* capability for inplace user no longer defined by dynamic authorities (inheritance was incorrect)
* default roles added to allow capabilities of reader and writer inplace users
* record permission inheritance broken .. was on the todo list for a long time, but needed to be done now to ensure the correct inplace permissions where evaluated at the record level
* unit tests
* TODO ... patches to migrate to 2.1 for new roles and record permission inheritance change
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@49215 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
* record service extended with isPropertyEditable method .. indicates, based on the capabilities of the current user and the nature of the property, whether it can be edited
* the record service monitors record aspect property updates and throws ModelExceptions if a user tries to update a record or non-record property if they don't have the appropriate capability
* form filter updated to protect record properties the current user may not be able to edit
* unit tests
So what does this all mean?
It means we can control the write permissions of individual properties on a record based on capabilities. In this case we slice the capability to edit a record in two .. you can either edit the content properties (ie the normal meta-data) or the record properties .. or both of course!
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@49041 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
* RM-631 (The records management team can create a rule to request information about an undeclared record)
* RM-632 (The records management team can use an UI action and custom UI to start a "request for information" workflow about an undeclared record)
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@48854 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
* moved policy implementations out of RMEntryVoter and into separate classes
* rather than being a hard coded list, policies are now registered via spring allowing others to be easily added
* re-arrange some of the support implementation
* RMEntryVoter is now significantly smaller and most of the logic that was once encapsulated in here is spread over supporting classes and services
* TODO .. need to review policies and determine which are appropraite .. much easier to do now!
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@48815 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
* consolidate the groups capabilities are within (rename and try to simpify)
* 'deprecate' classification related capabilities into the dod specific package .. these capabilities didn't do anything so will be removed until such a time comes when we consider classified records.
* remove legacy unit test .. becomming too difficult to maintain and is covered by newer tests
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@48750 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
* refactor how we extend the rule's UI
* existing rule's UI is left uneffected .. config no longer needs to be overriden .. so custom config will not effect RM
* web scripts overriden to use RM specific action and condition UI config
* actions and conditions not added to general pool of those available from the rules service ... means no filtering is required on the main UI
* module filter used to override component and redirect to the overridden webscripts
* server side support of records management conditions added
* isFiled and isDeclared conditions added
* TODO .. still a couple of lose ends to tie up
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@48659 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
RM-642: A records manager can create a rule with a "Is Declared" condition
RM-641: A records manager can create a rule with a "Is Filled" condition
RM-638: A records admin can choose from a specialised list of RM relevant conditions when defining a records rule
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@48587 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
* add additional user/group management methods to FilePlanRoleService java API
* add file plan retrieval methods to FilePlanService .. including retrieving file plan node reference from RM site id
* deprecate file plan retrieval methods on RecordsManagementService
* add FilePlanService unit tests
* refactor role web service API implementations to allow the file plan (or rm site) to be specified
* GET roles can optionally include information about the assigned users and groups
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@48438 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
* ensure all the record information is removed from a rejected record (seeing issue with ID being reset)
* rejected records are ignored by the create record action
* note: there are still some features we need to add to expand the rejected records use case
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@48064 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
* added some debug to help when trying to diagnose permission deny issues
* system folder created by the rule service was not a file plan component, so permissions where failing when accessing them as a pure RM user
* file plan component added as required
* ManageRules capability needed a filling condition (this may cause the manage rules button to be disabled .. this is another issue and will be addressed shortly .. work around by assigning user filling on file plan for now)
* added extended method security for rule service .. currently defaults to alllow all, but will need to be closed down with ManageRules capability
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@47624 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
* RM actions can be configured to allow parmater level substitution
* Paramater processor component added .. resposibile for processing parameters of an RM action and selecting the correct processor
* Parameter processor framework added .. new processors can be sprung in using the usual pattern
* 'node' processor added .. allows simple property value substitution based on the actioned upon node
* 'date' processor added .. allows simple date value substituation
* 'message' processor added .. allows message bundle value substitution
* an example substitution parameter could be .. "/${message.my-company.name}/invoices/${date.month.short}"
* fileTo action is configured to allow parameter substitution .. with the relative path and auto create features as well it is possible to define a rule that creates records folders based on a simple creation strategy .. for example always file into a record folder for this month
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@47262 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
* provides methods to allow code to be run as the rm admin user and to retrieve the rm admin user name
* all unit tests now run as rm admin user by default
* default bootstrap user name configurable (as well as pwd)
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@46751 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
* this allows code to be 'runAsRMAdmin' .. rather than having to use System (remember 'admin' isn't nessesarily an rm admin)
* will give us the option to run rm rules as rmAdmin (this may be the default case for the time being and later part of the configuration of the rule)
* will also allow us to add RM admin level security to methods (for example can only create a role if you are an rm admin)
* rmAdmin user has global RM admin rights to all file plans (when we go to multi-file plan support)
* rm user bootstrapped via module 'patch' .. this will execute on existing V2.1 db's
* filePlanRoleService unit test (was missing! .. my bad!)
* relates to RM-596 (this rule needs to be executed as the rm admin)
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@46749 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
