From 419484719c20f58c2674130f219bf52d6a9fb536 Mon Sep 17 00:00:00 2001 From: Rodica Sutu Date: Tue, 27 Mar 2018 21:14:21 +0300 Subject: [PATCH] change the UserRoles.java to a enum add the within RoleService a utility method to add/remove list of capabilities from a ROLE --- .../model/user/UserCapabilities.java | 38 +++++++++ .../rm/community/model/user/UserRoles.java | 31 ++++--- .../alfresco/rest/v0/service/RoleService.java | 85 +++++++++++++++++++ .../rest/rm/community/base/TestData.java | 14 +++ .../rm/community/fileplans/FilePlanTests.java | 2 +- .../community/records/DeleteRecordTests.java | 4 +- .../community/records/UpdateRecordsTests.java | 4 +- .../rm/community/rmroles/RMRolesTests.java | 5 +- 8 files changed, 163 insertions(+), 20 deletions(-) create mode 100644 rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/user/UserCapabilities.java create mode 100644 rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/service/RoleService.java diff --git a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/user/UserCapabilities.java b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/user/UserCapabilities.java new file mode 100644 index 0000000000..cee2c0e0ad --- /dev/null +++ b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/user/UserCapabilities.java @@ -0,0 +1,38 @@ +/* + * #%L + * Alfresco Records Management Module + * %% + * Copyright (C) 2005 - 2018 Alfresco Software Limited + * %% + * This file is part of the Alfresco software. + * - + * If the software was purchased under a paid Alfresco license, the terms of + * the paid license agreement will prevail. Otherwise, the software is + * provided under the following open source license terms: + * - + * Alfresco is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * - + * Alfresco is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * - + * You should have received a copy of the GNU Lesser General Public License + * along with Alfresco. If not, see . + * #L% + */ +package org.alfresco.rest.rm.community.model.user; + +/** + * Constants for RM user capabilities + * + * @author Rodica Sutu + * @since 2.7 + */ +public class UserCapabilities +{ + +} diff --git a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/user/UserRoles.java b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/user/UserRoles.java index a20eb8fc79..ac9b5cc830 100644 --- a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/user/UserRoles.java +++ b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/user/UserRoles.java @@ -27,25 +27,30 @@ package org.alfresco.rest.rm.community.model.user; -import static com.google.common.collect.Sets.newHashSet; - -import java.util.Set; - /** * Constants for RM user roles * * @author Kristijan Conkas * @since 2.6 */ -public class UserRoles +public enum UserRoles { - public static final String ROLE_RM_ADMIN = "Administrator"; - public static final String ROLE_RM_MANAGER = "RecordsManager"; - public static final String ROLE_RM_POWER_USER = "PowerUser"; - public static final String ROLE_RM_SECURITY_OFFICER = "SecurityOfficer"; - public static final String ROLE_RM_USER = "User"; - /** The ids of the default RM roles. */ - public static final Set RM_ROLES = newHashSet(ROLE_RM_ADMIN, ROLE_RM_MANAGER, ROLE_RM_POWER_USER, - ROLE_RM_SECURITY_OFFICER, ROLE_RM_USER); + ROLE_RM_ADMIN("Administrator","Records Management Administrator"), + ROLE_RM_MANAGER ("RecordsManager","Records Management Manager"), + ROLE_RM_POWER_USER ("PowerUser","Records Management Power User"), + ROLE_RM_SECURITY_OFFICER ("SecurityOfficer", "Records Management Security Officer"), + ROLE_RM_USER ("User", "Records Management User"); + + + public final String roleId; + public final String displayName; + + UserRoles(String roleId, String displayName) + { + this.roleId = roleId; + this.displayName = displayName; + } + + } diff --git a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/service/RoleService.java b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/service/RoleService.java new file mode 100644 index 0000000000..1f8f19a7f5 --- /dev/null +++ b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/service/RoleService.java @@ -0,0 +1,85 @@ +/* + * #%L + * Alfresco Records Management Module + * %% + * Copyright (C) 2005 - 2018 Alfresco Software Limited + * %% + * This file is part of the Alfresco software. + * - + * If the software was purchased under a paid Alfresco license, the terms of + * the paid license agreement will prevail. Otherwise, the software is + * provided under the following open source license terms: + * - + * Alfresco is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * - + * Alfresco