Class ModelSecurityServiceImpl
- java.lang.Object
-
- org.alfresco.module.org_alfresco_module_rm.util.ServiceBaseImpl
-
- org.alfresco.module.org_alfresco_module_rm.model.BaseBehaviourBean
-
- org.alfresco.module.org_alfresco_module_rm.model.security.ModelSecurityServiceImpl
-
- All Implemented Interfaces:
RecordsManagementCustomModel
,RecordsManagementModel
,ModelSecurityService
,org.alfresco.repo.node.NodeServicePolicies.BeforeAddAspectPolicy
,org.alfresco.repo.node.NodeServicePolicies.BeforeRemoveAspectPolicy
,org.alfresco.repo.node.NodeServicePolicies.OnUpdatePropertiesPolicy
,org.alfresco.repo.policy.annotation.BehaviourRegistry
,org.alfresco.repo.policy.ClassPolicy
,org.alfresco.repo.policy.Policy
,org.springframework.beans.factory.Aware
,org.springframework.context.ApplicationContextAware
public class ModelSecurityServiceImpl extends BaseBehaviourBean implements ModelSecurityService, org.alfresco.repo.node.NodeServicePolicies.BeforeAddAspectPolicy, org.alfresco.repo.node.NodeServicePolicies.BeforeRemoveAspectPolicy, org.alfresco.repo.node.NodeServicePolicies.OnUpdatePropertiesPolicy
Model security service implementation.This service records the protected properties and aspects, ensuring that only those with the appropriate capabilities can edit them.
- Since:
- 2.1
- Author:
- Roy Wetherall
-
-
Field Summary
-
Fields inherited from class org.alfresco.module.org_alfresco_module_rm.model.BaseBehaviourBean
behaviourFilter, behaviours, LOGGER, MULTIPLE_CHILDREN_TYPE_ERROR, UNIQUE_CHILD_TYPE_ERROR
-
Fields inherited from class org.alfresco.module.org_alfresco_module_rm.util.ServiceBaseImpl
applicationContext, authenticationUtil, contentService, dictionaryService, nodeService, nodeTypeUtility, renditionService, transactionalResourceHelper
-
Fields inherited from interface org.alfresco.repo.node.NodeServicePolicies.BeforeAddAspectPolicy
QNAME
-
Fields inherited from interface org.alfresco.repo.node.NodeServicePolicies.BeforeRemoveAspectPolicy
QNAME
-
Fields inherited from interface org.alfresco.repo.node.NodeServicePolicies.OnUpdatePropertiesPolicy
ARG_0, ARG_1, ARG_2, QNAME
-
Fields inherited from interface org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementCustomModel
ASPECT_CUSTOM_ASSOCIATIONS, ASPECT_SUPPLEMENTAL_MARKING_LIST, CONSTRAINT_CUSTOM_SMLIST, CUSTOM_REF_CROSSREFERENCE, CUSTOM_REF_OBSOLETES, CUSTOM_REF_RENDITION, CUSTOM_REF_SUPERSEDES, CUSTOM_REF_SUPPORTS, CUSTOM_REF_VERSIONS, PROP_SUPPLEMENTAL_MARKING_LIST, RM_CUSTOM_MODEL, RM_CUSTOM_PREFIX, RM_CUSTOM_URI
-
Fields inherited from interface org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel
ASPECT_ARCHIVED, ASPECT_ASCENDED, ASPECT_CAVEAT_CONFIG_ROOT, ASPECT_COMMON_RECORD_DETAILS, ASPECT_COUNTABLE, ASPECT_CUSTOM_RM_DATA, ASPECT_CUT_OFF, ASPECT_DECLARED_RECORD, ASPECT_DISPOSITION_LIFECYCLE, ASPECT_DISPOSITION_PROCESSED, ASPECT_EMAIL_CONFIG_ROOT, ASPECT_EXTENDED_SECURITY, ASPECT_FILABLE, ASPECT_FILE_PLAN_COMPONENT, ASPECT_FROZEN, ASPECT_GHOSTED, ASPECT_HELD_CHILDREN, ASPECT_LOADED_DATA_SET_ID, ASPECT_RECORD, ASPECT_RECORD_COMPONENT_ID, ASPECT_RECORD_META_DATA, ASPECT_RECORD_ORIGINATING_DETAILS, ASPECT_RECORD_REJECTION_DETAILS, ASPECT_RECORDS_MANAGEMENT_ROOT, ASPECT_RM_SEARCH, ASPECT_SAVED_SEARCH