/** Called at the begining of all tests */
@Override
protected void onSetUpInTransaction() throws Exception {
this.nodeService = (NodeService) this.applicationContext.getBean("nodeService");
AuthenticationComponent authenticationComponent =
(AuthenticationComponent) applicationContext.getBean("authenticationComponent");
authenticationComponent.setCurrentUser(authenticationComponent.getSystemUserName());
// Create the store and get the root node
this.testStoreRef =
this.nodeService.createStore(
StoreRef.PROTOCOL_WORKSPACE, "Test_" + System.currentTimeMillis());
this.rootNodeRef = this.nodeService.getRootNode(this.testStoreRef);
// Create the node used for tests
this.nodeRef =
this.nodeService
.createNode(
this.rootNodeRef,
ContentModel.ASSOC_CHILDREN,
QName.createQName("{test}testnode"),
ContentModel.TYPE_CONTENT)
.getChildRef();
// Get the executer instance
this.executer =
(AddFeaturesActionExecuter) this.applicationContext.getBean(AddFeaturesActionExecuter.NAME);
}
private NodeRef createFolderWithPermission(NodeRef parent, String username, String permission) {
// Authenticate as system user because the current user should not be node owner
AuthenticationComponent authenticationComponent =
(AuthenticationComponent) this.applicationContext.getBean("authenticationComponent");
authenticationComponent.setSystemUserAsCurrentUser();
// Create the folder
NodeRef folder =
nodeService
.createNode(
parent,
ContentModel.ASSOC_CHILDREN,
QName.createQName("TestFolder" + GUID.generate()),
ContentModel.TYPE_CONTENT)
.getChildRef();
// Apply permissions to folder
permissionService.deletePermissions(folder);
permissionService.setInheritParentPermissions(folder, false);
permissionService.setPermission(folder, userName, permission, true);
// Authenticate test user
TestWithUserUtils.authenticateUser(
this.userName, PWD, this.rootNodeRef, this.authenticationService);
return folder;
}
private NodeRef createNodeWithPermission(NodeRef parent, String username, String permission) {
// Authenticate as system user because the current user should not be node owner
AuthenticationComponent authenticationComponent =
(AuthenticationComponent) this.applicationContext.getBean("authenticationComponent");
authenticationComponent.setSystemUserAsCurrentUser();
// Create the node as a copy of prepared
NodeRef node =
copyService.copy(nodeRef, parent, ContentModel.ASSOC_CHILDREN, ContentModel.TYPE_CONTENT);
// Apply permissions to node
permissionService.deletePermissions(node);
permissionService.setInheritParentPermissions(node, false);
permissionService.setPermission(node, userName, permission, true);
// Authenticate test user
TestWithUserUtils.authenticateUser(
this.userName, PWD, this.rootNodeRef, this.authenticationService);
return node;
}
/** On setup in transaction override */
@Override
protected void onSetUpInTransaction() throws Exception {
super.onSetUpInTransaction();
// Get a reference to the node service
this.nodeService = (NodeService) this.applicationContext.getBean("nodeService");
this.contentService = (ContentService) this.applicationContext.getBean("contentService");
this.authenticationService =
(MutableAuthenticationService) this.applicationContext.getBean("authenticationService");
this.actionService = (ActionService) this.applicationContext.getBean("actionService");
this.transactionService =
(TransactionService) this.applicationContext.getBean("transactionComponent");
// Authenticate as the system user
authenticationComponent =
(AuthenticationComponent) this.applicationContext.getBean("authenticationComponent");
authenticationComponent.setSystemUserAsCurrentUser();
// Create the store and get the root node
this.storeRef =
this.nodeService.createStore(
StoreRef.PROTOCOL_WORKSPACE, "Test_" + System.currentTimeMillis());
this.rootNodeRef = this.nodeService.getRootNode(this.storeRef);
}
public void setUp() throws Exception {
if (AlfrescoTransactionSupport.getTransactionReadState() != TxnReadState.TXN_NONE) {
throw new AlfrescoRuntimeException(
"A previous tests did not clean up transaction: "
+ AlfrescoTransactionSupport.getTransactionId());
}
nodeService = (NodeService) applicationContext.getBean("nodeService");
dictionaryService =
(DictionaryService)
applicationContext.getBean(ServiceRegistry.DICTIONARY_SERVICE.getLocalName());
permissionService = (PermissionServiceSPI) applicationContext.getBean("permissionService");
permissionServiceImpl =
(PermissionServiceImpl) applicationContext.getBean("permissionServiceImpl");
namespacePrefixResolver =
(NamespacePrefixResolver)
applicationContext.getBean(ServiceRegistry.NAMESPACE_SERVICE.getLocalName());
authenticationService =
(MutableAuthenticationService) applicationContext.getBean("authenticationService");
authenticationComponent =
