inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-31 17:39:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

RM: Deprecation of RecordsManagementSecurityService in favour of better encapsulated services

Browse Source 
* final deprecation of recordsManagementSecurityService
  * origional interface and implementation moved to compatibility area
  * deprecation context added
  * FilePlanPermission service added to handle file plan permissions



git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@44829 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Roy Wetherall
2012-12-19 08:10:09 +00:00
parent a2d46ff862
commit e4ea0fe02d
7 changed files with 461 additions and 297 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
rm-server/config/alfresco/module/org_alfresco_module_rm/module-context.xml
View File

@@ -145,6 +145,9 @@
<!-- Import the RM action's -->
<import resource="classpath:alfresco/module/org_alfresco_module_rm/rm-action-context.xml"/>
<import resource="classpath:alfresco/module/org_alfresco_module_rm/action-context.xml"/>
<!-- Import the deprecated beans -->
<import resource="classpath:alfresco/module/org_alfresco_module_rm/rm-deprecated-context.xml"/>
<!-- Import the RM module patches -->
<import resource="classpath:alfresco/module/org_alfresco_module_rm/rm-patch-context.xml"/>

62
rm-server/config/alfresco/module/org_alfresco_module_rm/rm-deprecated-context.xml Normal file
View File

@@ -0,0 +1,62 @@
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>
<beans>
<!-- Records Management Security Service -->
<!-- @deprecated As of release 2.1 -->
<bean id="recordsManagementSecurityService"
class="org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityServiceImpl">
<property name="modelSecurityService" ref="modelSecurityService" />
<property name="filePlanRoleService" ref="FilePlanRoleService" />
<property name="filePlanPermissionService" ref="FilePlanPermissionService"/>
</bean>
<bean id="RecordsManagementSecurityService" class="org.springframework.aop.framework.ProxyFactoryBean">
<property name="proxyInterfaces">
<value>org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService</value>
</property>
<property name="target">
<ref bean="recordsManagementSecurityService"/>
</property>
<property name="interceptorNames">
<list>
<idref local="RecordsManagementSecurityService_transaction"/>
<idref bean="exceptionTranslator"/>
<idref local="RecordsManagementSecurityService_security"/>
</list>
</property>
</bean>
<bean id="RecordsManagementSecurityService_transaction" class="org.springframework.transaction.interceptor.TransactionInterceptor">
<property name="transactionManager">
<ref bean="transactionManager"/>
</property>
<property name="transactionAttributes">
<props>
<prop key="*">${server.transaction.mode.default}</prop>
</props>
</property>
</bean>
<bean id="RecordsManagementSecurityService_security" class="org.alfresco.repo.security.permissions.impl.acegi.MethodSecurityInterceptor">
<property name="authenticationManager">
<ref bean="authenticationManager"/>
</property>
<property name="accessDecisionManager">
<ref bean="accessDecisionManager"/>
</property>
<property name="afterInvocationManager">
<ref bean="afterInvocationManager"/>
</property>
<property name="objectDefinitionSource">
<value>
<![CDATA[
org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService.*=RM_ALLOW
]]>
</value>
</property>
</bean>
</beans>

136
rm-server/config/alfresco/module/org_alfresco_module_rm/rm-service-context.xml
View File

