inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-24 17:32:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

AVMLockingService is better tested now. Added isAdminAuthority() to

Browse Source 
AuthorityService.  Can be removed if this is objectionable.


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@5887 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Britt Park
2007-06-07 20:20:34 +00:00
parent df8ecd7398
commit 32d169b99b
7 changed files with 200 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
config/alfresco/public-services-context.xml
View File

@@ -1078,6 +1078,9 @@
<value>getLock</value> <value>getLock</value>
<value>getUserLocks</value> <value>getUserLocks</value>
<value>getWebProjectLocks</value> <value>getWebProjectLocks</value>
<value>getWebProjects</value>
<value>getStoreLocks</value>
<value>hasAccess</value>
</list> </list>
</property> </property>
</bean> </bean>
@@ -1092,6 +1095,8 @@
<value>lockPath</value> <value>lockPath</value>
<value>removeLock</value> <value>removeLock</value>
<value>removeWebProject</value> <value>removeWebProject</value>
<value>modifyLock</value>
<value>removeStoreLocks</value>
</list> </list>
</property> </property>
</bean> </bean>

28
source/java/org/alfresco/repo/avm/locking/AVMLockingServiceImpl.java
View File

@@ -209,8 +209,8 @@ public class AVMLockingServiceImpl implements AVMLockingService
{ {
for (String authority : lock.getOwners()) for (String authority : lock.getOwners())
{ {
if (fPersonService.getPerson(authority) == null && if (!fAuthorityService.authorityExists(authority) &&
!fAuthorityService.authorityExists(authority)) !fPersonService.personExists(authority))
{ {
throw new AVMBadArgumentException("Not an Authority: " + authority); throw new AVMBadArgumentException("Not an Authority: " + authority);
} }
@@ -466,8 +466,8 @@ public class AVMLockingServiceImpl implements AVMLockingService
{ {
for (String user : usersToAdd) for (String user : usersToAdd)
{ {
if (fPersonService.getPerson(user) == null && if (!fAuthorityService.authorityExists(user) &&
!fAuthorityService.authorityExists(user)) !fPersonService.personExists(user))
{ {
throw new AVMBadArgumentException("Not an authority: " + user); throw new AVMBadArgumentException("Not an authority: " + user);
} }
@@ -512,6 +512,10 @@ public class AVMLockingServiceImpl implements AVMLockingService
{ {
return false; return false;
} }
if (fAuthorityService.isAdminAuthority(user))
{
return true;
}
String[] storePath = avmPath.split(":"); String[] storePath = avmPath.split(":");
if (storePath.length != 2) if (storePath.length != 2)
{ {
@@ -527,11 +531,6 @@ public class AVMLockingServiceImpl implements AVMLockingService
{ {
return false; return false;
} }
// TODO is this meaningful? I don't think so.
if (AuthorityType.getAuthorityType(user) == AuthorityType.ADMIN)
{
return true;
}
List<String> owners = lock.getOwners(); List<String> owners = lock.getOwners();
for (String owner : owners) for (String owner : owners)
{ {
@@ -569,4 +568,15 @@ public class AVMLockingServiceImpl implements AVMLockingService
} }
return false; return false;
} }
/* (non-Javadoc)
* @see org.alfresco.service.cmr.avm.locking.AVMLockingService#getWebProjects()
*/
public List<String> getWebProjects()
{
List<String> keys = new ArrayList<String>();
keys.add(LOCK_TABLE);
keys.add(WEB_PROJECTS);
return fAttributeService.getKeys(keys);
}
} }

143
source/java/org/alfresco/repo/avm/locking/AVMLockingServiceTest.java
View File

