Merged HEAD-BUG-FIX (5.0/Cloud) to HEAD (4.3/Cloud)

73689: Merged V4.2-BUG-FIX (4.2.3) to HEAD-BUG-FIX (4.3/Cloud) 73592: Merged DEV to V4.2-BUG-FIX 73341 : MNT-11595 : Downgrading permission from Manager to Consumer, user still allowed to create WIKI pages Add the changes - for wiki container we will get site permission. Add unit test. git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@74804 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-08-21 18:09:20 +00:00 · 2014-06-25 16:07:29 +00:00
parent 70b5ca8794
commit 151127b342
2 changed files with 68 additions and 11 deletions
--- a/source/java/org/alfresco/repo/web/scripts/wiki/WikiPageGet.java
+++ b/source/java/org/alfresco/repo/web/scripts/wiki/WikiPageGet.java
@@ -67,18 +67,9 @@ public class WikiPageGet extends AbstractWikiWebScript
         status.setMessage(message);
         status.setRedirect(true);
-         // Grab the container, used in permissions checking
+         // MNT-11595 Downgrading permission from Manager to Consumer, user still allowed to create WIKI pages
         NodeRef container = siteService.getContainer(
               site.getShortName(), WikiServiceImpl.WIKI_COMPONENT);
         // If there's no container yet, the site will do for permissions
         if (container == null)
         {
            container = site.getNodeRef();
         }
         // Record these
-         model.put("container", container);
+         model.put("container", site.getNodeRef());
         model.put("error", rb.getString(MSG_NOT_FOUND));
         // Bail out
--- a/source/test-java/org/alfresco/repo/web/scripts/wiki/WikiRestApiTest.java
+++ b/source/test-java/org/alfresco/repo/web/scripts/wiki/WikiRestApiTest.java
@@ -34,6 +34,7 @@ import org.alfresco.service.cmr.repository.NodeService;
 import org.alfresco.service.cmr.security.MutableAuthenticationService;
 import org.alfresco.service.cmr.security.PersonService;
 import org.alfresco.service.cmr.site.SiteInfo;
 import org.alfresco.service.cmr.site.SiteRole;
 import org.alfresco.service.cmr.site.SiteService;
 import org.alfresco.service.cmr.site.SiteVisibility;
 import org.alfresco.service.cmr.wiki.WikiPageInfo;
@@ -910,4 +911,69 @@ public class WikiRestApiTest extends BaseWebScriptTest
       sendRequest(new GetRequest(URL_WIKI_LIST), Status.STATUS_NOT_FOUND);
    }
    public void test_MNT11595() throws Exception
    {
        final String user = "wikiUser";
        try
        {
            // admin authentication
            this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
            MutableAuthenticationService mas = (MutableAuthenticationService) getServer().getApplicationContext().getBean("authenticationService");
            // create user
            createUser(user, SiteModel.SITE_MANAGER);
            assertTrue(personService.personExists(user));
            // invite user to a site with 'Manager' role
            siteService.setMembership(SITE_SHORT_NAME_WIKI, user, SiteRole.SiteManager.toString());
            // user authentication
            this.authenticationComponent.setCurrentUser(user);
            // create wiki page by user ('Manager' role)
            WikiPageInfo wikiPage = this.wikiService.createWikiPage(SITE_SHORT_NAME_WIKI, "test wiki page",
                    "I like pigs. Dogs look up to us. Cats look down on us. Pigs treat us as equals. Sir Winston Churchill");
            String uri = "/slingshot/wiki/page/" + SITE_SHORT_NAME_WIKI + "/Main_Page?alf_ticket=" + mas.getCurrentTicket() + "application/json";
            Response responseManagerRole = sendRequest(new GetRequest(uri), 404);
            JSONObject resultManagerRole = new JSONObject(responseManagerRole.getContentAsString());
            JSONObject permissionsManagerRole = resultManagerRole.getJSONObject("permissions");
            assertTrue(permissionsManagerRole.getBoolean("create"));
            assertTrue(permissionsManagerRole.getBoolean("edit"));
            // admin authentication
            this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
            // change user role - 'Consumer' role
            siteService.setMembership(SITE_SHORT_NAME_WIKI, user, SiteRole.SiteConsumer.toString());
            // user authentication
            this.authenticationComponent.setCurrentUser(user);
            Response responseConsumerRole = sendRequest(new GetRequest(uri), 404);
            JSONObject resultConsumerRole = new JSONObject(responseConsumerRole.getContentAsString());
            JSONObject permissionsConsumerRole = resultConsumerRole.getJSONObject("permissions");
            assertFalse(permissionsConsumerRole.getBoolean("create"));
            assertFalse(permissionsConsumerRole.getBoolean("edit"));
        }
        finally
        {
            this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
            if (personService.personExists(user))
            {
                personService.deletePerson(user);
            }
            if (this.authenticationService.authenticationExists(user))
            {
                this.authenticationService.deleteAuthentication(user);
            }
        }
    }
 }