mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-08-07 17:49:17 +00:00
RM Capabilities: More tests and fixes (22 to go). Added RM access to the ownable service. RM roo.es can be assigned in the UI (with no localisation for the role names)
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@15942 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Andrew Hind
@@ -110,6 +110,14 @@ public interface ModelDAO
|
||||
*/
|
||||
public Set<PermissionReference> getGranteePermissions(PermissionReference permissionReference);
|
||||
|
||||
/**
|
||||
* Get the permissions which are granted by the supplied permission.
|
||||
*
|
||||
* @param permissionReference
|
||||
* @return
|
||||
*/
|
||||
public Set<PermissionReference> getImmediateGranteePermissions(PermissionReference permissionReference);
|
||||
|
||||
/**
|
||||
* Is this permission refernece to a permission and not a permissoinSet?
|
||||
*
|
||||
|
||||
@@ -132,7 +132,6 @@ public class PermissionModel implements ModelDAO, InitializingBean
|
||||
|
||||
/**
|
||||
* Default constructor
|
||||
*
|
||||
*/
|
||||
public PermissionModel()
|
||||
{
|
||||
@@ -143,6 +142,7 @@ public class PermissionModel implements ModelDAO, InitializingBean
|
||||
|
||||
/**
|
||||
* Set the model
|
||||
*
|
||||
* @param model
|
||||
*/
|
||||
public void setModel(String model)
|
||||
@@ -152,6 +152,7 @@ public class PermissionModel implements ModelDAO, InitializingBean
|
||||
|
||||
/**
|
||||
* Set the dictionary service
|
||||
*
|
||||
* @param dictionaryService
|
||||
*/
|
||||
public void setDictionaryService(DictionaryService dictionaryService)
|
||||
@@ -161,6 +162,7 @@ public class PermissionModel implements ModelDAO, InitializingBean
|
||||
|
||||
/**
|
||||
* Set the node service
|
||||
*
|
||||
* @param nodeService
|
||||
*/
|
||||
public void setNodeService(NodeService nodeService)
|
||||
@@ -284,6 +286,7 @@ public class PermissionModel implements ModelDAO, InitializingBean
|
||||
|
||||
/**
|
||||
* Set the default access status
|
||||
*
|
||||
* @return the default access status
|
||||
*/
|
||||
public AccessStatus getDefaultPermission()
|
||||
@@ -293,6 +296,7 @@ public class PermissionModel implements ModelDAO, InitializingBean
|
||||
|
||||
/**
|
||||
* Get the default acces status for the givne permission
|
||||
*
|
||||
* @param pr
|
||||
* @return the access status
|
||||
*/
|
||||
@@ -316,7 +320,8 @@ public class PermissionModel implements ModelDAO, InitializingBean
|
||||
|
||||
/**
|
||||
* Get the permission sets by type
|
||||
* @return the permission sets by type
|
||||
*
|
||||
* @return the permission sets by type
|
||||
*/
|
||||
public Map<QName, PermissionSet> getPermissionSets()
|
||||
{
|
||||
@@ -606,6 +611,21 @@ public class PermissionModel implements ModelDAO, InitializingBean
|
||||
return grantees;
|
||||
}
|
||||
|
||||
public synchronized Set<PermissionReference> getImmediateGranteePermissions(PermissionReference permissionReference)
|
||||
{
|
||||
// Cache the results
|
||||
|
||||
Set<PermissionReference> internal = getImmediateGranteePermissionsImpl(permissionReference);
|
||||
Set<PermissionReference> grantees = new HashSet<PermissionReference>();
|
||||
for (PermissionReference grantee : internal)
|
||||
{
|
||||
grantees.add(SimplePermissionReference.getPermissionReference(grantee.getQName(), grantee.getName()));
|
||||
}
|
||||
grantees = Collections.unmodifiableSet(grantees);
|
||||
|
||||
return grantees;
|
||||
}
|
||||
|
||||
private Set<PermissionReference> getGranteePermissionsImpl(PermissionReference permissionReference)
|
||||
{
|
||||
// Query the model
|
||||
@@ -670,6 +690,69 @@ public class PermissionModel implements ModelDAO, InitializingBean
|
||||
return permissions;
|
||||
}
|
||||
|
||||
private Set<PermissionReference> getImmediateGranteePermissionsImpl(PermissionReference permissionReference)
|
||||
{
|
||||
// Query the model
|
||||
HashSet<PermissionReference> permissions = new HashSet<PermissionReference>(256, 1.0f);