@@ -25,16 +25,10 @@
package org.alfresco.repo.avm.locking; package org.alfresco.repo.avm.locking;
import java.io.Serializable;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.HashMap;
import java.util.List; import java.util.List;
import java.util.Map;
import java.util.Set;
import org.alfresco.model.ContentModel;
import org.alfresco.repo.security.authentication.AuthenticationComponent; import org.alfresco.repo.security.authentication.AuthenticationComponent;
import org.alfresco.repo.security.authentication.AuthenticationComponentImpl;
import org.alfresco.service.cmr.attributes.AttributeService; import org.alfresco.service.cmr.attributes.AttributeService;
import org.alfresco.service.cmr.avm.locking.AVMLock; import org.alfresco.service.cmr.avm.locking.AVMLock;
import org.alfresco.service.cmr.avm.locking.AVMLockingService; import org.alfresco.service.cmr.avm.locking.AVMLockingService;
@@ -42,7 +36,6 @@ import org.alfresco.service.cmr.security.AuthenticationService;
import org.alfresco.service.cmr.security.AuthorityService; import org.alfresco.service.cmr.security.AuthorityService;
import org.alfresco.service.cmr.security.AuthorityType; import org.alfresco.service.cmr.security.AuthorityType;
import org.alfresco.service.cmr.security.PersonService; import org.alfresco.service.cmr.security.PersonService;
import org.alfresco.service.namespace.QName;
import org.springframework.context.support.FileSystemXmlApplicationContext; import org.springframework.context.support.FileSystemXmlApplicationContext;
import junit.framework.TestCase; import junit.framework.TestCase;
@@ -112,10 +105,10 @@ public class AVMLockingServiceTest extends TestCase
@Override @Override
protected void tearDown() throws Exception protected void tearDown() throws Exception
{ {
List<String> keys = fAttributeService.getKeys(""); List<String> webProjects = fService.getWebProjects();
for (String key : keys) for (String webProject : webProjects)
{ {
fAttributeService.removeAttribute("", key); fService.removeWebProject(webProject);
} }
fAuthenticationService.deleteAuthentication("Buffy"); fAuthenticationService.deleteAuthentication("Buffy");
fAuthenticationService.deleteAuthentication("Willow"); fAuthenticationService.deleteAuthentication("Willow");
@@ -180,4 +173,134 @@ public class AVMLockingServiceTest extends TestCase
fail(); fail();
} }
} }
public void testRoleBasedLocking()
{
try
{
fService.addWebProject("alfresco");
List<String> owners = new ArrayList<String>();
owners.add("ROLE_SUPER_POWERED");
owners.add("Tara");
AVMLock lock = new AVMLock("alfresco",
"Sunnydale",
"TheInitiative/Adam/plans.txt",
AVMLockingService.Type.DISCRETIONARY,
owners);
fService.lockPath(lock);
assertTrue(fService.hasAccess("alfresco", "Sunnydale:/TheInitiative/Adam/plans.txt", "Buffy"));
assertTrue(fService.hasAccess("alfresco", "Sunnydale:/TheInitiative/Adam/plans.txt", "Spike"));
assertFalse(fService.hasAccess("alfresco", "Sunnydale:/TheInitiative/Adam/plans.txt", "Willow"));
assertTrue(fService.hasAccess("alfresco", "Sunnydale:/TheInitiative/Adam/plans.txt", "Tara"));
assertFalse(fService.hasAccess("alfresco", "Sunnydale:/TheInitiative/Adam/plans.txt", "Xander"));
assertFalse(fService.hasAccess("alfresco", "LA:/TheInitiative/Adam/plans.txt", "Buffy"));
assertFalse(fService.hasAccess("alfresco", "LA:/TheInitiative/Adam/plans.txt", "Spike"));
assertFalse(fService.hasAccess("alfresco", "LA:/TheInitiative/Adam/plans.txt", "Willow"));
assertFalse(fService.hasAccess("alfresco", "LA:/TheInitiative/Adam/plans.txt", "Tara"));
assertFalse(fService.hasAccess("alfresco", "LA:/TheInitiative/Adam/plans.txt", "Xander"));
}
catch (Exception e)
{
e.printStackTrace();
fail();
}
}
public void testGroupBasedLocking()
{
try
{
fService.addWebProject("alfresco");
List<String> owners = new ArrayList<String>();
owners.add("GROUP_Scoobies");
owners.add("Tara");
AVMLock lock = new AVMLock("alfresco",
"Sunnydale",
"TheInitiative/Adam/plans.txt",
AVMLockingService.Type.DISCRETIONARY,
owners);
fService.lockPath(lock);
assertTrue(fService.hasAccess("alfresco", "Sunnydale:/TheInitiative/Adam/plans.txt", "Buffy"));
assertFalse(fService.hasAccess("alfresco", "Sunnydale:/TheInitiative/Adam/plans.txt", "Spike"));
assertTrue(fService.hasAccess("alfresco", "Sunnydale:/TheInitiative/Adam/plans.txt", "Willow"));
assertTrue(fService.hasAccess("alfresco", "Sunnydale:/TheInitiative/Adam/plans.txt", "Tara"));
assertTrue(fService.hasAccess("alfresco", "Sunnydale:/TheInitiative/Adam/plans.txt", "Xander"));
assertFalse(fService.hasAccess("alfresco", "LA:/TheInitiative/Adam/plans.txt", "Buffy"));
