mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-08-07 17:49:17 +00:00
RM-1661 (Performance on setting permissions at a high category level)
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/BRANCHES/V2.1.0.x@88087 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Tuna Aksoy
@@ -341,6 +341,7 @@
|
|||||||
<property name="kinds">
|
<property name="kinds">
|
||||||
<set>
|
<set>
|
||||||
<value>FILE_PLAN</value>
|
<value>FILE_PLAN</value>
|
||||||
|
<value>RECORD</value>
|
||||||
<value>RECORD_CATEGORY</value>
|
<value>RECORD_CATEGORY</value>
|
||||||
<value>RECORD_FOLDER</value>
|
<value>RECORD_FOLDER</value>
|
||||||
<value>UNFILED_RECORD_CONTAINER</value>
|
<value>UNFILED_RECORD_CONTAINER</value>
|
||||||
|
|||||||
@@ -370,7 +370,6 @@ public class FilePlanServiceImpl extends ServiceBaseImpl
|
|||||||
getPermissionService().setPermission(container, allRoles, RMPermissionModel.READ_RECORDS, true);
|
getPermissionService().setPermission(container, allRoles, RMPermissionModel.READ_RECORDS, true);
|
||||||
getPermissionService().setPermission(container, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.READ_RECORDS, true);
|
getPermissionService().setPermission(container, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.READ_RECORDS, true);
|
||||||
getPermissionService().setPermission(container, ExtendedWriterDynamicAuthority.EXTENDED_WRITER, RMPermissionModel.FILING, true);
|
getPermissionService().setPermission(container, ExtendedWriterDynamicAuthority.EXTENDED_WRITER, RMPermissionModel.FILING, true);
|
||||||
getPermissionService().setPermission(container, "Administrator", RMPermissionModel.FILING, true);
|
|
||||||
|
|
||||||
// TODO set the admin users to have filing permissions on the unfiled container!!!
|
// TODO set the admin users to have filing permissions on the unfiled container!!!
|
||||||
// TODO we will need to be able to get a list of the admin roles from the service
|
// TODO we will need to be able to get a list of the admin roles from the service
|
||||||
|
|||||||
@@ -18,6 +18,8 @@
|
|||||||
*/
|
*/
|
||||||
package org.alfresco.module.org_alfresco_module_rm.security;
|
package org.alfresco.module.org_alfresco_module_rm.security;
|
||||||
|
|
||||||
|
import static org.apache.commons.lang.BooleanUtils.isTrue;
|
||||||
|
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
@@ -156,48 +158,46 @@ public class FilePlanPermissionServiceImpl extends ServiceBaseImpl
|
|||||||
/**
|
/**
|
||||||
* @param childAssocRef
|
* @param childAssocRef
|
||||||
*/
|
*/
|
||||||
public void onCreateRMContainer(ChildAssociationRef childAssocRef)
|
public void onCreateRMContainer(final ChildAssociationRef childAssocRef)
|
||||||
{
|
{
|
||||||
final NodeRef recordCategory = childAssocRef.getChildRef();
|
|
||||||
setUpPermissions(recordCategory);
|
|
||||||
|
|
||||||
// Pull any permissions found on the parent (ie the record category)
|
// Pull any permissions found on the parent (ie the record category)
|
||||||
final NodeRef parentNodeRef = childAssocRef.getParentRef();
|
final NodeRef parentNodeRef = childAssocRef.getParentRef();
|
||||||
if (parentNodeRef != null && nodeService.exists(parentNodeRef) == true)
|
if (parentNodeRef != null && nodeService.exists(parentNodeRef))
|
||||||
{
|
{
|
||||||
AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