@@ -414,7 +414,66 @@
</property>
</bean>
<!-- Records Management Security Service -->
<!-- File Plan Permission Service -->
<bean id="filePlanPermissionService"
class="org.alfresco.module.org_alfresco_module_rm.security.FilePlanPermissionServiceImpl"
init-method="init">
<property name="permissionService" ref="PermissionService"/>
<property name="nodeService" ref="NodeService"/>
<property name="policyComponent" ref="policyComponent"/>
<property name="recordsManagementService" ref="RecordsManagementService"/>
</bean>
<bean id="FilePlanPermissionService" class="org.springframework.aop.framework.ProxyFactoryBean">
<property name="proxyInterfaces">
<value>org.alfresco.module.org_alfresco_module_rm.security.FilePlanPermissionService</value>
</property>
<property name="target">
<ref bean="filePlanPermissionService"/>
</property>
<property name="interceptorNames">
<list>
<idref local="FilePlanPermissionService_transaction"/>
<idref bean="exceptionTranslator"/>
<idref local="FilePlanPermissionService_security"/>
</list>
</property>
</bean>
<bean id="FilePlanPermissionService_transaction" class="org.springframework.transaction.interceptor.TransactionInterceptor">
<property name="transactionManager">
<ref bean="transactionManager"/>
</property>
<property name="transactionAttributes">
<props>
<prop key="*">${server.transaction.mode.default}</prop>
</props>
</property>
</bean>
<bean id="FilePlanPermissionService_security" class="org.alfresco.repo.security.permissions.impl.acegi.MethodSecurityInterceptor">
<property name="authenticationManager">
<ref bean="authenticationManager"/>
</property>
<property name="accessDecisionManager">
<ref bean="accessDecisionManager"/>
</property>
<property name="afterInvocationManager">
<ref bean="afterInvocationManager"/>
</property>
<property name="objectDefinitionSource">
<value>
<![CDATA[
org.alfresco.module.org_alfresco_module_rm.security.FilePlanPermissionService.setPermission=RM_ALLOW
org.alfresco.module.org_alfresco_module_rm.security.FilePlanPermissionService.deletePermission=RM_ALLOW
org.alfresco.module.org_alfresco_module_rm.security.FilePlanPermissionService.*=RM_DENY
]]>
</value>
</property>
</bean>
<!-- File Plan Role Service -->
<bean id="filePlanRoleService"
class="org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleServiceImpl"
@@ -483,80 +542,7 @@
</property>
</bean>
<!-- Records Management Security Service -->
<bean id="recordsManagementSecurityService"
class="org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityServiceImpl"
depends-on="org_alfresco_module_rm_dictionaryBootstrap"
init-method="init">
<property name="permissionService" ref="PermissionService"/>
<property name="nodeService" ref="NodeService"/>
<property name="policyComponent" ref="policyComponent"/>
<property name="recordsManagementService" ref="RecordsManagementService"/>
<property name="modelSecurityService" ref="modelSecurityService" />
<property name="filePlanRoleService" ref="FilePlanRoleService" />
</bean>
<bean id="RecordsManagementSecurityService" class="org.springframework.aop.framework.ProxyFactoryBean">
<property name="proxyInterfaces">
<value>org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService</value>
</property>
<property name="target">
<ref bean="recordsManagementSecurityService"/>
</property>
<property name="interceptorNames">
<list>
<idref local="RecordsManagementSecurityService_transaction"/>
<idref bean="exceptionTranslator"/>
<idref local="RecordsManagementSecurityService_security"/>
</list>
</property>
</bean>
<bean id="RecordsManagementSecurityService_transaction" class="org.springframework.transaction.interceptor.TransactionInterceptor">
<property name="transactionManager">
<ref bean="transactionManager"/>
</property>
<property name="transactionAttributes">
<props>
<prop key="*">${server.transaction.mode.default}</prop>
</props>
</property>
</bean>
<bean id="RecordsManagementSecurityService_security" class="org.alfresco.repo.security.permissions.impl.acegi.MethodSecurityInterceptor">
<property name="authenticationManager">
<ref bean="authenticationManager"/>
</property>
<property name="accessDecisionManager">
<ref bean="accessDecisionManager"/>
</property>
<property name="afterInvocationManager">
<ref bean="afterInvocationManager"/>
</property>
<property name="objectDefinitionSource">
<value>
<![CDATA[
org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService.getProtectedAspects=RM_ALLOW
org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService.getProtectedProperties=RM_ALLOW
org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService.setPermission=RM_ALLOW
org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService.deletePermission=RM_ALLOW
org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService.bootstrapDefaultRoles=RM_ALLOW
org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService.getRoles=RM_ALLOW
org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService.getRolesByUser=RM_ALLOW
org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService.getRole=RM_ALLOW
org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService.existsRole=RM_ALLOW
org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService.hasRMAdminRole=RM_ALLOW
org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService.createRole=RM_ALLOW
org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService.updateRole=RM_ALLOW
org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService.deleteRole=RM_ALLOW
org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService.assignRoleToAuthority=RM_ALLOW
org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService.getAllRolesContainerGroup=RM_ALLOW
org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService.*=RM_DENY
]]>
</value>
</property>
</bean>
<!-- Records Management Extended Security Service -->

