mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-07-31 17:39:05 +00:00
RM-567: Refactor protected aspects and properties
* actions and capabilities no long linked * protected aspects and properties can be configured in their own right * protected model security service added * action implementation refactored accordingly * capability implementations refactored accordingly * unit tests git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@44229 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Roy Wetherall
@@ -19,19 +19,14 @@
|
||||
package org.alfresco.module.org_alfresco_module_rm.action;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.Date;
|
||||
import java.util.HashMap;
|
||||
import java.util.LinkedList;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.module.org_alfresco_module_rm.RecordsManagementAdminService;
|
||||
import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService;
|
||||
import org.alfresco.module.org_alfresco_module_rm.audit.RecordsManagementAuditService;
|
||||
import org.alfresco.module.org_alfresco_module_rm.capability.AbstractCapability;
|
||||
import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionAction;
|
||||
import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionActionDefinition;
|
||||
import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionSchedule;
|
||||
@@ -122,7 +117,7 @@ public abstract class RMActionExecuterAbstractBase extends ActionExecuterAbstra
|
||||
/** Freeze Service */
|
||||
protected FreezeService freezeService;
|
||||
|
||||
protected LinkedList<AbstractCapability> capabilities = new LinkedList<AbstractCapability>();;
|
||||
// protected LinkedList<AbstractCapability> capabilities = new LinkedList<AbstractCapability>();;
|
||||
|
||||
/** Default constructor */
|
||||
public RMActionExecuterAbstractBase()
|
||||
@@ -259,19 +254,19 @@ public abstract class RMActionExecuterAbstractBase extends ActionExecuterAbstra
|
||||
* Register with a single capability
|
||||
* @param capability
|
||||
*/
|
||||
public void setCapability(AbstractCapability capability)
|
||||
{
|
||||
capabilities.add(capability);
|
||||
}
|
||||
// public void setCapability(AbstractCapability capability)
|
||||
// {
|
||||
// capabilities.add(capability);
|
||||
// }
|
||||
|
||||
/**
|
||||
* Register with several capabilities
|
||||
* @param capabilities
|
||||
*/
|
||||
public void setCapabilities(Collection<AbstractCapability> capabilities)
|
||||
{
|
||||
this.capabilities.addAll(capabilities);
|
||||
}
|
||||
// public void setCapabilities(Collection<AbstractCapability> capabilities)
|
||||
// {
|
||||
// this.capabilities.addAll(capabilities);
|
||||
// }
|
||||
|
||||
public void setRecordsManagementAdminService(RecordsManagementAdminService recordsManagementAdminService)
|
||||
{
|
||||
@@ -302,10 +297,10 @@ public abstract class RMActionExecuterAbstractBase extends ActionExecuterAbstra
|
||||
PropertyCheck.mandatory(this, "recordsManagementAdminService", recordsManagementAdminService);
|
||||
PropertyCheck.mandatory(this, "recordsManagementEventService", recordsManagementEventService);
|
||||
|
||||
for(AbstractCapability capability : capabilities)
|
||||
{
|
||||
capability.registerAction(this);
|
||||
}
|
||||
// for(AbstractCapability capability : capabilities)
|
||||
// {
|
||||
// capability.registerAction(this);
|
||||
// }
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -429,23 +424,6 @@ public abstract class RMActionExecuterAbstractBase extends ActionExecuterAbstra
|
||||
{
|
||||
// No parameters
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.action.RecordsManagementAction#getProtectedProperties()
|
||||
*/
|
||||
public Set<QName> getProtectedProperties()
|
||||
{
|
||||
return Collections.<QName>emptySet();
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.action.RecordsManagementAction#getProtectedAspects()
|
||||
*/
|
||||
public Set<QName> getProtectedAspects()
|
||||
{
|
||||
return Collections.<QName>emptySet();
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.action.RecordsManagementAction#isExecutable(org.alfresco.service.cmr.repository.NodeRef, java.util.Map)
|
||||
|
||||
@@ -20,10 +20,8 @@ package org.alfresco.module.org_alfresco_module_rm.action;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.Date;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.error.AlfrescoRuntimeException;
|
||||
import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionSchedule;
|
||||
@@ -32,7 +30,6 @@ import org.alfresco.service.cmr.action.Action;
|
||||
import org.alfresco.service.cmr.action.ParameterDefinition;
|
||||
import org.alfresco.service.cmr.repository.ChildAssociationRef;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
import org.alfresco.service.namespace.RegexQNamePattern;
|
||||
import org.springframework.extensions.surf.util.I18NUtil;
|
||||
|
||||
@@ -97,7 +94,7 @@ public abstract class RMDispositionActionExecuterAbstractBase extends RMActionEx
|
||||
if (di.isRecordLevelDisposition() == true)
|
||||
{
|
||||
// Check that we do indeed have a record
|
||||
if (this.recordsManagementService.isRecord(actionedUponNodeRef) == true)
|
||||
if (recordService.isRecord(actionedUponNodeRef) == true)
|
||||
{
|
||||
// Can only execute disposition action on record if declared
|
||||
if (recordService.isDeclared(actionedUponNodeRef) == true)
|
||||
@@ -273,16 +270,16 @@ public abstract class RMDispositionActionExecuterAbstractBase extends RMActionEx
|
||||
return result;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<QName> getProtectedProperties()
|
||||
{
|
||||
HashSet<QName> qnames = new HashSet<QName>();
|
||||
qnames.add(PROP_DISPOSITION_ACTION_STARTED_AT);
|
||||
qnames.add(PROP_DISPOSITION_ACTION_STARTED_BY);
|
||||
qnames.add(PROP_DISPOSITION_ACTION_COMPLETED_AT);
|
||||
qnames.add(PROP_DISPOSITION_ACTION_COMPLETED_BY);
|
||||
return qnames;
|
||||
}
|
||||
// @Override
|
||||
// public Set<QName> getProtectedProperties()
|
||||
// {
|
||||
// HashSet<QName> qnames = new HashSet<QName>();
|
||||
// qnames.add(PROP_DISPOSITION_ACTION_STARTED_AT);
|
||||
// qnames.add(PROP_DISPOSITION_ACTION_STARTED_BY);
|
||||
// qnames.add(PROP_DISPOSITION_ACTION_COMPLETED_AT);
|
||||
// qnames.add(PROP_DISPOSITION_ACTION_COMPLETED_BY);
|
||||
// return qnames;
|
||||
// }
|
||||
|
||||
@Override
|
||||
protected boolean isExecutableImpl(NodeRef filePlanComponent, Map<String, Serializable> parameters, boolean throwException)
|
||||
@@ -312,7 +309,7 @@ public abstract class RMDispositionActionExecuterAbstractBase extends RMActionEx
|
||||
if (di.isRecordLevelDisposition() == true)
|
||||
{
|
||||
// Check that we do indeed have a record
|
||||
if (this.recordsManagementService.isRecord(filePlanComponent) == true)
|
||||
if (recordService.isRecord(filePlanComponent) == true)
|
||||
{
|
||||
// Can only execute disposition action on record if declared
|
||||
if (recordService.isDeclared(filePlanComponent) == true)
|
||||
|
||||
@@ -20,10 +20,8 @@ package org.alfresco.module.org_alfresco_module_rm.action;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
|
||||
|
||||
/**
|
||||
@@ -87,14 +85,14 @@ public interface RecordsManagementAction
|
||||
*
|
||||
* @return the set of protected properties
|
||||
*/
|
||||
public Set<QName> getProtectedProperties();
|
||||
//public Set<QName> getProtectedProperties();
|
||||
|
||||
/**
|
||||
* Get a set of aspects that should be updated via this or other actions.
|
||||
* The aspect can not be added via public services, such as the NodeService.