|
AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
|
||||||
{
|
{
|
||||||
public Object doWork()
|
public Object doWork()
|
||||||
{
|
{
|
||||||
boolean fillingOnly = false;
|
NodeRef recordCategory = childAssocRef.getChildRef();
|
||||||
if (filePlanService.isFilePlan(parentNodeRef) == true)
|
boolean isParentNodeFilePlan = filePlanService.isFilePlan(parentNodeRef);
|
||||||
{
|
setUpPermissions(recordCategory, isParentNodeFilePlan);
|
||||||
fillingOnly = true;
|
|
||||||
}
|
|
||||||
|
|
||||||
// since this is not a root category, inherit from parent
|
// since this is not a root category, inherit from parent
|
||||||
Set<AccessPermission> perms = permissionService.getAllSetPermissions(parentNodeRef);
|
if (isParentNodeFilePlan)
|
||||||
for (AccessPermission perm : perms)
|
|
||||||
{
|
{
|
||||||
if (fillingOnly == false ||
|
Set<AccessPermission> perms = permissionService.getAllSetPermissions(parentNodeRef);
|
||||||
RMPermissionModel.FILING.equals(perm.getPermission()) == true)
|
for (AccessPermission perm : perms)
|
||||||
{
|
{
|
||||||
AccessStatus accessStatus = perm.getAccessStatus();
|
if (RMPermissionModel.FILING.equals(perm.getPermission()))
|
||||||
boolean allow = false;
|
|
||||||
if (AccessStatus.ALLOWED.equals(accessStatus) == true)
|
|
||||||
{
|
{
|
||||||
allow = true;
|
AccessStatus accessStatus = perm.getAccessStatus();
|
||||||
|
boolean allow = false;
|
||||||
|
if (AccessStatus.ALLOWED.equals(accessStatus))
|
||||||
|
{
|
||||||
|
allow = true;
|
||||||
|
}
|
||||||
|
permissionService.setPermission(
|
||||||
|
recordCategory,
|
||||||
|
perm.getAuthority(),
|
||||||
|
perm.getPermission(),
|
||||||
|
allow);
|
||||||
}
|
}
|
||||||
permissionService.setPermission(
|
|
||||||
recordCategory,
|
|
||||||
perm.getAuthority(),
|
|
||||||
perm.getPermission(),
|
|
||||||
allow);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
}, AuthenticationUtil.getSystemUserName());
|
}, AuthenticationUtil.getSystemUserName());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -214,7 +214,8 @@ public class FilePlanPermissionServiceImpl extends ServiceBaseImpl
|
|||||||
|
|
||||||
// Pull any permissions found on the parent (ie the record category)
|
// Pull any permissions found on the parent (ie the record category)
|
||||||
final NodeRef catNodeRef = childAssocRef.getParentRef();
|
final NodeRef catNodeRef = childAssocRef.getParentRef();
|
||||||
if (nodeService.exists(catNodeRef) == true)
|
if (!permissionService.getInheritParentPermissions(folderNodeRef) &&
|
||||||
|
nodeService.exists(catNodeRef))
|
||||||
{
|
{
|
||||||
AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
|
AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
|
||||||
{
|
{
|
||||||
@@ -223,8 +224,8 @@ public class FilePlanPermissionServiceImpl extends ServiceBaseImpl
|
|||||||
Set<AccessPermission> perms = permissionService.getAllSetPermissions(catNodeRef);
|
Set<AccessPermission> perms = permissionService.getAllSetPermissions(catNodeRef);
|
||||||
for (AccessPermission perm : perms)
|
for (AccessPermission perm : perms)
|
||||||
{
|
{
|
||||||
if (ExtendedReaderDynamicAuthority.EXTENDED_READER.equals(perm.getAuthority()) == false &&
|
if (!ExtendedReaderDynamicAuthority.EXTENDED_READER.equals(perm.getAuthority()) &&
|
||||||