, ASPECT_SCHEDULED, ASPECT_TRANSFERRED, ASPECT_TRANSFERRING, ASPECT_UNCUT_OFF, ASPECT_UNPUBLISHED_UPDATE, ASPECT_VERSIONED_RECORD, ASPECT_VITAL_RECORD, ASPECT_VITAL_RECORD_DEFINITION, ASSOC_CAVEAT_CONFIG, ASSOC_DISPOSITION_ACTION_DEFINITIONS, ASSOC_DISPOSITION_ACTION_HISTORY, ASSOC_DISPOSITION_SCHEDULE, ASSOC_EMAIL_CONFIG, ASSOC_EVENT_EXECUTIONS, ASSOC_FROZEN_CONTENT, ASSOC_FROZEN_RECORDS, ASSOC_HOLDS, ASSOC_NEXT_DISPOSITION_ACTION, ASSOC_TRANSFERRED, ASSOC_TRANSFERS, GL_URI, PROP_COMBINE_DISPOSITION_STEP_CONDITIONS, PROP_COUNT, PROP_CUT_OFF_DATE, PROP_DATE_FILED, PROP_DB_UNIQUENESS_ID, PROP_DECLARED_AT, PROP_DECLARED_BY, PROP_DISPOSITION_ACTION, PROP_DISPOSITION_ACTION_COMPLETED_AT, PROP_DISPOSITION_ACTION_COMPLETED_BY, PROP_DISPOSITION_ACTION_GHOST_ON_DESTROY, PROP_DISPOSITION_ACTION_ID, PROP_DISPOSITION_ACTION_NAME, PROP_DISPOSITION_ACTION_STARTED_AT, PROP_DISPOSITION_ACTION_STARTED_BY, PROP_DISPOSITION_AS_OF, PROP_DISPOSITION_AUTHORITY, PROP_DISPOSITION_DESCRIPTION, PROP_DISPOSITION_EVENT, PROP_DISPOSITION_EVENT_COMBINATION, PROP_DISPOSITION_EVENTS_ELIGIBLE, PROP_DISPOSITION_INSTRUCTIONS, PROP_DISPOSITION_LOCATION, PROP_DISPOSITION_PERIOD, PROP_DISPOSITION_PERIOD_PROPERTY, PROP_EVENT_EXECUTION_AUTOMATIC, PROP_EVENT_EXECUTION_COMPLETE, PROP_EVENT_EXECUTION_COMPLETED_AT, PROP_EVENT_EXECUTION_COMPLETED_BY, PROP_EVENT_EXECUTION_NAME, PROP_FROZEN_AT, PROP_FROZEN_BY, PROP_HELD_CHILDREN_COUNT, PROP_HOLD_REASON, PROP_IDENTIFIER, PROP_IS_CLOSED, PROP_LOADED_DATA_SET_IDS, PROP_LOCATION, PROP_MANUALLY_SET_AS_OF, PROP_ORIGIONAL_NAME, PROP_PUBLISH_IN_PROGRESS, PROP_READERS, PROP_RECORD_LEVEL_DISPOSITION, PROP_RECORD_ORIGINATING_CREATION_DATE, PROP_RECORD_ORIGINATING_LOCATION, PROP_RECORD_ORIGINATING_USER_ID, PROP_RECORD_REJECTION_DATE, PROP_RECORD_REJECTION_REASON, PROP_RECORD_REJECTION_USER_ID, PROP_REVIEW_AS_OF, PROP_REVIEW_PERIOD, PROP_ROOT_NODEREF, PROP_RS_DECLASSIFICATION_REVIEW_COMPLETED_AT, PROP_RS_DECLASSIFICATION_REVIEW_COMPLETED_BY, PROP_RS_DISPOITION_AUTHORITY, PROP_RS_DISPOITION_INSTRUCTIONS, PROP_RS_DISPOSITION_ACTION_AS_OF, PROP_RS_DISPOSITION_ACTION_NAME, PROP_RS_DISPOSITION_EVENTS, PROP_RS_DISPOSITION_EVENTS_ELIGIBLE, PROP_RS_DISPOSITION_PERIOD, PROP_RS_DISPOSITION_PERIOD_EXPRESSION, PROP_RS_HAS_DISPOITION_SCHEDULE, PROP_RS_HOLD_REASON, PROP_RS_VITAL_RECORD_REVIEW_PERIOD, PROP_RS_VITAL_RECORD_REVIEW_PERIOD_EXPRESSION, PROP_TRANSFER_ACCESSION_INDICATOR, PROP_TRANSFER_LOCATION, PROP_TRANSFER_PDF_INDICATOR, PROP_UNPUBLISHED_UPDATE, PROP_UPDATE_TO, PROP_UPDATED_PROPERTIES, PROP_VITAL_RECORD_INDICATOR, PROP_WRITERS, RM_MODEL, RM_PREFIX, RM_URI, TYPE_CAVEAT_CONFIG, TYPE_DISPOSITION_ACTION, TYPE_DISPOSITION_ACTION_DEFINITION, TYPE_DISPOSITION_SCHEDULE, TYPE_EMAIL_CONFIG, TYPE_EVENT_EXECUTION, TYPE_FILE_PLAN, TYPE_HOLD, TYPE_HOLD_CONTAINER, TYPE_NON_ELECTRONIC_DOCUMENT, TYPE_RECORD_CATEGORY, TYPE_RECORD_FOLDER, TYPE_RECORDS_MANAGEMENT_CONTAINER, TYPE_RM_SITE, TYPE_TRANSFER, TYPE_TRANSFER_CONTAINER, TYPE_UNFILED_RECORD_CONTAINER, TYPE_UNFILED_RECORD_FOLDER, UPDATE_TO_DISPOSITION_ACTION_DEFINITION
-
-
Constructor Summary
Constructors Constructor Description ModelSecurityServiceImpl()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
