mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-08-07 17:49:17 +00:00
RM-959 (Admin user is not able to create users)
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@55343 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Tuna Aksoy
@@ -11,11 +11,11 @@
|
||||
<!-- -->
|
||||
|
||||
<beans>
|
||||
|
||||
|
||||
<!-- ===================== -->
|
||||
<!-- Permissions Model DAO -->
|
||||
<!-- ===================== -->
|
||||
|
||||
|
||||
<bean id='permissionsModelDAO' class="org.alfresco.repo.security.permissions.impl.model.PermissionModel" init-method="init">
|
||||
<property name="model">
|
||||
<value>alfresco/model/permissionDefinitions.xml</value>
|
||||
@@ -30,19 +30,19 @@
|
||||
<ref bean="dictionaryService"/>
|
||||
</property>
|
||||
</bean>
|
||||
|
||||
|
||||
<!-- =========================== -->
|
||||
<!-- Permissions Model Bootstrap -->
|
||||
<!-- =========================== -->
|
||||
|
||||
|
||||
<bean id="permissionModelBootstrap" class="org.alfresco.repo.security.permissions.impl.model.PermissionModelBootstrap" abstract="true" init-method="init">
|
||||
<property name="permissionModel" ref="permissionsModelDAO"/>
|
||||
</bean>
|
||||
|
||||
|
||||
<!-- =========================== -->
|
||||
<!-- Helper bean -->
|
||||
<!-- =========================== -->
|
||||
|
||||
|
||||
<bean id="RMSecurityCommon" abstract="true">
|
||||
<property name="nodeService" ref="nodeService"/>
|
||||
<property name="permissionService" ref="permissionService"/>
|
||||
@@ -50,11 +50,11 @@
|
||||
<property name="caveatConfigComponent" ref="caveatConfigComponent"/>
|
||||
<property name="filePlanService" ref="filePlanService"/>
|
||||
</bean>
|
||||
|
||||
|
||||
<!-- ====== -->
|
||||
<!-- Voters -->
|
||||
<!-- ====== -->
|
||||
|
||||
|
||||
<!-- A voter to allow access based on node access control. -->
|
||||
<!-- These start ACL_NODE or ACL_PARENT and are followed by .methodArgumentPosition -->
|
||||
<!-- then object type (prefix:localname) . permission -->
|
||||
@@ -64,7 +64,7 @@
|
||||
<!-- -->
|
||||
<!-- Note: ff the context evaluates to null (e.g. doing an exists test on a node -->
|
||||
<!-- that does not exist) then access will be allowed. -->
|
||||
|
||||
|
||||
<bean id="aclEntryVoter" class="org.alfresco.repo.security.permissions.impl.acegi.ACLEntryVoter" abstract="false" singleton="true" lazy-init="default" autowire="default" dependency-check="default">
|
||||
<property name="permissionService">
|
||||
<ref bean="permissionService"></ref>
|
||||
@@ -75,6 +75,9 @@
|
||||
<property name="nodeService">
|
||||
<ref bean="nodeService"></ref>
|
||||
</property>
|
||||
<property name="ownableService">
|
||||
<ref bean="ownableService"></ref>
|
||||
</property>
|
||||
<property name="authenticationService">
|
||||
<ref bean="authenticationService"/>
|
||||
</property>
|
||||
@@ -87,24 +90,24 @@
|
||||
</set>
|
||||
</property>
|
||||
</bean>
|
||||
|
||||
<bean id="rmEntryVoter"
|
||||
class="org.alfresco.module.org_alfresco_module_rm.capability.RMEntryVoter"
|
||||
lazy-init="false"
|
||||
|
||||
<bean id="rmEntryVoter"
|
||||
class="org.alfresco.module.org_alfresco_module_rm.capability.RMEntryVoter"
|
||||
lazy-init="false"
|
||||
parent="RMSecurityCommon"
|
||||
depends-on="CapabilityService">
|
||||
<property name="namespacePrefixResolver" ref="namespaceService"/>
|
||||
<property name="capabilityService" ref="capabilityService"/>
|
||||
|
||||
|
||||
</bean>
|
||||
|
||||
|
||||
<!-- ======================= -->
|
||||
<!-- Access decision manager -->
|
||||
<!-- ======================= -->
|
||||
|
||||
|
||||
<!-- The access decision manager asks voters in order if they should allow access -->
|
||||
<!-- Role and group access do not require ACL based access -->
|
||||
|
||||
|
||||
<bean id="accessDecisionManager" class="org.alfresco.repo.security.permissions.impl.acegi.AffirmativeBasedAccessDecisionManger">
|
||||
<property name="allowIfAllAbstainDecisions">
|
||||
<value>false</value>
|
||||
@@ -118,11 +121,11 @@
|
||||
</list>
|
||||
</property>
|
||||
</bean>
|
||||
|
||||
|
||||
<!-- ======================================== -->
|
||||
<!-- Post method call application of security -->
|
||||
<!-- ======================================== -->
|
||||
|
||||
|
||||
<bean id="afterAcl" class="org.alfresco.repo.security.permissions.impl.acegi.ACLEntryAfterInvocationProvider" abstract="false" singleton="true" lazy-init="default" autowire="default" dependency-check="default">
|
||||
<property name="permissionService">
|
||||
<ref bean="permissionServiceImpl"></ref>
|
||||
@@ -148,7 +151,7 @@
|
||||
</set>
|
||||
</property>
|
||||
</bean>
|
||||
|
||||
|
||||
<bean id="afterRm" class="org.alfresco.module.org_alfresco_module_rm.capability.RMAfterInvocationProvider" parent="RMSecurityCommon">
|
||||
<property name="maxPermissionCheckTimeMillis">
|
||||
<value>${system.acl.maxPermissionCheckTimeMillis}</value>
|
||||
@@ -157,9 +160,9 @@
|
||||
<value>${system.acl.maxPermissionChecks}</value>
|
||||
</property>
|
||||
</bean>
|
||||
|
||||
|
||||
<!-- Link up after method call security -->
|
||||
|
||||
|
||||
<bean id="afterInvocationManager" class="net.sf.acegisecurity.afterinvocation.AfterInvocationProviderManager">
|
||||
<property name="providers">
|
||||
<list>
|
||||
@@ -169,5 +172,5 @@
|
||||
</list>
|
||||
</property>
|
||||
</bean>
|
||||
|
||||
|
||||
</beans>
|
||||
Reference in New Issue
Block a user