Examples with Role org.alfresco.module.org_alfresco_module_rm.role.Role used on opensource projects

Search in sources :

Example 11 with Role

use of org.alfresco.module.org_alfresco_module_rm.role.Role in project records-management by Alfresco.

the class RoleDeclarativeWebScript method createRoleItems.

/**
 * Create role items
 *
 * @param filePlan
 * @param roles
 * @param showAuths
 * @return
 */
protected Set<RoleItem> createRoleItems(NodeRef filePlan, Set<Role> roles, boolean showAuths) {
    Set<RoleItem> items = new HashSet<RoleItem>(roles.size());
    for (Role role : roles) {
        RoleItem item = null;
        if (showAuths) {
            item = new RoleItem(role, createAuthorityItems(filePlanRoleService.getUsersAssignedToRole(filePlan, role.getName())), createAuthorityItems(filePlanRoleService.getGroupsAssignedToRole(filePlan, role.getName())));
        } else {
            item = new RoleItem(role);
        }
        items.add(item);
    }
    return items;
}
Also used : Role(org.alfresco.module.org_alfresco_module_rm.role.Role) HashSet(java.util.HashSet)

Example 12 with Role

use of org.alfresco.module.org_alfresco_module_rm.role.Role in project records-management by Alfresco.

the class AuthenticatedUserRolesDataExtractor method extractData.

/**
 * @see org.alfresco.repo.audit.extractor.DataExtractor#extractData(java.io.Serializable)
 */
public Serializable extractData(Serializable value) {
    NodeRef nodeRef = (NodeRef) value;
    String user = AuthenticationUtil.getFullyAuthenticatedUser();
    if (user == null) {
        // No-one is authenticated
        return null;
    }
    StringBuilder sb = new StringBuilder(100);
    // Get the rm root
    NodeRef rmRootNodeRef = filePlanService.getFilePlan(nodeRef);
    if (rmRootNodeRef != null) {
        Set<Role> roles = filePlanRoleService.getRolesByUser(rmRootNodeRef, user);
        for (Role role : roles) {
            if (sb.length() > 0) {
                sb.append(", ");
            }
            sb.append(role.getDisplayLabel());
        }
    }
    // Done
    return sb.toString();
}
Also used : Role(org.alfresco.module.org_alfresco_module_rm.role.Role) NodeRef(org.alfresco.service.cmr.repository.NodeRef)

Example 13 with Role

use of org.alfresco.module.org_alfresco_module_rm.role.Role in project records-management by Alfresco.

the class RecordServiceImpl method isPropertyEditable.