ExtendedWriterDynamicAuthority.EXTENDED_WRITER.equals(perm.getAuthority()) == false)
|
!ExtendedWriterDynamicAuthority.EXTENDED_WRITER.equals(perm.getAuthority()))
|
||||||
{
|
{
|
||||||
AccessStatus accessStatus = perm.getAccessStatus();
|
AccessStatus accessStatus = perm.getAccessStatus();
|
||||||
boolean allow = false;
|
boolean allow = false;
|
||||||
@@ -326,26 +327,28 @@ public class FilePlanPermissionServiceImpl extends ServiceBaseImpl
|
|||||||
{
|
{
|
||||||
setUpPermissions(record);
|
setUpPermissions(record);
|
||||||
|
|
||||||
Set<AccessPermission> perms = permissionService.getAllSetPermissions(parent);
|
if (!permissionService.getInheritParentPermissions(record))
|
||||||
for (AccessPermission perm : perms)
|
|
||||||
{
|
{
|
||||||
if (ExtendedReaderDynamicAuthority.EXTENDED_READER.equals(perm.getAuthority()) == false &&
|
Set<AccessPermission> perms = permissionService.getAllSetPermissions(parent);
|
||||||
ExtendedWriterDynamicAuthority.EXTENDED_WRITER.equals(perm.getAuthority()) == false)
|
for (AccessPermission perm : perms)
|
||||||
{
|
{
|
||||||
AccessStatus accessStatus = perm.getAccessStatus();
|
if (!ExtendedReaderDynamicAuthority.EXTENDED_READER.equals(perm.getAuthority()) &&
|
||||||
boolean allow = false;
|
!ExtendedWriterDynamicAuthority.EXTENDED_WRITER.equals(perm.getAuthority()))
|
||||||
if (AccessStatus.ALLOWED.equals(accessStatus) == true)
|
|
||||||
{
|
{
|
||||||
allow = true;
|
AccessStatus accessStatus = perm.getAccessStatus();
|
||||||
|
boolean allow = false;
|
||||||
|
if (AccessStatus.ALLOWED.equals(accessStatus) == true)
|
||||||
|
{
|
||||||
|
allow = true;
|
||||||
|
}
|
||||||
|
permissionService.setPermission(
|
||||||
|
record,
|
||||||
|
perm.getAuthority(),
|
||||||
|
perm.getPermission(),
|
||||||
|
allow);
|
||||||
}
|
}
|
||||||
permissionService.setPermission(
|
|
||||||
record,
|
|
||||||
perm.getAuthority(),
|
|
||||||
perm.getPermission(),
|
|
||||||
allow);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -407,14 +410,19 @@ public class FilePlanPermissionServiceImpl extends ServiceBaseImpl
|
|||||||
*/
|
*/
|
||||||
public void setUpPermissions(final NodeRef nodeRef)
|
public void setUpPermissions(final NodeRef nodeRef)
|
||||||
{
|
{
|
||||||
if (nodeService.exists(nodeRef) == true)
|
setUpPermissions(nodeRef, null);
|
||||||
|
}
|
||||||
|
|
||||||
|
private void setUpPermissions(final NodeRef nodeRef, final Boolean isParentNodeFilePlan)
|
||||||
|
{
|
||||||
|
if (nodeService.exists(nodeRef))
|
||||||
{
|
{
|
||||||
AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
|
AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
|
||||||
{
|
{
|
||||||
public Object doWork()
|
public Object doWork()
|
||||||
{
|
{
|
||||||
// break inheritance
|
// break inheritance
|
||||||
permissionService.setInheritParentPermissions(nodeRef, false);
|
permissionService.setInheritParentPermissions(nodeRef, isInheritanceAllowed(nodeRef, isParentNodeFilePlan));
|
||||||
|
|
||||||
// set extended reader permissions
|
// set extended reader permissions
|
||||||
permissionService.setPermission(nodeRef, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.READ_RECORDS, true);
|
permissionService.setPermission(nodeRef, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.READ_RECORDS, true);
|
||||||
@@ -426,6 +434,11 @@ public class FilePlanPermissionServiceImpl extends ServiceBaseImpl