assertFalse(fService.hasAccess("alfresco", "LA:/TheInitiative/Adam/plans.txt", "Spike"));
assertFalse(fService.hasAccess("alfresco", "LA:/TheInitiative/Adam/plans.txt", "Willow"));
assertFalse(fService.hasAccess("alfresco", "LA:/TheInitiative/Adam/plans.txt", "Tara"));
assertFalse(fService.hasAccess("alfresco", "LA:/TheInitiative/Adam/plans.txt", "Xander"));
}
catch (Exception e)
{
e.printStackTrace();
fail();
}
}
public void testLockModification()
{
try
{
fService.addWebProject("alfresco");
List<String> owners = new ArrayList<String>();
owners.add("GROUP_Scoobies");
owners.add("Tara");
AVMLock lock = new AVMLock("alfresco",
"Sunnydale",
"TheInitiative/Adam/plans.txt",
AVMLockingService.Type.DISCRETIONARY,
owners);
fService.lockPath(lock);
assertTrue(fService.hasAccess("alfresco", "Sunnydale:/TheInitiative/Adam/plans.txt", "Buffy"));
assertFalse(fService.hasAccess("alfresco", "Sunnydale:/TheInitiative/Adam/plans.txt", "Spike"));
assertTrue(fService.hasAccess("alfresco", "Sunnydale:/TheInitiative/Adam/plans.txt", "Willow"));
assertTrue(fService.hasAccess("alfresco", "Sunnydale:/TheInitiative/Adam/plans.txt", "Tara"));
assertTrue(fService.hasAccess("alfresco", "Sunnydale:/TheInitiative/Adam/plans.txt", "Xander"));
assertFalse(fService.hasAccess("alfresco", "LA:/TheInitiative/Adam/plans.txt", "Buffy"));
assertFalse(fService.hasAccess("alfresco", "LA:/TheInitiative/Adam/plans.txt", "Spike"));
assertFalse(fService.hasAccess("alfresco", "LA:/TheInitiative/Adam/plans.txt", "Willow"));
assertFalse(fService.hasAccess("alfresco", "LA:/TheInitiative/Adam/plans.txt", "Tara"));
assertFalse(fService.hasAccess("alfresco", "LA:/TheInitiative/Adam/plans.txt", "Xander"));
fService.modifyLock("alfresco", "TheInitiative/Adam/plans.txt", "ScrapHeap/Adam/plans.txt", null, null, null);
assertTrue(fService.hasAccess("alfresco", "Sunnydale:/ScrapHeap/Adam/plans.txt", "Buffy"));
assertFalse(fService.hasAccess("alfresco", "Sunnydale:/ScrapHeap/Adam/plans.txt", "Spike"));
assertTrue(fService.hasAccess("alfresco", "Sunnydale:/ScrapHeap/Adam/plans.txt", "Willow"));
assertTrue(fService.hasAccess("alfresco", "Sunnydale:/ScrapHeap/Adam/plans.txt", "Tara"));
assertTrue(fService.hasAccess("alfresco", "Sunnydale:/ScrapHeap/Adam/plans.txt", "Xander"));
fService.modifyLock("alfresco", "ScrapHeap/Adam/plans.txt", null, "LA", null, null);
assertTrue(fService.hasAccess("alfresco", "LA:/ScrapHeap/Adam/plans.txt", "Buffy"));
assertFalse(fService.hasAccess("alfresco", "LA:/ScrapHeap/Adam/plans.txt", "Spike"));
assertTrue(fService.hasAccess("alfresco", "LA:/ScrapHeap/Adam/plans.txt", "Willow"));
assertTrue(fService.hasAccess("alfresco", "LA:/ScrapHeap/Adam/plans.txt", "Tara"));
assertTrue(fService.hasAccess("alfresco", "LA:/ScrapHeap/Adam/plans.txt", "Xander"));
assertFalse(fService.hasAccess("alfresco", "Sunnydale:/ScrapHeap/Adam/plans.txt", "Buffy"));
assertFalse(fService.hasAccess("alfresco", "Sunnydale:/ScrapHeap/Adam/plans.txt", "Spike"));
assertFalse(fService.hasAccess("alfresco", "Sunnydale:/ScrapHeap/Adam/plans.txt", "Willow"));
assertFalse(fService.hasAccess("alfresco", "Sunnydale:/ScrapHeap/Adam/plans.txt", "Tara"));
assertFalse(fService.hasAccess("alfresco", "Sunnydale:/ScrapHeap/Adam/plans.txt", "Xander"));
List<String> usersToAdd = new ArrayList<String>();
usersToAdd.add("Spike");
fService.modifyLock("alfresco", "ScrapHeap/Adam/plans.txt", null, null, null, usersToAdd);
assertTrue(fService.hasAccess("alfresco", "LA:/ScrapHeap/Adam/plans.txt", "Buffy"));
assertTrue(fService.hasAccess("alfresco", "LA:/ScrapHeap/Adam/plans.txt", "Spike"));
assertTrue(fService.hasAccess("alfresco", "LA:/ScrapHeap/Adam/plans.txt", "Willow"));
assertTrue(fService.hasAccess("alfresco", "LA:/ScrapHeap/Adam/plans.txt", "Tara"));
assertTrue(fService.hasAccess("alfresco", "LA:/ScrapHeap/Adam/plans.txt", "Xander"));
List<String> usersToRemove = new ArrayList<String>();
usersToRemove.add("GROUP_Scoobies");
fService.modifyLock("alfresco", "ScrapHeap/Adam/plans.txt", null, null, usersToRemove, null);
assertFalse(fService.hasAccess("alfresco", "LA:/ScrapHeap/Adam/plans.txt", "Buffy"));
assertTrue(fService.hasAccess("alfresco", "LA:/ScrapHeap/Adam/plans.txt", "Spike"));
assertFalse(fService.hasAccess("alfresco", "LA:/ScrapHeap/Adam/plans.txt", "Willow"));
assertTrue(fService.hasAccess("alfresco", "LA:/ScrapHeap/Adam/plans.txt", "Tara"));
assertFalse(fService.hasAccess("alfresco", "LA:/ScrapHeap/Adam/plans.txt", "Xander"));
assertTrue(fService.hasAccess("alfresco", "LA:/ScrapHeap/Adam/plans.txt", "admin"));
}
catch (Exception e)
{
e.printStackTrace();
fail();
}
}
} }

