Refactor ContentClassificationService#hasClearance so that it calls out to
SecurityClearanceService#isCurrentUserClearedForClassification. Restrict
isCurrentUserClearedForClassification so that it only applies to the current
authenticated user (we don't need to use it for anything else). Also
extract classification level comparison to a new class.
+review RM-58
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@104568 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
Make sure this is executed as a patch and also bootstrapped into a clean
system using the BootstrapImporterModuleComponent.
Also restrict access to the classification levels (via the get API) to
only the levels that the user has clearance to.
+review RM
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@104376 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
Move methods to do with content from the ClassificationService and the
SecurityClearanceService into the ContentClassificationService.
Remove the dependency of SecurityClearanceService on ClassificationService
which will allow us to reverse this dependency in the next commit. This is
needed in order to filter classifications by the current user's clearance.
Nb. This included adding a method in the SecurityClearanceService called
isClearedForClassification, which looks quite similar to a new API Roy
created hasClearance (see ContentClassificationService). In the future we
should look to see if we can consolidate these.
Remove dependency of ClassificationServiceBootstrap on the services, so that
it can be passed into them. This allows us to provide access to the POJO
managers in the services (this is made harder as the POJO managers aren't
Spring beans). In order to initialise these objects, change the POJO
managers to use setters rather than constructor arguments. This allows us
to store a reference to the manager before the data has been loaded.
Move the attribute service keys for classification levels and reasons into
the ClassifiedContentModel.
Expect NO_CLEARANCE to be passed into the ClearanceLevelManager, as
otherwise we have to have logic to exclude it (see initialise in the old
SecurityClearanceService) and then more logic to include it again (see the
old constructor for ClearanceLevelManager).
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@104375 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
* relates to RM-2129 & RM-2130
* added 'getCurrentClassification" method to ClassificationService
* added concept of system classification level "Unclassified" .. it no longer is required to be specified in the JSON bootstrap since this is a well known and alway required basic classification level
* added concept of system security clearance level "No Clearance" .. automatically added and relates to unclassified classificaiton level
* unit tests updated and added
* started to move some of the logic out of unit test base class and into helper library called 'AlfMock'!
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@104229 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
Created a notion of clearance level distinct from (but related to)
classification level. A clearance level references the highest
classification level it has access to. A SecurityClearance now contains a
ClearanceLevel, which in turn contains a ClassificationLevel.
Created a ClearanceLevelManager and initialise it at the same time as the
ClassificationLevelManager.
+review RM
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@103929 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
I have changed the SecurityClearanceService query API so that it accepts a single Java object containing all the configurable options for such a query. Sensible default values are set where possible. The query object follows the Builder pattern so it should be easier to use the defaults in a query and still possible to change those defaults ifnecessary.
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@103471 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
103049: Merged BRANCHES/V2.2 to BRANCHES/V2.3:
103037: Merged BRANCHES/V2.2.1.x to BRANCHES/V2.2:
102241: RM-2072 (Concurrency exceptions and deadlocks on Records Management "File to" rule)
102242: RM-1100 (Uncaught LockAcquisitionException in RM 2.0.4)
102267: RM-2072 (Concurrency exceptions and deadlocks on Records Management "File to" rule)
102269: RM-2072 (Concurrency exceptions and deadlocks on Records Management "File to" rule)
102279: RM-2072 (Concurrency exceptions and deadlocks on Records Management "File to" rule)
102486: RM-2072: Concurrency exceptions and deadlocks on Records Management "File to" rule
102636: RM-2191 ("Create Category" and "Manage Permissions" buttons are enabled for user with read-only permissions)
102675: RM-2190 (Concurrency exception when upload document to several folders with rules configured to file records)
102687: RM-2192 (User has no access to the recorded document after it was filed)
102698: Removed warnings
102699: .ant-targets-build.xml files added to svn:ignore
102700: .ant-targets-build.xml files added to svn:ignore
102701: RM-2190 (Concurrency exception when upload document to several folders with rules configured to file records)
102756: RM-2192 (User has no access to the recorded document after it was filed)
102762: Commented out intermittently failing test
102795: (RECORD ONLY) Deploy RM 2.2.1.1 on Maven Repository
102807: (RECORD ONLY) Changed the artifact version to 2.2.1.2-SNAPSHOT
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@103059 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
103037: Merged BRANCHES/V2.2.1.x to BRANCHES/V2.2:
102241: RM-2072 (Concurrency exceptions and deadlocks on Records Management "File to" rule)
102242: RM-1100 (Uncaught LockAcquisitionException in RM 2.0.4)
102267: RM-2072 (Concurrency exceptions and deadlocks on Records Management "File to" rule)
102269: RM-2072 (Concurrency exceptions and deadlocks on Records Management "File to" rule)
102279: RM-2072 (Concurrency exceptions and deadlocks on Records Management "File to" rule)
102486: RM-2072: Concurrency exceptions and deadlocks on Records Management "File to" rule
102636: RM-2191 ("Create Category" and "Manage Permissions" buttons are enabled for user with read-only permissions)
102675: RM-2190 (Concurrency exception when upload document to several folders with rules configured to file records)
102687: RM-2192 (User has no access to the recorded document after it was filed)
102698: Removed warnings
102699: .ant-targets-build.xml files added to svn:ignore
102700: .ant-targets-build.xml files added to svn:ignore
102701: RM-2190 (Concurrency exception when upload document to several folders with rules configured to file records)
102756: RM-2192 (User has no access to the recorded document after it was filed)
102762: Commented out intermittently failing test
102795: (RECORD ONLY) Deploy RM 2.2.1.1 on Maven Repository
102807: (RECORD ONLY) Changed the artifact version to 2.2.1.2-SNAPSHOT
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/BRANCHES/V2.3@103049 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
Added a securityClearance aspect to the classifiedContentModel.
This can be applied to a user’s person node to give them clearance.
TODO. Not clear how/if we can use this for groups of users.
Added a SecurityClearanceService which gets users’ security clearances.
Added a getDefaultClassificationLevel method to the ClassificationService.
TODO This needs to be reviewed.
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@103042 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
102241: RM-2072 (Concurrency exceptions and deadlocks on Records Management "File to" rule)
102242: RM-1100 (Uncaught LockAcquisitionException in RM 2.0.4)
102267: RM-2072 (Concurrency exceptions and deadlocks on Records Management "File to" rule)
102269: RM-2072 (Concurrency exceptions and deadlocks on Records Management "File to" rule)
102279: RM-2072 (Concurrency exceptions and deadlocks on Records Management "File to" rule)
102486: RM-2072: Concurrency exceptions and deadlocks on Records Management "File to" rule
102636: RM-2191 ("Create Category" and "Manage Permissions" buttons are enabled for user with read-only permissions)
102675: RM-2190 (Concurrency exception when upload document to several folders with rules configured to file records)
102687: RM-2192 (User has no access to the recorded document after it was filed)
102698: Removed warnings
102699: .ant-targets-build.xml files added to svn:ignore
102700: .ant-targets-build.xml files added to svn:ignore
102701: RM-2190 (Concurrency exception when upload document to several folders with rules configured to file records)
102756: RM-2192 (User has no access to the recorded document after it was filed)
102762: Commented out intermittently failing test
102795: (RECORD ONLY) Deploy RM 2.2.1.1 on Maven Repository
102807: (RECORD ONLY) Changed the artifact version to 2.2.1.2-SNAPSHOT
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/BRANCHES/V2.2@103037 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
