mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-10-08 14:51:49 +00:00
RM: Global RM admin user added
* this allows code to be 'runAsRMAdmin' .. rather than having to use System (remember 'admin' isn't nessesarily an rm admin) * will give us the option to run rm rules as rmAdmin (this may be the default case for the time being and later part of the configuration of the rule) * will also allow us to add RM admin level security to methods (for example can only create a role if you are an rm admin) * rmAdmin user has global RM admin rights to all file plans (when we go to multi-file plan support) * rm user bootstrapped via module 'patch' .. this will execute on existing V2.1 db's * filePlanRoleService unit test (was missing! .. my bad!) * relates to RM-596 (this rule needs to be executed as the rm admin) git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@46749 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Roy Wetherall
@@ -0,0 +1,181 @@
|
||||
/*
|
||||
* Copyright (C) 2005-2013 Alfresco Software Limited.
|
||||
*
|
||||
* This file is part of Alfresco
|
||||
*
|
||||
* Alfresco is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Lesser General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* Alfresco is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Lesser General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Lesser General Public License
|
||||
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
package org.alfresco.module.org_alfresco_module_rm.test.service;
|
||||
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.module.org_alfresco_module_rm.capability.Capability;
|
||||
import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel;
|
||||
import org.alfresco.module.org_alfresco_module_rm.role.Role;
|
||||
import org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase;
|
||||
import org.alfresco.service.cmr.security.AuthorityType;
|
||||
|
||||
/**
|
||||
* File plan role service unit test
|
||||
*
|
||||
* @author Roy Wetherall
|
||||
* @since 2.1
|
||||
*/
|
||||
public class FilePlanRoleServiceImplTest extends BaseRMTestCase
|
||||
{
|
||||
@Override
|
||||
protected boolean isUserTest()
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
public void testGetAllRolesContainerGroup() throws Exception
|
||||
{
|
||||
doTestInTransaction(new Test<Void>()
|
||||
{
|
||||
public Void run()
|
||||
{
|
||||
String allRolesGroup = filePlanRoleService.getAllRolesContainerGroup(filePlan);
|
||||
assertNotNull(allRolesGroup);
|
||||
|
||||
Set<String> allRoles = authorityService.getContainedAuthorities(AuthorityType.GROUP, allRolesGroup, true);
|
||||
assertNotNull(allRoles);
|
||||
assertTrue(allRoles.contains(filePlanRoleService.getRole(filePlan, ROLE_NAME_POWER_USER).getRoleGroupName()));
|
||||
|
||||
return null;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
public void testGetRoles() throws Exception
|
||||
{
|
||||
doTestInTransaction(new Test<Void>()
|
||||
{
|
||||
public Void run()
|
||||
{
|
||||
Set<Role> roles = filePlanRoleService.getRoles(filePlan);
|
||||
assertNotNull(roles);
|
||||
assertTrue(roles.size() != 0);
|
||||
|
||||
return null;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
public void testRolesByUser() throws Exception
|
||||
{
|
||||
doTestInTransaction(new Test<Void>()
|
||||
{
|
||||
public Void run()
|
||||
{
|
||||
Set<Role> roles = filePlanRoleService.getRolesByUser(filePlan, rmUserName);
|
||||
assertNotNull(roles);
|
||||
assertEquals(1, roles.size());
|
||||
|
||||
return null;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
public void testGetRole() throws Exception
|
||||
{
|
||||
doTestInTransaction(new Test<Void>()