is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * - + * You should have received a copy of the GNU Lesser General Public License + * along with Alfresco. If not, see . + * #L% + */ +package org.alfresco.rest.v0.service; + +import java.util.HashSet; +import java.util.List; +import java.util.Set; + +import org.alfresco.rest.rm.community.model.user.UserRoles; +import org.alfresco.rest.v0.RMRolesAndActionsAPI; +import org.alfresco.utility.data.DataUser; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +/** + * Produces processed results from roles API calls + * + * @author Rodica Sutu + * @since 2.6 + */ +@Service +public class RoleService +{ + @Autowired + private RMRolesAndActionsAPI rmRolesAndActionsAPI; + + @Autowired + private DataUser dataUser; + + /** + * Add capabilities to a role + * + * @param role role to be updated + * @param capabilities list of capabilities to be added + */ + public void addCapabilitiesToRole(UserRoles role, List capabilities) + { + Set roleCapabilities = new HashSet<>(); + roleCapabilities.addAll(rmRolesAndActionsAPI.getCapabilitiesForRole(dataUser.getAdminUser().getUsername(), + dataUser.getAdminUser().getPassword(), role.roleId)); + capabilities.stream().forEach(cap -> roleCapabilities.add(cap)); + + rmRolesAndActionsAPI.updateRole(dataUser.getAdminUser().getUsername(), dataUser.getAdminUser().getPassword(), + role.roleId, role.displayName, roleCapabilities); + } + + /** + * Remove capabilities from a role + * + * @param role role to be updated + * @param capabilities list of capabilities to be removed + */ + public void removeCapabilitiesFromRole(UserRoles role, List capabilities) + { + Set roleCapabilities = rmRolesAndActionsAPI.getCapabilitiesForRole(dataUser.getAdminUser().getUsername(), + dataUser.getAdminUser().getPassword(), role.roleId); + roleCapabilities.removeAll(capabilities); + rmRolesAndActionsAPI.updateRole(dataUser.getAdminUser().getUsername(), dataUser.getAdminUser().getPassword(), + role.roleId, role.displayName, roleCapabilities); + } +} diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/base/TestData.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/base/TestData.java index 5279020f89..cefbeb91d3 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/base/TestData.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/base/TestData.java @@ -26,8 +26,17 @@ */ package org.alfresco.rest.rm.community.base; +import static com.google.common.collect.Sets.newHashSet; + +import static org.alfresco.rest.rm.community.model.user.UserRoles.ROLE_RM_ADMIN; +import static org.alfresco.rest.rm.community.model.user.UserRoles.ROLE_RM_MANAGER; +import static org.alfresco.rest.rm.community.model.user.UserRoles.ROLE_RM_POWER_USER; +import static org.alfresco.rest.rm.community.model.user.UserRoles.ROLE_RM_SECURITY_OFFICER; +import static org.alfresco.rest.rm.community.model.user.UserRoles.ROLE_RM_USER; import static org.alfresco.utility.data.RandomData.getRandomAlphanumeric; +import java.util.Set; + /** * Test data used in tests * @@ -83,4 +92,9 @@ public interface TestData public static String NONELECTRONIC_RECORD_NAME = "Record nonelectronic" + getRandomAlphanumeric(); public static final String ALFRESCO_ADMINISTRATORS = "ALFRESCO_ADMINISTRATORS"; + /** + * The ids of the default RM roles. + */ + public static final Set RM_ROLES = newHashSet(ROLE_RM_ADMIN.roleId, ROLE_RM_MANAGER.roleId, + ROLE_RM_POWER_USER.roleId, ROLE_RM_SECURITY_OFFICER.roleId, ROLE_RM_USER.roleId); } diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/fileplans/FilePlanTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/fileplans/FilePlanTests.java index d46856ad8c..0579edc092 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/fileplans/FilePlanTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/fileplans/FilePlanTests.java @@ -488,7 +488,7 @@ public class FilePlanTests extends BaseRMRestTest children.add(recordCategory); } - getRestAPIFactory().getRMUserAPI().assignRoleToUser(managerUser.getUsername(), ROLE_RM_MANAGER); + getRestAPIFactory().getRMUserAPI().assignRoleToUser(managerUser.getUsername(), ROLE_RM_MANAGER.roleId); // Get record category children from API getRestAPIFactory().getFilePlansAPI(managerUser).getRootRecordCategories(FILE_PLAN_ALIAS) .assertThat().entriesListIsEmpty().assertThat().paginationExist(); diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/records/DeleteRecordTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/records/DeleteRecordTests.java index 622e1469d1..7cfa70a35c 