@Test
public void testVersionRemoval() throws Exception {
DocumentModel folder = session.createDocumentModel("/", "folder", "Folder");
folder = session.createDocument(folder);
DocumentModel file = session.createDocumentModel("/folder", "file", "File");
file = session.createDocument(file);
DocumentModel proxy = session.publishDocument(file, folder);
DocumentModel version = session.getLastDocumentVersion(file.getRef());
session.save();
// even Administrator/system cannot remove a version with a proxy
try {
session.removeDocument(version.getRef());
fail("Admin should not be able to remove version");
} catch (DocumentSecurityException e) {
// ok
}
// remove the proxy first
session.removeDocument(proxy.getRef());
session.save();
// we can now remove the version
session.removeDocument(version.getRef());
session.save();
}
@Test
public void shouldUnIndexSubTree() throws Exception {
buildAndIndexTree();
DocumentRef ref = new PathRef("/folder0/folder1/folder2");
Assert.assertTrue(session.exists(ref));
startTransaction();
session.removeDocument(ref);
TransactionHelper.commitOrRollbackTransaction();
waitForCompletion();
assertNumberOfCommandProcessed(1);
startTransaction();
SearchResponse searchResponse =
esa.getClient()
.prepareSearch(IDX_NAME)
.setTypes(TYPE_NAME)
.setSearchType(SearchType.DFS_QUERY_THEN_FETCH)
.setFrom(0)
.setSize(60)
.execute()
.actionGet();
Assert.assertEquals(2, searchResponse.getHits().getTotalHits());
}
@Test
public void testRemoveSingleDocVersion() throws Exception {
DocumentModel folder = new DocumentModelImpl("/", "folder#1", "Folder");
folder = session.createDocument(folder);
DocumentModel file = new DocumentModelImpl(folder.getPathAsString(), "file#1", "File");
file = session.createDocument(file);
checkVersions(file);
file.setPropertyValue("file:filename", "A");
file.putContextData(
ScopeType.REQUEST, VersioningDocument.CREATE_SNAPSHOT_ON_SAVE_KEY, Boolean.TRUE);
file = session.saveDocument(file);
checkVersions(file, "0.1");
DocumentModel lastversion = session.getLastDocumentVersion(file.getRef());
assertNotNull(lastversion);
assertTrue(lastversion.isVersion());
session.removeDocument(lastversion.getRef());
checkVersions(file);
}
@Test
public void testPublishingAfterVersionDelete() {
DocumentModel folder = session.createDocumentModel("/", "folder", "Folder");
folder = session.createDocument(folder);
DocumentModel doc = session.createDocumentModel("/", "file", "File");
doc = session.createDocument(doc);
checkVersions(doc);
VersionModel lastVersion = session.getLastVersion(doc.getRef());
assertNull(lastVersion);
DocumentModel lastVersionDocument = session.getLastDocumentVersion(doc.getRef());
assertNull(lastVersionDocument);
// publish
DocumentModel proxy = session.publishDocument(doc, folder);
checkVersions(doc, "0.1");
lastVersion = session.getLastVersion(doc.getRef());
assertNotNull(lastVersion);
assertEquals("0.1", lastVersion.getLabel());
lastVersionDocument = session.getLastDocumentVersion(doc.getRef());
assertNotNull(lastVersionDocument);
assertEquals("file", lastVersionDocument.getName());
// unpublish
session.removeDocument(proxy.getRef());
// delete the version
List<VersionModel> versions = session.getVersionsForDocument(doc.getRef());
assertEquals(1, versions.size());
DocumentModel docVersion = session.getDocumentWithVersion(doc.getRef(), versions.get(0));
