RM-1822 (Non-system-admin user not allowed to read inheritable permissions)

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@93334 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-08-07 17:49:17 +00:00 · 2015-01-12 20:13:45 +00:00
parent 3ad18f8195
commit d37068b2fb
3 changed files with 52 additions and 0 deletions
--- a/rm-server/config/alfresco/templates/webscripts/org/alfresco/slingshot/documentlibrary/rm-permissions.get.desc.xml
+++ b/rm-server/config/alfresco/templates/webscripts/org/alfresco/slingshot/documentlibrary/rm-permissions.get.desc.xml
@@ -0,0 +1,9 @@
 <webscript>
   <shortname>permissions</shortname>
   <description>Document List Component - permissions data webscript</description>
   <url>/slingshot/doclib/rm/permissions/{store_type}/{store_id}/{id}</url>
   <format default="json">argument</format>
   <authentication>user</authentication>
   <transaction allow="readonly">required</transaction>
  <lifecycle>internal</lifecycle>
 </webscript>
--- a/rm-server/config/alfresco/templates/webscripts/org/alfresco/slingshot/documentlibrary/rm-permissions.get.js
+++ b/rm-server/config/alfresco/templates/webscripts/org/alfresco/slingshot/documentlibrary/rm-permissions.get.js
@@ -0,0 +1,42 @@
 <import resource="classpath:/alfresco/templates/webscripts/org/alfresco/slingshot/documentlibrary/permissions.get.js">
 function getRmPermissions()
 {
   /**
    * nodeRef input: store_type, store_id and id
    */
   var storeType = url.templateArgs.store_type,
      storeId = url.templateArgs.store_id,
      id = url.templateArgs.id,
      nodeRef = storeType + "://" + storeId + "/" + id,
      node = ParseArgs.resolveNode(nodeRef);
   if (node == null)
   {
      node = search.findNode(nodeRef);
      if (node === null)
      {
         status.setCode(status.STATUS_NOT_FOUND, "Not a valid nodeRef: '" + nodeRef + "'");
         return null;
      }
   }
   var permissionData = model.data,
      settable = node.getSettablePermissions(),
      canReadInherited = true;
   if (node.parent.hasPermission("ReadRecords"))
   {
      permissionData["inherited"] = parsePermissions(node.parent.getPermissions(), settable);
   }
   else
   {
      canReadInherited = false;
   }
   permissionData["canReadInherited"] = canReadInherited;
   model.data = permissionData;
 }
 getRmPermissions();
--- a/rm-server/config/alfresco/templates/webscripts/org/alfresco/slingshot/documentlibrary/rm-permissions.get.json.ftl
+++ b/rm-server/config/alfresco/templates/webscripts/org/alfresco/slingshot/documentlibrary/rm-permissions.get.json.ftl
@@ -0,0 +1 @@
 <#include "permissions.get.json.ftl">