inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-31 17:39:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

RM-614: Can't declare record without "Undeclare Record" capability

Browse Source 
* way access was being determined in the model security service implementation wasn't quite right



git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@47784 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Roy Wetherall
2013-03-08 06:01:00 +00:00
parent 24838caf0c
commit d6f822caa4
2 changed files with 6 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/model/security/ModelSecurityServiceImpl.java
View File

@@ -25,9 +25,8 @@ import java.util.Map;
import java.util.Set;
import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService;
import org.alfresco.module.org_alfresco_module_rm.capability.Capability;
import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService;
import org.alfresco.module.org_alfresco_module_rm.role.Role;
import org.alfresco.repo.node.NodeServicePolicies;
import org.alfresco.repo.policy.JavaBehaviour;
import org.alfresco.repo.policy.PolicyComponent;
@@ -35,6 +34,7 @@ import org.alfresco.repo.policy.Behaviour.NotificationFrequency;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.security.AccessStatus;
import org.alfresco.service.namespace.NamespaceService;
import org.alfresco.service.namespace.QName;
import org.alfresco.util.EqualsHelper;
@@ -66,9 +66,6 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
/** Namespace service */
private NamespaceService namespaceService;
/** File plan role service */
private FilePlanRoleService filePlanRoleService;
/** Records management service */
private RecordsManagementService recordsManagementService;
@@ -129,14 +126,6 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
this.namespaceService = namespaceService;
}
/**
* @param filePlanRoleService file plan role service
*/
public void setFilePlanRoleService(FilePlanRoleService filePlanRoleService)
{
this.filePlanRoleService = filePlanRoleService;
}
/**
* @param recordsManagementService records management service
*/
@@ -245,16 +234,15 @@ public class ModelSecurityServiceImpl implements ModelSecurityService,
NodeRef filePlan = recordsManagementService.getFilePlan(nodeRef);
if (filePlan != null)
{
Set<Role> roles = filePlanRoleService.getRolesByUser(filePlan, AuthenticationUtil.getFullyAuthenticatedUser());
for (Role role : roles)
{
for (Capability capability : artifact.getCapabilities())
{
if (Collections.disjoint(role.getCapabilities(), artifact.getCapabilities()) == false)
if (capability.hasPermission(nodeRef).equals(AccessStatus.ALLOWED) == true)
{
result = true;
break;
}
}
}
}
return result;