13
source/java/org/alfresco/repo/security/authority/AuthorityServiceImpl.java
View File

@@ -99,6 +99,19 @@ public class AuthorityServiceImpl implements AuthorityService
return ((currentUserName != null) && adminUsers.contains(currentUserName)); return ((currentUserName != null) && adminUsers.contains(currentUserName));
} }
/* (non-Javadoc)
* @see org.alfresco.service.cmr.security.AuthorityService#isAdminAuthority(java.lang.String)
*/
public boolean isAdminAuthority(String authorityName)
{
String canonicalName = personService.getUserIdentifier(authorityName);
if (canonicalName == null)
{
canonicalName = authorityName;
}
return adminUsers.contains(canonicalName);
}
// IOC // IOC
public void setAuthenticationComponent(AuthenticationComponent authenticationComponent) public void setAuthenticationComponent(AuthenticationComponent authenticationComponent)

13
source/java/org/alfresco/repo/security/authority/SimpleAuthorityServiceImpl.java
View File

@@ -84,6 +84,19 @@ public class SimpleAuthorityServiceImpl implements AuthorityService
return ((currentUserName != null) && adminUsers.contains(currentUserName)); return ((currentUserName != null) && adminUsers.contains(currentUserName));
} }
/* (non-Javadoc)
* @see org.alfresco.service.cmr.security.AuthorityService#isAdminAuthority(java.lang.String)
*/
public boolean isAdminAuthority(String authorityName)
{
String canonicalName = personService.getUserIdentifier(authorityName);
if (canonicalName == null)
{
canonicalName = authorityName;
}
return adminUsers.contains(canonicalName);
}
// IOC // IOC
public void setAuthenticationComponent(AuthenticationComponent authenticationComponent) public void setAuthenticationComponent(AuthenticationComponent authenticationComponent)

6
source/java/org/alfresco/service/cmr/avm/locking/AVMLockingService.java
View File

@@ -122,4 +122,10 @@ public interface AVMLockingService
* @return Whether the user has access. * @return Whether the user has access.
*/ */
public boolean hasAccess(String webProject, String avmPath, String user); public boolean hasAccess(String webProject, String avmPath, String user);
/**
* Get the names of all the web projects the service knows about.
* @return The list of web project names.
*/
public List<String> getWebProjects();
} }

9
source/java/org/alfresco/service/cmr/security/AuthorityService.java
View File

@@ -58,6 +58,15 @@ public interface AuthorityService
@Auditable @Auditable
public boolean hasAdminAuthority(); public boolean hasAdminAuthority();
/**
* Does the given authority have admin authority.
*
* @param authorityName The name of the authority.
* @return Whether the authority is an admin.
*/
@Auditable(parameters = {"authorityName"})
public boolean isAdminAuthority(String authorityName);
/** /**
* Get the authorities for the current user * Get the authorities for the current user
* *