|
||||
* @return
|
||||
*/
|
||||
public Set<QName> getProtectedAspects();
|
||||
//public Set<QName> getProtectedAspects();
|
||||
|
||||
/**
|
||||
* Some admin-related rmActions execute against a target nodeRef which is not provided
|
||||
|
||||
@@ -159,8 +159,9 @@ public class RecordsManagementActionServiceImpl implements RecordsManagementActi
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.action.RecordsManagementActionService#getDispositionActions(org.alfresco.service.cmr.repository.NodeRef)
|
||||
*/
|
||||
@SuppressWarnings("unused")
|
||||
public List<RecordsManagementAction> getDispositionActions(NodeRef nodeRef)
|
||||
{
|
||||
{
|
||||
String userName = AuthenticationUtil.getFullyAuthenticatedUser();
|
||||
List<RecordsManagementAction> result = new ArrayList<RecordsManagementAction>(this.rmActions.size());
|
||||
|
||||
|
||||
@@ -113,7 +113,7 @@ public class ApplyCustomTypeAction extends RMActionExecuterAbstractBase
|
||||
public boolean isExecutableImpl(NodeRef filePlanComponent, Map<String, Serializable> parameters, boolean throwException)
|
||||
{
|
||||
|
||||
if (recordsManagementService.isRecord(filePlanComponent))
|
||||
if (recordService.isRecord(filePlanComponent))
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -20,12 +20,9 @@ package org.alfresco.module.org_alfresco_module_rm.action.impl;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.Date;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase;
|
||||
import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionAction;
|
||||
@@ -336,22 +333,4 @@ public class BroadcastDispositionActionDefinitionUpdateAction extends RMActionEx
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<QName> getProtectedProperties()
|
||||
{
|
||||
HashSet<QName> qnames = new HashSet<QName>();
|
||||
qnames.add(PROP_DISPOSITION_AS_OF);
|
||||
qnames.add(PROP_DISPOSITION_EVENT);
|
||||
qnames.add(PROP_DISPOSITION_EVENT_COMBINATION);
|
||||
qnames.add(PROP_DISPOSITION_EVENTS_ELIGIBLE);
|
||||
return qnames;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<QName> getProtectedAspects()
|
||||
{
|
||||
return Collections.emptySet();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -19,17 +19,14 @@
|
||||
package org.alfresco.module.org_alfresco_module_rm.action.impl;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.error.AlfrescoRuntimeException;
|
||||
import org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase;
|
||||
import org.alfresco.service.cmr.action.Action;
|
||||
import org.alfresco.service.cmr.action.ParameterDefinition;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
import org.springframework.extensions.surf.util.I18NUtil;
|
||||
|
||||
/**
|
||||
@@ -74,14 +71,6 @@ public class CloseRecordFolderAction extends RMActionExecuterAbstractBase
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<QName> getProtectedProperties()
|
||||
{
|
||||
HashSet<QName> qnames = new HashSet<QName>();
|
||||
qnames.add(PROP_IS_CLOSED);
|
||||
return qnames;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected boolean isExecutableImpl(NodeRef filePlanComponent, Map<String, Serializable> parameters, boolean throwException)
|
||||
{
|
||||
|
||||
@@ -20,10 +20,8 @@ package org.alfresco.module.org_alfresco_module_rm.action.impl;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.Date;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.error.AlfrescoRuntimeException;
|
||||
import org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase;
|
||||
@@ -122,25 +120,25 @@ public class CompleteEventAction extends RMActionExecuterAbstractBase
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<QName> getProtectedProperties()
|
||||
{
|
||||
HashSet<QName> qnames = new HashSet<QName>();
|
||||
qnames.add(PROP_EVENT_EXECUTION_COMPLETE);
|
||||
qnames.add(PROP_EVENT_EXECUTION_COMPLETED_AT);
|
||||
qnames.add(PROP_EVENT_EXECUTION_COMPLETED_BY);
|
||||
return qnames;
|
||||
}
|
||||
// @Override
|
||||
// public Set<QName> getProtectedProperties()
|
||||
// {
|
||||
// HashSet<QName> qnames = new HashSet<QName>();
|
||||
// qnames.add(PROP_EVENT_EXECUTION_COMPLETE);
|
||||
// qnames.add(PROP_EVENT_EXECUTION_COMPLETED_AT);
|
||||
// qnames.add(PROP_EVENT_EXECUTION_COMPLETED_BY);
|
||||
// return qnames;
|
||||
// }
|
||||
|
||||
|
||||
|
||||
@Override
|
||||
public Set<QName> getProtectedAspects()
|
||||
{
|
||||
HashSet<QName> qnames = new HashSet<QName>();
|
||||
qnames.add(ASPECT_DISPOSITION_LIFECYCLE);
|
||||
return qnames;
|
||||
}
|
||||
// @Override
|
||||
// public Set<QName> getProtectedAspects()
|
||||
// {
|
||||
// HashSet<QName> qnames = new HashSet<QName>();
|
||||
// qnames.add(ASPECT_DISPOSITION_LIFECYCLE);
|
||||
// return qnames;
|
||||
// }
|
||||
|
||||
@Override
|
||||
protected boolean isExecutableImpl(NodeRef filePlanComponent, Map<String, Serializable> parameters, boolean throwException)
|
||||
|
||||
@@ -21,10 +21,8 @@ package org.alfresco.module.org_alfresco_module_rm.action.impl;
|
||||
import java.io.Serializable;
|
||||
import java.util.Date;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.error.AlfrescoRuntimeException;
|
||||
import org.alfresco.module.org_alfresco_module_rm.action.RMDispositionActionExecuterAbstractBase;
|
||||
@@ -91,22 +89,6 @@ public class CutOffAction extends RMDispositionActionExecuterAbstractBase
|
||||
this.nodeService.addAspect(nodeRef, ASPECT_CUT_OFF, cutOffProps);
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<QName> getProtectedProperties()
|
||||
{
|
||||
HashSet<QName> qnames = new HashSet<QName>();
|
||||
qnames.add(PROP_CUT_OFF_DATE);
|
||||
return qnames;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<QName> getProtectedAspects()
|
||||
{
|
||||
HashSet<QName> qnames = new HashSet<QName>();
|
||||
qnames.add(ASPECT_CUT_OFF);
|
||||
return qnames;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected boolean isExecutableImpl(NodeRef filePlanComponent, Map<String, Serializable> parameters, boolean throwException)
|
||||
@@ -117,8 +99,8 @@ public class CutOffAction extends RMDispositionActionExecuterAbstractBase
|
||||
}
|
||||
|
||||
// duplicates code from close .. it should get the closed action somehow?
|
||||
if (this.recordsManagementService.isRecordFolder(filePlanComponent)
|
||||
|| this.recordsManagementService.isRecord(filePlanComponent))
|
||||
if (recordsManagementService.isRecordFolder(filePlanComponent)
|
||||
|| recordService.isRecord(filePlanComponent))
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -22,7 +22,6 @@ import java.io.Serializable;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Date;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
@@ -176,17 +175,6 @@ public class DeclareRecordAction extends RMActionExecuterAbstractBase
|
||||
missingProperties.add(propDef.getName().toString());
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase#getProtectedAspects()
|
||||
*/
|
||||
@Override
|
||||
public Set<QName> getProtectedAspects()
|
||||
{
|
||||
HashSet<QName> qnames = new HashSet<QName>();
|
||||
qnames.add(ASPECT_DECLARED_RECORD);
|
||||
return qnames;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase#isExecutableImpl(org.alfresco.service.cmr.repository.NodeRef, java.util.Map, boolean)
|
||||
*/
|
||||
|
||||
@@ -20,10 +20,8 @@ package org.alfresco.module.org_alfresco_module_rm.action.impl;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.Date;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.error.AlfrescoRuntimeException;
|
||||
import org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase;
|
||||
@@ -31,7 +29,6 @@ import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionAction;
|
||||
import org.alfresco.service.cmr.action.Action;
|
||||
import org.alfresco.service.cmr.action.ParameterDefinition;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.springframework.extensions.surf.util.I18NUtil;
|
||||
@@ -87,17 +84,6 @@ public class EditDispositionActionAsOfDateAction extends RMActionExecuterAbstrac
|
||||
{
|
||||
// Intentionally empty
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase#getProtectedProperties()
|
||||
*/
|
||||
@Override
|
||||
public Set<QName> getProtectedProperties()
|
||||
{
|
||||
HashSet<QName> qnames = new HashSet<QName>();
|
||||
qnames.add(PROP_DISPOSITION_AS_OF);
|
||||
return qnames;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase#isExecutableImpl(org.alfresco.service.cmr.repository.NodeRef, java.util.Map, boolean)
|
||||
|
||||
@@ -19,15 +19,12 @@
|
||||
package org.alfresco.module.org_alfresco_module_rm.action.impl;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.HashSet;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.error.AlfrescoRuntimeException;
|
||||
import org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase;
|
||||
import org.alfresco.service.cmr.action.Action;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
import org.springframework.extensions.surf.util.I18NUtil;
|
||||
|
||||
@@ -68,28 +65,6 @@ public class EditHoldReasonAction extends RMActionExecuterAbstractBase
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase#getProtectedAspects()
|
||||
*/
|
||||
@Override
|
||||
public Set<QName> getProtectedAspects()
|
||||
{
|
||||
HashSet<QName> qnames = new HashSet<QName>();
|
||||
qnames.add(ASPECT_FROZEN);
|
||||
return qnames;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase#getProtectedProperties()
|
||||
*/
|
||||
@Override
|
||||
public Set<QName> getProtectedProperties()
|
||||
{
|
||||
HashSet<QName> qnames = new HashSet<QName>();
|
||||
