use of org.alfresco.service.cmr.dictionary.ConstraintDefinition in project records-management by Alfresco.
the class RMCaveatConfigComponentImpl method hasAccess.
/**
* Check whether access to 'record component' node is vetoed for current user due to caveat(s)
*
* @param nodeRef
* @return false, if caveat(s) veto access otherwise return true
*/
@SuppressWarnings("unchecked")
public boolean hasAccess(NodeRef nodeRef) {
try {
if ((!nodeService.exists(nodeRef)) || (caveatAspectQNames.size() == 0)) {
return true;
}
boolean found = false;
for (QName caveatAspectQName : caveatAspectQNames) {
if (nodeService.hasAspect(nodeRef, caveatAspectQName)) {
found = true;
break;
}
}
if (!found) {
// no caveat aspect
return true;
} else {
// check for caveats
String userName = AuthenticationUtil.getRunAsUser();
if (userName != null) {
// check all text properties
Map<QName, Serializable> props = nodeService.getProperties(nodeRef);
for (Map.Entry<QName, Serializable> entry : props.entrySet()) {
QName propName = entry.getKey();
PropertyDefinition propDef = dictionaryService.getProperty(propName);
if ((propDef != null) && (propDef.getDataType().getName().equals(DATATYPE_TEXT))) {
List<ConstraintDefinition> conDefs = propDef.getConstraints();
for (ConstraintDefinition conDef : conDefs) {
Constraint con = conDef.getConstraint();
if (con instanceof RMListOfValuesConstraint) {
RMListOfValuesConstraint rmCon = ((RMListOfValuesConstraint) con);
String conName = rmCon.getShortName();
MatchLogic matchLogic = rmCon.getMatchLogicEnum();
Map<String, List<String>> caveatConstraintDef = caveatConfig.get(conName);
if (caveatConstraintDef == null) {
continue;
} else {
Set<String> userGroupNames = authorityService.getAuthoritiesForUser(userName);
List<String> allowedValues = getRMAllowedValues(userName, userGroupNames, conName);
List<String> propValues = null;
Object val = entry.getValue();
if (val instanceof String) {
propValues = new ArrayList<String>(1);
propValues.add((String) val);
} else if (val instanceof List) {
propValues = (List<String>) val;
}
if (propValues != null && !isAllowed(propValues, allowedValues, matchLogic)) {
if (logger.isDebugEnabled()) {
logger.debug("Veto access: caveat=" + conName + ", userName=" + userName + ", nodeRef=" + nodeRef + ", propName=" + propName + ", propValues=" + propValues + ", allowedValues=" + allowedValues);
}
return false;
}
}
}
}
}
}
}
return true;
}
} catch (AccessDeniedException ade) {
return false;
}
}
use of org.alfresco.service.cmr.dictionary.ConstraintDefinition in project records-management by Alfresco.
the class RMCaveatConfigComponentImpl method getRMConstraint.
/**
* Get an RMConstraintInfo
* @param listQName
* @return the constraint or null if it does not exist
*/
public RMConstraintInfo getRMConstraint(QName listQName) {
ConstraintDefinition dictionaryDef = dictionaryService.getConstraint(listQName);
if (dictionaryDef != null) {
Constraint con = dictionaryDef.getConstraint();
if (con instanceof RMListOfValuesConstraint) {
final RMListOfValuesConstraint def = (RMListOfValuesConstraint) con;
RMConstraintInfo info = new RMConstraintInfo();
info.setName(listQName.toPrefixString());
info.setTitle(con.getTitle());
List<String> allowedValues = AuthenticationUtil.runAs(new RunAsWork<List<String>>() {
public List<String> doWork() {
return def.getAllowedValues();
}
}, AuthenticationUtil.getSystemUserName());
info.setAllowedValues(allowedValues.toArray(new String[allowedValues.size()]));
info.setCaseSensitive(def.isCaseSensitive());
return info;
}
}
return null;
}
use of org.alfresco.service.cmr.dictionary.ConstraintDefinition in project records-management by Alfresco.
the class RMCaveatConfigServiceImpl method updateRMConstraintAllowedValues.