(AuthenticationComponent) applicationContext.getBean("authenticationComponent");
serviceRegistry =
(ServiceRegistry) applicationContext.getBean(ServiceRegistry.SERVICE_REGISTRY);
permissionModelDAO = (ModelDAO) applicationContext.getBean("permissionsModelDAO");
personService = (PersonService) applicationContext.getBean("personService");
authorityService = (AuthorityService) applicationContext.getBean("authorityService");
authorityDAO = (AuthorityDAO) applicationContext.getBean("authorityDAO");
authenticationComponent.setCurrentUser(authenticationComponent.getSystemUserName());
authenticationDAO = (MutableAuthenticationDao) applicationContext.getBean("authenticationDao");
nodeDAO = (NodeDAO) applicationContext.getBean("nodeDAO");
aclDaoComponent = (AclDAO) applicationContext.getBean("aclDAO");
publicServiceAccessService =
(PublicServiceAccessService) applicationContext.getBean("publicServiceAccessService");
retryingTransactionHelper =
(RetryingTransactionHelper) applicationContext.getBean("retryingTransactionHelper");
transactionService = (TransactionService) applicationContext.getBean("transactionComponent");
testTX = transactionService.getUserTransaction();
testTX.begin();
testStoreRef =
nodeService.createStore(StoreRef.PROTOCOL_WORKSPACE, "Test_" + System.nanoTime());
rootNodeRef = nodeService.getRootNode(testStoreRef);
QName children = ContentModel.ASSOC_CHILDREN;
QName system = QName.createQName(NamespaceService.SYSTEM_MODEL_1_0_URI, "system");
QName container = ContentModel.TYPE_CONTAINER;
QName types = QName.createQName(NamespaceService.SYSTEM_MODEL_1_0_URI, "people");
systemNodeRef = nodeService.createNode(rootNodeRef, children, system, container).getChildRef();
NodeRef typesNodeRef =
nodeService.createNode(systemNodeRef, children, types, container).getChildRef();
Map<QName, Serializable> props = createPersonProperties("andy");
nodeService
.createNode(typesNodeRef, children, ContentModel.TYPE_PERSON, container, props)
.getChildRef();
props = createPersonProperties("lemur");
nodeService
.createNode(typesNodeRef, children, ContentModel.TYPE_PERSON, container, props)
.getChildRef();
// create an authentication object e.g. the user
if (authenticationDAO.userExists("andy")) {
authenticationService.deleteAuthentication("andy");
}
authenticationService.createAuthentication("andy", "andy".toCharArray());
if (authenticationDAO.userExists("lemur")) {
authenticationService.deleteAuthentication("lemur");
}
authenticationService.createAuthentication("lemur", "lemur".toCharArray());
if (authenticationDAO.userExists(AuthenticationUtil.getAdminUserName())) {
authenticationService.deleteAuthentication(AuthenticationUtil.getAdminUserName());
}
authenticationService.createAuthentication(
AuthenticationUtil.getAdminUserName(), "admin".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
assertTrue(permissionServiceImpl.getAnyDenyDenies());
}
/** Test for MNT-11725 */
public void testDowngradePermissions() throws Exception {
NodeRef rootNodeRef = this.nodeService.getRootNode(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE);
NodeRef folderRef =
nodeService
.createNode(
rootNodeRef,
ContentModel.ASSOC_CHILDREN,
QName.createQName(NamespaceService.ALFRESCO_URI, "testFolder"),
ContentModel.TYPE_FOLDER)
.getChildRef();
permissionService.setPermission(folderRef, USER_ONE, PermissionService.COORDINATOR, true);
permissionService.setInheritParentPermissions(folderRef, false);
authenticationComponent.setCurrentUser(USER_ONE);
// JSON fromat
// {"permissions":
// [{"authority":"userA",
// "role":"Consumer"},
// {"authority":"userA",
// "role":"Coordinator",
// "remove":true}],
// "isInherited":true}
/* negative test, we are first deleting the coordinator role and then try to add consumer */
JSONObject changePermission = new JSONObject();
JSONArray permissions = new JSONArray();
// First delete permission, then add
JSONObject addPermission = new JSONObject();
addPermission.put("authority", USER_ONE);
addPermission.put("role", PermissionService.CONSUMER);
JSONObject removePermission = new JSONObject();
removePermission.put("authority", USER_ONE);
removePermission.put("role", PermissionService.COORDINATOR);
removePermission.put("remove", "true");
permissions.put(removePermission);
permissions.put(addPermission);
changePermission.put("permissions", permissions);
changePermission.put("isInherited", "true");
sendRequest(
new PostRequest(
URL_DOCLIB_PERMISSIONS
+ "/"
+ StoreRef.STORE_REF_WORKSPACE_SPACESSTORE.getProtocol()
+ "/"
+ StoreRef.STORE_REF_WORKSPACE_SPACESSTORE.getIdentifier()
+ "/"
+ folderRef.getId(),
changePermission.toString(),
"application/json"),
Status.STATUS_INTERNAL_SERVER_ERROR);
/* positive test */
changePermission = new JSONObject();