12
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityService.java → rm-server/source/compatibility/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityService.java
View File

@@ -1,5 +1,5 @@
/*
* Copyright (C) 2005-2011 Alfresco Software Limited.
* Copyright (C) 2005-2012 Alfresco Software Limited.
*
* This file is part of Alfresco
*
@@ -30,6 +30,8 @@ import org.alfresco.service.namespace.QName;
* Records management permission service interface
*
* @author Roy Wetherall
*
* @deprecated As of release 2.1, replaced by {@link ModelSecurityService}, {@link FilePlanRoleService} and {@link FilePlanPermissionService}
*/
public interface RecordsManagementSecurityService
{
@@ -38,7 +40,7 @@ public interface RecordsManagementSecurityService
*
* @param rmRootNode root node
*
* @deprecatedAs of release 2.1, operation no longer supported
* @deprecated As of release 2.1, operation no longer supported
*/
@Deprecated
void bootstrapDefaultRoles(NodeRef rmRootNode);
@@ -171,7 +173,10 @@ public interface RecordsManagementSecurityService
* @param nodeRef node reference
* @param authority authority
* @param permission permission
*
* @deprecated As of release 2.1, replaced by {@link FilePlanPermissionService#setPermission(NodeRef, String, String)}
*/
@Deprecated
void setPermission(NodeRef nodeRef, String authority, String permission);
/**
@@ -180,7 +185,10 @@ public interface RecordsManagementSecurityService
* @param nodeRef node reference
* @param authority authority
* @param permission permission
*
* @deprecated As of release 2.1, replaced by {@link FilePlanPermissionService#deletePermission(NodeRef, String, String)}
*/
@Deprecated
void deletePermission(NodeRef nodeRef, String authority, String permission);
/**

221
rm-server/source/compatibility/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityServiceImpl.java Normal file
View File