qnames.add(PROP_HOLD_REASON);
|
||||
return qnames;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase#isExecutableImpl(org.alfresco.service.cmr.repository.NodeRef, java.util.Map, boolean)
|
||||
*/
|
||||
|
||||
@@ -20,17 +20,14 @@ package org.alfresco.module.org_alfresco_module_rm.action.impl;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.Date;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.error.AlfrescoRuntimeException;
|
||||
import org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase;
|
||||
import org.alfresco.service.cmr.action.Action;
|
||||
import org.alfresco.service.cmr.action.ParameterDefinition;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.springframework.extensions.surf.util.I18NUtil;
|
||||
@@ -59,8 +56,8 @@ public class EditReviewAsOfDateAction extends RMActionExecuterAbstractBase
|
||||
@Override
|
||||
protected void executeImpl(Action action, NodeRef actionedUponNodeRef)
|
||||
{
|
||||
if (recordsManagementService.isRecord(actionedUponNodeRef) == true &&
|
||||
this.nodeService.hasAspect(actionedUponNodeRef, ASPECT_VITAL_RECORD) == true)
|
||||
if (recordService.isRecord(actionedUponNodeRef) == true &&
|
||||
nodeService.hasAspect(actionedUponNodeRef, ASPECT_VITAL_RECORD) == true)
|
||||
{
|
||||
// Get the action parameter
|
||||
Date reviewAsOf = (Date)action.getParameterValue(PARAM_AS_OF_DATE);
|
||||
@@ -84,21 +81,13 @@ public class EditReviewAsOfDateAction extends RMActionExecuterAbstractBase
|
||||
{
|
||||
// Intentionally empty
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<QName> getProtectedProperties()
|
||||
{
|
||||
HashSet<QName> qnames = new HashSet<QName>();
|
||||
qnames.add(PROP_REVIEW_AS_OF);
|
||||
return qnames;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected boolean isExecutableImpl(NodeRef filePlanComponent, Map<String, Serializable> parameters, boolean throwException)
|
||||
{
|
||||
boolean result = false;
|
||||
if (recordsManagementService.isRecord(filePlanComponent) == true &&
|
||||
this.nodeService.hasAspect(filePlanComponent, ASPECT_VITAL_RECORD) == true)
|
||||
if (recordService.isRecord(filePlanComponent) == true &&
|
||||
nodeService.hasAspect(filePlanComponent, ASPECT_VITAL_RECORD) == true)
|
||||
{
|
||||
result = true;
|
||||
}
|
||||
|
||||
@@ -22,10 +22,8 @@ import java.io.Serializable;
|
||||
import java.util.Calendar;
|
||||
import java.util.Date;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase;
|
||||
import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionSchedule;
|
||||
@@ -143,23 +141,23 @@ public class FileAction extends RMActionExecuterAbstractBase
|
||||
paramList.add(new ParameterDefinitionImpl(PARAM_RECORD_METADATA_ASPECTS, DataTypeDefinition.QNAME, false, "Record Metadata Aspects", true));
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<QName> getProtectedAspects()
|
||||
{
|
||||
HashSet<QName> qnames = new HashSet<QName>();
|
||||
qnames.add(ASPECT_RECORD);
|
||||
qnames.add(ASPECT_VITAL_RECORD);
|
||||
return qnames;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<QName> getProtectedProperties()
|
||||
{
|
||||
HashSet<QName> qnames = new HashSet<QName>();
|
||||
qnames.add(PROP_DATE_FILED);
|
||||
qnames.add(PROP_REVIEW_AS_OF);
|
||||
return qnames;
|
||||
}
|
||||
// @Override
|
||||
// public Set<QName> getProtectedAspects()
|
||||
// {
|
||||
// HashSet<QName> qnames = new HashSet<QName>();
|
||||
// qnames.add(ASPECT_RECORD);
|
||||
// qnames.add(ASPECT_VITAL_RECORD);
|
||||
// return qnames;
|
||||
// }
|
||||
//
|
||||
// @Override
|
||||
// public Set<QName> getProtectedProperties()
|
||||
// {
|
||||
// HashSet<QName> qnames = new HashSet<QName>();
|
||||
// qnames.add(PROP_DATE_FILED);
|
||||
// qnames.add(PROP_REVIEW_AS_OF);
|
||||
// return qnames;
|
||||
// }
|
||||
|
||||
@Override
|
||||
protected boolean isExecutableImpl(NodeRef filePlanComponent, Map<String, Serializable> parameters, boolean throwException)
|
||||
|
||||
@@ -19,15 +19,12 @@
|
||||
package org.alfresco.module.org_alfresco_module_rm.action.impl;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.HashSet;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.error.AlfrescoRuntimeException;
|
||||
import org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase;
|
||||
import org.alfresco.service.cmr.action.Action;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
import org.springframework.extensions.surf.util.I18NUtil;
|
||||
|
||||
/**
|
||||
@@ -52,29 +49,6 @@ public class FreezeAction extends RMActionExecuterAbstractBase
|
||||
freezeService.freeze((String) action.getParameterValue(PARAM_REASON), actionedUponNodeRef);
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase#getProtectedAspects()
|
||||
*/
|
||||
@Override
|
||||
public Set<QName> getProtectedAspects()
|
||||
{
|
||||
HashSet<QName> qnames = new HashSet<QName>();
|
||||
qnames.add(ASPECT_FROZEN);
|
||||
return qnames;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase#getProtectedProperties()
|
||||
*/
|
||||
@Override
|
||||
public Set<QName> getProtectedProperties()
|
||||
{
|
||||
HashSet<QName> qnames = new HashSet<QName>();
|
||||
qnames.add(PROP_HOLD_REASON);
|
||||
//TODO Add prop frozen at/by?
|
||||
return qnames;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase#isExecutableImpl(org.alfresco.service.cmr.repository.NodeRef, java.util.Map, boolean)
|
||||
*/
|
||||
@@ -82,7 +56,7 @@ public class FreezeAction extends RMActionExecuterAbstractBase
|
||||
protected boolean isExecutableImpl(NodeRef filePlanComponent, Map<String, Serializable> parameters, boolean throwException)
|
||||
{
|
||||
if (this.recordService.isRecord(filePlanComponent) == true ||
|
||||
this.recordsManagementService.isRecordFolder(filePlanComponent) == true)
|
||||
this.recordsManagementService.isRecordFolder(filePlanComponent) == true)
|
||||
{
|
||||
// Get the property values
|
||||
if(parameters != null)
|
||||
|
||||
@@ -19,17 +19,14 @@
|
||||
package org.alfresco.module.org_alfresco_module_rm.action.impl;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.error.AlfrescoRuntimeException;
|
||||
import org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase;
|
||||
import org.alfresco.service.cmr.action.Action;
|
||||
import org.alfresco.service.cmr.action.ParameterDefinition;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
import org.springframework.extensions.surf.util.I18NUtil;
|
||||
|
||||
/**
|
||||
@@ -73,14 +70,6 @@ public class OpenRecordFolderAction extends RMActionExecuterAbstractBase
|
||||
// TODO Auto-generated method stub
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<QName> getProtectedProperties()
|
||||
{
|
||||
HashSet<QName> qnames = new HashSet<QName>();
|
||||
qnames.add(PROP_IS_CLOSED);
|
||||
return qnames;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected boolean isExecutableImpl(NodeRef filePlanComponent, Map<String, Serializable> parameters, boolean throwException)
|
||||
{
|
||||
|
||||
@@ -19,15 +19,12 @@
|
||||
package org.alfresco.module.org_alfresco_module_rm.action.impl;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.HashSet;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.error.AlfrescoRuntimeException;
|
||||
import org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase;
|
||||
import org.alfresco.service.cmr.action.Action;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
import org.springframework.extensions.surf.util.I18NUtil;
|
||||
|
||||
/**
|
||||
@@ -56,17 +53,6 @@ public class RelinquishHoldAction extends RMActionExecuterAbstractBase
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase#getProtectedAspects()
|
||||
*/
|
||||
@Override
|
||||
public Set<QName> getProtectedAspects()
|
||||
{
|
||||
HashSet<QName> qnames = new HashSet<QName>();
|
||||
qnames.add(ASPECT_FROZEN);
|
||||
return qnames;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase#isExecutableImpl(org.alfresco.service.cmr.repository.NodeRef, java.util.Map, boolean)
|
||||
*/
|
||||
|
||||
@@ -112,7 +112,7 @@ public class SplitEmailAction extends RMActionExecuterAbstractBase
|
||||
logger.debug("split email:" + actionedUponNodeRef);
|
||||
}
|
||||
|
||||
if (recordsManagementService.isRecord(actionedUponNodeRef) == true)
|
||||
if (recordService.isRecord(actionedUponNodeRef) == true)
|
||||
{
|
||||
if (recordService.isDeclared(actionedUponNodeRef) == false)
|
||||
{
|
||||
@@ -173,7 +173,7 @@ public class SplitEmailAction extends RMActionExecuterAbstractBase
|
||||
@Override
|
||||
protected boolean isExecutableImpl(NodeRef filePlanComponent, Map<String, Serializable> parameters, boolean throwException)
|
||||
{
|
||||
if (recordsManagementService.isRecord(filePlanComponent) == true)
|
||||
if (recordService.isRecord(filePlanComponent) == true)
|
||||
{
|
||||
if (recordService.isDeclared(filePlanComponent))
|
||||
{
|
||||
|
||||
@@ -19,15 +19,12 @@
|
||||
package org.alfresco.module.org_alfresco_module_rm.action.impl;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.HashSet;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.error.AlfrescoRuntimeException;
|
||||
import org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase;
|
||||
import org.alfresco.service.cmr.action.Action;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
import org.springframework.extensions.surf.util.I18NUtil;
|
||||
|
||||
/**
|
||||
@@ -46,7 +43,7 @@ public class UndeclareRecordAction extends RMActionExecuterAbstractBase
|
||||
@Override
|
||||
protected void executeImpl(Action action, NodeRef actionedUponNodeRef)
|
||||
{
|
||||
