Ensure that rules are not inherited onto the file plan, unfiled records, holds and transfers root containers (RM-3148)

rm-community/rm-community-repo/source/java/org/alfresco/module/org_alfresco_module_rm/action/impl/DeclareRecordAction.java

@@ -59,6 +59,9 @@ import org.springframework.extensions.surf.util.I18NUtil;
  */
 public class DeclareRecordAction extends RMActionExecuterAbstractBase
 {
+    /** action name */
+    public static final String NAME = "declareRecord";
+    
     /** I18N */
     private static final String MSG_UNDECLARED_ONLY_RECORDS = "rm.action.undeclared-only-records";
     private static final String MSG_NO_DECLARE_MAND_PROP = "rm.action.no-declare-mand-prop";

rm-community/rm-community-repo/source/java/org/alfresco/module/org_alfresco_module_rm/fileplan/FilePlanServiceImpl.java

@@ -49,6 +49,7 @@ import org.alfresco.module.org_alfresco_module_rm.security.ExtendedWriterDynamic
 import org.alfresco.module.org_alfresco_module_rm.util.ServiceBaseImpl;
 import org.alfresco.repo.cache.SimpleCache;
 import org.alfresco.repo.domain.node.NodeDAO;
+import org.alfresco.repo.rule.RuleModel;
 import org.alfresco.service.cmr.repository.ChildAssociationRef;
 import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.cmr.repository.StoreRef;
@@ -358,23 +359,14 @@ public class FilePlanServiceImpl extends ServiceBaseImpl
                         containerType,
                         properties).getChildRef();
 
-   //     if (!inheritPermissions)
-   //     {
-            // set inheritance to false
-            getPermissionService().setInheritParentPermissions(container, false);
-            getPermissionService().setPermission(container, allRoles, RMPermissionModel.READ_RECORDS, true);
-            getPermissionService().setPermission(container, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.READ_RECORDS, true);
-            getPermissionService().setPermission(container, ExtendedWriterDynamicAuthority.EXTENDED_WRITER, RMPermissionModel.FILING, true);
-
-            // TODO set the admin users to have filing permissions on the unfiled container!!!
-            // TODO we will need to be able to get a list of the admin roles from the service
-  //      }
-   //     else
-   //     {
-            // just inherit eveything
-            // TODO will change this when we are able to set permissions on holds and transfers!
-   //         getPermissionService().setInheritParentPermissions(container, true);
-   //     }
+        // set inheritance to false
+        getPermissionService().setInheritParentPermissions(container, false);
+        getPermissionService().setPermission(container, allRoles, RMPermissionModel.READ_RECORDS, true);
+        getPermissionService().setPermission(container, ExtendedReaderDynamicAuthority.EXTENDED_READER, RMPermissionModel.READ_RECORDS, true);
+        getPermissionService().setPermission(container, ExtendedWriterDynamicAuthority.EXTENDED_WRITER, RMPermissionModel.FILING, true);
+        
+        // prevent inheritance of rules
+        nodeService.addAspect(container, RuleModel.ASPECT_IGNORE_INHERITED_RULES, null);
 
         return container;
     }

rm-community/rm-community-repo/source/java/org/alfresco/module/org_alfresco_module_rm/model/rma/type/FilePlanType.java

@@ -42,6 +42,7 @@ import org.alfresco.repo.policy.Behaviour.NotificationFrequency;
 import org.alfresco.repo.policy.annotation.Behaviour;
 import org.alfresco.repo.policy.annotation.BehaviourBean;
 import org.alfresco.repo.policy.annotation.BehaviourKind;
+import org.alfresco.repo.rule.RuleModel;
 import org.alfresco.repo.security.authentication.AuthenticationUtil;
 import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
 import org.alfresco.service.cmr.repository.ChildAssociationRef;
@@ -181,8 +182,11 @@ public class FilePlanType extends    BaseBehaviourBean
         {
             public Object doWork()
             {
-                if (nodeService.hasAspect(filePlan, ASPECT_FILE_PLAN_COMPONENT) &&
-                    nodeService.getProperty(filePlan, PROP_IDENTIFIER) == null)
+                // ensure rules are not inherited
+                nodeService.addAspect(filePlan, RuleModel.ASPECT_IGNORE_INHERITED_RULES, null);
+                
+                // set the identifier 
+                if (nodeService.getProperty(filePlan, PROP_IDENTIFIER) == null)
                 {
                     String id = getIdentifierService().generateIdentifier(filePlan);
                     nodeService.setProperty(filePlan, RecordsManagementModel.PROP_IDENTIFIER, id);

rm-community/rm-community-repo/source/java/org/alfresco/repo/rule/ExtendedRuleServiceImpl.java

@@ -195,7 +195,7 @@ public class ExtendedRuleServiceImpl extends RuleServiceImpl
                     	else
                     	{
                     		// run as current user
-                    		ExtendedRuleServiceImpl.super.executeRule(rule, nodeRef, executedRules);
+                    		super.executeRule(rule, nodeRef, executedRules);
                     	}
         	        }
                 }