From 3dc6ed9a710ae351e1b60e2450a1397670d16e9d Mon Sep 17 00:00:00 2001
From: Tom Page <tom.page@alfresco.com>
Date: Fri, 22 May 2015 08:43:12 +0000
Subject: [PATCH] RM-2123 Use runAsAuthentication instead of actual
 authentication.

Check that the user the command is run as has clearance to view the
classification levels, rather than the user that initiated the command.

+review RM-58

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@104729 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
---
 .../SecurityClearanceServiceImpl.java         |  2 +-
 .../util/AuthenticationUtil.java              | 31 +++++++++++++------
 .../SecurityClearanceServiceImplUnitTest.java | 12 +++----
 .../util/MockAuthenticationUtilHelper.java    | 15 ++++-----
 4 files changed, 37 insertions(+), 23 deletions(-)

diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImpl.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImpl.java
index 4374e24986..076d0ba220 100644
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImpl.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImpl.java
@@ -73,7 +73,7 @@ public class SecurityClearanceServiceImpl extends ServiceBaseImpl implements Sec
             return new SecurityClearance(null, clearanceManager.getMostSecureLevel());
         }
 
-        final String currentUser = authenticationUtil.getFullyAuthenticatedUser();
+        final String currentUser = authenticationUtil.getRunAsUser();
         ParameterCheck.mandatoryString("currentUser", currentUser);
 
         return getUserSecurityClearance(currentUser);
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/util/AuthenticationUtil.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/util/AuthenticationUtil.java
index a302118b20..d9abfb2372 100644
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/util/AuthenticationUtil.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/util/AuthenticationUtil.java
@@ -18,13 +18,14 @@
  */
 package org.alfresco.module.org_alfresco_module_rm.util;
 
+import org.alfresco.repo.security.authentication.AuthenticationException;
 import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
 
 /**
  * Helper bean to allow injection of AuthenticationUtil methods.
  * <p>
  * Useful when testing using mocks.
- * 
+ *
  * @author Roy Wetherall
  * @since 2.3
  */
@@ -53,46 +54,58 @@ public class AuthenticationUtil
     {
         return org.alfresco.repo.security.authentication.AuthenticationUtil.runAs(runAsWork, uid);
     }
-    
+
     /**
      * Helper method that gets the fully authenticated user.
      * <p>
      * Useful when testing using mocks.
-     * 
+     *
      * @see org.alfresco.repo.security.authentication.AuthenticationUtil#getFullyAuthenticatedUser()
      */
     public String getFullyAuthenticatedUser()
     {
         return org.alfresco.repo.security.authentication.AuthenticationUtil.getFullyAuthenticatedUser();
     }
-    
+
     /**
      * Helper method that gets the admin user name.
      * <p>
      * Useful when testing using mocks.
-     * 
+     *
      * @see org.alfresco.repo.security.authentication.AuthenticationUtil#getAdminUserName()
      */
     public String getAdminUserName()
     {
         return org.alfresco.repo.security.authentication.AuthenticationUtil.getAdminUserName();
     }
-    
+
     /**
      * Helper method that gets the system user name.
-     * 
+     *
      * @see org.alfresco.repo.security.authentication.AuthenticationUtil#getSystemUserName()
      */
     public String getSystemUserName()
     {
         return org.alfresco.repo.security.authentication.AuthenticationUtil.getSystemUserName();
     }
-    
+
     /**
      * @see org.alfresco.repo.security.authentication.AuthenticationUtil#isRunAsUserTheSystemUser()
      */
     public boolean isRunAsUserTheSystemUser()
     {
-        return org.alfresco.repo.security.authentication.AuthenticationUtil.isRunAsUserTheSystemUser();        
+        return org.alfresco.repo.security.authentication.AuthenticationUtil.isRunAsUserTheSystemUser();
+    }
+
+    /**
+     * Helper method to get the user that is currently in effect for purposes of authentication. This includes any
+     * overlays introduced by {@link #runAs}.
+     *
+     * @return Returns the name of the user
+     * @throws AuthenticationException
+     */
+    public String getRunAsUser() throws AuthenticationException
+    {
+        return org.alfresco.repo.security.authentication.AuthenticationUtil.getRunAsUser();
     }
 }
diff --git a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImplUnitTest.java b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImplUnitTest.java
index 05e6086780..1c5d0b6c3f 100644
--- a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImplUnitTest.java
+++ b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImplUnitTest.java
@@ -118,7 +118,7 @@ public class SecurityClearanceServiceImplUnitTest
 
         // Create the authorised user.
         String authorisedUserName = "authorisedUser";
-        when(mockAuthenticationUtil.getFullyAuthenticatedUser()).thenReturn(authorisedUserName);
+        when(mockAuthenticationUtil.getRunAsUser()).thenReturn(authorisedUserName);
         NodeRef authorisedPersonNode = new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, authorisedUserName);
         PersonInfo authorisedPersonInfo = new PersonInfo(authorisedPersonNode, authorisedUserName, "first", "last");
         when(mockPersonService.getPerson(authorisedUserName, false)).thenReturn(authorisedPersonNode);
@@ -167,7 +167,7 @@ public class SecurityClearanceServiceImplUnitTest
 
