mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-07-31 17:39:05 +00:00
RM-819: Only the creating user can move a record
RM-942: It's possible to move/copy/link to/from and delete from closed folder * general reliability of copy/link/move record actions improved * MoveRecords capability added as assignable * various scenarios tested and documented expected behaviour on related issues git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@56225 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Roy Wetherall
@@ -107,14 +107,17 @@
|
|||||||
<bean id="rmLinkToRecordsCapability"
|
<bean id="rmLinkToRecordsCapability"
|
||||||
parent="declarativeCapability">
|
parent="declarativeCapability">
|
||||||
<property name="name" value="LinkToRecords"/>
|
<property name="name" value="LinkToRecords"/>
|
||||||
<property name="private" value="true" />
|
<property name="permission" value="LinkToRecords" />
|
||||||
<property name="conditions">
|
<property name="conditions">
|
||||||
<map>
|
<map>
|
||||||
|
<entry key="capabilityCondition.filling" value="true"/>
|
||||||
<entry key="capabilityCondition.frozen" value="false"/>
|
<entry key="capabilityCondition.frozen" value="false"/>
|
||||||
<entry key="capabilityCondition.recordFiled" value="true"/> <!-- Can only link a filed record -->
|
<entry key="capabilityCondition.recordFiled" value="true"/> <!-- Can only link a filed record -->
|
||||||
</map>
|
</map>
|
||||||
</property>
|
</property>
|
||||||
<property name="targetCapability" ref="rmFileRecordsCapability" />
|
<property name="targetCapability" ref="rmFilePermissionOnly" />
|
||||||
|
<property name="group"><ref bean="recordsGroup"/></property>
|
||||||
|
<property name="index" value="45" />
|
||||||
</bean>
|
</bean>
|
||||||
|
|
||||||
<bean id="rmFileUnfiledRecordsCapability"
|
<bean id="rmFileUnfiledRecordsCapability"
|
||||||
@@ -128,11 +131,25 @@
|
|||||||
<entry key="capabilityCondition.recordFiled" value="false"/> <!-- Checks that the node hasn't been filed -->
|
<entry key="capabilityCondition.recordFiled" value="false"/> <!-- Checks that the node hasn't been filed -->
|
||||||
</map>
|
</map>
|
||||||
</property>
|
</property>
|
||||||
<property name="targetCapability" ref="rmFileRecordsCapability" /> <!-- Checks that the user has the correct capability on the destination folder -->
|
<property name="targetCapability" ref="rmFilePermissionOnly" /> <!-- Checks that the user has the correct capability on the destination folder -->
|
||||||
<property name="group"><ref bean="recordsGroup"/></property>
|
<property name="group"><ref bean="recordsGroup"/></property>
|
||||||
<property name="index" value="41" />
|
<property name="index" value="41" />
|
||||||
</bean>
|
</bean>
|
||||||
|
|
||||||
|
<bean id="rmFilePermissionOnly"
|
||||||
|
parent="declarativeCapability" > <!-- Checks for filling permission only, useful for destination checks -->
|
||||||
|
<property name="name" value="FillingPermissionOnly"/>
|
||||||
|
<property name="private" value="true" />
|
||||||
|
<property name="conditions">
|
||||||
|
<map>
|
||||||
|
<entry key="capabilityCondition.filling" value="true"/> <!-- Checks if the user has the filling capability -->
|
||||||
|
<entry key="capabilityCondition.closed" value="false"/>
|
||||||
|
<entry key="capabilityCondition.frozen" value="false"/>
|
||||||
|
<entry key="capabilityCondition.cutoff" value="false"/>
|
||||||
|
</map>
|
||||||
|
</property>
|
||||||
|
</bean>
|
||||||
|
|
||||||
<bean id="rmDeclareRecordsCapability"
|
<bean id="rmDeclareRecordsCapability"
|
||||||
parent="declarativeCapability">
|
parent="declarativeCapability">
|
||||||
<property name="name" value="DeclareRecords"/>
|
<property name="name" value="DeclareRecords"/>
|
||||||
@@ -243,12 +260,13 @@
|
|||||||
<property name="kind" value="RECORD" />
|