session.removeDocument(docVersion.getRef());
checkVersions(doc);
lastVersion = session.getLastVersion(doc.getRef());
assertNull(lastVersion);
lastVersionDocument = session.getLastDocumentVersion(doc.getRef());
assertNull(lastVersionDocument);
// republish
DocumentModel newProxy = session.publishDocument(doc, folder);
checkVersions(doc, "0.2");
lastVersion = session.getLastVersion(doc.getRef());
assertNotNull(lastVersion);
assertEquals("0.2", lastVersion.getLabel());
lastVersionDocument = session.getLastDocumentVersion(doc.getRef());
assertNotNull(lastVersionDocument);
assertEquals("file", lastVersionDocument.getName());
}
private void createAndDeleteFile(String name) throws PropertyException {
DocumentModel file = new DocumentModelImpl("/testfolder", name, "File");
file.setPropertyValue("dc:title", "testfile Title");
file = session.createDocument(file);
session.save();
nextTransaction();
// at this point fulltext update is triggered async
session.removeDocument(new IdRef(file.getId()));
session.save();
waitForAsyncCompletion();
}
// security on versions, see TestLocalAPIWithCustomVersioning
@Test
public void testVersionSecurity() throws Exception {
DocumentModel folder = new DocumentModelImpl("/", "folder", "Folder");
folder = session.createDocument(folder);
ACP acp = new ACPImpl();
ACE ace = new ACE("princ1", "perm1", true);
ACL acl = new ACLImpl("acl1", false);
acl.add(ace);
acp.addACL(acl);
session.setACP(folder.getRef(), acp, true);
DocumentModel file = new DocumentModelImpl("/folder", "file", "File");
file = session.createDocument(file);
// set security
acp = new ACPImpl();
ace = new ACE("princ2", "perm2", true);
acl = new ACLImpl("acl2", false);
acl.add(ace);
acp.addACL(acl);
session.setACP(file.getRef(), acp, true);
session.save();
DocumentModel proxy = session.publishDocument(file, folder);
DocumentModel version = session.getLastDocumentVersion(file.getRef());
session.save();
// check security on version
acp = session.getACP(version.getRef());
ACL[] acls = acp.getACLs();
assertEquals(2, acls.length);
acl = acls[0];
assertEquals(1, acl.size());
assertEquals("princ2", acl.get(0).getUsername());
acl = acls[1];
assertEquals(1 + 3, acl.size()); // 1 + 3 root defaults
assertEquals("princ1", acl.get(0).getUsername());
// remove live document (there's a proxy so the version stays)
session.removeDocument(file.getRef());
session.save();
// recheck security on version (works because we're administrator)
acp = session.getACP(version.getRef());
assertNull(acp);
// check proxy still accessible (in another session)
try (CoreSession session2 = openSessionAs(SecurityConstants.ADMINISTRATOR)) {
session2.getDocument(proxy.getRef());
}
}
/**
* update updateEmptySidebar
*
* @param session
*/
public static void updateEmptySidebar(CoreSession session) {
try {
DocumentModelList children = session.query("SELECT * FROM " + Docs.SITE.type());
for (DocumentModel docLabsSite : children) {
LabsSite labsSite = Tools.getAdapter(LabsSite.class, docLabsSite, session);
HtmlPage sidebar = labsSite.getSidebar();
if (sidebar.getSections().size() < 2) {
session.removeDocument(sidebar.getDocument().getRef());
session.save();
LabsSiteUtils.createDefaultSidebarPage(labsSite.getDocument(), session);
session.save();
}
}
} catch (ClientException e) {
LOG.error("updateEmptySidebar : ", e);
}
}
// Creates 3 versions and removes the last.
