementActionService)
|
||||||
{
|
{
|
||||||
this.recordsManagementActionService = recordsManagementActionService;
|
this.recordsManagementActionService = recordsManagementActionService;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void setImporterService(ImporterService importerService)
|
public void setImporterService(ImporterService importerService)
|
||||||
{
|
{
|
||||||
this.importerService = importerService;
|
this.importerService = importerService;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void setSiteService(SiteService siteService)
|
public void setSiteService(SiteService siteService)
|
||||||
{
|
{
|
||||||
this.siteService = siteService;
|
this.siteService = siteService;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void setPermissionService(PermissionService permissionService)
|
public void setPermissionService(PermissionService permissionService)
|
||||||
{
|
{
|
||||||
this.permissionService = permissionService;
|
this.permissionService = permissionService;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void setAuthorityService(AuthorityService authorityService)
|
public void setAuthorityService(AuthorityService authorityService)
|
||||||
{
|
{
|
||||||
this.authorityService = authorityService;
|
this.authorityService = authorityService;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void setRecordsManagementSecurityService(RecordsManagementSecurityService recordsManagementSecurityService)
|
public void setRecordsManagementSecurityService(RecordsManagementSecurityService recordsManagementSecurityService)
|
||||||
{
|
{
|
||||||
this.recordsManagementSecurityService = recordsManagementSecurityService;
|
this.recordsManagementSecurityService = recordsManagementSecurityService;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void setRecordsManagementSearchBehaviour(RecordsManagementSearchBehaviour searchBehaviour)
|
public void setRecordsManagementSearchBehaviour(RecordsManagementSearchBehaviour searchBehaviour)
|
||||||
{
|
{
|
||||||
this.recordsManagementSearchBehaviour = searchBehaviour;
|
this.recordsManagementSearchBehaviour = searchBehaviour;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public Map<String, Object> executeImpl(WebScriptRequest req, Status status, Cache cache)
|
public Map<String, Object> executeImpl(WebScriptRequest req, Status status, Cache cache)
|
||||||
{
|
{
|
||||||
@@ -162,14 +165,14 @@ public class BootstrapTestDataGet extends DeclarativeWebScript
|
|||||||
{
|
{
|
||||||
importData = Boolean.parseBoolean(req.getParameter(ARG_IMPORT));
|
importData = Boolean.parseBoolean(req.getParameter(ARG_IMPORT));
|
||||||
}
|
}
|
||||||
|
|
||||||
// resolve rm site
|
// resolve rm site
|
||||||
String siteName = RmSiteType.DEFAULT_SITE_NAME;
|
String siteName = RmSiteType.DEFAULT_SITE_NAME;
|
||||||
if (req.getParameter(ARG_SITE_NAME) != null)
|
if (req.getParameter(ARG_SITE_NAME) != null)
|
||||||
{
|
{
|
||||||
siteName = req.getParameter(ARG_SITE_NAME);
|
siteName = req.getParameter(ARG_SITE_NAME);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (importData)
|
if (importData)
|
||||||
{
|
{
|
||||||
SiteInfo site = siteService.getSite(siteName);
|
SiteInfo site = siteService.getSite(siteName);
|
||||||
@@ -177,14 +180,14 @@ public class BootstrapTestDataGet extends DeclarativeWebScript
|
|||||||
{
|
{
|
||||||
throw new AlfrescoRuntimeException("Records Management site does not exist: " + siteName);
|
throw new AlfrescoRuntimeException("Records Management site does not exist: " + siteName);
|
||||||
}
|
}
|
||||||
|
|
||||||
// resolve documentLibrary (filePlan) container
|
// resolve documentLibrary (filePlan) container
|
||||||
NodeRef filePlan = siteService.getContainer(siteName, RmSiteType.COMPONENT_DOCUMENT_LIBRARY);
