diff --git a/config/alfresco/site-services-context.xml b/config/alfresco/site-services-context.xml index 9cabf4cf0c..5371db62bc 100644 --- a/config/alfresco/site-services-context.xml +++ b/config/alfresco/site-services-context.xml @@ -19,11 +19,9 @@ - - diff --git a/source/java/org/alfresco/repo/jscript/ScriptTestUtils.java b/source/java/org/alfresco/repo/jscript/ScriptTestUtils.java index e393043abe..606030523a 100644 --- a/source/java/org/alfresco/repo/jscript/ScriptTestUtils.java +++ b/source/java/org/alfresco/repo/jscript/ScriptTestUtils.java @@ -32,6 +32,11 @@ import org.alfresco.error.AlfrescoRuntimeException; */ public class ScriptTestUtils extends BaseScopableProcessorExtension { + public void assertEquals(Object expected, Object value) + { + assertEquals(expected, value, null); + } + public void assertEquals(Object expected, Object value, String message) { if (expected.equals(value) == false) @@ -44,6 +49,11 @@ public class ScriptTestUtils extends BaseScopableProcessorExtension } } + public void assertNotNull(Object value) + { + assertNotNull(value, null); + } + public void assertNotNull(Object value, String message) { if (value == null) @@ -56,6 +66,11 @@ public class ScriptTestUtils extends BaseScopableProcessorExtension } } + public void assertNull(Object value) + { + assertNull(value, null); + } + public void assertNull(Object value, String message) { if (value != null) @@ -68,6 +83,11 @@ public class ScriptTestUtils extends BaseScopableProcessorExtension } } + public void assertTrue(boolean value) + { + assertTrue(value, null); + } + public void assertTrue(boolean value, String message) { if (value == false) @@ -80,6 +100,11 @@ public class ScriptTestUtils extends BaseScopableProcessorExtension } } + public void assertFalse(boolean value) + { + assertFalse(value, null); + } + public void assertFalse(boolean value, String message) { if (value == true) diff --git a/source/java/org/alfresco/repo/site/SiteService.java b/source/java/org/alfresco/repo/site/SiteService.java index caae0e6f4a..d6fa18278f 100644 --- a/source/java/org/alfresco/repo/site/SiteService.java +++ b/source/java/org/alfresco/repo/site/SiteService.java @@ -1,6 +1,7 @@ package org.alfresco.repo.site; import java.util.List; +import java.util.Map; /** * Site service fundamental API. @@ -39,4 +40,14 @@ public interface SiteService void updateSite(SiteInfo siteInfo); void deleteSite(String shortName); + + Map listMembers(String shortName, String nameFilter, String roleFilter); + + void setMembership(String shortName, String userName, String role); + + void removeMembership(String shortName, String userName); + + + + } diff --git a/source/java/org/alfresco/repo/site/SiteServiceImpl.java b/source/java/org/alfresco/repo/site/SiteServiceImpl.java index 76a6640142..2067a12a86 100644 --- a/source/java/org/alfresco/repo/site/SiteServiceImpl.java +++ b/source/java/org/alfresco/repo/site/SiteServiceImpl.java @@ -26,13 +26,13 @@ package org.alfresco.repo.site; import java.io.Serializable; import java.util.ArrayList; +import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.Set; import org.alfresco.error.AlfrescoRuntimeException; import org.alfresco.model.ContentModel; -import org.alfresco.repo.avm.AVMRepository; import org.alfresco.repo.security.authentication.AuthenticationComponent; import org.alfresco.repo.transaction.RetryingTransactionHelper; import org.alfresco.service.cmr.repository.ChildAssociationRef; @@ -42,7 +42,6 @@ import org.alfresco.service.cmr.repository.StoreRef; import org.alfresco.service.cmr.search.ResultSet; import org.alfresco.service.cmr.search.SearchService; import org.alfresco.service.cmr.security.AccessPermission; -import org.alfresco.service.cmr.security.AuthenticationService; import org.alfresco.service.cmr.security.PermissionService; import org.alfresco.service.namespace.NamespaceService; import org.alfresco.service.namespace.QName; @@ -64,10 +63,8 @@ public class SiteServiceImpl extends AbstractLifecycleBean implements SiteServic private NodeService nodeService; private SearchService searchService; - private AuthenticationService authenticationService; private PermissionService permissionService; private AuthenticationComponent authenticationComponent; - private AVMRepository AVMRepository; private RetryingTransactionHelper retryingTransactionHelper; public void setNodeService(NodeService nodeService) @@ -80,11 +77,6 @@ public class SiteServiceImpl extends AbstractLifecycleBean implements SiteServic this.searchService = searchService; } - public