From 5927722e4d132906a4335653da928d9a87b7ded6 Mon Sep 17 00:00:00 2001 From: Tom Page Date: Fri, 8 May 2015 08:11:58 +0000 Subject: [PATCH] RM-2123 Update Java API to filter with current user's clearance. +review RM git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@103851 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261 --- .../ClassificationServiceImpl.java | 5 ++- .../ClassificationServiceImplUnitTest.java | 37 +++++++++++++++---- 2 files changed, 32 insertions(+), 10 deletions(-) diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/ClassificationServiceImpl.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/ClassificationServiceImpl.java index 8deca04cb5..de3d94c186 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/ClassificationServiceImpl.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/ClassificationServiceImpl.java @@ -61,6 +61,7 @@ public class ClassificationServiceImpl extends ServiceBaseImpl private AttributeService attributeService; // TODO What about other code (e.g. REST API) accessing the AttrService? private NodeService nodeService; + private SecurityClearanceService securityClearanceService; private ClassificationServiceDAO classificationServiceDao; /** The classification levels currently configured in this server. */ @@ -70,6 +71,7 @@ public class ClassificationServiceImpl extends ServiceBaseImpl public void setAttributeService(AttributeService service) { this.attributeService = service; } public void setNodeService(NodeService service) { this.nodeService = service; } + public void setSecurityClearanceService(SecurityClearanceService service) { this.securityClearanceService = service; } /** Set the object from which configuration options will be read. */ public void setClassificationServiceDAO(ClassificationServiceDAO classificationServiceDao) { this.classificationServiceDao = classificationServiceDao; } @@ -207,8 +209,7 @@ public class ClassificationServiceImpl extends ServiceBaseImpl { return Collections.emptyList(); } - // FIXME Currently assume user has highest security clearance, this should be fixed as part of RM-2112. - ClassificationLevel usersLevel = levelManager.getMostSecureLevel(); + ClassificationLevel usersLevel = securityClearanceService.getUserSecurityClearance().getClearanceLevel(); return restrictList(levelManager.getClassificationLevels(), usersLevel); } diff --git a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/ClassificationServiceImplUnitTest.java b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/ClassificationServiceImplUnitTest.java index a2278e13a3..ad6077b479 100644 --- a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/ClassificationServiceImplUnitTest.java +++ b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/ClassificationServiceImplUnitTest.java @@ -37,6 +37,8 @@ import java.util.Map; import java.util.Set; import java.util.stream.Stream; +import com.google.common.collect.ImmutableList; +import com.google.common.collect.Sets; import org.alfresco.model.ContentModel; import org.alfresco.module.org_alfresco_module_rm.classification.ClassificationServiceException.InvalidNode; import org.alfresco.module.org_alfresco_module_rm.classification.ClassificationServiceException.LevelIdNotFound; @@ -50,6 +52,7 @@ import org.alfresco.service.cmr.attributes.AttributeService; import org.alfresco.service.cmr.dictionary.DictionaryService; import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.cmr.repository.NodeService; +import org.alfresco.service.cmr.security.PersonService.PersonInfo; import org.alfresco.service.namespace.QName; import org.apache.log4j.Appender; import org.apache.log4j.Level; @@ -62,8 +65,6 @@ import org.mockito.InjectMocks; import org.mockito.Mock; import org.mockito.MockitoAnnotations; -import com.google.common.collect.Sets; - /** * Unit tests for {@link ClassificationServiceImpl}. * @@ -72,10 +73,10 @@ import com.google.common.collect.Sets; */ public class ClassificationServiceImplUnitTest { - private static final List DEFAULT_CLASSIFICATION_LEVELS = asLevelList("Top Secret", "rm.classification.topSecret", - "Secret", "rm.classification.secret", - "Confidential", "rm.classification.confidential", - "No Clearance", "rm.classification.noClearance"); + private static final ImmutableList DEFAULT_CLASSIFICATION_LEVELS = asLevelList("Top Secret", "rm.classification.topSecret", + "Secret", "rm.classification.secret", + "Confidential", "rm.classification.confidential", + "No Clearance", "rm.classification.noClearance"); private static final List ALT_CLASSIFICATION_LEVELS = asLevelList("Board", "B", "Executive Management", "EM", "Employee", "E", @@ -91,7 +92,7 @@ public class ClassificationServiceImplUnitTest * @param idsAndLabels A varargs/array of Strings like so: [ id0, label0, id1, label1... ] * @throws IllegalArgumentException if {@code idsAndLabels} has a non-even length. */ - public static List asLevelList(String ... idsAndLabels) + public static ImmutableList asLevelList(String ... idsAndLabels) { if (idsAndLabels.length % 2 != 0) { @@ -106,7 +107,7 @@ public class ClassificationServiceImplUnitTest levels.add(new ClassificationLevel(idsAndLabels[i], idsAndLabels[i+1])); } - return levels; + return ImmutableList.copyOf(levels); } @InjectMocks private ClassificationServiceImpl classificationServiceImpl; @@ -116,6 +117,7 @@ public class ClassificationServiceImplUnitTest @Mock private ClassificationServiceDAO mockClassificationServiceDAO; @Mock private NodeService mockNodeService; @Mock private DictionaryService mockDictionaryService; + @Mock private SecurityClearanceService mockSecurityClearanceService; /** Using a mock appender in the class logger so that we can verify some of the logging requirements. */ @Mock private Appender mockAppender; @Mock private ClassificationLevelManager mockLevelManager; @@ -265,6 +267,25 @@ public class ClassificationServiceImplUnitTest assertEquals("Expected an empty list when the target level is not found.", 0, actual.size()); } + /** + * Check that a user with security clearance of "Secret" (index 1 in the default list) can use the + * {@link getClassificationLevels} method to find the three classification levels up to their own. + */ + @Test public void getClassificationLevels() + { + PersonInfo personInfo = new PersonInfo(null, "userName", "firstName", "lastName"); + ClassificationLevel clearanceLevel = DEFAULT_CLASSIFICATION_LEVELS.get(1); + SecurityClearance securityClearance = new SecurityClearance(personInfo , clearanceLevel); + when(mockSecurityClearanceService.getUserSecurityClearance()).thenReturn(securityClearance); + when(mockLevelManager.getClassificationLevels()).thenReturn(DEFAULT_CLASSIFICATION_LEVELS); + + // Call the method under test. + List classificationLevels = classificationServiceImpl.getClassificationLevels(); + + List expectedLevels = DEFAULT_CLASSIFICATION_LEVELS.subList(1, 4); + assertEquals(expectedLevels , classificationLevels); + } + /** Classify a piece of content with a couple of reasons and check the NodeService is called correctly. */ @Test public void classifyContent_success() {