@@ -0,0 +1,221 @@
/*
* Copyright (C) 2005-2012 Alfresco Software Limited.
*
* This file is part of Alfresco
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
*/
package org.alfresco.module.org_alfresco_module_rm.security;
import java.util.Set;
import org.alfresco.module.org_alfresco_module_rm.capability.Capability;
import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
import org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityService;
import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.namespace.QName;
/**
* Records management permission service implementation
*
* @author Roy Wetherall
*/
@SuppressWarnings("deprecation")
public class RecordsManagementSecurityServiceImpl implements RecordsManagementSecurityService,
RecordsManagementModel
{
/** Model security service */
private ModelSecurityService modelSecurityService;
/** File plan role service */
private FilePlanRoleService filePlanRoleService;
/** File plan permission service */
private FilePlanPermissionService filePlanPermissionService;
/**
* @param modelSecurityService model security service
*/
public void setModelSecurityService(ModelSecurityService modelSecurityService)
{
this.modelSecurityService = modelSecurityService;
}
/**
* @param filePlanRoleService file plan role service
*/
public void setFilePlanRoleService(FilePlanRoleService filePlanRoleService)
{
this.filePlanRoleService = filePlanRoleService;
}
/**
* @param filePlanPermissionService file plan permission service
*/
public void setFilePlanPermissionService(FilePlanPermissionService filePlanPermissionService)
{
this.filePlanPermissionService = filePlanPermissionService;
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getProtectedAspects()
*/
@Deprecated
@Override
public Set<QName> getProtectedAspects()
{
return modelSecurityService.getProtectedAspects();
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getProtectedProperties()
*/
@Deprecated
@Override
public Set<QName> getProtectedProperties()
{
return modelSecurityService.getProtectedProperties();
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#assignRoleToAuthority(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String)
*/
@Deprecated
@Override
public void assignRoleToAuthority(NodeRef rmRootNode, String role, String authorityName)
{
filePlanRoleService.assignRoleToAuthority(rmRootNode, role, authorityName);
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#bootstrapDefaultRoles(org.alfresco.service.cmr.repository.NodeRef)
*/
@Deprecated
@Override
public void bootstrapDefaultRoles(NodeRef rmRootNode)
{
throw new UnsupportedOperationException("This method is no longer supported.");
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#createRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String, java.util.Set)
*/
@Deprecated
@Override
public Role createRole(NodeRef rmRootNode, String role, String roleDisplayLabel, Set<Capability> capabilities)
{
return Role.toRole(filePlanRoleService.createRole(rmRootNode, role, roleDisplayLabel, capabilities));
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#deleteRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String)
*/
@Deprecated
@Override
public void deleteRole(NodeRef rmRootNode, String role)
{
filePlanRoleService.deleteRole(rmRootNode, role);
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#existsRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String)
*/
@Deprecated
@Override
public boolean existsRole(NodeRef rmRootNode, String role)
{
return filePlanRoleService.existsRole(rmRootNode, role);
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getAllRolesContainerGroup(org.alfresco.service.cmr.repository.NodeRef)
*/
@Deprecated
@Override
public String getAllRolesContainerGroup(NodeRef filePlan)
{
return filePlanRoleService.getAllRolesContainerGroup(filePlan);
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String)
*/
@Deprecated
@Override
public Role getRole(NodeRef rmRootNode, String role)
{
return Role.toRole(filePlanRoleService.getRole(rmRootNode, role));
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRoles(org.alfresco.service.cmr.repository.NodeRef)
*/
@Deprecated
@Override
public Set<Role> getRoles(NodeRef rmRootNode)
{
return Role.toRoleSet(filePlanRoleService.getRoles(rmRootNode));
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRolesByUser(org.alfresco.service.cmr.repository.NodeRef, java.lang.String)
*/
@Deprecated
@Override
public Set<Role> getRolesByUser(NodeRef rmRootNode, String user)
{
return Role.toRoleSet(filePlanRoleService.getRolesByUser(rmRootNode, user));
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#hasRMAdminRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String)
*/
@Deprecated
@Override
public boolean hasRMAdminRole(NodeRef rmRootNode, String user)
{
return filePlanRoleService.hasRMAdminRole(rmRootNode, user);
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#updateRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String, java.util.Set)
*/
@Deprecated
@Override
public Role updateRole(NodeRef rmRootNode, String role, String roleDisplayLabel, Set<Capability> capabilities)
{
return updateRole(rmRootNode, role, roleDisplayLabel, capabilities);
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#deletePermission(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String)
*/
@Deprecated
@Override
public void deletePermission(NodeRef nodeRef, String authority, String permission)
{
filePlanPermissionService.deletePermission(nodeRef, authority, permission);
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#setPermission(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String)
*/
@Deprecated
@Override
public void setPermission(NodeRef nodeRef, String authority, String permission)
{
filePlanPermissionService.setPermission(nodeRef, authority, permission);
}
}

50
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanPermissionService.java Normal file
View File

@@ -0,0 +1,50 @@
/*
* Copyright (C) 2005-2012 Alfresco Software Limited.
*
* This file is part of Alfresco
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
*/
package org.alfresco.module.org_alfresco_module_rm.security;
import org.alfresco.service.cmr.repository.NodeRef;
/**
* File plan permission service.
*
* @author Roy Wetherall
* @since 2.1
*/
public interface FilePlanPermissionService
{
/**
* Sets a permission on a file plan object. Assumes allow is true. Cascades permission down to record folder.
* Cascades ReadRecord up to file plan.
*
* @param nodeRef node reference
* @param authority authority
* @param permission permission
*/
void setPermission(NodeRef nodeRef, String authority, String permission);
/**
* Deletes a permission from a file plan object. Cascades removal down to record folder.
*
* @param nodeRef node reference
* @param authority authority
* @param permission permission
*/
void deletePermission(NodeRef nodeRef, String authority, String permission);
}