|
NodeRef filePlan = siteService.getContainer(siteName, RmSiteType.COMPONENT_DOCUMENT_LIBRARY);
|
||||||
if (filePlan == null)
|
if (filePlan == null)
|
||||||
{
|
{
|
||||||
filePlan = siteService.createContainer(siteName, RmSiteType.COMPONENT_DOCUMENT_LIBRARY, TYPE_FILE_PLAN, null);
|
filePlan = siteService.createContainer(siteName, RmSiteType.COMPONENT_DOCUMENT_LIBRARY, TYPE_FILE_PLAN, null);
|
||||||
}
|
}
|
||||||
|
|
||||||
// import the RM test data ACP into the the provided filePlan node reference
|
// import the RM test data ACP into the the provided filePlan node reference
|
||||||
InputStream is = BootstrapTestDataGet.class.getClassLoader().getResourceAsStream(XML_IMPORT);
|
InputStream is = BootstrapTestDataGet.class.getClassLoader().getResourceAsStream(XML_IMPORT);
|
||||||
if (is == null)
|
if (is == null)
|
||||||
@@ -203,31 +206,31 @@ public class BootstrapTestDataGet extends DeclarativeWebScript
|
|||||||
Location location = new Location(filePlan);
|
Location location = new Location(filePlan);
|
||||||
importerService.importView(viewReader, location, null, null);
|
importerService.importView(viewReader, location, null, null);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Patch data
|
// Patch data
|
||||||
BootstrapTestDataGet.patchLoadedData(applicationContext, searchService, nodeService, recordsManagementService,
|
BootstrapTestDataGet.patchLoadedData(applicationContext, searchService, nodeService, recordsManagementService,
|
||||||
recordsManagementActionService, permissionService,
|
recordsManagementActionService, permissionService,
|
||||||
authorityService, recordsManagementSecurityService,
|
authorityService, recordsManagementSecurityService,
|
||||||
recordsManagementSearchBehaviour,
|
recordsManagementSearchBehaviour,
|
||||||
dispositionService);
|
dispositionService);
|
||||||
|
|
||||||
Map<String, Object> model = new HashMap<String, Object>(1, 1.0f);
|
Map<String, Object> model = new HashMap<String, Object>(1, 1.0f);
|
||||||
model.put("success", true);
|
model.put("success", true);
|
||||||
|
|
||||||
return model;
|
return model;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Temp method to patch AMP'ed data
|
* Temp method to patch AMP'ed data
|
||||||
*
|
*
|
||||||
* @param searchService
|
* @param searchService
|
||||||
* @param nodeService
|
* @param nodeService
|
||||||
* @param recordsManagementService
|
* @param recordsManagementService
|
||||||
* @param recordsManagementActionService
|
* @param recordsManagementActionService
|
||||||
*/
|
*/
|
||||||
public static void patchLoadedData( final ApplicationContext applicationContext,
|
public static void patchLoadedData( final ApplicationContext applicationContext,
|
||||||
final SearchService searchService,
|
final SearchService searchService,
|
||||||
final NodeService nodeService,
|
final NodeService nodeService,
|
||||||
final RecordsManagementService recordsManagementService,
|
final RecordsManagementService recordsManagementService,
|
||||||
final RecordsManagementActionService recordsManagementActionService,
|
final RecordsManagementActionService recordsManagementActionService,
|
||||||
final PermissionService permissionService,
|
final PermissionService permissionService,
|
||||||
@@ -249,20 +252,20 @@ public class BootstrapTestDataGet extends DeclarativeWebScript
|
|||||||
logger.info("Updating permissions for rm root: " + rmRoot);
|
logger.info("Updating permissions for rm root: " + rmRoot);
|
||||||
permissionService.setInheritParentPermissions(rmRoot, false);
|
permissionService.setInheritParentPermissions(rmRoot, false);
|
||||||
}
|
}
|
||||||
|
|
||||||
String allRoleShortName = "AllRoles" + rmRoot.getId();
|