|
||||
{
|
||||
public Void run()
|
||||
{
|
||||
Role role = filePlanRoleService.getRole(filePlan, ROLE_NAME_POWER_USER);
|
||||
assertNotNull(role);
|
||||
assertEquals(ROLE_NAME_POWER_USER, role.getName());
|
||||
|
||||
role = filePlanRoleService.getRole(filePlan, "donkey");
|
||||
assertNull(role);
|
||||
|
||||
return null;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
public void testExistsRole() throws Exception
|
||||
{
|
||||
doTestInTransaction(new Test<Void>()
|
||||
{
|
||||
public Void run()
|
||||
{
|
||||
assertTrue(filePlanRoleService.existsRole(filePlan, ROLE_NAME_POWER_USER));
|
||||
assertFalse(filePlanRoleService.existsRole(filePlan, "donkey"));
|
||||
|
||||
return null;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
public void testCreateUpdateDeleteRole() throws Exception
|
||||
{
|
||||
doTestInTransaction(new Test<Void>()
|
||||
{
|
||||
public Void run()
|
||||
{
|
||||
assertFalse(filePlanRoleService.existsRole(filePlan, "Michelle Holt"));
|
||||
|
||||
Set<Capability> caps = new HashSet<Capability>(2);
|
||||
caps.add(capabilityService.getCapability(RMPermissionModel.ACCESS_AUDIT));
|
||||
caps.add(capabilityService.getCapability(RMPermissionModel.ADD_MODIFY_EVENT_DATES));
|
||||
|
||||
Role role = filePlanRoleService.createRole(filePlan, "Michelle Holt", "Michelle Holt", caps);
|
||||
assertNotNull(role);
|
||||
assertEquals("Michelle Holt", role.getName());
|
||||
assertEquals(2, role.getCapabilities().size());
|
||||
|
||||
assertTrue(filePlanRoleService.existsRole(filePlan, "Michelle Holt"));
|
||||
|
||||
caps.add(capabilityService.getCapability(RMPermissionModel.AUTHORIZE_ALL_TRANSFERS));
|
||||
|
||||
role = filePlanRoleService.updateRole(filePlan, "Michelle Holt", "Michelle Wetherall", caps);
|
||||
assertNotNull(role);
|
||||
assertEquals("Michelle Holt", role.getName());
|
||||
assertEquals(3, role.getCapabilities().size());
|
||||
|
||||
assertTrue(filePlanRoleService.existsRole(filePlan, "Michelle Holt"));
|
||||
|
||||
filePlanRoleService.deleteRole(filePlan, "Michelle Holt");
|
||||
|
||||
assertFalse(filePlanRoleService.existsRole(filePlan, "Michelle Holt"));
|
||||
|
||||
return null;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
public void testAssignRoleToAuthority() throws Exception
|
||||
{
|
||||
doTestInTransaction(new Test<Void>()
|
||||
{
|
||||
public Void run()
|
||||
{
|
||||
Set<Role> roles = filePlanRoleService.getRolesByUser(filePlan, rmUserName);
|
||||
assertNotNull(roles);
|
||||
assertEquals(1, roles.size());
|
||||
|
||||
filePlanRoleService.assignRoleToAuthority(filePlan, ROLE_NAME_RECORDS_MANAGER, rmUserName);
|
||||
|
||||
roles = filePlanRoleService.getRolesByUser(filePlan, rmUserName);
|
||||
assertNotNull(roles);
|
||||
assertEquals(2, roles.size());
|
||||
|
||||
return null;
|
||||
}
|
||||
});
|
||||
}
|
||||
}
|
||||
@@ -661,6 +661,22 @@ public abstract class BaseRMTestCase extends RetryingTransactionHelperTestCase
|
||||
siteService.setMembership(COLLABORATION_SITE_ID, dmCollaborator, SiteModel.SITE_COLLABORATOR);
|
||||
}
|
||||
|
||||
/**
|
||||
* Override to ensure the tests are run as the 'rmadmin' user by default.
|
||||
*/
|
||||
|
||||
@Override
|
||||
protected <A> A doTestInTransaction(Test<A> test)
|
||||
{
|
||||
return super.doTestInTransaction(test, FilePlanRoleService.RM_ADMIN_USER);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void doTestInTransaction(FailureTest test)
|
||||
{
|
||||
super.doTestInTransaction(test, FilePlanRoleService.RM_ADMIN_USER);
|
||||
}
|
||||
|
||||
/**
|
||||
* Helper class to try and simplify {@link Void} tests.
|
||||
*
|
||||
|
||||
Reference in New Issue
Block a user