@Test
public void testRemoveLastDocVersion() throws Exception {
DocumentModel folder = new DocumentModelImpl("/", "folder#1", "Folder");
folder = session.createDocument(folder);
DocumentModel file = new DocumentModelImpl(folder.getPathAsString(), "file#1", "File");
file = session.createDocument(file);
createTrioVersions(file);
final int VERSION_INDEX = 2;
DocumentModel lastversion = session.getVersions(file.getRef()).get(VERSION_INDEX);
assertNotNull(lastversion);
assertTrue(lastversion.isVersion());
session.removeDocument(lastversion.getRef());
checkVersions(file, "0.1", "0.2");
}
@Test
public void testBlobFilenamePresent() throws Exception {
createDocs();
ExportedDocument exportedDoc = new ExportedDocumentImpl(docToExport, true);
assertEquals("File", exportedDoc.getType());
session.removeDocument(docToExport.getRef());
session.save();
assertEquals(0, session.getChildren(workspace.getRef()).size());
DocumentWriter writer = new DocumentModelWriter(session, rootDocument.getPathAsString());
writer.write(exportedDoc);
DocumentModelList children = session.getChildren(workspace.getRef());
assertEquals(1, children.size());
DocumentModel importedDocument = children.get(0);
Blob blob = (Blob) importedDocument.getProperty("file", "content");
assertEquals("dummyBlob.txt", blob.getFilename());
}
// copied from TestAPI in nuxeo-core-facade
@Test
public void testPermissionChecks() throws Throwable {
CoreSession joeReaderSession = null;
CoreSession joeContributorSession = null;
CoreSession joeLocalManagerSession = null;
DocumentRef ref = createDocumentModelWithSamplePermissions("docWithPerms");
try {
// reader only has the right to consult the document
joeReaderSession = openSessionAs("joe_reader");
DocumentModel joeReaderDoc = joeReaderSession.getDocument(ref);
try {
joeReaderSession.saveDocument(joeReaderDoc);
fail("should have raised a security exception");
} catch (DocumentSecurityException e) {
}
try {
joeReaderSession.createDocument(
new DocumentModelImpl(joeReaderDoc.getPathAsString(), "child", "File"));
fail("should have raised a security exception");
} catch (DocumentSecurityException e) {
}
try {
joeReaderSession.removeDocument(ref);
fail("should have raised a security exception");
} catch (DocumentSecurityException e) {
}
joeReaderSession.save();
// contributor only has the right to write the properties of
// document
joeContributorSession = openSessionAs("joe_contributor");
DocumentModel joeContributorDoc = joeContributorSession.getDocument(ref);
joeContributorSession.saveDocument(joeContributorDoc);
DocumentRef childRef =
joeContributorSession
.createDocument(
new DocumentModelImpl(joeContributorDoc.getPathAsString(), "child", "File"))
.getRef();
joeContributorSession.save();
// joe contributor can copy the newly created doc
joeContributorSession.copy(childRef, ref, "child_copy");
// joe contributor cannot move the doc
try {
joeContributorSession.move(childRef, ref, "child_move");
fail("should have raised a security exception");
} catch (DocumentSecurityException e) {
}
// joe contributor cannot remove the folder either
try {
joeContributorSession.removeDocument(ref);
fail("should have raised a security exception");
} catch (DocumentSecurityException e) {
}
joeContributorSession.save();
// local manager can read, write, create and remove
joeLocalManagerSession = openSessionAs("joe_localmanager");
DocumentModel joeLocalManagerDoc = joeLocalManagerSession.getDocument(ref);
joeLocalManagerSession.saveDocument(joeLocalManagerDoc);
childRef =
joeLocalManagerSession
.createDocument(
new DocumentModelImpl(joeLocalManagerDoc.getPathAsString(), "child2", "File"))
.getRef();
joeLocalManagerSession.save();
// joe local manager can copy the newly created doc
joeLocalManagerSession.copy(childRef, ref, "child2_copy");
// joe local manager cannot move the doc
joeLocalManagerSession.move(childRef, ref, "child2_move");
joeLocalManagerSession.removeDocument(ref);
joeLocalManagerSession.save();
} finally {
Throwable rethrow = null;
if (joeReaderSession != null) {
try {
closeSession(joeReaderSession);