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private boolean isInheritanceAllowed(NodeRef nodeRef, Boolean isParentNodeFilePlan)
|
||||||
|
{
|
||||||
|
return !(isFilePlan(nodeRef) || isHold(nodeRef) || isTransfer(nodeRef) || (isRecordCategory(nodeRef) && isTrue(isParentNodeFilePlan)));
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#setPermission(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String, boolean)
|
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#setPermission(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String, boolean)
|
||||||
*/
|
*/
|
||||||
@@ -439,20 +452,16 @@ public class FilePlanPermissionServiceImpl extends ServiceBaseImpl
|
|||||||
{
|
{
|
||||||
public Boolean doWork() throws Exception
|
public Boolean doWork() throws Exception
|
||||||
{
|
{
|
||||||
if (filePlanService.isFilePlan(nodeRef) == true)
|
if (filePlanService.isFilePlan(nodeRef) ||
|
||||||
|
filePlanService.isFilePlanContainer(nodeRef) ||
|
||||||
|
recordsManagementService.isRecordFolder(nodeRef) ||
|
||||||
|
recordService.isRecord(nodeRef))
|
||||||
{
|
{
|
||||||
setPermissionDown(nodeRef, authority, permission);
|
|
||||||
}
|
|
||||||
else if (filePlanService.isFilePlanContainer(nodeRef) == true ||
|
|
||||||
recordsManagementService.isRecordFolder(nodeRef) == true ||
|
|
||||||
recordService.isRecord(nodeRef) == true)
|
|
||||||
{
|
|
||||||
setReadPermissionUp(nodeRef, authority);
|
|
||||||
setPermissionDown(nodeRef, authority, permission);
|
setPermissionDown(nodeRef, authority, permission);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
if (logger.isWarnEnabled() == true)
|
if (logger.isWarnEnabled())
|
||||||
{
|
{
|
||||||
logger.warn("Setting permissions for this node is not supported. (nodeRef=" + nodeRef + ", authority=" + authority + ", permission=" + permission + ")");
|
logger.warn("Setting permissions for this node is not supported. (nodeRef=" + nodeRef + ", authority=" + authority + ", permission=" + permission + ")");
|
||||||
}
|
}
|
||||||
@@ -463,38 +472,6 @@ public class FilePlanPermissionServiceImpl extends ServiceBaseImpl
|
|||||||
}, AuthenticationUtil.getSystemUserName());
|
}, AuthenticationUtil.getSystemUserName());
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Helper method to set the read permission up the hierarchy
|
|
||||||
*
|
|
||||||
* @param nodeRef node reference
|
|
||||||
* @param authority authority
|
|
||||||
*/
|
|
||||||
private void setReadPermissionUp(NodeRef nodeRef, String authority)
|
|
||||||
{
|
|
||||||
NodeRef parent = nodeService.getPrimaryParent(nodeRef).getParentRef();
|
|
||||||
if (parent != null && filePlanService.isFilePlanComponent(parent) == true)
|
|
||||||
{
|
|
||||||
setReadPermissionUpImpl(parent, authority);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Helper method used to set the read permission up the hierarchy
|
|
||||||
*
|
|
||||||
* @param nodeRef node reference
|
|
||||||
* @param authority authority
|
|
||||||
*/
|
|
||||||
private void setReadPermissionUpImpl(NodeRef nodeRef, String authority)
|
|
||||||
{
|
|
||||||
setPermissionImpl(nodeRef, authority, RMPermissionModel.READ_RECORDS);
|
|
||||||
|
|
||||||
NodeRef parent = nodeService.getPrimaryParent(nodeRef).getParentRef();
|
|
||||||