void setAuthenticationService(AuthenticationService authenticationService) - { - this.authenticationService = authenticationService; - } - public void setPermissionService(PermissionService permissionService) { this.permissionService = permissionService; @@ -95,11 +87,6 @@ public class SiteServiceImpl extends AbstractLifecycleBean implements SiteServic this.authenticationComponent = authenticationComponent; } - public void setAVMRepository(AVMRepository repository) - { - AVMRepository = repository; - } - public void setRetryingTransactionHelper(RetryingTransactionHelper retryingTransactionHelper) { this.retryingTransactionHelper = retryingTransactionHelper; @@ -126,11 +113,16 @@ public class SiteServiceImpl extends AbstractLifecycleBean implements SiteServic properties).getChildRef(); // Set the memberhips details + // - give all authorities read permissions if site is public + // - give all authorities read permission on permissions so memberships can be calculated + // - give current user role of site manager this.permissionService.setInheritParentPermissions(siteNodeRef, false); if (isPublic == true) { this.permissionService.setPermission(siteNodeRef, PermissionService.ALL_AUTHORITIES, SITE_CONSUMER, true); } + this.permissionService.setPermission(siteNodeRef, PermissionService.ALL_AUTHORITIES, PermissionService.READ_PERMISSIONS, true); + this.permissionService.setPermission(siteNodeRef, authenticationComponent.getCurrentUserName(), SiteModel.SITE_MANAGER, true); // Return created site information SiteInfo siteInfo = new SiteInfo(sitePreset, shortName, title, description, isPublic); @@ -296,6 +288,83 @@ public class SiteServiceImpl extends AbstractLifecycleBean implements SiteServic this.nodeService.deleteNode(siteNodeRef); } + /** + * @see org.alfresco.repo.site.SiteService#listMembers(java.lang.String, java.lang.String, java.lang.String) + */ + public Map listMembers(String shortName, String nameFilter, String roleFilter) + { + NodeRef siteNodeRef = getSiteNodeRef(shortName); + if (siteNodeRef == null) + { + throw new AlfrescoRuntimeException("Site " + shortName + " does not exist."); + } + + Map members = new HashMap(23); + Set permissions = this.permissionService.getAllSetPermissions(siteNodeRef); + for (AccessPermission permission : permissions) + { + String authority = permission.getAuthority(); + if (permission.getAuthority().startsWith(PermissionService.GROUP_PREFIX) == true) + { + // TODO .. collapse groups into users + } + else + { + // CHeck to see if we already have an entry for the user in the map + if (members.containsKey(authority) == true) + { + // TODO .. we need to resolve the permission in the map to the 'highest' + // for now do nothing as we shouldn't have more than on anyhow + } + else + { + // Add the user and permission to the map + members.put(authority, permission.getPermission()); + } + } + } + + return members; + } + + /** + * @see org.alfresco.repo.site.SiteService#removeMembership(java.lang.String, java.lang.String) + */ + public void removeMembership(String shortName, String userName) + { + NodeRef siteNodeRef = getSiteNodeRef(shortName); + if (siteNodeRef == null) + { + throw new AlfrescoRuntimeException("Site " + shortName + " does not exist."); + } + + // TODO what do we do about the user if they are in a group that has rights to the site? + // TODO do not remove the only site manager + + // Clear the permissions for the user + this.permissionService.clearPermission(siteNodeRef, userName); + } + + /** + * @see org.alfresco.repo.site.SiteService#setMembership(java.lang.String, java.lang.String, java.lang.String) + */ + public void setMembership(String shortName, String userName, String role) + { + NodeRef siteNodeRef = getSiteNodeRef(shortName); + if (siteNodeRef == null) + { + throw new AlfrescoRuntimeException("Site " + shortName + " does not exist."); + } + + // TODO if this is the only site manager do not downgrade their permissions + + // Clear any existing permissions + this.permissionService.clearPermission(siteNodeRef, userName); + + // Set the permissions + this.permissionService.setPermission(siteNodeRef, userName, role, true); + } + /** * @see org.alfresco.util.AbstractLifecycleBean#onBootstrap(org.springframework.context.ApplicationEvent) */ @@ -356,10 +425,15 @@ public class SiteServiceImpl extends AbstractLifecycleBean implements SiteServic NodeRef rootNode = this.nodeService.getRootNode(storeRef); // Create the root folder where sites will be stored - this.nodeService.createNode(rootNode, + NodeRef