/*
* #%L
* Alfresco Records Management Module
* %%
* Copyright (C) 2005 - 2016 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* -
* If the software was purchased under a paid Alfresco license, the terms of
* the paid license agreement will prevail. Otherwise, the software is
* provided under the following open source license terms:
* -
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
* -
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
* -
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
* #L%
*/
package org.alfresco.module.org_alfresco_module_rm.permission;
import java.util.List;
import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel;
import org.alfresco.repo.security.permissions.processor.impl.PermissionPostProcessorBaseImpl;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.security.AccessStatus;
import org.alfresco.service.cmr.security.PermissionService;
/**
* Records management permission post processor.
*
* @author Roy Wetherall
* @since 2.4.a
*/
public class RecordsManagementPermissionPostProcessor extends PermissionPostProcessorBaseImpl
{
/** node service */
private NodeService nodeService;
public void setNodeService(NodeService nodeService) {this.nodeService=nodeService;}
/** permission service */
private PermissionService permissionService;
public void setPermissionService(PermissionService permissionService) {this.permissionService=permissionService;}
/**
* @see org.alfresco.repo.security.permissions.processor.PermissionPostProcessor#process(org.alfresco.service.cmr.security.AccessStatus, org.alfresco.service.cmr.repository.NodeRef, java.lang.String)
*/
@Override
public AccessStatus process(AccessStatus accessStatus, NodeRef nodeRef, String perm,
List configuredReadPermissions, List configuredFilePermissions)
{
AccessStatus result = accessStatus;
if (AccessStatus.DENIED.equals(accessStatus) &&
nodeService.hasAspect(nodeRef, RecordsManagementModel.ASPECT_FILE_PLAN_COMPONENT))
{
// if read denied on rm artifact
if (PermissionService.READ.equals(perm) || configuredReadPermissions.contains(perm))
{
// check for read record
result = permissionService.hasPermission(nodeRef, RMPermissionModel.READ_RECORDS);
}
// if write deinied on rm artificat
else if (PermissionService.WRITE.equals(perm) || configuredFilePermissions.contains(perm))
{
// check for file record
result = permissionService.hasPermission(nodeRef, RMPermissionModel.FILE_RECORDS);
}
}
return result;
}
}