mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-08-07 17:49:17 +00:00
RM Capabilities: More tests and fixes (22 to go). Added RM access to the ownable service. RM roo.es can be assigned in the UI (with no localisation for the role names)
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@15942 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Andrew Hind
@@ -110,6 +110,14 @@ public interface ModelDAO
|
|||||||
*/
|
*/
|
||||||
public Set<PermissionReference> getGranteePermissions(PermissionReference permissionReference);
|
public Set<PermissionReference> getGranteePermissions(PermissionReference permissionReference);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the permissions which are granted by the supplied permission.
|
||||||
|
*
|
||||||
|
* @param permissionReference
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
public Set<PermissionReference> getImmediateGranteePermissions(PermissionReference permissionReference);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Is this permission refernece to a permission and not a permissoinSet?
|
* Is this permission refernece to a permission and not a permissoinSet?
|
||||||
*
|
*
|
||||||
|
|||||||
@@ -132,7 +132,6 @@ public class PermissionModel implements ModelDAO, InitializingBean
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Default constructor
|
* Default constructor
|
||||||
*
|
|
||||||
*/
|
*/
|
||||||
public PermissionModel()
|
public PermissionModel()
|
||||||
{
|
{
|
||||||
@@ -143,6 +142,7 @@ public class PermissionModel implements ModelDAO, InitializingBean
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Set the model
|
* Set the model
|
||||||
|
*
|
||||||
* @param model
|
* @param model
|
||||||
*/
|
*/
|
||||||
public void setModel(String model)
|
public void setModel(String model)
|
||||||
@@ -152,6 +152,7 @@ public class PermissionModel implements ModelDAO, InitializingBean
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Set the dictionary service
|
* Set the dictionary service
|
||||||
|
*
|
||||||
* @param dictionaryService
|
* @param dictionaryService
|
||||||
*/
|
*/
|
||||||
public void setDictionaryService(DictionaryService dictionaryService)
|
public void setDictionaryService(DictionaryService dictionaryService)
|
||||||
@@ -161,6 +162,7 @@ public class PermissionModel implements ModelDAO, InitializingBean
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Set the node service
|
* Set the node service
|
||||||
|
*
|
||||||
* @param nodeService
|
* @param nodeService
|
||||||
*/
|
*/
|
||||||
public void setNodeService(NodeService nodeService)
|
public void setNodeService(NodeService nodeService)
|
||||||
@@ -284,6 +286,7 @@ public class PermissionModel implements ModelDAO, InitializingBean
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Set the default access status
|
* Set the default access status
|
||||||
|
*
|
||||||
* @return the default access status
|
* @return the default access status
|
||||||
*/
|
*/
|
||||||
public AccessStatus getDefaultPermission()
|
public AccessStatus getDefaultPermission()
|
||||||
@@ -293,6 +296,7 @@ public class PermissionModel implements ModelDAO, InitializingBean
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the default acces status for the givne permission
|
* Get the default acces status for the givne permission
|
||||||
|
*
|
||||||
* @param pr
|
* @param pr
|
||||||
* @return the access status
|
* @return the access status
|
||||||
*/
|
*/
|
||||||
@@ -316,6 +320,7 @@ public class PermissionModel implements ModelDAO, InitializingBean
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Get the permission sets by type
|
* Get the permission sets by type
|
||||||
|
*
|
||||||
* @return the permission sets by type
|
* @return the permission sets by type
|
||||||
*/
|
*/
|
||||||
public Map<QName, PermissionSet> getPermissionSets()
|
public Map<QName, PermissionSet> getPermissionSets()
|
||||||
@@ -606,6 +611,21 @@ public class PermissionModel implements ModelDAO, InitializingBean
|
|||||||
return grantees;
|