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/records/DeleteRecordTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/records/DeleteRecordTests.java @@ -187,7 +187,7 @@ public class DeleteRecordTests extends BaseRMRestTest getDataUser().addUserToSite(deleteUser, new SiteModel(getRestAPIFactory().getRMSiteAPI().getSite().getId()), SiteCollaborator); // Add RM role to user - getRestAPIFactory().getRMUserAPI().assignRoleToUser(username, ROLE_RM_POWER_USER); + getRestAPIFactory().getRMUserAPI().assignRoleToUser(username, ROLE_RM_POWER_USER.roleId); assertStatusCode(OK); // Try to delete newRecord @@ -218,7 +218,7 @@ public class DeleteRecordTests extends BaseRMRestTest logger.info("Test user: " + username); // Add RM role to user, RM Power User doesn't have the "Delete Record" capabilities - getRestAPIFactory().getRMUserAPI().assignRoleToUser(username, ROLE_RM_POWER_USER); + getRestAPIFactory().getRMUserAPI().assignRoleToUser(username, ROLE_RM_POWER_USER.roleId); assertStatusCode(OK); // Create random folder diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/records/UpdateRecordsTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/records/UpdateRecordsTests.java index c74824ddbe..227dbf5752 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/records/UpdateRecordsTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/records/UpdateRecordsTests.java @@ -32,6 +32,7 @@ import static org.alfresco.rest.rm.community.model.fileplancomponents.FilePlanCo import static org.alfresco.rest.rm.community.model.fileplancomponents.FilePlanComponentAlias.UNFILED_RECORDS_CONTAINER_ALIAS; import static org.alfresco.rest.rm.community.model.fileplancomponents.FilePlanComponentType.NON_ELECTRONIC_RECORD_TYPE; import static org.alfresco.rest.rm.community.model.fileplancomponents.FilePlanComponentType.UNFILED_RECORD_FOLDER_TYPE; +import static org.alfresco.rest.rm.community.model.user.UserRoles.ROLE_RM_SECURITY_OFFICER; import static org.alfresco.rest.rm.community.utils.FilePlanComponentsUtil.IMAGE_FILE; import static org.alfresco.rest.rm.community.utils.FilePlanComponentsUtil.createElectronicRecordModel; import static org.alfresco.rest.rm.community.utils.FilePlanComponentsUtil.createElectronicUnfiledContainerChildModel; @@ -58,7 +59,6 @@ import org.alfresco.rest.rm.community.model.unfiledcontainer.UnfiledContainerChi import org.alfresco.rest.rm.community.model.unfiledcontainer.UnfiledContainerChildCollection; import org.alfresco.rest.rm.community.model.unfiledcontainer.UnfiledContainerChildProperties; import org.alfresco.rest.rm.community.model.user.UserPermissions; -import org.alfresco.rest.rm.community.model.user.UserRoles; import org.alfresco.rest.rm.community.requests.gscore.api.FilePlanAPI; import org.alfresco.rest.rm.community.requests.gscore.api.RMUserAPI; import org.alfresco.rest.rm.community.requests.gscore.api.RecordCategoryAPI; @@ -240,7 +240,7 @@ public class UpdateRecordsTests extends BaseRMRestTest getDataUser().addUserToSite(updateUser, new SiteModel(getRestAPIFactory().getRMSiteAPI().getSite().getId()), UserRole.SiteCollaborator); // RM Security Officer is the lowest role with Edit Record Metadata capabilities - rmUserAPI.assignRoleToUser(updateUser.getUsername(), UserRoles.ROLE_RM_SECURITY_OFFICER); + rmUserAPI.assignRoleToUser(updateUser.getUsername(), ROLE_RM_SECURITY_OFFICER.roleId); assertStatusCode(OK); // Create random folder diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/rmroles/RMRolesTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/rmroles/RMRolesTests.java index daef946a79..db0d68f4bb 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/rmroles/RMRolesTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/rmroles/RMRolesTests.java @@ -31,7 +31,7 @@ import static java.util.Collections.singleton; import static com.google.common.collect.Sets.newHashSet; -import static org.alfresco.rest.rm.community.model.user.UserRoles.RM_ROLES; +import static org.alfresco.rest.rm.community.base.TestData.RM_ROLES; import static org.alfresco.rest.rm.community.model.user.UserRoles.ROLE_RM_USER; import static org.alfresco.rest.rm.community.util.CommonTestUtils.generateTestPrefix; import static org.junit.Assert.assertEquals; @@ -76,7 +76,8 @@ public class RMRolesTests extends BaseRMRestTest public void checkCapabilitiesForUser() { Set capabilities = rmRolesAndActionsAPI - .getCapabilitiesForRole(getAdminUser().getUsername(), getAdminUser().getPassword(), ROLE_RM_USER); + .getCapabilitiesForRole(getAdminUser().getUsername(), getAdminUser().getPassword(), ROLE_RM_USER + .roleId); assertEquals("Unexpected capabilities found for RM User.", capabilities, CAPABILITIES); }