String allRoleShortName = "AllRoles" + rmRoot.getId();
|
||||||
String allRoleGroupName = authorityService.getName(AuthorityType.GROUP, allRoleShortName);
|
String allRoleGroupName = authorityService.getName(AuthorityType.GROUP, allRoleShortName);
|
||||||
|
|
||||||
if (authorityService.authorityExists(allRoleGroupName) == false)
|
if (authorityService.authorityExists(allRoleGroupName) == false)
|
||||||
{
|
{
|
||||||
logger.info("Creating all roles group for root node: " + rmRoot.toString());
|
logger.info("Creating all roles group for root node: " + rmRoot.toString());
|
||||||
|
|
||||||
// Create "all" role group for root node
|
// Create "all" role group for root node
|
||||||
String allRoles = authorityService.createAuthority(AuthorityType.GROUP,
|
String allRoles = authorityService.createAuthority(AuthorityType.GROUP,
|
||||||
allRoleShortName,
|
allRoleShortName,
|
||||||
"All Roles",
|
"All Roles",
|
||||||
null);
|
new HashSet<String>(Arrays.asList(RMAuthority.ZONE_APP_RM)));
|
||||||
|
|
||||||
// Put all the role groups in it
|
// Put all the role groups in it
|
||||||
Set<Role> roles = recordsManagementSecurityService.getRoles(rmRoot);
|
Set<Role> roles = recordsManagementSecurityService.getRoles(rmRoot);
|
||||||
for (Role role : roles)
|
for (Role role : roles)
|
||||||
@@ -270,22 +273,22 @@ public class BootstrapTestDataGet extends DeclarativeWebScript
|
|||||||
logger.info(" - adding role group " + role.getRoleGroupName() + " to all roles group");
|
logger.info(" - adding role group " + role.getRoleGroupName() + " to all roles group");
|
||||||
authorityService.addAuthority(allRoles, role.getRoleGroupName());
|
authorityService.addAuthority(allRoles, role.getRoleGroupName());
|
||||||
}
|
}
|
||||||
|
|
||||||
// Set the permissions
|
// Set the permissions
|
||||||
permissionService.setPermission(rmRoot, allRoles, RMPermissionModel.READ_RECORDS, true);
|
permissionService.setPermission(rmRoot, allRoles, RMPermissionModel.READ_RECORDS, true);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Make sure all the containers do not inherit permissions
|
// Make sure all the containers do not inherit permissions
|
||||||
ResultSet rs = searchService.query(SPACES_STORE, SearchService.LANGUAGE_LUCENE, "TYPE:\"rma:recordsManagementContainer\"");
|
ResultSet rs = searchService.query(SPACES_STORE, SearchService.LANGUAGE_LUCENE, "TYPE:\"rma:recordsManagementContainer\"");
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
logger.info("Bootstraping " + rs.length() + " record containers ...");
|
logger.info("Bootstraping " + rs.length() + " record containers ...");
|
||||||
|
|
||||||
for (NodeRef container : rs.getNodeRefs())
|
for (NodeRef container : rs.getNodeRefs())
|
||||||
{
|
{
|
||||||
String containerName = (String)nodeService.getProperty(container, ContentModel.PROP_NAME);
|
String containerName = (String)nodeService.getProperty(container, ContentModel.PROP_NAME);
|
||||||
|
|
||||||
// Set permissions
|
// Set permissions
|
||||||
if (permissionService.getInheritParentPermissions(container) == true)
|
if (permissionService.getInheritParentPermissions(container) == true)
|
||||||
{
|
{
|
||||||
@@ -298,24 +301,24 @@ public class BootstrapTestDataGet extends DeclarativeWebScript
|
|||||||
{
|
{
|
||||||
rs.close();
|
rs.close();
|
||||||
}
|
}
|
||||||
|
|
||||||
// fix up the test dataset to fire initial events for disposition schedules
|
// fix up the test dataset to fire initial events for disposition schedules
|
||||||
rs = searchService.query(SPACES_STORE, SearchService.LANGUAGE_LUCENE, "TYPE:\"rma:recordFolder\"");
|
rs = searchService.query(SPACES_STORE, SearchService.LANGUAGE_LUCENE, "TYPE:\"rma:recordFolder\"");