/**
* Update The allowed values for an RM Constraint.
*
* @param listName The name of the list.
* @param allowedValues the new alowed values
*/
public RMConstraintInfo updateRMConstraintAllowedValues(String listName, String[] allowedValues) {
QName listQName = QName.createQName(listName, namespaceService);
if (allowedValues != null) {
List<String> allowedValueList = new ArrayList<String>();
for (String value : allowedValues) {
allowedValueList.add(value);
}
ConstraintDefinition dictionaryDef = dictionaryService.getConstraint(listQName);
Constraint con = dictionaryDef.getConstraint();
if (con instanceof RMListOfValuesConstraint) {
final RMListOfValuesConstraint def = (RMListOfValuesConstraint) con;
List<String> oldAllowedValues = AuthenticationUtil.runAs(new RunAsWork<List<String>>() {
public List<String> doWork() {
return def.getAllowedValues();
}
}, AuthenticationUtil.getSystemUserName());
/**
* Deal with any additions
*/
for (String newValue : allowedValueList) {
if (!oldAllowedValues.contains(newValue) && logger.isDebugEnabled()) {
// This is an addition
logger.debug("value added to list:" + listQName + ":" + newValue);
}
}
/**
* Deal with any deletions
*/
for (String oldValue : oldAllowedValues) {
if (!allowedValueList.contains(oldValue)) {
// This is a deletion
if (logger.isDebugEnabled()) {
logger.debug("value removed from list:" + listQName + ":" + oldValue);
}
removeRMConstraintListValue(listName, oldValue);
}
}
}
recordsManagementAdminService.changeCustomConstraintValues(listQName, allowedValueList);
}
return getRMConstraint(listName);
}
use of org.alfresco.service.cmr.dictionary.ConstraintDefinition in project records-management by Alfresco.
the class RMCaveatConfigServiceImpl method getAllRMConstraints.
/**
* Get all Constraint Lists
*/
public Set<RMConstraintInfo> getAllRMConstraints() {
Set<RMConstraintInfo> info = new HashSet<RMConstraintInfo>();
List<ConstraintDefinition> defs = new ArrayList<ConstraintDefinition>(10);
for (QName caveatModelQName : rmCaveatConfigComponent.getRMCaveatModels()) {
defs.addAll(recordsManagementAdminService.getCustomConstraintDefinitions(caveatModelQName));
}
for (ConstraintDefinition dictionaryDef : defs) {
Constraint con = dictionaryDef.getConstraint();
if (con instanceof RMListOfValuesConstraint) {
final RMListOfValuesConstraint def = (RMListOfValuesConstraint) con;
RMConstraintInfo i = new RMConstraintInfo();
i.setName(def.getShortName());
i.setTitle(def.getTitle());
// note: assumes only one caveat/LOV against a given property
List<String> allowedValues = AuthenticationUtil.runAs(new RunAsWork<List<String>>() {
public List<String> doWork() {
return def.getAllowedValues();
}
}, AuthenticationUtil.getSystemUserName());
i.setAllowedValues(allowedValues.toArray(new String[allowedValues.size()]));
i.setCaseSensitive(def.isCaseSensitive());
info.add(i);
}
}
return info;
}
use of org.alfresco.service.cmr.dictionary.ConstraintDefinition in project records-management by Alfresco.
the class RecordsManagementAdminServiceImplTest method testCreateCustomConstraints.