if (recordsManagementService.isRecord(actionedUponNodeRef) == true)
|
||||
if (recordService.isRecord(actionedUponNodeRef) == true)
|
||||
{
|
||||
if (recordService.isDeclared(actionedUponNodeRef) == true)
|
||||
{
|
||||
@@ -59,19 +56,11 @@ public class UndeclareRecordAction extends RMActionExecuterAbstractBase
|
||||
throw new AlfrescoRuntimeException(I18NUtil.getMessage(MSG_RECORDS_ONLY_UNDECLARED));
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<QName> getProtectedAspects()
|
||||
{
|
||||
HashSet<QName> qnames = new HashSet<QName>();
|
||||
qnames.add(ASPECT_DECLARED_RECORD);
|
||||
return qnames;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected boolean isExecutableImpl(NodeRef filePlanComponent, Map<String, Serializable> parameters, boolean throwException)
|
||||
{
|
||||
if (recordsManagementService.isRecord(filePlanComponent) == true)
|
||||
if (recordService.isRecord(filePlanComponent) == true)
|
||||
{
|
||||
if (recordService.isDeclared(filePlanComponent) == true)
|
||||
{
|
||||
|
||||
@@ -19,10 +19,8 @@
|
||||
package org.alfresco.module.org_alfresco_module_rm.action.impl;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.error.AlfrescoRuntimeException;
|
||||
import org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase;
|
||||
@@ -157,24 +155,6 @@ public class UndoEventAction extends RMActionExecuterAbstractBase
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<QName> getProtectedAspects()
|
||||
{
|
||||
HashSet<QName> qnames = new HashSet<QName>();
|
||||
qnames.add(ASPECT_DISPOSITION_LIFECYCLE);
|
||||
return qnames;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<QName> getProtectedProperties()
|
||||
{
|
||||
HashSet<QName> qnames = new HashSet<QName>();
|
||||
qnames.add(PROP_EVENT_EXECUTION_COMPLETE);
|
||||
qnames.add(PROP_EVENT_EXECUTION_COMPLETED_AT);
|
||||
qnames.add(PROP_EVENT_EXECUTION_COMPLETED_BY);
|
||||
return qnames;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected boolean isExecutableImpl(NodeRef filePlanComponent, Map<String, Serializable> parameters, boolean throwException)
|
||||
{
|
||||
|
||||
@@ -19,14 +19,11 @@
|
||||
package org.alfresco.module.org_alfresco_module_rm.action.impl;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.HashSet;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase;
|
||||
import org.alfresco.service.cmr.action.Action;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
|
||||
/**
|
||||
* Unfreeze Action
|
||||
@@ -44,17 +41,6 @@ public class UnfreezeAction extends RMActionExecuterAbstractBase
|
||||
freezeService.unFreeze(actionedUponNodeRef);
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase#getProtectedAspects()
|
||||
*/
|
||||
@Override
|
||||
public Set<QName> getProtectedAspects()
|
||||
{
|
||||
HashSet<QName> qnames = new HashSet<QName>();
|
||||
qnames.add(ASPECT_FROZEN);
|
||||
return qnames;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase#isExecutableImpl(org.alfresco.service.cmr.repository.NodeRef, java.util.Map, boolean)
|
||||
*/
|
||||
|
||||
@@ -18,12 +18,8 @@
|
||||
*/
|
||||
package org.alfresco.module.org_alfresco_module_rm.capability;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
import net.sf.acegisecurity.vote.AccessDecisionVoter;
|
||||
|
||||
import org.alfresco.module.org_alfresco_module_rm.action.RecordsManagementAction;
|
||||
import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.cmr.security.AccessStatus;
|
||||
@@ -66,10 +62,10 @@ public abstract class AbstractCapability extends RMSecurityCommon
|
||||
protected boolean isPrivate = false;
|
||||
|
||||
/** List of actions */
|
||||
protected List<RecordsManagementAction> actions = new ArrayList<RecordsManagementAction>(1);
|
||||
// protected List<RecordsManagementAction> actions = new ArrayList<RecordsManagementAction>(1);
|
||||
|
||||
/** Action names */
|
||||
protected List<String> actionNames = new ArrayList<String>(1);
|
||||
// protected List<String> actionNames = new ArrayList<String>(1);
|
||||
|
||||
/**
|
||||
* @param voter RM entry voter
|
||||
@@ -100,13 +96,11 @@ public abstract class AbstractCapability extends RMSecurityCommon
|
||||
*
|
||||
* @param action
|
||||
*/
|
||||
public void registerAction(RecordsManagementAction action)
|
||||
{
|
||||
this.actions.add(action);
|
||||
this.actionNames.add(action.getName());
|
||||
voter.addProtectedAspects(action.getProtectedAspects());
|
||||
voter.addProtectedProperties(action.getProtectedProperties());
|
||||
}
|
||||
// public void registerAction(RecordsManagementAction action)
|
||||
// {
|
||||
// this.actions.add(action);
|
||||
// this.actionNames.add(action.getName());
|
||||
// }
|
||||
|
||||
/**
|
||||
* @param name capability name
|
||||
@@ -214,31 +208,31 @@ public abstract class AbstractCapability extends RMSecurityCommon
|
||||
* @param nodeRef
|
||||
* @return
|
||||
*/
|
||||
public int checkActionConditionsIfPresent(NodeRef nodeRef)
|
||||
{
|
||||
String prefix = "checkActionConditionsIfPresent" + getName();
|
||||
int result = getTransactionCache(prefix, nodeRef);
|
||||
if (result != NOSET_VALUE)
|
||||
{
|
||||
return result;
|
||||
}
|
||||
|
||||
if (actions.size() > 0)
|
||||
{
|
||||
for (RecordsManagementAction action : actions)
|
||||
{
|
||||
if (action.isExecutable(nodeRef, null))
|
||||
{
|
||||
return setTransactionCache(prefix, nodeRef, AccessDecisionVoter.ACCESS_GRANTED);
|
||||
}
|
||||
}
|
||||
return setTransactionCache(prefix, nodeRef, AccessDecisionVoter.ACCESS_DENIED);
|
||||
}
|
||||
else
|
||||
{
|
||||
return setTransactionCache(prefix, nodeRef, AccessDecisionVoter.ACCESS_GRANTED);
|
||||
}
|
||||
}
|
||||
// public int checkActionConditionsIfPresent(NodeRef nodeRef)
|
||||
// {
|
||||
// String prefix = "checkActionConditionsIfPresent" + getName();
|
||||
// int result = getTransactionCache(prefix, nodeRef);
|
||||
// if (result != NOSET_VALUE)
|
||||
// {
|
||||
// return result;
|
||||
// }
|
||||
//
|
||||
// if (actions.size() > 0)
|
||||
// {
|
||||
// for (RecordsManagementAction action : actions)
|
||||
// {
|
||||
// if (action.isExecutable(nodeRef, null))
|
||||
// {
|
||||
// return setTransactionCache(prefix, nodeRef, AccessDecisionVoter.ACCESS_GRANTED);
|
||||
// }
|
||||
// }
|
||||
// return setTransactionCache(prefix, nodeRef, AccessDecisionVoter.ACCESS_DENIED);
|
||||
// }
|
||||
// else
|
||||
// {
|
||||
// return setTransactionCache(prefix, nodeRef, AccessDecisionVoter.ACCESS_GRANTED);
|
||||
// }
|
||||
// }
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.capability.Capability#hasPermission(org.alfresco.service.cmr.repository.NodeRef)
|
||||
@@ -269,10 +263,10 @@ public abstract class AbstractCapability extends RMSecurityCommon
|
||||
{
|
||||
result = AccessDecisionVoter.ACCESS_DENIED;
|
||||
}
|
||||
else if (checkActionConditionsIfPresent(nodeRef) == AccessDecisionVoter.ACCESS_DENIED)
|
||||
{
|
||||
result = AccessDecisionVoter.ACCESS_DENIED;
|
||||
}
|
||||
//else if (checkActionConditionsIfPresent(nodeRef) == AccessDecisionVoter.ACCESS_DENIED)
|
||||
// {
|
||||
// result = AccessDecisionVoter.ACCESS_DENIED;
|
||||
// }
|
||||
else
|
||||
{
|
||||
result = hasPermissionImpl(nodeRef);
|
||||
@@ -303,18 +297,18 @@ public abstract class AbstractCapability extends RMSecurityCommon
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.capability.Capability#getActionNames()
|
||||
*/
|
||||
public List<String> getActionNames()
|
||||
{
|
||||
return actionNames;
|
||||
}
|
||||
// public List<String> getActionNames()
|
||||
// {
|
||||
// return actionNames;
|
||||
// }
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.capability.Capability#getActions()
|
||||
*/
|
||||
public List<RecordsManagementAction> getActions()
|
||||
{
|
||||
return actions;
|
||||
}
|
||||
// public List<RecordsManagementAction> getActions()
|
||||
// {
|
||||
// return actions;
|
||||
// }
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.capability.Capability#getGroupId()
|
||||
|
||||
@@ -92,18 +92,6 @@ public interface Capability
|
||||
*/
|
||||
String getDescription();
|
||||
|
||||
/**
|
||||
* Get the name of optional actions tied to this capability
|
||||
* @return
|
||||
*/
|
||||
List<String> getActionNames();
|
||||
|
||||
/**
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
List<RecordsManagementAction> getActions();
|
||||
|
||||
/**
|
||||
* Gets the group id of a capability
|
||||
*
|
||||
|
||||
@@ -21,13 +21,10 @@ package org.alfresco.module.org_alfresco_module_rm.capability;
|
||||
import java.io.Serializable;
|
||||
import java.lang.reflect.Method;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.Iterator;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
import java.util.StringTokenizer;
|
||||
|
||||
import net.sf.acegisecurity.Authentication;
|
||||
@@ -36,7 +33,6 @@ import net.sf.acegisecurity.ConfigAttributeDefinition;
|
||||
import net.sf.acegisecurity.vote.AccessDecisionVoter;
|
||||
|
||||
import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService;
|
||||
import org.alfresco.module.org_alfresco_module_rm.action.RecordsManagementAction;
|
||||
import org.alfresco.module.org_alfresco_module_rm.capability.impl.CreateCapability;
|
||||
import org.alfresco.module.org_alfresco_module_rm.capability.impl.UpdateCapability;
|
||||
import org.alfresco.module.org_alfresco_module_rm.capability.impl.UpdatePropertiesCapability;
|
||||
@@ -57,7 +53,6 @@ import org.alfresco.service.cmr.security.OwnableService;
|
||||
import org.alfresco.service.cmr.security.PermissionService;
|
||||