|
||||
for (PermissionSet ps : permissionSets.values())
|
||||
{
|
||||
for (PermissionGroup pg : ps.getPermissionGroups())
|
||||
{
|
||||
if (pg.equals(permissionReference))
|
||||
{
|
||||
for (PermissionReference included : pg.getIncludedPermissionGroups())
|
||||
{
|
||||
permissions.add(included);
|
||||
}
|
||||
|
||||
if (pg.isExtends())
|
||||
{
|
||||
if (pg.getTypeQName() != null)
|
||||
{
|
||||
permissions.addAll(getImmediateGranteePermissions(SimplePermissionReference.getPermissionReference(pg.getTypeQName(), pg.getName())));
|
||||
}
|
||||
else
|
||||
{
|
||||
ClassDefinition classDefinition = dictionaryService.getClass(pg.getQName());
|
||||
QName parent = classDefinition.getParentName();
|
||||
if (parent != null)
|
||||
{
|
||||
classDefinition = dictionaryService.getClass(parent);
|
||||
PermissionGroup attempt = getPermissionGroupOrNull(SimplePermissionReference.getPermissionReference(parent, pg.getName()));
|
||||
if (attempt != null)
|
||||
{
|
||||
permissions.addAll(getImmediateGranteePermissions(attempt));
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (pg.isAllowFullControl())
|
||||
{
|
||||
// add all available
|
||||
permissions.addAll(getAllPermissions());
|
||||
}
|
||||
}
|
||||
}
|
||||
PermissionGroup baseGroup = getBasePermissionGroupOrNull(getPermissionGroupOrNull(permissionReference));
|
||||
if (baseGroup != null)
|
||||
{
|
||||
for (Permission p : ps.getPermissions())
|
||||
{
|
||||
for (PermissionReference grantedTo : p.getGrantedToGroups())
|
||||
{
|
||||
PermissionGroup base = getBasePermissionGroupOrNull(getPermissionGroupOrNull(grantedTo));
|
||||
if (baseGroup.equals(base))
|
||||
{
|
||||
permissions.add(p);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
return permissions;
|
||||
}
|
||||
|
||||
private Set<PermissionReference> getAllPermissions()
|
||||
{
|
||||
HashSet<PermissionReference> permissions = new HashSet<PermissionReference>(256, 1.0f);
|
||||
@@ -789,8 +872,8 @@ public class PermissionModel implements ModelDAO, InitializingBean
|
||||
|
||||
/**
|
||||
* Cache key
|
||||
* @author andyh
|
||||
*
|
||||
* @author andyh
|
||||
*/
|
||||
public static class RequiredKey
|
||||
{
|
||||
@@ -826,13 +909,13 @@ public class PermissionModel implements ModelDAO, InitializingBean
|
||||
if (byPermRef != null)
|
||||
{
|
||||
HashMap<Set<QName>, EnumMap<RequiredPermission.On, RequiredKey>> byType = byPermRef.get(qName);
|
||||
if(byType != null)
|
||||
if (byType != null)
|
||||
{
|
||||
EnumMap<RequiredPermission.On, RequiredKey> byAspects = byType.get(aspectQNames);
|
||||
if(byAspects != null)
|
||||
if (byAspects != null)
|
||||
{
|
||||
RequiredKey instance = byAspects.get(on);
|
||||
if(instance != null)
|
||||
if (instance != null)
|
||||
{
|
||||
return instance;
|
||||
}
|
||||
@@ -855,19 +938,19 @@ public class PermissionModel implements ModelDAO, InitializingBean
|
||||
instances.put(required, byPermRef);
|
||||
}
|
||||
HashMap<Set<QName>, EnumMap<RequiredPermission.On, RequiredKey>> byType = byPermRef.get(qName);
|
||||
if(byType == null)
|
||||
if (byType == null)
|
||||
{
|
||||
byType = new HashMap<Set<QName>, EnumMap<RequiredPermission.On, RequiredKey>>();
|
||||
byPermRef.put(qName, byType);
|
||||
}
|
||||
EnumMap<RequiredPermission.On, RequiredKey> byAspects = byType.get(aspectQNames);
|
||||
if(byAspects == null)
|
||||
if (byAspects == null)
|
||||
{
|
||||
byAspects = new EnumMap<RequiredPermission.On, RequiredKey>(RequiredPermission.On.class);
|
||||
byAspects = new EnumMap<RequiredPermission.On, RequiredKey>(RequiredPermission.On.class);
|
||||
byType.put(aspectQNames, byAspects);
|
||||
}
|
||||
RequiredKey instance = byAspects.get(on);
|
||||
if(instance == null)
|
||||
if (instance == null)
|
||||
{
|
||||
instance = new RequiredKey(required, qName, aspectQNames, on);
|
||||
byAspects.put(on, instance);
|
||||
|
||||
Reference in New Issue
Block a user