beforeAddAspect(org.alfresco.service.cmr.repository.NodeRef nodeRef, org.alfresco.service.namespace.QName aspect)
void
beforeRemoveAspect(org.alfresco.service.cmr.repository.NodeRef nodeRef, org.alfresco.service.namespace.QName aspect)
boolean
canEditProtectedAspect(org.alfresco.service.cmr.repository.NodeRef nodeRef, org.alfresco.service.namespace.QName aspect)
Indicates whether the current user can edit (ie add or remove) a protected aspect in the context of a given node.boolean
canEditProtectedProperty(org.alfresco.service.cmr.repository.NodeRef nodeRef, org.alfresco.service.namespace.QName property)
Indicates whether the current user can edit a protected property in the context of a given node.void
disable()
Disable model security checks for the current thread.void
enable()
Enable model security checks for the current thread.ProtectedAspect
getProtectedAspect(org.alfresco.service.namespace.QName name)
Get the details of the protected aspect, returns null if aspect is not protected.Set<org.alfresco.service.namespace.QName>
getProtectedAspects()
Get the protected aspects.Set<org.alfresco.service.namespace.QName>
getProtectedProperties()
Get the protected propertiesProtectedProperty
getProtectedProperty(org.alfresco.service.namespace.QName name)
Get the details of the protected property, returns null if property is not protected.boolean
isEnabled()
Indicates whether model security is enabled or not.boolean
isProtectedAspect(org.alfresco.service.namespace.QName aspect)
Indicates whether an aspect is protected or not.boolean
isProtectedProperty(org.alfresco.service.namespace.QName property)
Indicates whether a property is protected or not.void
onUpdateProperties(org.alfresco.service.cmr.repository.NodeRef nodeRef, Map<org.alfresco.service.namespace.QName,Serializable> before, Map<org.alfresco.service.namespace.QName,Serializable> after)
void
register(ProtectedModelArtifact artifact)
Registers a protected model artifact with the service.void
setEnabled(boolean enabled)
Sets whether model security is enabled globally or not.void
setFilePlanService(FilePlanService filePlanService)
void
setNamespaceService(org.alfresco.service.namespace.NamespaceService namespaceService)
-
Methods inherited from class org.alfresco.module.org_alfresco_module_rm.model.BaseBehaviourBean
getBehaviour, registerBehaviour, setBehaviourFilter, validateNewChildAssociation, validateNewChildAssociationSubTypesIncluded
-
Methods inherited from class org.alfresco.module.org_alfresco_module_rm.util.ServiceBaseImpl
getFilePlan, getFilePlanComponentKind, getFilePlanComponentKindFromType, getInternalNodeService, getNextCount, getTypeAndApsects, instanceOf, instanceOf, isDeclared, isFilePlan, isFilePlanComponent, isFilePlanContainer, isHold, isRecord, isRecordCategory, isRecordFolder, isTransfer, isUnfiledRecordsContainer, setApplicationContext, setAuthenticationUtil, setContentService, setDictionaryService, setNodeService, setNodeTypeUtility, setRenditionService, setTransactionalResourceHelper
-
-
-
-
Method Detail
-
setEnabled
public void setEnabled(boolean enabled)
Description copied from interface:ModelSecurityService
Sets whether model security is enabled globally or not.- Specified by:
setEnabled
in interfaceModelSecurityService
- See Also:
