inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

RM-1741 (Moved root category doesn't inherit permissions)

Browse Source 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/BRANCHES/V2.1.0.x@88686 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Tuna Aksoy
2014-10-17 18:26:26 +00:00
parent 3a550eb897
commit cd3e693b65
1 changed files with 56 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanPermissionServiceImpl.java
View File

@@ -34,6 +34,7 @@ import org.alfresco.repo.policy.Behaviour.NotificationFrequency;
import org.alfresco.repo.policy.JavaBehaviour; import org.alfresco.repo.policy.JavaBehaviour;
import org.alfresco.repo.policy.PolicyComponent; import org.alfresco.repo.policy.PolicyComponent;
import org.alfresco.repo.security.authentication.AuthenticationUtil; import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
import org.alfresco.service.cmr.repository.ChildAssociationRef; import org.alfresco.service.cmr.repository.ChildAssociationRef;
import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService; import org.alfresco.service.cmr.repository.NodeService;
@@ -53,7 +54,8 @@ import org.apache.commons.logging.LogFactory;
*/ */
public class FilePlanPermissionServiceImpl extends ServiceBaseImpl public class FilePlanPermissionServiceImpl extends ServiceBaseImpl
implements FilePlanPermissionService, implements FilePlanPermissionService,
RecordsManagementModel RecordsManagementModel,
NodeServicePolicies.OnMoveNodePolicy
{ {
/** Permission service */ /** Permission service */
protected PermissionService permissionService; protected PermissionService permissionService;
@@ -82,6 +84,10 @@ public class FilePlanPermissionServiceImpl extends ServiceBaseImpl
NodeServicePolicies.OnCreateNodePolicy.QNAME, NodeServicePolicies.OnCreateNodePolicy.QNAME,
TYPE_RECORD_CATEGORY, TYPE_RECORD_CATEGORY,
new JavaBehaviour(this, "onCreateRMContainer", NotificationFrequency.TRANSACTION_COMMIT)); new JavaBehaviour(this, "onCreateRMContainer", NotificationFrequency.TRANSACTION_COMMIT));
policyComponent.bindClassBehaviour(
NodeServicePolicies.OnMoveNodePolicy.QNAME,
TYPE_RECORD_CATEGORY,
new JavaBehaviour(this, "onMoveNode", NotificationFrequency.TRANSACTION_COMMIT));
policyComponent.bindClassBehaviour( policyComponent.bindClassBehaviour(
NodeServicePolicies.OnCreateNodePolicy.QNAME, NodeServicePolicies.OnCreateNodePolicy.QNAME,
TYPE_RECORD_FOLDER, TYPE_RECORD_FOLDER,
@@ -312,6 +318,55 @@ public class FilePlanPermissionServiceImpl extends ServiceBaseImpl
}); });
} }
/**
* @see org.alfresco.repo.node.NodeServicePolicies.OnMoveNodePolicy#onMoveNode(org.alfresco.service.cmr.repository.ChildAssociationRef, org.alfresco.service.cmr.repository.ChildAssociationRef)
*/
@Override
public void onMoveNode(final ChildAssociationRef oldChildAssocRef, final ChildAssociationRef newChildAssocRef)
{
AuthenticationUtil.runAs(new RunAsWork<Void>()
{
@Override
public Void doWork() throws Exception
{
NodeRef sourceCategory = oldChildAssocRef.getChildRef();
boolean inheritParentPermissions = permissionService.getInheritParentPermissions(sourceCategory);
if (!inheritParentPermissions)
{
permissionService.setInheritParentPermissions(sourceCategory, true);
}
Set<AccessPermission> keepPerms = new HashSet<AccessPermission>(5);
Set<AccessPermission> origionalCategoryPerms= permissionService.getAllSetPermissions(sourceCategory);
for (AccessPermission categoryPermission : origionalCategoryPerms)
{
String permission = categoryPermission.getPermission();
String authority = categoryPermission.getAuthority();
if ((RMPermissionModel.FILING.equals(permission) || RMPermissionModel.READ_RECORDS.equals(permission)) &&
categoryPermission.isSetDirectly() &&
!ExtendedReaderDynamicAuthority.EXTENDED_READER.equals(authority) &&
!ExtendedWriterDynamicAuthority.EXTENDED_WRITER.equals(authority))
{
// then we can assume this is a permission we want to preserve
keepPerms.add(categoryPermission);
}
}
// clear all existing permissions and start again
permissionService.deletePermissions(sourceCategory);
// re-add keep'er permissions
for (AccessPermission keeper : keepPerms)
{
setPermission(sourceCategory, keeper.getAuthority(), keeper.getPermission());
}
return null;
}
}, AuthenticationUtil.getSystemUserName());
}
/** /**
* Initialise the record permissions for the given parent. * Initialise the record permissions for the given parent.
* *