/*
* #%L
* Alfresco Records Management Module
* %%
* Copyright (C) 2005 - 2016 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* -
* If the software was purchased under a paid Alfresco license, the terms of
* the paid license agreement will prevail. Otherwise, the software is
* provided under the following open source license terms:
* -
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
* -
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
* -
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
* #L%
*/
package org.alfresco.module.org_alfresco_module_rm.capability;
import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
import org.alfresco.module.org_alfresco_module_rm.security.RMMethodSecurityInterceptor;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.security.AccessStatus;
import org.apache.commons.lang.StringUtils;
import org.springframework.extensions.surf.util.I18NUtil;
import net.sf.acegisecurity.vote.AccessDecisionVoter;
/**
* Abstract capability implementation.
*
* @author Andy Hind
* @author Roy Wetherall
*/
public abstract class AbstractCapability extends RMSecurityCommon
implements Capability, RecordsManagementModel, RMPermissionModel
{
/** Capability service */
protected CapabilityService capabilityService;
/** Capability name */
protected String name;
/** Capability title and description */
protected String title;
protected String description;
/** Capability group */
protected Group group;
/** Capability index */
protected int index;
/** Indicates whether this is a private capability or not */
protected boolean isPrivate = false;
/**
* @param capabilityService capability service
*/
public void setCapabilityService(CapabilityService capabilityService)
{
this.capabilityService = capabilityService;
}
/**
* Init method
*/
public void init()
{
capabilityService.registerCapability(this);
}
/**
* @param name capability name
*/
public void setName(String name)
{
this.name = name;
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.capability.Capability#getName()
*/
@Override
public String getName()
{
return name;
}
/**
* @param title capability title
*/
public void setTitle(String title)
{
this.title = title;
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.capability.Capability#getTitle()
*/
@Override
public String getTitle()
{
String title = this.title;
if (StringUtils.isBlank(title))
{
title = I18NUtil.getMessage("capability." + getName() + ".title");
if (StringUtils.isBlank(title))
{
title = getName();
}
}
return title;
}
/**
* @param description capability description
*/
public void setDescription(String description)
{
this.description = description;
}
/**
* @param descriptionId message id
*/
public void setDescriptionId(String descriptionId)
{
this.description = I18NUtil.getMessage(descriptionId);
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.capability.Capability#getDescription()
*/
@Override
public String getDescription()
{
return description;
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.capability.Capability#isPrivate()
*/
public boolean isPrivate()
{
return isPrivate;
}
/**
* @param isPrivate indicates whether the capability is private or not
*/
public void setPrivate(boolean isPrivate)
{
this.isPrivate = isPrivate;
}
/**
* Translates the vote to an AccessStatus
*
* @param vote
* @return
*/
private AccessStatus translate(int vote)
{
switch (vote)
{
case AccessDecisionVoter.ACCESS_ABSTAIN:
return AccessStatus.UNDETERMINED;
case AccessDecisionVoter.ACCESS_GRANTED:
return AccessStatus.ALLOWED;
case AccessDecisionVoter.ACCESS_DENIED:
return AccessStatus.DENIED;
default:
return AccessStatus.UNDETERMINED;
}
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.capability.Capability#hasPermission(org.alfresco.service.cmr.repository.NodeRef)
*/
public AccessStatus hasPermission(NodeRef nodeRef)
{
return translate(hasPermissionRaw(nodeRef));
}
/**
* Determines whether the current user has permission on this capability.
* <p>
* Returns the raw permission value.
*
* @param nodeRef node reference
* @return raw permission value
*/
public int hasPermissionRaw(NodeRef nodeRef)
{
String prefix = "hasPermissionRaw" + getName();
int result = getTransactionCache(prefix, nodeRef);
if (result == NOSET_VALUE)
{
if (checkRmRead(nodeRef) == AccessDecisionVoter.ACCESS_DENIED)
{
result = AccessDecisionVoter.ACCESS_DENIED;
}
else
{
result = hasPermissionImpl(nodeRef);
}
result = setTransactionCache(prefix, nodeRef, result);
}
// Log information about evaluated capability
RMMethodSecurityInterceptor.reportCapabilityStatus(getName(), result);
return result;
}
/**
* Default implementation. Override if different behaviour required.
*
* @param nodeRef
* @return
*/
protected int hasPermissionImpl(NodeRef nodeRef)
{
return evaluate(nodeRef);
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.capability.Capability#evaluate(org.alfresco.service.cmr.repository.NodeRef, org.alfresco.service.cmr.repository.NodeRef)
*/
public int evaluate(NodeRef source, NodeRef target)
{
return AccessDecisionVoter.ACCESS_ABSTAIN;
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.capability.Capability#getGroup()
*/
public Group getGroup()
{
return this.group;
}
public void setGroup(Group group)
{
this.group = group;
}
/**
* @see org.alfresco.module.org_alfresco_module_rm.capability.Capability#getIndex()
*/
public int getIndex()
{
return this.index;
}
public void setIndex(int index)
{
this.index = index;
}
/**
* @see java.lang.Object#hashCode()
*/
@Override
public int hashCode()
{
final int prime = 31;
int result = 1;
result = prime * result + ((getName() == null) ? 0 : getName().hashCode());
return result;
}
/**
* @see java.lang.Object#equals(java.lang.Object)
*/
@Override
public boolean equals(Object obj)
{
if (this == obj)
{
return true;
}
if (obj == null)
{
return false;
}
if (getClass() != obj.getClass())
{
return false;
}
final AbstractCapability other = (AbstractCapability) obj;
if (getName() == null)
{
if (other.getName() != null)
{
return false;
}
}
else if (!getName().equals(other.getName()))
{
return false;
}
return true;
}
}