ModelSecurityService.setEnabled(boolean)
-
isEnabled
public boolean isEnabled()
Description copied from interface:ModelSecurityService
Indicates whether model security is enabled or not.- Specified by:
isEnabled
in interfaceModelSecurityService
- Returns:
- See Also:
ModelSecurityService.isEnabled()
-
setNamespaceService
public void setNamespaceService(org.alfresco.service.namespace.NamespaceService namespaceService)
- Parameters:
namespaceService
- namespace service
-
setFilePlanService
public void setFilePlanService(FilePlanService filePlanService)
- Parameters:
filePlanService
- file plan service
-
disable
public void disable()
Description copied from interface:ModelSecurityService
Disable model security checks for the current thread.- Specified by:
disable
in interfaceModelSecurityService
- See Also:
ModelSecurityService.disable()
-
enable
public void enable()
Description copied from interface:ModelSecurityService
Enable model security checks for the current thread.- Specified by:
enable
in interfaceModelSecurityService
- See Also:
ModelSecurityService.enable()
-
register
public void register(ProtectedModelArtifact artifact)
Description copied from interface:ModelSecurityService
Registers a protected model artifact with the service.- Specified by:
register
in interfaceModelSecurityService
- Parameters:
artifact
- protected model artifact- See Also:
ModelSecurityService.register(org.alfresco.module.org_alfresco_module_rm.model.security.ProtectedModelArtifact)
-
isProtectedProperty
public boolean isProtectedProperty(org.alfresco.service.namespace.QName property)
Description copied from interface:ModelSecurityService
Indicates whether a property is protected or not.- Specified by:
isProtectedProperty
in interfaceModelSecurityService
- Parameters:
property
- name of property- Returns:
- boolean true if property is protected, false otherwise
- See Also:
ModelSecurityService.isProtectedProperty(org.alfresco.service.namespace.QName)
-
getProtectedProperties
public Set<org.alfresco.service.namespace.QName> getProtectedProperties()
Description copied from interface:ModelSecurityService
Get the protected properties- Specified by:
getProtectedProperties
in interfaceModelSecurityService
- Returns:
Set
<QName
> all the protected properties- See Also:
ModelSecurityService.getProtectedProperties()
-
getProtectedProperty
public ProtectedProperty getProtectedProperty(org.alfresco.service.namespace.QName name)
Description copied from interface:ModelSecurityService
Get the details of the protected property, returns null if property is not protected.- Specified by:
getProtectedProperty
in interfaceModelSecurityService
- Parameters:
name
- name of the protected property- Returns:
ProtectedProperty
protected property details, null otherwise- See Also:
ModelSecurityService.getProtectedProperty(org.alfresco.service.namespace.QName)
-
canEditProtectedProperty
public boolean canEditProtectedProperty(org.alfresco.service.cmr.repository.NodeRef nodeRef, org.alfresco.service.namespace.QName property)
Description copied from interface:ModelSecurityService
Indicates whether the current user can edit a protected property in the context of a given node.If the property is not protected then returns true.