permissions = new JSONArray();
// First add permission, then delete
addPermission = new JSONObject();
addPermission.put("authority", USER_ONE);
addPermission.put("role", PermissionService.CONSUMER);
removePermission = new JSONObject();
removePermission.put("authority", USER_ONE);
removePermission.put("role", PermissionService.COORDINATOR);
removePermission.put("remove", "true");
permissions.put(addPermission);
permissions.put(removePermission);
changePermission.put("permissions", permissions);
changePermission.put("isInherited", "true");
sendRequest(
new PostRequest(
URL_DOCLIB_PERMISSIONS
+ "/"
+ StoreRef.STORE_REF_WORKSPACE_SPACESSTORE.getProtocol()
+ "/"
+ StoreRef.STORE_REF_WORKSPACE_SPACESSTORE.getIdentifier()
+ "/"
+ folderRef.getId(),
changePermission.toString(),
"application/json"),
Status.STATUS_OK);
AccessStatus accessStatus =
permissionService.hasPermission(folderRef, PermissionService.CONSUMER);
assertTrue("The permission was not set correctly", accessStatus == AccessStatus.ALLOWED);
this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
nodeService.deleteNode(folderRef);
}
/** On setup in transaction implementation */
@Override
protected void onSetUpInTransaction() throws Exception {
// Set the services
this.nodeService = (NodeService) this.applicationContext.getBean("nodeService");
this.cociService =
(CheckOutCheckInService) this.applicationContext.getBean("checkOutCheckInService");
this.contentService = (ContentService) this.applicationContext.getBean("contentService");
this.versionService = (VersionService) this.applicationContext.getBean("versionService");
this.authenticationService =
(MutableAuthenticationService) this.applicationContext.getBean("authenticationService");
this.lockService = (LockService) this.applicationContext.getBean("lockService");
this.transactionService =
(TransactionService) this.applicationContext.getBean("transactionComponent");
this.permissionService =
(PermissionService) this.applicationContext.getBean("permissionService");
this.copyService = (CopyService) this.applicationContext.getBean("copyService");
// Authenticate as system to create initial test data set
AuthenticationComponent authenticationComponent =
(AuthenticationComponent) this.applicationContext.getBean("authenticationComponent");
authenticationComponent.setSystemUserAsCurrentUser();
// Create the store and get the root node reference
this.storeRef =
nodeService.createStore(StoreRef.PROTOCOL_WORKSPACE, "Test_" + System.currentTimeMillis());
this.rootNodeRef = nodeService.getRootNode(storeRef);
// Create the node used for tests
ChildAssociationRef childAssocRef =
nodeService.createNode(
rootNodeRef,
ContentModel.ASSOC_CHILDREN,
QName.createQName("test"),
ContentModel.TYPE_CONTENT);
this.nodeRef = childAssocRef.getChildRef();
nodeService.addAspect(this.nodeRef, ContentModel.ASPECT_TITLED, null);
nodeService.setProperty(this.nodeRef, ContentModel.PROP_NAME, TEST_VALUE_NAME);
nodeService.setProperty(this.nodeRef, PROP2_QNAME, TEST_VALUE_2);
// Add the initial content to the node
ContentWriter contentWriter =
this.contentService.getWriter(this.nodeRef, ContentModel.PROP_CONTENT, true);
contentWriter.setMimetype("text/plain");
contentWriter.setEncoding("UTF-8");
contentWriter.putContent(CONTENT_1);
// Add the lock and version aspects to the created node
nodeService.addAspect(this.nodeRef, ContentModel.ASPECT_VERSIONABLE, null);
nodeService.addAspect(this.nodeRef, ContentModel.ASPECT_LOCKABLE, null);
// Create and authenticate the user
this.userName = "******" + GUID.generate();
TestWithUserUtils.createUser(
this.userName, PWD, this.rootNodeRef, this.nodeService, this.authenticationService);
TestWithUserUtils.authenticateUser(
this.userName, PWD, this.rootNodeRef, this.authenticationService);
this.userNodeRef = TestWithUserUtils.getCurrentUser(this.authenticationService);
permissionService.setPermission(
this.rootNodeRef, this.userName, PermissionService.ALL_PERMISSIONS, true);
permissionService.setPermission(
this.nodeRef, this.userName, PermissionService.ALL_PERMISSIONS, true);
folderNodeRef =
nodeService
.createNode(
rootNodeRef,
ContentModel.ASSOC_CHILDREN,
QName.createQName("test"),
ContentModel.TYPE_FOLDER,
Collections.<QName, Serializable>singletonMap(ContentModel.PROP_NAME, "folder"))
.getChildRef();
fileNodeRef =
nodeService
.createNode(
folderNodeRef,
ContentModel.ASSOC_CONTAINS,
QName.createQName("test"),
ContentModel.TYPE_CONTENT,
Collections.<QName, Serializable>singletonMap(ContentModel.PROP_NAME, "file"))
.getChildRef();
contentWriter = this.contentService.getWriter(fileNodeRef, ContentModel.PROP_CONTENT, true);
contentWriter.setMimetype("text/plain");
contentWriter.setEncoding("UTF-8");
contentWriter.putContent(CONTENT_1);
}