/**
 * @see org.alfresco.module.org_alfresco_module_rm.record.RecordService#isPropertyEditable(org.alfresco.service.cmr.repository.NodeRef, org.alfresco.service.namespace.QName)
 */
@Override
public boolean isPropertyEditable(NodeRef record, QName property) {
    ParameterCheck.mandatory("record", record);
    ParameterCheck.mandatory("property", property);
    if (!isRecord(record)) {
        throw new AlfrescoRuntimeException("Cannot check if the property " + property.toString() + " is editable, because node reference is not a record.");
    }
    NodeRef filePlan = getFilePlan(record);
    // DEBUG ...
    boolean debugEnabled = LOGGER.isDebugEnabled();
    if (debugEnabled) {
        LOGGER.debug("Checking whether property " + property.toString() + " is editable for user " + AuthenticationUtil.getRunAsUser());
        Set<Role> roles = filePlanRoleService.getRolesByUser(filePlan, AuthenticationUtil.getRunAsUser());
        LOGGER.debug(" ... users roles");
        for (Role role : roles) {
            LOGGER.debug("     ... user has role " + role.getName() + " with capabilities ");
            for (Capability cap : role.getCapabilities()) {
                LOGGER.debug("         ... " + cap.getName());
            }
        }
        LOGGER.debug(" ... user has the following set permissions on the file plan");
        Set<AccessPermission> perms = permissionService.getAllSetPermissions(filePlan);
        for (AccessPermission perm : perms) {
            if ((perm.getPermission().contains(RMPermissionModel.EDIT_NON_RECORD_METADATA) || perm.getPermission().contains(RMPermissionModel.EDIT_RECORD_METADATA))) {
                LOGGER.debug("     ... " + perm.getAuthority() + " - " + perm.getPermission() + " - " + perm.getAccessStatus().toString());
            }
        }
        if (permissionService.hasPermission(filePlan, RMPermissionModel.EDIT_NON_RECORD_METADATA).equals(AccessStatus.ALLOWED)) {
            LOGGER.debug(" ... user has the edit non record metadata permission on the file plan");
        }
    }
    // END DEBUG ...
    boolean result = alwaysEditProperty(property);
    if (result) {
        LOGGER.debug(" ... property marked as always editable.");
    } else {
        boolean allowRecordEdit = false;
        boolean allowNonRecordEdit = false;
        AccessStatus accessNonRecord = capabilityService.getCapabilityAccessState(record, RMPermissionModel.EDIT_NON_RECORD_METADATA);
        AccessStatus accessDeclaredRecord = capabilityService.getCapabilityAccessState(record, RMPermissionModel.EDIT_DECLARED_RECORD_METADATA);
        AccessStatus accessRecord = capabilityService.getCapabilityAccessState(record, RMPermissionModel.EDIT_RECORD_METADATA);
        if (AccessStatus.ALLOWED.equals(accessNonRecord)) {
            LOGGER.debug(" ... user has edit nonrecord metadata capability");
            allowNonRecordEdit = true;
        }
        if (AccessStatus.ALLOWED.equals(accessRecord) || AccessStatus.ALLOWED.equals(accessDeclaredRecord)) {
            LOGGER.debug(" ... user has edit record or declared metadata capability");
            allowRecordEdit = true;
        }
        if (allowNonRecordEdit && allowRecordEdit) {
            LOGGER.debug(" ... so all properties can be edited.");
            result = true;
        } else if (allowNonRecordEdit && !allowRecordEdit) {
            // can only edit non record properties
            if (!isRecordMetadata(filePlan, property)) {
                LOGGER.debug(" ... property is not considered record metadata so editable.");
                result = true;
            } else {
                LOGGER.debug(" ... property is considered record metadata so not editable.");
            }
        } else if (!allowNonRecordEdit && allowRecordEdit) {
            // can only edit record properties
            if (isRecordMetadata(filePlan, property)) {
                LOGGER.debug(" ... property is considered record metadata so editable.");
                result = true;
            } else {
                LOGGER.debug(" ... property is not considered record metadata so not editable.");
            }
        }
    // otherwise we can't edit any properties so just return the empty set
    }
    return result;
}
Also used : Role(org.alfresco.module.org_alfresco_module_rm.role.Role) NodeRef(org.alfresco.service.cmr.repository.NodeRef) Capability(org.alfresco.module.org_alfresco_module_rm.capability.Capability) AccessPermission(org.alfresco.service.cmr.security.AccessPermission) AlfrescoRuntimeException(org.alfresco.error.AlfrescoRuntimeException) AccessStatus(org.alfresco.service.cmr.security.AccessStatus)

Example 14 with Role

use of org.alfresco.module.org_alfresco_module_rm.role.Role in project records-management by Alfresco.

the class RMv2FilePlanNodeRefPatch method executePatch.

/**
 * @see org.alfresco.repo.module.AbstractModuleComponent#executeInternal()
 */
@Override
protected void executePatch() {
    Pair<Long, QName> aspectPair = qnameDAO.getQName(RecordsManagementModel.ASPECT_FILE_PLAN_COMPONENT);
    if (aspectPair != null) {
        List<Long> filePlanComponents = patchDAO.getNodesByAspectQNameId(aspectPair.getFirst(), 0L, patchDAO.getMaxAdmNodeID());
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("   ... updating " + filePlanComponents.size() + " items");
        }
        for (Long filePlanComponent : filePlanComponents) {
            Pair<Long, NodeRef> recordPair = nodeDAO.getNodePair(filePlanComponent);
            NodeRef filePlanComponentNodeRef = recordPair.getSecond();
            NodeRef filePlan = filePlanService.getFilePlan(filePlanComponentNodeRef);
            if (filePlan != null) {
                // set the file plan node reference
                if (nodeService.getProperty(filePlanComponentNodeRef, PROP_ROOT_NODEREF) == null) {
                    nodeService.setProperty(filePlanComponentNodeRef, PROP_ROOT_NODEREF, filePlan);
                }
                // only set the admin permissions on record categories, record folders and records
                FilePlanComponentKind kind = filePlanService.getFilePlanComponentKind(filePlanComponentNodeRef);
                if (FilePlanComponentKind.RECORD_CATEGORY.equals(kind) || FilePlanComponentKind.RECORD_FOLDER.equals(kind) || FilePlanComponentKind.RECORD.equals(kind)) {
                    // ensure the that the records management role has read and file on the node
                    Role adminRole = filePlanRoleService.getRole(filePlan, "Administrator");
                    if (adminRole != null) {
                        permissionService.setPermission(filePlanComponentNodeRef, adminRole.getRoleGroupName(), RMPermissionModel.FILING, true);
                    }
                    // ensure that the default vital record default values have been set (RM-753)
                    Serializable vitalRecordIndicator = nodeService.getProperty(filePlanComponentNodeRef, PROP_VITAL_RECORD_INDICATOR);
                    if (vitalRecordIndicator == null) {
                        nodeService.setProperty(filePlanComponentNodeRef, PROP_VITAL_RECORD_INDICATOR, false);
                    }
                    Serializable reviewPeriod = nodeService.getProperty(filePlanComponentNodeRef, PROP_REVIEW_PERIOD);
                    if (reviewPeriod == null) {
                        nodeService.setProperty(filePlanComponentNodeRef, PROP_REVIEW_PERIOD, new Period("none|0"));
                    }
                }
            } else {
                if (LOGGER.isWarnEnabled()) {
                    LOGGER.warn("   ... node " + filePlanComponent.toString() + " was skiped, beacuse there was no associated file plan.");
                }
            }
        }
    }
}
Also used : Role(org.alfresco.module.org_alfresco_module_rm.role.Role) NodeRef(org.alfresco.service.cmr.repository.NodeRef) Serializable(java.io.Serializable) QName(org.alfresco.service.namespace.QName) Period(org.alfresco.service.cmr.repository.Period) FilePlanComponentKind(org.alfresco.module.org_alfresco_module_rm.fileplan.FilePlanComponentKind)