if (parent != null && filePlanService.isFilePlanComponent(parent) == true)
|
|
||||||
{
|
|
||||||
setReadPermissionUpImpl(parent, authority);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Helper method to set the permission down the hierarchy
|
* Helper method to set the permission down the hierarchy
|
||||||
*
|
*
|
||||||
@@ -504,27 +481,25 @@ public class FilePlanPermissionServiceImpl extends ServiceBaseImpl
|
|||||||
*/
|
*/
|
||||||
private void setPermissionDown(NodeRef nodeRef, String authority, String permission)
|
private void setPermissionDown(NodeRef nodeRef, String authority, String permission)
|
||||||
{
|
{
|
||||||
// skip out node's that inherit (for example hold and transfer)
|
// set permissions
|
||||||
if (permissionService.getInheritParentPermissions(nodeRef) == false)
|
setPermissionImpl(nodeRef, authority, permission);
|
||||||
{
|
|
||||||
// set permissions
|
|
||||||
setPermissionImpl(nodeRef, authority, permission);
|
|
||||||
|
|
||||||
if (filePlanService.isFilePlanContainer(nodeRef) == true ||
|
// skip out node's that inherit (for example hold and transfer)
|
||||||
recordsManagementService.isRecordFolder(nodeRef) == true)
|
if (!permissionService.getInheritParentPermissions(nodeRef) &&
|
||||||
|
(filePlanService.isFilePlanContainer(nodeRef) ||
|
||||||
|
recordsManagementService.isRecordFolder(nodeRef)))
|
||||||
|
{
|
||||||
|
List<ChildAssociationRef> assocs = nodeService.getChildAssocs(nodeRef, ContentModel.ASSOC_CONTAINS, RegexQNamePattern.MATCH_ALL);
|
||||||
|
for (ChildAssociationRef assoc : assocs)
|
||||||
{
|
{
|
||||||
List<ChildAssociationRef> assocs = nodeService.getChildAssocs(nodeRef, ContentModel.ASSOC_CONTAINS, RegexQNamePattern.MATCH_ALL);
|
NodeRef child = assoc.getChildRef();
|
||||||
for (ChildAssociationRef assoc : assocs)
|
if (filePlanService.isFilePlanContainer(child) ||
|
||||||
|
recordsManagementService.isRecordFolder(child) ||
|
||||||
|
recordService.isRecord(child) ||
|
||||||
|
instanceOf(child, TYPE_HOLD) ||
|
||||||
|
instanceOf(child, TYPE_TRANSFER))
|
||||||
{
|
{
|
||||||
NodeRef child = assoc.getChildRef();
|
setPermissionDown(child, authority, permission);
|
||||||
if (filePlanService.isFilePlanContainer(child) == true ||
|
|
||||||
recordsManagementService.isRecordFolder(child) == true ||
|
|
||||||
recordService.isRecord(child) == true ||
|
|
||||||
instanceOf(child, TYPE_HOLD) == true ||
|
|
||||||
instanceOf(child, TYPE_TRANSFER) == true)
|
|
||||||
{
|
|
||||||
setPermissionDown(child, authority, permission);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -557,27 +532,25 @@ public class FilePlanPermissionServiceImpl extends ServiceBaseImpl
|
|||||||
{
|
{
|
||||||
public Boolean doWork() throws Exception
|
public Boolean doWork() throws Exception
|
||||||
{
|
{
|
||||||
// can't delete permissions if inherited (eg hold and transfer containers)
|
// Delete permission on this node
|
||||||
if (permissionService.getInheritParentPermissions(nodeRef) == false)
|
permissionService.deletePermission(nodeRef, authority, permission);
|
||||||
{
|
|
||||||
// Delete permission on this node
|
|
||||||
permissionService.deletePermission(nodeRef, authority, permission);
|
|
||||||
|
|
||||||
if (filePlanService.isFilePlanContainer(nodeRef) == true ||
|
// can't delete permissions if inherited (eg hold and transfer containers)
|
||||||
recordsManagementService.isRecordFolder(nodeRef) == true)
|
if (!permissionService.getInheritParentPermissions(nodeRef) &&
|
||||||
|
(filePlanService.isFilePlanContainer(nodeRef) ||
|
||||||
|
recordsManagementService.isRecordFolder(nodeRef)))
|
||||||
|
{
|
||||||
|
List<ChildAssociationRef> assocs = nodeService.getChildAssocs(nodeRef, ContentModel.ASSOC_CONTAINS, RegexQNamePattern.MATCH_ALL);
|
||||||
|
for (ChildAssociationRef assoc : assocs)
|
||||||
{
|
{
|
||||||
List<ChildAssociationRef> assocs = nodeService.getChildAssocs(nodeRef, ContentModel.ASSOC_CONTAINS, RegexQNamePattern.MATCH_ALL);
|
NodeRef child = assoc.getChildRef();
|
||||||
for (ChildAssociationRef assoc : assocs)
|
if (filePlanService.isFilePlanContainer(child) ||
|
||||||
|
recordsManagementService.isRecordFolder(child) ||
|
||||||
|
recordService.isRecord(child)||
|
||||||
|
instanceOf(child, TYPE_HOLD) ||
|
||||||
|
instanceOf(child, TYPE_TRANSFER))
|
||||||
{
|
{
|
||||||
NodeRef child = assoc.getChildRef();
|
deletePermission(child, authority, permission);
|
||||||
if (filePlanService.isFilePlanContainer(child) == true ||
|
|
||||||
recordsManagementService.isRecordFolder(child) == true ||
|
|
||||||
recordService.isRecord(child) == true||
|
|
||||||
instanceOf(child, TYPE_HOLD) == true ||
|
|
||||||
instanceOf(child, TYPE_TRANSFER) == true)
|
|
||||||
{
|
|
||||||
deletePermission(child, authority, permission);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -222,7 +222,7 @@ public class FilePlanPermissionServiceImplTest extends BaseRMTestCase
|
|||||||
assertPermissions(userName,
|
assertPermissions(userName,
|
||||||
AccessStatus.ALLOWED, // fileplan read
|
AccessStatus.ALLOWED, // fileplan read
|
||||||
AccessStatus.DENIED, // fileplan file
|
AccessStatus.DENIED, // fileplan file
|
||||||
AccessStatus.ALLOWED, // category read
|
AccessStatus.DENIED, // category read
|
||||||
AccessStatus.DENIED, // category file
|
AccessStatus.DENIED, // category file
|
||||||
AccessStatus.ALLOWED, // record folder read
|
AccessStatus.ALLOWED, // record folder read
|
||||||
AccessStatus.ALLOWED, // record folder file
|
AccessStatus.ALLOWED, // record folder file
|
||||||
@@ -234,7 +234,7 @@ public class FilePlanPermissionServiceImplTest extends BaseRMTestCase
|
|||||||
assertPermissions(userName,
|
assertPermissions(userName,
|
||||||
AccessStatus.ALLOWED, // fileplan read
|
AccessStatus.ALLOWED, // fileplan read
|
||||||
AccessStatus.DENIED, // fileplan file
|
AccessStatus.DENIED, // fileplan file
|
||||||
AccessStatus.ALLOWED, // category read
|
AccessStatus.DENIED, // category read
|
||||||
AccessStatus.DENIED, // category file
|
AccessStatus.DENIED, // category file
|
||||||
AccessStatus.DENIED, // record folder read
|
AccessStatus.DENIED, // record folder read
|
||||||
AccessStatus.DENIED, // record folder file
|
AccessStatus.DENIED, // record folder file
|
||||||
@@ -264,9 +264,9 @@ public class FilePlanPermissionServiceImplTest extends BaseRMTestCase
|
|||||||
assertPermissions(userName,
|
assertPermissions(userName,
|
||||||
AccessStatus.ALLOWED, // fileplan read
|
AccessStatus.ALLOWED, // fileplan read
|
||||||
AccessStatus.DENIED, // fileplan file
|
AccessStatus.DENIED, // fileplan file
|
||||||
AccessStatus.ALLOWED, // category read
|
AccessStatus.DENIED, // category read
|
||||||
AccessStatus.DENIED, // category file
|
AccessStatus.DENIED, // category file
|
||||||
AccessStatus.ALLOWED, // record folder read
|
AccessStatus.DENIED, // record folder read
|
||||||
AccessStatus.DENIED, // record folder file
|
AccessStatus.DENIED, // record folder file
|
||||||
AccessStatus.ALLOWED, // record read
|
AccessStatus.ALLOWED, // record read
|
||||||
AccessStatus.ALLOWED); // record file
|
AccessStatus.ALLOWED); // record file
|
||||||
@@ -276,9 +276,9 @@ public class FilePlanPermissionServiceImplTest extends BaseRMTestCase
|
|||||||
assertPermissions(userName,
|
assertPermissions(userName,
|
||||||
AccessStatus.ALLOWED, // fileplan read
|
AccessStatus.ALLOWED, // fileplan read
|
||||||
AccessStatus.DENIED, // fileplan file
|
AccessStatus.DENIED, // fileplan file
|
||||||
AccessStatus.ALLOWED, // category read
|
AccessStatus.DENIED, // category read
|
||||||
AccessStatus.DENIED, // category file
|
AccessStatus.DENIED, // category file
|
||||||
AccessStatus.ALLOWED, // record folder read
|
AccessStatus.DENIED, // record folder read
|
||||||
AccessStatus.DENIED, // record folder file
|
AccessStatus.DENIED, // record folder file
|
||||||
AccessStatus.DENIED, // record read
|
AccessStatus.DENIED, // record read
|
||||||
AccessStatus.DENIED); // record file
|
AccessStatus.DENIED); // record file
|
||||||
@@ -364,7 +364,7 @@ public class FilePlanPermissionServiceImplTest extends BaseRMTestCase
|
|||||||
assertPermissions(userOne,
|
assertPermissions(userOne,
|
||||||
AccessStatus.ALLOWED, // fileplan read
|
AccessStatus.ALLOWED, // fileplan read
|
||||||
AccessStatus.DENIED, // fileplan file
|
AccessStatus.DENIED, // fileplan file
|
||||||
AccessStatus.ALLOWED, // category read
|
AccessStatus.DENIED, // category read
|
||||||
AccessStatus.DENIED, // category file
|
AccessStatus.DENIED, // category file
|
||||||
AccessStatus.ALLOWED, // record folder read
|
AccessStatus.ALLOWED, // record folder read
|
||||||
AccessStatus.ALLOWED, // record folder file
|
AccessStatus.ALLOWED, // record folder file
|
||||||
@@ -383,7 +383,7 @@ public class FilePlanPermissionServiceImplTest extends BaseRMTestCase
|
|||||||
assertPermissions(userTwo,
|
assertPermissions(userTwo,
|
||||||
AccessStatus.ALLOWED, // fileplan read
|
AccessStatus.ALLOWED, // fileplan read
|
||||||
AccessStatus.DENIED, // fileplan file
|
AccessStatus.DENIED, // fileplan file
|
||||||
AccessStatus.ALLOWED, // category read
|
AccessStatus.DENIED, // category read
|
||||||
AccessStatus.DENIED, // category file
|
AccessStatus.DENIED, // category file
|
||||||
AccessStatus.DENIED, // record folder read
|
AccessStatus.DENIED, // record folder read
|
||||||
AccessStatus.DENIED, // record folder file
|
AccessStatus.DENIED, // record folder file
|
||||||
@@ -402,9 +402,9 @@ public class FilePlanPermissionServiceImplTest extends BaseRMTestCase
|
|||||||
assertPermissions(userThree,
|
assertPermissions(userThree,
|
||||||
AccessStatus.ALLOWED, // fileplan read
|
AccessStatus.ALLOWED, // fileplan read
|
||||||
AccessStatus.DENIED, // fileplan file
|
AccessStatus.DENIED, // fileplan file
|
||||||
AccessStatus.ALLOWED, // category read
|
AccessStatus.DENIED, // category read
|
||||||
AccessStatus.DENIED, // category file
|
AccessStatus.DENIED, // category file
|
||||||
AccessStatus.ALLOWED, // record folder read
|
AccessStatus.DENIED, // record folder read
|
||||||
AccessStatus.DENIED, // record folder file
|
AccessStatus.DENIED, // record folder file
|
||||||
AccessStatus.ALLOWED, // record read
|
AccessStatus.ALLOWED, // record read
|
||||||
AccessStatus.ALLOWED); // record file
|
AccessStatus.ALLOWED); // record file
|
||||||
@@ -433,7 +433,7 @@ public class FilePlanPermissionServiceImplTest extends BaseRMTestCase
|
|||||||
assertPermissions(userOne,
|
assertPermissions(userOne,
|
||||||
AccessStatus.ALLOWED, // fileplan read
|
AccessStatus.ALLOWED, // fileplan read
|
||||||
AccessStatus.DENIED, // fileplan file
|
AccessStatus.DENIED, // fileplan file
|
||||||
AccessStatus.ALLOWED, // category read
|
AccessStatus.DENIED, // category read
|
||||||
AccessStatus.DENIED, // category file
|
AccessStatus.DENIED, // category file
|
||||||
AccessStatus.ALLOWED, // record folder read
|
AccessStatus.ALLOWED, // record folder read
|
||||||
AccessStatus.ALLOWED, // record folder file
|
AccessStatus.ALLOWED, // record folder file
|
||||||
@@ -452,7 +452,7 @@ public class FilePlanPermissionServiceImplTest extends BaseRMTestCase
|
|||||||
assertPermissions(userTwo,
|
assertPermissions(userTwo,
|
||||||
AccessStatus.ALLOWED, // fileplan read
|
AccessStatus.ALLOWED, // fileplan read
|
||||||
AccessStatus.DENIED, // fileplan file
|
AccessStatus.DENIED, // fileplan file
|
||||||
AccessStatus.ALLOWED, // category read
|
AccessStatus.DENIED, // category read
|
||||||
AccessStatus.DENIED, // category file
|
AccessStatus.DENIED, // category file
|
||||||
AccessStatus.DENIED, // record folder read
|
AccessStatus.DENIED, // record folder read
|
||||||
AccessStatus.DENIED, // record folder file
|
AccessStatus.DENIED, // record folder file
|
||||||
@@ -471,9 +471,9 @@ public class FilePlanPermissionServiceImplTest extends BaseRMTestCase
|
|||||||
assertPermissions(userThree,
|
assertPermissions(userThree,
|
||||||
AccessStatus.ALLOWED, // fileplan read
|
AccessStatus.ALLOWED, // fileplan read
|
||||||
AccessStatus.DENIED, // fileplan file
|
AccessStatus.DENIED, // fileplan file
|
||||||
AccessStatus.ALLOWED, // category read
|
AccessStatus.DENIED, // category read
|
||||||
AccessStatus.DENIED, // category file
|
AccessStatus.DENIED, // category file
|
||||||
AccessStatus.ALLOWED, // record folder read
|
AccessStatus.DENIED, // record folder read
|
||||||
AccessStatus.DENIED, // record folder file
|
AccessStatus.DENIED, // record folder file
|
||||||
AccessStatus.ALLOWED, // record read
|
AccessStatus.ALLOWED, // record read
|
||||||
AccessStatus.ALLOWED); // record file
|
AccessStatus.ALLOWED); // record file
|
||||||
@@ -482,7 +482,7 @@ public class FilePlanPermissionServiceImplTest extends BaseRMTestCase
|
|||||||
@Override
|
@Override
|
||||||
public Void run()
|
public Void run()
|
||||||
{
|
{
|
||||||
assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(otherFolder, RMPermissionModel.READ_RECORDS));
|
assertEquals(AccessStatus.DENIED, permissionService.hasPermission(otherFolder, RMPermissionModel.READ_RECORDS));
|
||||||
assertEquals(AccessStatus.DENIED, permissionService.hasPermission(otherFolder, RMPermissionModel.FILING));
|
assertEquals(AccessStatus.DENIED, permissionService.hasPermission(otherFolder, RMPermissionModel.FILING));
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user