import org.alfresco.service.namespace.NamespacePrefixResolver;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
import org.alfresco.util.EqualsHelper;
|
||||
import org.aopalliance.intercept.MethodInvocation;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
@@ -92,11 +87,6 @@ public class RMEntryVoter extends RMSecurityCommon
|
||||
|
||||
private static HashMap<String, Policy> policies = new HashMap<String, Policy>();
|
||||
|
||||
private HashSet<QName> protectedProperties = new HashSet<QName>();
|
||||
|
||||
private HashSet<QName> protectedAspects = new HashSet<QName>();
|
||||
|
||||
|
||||
static
|
||||
{
|
||||
policies.put("Read", new ReadPolicy());
|
||||
@@ -110,9 +100,6 @@ public class RMEntryVoter extends RMSecurityCommon
|
||||
policies.put("Capability", new CapabilityPolicy());
|
||||
policies.put("Declare", new DeclarePolicy());
|
||||
policies.put("ReadProperty", new ReadPropertyPolicy());
|
||||
|
||||
// restrictedProperties.put(RecordsManagementModel.PROP_IS_CLOSED, value)
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -209,26 +196,6 @@ public class RMEntryVoter extends RMSecurityCommon
|
||||
return (MethodInvocation.class.isAssignableFrom(clazz));
|
||||
}
|
||||
|
||||
public void addProtectedProperties(Set<QName> properties)
|
||||
{
|
||||
protectedProperties.addAll(properties);
|
||||
}
|
||||
|
||||
public void addProtectedAspects(Set<QName> aspects)
|
||||
{
|
||||
protectedAspects.addAll(aspects);
|
||||
}
|
||||
|
||||
public Set<QName> getProtectedProperties()
|
||||
{
|
||||
return Collections.unmodifiableSet(protectedProperties);
|
||||
}
|
||||
|
||||
public Set<QName> getProtetcedAscpects()
|
||||
{
|
||||
return Collections.unmodifiableSet(protectedAspects);
|
||||
}
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
public int vote(Authentication authentication, Object object, ConfigAttributeDefinition config)
|
||||
{
|
||||
@@ -658,72 +625,6 @@ public class RMEntryVoter extends RMSecurityCommon
|
||||
return dictionaryService;
|
||||
}
|
||||
|
||||
public boolean isProtectedAspect(NodeRef nodeRef, QName aspectQName)
|
||||
{
|
||||
if(protectedAspects.contains(aspectQName))
|
||||
{
|
||||
for(Capability capability : capabilityService.getCapabilities())
|
||||
{
|
||||
for(RecordsManagementAction action : capability.getActions())
|
||||
{
|
||||
if(action.getProtectedAspects().contains(aspectQName))
|
||||
{
|
||||
if(action.isExecutable(nodeRef, null))
|
||||
{
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
return true;
|
||||
}
|
||||
else
|
||||
{
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
public boolean isProtectedProperty(NodeRef nodeRef, QName propertyQName)
|
||||
{
|
||||
if(protectedProperties.contains(propertyQName))
|
||||
{
|
||||
for(Capability capability : capabilityService.getCapabilities())
|
||||
{
|
||||
for(RecordsManagementAction action : capability.getActions())
|
||||
{
|
||||
if(action.getProtectedProperties().contains(propertyQName))
|
||||
{
|
||||
if(action.isExecutable(nodeRef, null))
|
||||
{
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
return true;
|
||||
}
|
||||
else
|
||||
{
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
public boolean includesProtectedPropertyChange(NodeRef nodeRef, Map<QName, Serializable> properties)
|
||||
{
|
||||
Map<QName, Serializable> originals = nodeService.getProperties(nodeRef);
|
||||
for (QName test : properties.keySet())
|
||||
{
|
||||
if (isProtectedProperty(nodeRef, test))
|
||||
{
|
||||
if (!EqualsHelper.nullSafeEquals(originals.get(test), properties.get(test)))
|
||||
{
|
||||
return true;
|
||||
}
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
private class ConfigAttributeDefintion
|
||||
{
|
||||
String typeString;
|
||||
|
||||
@@ -22,7 +22,6 @@ import net.sf.acegisecurity.vote.AccessDecisionVoter;
|
||||
|
||||
import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService;
|
||||
import org.alfresco.module.org_alfresco_module_rm.caveat.RMCaveatConfigComponent;
|
||||
import org.alfresco.module.org_alfresco_module_rm.record.RecordService;
|
||||
import org.alfresco.repo.security.authentication.AuthenticationUtil;
|
||||
import org.alfresco.repo.transaction.AlfrescoTransactionSupport;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
@@ -31,9 +30,6 @@ import org.alfresco.service.cmr.security.AccessStatus;
|
||||
import org.alfresco.service.cmr.security.PermissionService;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.springframework.beans.BeansException;
|
||||
import org.springframework.context.ApplicationContext;
|
||||
import org.springframework.context.ApplicationContextAware;
|
||||
|
||||
/**
|
||||
* @author Roy Wetherall
|
||||
@@ -45,8 +41,6 @@ public class RMSecurityCommon
|
||||
|
||||
private static Log logger = LogFactory.getLog(RMSecurityCommon.class);
|
||||
|
||||
private ApplicationContext applicationContext;
|
||||
|
||||
protected NodeService nodeService;
|
||||
protected PermissionService permissionService;
|
||||
protected RecordsManagementService rmService;
|
||||
|
||||
@@ -78,7 +78,7 @@ public class CreateCapability extends DeclarativeCapability
|
||||
{
|
||||
if(linkee == null)
|
||||
{
|
||||
if(rmService.isRecord(destination) && recordService.isDeclared(destination) == false)
|
||||
if(recordService.isRecord(destination) && recordService.isDeclared(destination) == false)
|
||||
{
|
||||
if (permissionService.hasPermission(destination, RMPermissionModel.FILE_RECORDS) == AccessStatus.ALLOWED)
|
||||
{
|
||||
@@ -88,7 +88,7 @@ public class CreateCapability extends DeclarativeCapability
|
||||
}
|
||||
else
|
||||
{
|
||||
if(rmService.isRecord(linkee) && rmService.isRecord(destination) && recordService.isDeclared(destination) == false)
|
||||
if(recordService.isRecord(linkee) && recordService.isRecord(destination) && recordService.isDeclared(destination) == false)
|
||||
{
|
||||
if (permissionService.hasPermission(destination, RMPermissionModel.FILE_RECORDS) == AccessStatus.ALLOWED)
|
||||
{
|
||||
|
||||
@@ -21,8 +21,6 @@ package org.alfresco.module.org_alfresco_module_rm.capability.impl;
|
||||
import java.io.Serializable;
|
||||
import java.util.Map;
|
||||
|
||||
import net.sf.acegisecurity.vote.AccessDecisionVoter;
|
||||
|
||||
import org.alfresco.module.org_alfresco_module_rm.capability.declarative.CompositeCapability;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
@@ -43,15 +41,15 @@ public class UpdateCapability extends CompositeCapability
|
||||
*/
|
||||
public int evaluate(NodeRef nodeRef, QName aspectQName, Map<QName, Serializable> properties)
|
||||
{
|
||||
if ((aspectQName != null) && (voter.isProtectedAspect(nodeRef, aspectQName)))
|
||||
{
|
||||
return AccessDecisionVoter.ACCESS_DENIED;
|
||||
}
|
||||
// if ((aspectQName != null) && (voter.isProtectedAspect(nodeRef, aspectQName)))
|
||||
// {
|
||||
// return AccessDecisionVoter.ACCESS_DENIED;
|
||||
// }
|
||||
|
||||
if ((properties != null) && (voter.includesProtectedPropertyChange(nodeRef, properties)))
|
||||
{
|
||||
return AccessDecisionVoter.ACCESS_DENIED;
|
||||
}
|
||||
// if ((properties != null) && (voter.includesProtectedPropertyChange(nodeRef, properties)))
|
||||
// {
|
||||
// return AccessDecisionVoter.ACCESS_DENIED;
|
||||
// }
|
||||
|
||||
return evaluate(nodeRef);
|
||||
}
|
||||
|
||||
@@ -21,8 +21,6 @@ package org.alfresco.module.org_alfresco_module_rm.capability.impl;
|
||||
import java.io.Serializable;
|
||||
import java.util.Map;
|
||||
|
||||
import net.sf.acegisecurity.vote.AccessDecisionVoter;
|
||||
|
||||
import org.alfresco.module.org_alfresco_module_rm.capability.declarative.CompositeCapability;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
@@ -42,10 +40,10 @@ public class UpdatePropertiesCapability extends CompositeCapability
|
||||
*/
|
||||
public int evaluate(NodeRef nodeRef, Map<QName, Serializable> properties)
|
||||
{
|
||||
if ((properties != null) && (voter.includesProtectedPropertyChange(nodeRef, properties)))
|
||||
{
|
||||
return AccessDecisionVoter.ACCESS_DENIED;
|
||||
}
|
||||
// if ((properties != null) && (voter.includesProtectedPropertyChange(nodeRef, properties)))
|
||||
// {
|
||||
// return AccessDecisionVoter.ACCESS_DENIED;
|
||||
// }
|
||||
|
||||
return evaluate(nodeRef);
|
||||
}
|
||||
|
||||
@@ -0,0 +1,42 @@
|
||||
/*
|
||||
* Copyright (C) 2005-2012 Alfresco Software Limited.
|
||||
*
|
||||
* This file is part of Alfresco
|
||||
*
|
||||
* Alfresco is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Lesser General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* Alfresco is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Lesser General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Lesser General Public License
|
||||
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
package org.alfresco.module.org_alfresco_module_rm.model.security;
|
||||
|
||||
import org.alfresco.repo.security.permissions.AccessDeniedException;
|
||||
|
||||
/**
|
||||
* Model access denied exception implementation
|
||||
*
|
||||
* @author Roy Wetherall
|
||||
* @since 2.1
|
||||
*/
|
||||
public class ModelAccessDeniedException extends AccessDeniedException
|
||||
{
|
||||
private static final long serialVersionUID = 6796435040345714366L;
|
||||
|
||||
public ModelAccessDeniedException(String msg)
|
||||
{
|
||||
super(msg);
|
||||
}
|
||||
|
||||
public ModelAccessDeniedException(String msg, Throwable cause)
|
||||
{
|
||||
super(msg, cause);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,114 @@
|
||||
/*
|
||||
* Copyright (C) 2005-2012 Alfresco Software Limited.