Example 15 with Role

use of org.alfresco.module.org_alfresco_module_rm.role.Role in project records-management by Alfresco.

the class RMv21RolesPatch method executePatch.

/**
 * @see org.alfresco.module.org_alfresco_module_rm.patch.compatibility.ModulePatchComponent#executePatch()
 */
@Override
protected void executePatch() {
    Set<NodeRef> filePlans = filePlanService.getFilePlans();
    if (LOGGER.isDebugEnabled()) {
        LOGGER.debug(" ... updating " + filePlans.size() + " file plans");
    }
    for (NodeRef filePlan : filePlans) {
        boolean parentAddedToZone = false;
        Set<Role> roles = filePlanRoleService.getRoles(filePlan);
        for (Role role : roles) {
            String roleGroupName = role.getRoleGroupName();
            if (!authorityService.getAuthorityZones(roleGroupName).contains(RMAuthority.ZONE_APP_RM)) {
                if (LOGGER.isDebugEnabled()) {
                    LOGGER.debug(" ... updating " + roleGroupName + " in file plan " + filePlan.toString());
                }
                addAuthorityToZone(roleGroupName);
                if (!parentAddedToZone) {
                    String allRolesGroupName = filePlanRoleService.getAllRolesContainerGroup(filePlan);
                    addAuthorityToZone(allRolesGroupName);
                    parentAddedToZone = true;
                }
            }
        }
    }
}
Also used : Role(org.alfresco.module.org_alfresco_module_rm.role.Role) NodeRef(org.alfresco.service.cmr.repository.NodeRef)

Aggregations

Role (org.alfresco.module.org_alfresco_module_rm.role.Role)15 NodeRef (org.alfresco.service.cmr.repository.NodeRef)10 HashMap (java.util.HashMap)4 HashSet (java.util.HashSet)4 Capability (org.alfresco.module.org_alfresco_module_rm.capability.Capability)4 WebScriptException (org.springframework.extensions.webscripts.WebScriptException)3 IOException (java.io.IOException)2 JSONArray (org.json.JSONArray)2 JSONException (org.json.JSONException)2 JSONObject (org.json.JSONObject)2 JSONTokener (org.json.JSONTokener)2 Serializable (java.io.Serializable)1 AlfrescoRuntimeException (org.alfresco.error.AlfrescoRuntimeException)1 DispositionSchedule (org.alfresco.module.org_alfresco_module_rm.disposition.DispositionSchedule)1 FilePlanComponentKind (org.alfresco.module.org_alfresco_module_rm.fileplan.FilePlanComponentKind)1 AuthenticationUtil (org.alfresco.repo.security.authentication.AuthenticationUtil)1 Period (org.alfresco.service.cmr.repository.Period)1 ResultSet (org.alfresco.service.cmr.search.ResultSet)1 AccessPermission (org.alfresco.service.cmr.security.AccessPermission)1 AccessStatus (org.alfresco.service.cmr.security.AccessStatus)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial