diff --git a/amps/ags/pom.xml b/amps/ags/pom.xml
index 52a2f7a5b5..c41561dc06 100644
--- a/amps/ags/pom.xml
+++ b/amps/ags/pom.xml
@@ -7,7 +7,7 @@
org.alfresco
alfresco-community-repo-amps
- 23.1.0.26-SNAPSHOT
+ 23.1.0.29-SNAPSHOT
diff --git a/amps/ags/rm-automation/pom.xml b/amps/ags/rm-automation/pom.xml
index 1211a48728..70a90a54e1 100644
--- a/amps/ags/rm-automation/pom.xml
+++ b/amps/ags/rm-automation/pom.xml
@@ -7,7 +7,7 @@
org.alfresco
alfresco-governance-services-community-parent
- 23.1.0.26-SNAPSHOT
+ 23.1.0.29-SNAPSHOT
diff --git a/amps/ags/rm-automation/rm-automation-community-rest-api/pom.xml b/amps/ags/rm-automation/rm-automation-community-rest-api/pom.xml
index 2b313fcef1..3b53d9ac9b 100644
--- a/amps/ags/rm-automation/rm-automation-community-rest-api/pom.xml
+++ b/amps/ags/rm-automation/rm-automation-community-rest-api/pom.xml
@@ -7,7 +7,7 @@
org.alfresco
alfresco-governance-services-automation-community-repo
- 23.1.0.26-SNAPSHOT
+ 23.1.0.29-SNAPSHOT
diff --git a/amps/ags/rm-community/pom.xml b/amps/ags/rm-community/pom.xml
index 239daa315c..5707a7183c 100644
--- a/amps/ags/rm-community/pom.xml
+++ b/amps/ags/rm-community/pom.xml
@@ -7,7 +7,7 @@
org.alfresco
alfresco-governance-services-community-parent
- 23.1.0.26-SNAPSHOT
+ 23.1.0.29-SNAPSHOT
diff --git a/amps/ags/rm-community/rm-community-repo/pom.xml b/amps/ags/rm-community/rm-community-repo/pom.xml
index 417cf4e486..630a8b84a2 100644
--- a/amps/ags/rm-community/rm-community-repo/pom.xml
+++ b/amps/ags/rm-community/rm-community-repo/pom.xml
@@ -8,7 +8,7 @@
org.alfresco
alfresco-governance-services-community-repo-parent
- 23.1.0.26-SNAPSHOT
+ 23.1.0.29-SNAPSHOT
diff --git a/amps/ags/rm-community/rm-community-rest-api-explorer/pom.xml b/amps/ags/rm-community/rm-community-rest-api-explorer/pom.xml
index f973222f07..4ea55ac2b7 100644
--- a/amps/ags/rm-community/rm-community-rest-api-explorer/pom.xml
+++ b/amps/ags/rm-community/rm-community-rest-api-explorer/pom.xml
@@ -7,7 +7,7 @@
org.alfresco
alfresco-governance-services-community-repo-parent
- 23.1.0.26-SNAPSHOT
+ 23.1.0.29-SNAPSHOT
diff --git a/amps/pom.xml b/amps/pom.xml
index e38049eb3c..17747c5c5d 100644
--- a/amps/pom.xml
+++ b/amps/pom.xml
@@ -7,7 +7,7 @@
org.alfresco
alfresco-community-repo
- 23.1.0.26-SNAPSHOT
+ 23.1.0.29-SNAPSHOT
diff --git a/amps/share-services/pom.xml b/amps/share-services/pom.xml
index 06bc434e84..c654aceb68 100644
--- a/amps/share-services/pom.xml
+++ b/amps/share-services/pom.xml
@@ -8,7 +8,7 @@
org.alfresco
alfresco-community-repo-amps
- 23.1.0.26-SNAPSHOT
+ 23.1.0.29-SNAPSHOT
diff --git a/core/pom.xml b/core/pom.xml
index d23a80f7f8..39ab31bb23 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -7,7 +7,7 @@
org.alfresco
alfresco-community-repo
- 23.1.0.26-SNAPSHOT
+ 23.1.0.29-SNAPSHOT
diff --git a/data-model/pom.xml b/data-model/pom.xml
index 025efea64e..7d804bf86f 100644
--- a/data-model/pom.xml
+++ b/data-model/pom.xml
@@ -7,7 +7,7 @@
org.alfresco
alfresco-community-repo
- 23.1.0.26-SNAPSHOT
+ 23.1.0.29-SNAPSHOT
diff --git a/mmt/pom.xml b/mmt/pom.xml
index d6021d054b..9cde474f27 100644
--- a/mmt/pom.xml
+++ b/mmt/pom.xml
@@ -7,7 +7,7 @@
org.alfresco
alfresco-community-repo
- 23.1.0.26-SNAPSHOT
+ 23.1.0.29-SNAPSHOT
diff --git a/packaging/distribution/pom.xml b/packaging/distribution/pom.xml
index fb78bda3f5..cd8aa2182d 100644
--- a/packaging/distribution/pom.xml
+++ b/packaging/distribution/pom.xml
@@ -9,6 +9,6 @@
org.alfresco
alfresco-community-repo-packaging
- 23.1.0.26-SNAPSHOT
+ 23.1.0.29-SNAPSHOT
diff --git a/packaging/docker-alfresco/pom.xml b/packaging/docker-alfresco/pom.xml
index 0c20d75f6c..e1c62433b1 100644
--- a/packaging/docker-alfresco/pom.xml
+++ b/packaging/docker-alfresco/pom.xml
@@ -7,7 +7,7 @@
org.alfresco
alfresco-community-repo-packaging
- 23.1.0.26-SNAPSHOT
+ 23.1.0.29-SNAPSHOT
diff --git a/packaging/pom.xml b/packaging/pom.xml
index bc58dcabd6..631ee2fdd8 100644
--- a/packaging/pom.xml
+++ b/packaging/pom.xml
@@ -7,7 +7,7 @@
org.alfresco
alfresco-community-repo
- 23.1.0.26-SNAPSHOT
+ 23.1.0.29-SNAPSHOT
diff --git a/packaging/tests/pom.xml b/packaging/tests/pom.xml
index e5b57d8ff8..2edb09ff49 100644
--- a/packaging/tests/pom.xml
+++ b/packaging/tests/pom.xml
@@ -6,7 +6,7 @@
org.alfresco
alfresco-community-repo-packaging
- 23.1.0.26-SNAPSHOT
+ 23.1.0.29-SNAPSHOT
diff --git a/packaging/tests/tas-cmis/pom.xml b/packaging/tests/tas-cmis/pom.xml
index b47f6fb35a..34466b3a3c 100644
--- a/packaging/tests/tas-cmis/pom.xml
+++ b/packaging/tests/tas-cmis/pom.xml
@@ -9,7 +9,7 @@
org.alfresco
alfresco-community-repo-tests
- 23.1.0.26-SNAPSHOT
+ 23.1.0.29-SNAPSHOT
diff --git a/packaging/tests/tas-email/pom.xml b/packaging/tests/tas-email/pom.xml
index c09ebda693..256bb6997f 100644
--- a/packaging/tests/tas-email/pom.xml
+++ b/packaging/tests/tas-email/pom.xml
@@ -9,7 +9,7 @@
org.alfresco
alfresco-community-repo-tests
- 23.1.0.26-SNAPSHOT
+ 23.1.0.29-SNAPSHOT
diff --git a/packaging/tests/tas-integration/pom.xml b/packaging/tests/tas-integration/pom.xml
index 789775ffec..59314041ba 100644
--- a/packaging/tests/tas-integration/pom.xml
+++ b/packaging/tests/tas-integration/pom.xml
@@ -9,7 +9,7 @@
org.alfresco
alfresco-community-repo-tests
- 23.1.0.26-SNAPSHOT
+ 23.1.0.29-SNAPSHOT
diff --git a/packaging/tests/tas-restapi/pom.xml b/packaging/tests/tas-restapi/pom.xml
index 0519074f3e..c8aae32a86 100644
--- a/packaging/tests/tas-restapi/pom.xml
+++ b/packaging/tests/tas-restapi/pom.xml
@@ -9,7 +9,7 @@
org.alfresco
alfresco-community-repo-tests
- 23.1.0.26-SNAPSHOT
+ 23.1.0.29-SNAPSHOT
diff --git a/packaging/tests/tas-restapi/src/test/java/org/alfresco/rest/actions/ActionsTests.java b/packaging/tests/tas-restapi/src/test/java/org/alfresco/rest/actions/ActionsTests.java
index df822111de..2092acd8ae 100644
--- a/packaging/tests/tas-restapi/src/test/java/org/alfresco/rest/actions/ActionsTests.java
+++ b/packaging/tests/tas-restapi/src/test/java/org/alfresco/rest/actions/ActionsTests.java
@@ -11,6 +11,7 @@ import org.alfresco.rest.model.RestActionDefinitionModelsCollection;
import org.alfresco.rest.model.RestNodeModel;
import org.alfresco.utility.Utility;
import org.alfresco.utility.model.FileModel;
+import org.alfresco.utility.model.FolderModel;
import org.alfresco.utility.model.SiteModel;
import org.alfresco.utility.model.TestGroup;
import org.alfresco.utility.model.UserModel;
@@ -21,10 +22,14 @@ import org.springframework.http.HttpStatus;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
+import java.util.Properties;
+
public class ActionsTests extends RestTest
{
private UserModel adminUser;
private FileModel document;
+ private FolderModel folder;
+ private FileModel randomFile;
private SiteModel publicSite;
@BeforeClass(alwaysRun = true)
@@ -33,6 +38,8 @@ public class ActionsTests extends RestTest
adminUser = dataUser.getAdminUser();
publicSite = dataSite.createPublicRandomSite();
document = dataContent.usingSite(publicSite).usingUser(adminUser).createContent(CMISUtil.DocumentType.TEXT_PLAIN);
+ folder = dataContent.usingUser(adminUser).createFolder();
+ randomFile = dataContent.usingUser(adminUser).usingResource(folder).createContent(CMISUtil.DocumentType.TEXT_PLAIN);
}
@TestRail(section = { TestGroup.REST_API,TestGroup.ACTIONS }, executionType = ExecutionType.SANITY,
@@ -106,6 +113,22 @@ public class ActionsTests extends RestTest
});
}
+ @TestRail(section = { TestGroup.REST_API,TestGroup.ACTIONS }, executionType = ExecutionType.SANITY,
+ description = "Test for private action execution from POST api/-default-/public/alfresco/versions/1/action-executions, should not be possible to execute private action using V1 REST API")
+ @Test(groups = { TestGroup.REST_API, TestGroup.ACTIONS, TestGroup.SANITY})
+ public void executePrivateActionV1RESTAPI() throws Exception
+ {
+ // 'count-children' action is expected to be private (not exposed) by default
+ String actionDefinitionId = "count-children";
+ JSONObject response = restClient.authenticateUser(adminUser)
+ .withCoreAPI()
+ .usingActions()
+ .executeAction(actionDefinitionId, folder);
+
+ restClient.assertStatusCodeIs(HttpStatus.FORBIDDEN);
+ restClient.assertLastError().containsSummary("Action '" + actionDefinitionId + "' is not exposed within 'http-v1' execution source.");
+ }
+
@TestRail (section = { TestGroup.REST_API, TestGroup.ACTIONS }, executionType = ExecutionType.SANITY,
description = "Sanity test for POST /action-executions")
@Test (groups = { TestGroup.REST_API, TestGroup.ACTIONS, TestGroup.SANITY })
@@ -141,7 +164,7 @@ public class ActionsTests extends RestTest
withCoreAPI().
usingActions().