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
logger.info("Bootstraping " + rs.length() + " record folders ...");
|
logger.info("Bootstraping " + rs.length() + " record folders ...");
|
||||||
|
|
||||||
for (NodeRef recordFolder : rs.getNodeRefs())
|
for (NodeRef recordFolder : rs.getNodeRefs())
|
||||||
{
|
{
|
||||||
String folderName = (String)nodeService.getProperty(recordFolder, ContentModel.PROP_NAME);
|
String folderName = (String)nodeService.getProperty(recordFolder, ContentModel.PROP_NAME);
|
||||||
|
|
||||||
// Set permissions
|
// Set permissions
|
||||||
if (permissionService.getInheritParentPermissions(recordFolder) == true)
|
if (permissionService.getInheritParentPermissions(recordFolder) == true)
|
||||||
{
|
{
|
||||||
logger.info("Updating permissions for record folder: " + folderName);
|
logger.info("Updating permissions for record folder: " + folderName);
|
||||||
permissionService.setInheritParentPermissions(recordFolder, false);
|
permissionService.setInheritParentPermissions(recordFolder, false);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (nodeService.hasAspect(recordFolder, ASPECT_DISPOSITION_LIFECYCLE) == false)
|
if (nodeService.hasAspect(recordFolder, ASPECT_DISPOSITION_LIFECYCLE) == false)
|
||||||
{
|
{
|
||||||
// See if the folder has a disposition schedule that needs to be applied
|
// See if the folder has a disposition schedule that needs to be applied
|
||||||
@@ -328,7 +331,7 @@ public class BootstrapTestDataGet extends DeclarativeWebScript
|
|||||||
recordService.initialiseRecordFolder(recordFolder);
|
recordService.initialiseRecordFolder(recordFolder);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// fixup the search behaviour aspect for the record folder
|
// fixup the search behaviour aspect for the record folder
|
||||||
logger.info("Setting up search aspect for record folder: " + folderName);
|
logger.info("Setting up search aspect for record folder: " + folderName);
|
||||||
recordManagementSearchBehaviour.fixupSearchAspect(recordFolder);
|
recordManagementSearchBehaviour.fixupSearchAspect(recordFolder);
|
||||||
@@ -338,12 +341,12 @@ public class BootstrapTestDataGet extends DeclarativeWebScript
|
|||||||
{
|
{
|
||||||
rs.close();
|
rs.close();
|
||||||
}
|
}
|
||||||
|
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
AuthenticationUtil.runAs(runAsWork, AuthenticationUtil.getAdminUserName());
|
AuthenticationUtil.runAs(runAsWork, AuthenticationUtil.getAdminUserName());
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -0,0 +1,33 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (C) 2005-2013 Alfresco Software Limited.
|
||||||
|
*
|
||||||
|
* This file is part of Alfresco
|
||||||
|
*
|
||||||
|
* Alfresco is free software: you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU Lesser General Public License as published by
|
||||||
|
* the Free Software Foundation, either version 3 of the License, or
|
||||||
|
* (at your option) any later version.
|
||||||
|
*
|
||||||
|
* Alfresco is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU Lesser General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU Lesser General Public License
|
||||||
|
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
package org.alfresco.repo.security.authority;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Interface for defining constants
|
||||||
|
*
|
||||||
|
* @author Tuna Aksoy
|
||||||
|
* @since 2.1
|
||||||
|
*/
|
||||||
|
public interface RMAuthority
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* The default rm zone.
|
||||||
|
*/
|
||||||
|
public static String ZONE_APP_RM = "APP.RM";
|
||||||
|
}
|
||||||
File diff suppressed because it is too large
Load Diff
Reference in New Issue
Block a user