|
||||
*
|
||||
* This file is part of Alfresco
|
||||
*
|
||||
* Alfresco is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Lesser General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* Alfresco is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Lesser General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Lesser General Public License
|
||||
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
package org.alfresco.module.org_alfresco_module_rm.model.security;
|
||||
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
|
||||
/**
|
||||
* Model security service interface.
|
||||
*
|
||||
* @author Roy Wetherall
|
||||
* @since 2.1
|
||||
*/
|
||||
public interface ModelSecurityService
|
||||
{
|
||||
/**
|
||||
* Registers a protected model artifact with the service.
|
||||
*
|
||||
* @param atrifact protected model artifact
|
||||
*/
|
||||
void register(ProtectedModelArtifact atrifact);
|
||||
|
||||
/**
|
||||
* Indicates whether a property is protected or not.
|
||||
*
|
||||
* @param name name of property
|
||||
* @return boolean true if property is protected, false otherwise
|
||||
*/
|
||||
boolean isProtectedProperty(QName property);
|
||||
|
||||
/**
|
||||
* Get the protected properties
|
||||
*
|
||||
* @return {@link Set}<{@link QName}> all the protected properties
|
||||
*/
|
||||
Set<QName> getProtectedProperties();
|
||||
|
||||
/**
|
||||
* Get the details of the protected property, returns null if property
|
||||
* is not protected.
|
||||
*
|
||||
* @param name name of the protected property
|
||||
* @return {@link ProtectedProperty} protected property details, null otherwise
|
||||
*/
|
||||
ProtectedProperty getProtectedProperty(QName name);
|
||||
|
||||
/**
|
||||
* Indicates whether the current user can edit a protected property in the context of
|
||||
* a given node.
|
||||
* <p>
|
||||
* If the property is not protected then returns true.
|
||||
*
|
||||
* @param nodeRef node reference
|
||||
* @param property name of the property
|
||||
* @return boolean true if the current user can edit the protected property or the property
|
||||
* is not protected, false otherwise
|
||||
*/
|
||||
boolean canEditProtectedProperty(NodeRef nodeRef, QName property);
|
||||
|
||||
/**
|
||||
* Indicates whether an aspect is protected or not.
|
||||
*
|
||||
* @param aspect aspect name
|
||||
* @return boolean true if aspect is protected, false otherwise
|
||||
*/
|
||||
boolean isProtectedAspect(QName aspect);
|
||||
|
||||
/**
|
||||
* Get the protected aspects.
|
||||
*
|
||||
* @return {@link Set}<{@link QName}> all the protected aspects
|
||||
*/
|
||||
Set<QName> getProtectedAspects();
|
||||
|
||||
/**
|
||||
* Get the details of the protected aspect, returns null if aspect is
|
||||
* not protected.
|
||||
*
|
||||
* @param name name of the aspect
|
||||
* @return {@link ProtectedAspect} protected aspect details, null otherwise
|
||||
*/
|
||||
ProtectedAspect getProtectedAspect(QName name);
|
||||
|
||||
/**
|
||||
* Indicates whether the current user can edit (ie add or remove) a protected
|
||||
* aspect in the context of a given node.
|
||||
* <p>
|
||||
* If the aspect is not protected then returns true.
|
||||
*
|
||||
* @param nodeRef node reference
|
||||
* @param aspect name of the of aspect
|
||||
* @return boolean true if the current user can edit the protected aspect or the the
|
||||
* aspect is not protected, false otherwise
|
||||
*/
|
||||
boolean canEditProtectedAspect(NodeRef nodeRef, QName aspect);
|
||||
}
|
||||
@@ -0,0 +1,351 @@
|
||||
/*
|
||||
* Copyright (C) 2005-2012 Alfresco Software Limited.
|
||||
*
|
||||
* This file is part of Alfresco
|
||||
*
|
||||
* Alfresco is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Lesser General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* Alfresco is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Lesser General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Lesser General Public License
|
||||
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
package org.alfresco.module.org_alfresco_module_rm.model.security;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.module.org_alfresco_module_rm.capability.Capability;
|
||||
import org.alfresco.module.org_alfresco_module_rm.capability.CapabilityService;
|
||||
import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
|
||||
import org.alfresco.repo.node.NodeServicePolicies;
|
||||
import org.alfresco.repo.policy.JavaBehaviour;
|
||||
import org.alfresco.repo.policy.PolicyComponent;
|
||||
import org.alfresco.repo.policy.Behaviour.NotificationFrequency;
|
||||
import org.alfresco.repo.security.authentication.AuthenticationUtil;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.cmr.repository.NodeService;
|
||||
import org.alfresco.service.cmr.security.AccessStatus;
|
||||
import org.alfresco.service.namespace.NamespaceService;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
import org.alfresco.util.EqualsHelper;
|
||||
|
||||
|
||||
/**
|
||||
* Model security service implementation.
|
||||
* <p>
|
||||
* This service records the protected properties and aspects, ensuring that only those with the appropriate capabilities can edit them.
|
||||
*
|
||||
* @author Roy Wetherall
|
||||
* @since 2.1
|
||||
*/
|
||||
public class ModelSecurityServiceImpl implements ModelSecurityService,
|
||||
RecordsManagementModel,
|
||||
NodeServicePolicies.BeforeAddAspectPolicy,
|
||||
NodeServicePolicies.BeforeRemoveAspectPolicy,
|
||||
NodeServicePolicies.OnUpdatePropertiesPolicy
|
||||
{
|
||||
/** Policy component */
|
||||
private PolicyComponent policyComponent;
|
||||
|
||||
/** Node service */
|
||||
private NodeService nodeService;
|
||||
|
||||
/** Capability service */
|
||||
private CapabilityService capabilityService;
|
||||
|
||||
/** Namespace service */
|
||||
private NamespaceService namespaceService;
|
||||
|
||||
/** Map of protected properties keyed by name */
|
||||
private Map<QName, ProtectedProperty> protectedProperties = new HashMap<QName, ProtectedProperty>(21);
|
||||
|
||||
/** Map of protected aspects keyed by name */
|
||||
private Map<QName, ProtectedAspect> protectedAspects= new HashMap<QName, ProtectedAspect>(21);
|
||||
|
||||
/** Behaviour instances */
|
||||
private JavaBehaviour beforeAddAspectBehaviour = new JavaBehaviour(this,
|
||||
"beforeAddAspect",
|
||||
NotificationFrequency.EVERY_EVENT);
|
||||
private JavaBehaviour beforeRemoveAspectBehaviour = new JavaBehaviour(this,
|
||||
"beforeRemoveAspect",
|
||||
NotificationFrequency.EVERY_EVENT);
|
||||
private JavaBehaviour onUpdatePropertiesBehaviour = new JavaBehaviour(this,
|
||||
"onUpdateProperties",
|
||||
NotificationFrequency.EVERY_EVENT);
|
||||
|
||||
/**
|
||||
* @param policyComponent policy component
|
||||
*/
|
||||
public void setPolicyComponent(PolicyComponent policyComponent)
|
||||
{
|
||||
this.policyComponent = policyComponent;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param nodeService node service
|
||||
*/
|
||||
public void setNodeService(NodeService nodeService)
|
||||
{
|
||||
this.nodeService = nodeService;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param capabilityService capability service
|
||||
*/
|
||||
public void setCapabilityService(CapabilityService capabilityService)
|
||||
{
|
||||
this.capabilityService = capabilityService;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param namespaceService namespace service
|
||||
*/
|
||||
public void setNamespaceService(NamespaceService namespaceService)
|
||||
{
|
||||
this.namespaceService = namespaceService;
|
||||
}
|
||||
|
||||
/**
|
||||
* Init method
|
||||
*/
|
||||
public void init()
|
||||
{
|
||||
// bind model security behaviours to all records management artifacts components
|
||||
policyComponent.bindClassBehaviour(
|
||||
NodeServicePolicies.BeforeAddAspectPolicy.QNAME,
|
||||
this,
|
||||
beforeAddAspectBehaviour);
|
||||
policyComponent.bindClassBehaviour(
|
||||
NodeServicePolicies.BeforeRemoveAspectPolicy.QNAME,
|
||||
this,
|
||||
beforeRemoveAspectBehaviour);
|
||||
policyComponent.bindClassBehaviour(
|
||||
NodeServicePolicies.OnUpdatePropertiesPolicy.QNAME,
|
||||
this,
|
||||
onUpdatePropertiesBehaviour);
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityService#register(org.alfresco.module.org_alfresco_module_rm.model.security.ProtectedModelArtifact)
|
||||
*/
|
||||
@Override
|
||||
public void register(ProtectedModelArtifact artifact)
|
||||
{
|
||||
// TODO validate that the artifact has a valid property and has a capability set ...