<property name="kind" value="RECORD" />
|
||||||
<property name="conditions">
|
<property name="conditions">
|
||||||
<map>
|
<map>
|
||||||
|
<entry key="capabilityCondition.filling" value="true"/>
|
||||||
<entry key="capabilityCondition.frozen" value="false"/>
|
<entry key="capabilityCondition.frozen" value="false"/>
|
||||||
<entry key="capabilityCondition.recordFiled" value="true"/> <!-- Can only move a filed record -->
|
<entry key="capabilityCondition.recordFiled" value="true"/> <!-- Can only move a filed record -->
|
||||||
<entry key="capabilityCondition.cutoff" value="false"/> <!-- Can not move a record once it is cutoff -->
|
<entry key="capabilityCondition.cutoff" value="false"/> <!-- Can not move a record once it is cutoff -->
|
||||||
</map>
|
</map>
|
||||||
</property>
|
</property>
|
||||||
<property name="targetCapability" ref="rmFileRecordsCapability"/>
|
<property name="targetCapability" ref="rmFilePermissionOnly"/>
|
||||||
<property name="group"><ref bean="recordsGroup"/></property>
|
<property name="group"><ref bean="recordsGroup"/></property>
|
||||||
<property name="index" value="40" />
|
<property name="index" value="40" />
|
||||||
</bean>
|
</bean>
|
||||||
|
|||||||
@@ -5,8 +5,9 @@ capability.ViewRecords.title=View Records
|
|||||||
capability.UndeclareRecords.title=Reopen Records
|
capability.UndeclareRecords.title=Reopen Records
|
||||||
capability.CreateRecords.title=Create Records
|
capability.CreateRecords.title=Create Records
|
||||||
capability.RequestRecordInformation.title=Request Record Information
|
capability.RequestRecordInformation.title=Request Record Information
|
||||||
capability.RejectRecords=Reject Records
|
capability.RejectRecords.title=Reject Records
|
||||||
capability.FileUnfiledRecords=File Unfiled Records
|
capability.FileUnfiledRecords.title=File Unfiled Records
|
||||||
|
capability.LinkToRecords.title=Link Records
|
||||||
|
|
||||||
# Metadata Control
|
# Metadata Control
|
||||||
capability.group.metadataControl.title=Metadata Control
|
capability.group.metadataControl.title=Metadata Control
|
||||||
|
|||||||
@@ -86,6 +86,7 @@
|
|||||||
<includePermissionGroup type="rma:filePlanComponent" permissionGroup="FileDestructionReport"/>
|
<includePermissionGroup type="rma:filePlanComponent" permissionGroup="FileDestructionReport"/>
|
||||||
<includePermissionGroup type="rma:filePlanComponent" permissionGroup="FileUnfiledRecords"/>
|
<includePermissionGroup type="rma:filePlanComponent" permissionGroup="FileUnfiledRecords"/>
|
||||||
<includePermissionGroup type="rma:filePlanComponent" permissionGroup="RejectRecords"/>
|
<includePermissionGroup type="rma:filePlanComponent" permissionGroup="RejectRecords"/>
|
||||||
|
<includePermissionGroup type="rma:filePlanComponent" permissionGroup="LinkToRecords"/>
|
||||||
</permissionGroup>
|
</permissionGroup>
|
||||||
|
|
||||||
<permissionGroup name="Filing" allowFullControl="false" expose="true">
|
<permissionGroup name="Filing" allowFullControl="false" expose="true">
|
||||||
@@ -164,6 +165,7 @@
|
|||||||
<permissionGroup name="FileDestructionReport" expose="false" allowFullControl="false"/>
|
<permissionGroup name="FileDestructionReport" expose="false" allowFullControl="false"/>
|
||||||
<permissionGroup name="RejectRecords" expose="false" allowFullControl="false"/>
|
<permissionGroup name="RejectRecords" expose="false" allowFullControl="false"/>
|
||||||
<permissionGroup name="FileUnfiledRecords" expose="false" allowFullControl="false"/>
|
<permissionGroup name="FileUnfiledRecords" expose="false" allowFullControl="false"/>
|
||||||
|
<permissionGroup name="LinkToRecords" expose="false" allowFullControl="false"/>
|
||||||
|
|
||||||
<!-- End -->
|
<!-- End -->
|
||||||
|
|
||||||
@@ -433,6 +435,10 @@
|
|||||||
<grantedToGroup permissionGroup="RejectRecords"/>
|
