inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-14 17:58:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #13 from Alfresco/fix/REPO-1943_remove_nonexistent_membership

Browse Source 
fix/REPO-1943_remove_nonexistent_membership
This commit is contained in:
ramunteanu
2017-10-26 11:48:55 +03:00
committed by GitHub
parent 287a12427e aa345673b6
commit 05bc9e6e91
2 changed files with 18 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/main/java/org/alfresco/rest/api/impl/GroupsImpl.java
View File

@@ -58,6 +58,7 @@ import org.alfresco.rest.api.model.GroupMember;
import org.alfresco.rest.framework.core.exceptions.ConstraintViolatedException; import org.alfresco.rest.framework.core.exceptions.ConstraintViolatedException;
import org.alfresco.rest.framework.core.exceptions.EntityNotFoundException; import org.alfresco.rest.framework.core.exceptions.EntityNotFoundException;
import org.alfresco.rest.framework.core.exceptions.InvalidArgumentException; import org.alfresco.rest.framework.core.exceptions.InvalidArgumentException;
import org.alfresco.rest.framework.core.exceptions.NotFoundException;
import org.alfresco.rest.framework.core.exceptions.PermissionDeniedException; import org.alfresco.rest.framework.core.exceptions.PermissionDeniedException;
import org.alfresco.rest.framework.core.exceptions.UnsupportedResourceOperationException; import org.alfresco.rest.framework.core.exceptions.UnsupportedResourceOperationException;
import org.alfresco.rest.framework.resource.parameters.CollectionWithPagingInfo; import org.alfresco.rest.framework.resource.parameters.CollectionWithPagingInfo;
@@ -809,7 +810,15 @@ public class GroupsImpl implements Groups
} }
validateGroupMemberId(groupMemberId); validateGroupMemberId(groupMemberId);
// TODO: Verify if groupMemberId is member of groupId
// Verify if groupMemberId is member of groupId
AuthorityType authorityType = AuthorityType.getAuthorityType(groupMemberId);
Set<String> parents = authorityService.getContainingAuthorities(AuthorityType.GROUP, groupMemberId, true);
if (!parents.contains(groupId))
{
throw new NotFoundException(groupMemberId + " is not member of " + groupId);
}
authorityService.removeAuthority(groupId, groupMemberId); authorityService.removeAuthority(groupId, groupMemberId);
} }

9
src/test/java/org/alfresco/rest/api/tests/GroupsTest.java
View File

@@ -1780,6 +1780,11 @@ public class GroupsTest extends AbstractSingleNetworkSiteTest
groupsProxy.deleteGroupMembership(GROUP_EVERYONE, groupMemberA.getId(), HttpServletResponse.SC_CONFLICT); groupsProxy.deleteGroupMembership(GROUP_EVERYONE, groupMemberA.getId(), HttpServletResponse.SC_CONFLICT);
} }
// Removing a group that is not a member (REPO-1943)
{
groupsProxy.deleteGroupMembership(groupB.getId(), personMember.getId(), HttpServletResponse.SC_NOT_FOUND);
}
// Authentication failed // Authentication failed
{ {
setRequestContext(networkOne.getId(), GUID.generate(), "password"); setRequestContext(networkOne.getId(), GUID.generate(), "password");
@@ -1788,8 +1793,10 @@ public class GroupsTest extends AbstractSingleNetworkSiteTest
// User does not have permission to delete a group membership // User does not have permission to delete a group membership
{ {
setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD);
groupsProxy.createGroupMember(groupA.getId(), personMember, HttpServletResponse.SC_CREATED);
setRequestContext(user1); setRequestContext(user1);
groupsProxy.deleteGroupMembership(groupA.getId(), groupMemberA.getId(), HttpServletResponse.SC_FORBIDDEN); groupsProxy.deleteGroupMembership(groupA.getId(), personMember.getId(), HttpServletResponse.SC_FORBIDDEN);
} }
} }
finally finally