|
||||
|
||||
if (artifact instanceof ProtectedProperty)
|
||||
{
|
||||
protectedProperties.put(artifact.getQName(), (ProtectedProperty)artifact);
|
||||
}
|
||||
else if (artifact instanceof ProtectedAspect)
|
||||
{
|
||||
protectedAspects.put(artifact.getQName(), (ProtectedAspect)artifact);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityService#isProtectedProperty(org.alfresco.service.namespace.QName)
|
||||
*/
|
||||
@Override
|
||||
public boolean isProtectedProperty(QName property)
|
||||
{
|
||||
return protectedProperties.containsKey(property);
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityService#getProtectedProperties()
|
||||
*/
|
||||
@Override
|
||||
public Set<QName> getProtectedProperties()
|
||||
{
|
||||
return Collections.unmodifiableSet(protectedProperties.keySet());
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityService#getProtectedProperty(org.alfresco.service.namespace.QName)
|
||||
*/
|
||||
@Override
|
||||
public ProtectedProperty getProtectedProperty(QName name)
|
||||
{
|
||||
return protectedProperties.get(name);
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityService#canEditProtectedProperty(org.alfresco.service.cmr.repository.NodeRef, org.alfresco.service.namespace.QName)
|
||||
*/
|
||||
@Override
|
||||
public boolean canEditProtectedProperty(NodeRef nodeRef, QName property)
|
||||
{
|
||||
boolean result = false;
|
||||
|
||||
ProtectedModelArtifact artifact = getProtectedProperty(property);
|
||||
if (artifact == null)
|
||||
{
|
||||
result = true;
|
||||
}
|
||||
else
|
||||
{
|
||||
result = canEdit(nodeRef, artifact);
|
||||
}
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
/**
|
||||
* Indicates whether the current user can edit protected model artifact in the context
|
||||
* of a given node or not.
|
||||
*
|
||||
* @param nodeRef node reference
|
||||
* @param artifact protected model artifact
|
||||
* @return boolean true if the current user can edit the protected model artifact, false otherwise
|
||||
*/
|
||||
private boolean canEdit(NodeRef nodeRef, ProtectedModelArtifact artifact)
|
||||
{
|
||||
boolean result = false;
|
||||
|
||||
for (Capability capability : artifact.getCapabilities())
|
||||
{
|
||||
AccessStatus accessStatus = capabilityService.getCapabilityAccessState(nodeRef, capability.getName());
|
||||
if (AccessStatus.ALLOWED.equals(accessStatus) == true)
|
||||
{
|
||||
result = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityService#isProtectedAspect(org.alfresco.service.namespace.QName)
|
||||
*/
|
||||
@Override
|
||||
public boolean isProtectedAspect(QName aspect)
|
||||
{
|
||||
return protectedAspects.containsKey(aspect);
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityService#getProtectedAspects()
|
||||
*/
|
||||
@Override
|
||||
public Set<QName> getProtectedAspects()
|
||||
{
|
||||
return Collections.unmodifiableSet(protectedAspects.keySet());
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityService#getProtectedAspect(org.alfresco.service.namespace.QName)
|
||||
*/
|
||||
@Override
|
||||
public ProtectedAspect getProtectedAspect(QName name)
|
||||
{
|
||||
return protectedAspects.get(name);
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityService#canEditProtectedAspect(org.alfresco.service.cmr.repository.NodeRef, org.alfresco.service.namespace.QName)
|
||||
*/
|
||||
@Override
|
||||
public boolean canEditProtectedAspect(NodeRef nodeRef, QName aspect)
|
||||
{
|
||||
boolean result = false;
|
||||
|
||||
ProtectedModelArtifact artifact = getProtectedAspect(aspect);
|
||||
if (artifact == null)
|
||||
{
|
||||
result = true;
|
||||
}
|
||||
else
|
||||
{
|
||||
result = canEdit(nodeRef, artifact);
|
||||
}
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.repo.node.NodeServicePolicies.BeforeAddAspectPolicy#beforeAddAspect(org.alfresco.service.cmr.repository.NodeRef, org.alfresco.service.namespace.QName)
|
||||
*/
|
||||
@Override
|
||||
public void beforeAddAspect(NodeRef nodeRef, QName aspect)
|
||||
{
|
||||
if (AuthenticationUtil.getFullyAuthenticatedUser() != null &&
|
||||
AuthenticationUtil.isRunAsUserTheSystemUser() == false &&
|
||||
isProtectedAspect(aspect) == true &&
|
||||
nodeService.exists(nodeRef) == true &&
|
||||
canEditProtectedAspect(nodeRef, aspect) == false)
|
||||
{
|
||||
// the user can't edit the protected aspect
|
||||
throw new ModelAccessDeniedException(
|
||||
"The user " + AuthenticationUtil.getFullyAuthenticatedUser() +
|
||||
" does not have the permission to add the protected aspect " + aspect.toPrefixString(namespaceService) +
|
||||
" from the node " + nodeRef.toString());
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.repo.node.NodeServicePolicies.BeforeRemoveAspectPolicy#beforeRemoveAspect(org.alfresco.service.cmr.repository.NodeRef, org.alfresco.service.namespace.QName)
|
||||
*/
|
||||
@Override
|
||||
public void beforeRemoveAspect(NodeRef nodeRef, QName aspect)
|
||||
{
|
||||
if (AuthenticationUtil.getFullyAuthenticatedUser() != null &&
|
||||
AuthenticationUtil.isRunAsUserTheSystemUser() == false &&
|
||||
isProtectedAspect(aspect) == true &&
|
||||
nodeService.exists(nodeRef) == true &&
|
||||
canEditProtectedAspect(nodeRef, aspect) == false)
|
||||
{
|
||||
// the user can't edit the protected aspect
|
||||
throw new ModelAccessDeniedException(
|
||||
"The user " + AuthenticationUtil.getFullyAuthenticatedUser() +
|
||||
" does not have the permission to remove the protected aspect " + aspect.toPrefixString(namespaceService) +
|
||||
" from the node " + nodeRef.toString());
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.repo.node.NodeServicePolicies.OnUpdatePropertiesPolicy#onUpdateProperties(org.alfresco.service.cmr.repository.NodeRef, java.util.Map, java.util.Map)
|
||||
*/
|
||||
@Override
|
||||
public void onUpdateProperties(NodeRef nodeRef, Map<QName, Serializable> before, Map<QName, Serializable> after)
|
||||
{
|
||||
if (AuthenticationUtil.getFullyAuthenticatedUser() != null &&
|
||||
AuthenticationUtil.isRunAsUserTheSystemUser() == false &&
|
||||
nodeService.exists(nodeRef) == true)
|
||||
{
|
||||
for (QName property : after.keySet())
|
||||
{
|
||||
if (isProtectedProperty(property) == true)
|
||||
{
|
||||
ProtectedProperty protectedProperty = getProtectedProperty(property);
|
||||
if ((before == null || before.isEmpty() || before.get(property) == null) &&
|
||||
protectedProperty.isAllwaysAllowNew() == true)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
if (EqualsHelper.nullSafeEquals(before.get(property), after.get(property)) == false &&
|
||||
canEditProtectedProperty(nodeRef, property) == false)
|
||||
{
|
||||
// the user can't edit the protected property
|
||||
throw new ModelAccessDeniedException(
|
||||
"The user " + AuthenticationUtil.getFullyAuthenticatedUser() +
|
||||
" does not have the permission to edit the protected property " + property.toPrefixString(namespaceService) +
|
||||
" on the node " + nodeRef.toString());
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,28 @@
|
||||
/*
|
||||
* Copyright (C) 2005-2012 Alfresco Software Limited.
|
||||
*
|
||||
* This file is part of Alfresco
|
||||
*
|
||||
* Alfresco is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Lesser General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* Alfresco is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Lesser General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Lesser General Public License
|
||||
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
package org.alfresco.module.org_alfresco_module_rm.model.security;
|
||||
|
||||
/**
|
||||
* @author Roy Wetherall
|
||||
* @since 2.1
|
||||
*/
|
||||
public class ProtectedAspect extends ProtectedModelArtifact
|
||||
{
|
||||
|
||||
}
|
||||
@@ -0,0 +1,80 @@
|
||||
/*
|
||||
* Copyright (C) 2005-2012 Alfresco Software Limited.
|
||||
*
|
||||
* This file is part of Alfresco
|
||||
*
|
||||
* Alfresco is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Lesser General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* Alfresco is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Lesser General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Lesser General Public License
|
||||
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
package org.alfresco.module.org_alfresco_module_rm.model.security;
|
||||
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.module.org_alfresco_module_rm.capability.Capability;
|
||||
import org.alfresco.service.namespace.NamespaceService;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
|
||||
/**
|
||||
*
|
||||
*
|
||||
* @author Roy Wetherall
|
||||
* @since 2.1
|
||||
*/
|
||||
public abstract class ProtectedModelArtifact
|
||||
{
|
||||
/** Model security service */
|
||||
private ModelSecurityService modelSecurityService;
|
||||
|
||||
/** Namespace service */
|
||||
private NamespaceService namespaceService;
|
||||
|
||||
private QName name;
|
||||
|
||||
private Set<Capability> capabilities;
|
||||
|
||||
public void setNamespaceService(NamespaceService namespaceService)
|
||||
{
|
||||
this.namespaceService = namespaceService;
|
||||
}
|
||||
|
||||
public void setModelSecurityService(ModelSecurityService modelSecurityService)
|
||||
{
|
||||
this.modelSecurityService = modelSecurityService;
|
||||
}
|
||||
|
||||
public void init()
|
||||
{
|
||||
modelSecurityService.register(this);
|
||||
}
|
||||
|
||||
public void setName(String name)
|
||||
{
|
||||
QName qname = QName.createQName(name, namespaceService);
|
||||
this.name = qname;
|
||||
}
|
||||
|
||||
public QName getQName()
|
||||
{
|
||||
return name;
|
||||
}
|
||||
|
||||
public void setCapabilities(Set<Capability> capabilities)
|
||||
{
|
||||
this.capabilities = capabilities;
|
||||
}
|
||||
|
||||
public Set<Capability> getCapabilities()
|
||||
{
|
||||
return capabilities;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,38 @@
|
||||
/*
|
||||
* Copyright (C) 2005-2012 Alfresco Software Limited.