- Specified by:
canEditProtectedProperty
in interfaceModelSecurityService
- Parameters:
nodeRef
- node referenceproperty
- name of the property- Returns:
- boolean true if the current user can edit the protected property or the property is not protected, false otherwise
- See Also:
ModelSecurityService.canEditProtectedProperty(org.alfresco.service.cmr.repository.NodeRef, org.alfresco.service.namespace.QName)
-
isProtectedAspect
public boolean isProtectedAspect(org.alfresco.service.namespace.QName aspect)
Description copied from interface:ModelSecurityService
Indicates whether an aspect is protected or not.- Specified by:
isProtectedAspect
in interfaceModelSecurityService
- Parameters:
aspect
- aspect name- Returns:
- boolean true if aspect is protected, false otherwise
- See Also:
ModelSecurityService.isProtectedAspect(org.alfresco.service.namespace.QName)
-
getProtectedAspects
public Set<org.alfresco.service.namespace.QName> getProtectedAspects()
Description copied from interface:ModelSecurityService
Get the protected aspects.- Specified by:
getProtectedAspects
in interfaceModelSecurityService
- Returns:
Set
<QName
> all the protected aspects- See Also:
ModelSecurityService.getProtectedAspects()
-
getProtectedAspect
public ProtectedAspect getProtectedAspect(org.alfresco.service.namespace.QName name)
Description copied from interface:ModelSecurityService
Get the details of the protected aspect, returns null if aspect is not protected.- Specified by:
getProtectedAspect
in interfaceModelSecurityService
- Parameters:
name
- name of the aspect- Returns:
ProtectedAspect
protected aspect details, null otherwise- See Also:
ModelSecurityService.getProtectedAspect(org.alfresco.service.namespace.QName)
-
canEditProtectedAspect
public boolean canEditProtectedAspect(org.alfresco.service.cmr.repository.NodeRef nodeRef, org.alfresco.service.namespace.QName aspect)
Description copied from interface:ModelSecurityService
Indicates whether the current user can edit (ie add or remove) a protected aspect in the context of a given node.If the aspect is not protected then returns true.
- Specified by:
canEditProtectedAspect
in interfaceModelSecurityService
- Parameters:
nodeRef
- node referenceaspect
- name of the of aspect- Returns:
- boolean true if the current user can edit the protected aspect or the the aspect is not protected, false otherwise
- See Also:
ModelSecurityService.canEditProtectedAspect(org.alfresco.service.cmr.repository.NodeRef, org.alfresco.service.namespace.QName)
-
beforeAddAspect
public void beforeAddAspect(org.alfresco.service.cmr.repository.NodeRef nodeRef, org.alfresco.service.namespace.QName aspect)
- Specified by:
beforeAddAspect
in interfaceorg.alfresco.repo.node.NodeServicePolicies.BeforeAddAspectPolicy
- See Also:
NodeServicePolicies.BeforeAddAspectPolicy.beforeAddAspect(org.alfresco.service.cmr.repository.NodeRef, org.alfresco.service.namespace.QName)
-
beforeRemoveAspect
public void beforeRemoveAspect(org.alfresco.service.cmr.repository.NodeRef nodeRef, org.alfresco.service.namespace.QName aspect)
- Specified by:
beforeRemoveAspect
in interfaceorg.alfresco.repo.node.NodeServicePolicies.BeforeRemoveAspectPolicy
- See Also:
NodeServicePolicies.BeforeRemoveAspectPolicy.beforeRemoveAspect(org.alfresco.service.cmr.repository.NodeRef, org.alfresco.service.namespace.QName)
-
onUpdateProperties
public void onUpdateProperties(org.alfresco.service.cmr.repository.NodeRef nodeRef, Map<org.alfresco.service.namespace.QName,Serializable> before, Map<org.alfresco.service.namespace.QName,Serializable> after)
- Specified by:
onUpdateProperties
in interfaceorg.alfresco.repo.node.NodeServicePolicies.OnUpdatePropertiesPolicy
- See Also:
NodeServicePolicies.OnUpdatePropertiesPolicy.onUpdateProperties(org.alfresco.service.cmr.repository.NodeRef, java.util.Map, java.util.Map)
-
-