274
rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/RecordsManagementSecurityServiceImpl.java → rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/security/FilePlanPermissionServiceImpl.java
View File

@@ -23,11 +23,8 @@ import java.util.Set;
import org.alfresco.model.ContentModel;
import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService;
import org.alfresco.module.org_alfresco_module_rm.capability.Capability;
import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
import org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityService;
import org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService;
import org.alfresco.repo.node.NodeServicePolicies;
import org.alfresco.repo.policy.JavaBehaviour;
import org.alfresco.repo.policy.PolicyComponent;
@@ -39,19 +36,17 @@ import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.security.AccessPermission;
import org.alfresco.service.cmr.security.AccessStatus;
import org.alfresco.service.cmr.security.PermissionService;
import org.alfresco.service.namespace.QName;
import org.alfresco.service.namespace.RegexQNamePattern;
import org.alfresco.util.ParameterCheck;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
/**
* Records management permission service implementation
*
* @author Roy Wetherall
* @since 2.1
*/
public class RecordsManagementSecurityServiceImpl implements RecordsManagementSecurityService,
RecordsManagementModel
public class FilePlanPermissionServiceImpl implements FilePlanPermissionService,
RecordsManagementModel
{
/** Permission service */
private PermissionService permissionService;
@@ -62,74 +57,12 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
/** Records management service */
private RecordsManagementService recordsManagementService;
/** Model security service */
private ModelSecurityService modelSecurityService;
/** Node service */
private NodeService nodeService;
/** File plan role service */
private FilePlanRoleService filePlanRoleService;
/** Logger */
private static Log logger = LogFactory.getLog(RecordsManagementSecurityServiceImpl.class);
/**
* Set the permission service
*
* @param permissionService
*/
public void setPermissionService(PermissionService permissionService)
{
this.permissionService = permissionService;
}
/**
* Set the policy component
*
* @param policyComponent
*/
public void setPolicyComponent(PolicyComponent policyComponent)
{
this.policyComponent = policyComponent;
}
/**
* Set records management service
*
* @param recordsManagementService records management service
*/
public void setRecordsManagementService(RecordsManagementService recordsManagementService)
{
this.recordsManagementService = recordsManagementService;
}
/**
* Set the node service
*
* @param nodeService
*/
public void setNodeService(NodeService nodeService)
{
this.nodeService = nodeService;
}
/**
* @param modelSecurityService model security service
*/
public void setModelSecurityService(ModelSecurityService modelSecurityService)
{
this.modelSecurityService = modelSecurityService;
}
private static Log logger = LogFactory.getLog(FilePlanPermissionServiceImpl.class);
/**
* @param filePlanRoleService file plan role service
*/
public void setFilePlanRoleService(FilePlanRoleService filePlanRoleService)
{
this.filePlanRoleService = filePlanRoleService;
}
/**
* Initialisation method
*/
@@ -144,6 +77,38 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
TYPE_RECORD_FOLDER,
new JavaBehaviour(this, "onCreateRecordFolder", NotificationFrequency.TRANSACTION_COMMIT));
}
/**
* @param permissionService permission service
*/
public void setPermissionService(PermissionService permissionService)
{
this.permissionService = permissionService;
}
/**
* @param nodeService node service
*/
public void setNodeService(NodeService nodeService)
{
this.nodeService = nodeService;
}
/**
* @param policyComponent policy component
*/
public void setPolicyComponent(PolicyComponent policyComponent)
{
this.policyComponent = policyComponent;
}
/**
* @param recordsManagementService records management service
*/
public void setRecordsManagementService(RecordsManagementService recordsManagementService)
{
this.recordsManagementService = recordsManagementService;
}
/**
* @param childAssocRef
@@ -210,24 +175,24 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
{
public Object doWork()
{
Set<AccessPermission> perms = permissionService.getAllSetPermissions(catNodeRef);
for (AccessPermission perm : perms)
{
if (ExtendedReaderDynamicAuthority.EXTENDED_READER.equals(perm.getAuthority()) == false)