} catch (Throwable t) {
rethrow = t;
}
}
if (joeContributorSession != null) {
try {
closeSession(joeContributorSession);
} catch (Throwable t) {
if (rethrow == null) {
rethrow = t;
}
}
}
if (joeLocalManagerSession != null) {
try {
closeSession(joeLocalManagerSession);
} catch (Throwable t) {
if (rethrow == null) {
rethrow = t;
}
}
}
if (rethrow != null) {
throw rethrow;
}
}
}
@Test
public void testSecurity() {
// temporary set an Everything privileges on the root for anonymous
// so that we can create a folder
setPermissionToAnonymous(EVERYTHING);
CoreSession anonSession = openSessionAs("anonymous");
try {
DocumentModel root = anonSession.getRootDocument();
DocumentModel folder = new DocumentModelImpl(root.getPathAsString(), "folder#1", "Folder");
folder = anonSession.createDocument(folder);
ACP acp = folder.getACP();
assertNotNull(acp); // the acp inherited from root is returned
acp = new ACPImpl();
ACL acl = new ACLImpl();
acl.add(new ACE("a", "Read", true));
acl.add(new ACE("b", "Write", true));
acp.addACL(acl);
folder.setACP(acp, true);
acp = folder.getACP();
assertNotNull(acp);
assertEquals("a", acp.getACL(ACL.LOCAL_ACL).get(0).getUsername());
assertEquals("b", acp.getACL(ACL.LOCAL_ACL).get(1).getUsername());
assertSame(GRANT, acp.getAccess("a", "Read"));
assertSame(UNKNOWN, acp.getAccess("a", "Write"));
assertSame(GRANT, acp.getAccess("b", "Write"));
assertSame(UNKNOWN, acp.getAccess("b", "Read"));
assertSame(UNKNOWN, acp.getAccess("c", "Read"));
assertSame(UNKNOWN, acp.getAccess("c", "Write"));
// insert a deny Write ACE before the GRANT
acp.getACL(ACL.LOCAL_ACL).add(0, new ACE("b", "Write", false));
// store changes
folder.setACP(acp, true);
// refetch ac
acp = folder.getACP();
// check perms now
assertSame(GRANT, acp.getAccess("a", "Read"));
assertSame(UNKNOWN, acp.getAccess("a", "Write"));
assertSame(DENY, acp.getAccess("b", "Write"));
assertSame(UNKNOWN, acp.getAccess("b", "Read"));
assertSame(UNKNOWN, acp.getAccess("c", "Read"));
assertSame(UNKNOWN, acp.getAccess("c", "Write"));
// create a child document and grant on it the write for b
// remove anonymous Everything privileges on the root
// so that it not influence test results
removePermissionToAnonymous();
anonSession.save(); // process invalidations
try {
DocumentModel folder2 =
new DocumentModelImpl(folder.getPathAsString(), "folder#2", "Folder");
folder2 = anonSession.createDocument(folder2);
fail("privilege is granted but should not be");
} catch (DocumentSecurityException e) {
// ok
}
setPermissionToAnonymous(EVERYTHING);
anonSession.save(); // process invalidations
root = anonSession.getRootDocument();
// and try again - this time it should work
DocumentModel folder2 = new DocumentModelImpl(folder.getPathAsString(), "folder#2", "Folder");
folder2 = anonSession.createDocument(folder2);
ACP acp2 = new ACPImpl();
acl = new ACLImpl();
acl.add(new ACE("b", "Write", true));
acp2.addACL(acl);
folder2.setACP(acp2, true);
acp2 = folder2.getACP();
assertSame(GRANT, acp2.getAccess("a", "Read"));
assertSame(UNKNOWN, acp2.getAccess("a", "Write"));
assertSame(GRANT, acp2.getAccess("b", "Write"));
assertSame(UNKNOWN, acp2.getAccess("b", "Read"));
assertSame(UNKNOWN, acp2.getAccess("c", "Read"));
assertSame(UNKNOWN, acp2.getAccess("c", "Write"));
// remove anonymous Everything privileges on the root
// so that it not influence test results
removePermissionToAnonymous();
anonSession.save(); // process invalidations
setPermissionToEveryone(WRITE, REMOVE, ADD_CHILDREN, REMOVE_CHILDREN, READ);
root = anonSession.getRootDocument();
DocumentModel folder3 = new DocumentModelImpl(folder.getPathAsString(), "folder#3", "Folder");
folder3 = anonSession.createDocument(folder3);
anonSession.removeDocument(folder3.getRef());
removePermissionToEveryone();
setPermissionToEveryone(REMOVE);
anonSession.save(); // process invalidations
try {
folder3 = new DocumentModelImpl(folder.getPathAsString(), "folder#3", "Folder");
folder3 = anonSession.createDocument(folder3);
fail();
} catch (Exception e) {
}
} finally {
closeSession(anonSession);
}
}