|
||||
*
|
||||
* This file is part of Alfresco
|
||||
*
|
||||
* Alfresco is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Lesser General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* Alfresco is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Lesser General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Lesser General Public License
|
||||
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
package org.alfresco.module.org_alfresco_module_rm.model.security;
|
||||
|
||||
/**
|
||||
* @author Roy Wetherall
|
||||
* @since 2.1
|
||||
*/
|
||||
public class ProtectedProperty extends ProtectedModelArtifact
|
||||
{
|
||||
private boolean allwaysAllowNew = false;
|
||||
|
||||
public void setAllwaysAllowNew(boolean allwaysAllowNew)
|
||||
{
|
||||
this.allwaysAllowNew = allwaysAllowNew;
|
||||
}
|
||||
|
||||
public boolean isAllwaysAllowNew()
|
||||
{
|
||||
return allwaysAllowNew;
|
||||
}
|
||||
}
|
||||
@@ -21,6 +21,7 @@ package org.alfresco.module.org_alfresco_module_rm.security;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.module.org_alfresco_module_rm.capability.Capability;
|
||||
import org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityService;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
|
||||
@@ -31,20 +32,6 @@ import org.alfresco.service.namespace.QName;
|
||||
*/
|
||||
public interface RecordsManagementSecurityService
|
||||
{
|
||||
/**
|
||||
* Get the set of aspect QNames which can not be added direct via the public node service;
|
||||
* they must be managed via the appropriate actions.
|
||||
* @return
|
||||
*/
|
||||
Set<QName> getProtectedAspects();
|
||||
|
||||
/**
|
||||
* Get the set of property QNames which can not be added, updated or removed direct via the public node service;
|
||||
* they must be managed via the appropriate actions.
|
||||
* @return
|
||||
*/
|
||||
Set<QName> getProtectedProperties();
|
||||
|
||||
/**
|
||||
* Creates the initial set of default roles for a root records management node
|
||||
*
|
||||
@@ -152,4 +139,17 @@ public interface RecordsManagementSecurityService
|
||||
* @param permission permission
|
||||
*/
|
||||
void deletePermission(NodeRef nodeRef, String authority, String permission);
|
||||
|
||||
/**
|
||||
* @return {@link Set}<{@link QName}> protected aspect names
|
||||
* @deprecated As of release 2.1, replaced by {@link ModelSecurityService#getProtectedAspects}
|
||||
*/
|
||||
@Deprecated
|
||||
Set<QName> getProtectedAspects();
|
||||
|
||||
/**
|
||||
* @return {@link Set}<{@link QName}> protected properties
|
||||
* @deprecated As of release 2.1, replaced by {@link ModelSecurityService#getProtectedProperties}
|
||||
*/
|
||||
Set<QName> getProtectedProperties();
|
||||
}
|
||||
|
||||
@@ -34,9 +34,9 @@ import org.alfresco.model.ContentModel;
|
||||
import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService;
|
||||
import org.alfresco.module.org_alfresco_module_rm.capability.Capability;
|
||||
import org.alfresco.module.org_alfresco_module_rm.capability.CapabilityService;
|
||||
import org.alfresco.module.org_alfresco_module_rm.capability.RMEntryVoter;
|
||||
import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
|
||||
import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
|
||||
import org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityService;
|
||||
import org.alfresco.repo.node.NodeServicePolicies;
|
||||
import org.alfresco.repo.policy.JavaBehaviour;
|
||||
import org.alfresco.repo.policy.PolicyComponent;
|
||||
@@ -84,12 +84,12 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
|
||||
/** Records management service */
|
||||
private RecordsManagementService recordsManagementService;
|
||||
|
||||
/** Model security service */
|
||||
private ModelSecurityService modelSecurityService;
|
||||
|
||||
/** Node service */
|
||||
private NodeService nodeService;
|
||||
|
||||
/** RM Entry voter */
|
||||
private RMEntryVoter voter;
|
||||
|
||||
/** Records management role zone */
|
||||
public static final String RM_ROLE_ZONE_PREFIX = "rmRoleZone";
|
||||
|
||||
@@ -160,13 +160,11 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the RM voter
|
||||
*
|
||||
* @param voter
|
||||
* @param modelSecurityService model security service
|
||||
*/
|
||||
public void setVoter(RMEntryVoter voter)
|
||||
public void setModelSecurityService(ModelSecurityService modelSecurityService)
|
||||
{
|
||||
this.voter = voter;
|
||||
this.modelSecurityService = modelSecurityService;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -416,22 +414,6 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
|
||||
}, AuthenticationUtil.getSystemUserName());
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getProtectedAspects()
|
||||
*/
|
||||
public Set<QName> getProtectedAspects()
|
||||
{
|
||||
return voter.getProtetcedAscpects();
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getProtectedProperties()
|
||||
*/
|
||||
public Set<QName> getProtectedProperties()
|
||||
{
|
||||
return voter.getProtectedProperties();
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#bootstrapDefaultRoles(org.alfresco.service.cmr.repository.NodeRef)
|
||||
@@ -1016,4 +998,24 @@ public class RecordsManagementSecurityServiceImpl implements RecordsManagementSe
|
||||
}
|
||||
}, AuthenticationUtil.getSystemUserName());
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getProtectedAspects()
|
||||
*/
|
||||
@Deprecated
|
||||
@Override
|
||||
public Set<QName> getProtectedAspects()
|
||||
{
|
||||
return modelSecurityService.getProtectedAspects();
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService#getProtectedProperties()
|
||||
*/
|
||||
@Deprecated
|
||||
@Override
|
||||
public Set<QName> getProtectedProperties()
|
||||
{
|
||||
return modelSecurityService.getProtectedProperties();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -20,10 +20,8 @@ package org.alfresco.module.org_alfresco_module_rm.vital;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.model.ContentModel;
|
||||
import org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase;
|
||||
@@ -77,7 +75,7 @@ public class BroadcastVitalRecordDefinitionAction extends RMActionExecuterAbstra
|
||||
NodeRef nextChild = nextAssoc.getChildRef();
|
||||
|
||||
// If the child is a record, then the VitalRecord aspect needs to be applied or updated
|
||||
if (recordsManagementService.isRecord(nextChild))
|
||||
if (recordService.isRecord(nextChild))
|
||||
{
|
||||
if (parentVri)
|
||||
{
|
||||
@@ -102,7 +100,7 @@ public class BroadcastVitalRecordDefinitionAction extends RMActionExecuterAbstra
|
||||
}
|
||||
|
||||
// Recurse down the containment hierarchy to all containers
|
||||
if (recordsManagementService.isRecord(nextChild) == false)
|
||||
if (recordService.isRecord(nextChild) == false)
|
||||
{
|
||||
this.propagateChangeToChildrenOf(nextChild);
|
||||
}
|
||||
@@ -114,23 +112,4 @@ public class BroadcastVitalRecordDefinitionAction extends RMActionExecuterAbstra
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<QName> getProtectedProperties()
|
||||
{
|
||||
HashSet<QName> qnames = new HashSet<QName>();
|
||||
qnames.add(PROP_REVIEW_PERIOD);
|
||||
qnames.add(PROP_VITAL_RECORD_INDICATOR);
|
||||
qnames.add(PROP_REVIEW_AS_OF);
|
||||
return qnames;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<QName> getProtectedAspects()
|
||||
{
|
||||
HashSet<QName> qnames = new HashSet<QName>();
|
||||
qnames.add(RecordsManagementModel.ASPECT_VITAL_RECORD);
|
||||
return qnames;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -20,16 +20,13 @@ package org.alfresco.module.org_alfresco_module_rm.vital;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.Date;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.module.org_alfresco_module_rm.action.RMActionExecuterAbstractBase;
|
||||
import org.alfresco.service.cmr.action.Action;
|
||||
import org.alfresco.service.cmr.action.ParameterDefinition;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
@@ -53,7 +50,7 @@ public class ReviewedAction extends RMActionExecuterAbstractBase
|
||||
VitalRecordDefinition vrDef = vitalRecordService.getVitalRecordDefinition(actionedUponNodeRef);
|
||||
if (vrDef != null && vrDef.isEnabled() == true)
|
||||
{
|
||||
if (recordsManagementService.isRecord(actionedUponNodeRef) == true)
|
||||
if (recordService.isRecord(actionedUponNodeRef) == true)
|
||||
{
|
||||
reviewRecord(actionedUponNodeRef, vrDef);
|
||||
}
|
||||
@@ -104,14 +101,6 @@ public class ReviewedAction extends RMActionExecuterAbstractBase
|
||||
{
|
||||
// Intentionally empty
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<QName> getProtectedProperties()
|
||||
{
|
||||
HashSet<QName> qnames = new HashSet<QName>();
|
||||
qnames.add(PROP_REVIEW_AS_OF);
|
||||
return qnames;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected boolean isExecutableImpl(NodeRef filePlanComponent, Map<String, Serializable> parameters, boolean throwException)
|
||||
|
||||
@@ -25,6 +25,7 @@ import java.util.Set;
|
||||
import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
|
||||
import org.alfresco.repo.security.permissions.AccessControlEntry;
|
||||
import org.alfresco.repo.security.permissions.AccessControlList;
|
||||
import org.alfresco.repo.security.permissions.PermissionReference;
|
||||
import org.alfresco.service.cmr.security.PermissionService;
|
||||
|
||||
/**
|
||||
|
||||
Reference in New Issue
Block a user