getActionDefinitionById("add-features");
-
+
restClient.assertStatusCodeIs(HttpStatus.OK);
assertFalse(restActionDefinition.getId().isEmpty());
restActionDefinition.getId().equals("add-features");
diff --git a/packaging/tests/tas-webdav/pom.xml b/packaging/tests/tas-webdav/pom.xml
index dbe9ae83f2..f08ee9d6a3 100644
--- a/packaging/tests/tas-webdav/pom.xml
+++ b/packaging/tests/tas-webdav/pom.xml
@@ -9,7 +9,7 @@
org.alfresco
alfresco-community-repo-tests
- 23.1.0.26-SNAPSHOT
+ 23.1.0.29-SNAPSHOT
diff --git a/packaging/war/pom.xml b/packaging/war/pom.xml
index ffe6b565c6..393741cc86 100644
--- a/packaging/war/pom.xml
+++ b/packaging/war/pom.xml
@@ -7,7 +7,7 @@
org.alfresco
alfresco-community-repo-packaging
- 23.1.0.26-SNAPSHOT
+ 23.1.0.29-SNAPSHOT
diff --git a/pom.xml b/pom.xml
index 1c5cfe53be..3547922fa8 100644
--- a/pom.xml
+++ b/pom.xml
@@ -2,7 +2,7 @@
4.0.0
alfresco-community-repo
- 23.1.0.26-SNAPSHOT
+ 23.1.0.29-SNAPSHOT
pom
Alfresco Community Repo Parent
diff --git a/remote-api/pom.xml b/remote-api/pom.xml
index ada177d60e..ae599e2e58 100644
--- a/remote-api/pom.xml
+++ b/remote-api/pom.xml
@@ -7,7 +7,7 @@
org.alfresco
alfresco-community-repo
- 23.1.0.26-SNAPSHOT
+ 23.1.0.29-SNAPSHOT
diff --git a/remote-api/src/main/java/org/alfresco/rest/api/impl/ActionsImpl.java b/remote-api/src/main/java/org/alfresco/rest/api/impl/ActionsImpl.java
index 8c89fb7a2e..391d7fb51c 100644
--- a/remote-api/src/main/java/org/alfresco/rest/api/impl/ActionsImpl.java
+++ b/remote-api/src/main/java/org/alfresco/rest/api/impl/ActionsImpl.java
@@ -26,11 +26,14 @@
package org.alfresco.rest.api.impl;
import org.alfresco.error.AlfrescoRuntimeException;
+import org.alfresco.repo.action.ActionExecutionContext;
+import org.alfresco.repo.action.RuntimeActionService;
import org.alfresco.rest.api.Actions;
import org.alfresco.rest.api.model.Action;
import org.alfresco.rest.api.model.ActionDefinition;
import org.alfresco.rest.framework.core.exceptions.EntityNotFoundException;
import org.alfresco.rest.framework.core.exceptions.InvalidArgumentException;
+import org.alfresco.rest.framework.core.exceptions.PermissionDeniedException;
import org.alfresco.rest.framework.resource.parameters.CollectionWithPagingInfo;
import org.alfresco.rest.framework.resource.parameters.Parameters;
import org.alfresco.rest.framework.resource.parameters.SortColumn;
@@ -72,6 +75,9 @@ public class ActionsImpl implements Actions
private NamespaceService namespaceService;
private NodeService nodeService;
private NamespacePrefixResolver prefixResolver;
+ private RuntimeActionService runtimeActionService;
+
+ private final String HTTP_V1_EXECUTION_SOURCE = "http-v1";
public void setActionService(ActionService actionService)
{
@@ -98,6 +104,11 @@ public class ActionsImpl implements Actions
this.prefixResolver = prefixResolver;
}
+ public void setRuntimeActionService(RuntimeActionService runtimeActionService)
+ {
+ this.runtimeActionService = runtimeActionService;
+ }
+
@Override
public ActionDefinition getActionDefinitionById(String actionDefinitionId)
{
@@ -263,6 +274,16 @@ public class ActionsImpl implements Actions
throw new EntityNotFoundException(action.getActionDefinitionId());
}
+ final ActionExecutionContext actionExecutionContext = ActionExecutionContext
+ .builder(actionDef.getName())
+ .withExecutionSource(HTTP_V1_EXECUTION_SOURCE)
+ .build();
+
+ if (!runtimeActionService.isExposed(actionExecutionContext))
+ {
+ throw new PermissionDeniedException("Action '" + actionDef.getName() + "' is not exposed within '" + HTTP_V1_EXECUTION_SOURCE + "' execution source.");
+ }
+
// targetId is optional, however, currently targetId must be a valid node ID.
NodeRef actionedUponNodeRef = null;
if (action.getTargetId() != null && !action.getTargetId().isEmpty())
diff --git a/remote-api/src/main/resources/alfresco/public-rest-context.xml b/remote-api/src/main/resources/alfresco/public-rest-context.xml
index 11bc9ac49b..ac61c43666 100644
--- a/remote-api/src/main/resources/alfresco/public-rest-context.xml
+++ b/remote-api/src/main/resources/alfresco/public-rest-context.xml
@@ -566,6 +566,7 @@
+
diff --git a/repository/pom.xml b/repository/pom.xml
index c0173cac49..2ba128d3cc 100644
--- a/repository/pom.xml
+++ b/repository/pom.xml
@@ -7,7 +7,7 @@
org.alfresco
alfresco-community-repo
- 23.1.0.26-SNAPSHOT
+ 23.1.0.29-SNAPSHOT