RM-2123 Update Java API to filter with current user's clearance.

+review RM

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@103851 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/ClassificationServiceImpl.java

@@ -61,6 +61,7 @@ public class ClassificationServiceImpl extends ServiceBaseImpl
 
     private AttributeService attributeService; // TODO What about other code (e.g. REST API) accessing the AttrService?
     private NodeService nodeService;
+    private SecurityClearanceService securityClearanceService;
     private ClassificationServiceDAO classificationServiceDao;
 
     /** The classification levels currently configured in this server. */
@@ -70,6 +71,7 @@ public class ClassificationServiceImpl extends ServiceBaseImpl
 
     public void setAttributeService(AttributeService service) { this.attributeService = service; }
     public void setNodeService(NodeService service) { this.nodeService = service; }
+    public void setSecurityClearanceService(SecurityClearanceService service) { this.securityClearanceService = service; }
 
     /** Set the object from which configuration options will be read. */
     public void setClassificationServiceDAO(ClassificationServiceDAO classificationServiceDao) { this.classificationServiceDao = classificationServiceDao; }
@@ -207,8 +209,7 @@ public class ClassificationServiceImpl extends ServiceBaseImpl
         {
             return Collections.emptyList();
         }
-        // FIXME Currently assume user has highest security clearance, this should be fixed as part of RM-2112.
-        ClassificationLevel usersLevel = levelManager.getMostSecureLevel();
+        ClassificationLevel usersLevel = securityClearanceService.getUserSecurityClearance().getClearanceLevel();
         return restrictList(levelManager.getClassificationLevels(), usersLevel);
     }
 

rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/ClassificationServiceImplUnitTest.java

@@ -37,6 +37,8 @@ import java.util.Map;
 import java.util.Set;
 import java.util.stream.Stream;
 
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.Sets;
 import org.alfresco.model.ContentModel;
 import org.alfresco.module.org_alfresco_module_rm.classification.ClassificationServiceException.InvalidNode;
 import org.alfresco.module.org_alfresco_module_rm.classification.ClassificationServiceException.LevelIdNotFound;
@@ -50,6 +52,7 @@ import org.alfresco.service.cmr.attributes.AttributeService;
 import org.alfresco.service.cmr.dictionary.DictionaryService;
 import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.cmr.repository.NodeService;
+import org.alfresco.service.cmr.security.PersonService.PersonInfo;
 import org.alfresco.service.namespace.QName;
 import org.apache.log4j.Appender;
 import org.apache.log4j.Level;
@@ -62,8 +65,6 @@ import org.mockito.InjectMocks;
 import org.mockito.Mock;
 import org.mockito.MockitoAnnotations;
 
-import com.google.common.collect.Sets;
-
 /**
  * Unit tests for {@link ClassificationServiceImpl}.
  *
@@ -72,10 +73,10 @@ import com.google.common.collect.Sets;
  */
 public class ClassificationServiceImplUnitTest
 {
-    private static final List<ClassificationLevel> DEFAULT_CLASSIFICATION_LEVELS = asLevelList("Top Secret",   "rm.classification.topSecret",
-                                                                                               "Secret",       "rm.classification.secret",
-                                                                                               "Confidential", "rm.classification.confidential",
-                                                                                               "No Clearance", "rm.classification.noClearance");
+    private static final ImmutableList<ClassificationLevel> DEFAULT_CLASSIFICATION_LEVELS = asLevelList("Top Secret",   "rm.classification.topSecret",
+                                                                                                        "Secret",       "rm.classification.secret",
+                                                                                                        "Confidential", "rm.classification.confidential",
+                                                                                                        "No Clearance", "rm.classification.noClearance");
     private static final List<ClassificationLevel> ALT_CLASSIFICATION_LEVELS = asLevelList("Board",                "B",
                                                                                            "Executive Management", "EM",
                                                                                            "Employee",             "E",
@@ -91,7 +92,7 @@ public class ClassificationServiceImplUnitTest
      * @param idsAndLabels A varargs/array of Strings like so: [ id0, label0, id1, label1... ]
      * @throws IllegalArgumentException if {@code idsAndLabels} has a non-even length.
      */
-    public static List<ClassificationLevel> asLevelList(String ... idsAndLabels)
+    public static ImmutableList<ClassificationLevel> asLevelList(String ... idsAndLabels)
     {
         if (idsAndLabels.length % 2 != 0)
         {
@@ -106,7 +107,7 @@ public class ClassificationServiceImplUnitTest
             levels.add(new ClassificationLevel(idsAndLabels[i], idsAndLabels[i+1]));
         }
 
-        return levels;
+        return ImmutableList.copyOf(levels);
     }
 
     @InjectMocks private ClassificationServiceImpl classificationServiceImpl;
@@ -116,6 +117,7 @@ public class ClassificationServiceImplUnitTest
     @Mock private ClassificationServiceDAO    mockClassificationServiceDAO;
     @Mock private NodeService                 mockNodeService;
     @Mock private DictionaryService           mockDictionaryService;
+    @Mock private SecurityClearanceService    mockSecurityClearanceService;
     /** Using a mock appender in the class logger so that we can verify some of the logging requirements. */
     @Mock private Appender                    mockAppender;
     @Mock private ClassificationLevelManager  mockLevelManager;
@@ -265,6 +267,25 @@ public class ClassificationServiceImplUnitTest
         assertEquals("Expected an empty list when the target level is not found.", 0, actual.size());
     }
 
+    /**
+     * Check that a user with security clearance of "Secret" (index 1 in the default list) can use the
+     * {@link getClassificationLevels} method to find the three classification levels up to their own.
+     */
+    @Test public void getClassificationLevels()
+    {
+        PersonInfo personInfo = new PersonInfo(null, "userName", "firstName", "lastName");
+        ClassificationLevel clearanceLevel = DEFAULT_CLASSIFICATION_LEVELS.get(1);
+        SecurityClearance securityClearance = new SecurityClearance(personInfo , clearanceLevel);
+        when(mockSecurityClearanceService.getUserSecurityClearance()).thenReturn(securityClearance);
+        when(mockLevelManager.getClassificationLevels()).thenReturn(DEFAULT_CLASSIFICATION_LEVELS);
+
+        // Call the method under test.
+        List<ClassificationLevel> classificationLevels = classificationServiceImpl.getClassificationLevels();
+
+        List<ClassificationLevel> expectedLevels = DEFAULT_CLASSIFICATION_LEVELS.subList(1, 4);
+        assertEquals(expectedLevels , classificationLevels);
+    }
+
     /** Classify a piece of content with a couple of reasons and check the NodeService is called correctly. */
     @Test public void classifyContent_success()
     {