return grantees;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public synchronized Set<PermissionReference> getImmediateGranteePermissions(PermissionReference permissionReference)
|
||||||
|
{
|
||||||
|
// Cache the results
|
||||||
|
|
||||||
|
Set<PermissionReference> internal = getImmediateGranteePermissionsImpl(permissionReference);
|
||||||
|
Set<PermissionReference> grantees = new HashSet<PermissionReference>();
|
||||||
|
for (PermissionReference grantee : internal)
|
||||||
|
{
|
||||||
|
grantees.add(SimplePermissionReference.getPermissionReference(grantee.getQName(), grantee.getName()));
|
||||||
|
}
|
||||||
|
grantees = Collections.unmodifiableSet(grantees);
|
||||||
|
|
||||||
|
return grantees;
|
||||||
|
}
|
||||||
|
|
||||||
private Set<PermissionReference> getGranteePermissionsImpl(PermissionReference permissionReference)
|
private Set<PermissionReference> getGranteePermissionsImpl(PermissionReference permissionReference)
|
||||||
{
|
{
|
||||||
// Query the model
|
// Query the model
|
||||||
@@ -670,6 +690,69 @@ public class PermissionModel implements ModelDAO, InitializingBean
|
|||||||
return permissions;
|
return permissions;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private Set<PermissionReference> getImmediateGranteePermissionsImpl(PermissionReference permissionReference)
|
||||||
|
{
|
||||||
|
// Query the model
|
||||||
|
HashSet<PermissionReference> permissions = new HashSet<PermissionReference>(256, 1.0f);
|
||||||
|
for (PermissionSet ps : permissionSets.values())
|
||||||
|
{
|
||||||
|
for (PermissionGroup pg : ps.getPermissionGroups())
|
||||||
|
{
|
||||||
|
if (pg.equals(permissionReference))
|
||||||
|
{
|
||||||
|
for (PermissionReference included : pg.getIncludedPermissionGroups())
|
||||||
|
{
|
||||||
|
permissions.add(included);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (pg.isExtends())
|
||||||
|
{
|
||||||
|
if (pg.getTypeQName() != null)
|
||||||
|
{
|
||||||
|
permissions.addAll(getImmediateGranteePermissions(SimplePermissionReference.getPermissionReference(pg.getTypeQName(), pg.getName())));
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
ClassDefinition classDefinition = dictionaryService.getClass(pg.getQName());
|
||||||
|
QName parent = classDefinition.getParentName();
|
||||||
|
if (parent != null)
|
||||||
|
{
|
||||||
|
classDefinition = dictionaryService.getClass(parent);
|
||||||
|
PermissionGroup attempt = getPermissionGroupOrNull(SimplePermissionReference.getPermissionReference(parent, pg.getName()));
|
||||||
|
if (attempt != null)
|
||||||
|
{
|
||||||
|
permissions.addAll(getImmediateGranteePermissions(attempt));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (pg.isAllowFullControl())
|
||||||
|
{
|
||||||
|
// add all available
|
||||||
|
permissions.addAll(getAllPermissions());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
PermissionGroup baseGroup = getBasePermissionGroupOrNull(getPermissionGroupOrNull(permissionReference));
|
||||||
|
if (baseGroup != null)
|
||||||
|
{
|
||||||
|
for (Permission p : ps.getPermissions())
|
||||||
|
{
|
||||||
|
for (PermissionReference grantedTo : p.getGrantedToGroups())
|
||||||
|
{
|
||||||
|
PermissionGroup base = getBasePermissionGroupOrNull(getPermissionGroupOrNull(grantedTo));
|
||||||
|
if (baseGroup.equals(base))
|
||||||
|
{
|
||||||
|
permissions.add(p);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return permissions;
|
||||||
|
}
|
||||||
|
|
||||||
private Set<PermissionReference> getAllPermissions()
|
private Set<PermissionReference> getAllPermissions()
|
||||||
{
|
{
|
||||||
HashSet<PermissionReference> permissions = new HashSet<PermissionReference>(256, 1.0f);
|
HashSet<PermissionReference> permissions = new HashSet<PermissionReference>(256, 1.0f);
|
||||||
@@ -789,8 +872,8 @@ public class PermissionModel implements ModelDAO, InitializingBean
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Cache key
|
* Cache key
|
||||||
* @author andyh
|
|
||||||
*
|
*
|
||||||
|
* @author andyh
|
||||||
*/
|
*/
|
||||||
public static class RequiredKey
|
public static class RequiredKey
|
||||||
{
|
{
|
||||||
|
|||||||
Reference in New Issue
Block a user