{
AccessStatus accessStatus = perm.getAccessStatus();
boolean allow = false;
if (AccessStatus.ALLOWED.equals(accessStatus) == true)
{
allow = true;
}
permissionService.setPermission(
folderNodeRef,
perm.getAuthority(),
perm.getPermission(),
allow);
}
}
Set<AccessPermission> perms = permissionService.getAllSetPermissions(catNodeRef);
for (AccessPermission perm : perms)
{
if (ExtendedReaderDynamicAuthority.EXTENDED_READER.equals(perm.getAuthority()) == false)
{
AccessStatus accessStatus = perm.getAccessStatus();
boolean allow = false;
if (AccessStatus.ALLOWED.equals(accessStatus) == true)
{
allow = true;
}
permissionService.setPermission(
folderNodeRef,
perm.getAuthority(),
perm.getPermission(),
allow);
}
}
return null;
}
@@ -389,136 +354,5 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
}
}, AuthenticationUtil.getSystemUserName());
}
/** Deprecated method implementations */
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getProtectedAspects()
*/
@Deprecated
@Override
public Set<QName> getProtectedAspects()
{
return modelSecurityService.getProtectedAspects();
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getProtectedProperties()
*/
@Deprecated
@Override
public Set<QName> getProtectedProperties()
{
return modelSecurityService.getProtectedProperties();
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#assignRoleToAuthority(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String)
*/
@Deprecated
@Override
public void assignRoleToAuthority(NodeRef rmRootNode, String role, String authorityName)
{
filePlanRoleService.assignRoleToAuthority(rmRootNode, role, authorityName);
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#bootstrapDefaultRoles(org.alfresco.service.cmr.repository.NodeRef)
*/
@Deprecated
@Override
public void bootstrapDefaultRoles(NodeRef rmRootNode)
{
throw new UnsupportedOperationException("This method is no longer supported.");
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#createRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String, java.util.Set)
*/
@Deprecated
@Override
public Role createRole(NodeRef rmRootNode, String role, String roleDisplayLabel, Set<Capability> capabilities)
{
return Role.toRole(filePlanRoleService.createRole(rmRootNode, role, roleDisplayLabel, capabilities));
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#deleteRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String)
*/
@Deprecated
@Override
public void deleteRole(NodeRef rmRootNode, String role)
{
filePlanRoleService.deleteRole(rmRootNode, role);
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#existsRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String)
*/
@Deprecated
@Override
public boolean existsRole(NodeRef rmRootNode, String role)
{
return filePlanRoleService.existsRole(rmRootNode, role);
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getAllRolesContainerGroup(org.alfresco.service.cmr.repository.NodeRef)
*/
@Deprecated
@Override
public String getAllRolesContainerGroup(NodeRef filePlan)
{
return filePlanRoleService.getAllRolesContainerGroup(filePlan);
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String)
*/
@Deprecated
@Override
public Role getRole(NodeRef rmRootNode, String role)
{
return Role.toRole(filePlanRoleService.getRole(rmRootNode, role));
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRoles(org.alfresco.service.cmr.repository.NodeRef)
*/
@Deprecated
@Override
public Set<Role> getRoles(NodeRef rmRootNode)
{
return Role.toRoleSet(filePlanRoleService.getRoles(rmRootNode));
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getRolesByUser(org.alfresco.service.cmr.repository.NodeRef, java.lang.String)
*/
@Deprecated
@Override
public Set<Role> getRolesByUser(NodeRef rmRootNode, String user)
{
return Role.toRoleSet(filePlanRoleService.getRolesByUser(rmRootNode, user));
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#hasRMAdminRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String)
*/
@Deprecated
@Override
public boolean hasRMAdminRole(NodeRef rmRootNode, String user)
{
return filePlanRoleService.hasRMAdminRole(rmRootNode, user);
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#updateRole(org.alfresco.service.cmr.repository.NodeRef, java.lang.String, java.lang.String, java.util.Set)
*/
@Deprecated
@Override
public Role updateRole(NodeRef rmRootNode, String role, String roleDisplayLabel, Set<Capability> capabilities)
{
return updateRole(rmRootNode, role, roleDisplayLabel, capabilities);
}
}