public void testCreateCustomConstraints() throws Exception {
final int beforeCnt = retryingTransactionHelper.doInTransaction(new RetryingTransactionHelper.RetryingTransactionCallback<Integer>() {
public Integer execute() throws Throwable {
List<ConstraintDefinition> result = rmAdminService.getCustomConstraintDefinitions(RecordsManagementCustomModel.RM_CUSTOM_MODEL);
assertNotNull(result);
return result.size();
}
});
final String conTitle = "test title - " + testRunID;
final List<String> allowedValues = new ArrayList<String>(3);
allowedValues.add("RED");
allowedValues.add("AMBER");
allowedValues.add("GREEN");
final QName testCon = retryingTransactionHelper.doInTransaction(new RetryingTransactionHelper.RetryingTransactionCallback<QName>() {
public QName execute() throws Throwable {
String conLocalName = "test-" + testRunID;
final QName result = QName.createQName(RecordsManagementCustomModel.RM_CUSTOM_URI, conLocalName);
rmAdminService.addCustomConstraintDefinition(result, conTitle, true, allowedValues, MatchLogic.AND);
return result;
}
});
// Set the current security context as System - to see allowed values (unless caveat config is also updated for admin)
AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getSystemUserName());
retryingTransactionHelper.doInTransaction(new RetryingTransactionHelper.RetryingTransactionCallback<Void>() {
public Void execute() throws Throwable {
List<ConstraintDefinition> customConstraintDefs = rmAdminService.getCustomConstraintDefinitions(RecordsManagementCustomModel.RM_CUSTOM_MODEL);
assertEquals(beforeCnt + 1, customConstraintDefs.size());
boolean found = false;
for (ConstraintDefinition conDef : customConstraintDefs) {
if (conDef.getName().equals(testCon)) {
assertEquals(conTitle, conDef.getTitle(dictionaryService));
Constraint con = conDef.getConstraint();
assertTrue(con instanceof RMListOfValuesConstraint);
assertEquals("LIST", ((RMListOfValuesConstraint) con).getType());
assertEquals(3, ((RMListOfValuesConstraint) con).getAllowedValues().size());
found = true;
break;
}
}
assertTrue(found);
return null;
}
});
// Set the current security context as admin
AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getAdminUserName());
retryingTransactionHelper.doInTransaction(new RetryingTransactionHelper.RetryingTransactionCallback<Void>() {
public Void execute() throws Throwable {
allowedValues.clear();
allowedValues.add("RED");
allowedValues.add("YELLOW");
rmAdminService.changeCustomConstraintValues(testCon, allowedValues);
return null;
}
});
// Set the current security context as System - to see allowed values (unless caveat config is also updated for admin)
AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getSystemUserName());
retryingTransactionHelper.doInTransaction(new RetryingTransactionHelper.RetryingTransactionCallback<Void>() {
public Void execute() throws Throwable {
List<ConstraintDefinition> customConstraintDefs = rmAdminService.getCustomConstraintDefinitions(RecordsManagementCustomModel.RM_CUSTOM_MODEL);
assertEquals(beforeCnt + 1, customConstraintDefs.size());
boolean found = false;
for (ConstraintDefinition conDef : customConstraintDefs) {
if (conDef.getName().equals(testCon)) {
assertEquals(conTitle, conDef.getTitle(dictionaryService));
Constraint con = conDef.getConstraint();
assertTrue(con instanceof RMListOfValuesConstraint);
assertEquals("LIST", ((RMListOfValuesConstraint) con).getType());
assertEquals(2, ((RMListOfValuesConstraint) con).getAllowedValues().size());
found = true;
break;
}
}
assertTrue(found);
return null;
}
});
// Set the current security context as admin
AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getAdminUserName());
// Add custom property to record with test constraint
retryingTransactionHelper.doInTransaction(new RetryingTransactionHelper.RetryingTransactionCallback<Void>() {
public Void execute() throws Throwable {
String propLocalName = "myProp-" + testRunID;
QName dataType = DataTypeDefinition.TEXT;
String propTitle = "My property title";
String description = "My property description";
String defaultValue = null;
boolean multiValued = false;
boolean mandatory = false;
boolean isProtected = false;
QName propName = rmAdminService.addCustomPropertyDefinition(null, ASPECT_RECORD, propLocalName, dataType, propTitle, description, defaultValue, multiValued, mandatory, isProtected, testCon);
createdCustomProperties.add(propName);
return null;
}
});
}
Aggregations