mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-08-07 17:49:17 +00:00
RM-424: Site-admin user using CIFS cannot open document after declaring it as a record.
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@55512 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Roy Wetherall
@@ -24,9 +24,11 @@ import java.util.HashSet;
|
|||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
|
||||||
import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
|
import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
|
||||||
|
import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
|
||||||
import org.alfresco.repo.cache.SimpleCache;
|
import org.alfresco.repo.cache.SimpleCache;
|
||||||
import org.alfresco.repo.security.permissions.AccessControlEntry;
|
import org.alfresco.repo.security.permissions.AccessControlEntry;
|
||||||
import org.alfresco.repo.security.permissions.AccessControlList;
|
import org.alfresco.repo.security.permissions.AccessControlList;
|
||||||
|
import org.alfresco.service.cmr.repository.NodeRef;
|
||||||
import org.alfresco.service.cmr.security.AccessStatus;
|
import org.alfresco.service.cmr.security.AccessStatus;
|
||||||
import org.alfresco.service.cmr.security.PermissionService;
|
import org.alfresco.service.cmr.security.PermissionService;
|
||||||
import org.alfresco.util.PropertyCheck;
|
import org.alfresco.util.PropertyCheck;
|
||||||
@@ -74,6 +76,33 @@ public class RMPermissionServiceImpl extends PermissionServiceImpl
|
|||||||
PropertyCheck.mandatory(this, "writersCache", writersCache);
|
PropertyCheck.mandatory(this, "writersCache", writersCache);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Override to deal with the possibility of hard coded permission checks in core code.
|
||||||
|
*
|
||||||
|
* Note: Eventually we need to merge the RM permission model into the core to make this more rebust.
|
||||||
|
*
|
||||||
|
* @see org.alfresco.repo.security.permissions.impl.ExtendedPermissionService#hasPermission(org.alfresco.service.cmr.repository.NodeRef, java.lang.String)
|
||||||
|
*/
|
||||||
|
@Override
|
||||||
|
public AccessStatus hasPermission(NodeRef nodeRef, String perm)
|
||||||
|
{
|
||||||
|
AccessStatus acs = super.hasPermission(nodeRef, perm);
|
||||||
|
if (AccessStatus.DENIED.equals(acs) == true &&
|
||||||
|
PermissionService.READ.equals(perm) == true &&
|
||||||
|
nodeService.hasAspect(nodeRef, RecordsManagementModel.ASPECT_FILE_PLAN_COMPONENT) == true)
|
||||||
|
{
|
||||||
|
return super.hasPermission(nodeRef, RMPermissionModel.READ_RECORDS);
|
||||||
|
}
|
||||||
|
else if (AccessStatus.DENIED.equals(acs) == true &&
|
||||||
|
PermissionService.WRITE.equals(perm) == true &&
|
||||||
|
nodeService.hasAspect(nodeRef, RecordsManagementModel.ASPECT_FILE_PLAN_COMPONENT) == true)
|
||||||
|
{
|
||||||
|
return super.hasPermission(nodeRef, RMPermissionModel.FILE_RECORDS);
|
||||||
|
}
|
||||||
|
|
||||||
|
return acs;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @see org.alfresco.repo.security.permissions.impl.PermissionServiceImpl#canRead(java.lang.Long)
|
* @see org.alfresco.repo.security.permissions.impl.PermissionServiceImpl#canRead(java.lang.Long)
|
||||||
*/
|
*/
|
||||||
|
|||||||
Reference in New Issue
Block a user