Merged HEAD-BUG-FIX (5.0/Cloud) to HEAD (4.3/Cloud)

73689: Merged V4.2-BUG-FIX (4.2.3) to HEAD-BUG-FIX (4.3/Cloud) 73592: Merged DEV to V4.2-BUG-FIX 73341 : MNT-11595 : Downgrading permission from Manager to Consumer, user still allowed to create WIKI pages Add the changes - for wiki container we will get site permission. Add unit test. git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@74804 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-08-14 17:58:59 +00:00 · 2014-06-25 16:07:29 +00:00
parent 70b5ca8794
commit 151127b342
2 changed files with 68 additions and 11 deletions
--- a/source/java/org/alfresco/repo/web/scripts/wiki/WikiPageGet.java
+++ b/source/java/org/alfresco/repo/web/scripts/wiki/WikiPageGet.java
@@ -67,18 +67,9 @@ public class WikiPageGet extends AbstractWikiWebScript
         status.setMessage(message);
         status.setRedirect(true);
         
-         // Grab the container, used in permissions checking
-         NodeRef container = siteService.getContainer(
-               site.getShortName(), WikiServiceImpl.WIKI_COMPONENT);
-         
-         // If there's no container yet, the site will do for permissions
-         if (container == null)
-         {
-            container = site.getNodeRef();
-         }
-         
+         // MNT-11595 Downgrading permission from Manager to Consumer, user still allowed to create WIKI pages
         // Record these
-         model.put("container", container);
+         model.put("container", site.getNodeRef());
         model.put("error", rb.getString(MSG_NOT_FOUND));
         
         // Bail out
--- a/source/test-java/org/alfresco/repo/web/scripts/wiki/WikiRestApiTest.java
+++ b/source/test-java/org/alfresco/repo/web/scripts/wiki/WikiRestApiTest.java
@@ -34,6 +34,7 @@ import org.alfresco.service.cmr.repository.NodeService;
 import org.alfresco.service.cmr.security.MutableAuthenticationService;
 import org.alfresco.service.cmr.security.PersonService;
 import org.alfresco.service.cmr.site.SiteInfo;
+import org.alfresco.service.cmr.site.SiteRole;
 import org.alfresco.service.cmr.site.SiteService;
 import org.alfresco.service.cmr.site.SiteVisibility;
 import org.alfresco.service.cmr.wiki.WikiPageInfo;
@@ -910,4 +911,69 @@ public class WikiRestApiTest extends BaseWebScriptTest
       
       sendRequest(new GetRequest(URL_WIKI_LIST), Status.STATUS_NOT_FOUND);
    }
+    
+    public void test_MNT11595() throws Exception
+    {
+        final String user = "wikiUser";
+
+        try
+        {
+            // admin authentication
+            this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
+
+            MutableAuthenticationService mas = (MutableAuthenticationService) getServer().getApplicationContext().getBean("authenticationService");
+
+            // create user
+            createUser(user, SiteModel.SITE_MANAGER);
+
+            assertTrue(personService.personExists(user));
+
+            // invite user to a site with 'Manager' role
+            siteService.setMembership(SITE_SHORT_NAME_WIKI, user, SiteRole.SiteManager.toString());
+
+            // user authentication
+            this.authenticationComponent.setCurrentUser(user);
+
+            // create wiki page by user ('Manager' role)
+            WikiPageInfo wikiPage = this.wikiService.createWikiPage(SITE_SHORT_NAME_WIKI, "test wiki page",
+                    "I like pigs. Dogs look up to us. Cats look down on us. Pigs treat us as equals. Sir Winston Churchill");
+
+            String uri = "/slingshot/wiki/page/" + SITE_SHORT_NAME_WIKI + "/Main_Page?alf_ticket=" + mas.getCurrentTicket() + "application/json";
+
+            Response responseManagerRole = sendRequest(new GetRequest(uri), 404);
+            JSONObject resultManagerRole = new JSONObject(responseManagerRole.getContentAsString());
+            JSONObject permissionsManagerRole = resultManagerRole.getJSONObject("permissions");
+            assertTrue(permissionsManagerRole.getBoolean("create"));
+            assertTrue(permissionsManagerRole.getBoolean("edit"));
+
+            // admin authentication
+            this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
+
+            // change user role - 'Consumer' role
+            siteService.setMembership(SITE_SHORT_NAME_WIKI, user, SiteRole.SiteConsumer.toString());
+
+            // user authentication
+            this.authenticationComponent.setCurrentUser(user);
+
+            Response responseConsumerRole = sendRequest(new GetRequest(uri), 404);
+            JSONObject resultConsumerRole = new JSONObject(responseConsumerRole.getContentAsString());
+            JSONObject permissionsConsumerRole = resultConsumerRole.getJSONObject("permissions");
+            assertFalse(permissionsConsumerRole.getBoolean("create"));
+            assertFalse(permissionsConsumerRole.getBoolean("edit"));
+        }
+        finally
+        {
+            this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
+
+            if (personService.personExists(user))
+            {
+                personService.deletePerson(user);
+            }
+
+            if (this.authenticationService.authenticationExists(user))
+            {
+                this.authenticationService.deleteAuthentication(user);
+            }
+        }
+    }
 }