inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-14 17:58:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged HEAD-BUG-FIX (5.0/Cloud) to HEAD (4.3/Cloud)

Browse Source 
73689: Merged V4.2-BUG-FIX (4.2.3) to HEAD-BUG-FIX (4.3/Cloud)
      73592: Merged DEV to V4.2-BUG-FIX
      73341 : MNT-11595 : Downgrading permission from Manager to Consumer, user still allowed to create WIKI pages
       Add the changes - for wiki container we will get site permission. Add unit test. 


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@74804 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Will Abson
2014-06-25 16:07:29 +00:00
parent 70b5ca8794
commit 151127b342
2 changed files with 68 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
source/test-java/org/alfresco/repo/web/scripts/wiki/WikiRestApiTest.java
View File

@@ -34,6 +34,7 @@ import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.security.MutableAuthenticationService;
import org.alfresco.service.cmr.security.PersonService;
import org.alfresco.service.cmr.site.SiteInfo;
import org.alfresco.service.cmr.site.SiteRole;
import org.alfresco.service.cmr.site.SiteService;
import org.alfresco.service.cmr.site.SiteVisibility;
import org.alfresco.service.cmr.wiki.WikiPageInfo;
@@ -910,4 +911,69 @@ public class WikiRestApiTest extends BaseWebScriptTest
sendRequest(new GetRequest(URL_WIKI_LIST), Status.STATUS_NOT_FOUND);
}
public void test_MNT11595() throws Exception
{
final String user = "wikiUser";
try
{
// admin authentication
this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
MutableAuthenticationService mas = (MutableAuthenticationService) getServer().getApplicationContext().getBean("authenticationService");
// create user
createUser(user, SiteModel.SITE_MANAGER);
assertTrue(personService.personExists(user));
// invite user to a site with 'Manager' role
siteService.setMembership(SITE_SHORT_NAME_WIKI, user, SiteRole.SiteManager.toString());
// user authentication
this.authenticationComponent.setCurrentUser(user);
// create wiki page by user ('Manager' role)
WikiPageInfo wikiPage = this.wikiService.createWikiPage(SITE_SHORT_NAME_WIKI, "test wiki page",
"I like pigs. Dogs look up to us. Cats look down on us. Pigs treat us as equals. Sir Winston Churchill");
String uri = "/slingshot/wiki/page/" + SITE_SHORT_NAME_WIKI + "/Main_Page?alf_ticket=" + mas.getCurrentTicket() + "application/json";
Response responseManagerRole = sendRequest(new GetRequest(uri), 404);
JSONObject resultManagerRole = new JSONObject(responseManagerRole.getContentAsString());
JSONObject permissionsManagerRole = resultManagerRole.getJSONObject("permissions");
assertTrue(permissionsManagerRole.getBoolean("create"));
assertTrue(permissionsManagerRole.getBoolean("edit"));
// admin authentication
this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
// change user role - 'Consumer' role
siteService.setMembership(SITE_SHORT_NAME_WIKI, user, SiteRole.SiteConsumer.toString());
// user authentication
this.authenticationComponent.setCurrentUser(user);
Response responseConsumerRole = sendRequest(new GetRequest(uri), 404);
JSONObject resultConsumerRole = new JSONObject(responseConsumerRole.getContentAsString());
JSONObject permissionsConsumerRole = resultConsumerRole.getJSONObject("permissions");
assertFalse(permissionsConsumerRole.getBoolean("create"));
assertFalse(permissionsConsumerRole.getBoolean("edit"));
}
finally
{
this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
if (personService.personExists(user))
{
personService.deletePerson(user);
}
if (this.authenticationService.authenticationExists(user))
{
this.authenticationService.deleteAuthentication(user);
}
}
}
}