         // Create the user attempting to use the API with "Confidential" clearance.
         String userName = "unauthorisedUser";
-        when(mockAuthenticationUtil.getFullyAuthenticatedUser()).thenReturn(userName);
+        when(mockAuthenticationUtil.getRunAsUser()).thenReturn(userName);
         NodeRef personNode = new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, userName);
         PersonInfo personInfo = new PersonInfo(personNode, userName, "first", "last");
         when(mockPersonService.getPerson(userName, false)).thenReturn(personNode);
@@ -199,7 +199,7 @@ public class SecurityClearanceServiceImplUnitTest
         when(mockClassificationLevelManager.findLevelById("2")).thenReturn(secret);
 
         createMockPerson("Cleared", "Cleared", "Cleared", "2");
-        when(mockAuthenticationUtil.getFullyAuthenticatedUser()).thenReturn("Uncleared");
+        when(mockAuthenticationUtil.getRunAsUser()).thenReturn("Cleared");
         when(mockClearanceLevelManager.findLevelByClassificationLevelId("2")).thenReturn(new ClearanceLevel(secret, "Secret"));
 
         // The authenticated user's clearance level is high enough to view the classification.
@@ -220,7 +220,7 @@ public class SecurityClearanceServiceImplUnitTest
         when(mockClassificationLevelManager.findLevelById("2")).thenReturn(secret);
 
         createMockPerson("Uncleared", "Uncleared", "Uncleared", ClassificationLevelManager.UNCLASSIFIED_ID);
-        when(mockAuthenticationUtil.getFullyAuthenticatedUser()).thenReturn("Uncleared");
+        when(mockAuthenticationUtil.getRunAsUser()).thenReturn("Uncleared");
         when(mockClearanceLevelManager.findLevelByClassificationLevelId(ClassificationLevelManager.UNCLASSIFIED_ID)).thenReturn(ClearanceLevelManager.NO_CLEARANCE);
 
         // The authenticated user's clearance level not high enough.
@@ -238,8 +238,8 @@ public class SecurityClearanceServiceImplUnitTest
     @Test public void isCurrentUserClearedForClassification_classificationNotFound()
     {
         ClassificationLevel topSecret = new ClassificationLevel("1", "TopSecret");
-        createMockPerson("Uncleared", "Uncleared", "Uncleared", "1");
-        when(mockAuthenticationUtil.getFullyAuthenticatedUser()).thenReturn("Uncleared");
+        createMockPerson("Cleared", "Cleared", "Cleared", "1");
+        when(mockAuthenticationUtil.getRunAsUser()).thenReturn("Cleared");
         when(mockClearanceLevelManager.findLevelByClassificationLevelId("1")).thenReturn(new ClearanceLevel(topSecret, "TopSecret"));
         // Set up the made up classification.
         String madeUpId = "Made Up Id";
diff --git a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/test/util/MockAuthenticationUtilHelper.java b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/test/util/MockAuthenticationUtilHelper.java
index 3615a6f7c9..649f723e35 100644
--- a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/test/util/MockAuthenticationUtilHelper.java
+++ b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/test/util/MockAuthenticationUtilHelper.java
@@ -22,8 +22,8 @@ package org.alfresco.module.org_alfresco_module_rm.test.util;
 import static org.mockito.Matchers.any;
 import static org.mockito.Matchers.anyString;
 import static org.mockito.Mockito.doAnswer;
-import static org.mockito.Mockito.doReturn;
 import static org.mockito.Mockito.reset;
+import static org.mockito.Mockito.when;
 
 import org.alfresco.module.org_alfresco_module_rm.util.AuthenticationUtil;
 import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
@@ -32,7 +32,7 @@ import org.mockito.stubbing.Answer;
 
 /**
  * A helper to initialise a mock {@link AuthenticationUtil}.
- * 
+ *
  * @author tpage
  */
 public class MockAuthenticationUtilHelper
@@ -41,7 +41,7 @@ public class MockAuthenticationUtilHelper
      * Set up a Mockito mock <code>AuthenticationUtil</code> so that it executes all methods assuming the user has
      * permissions. If the mock is asked for details about the user then it assumes the currently authenticated user is
      * "admin".
-     * 
+     *
      * @param mockAuthenticationUtil The mock to initialise.
      */
     public static void setup(AuthenticationUtil mockAuthenticationUtil)
@@ -52,7 +52,7 @@ public class MockAuthenticationUtilHelper
     /**
      * Set up a Mockito mock <code>AuthenticationUtil</code> so that it executes all methods assuming the user has
      * permissions.
-     * 
+     *
      * @param mockAuthenticationUtil The mock to initialise.
      * @param fullyAuthenticatedUser The name of the user that last authenticated.
      */
@@ -87,8 +87,9 @@ public class MockAuthenticationUtilHelper
 
         }).when(mockAuthenticationUtil).<Object> runAs(any(RunAsWork.class), anyString());
 
-        doReturn("admin").when(mockAuthenticationUtil).getAdminUserName();
-        doReturn(fullyAuthenticatedUser).when(mockAuthenticationUtil).getFullyAuthenticatedUser();
-        doReturn("system").when(mockAuthenticationUtil).getSystemUserName();
+        when(mockAuthenticationUtil.getAdminUserName()).thenReturn("admin");
+        when(mockAuthenticationUtil.getFullyAuthenticatedUser()).thenReturn(fullyAuthenticatedUser);
+        when(mockAuthenticationUtil.getRunAsUser()).thenReturn(fullyAuthenticatedUser);
+        when(mockAuthenticationUtil.getSystemUserName()).thenReturn("system");
     }
 }