<grantedToGroup permissionGroup="RejectRecords"/>
|
||||||
</permission>
|
</permission>
|
||||||
|
|
||||||
|
<permission name="_LinkToRecords" expose="false">
|
||||||
|
<grantedToGroup permissionGroup="LinkToRecords"/>
|
||||||
|
</permission>
|
||||||
|
|
||||||
</permissionSet>
|
</permissionSet>
|
||||||
|
|
||||||
</permissions>
|
</permissions>
|
||||||
@@ -48,7 +48,8 @@
|
|||||||
"PlanningReviewCycles",
|
"PlanningReviewCycles",
|
||||||
"RequestRecordInformation",
|
"RequestRecordInformation",
|
||||||
"FileUnfiledRecords",
|
"FileUnfiledRecords",
|
||||||
"RejectRecords"
|
"RejectRecords",
|
||||||
|
"LinkToRecords"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@@ -71,7 +72,8 @@
|
|||||||
"PlanningReviewCycles",
|
"PlanningReviewCycles",
|
||||||
"RequestRecordInformation",
|
"RequestRecordInformation",
|
||||||
"FileUnfiledRecords",
|
"FileUnfiledRecords",
|
||||||
"RejectRecords"
|
"RejectRecords",
|
||||||
|
"LinkToRecords"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@@ -134,7 +136,8 @@
|
|||||||
"RequestRecordInformation",
|
"RequestRecordInformation",
|
||||||
"FileDestructionReport",
|
"FileDestructionReport",
|
||||||
"FileUnfiledRecords",
|
"FileUnfiledRecords",
|
||||||
"RejectRecords"
|
"RejectRecords",
|
||||||
|
"LinkToRecords"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@@ -199,7 +202,8 @@
|
|||||||
"RequestRecordInformation",
|
"RequestRecordInformation",
|
||||||
"FileDestructionReport",
|
"FileDestructionReport",
|
||||||
"FileUnfiledRecords",
|
"FileUnfiledRecords",
|
||||||
"RejectRecords"
|
"RejectRecords",
|
||||||
|
"LinkToRecords"
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
|||||||
@@ -370,12 +370,20 @@ public class RecordCopyBehaviours implements RecordsManagementModel
|
|||||||
final NodeService nodeService = rmServiceRegistry.getNodeService();
|
final NodeService nodeService = rmServiceRegistry.getNodeService();
|
||||||
|
|
||||||
//Generate the id for the copy
|
//Generate the id for the copy
|
||||||
String id = rmIdentifierService.generateIdentifier(nodeService.getType(nodeService.getPrimaryParent(targetNodeRef).getParentRef()), (nodeService.getPrimaryParent(targetNodeRef).getParentRef()));
|
String id = rmIdentifierService.generateIdentifier(
|
||||||
|
nodeService.getType(nodeService.getPrimaryParent(targetNodeRef).getParentRef()),
|
||||||
|
(nodeService.getPrimaryParent(targetNodeRef).getParentRef()));
|
||||||
|
|
||||||
//We need to allow the id to be overwritten disable the policy protecting changes to the id
|
//We need to allow the id to be overwritten disable the policy protecting changes to the id
|
||||||
behaviourFilter.disableBehaviour(targetNodeRef, ASPECT_RECORD_COMPONENT_ID);
|
behaviourFilter.disableBehaviour();
|
||||||
|
try
|
||||||
|
{
|
||||||
nodeService.setProperty(targetNodeRef, PROP_IDENTIFIER, id);
|
nodeService.setProperty(targetNodeRef, PROP_IDENTIFIER, id);
|
||||||
behaviourFilter.enableBehaviour(targetNodeRef, ASPECT_RECORD_COMPONENT_ID);
|
}
|
||||||
|
finally
|
||||||
|
{
|
||||||
|
behaviourFilter.enableBehaviour();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -130,7 +130,13 @@ public class RMv21CapabilityPatch extends ModulePatchComponent
|
|||||||
FilePlanRoleService.ROLE_POWER_USER,
|
FilePlanRoleService.ROLE_POWER_USER,
|
||||||
FilePlanRoleService.ROLE_RECORDS_MANAGER,
|
FilePlanRoleService.ROLE_RECORDS_MANAGER,
|
||||||
FilePlanRoleService.ROLE_SECURITY_OFFICER);
|
FilePlanRoleService.ROLE_SECURITY_OFFICER);
|
||||||
}
|
addCapability(filePlan,
|
||||||
|
"LinkToRecords",
|
||||||
|
FilePlanRoleService.ROLE_ADMIN,
|
||||||
|
FilePlanRoleService.ROLE_POWER_USER,
|
||||||
|
FilePlanRoleService.ROLE_RECORDS_MANAGER,
|
||||||
|
FilePlanRoleService.ROLE_SECURITY_OFFICER);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
Reference in New Issue
Block a user