rootStoreNode = this.nodeService.createNode(rootNode, ContentModel.ASSOC_CHILDREN, QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "sites"), - ContentModel.TYPE_FOLDER); + ContentModel.TYPE_FOLDER).getChildRef(); + + // Set the permissions for the root store node + this.permissionService.setInheritParentPermissions(rootStoreNode, false); + this.permissionService.setPermission(rootStoreNode, PermissionService.ALL_AUTHORITIES, PermissionService.READ, true); + this.permissionService.setPermission(rootStoreNode, PermissionService.ALL_AUTHORITIES, PermissionService.CREATE_CHILDREN, true); } } } diff --git a/source/java/org/alfresco/repo/site/SiteServiceImplTest.java b/source/java/org/alfresco/repo/site/SiteServiceImplTest.java index a8e086735d..63b3681245 100644 --- a/source/java/org/alfresco/repo/site/SiteServiceImplTest.java +++ b/source/java/org/alfresco/repo/site/SiteServiceImplTest.java @@ -26,12 +26,15 @@ package org.alfresco.repo.site; import java.util.HashMap; import java.util.List; +import java.util.Map; import org.alfresco.error.AlfrescoRuntimeException; import org.alfresco.repo.jscript.ClasspathScriptLocation; +import org.alfresco.repo.security.authentication.AuthenticationComponent; import org.alfresco.service.cmr.repository.ScriptLocation; import org.alfresco.service.cmr.repository.ScriptService; import org.alfresco.util.BaseAlfrescoSpringTest; +import org.alfresco.util.TestWithUserUtils; /** * Thumbnail service implementation unit test @@ -45,9 +48,13 @@ public class SiteServiceImplTest extends BaseAlfrescoSpringTest private static final String TEST_TITLE = "This is my title"; private static final String TEST_DESCRIPTION = "This is my description"; - private SiteService siteService; + private static final String USER_ONE = "UserOne"; + private static final String USER_TWO = "UserTwo"; + private static final String USER_THREE = "UserThree"; + private SiteService siteService; private ScriptService scriptService; + private AuthenticationComponent authenticationComponent; /** * Called during the transaction setup @@ -59,6 +66,10 @@ public class SiteServiceImplTest extends BaseAlfrescoSpringTest // Get the required services this.siteService = (SiteService)this.applicationContext.getBean("siteService"); this.scriptService = (ScriptService)this.applicationContext.getBean("ScriptService"); + this.authenticationComponent = (AuthenticationComponent)this.applicationContext.getBean("authenticationComponent"); + + // Do the test's as userOne + TestWithUserUtils.authenticateUser(USER_ONE, "PWD", this.authenticationService, this.authenticationComponent); } public void testCreateSite() throws Exception @@ -195,6 +206,133 @@ public class SiteServiceImplTest extends BaseAlfrescoSpringTest this.siteService.deleteSite("testUpdateSite"); assertNull(this.siteService.getSite("testUpdateSite")); } + + public void testIsPublic() + { + // Create a couple of sites as user one + this.siteService.createSite(TEST_SITE_PRESET, "isPublicTrue", TEST_TITLE, TEST_DESCRIPTION, true); + this.siteService.createSite(TEST_SITE_PRESET, "isPublicFalse", TEST_TITLE, TEST_DESCRIPTION, false); + + // Get the sites as user one + List sites = this.siteService.listSites(null, null); + assertNotNull(sites); + assertEquals(2, sites.size()); + + // Now get the sites as user two + TestWithUserUtils.authenticateUser(USER_TWO, "PWD", this.authenticationService, this.authenticationComponent); + sites = this.siteService.listSites(null, null); + assertNotNull(sites); + assertEquals(1, sites.size()); + checkSiteInfo(sites.get(0), TEST_SITE_PRESET, "isPublicTrue", TEST_TITLE, TEST_DESCRIPTION, true); + + // Make user 2 a member of the site + TestWithUserUtils.authenticateUser(USER_ONE, "PWD", this.authenticationService, this.authenticationComponent); + this.siteService.setMembership("isPublicFalse", USER_TWO, SiteModel.SITE_CONSUMER); + + // Now get the sites as user two + TestWithUserUtils.authenticateUser(USER_TWO, "PWD", this.authenticationService, this.authenticationComponent); + sites = this.siteService.listSites(null, null); + assertNotNull(sites); + assertEquals(2, sites.size()); + } + + public void testMembership() + { + // Create a site as user one + this.siteService.createSite(TEST_SITE_PRESET, "testMembership", TEST_TITLE, TEST_DESCRIPTION, false); + + // Get the members of the site and check that user one is a manager + Map members = this.siteService.listMembers("testMembership", null, null); + assertNotNull(members); + assertEquals(1, members.size()); + assertTrue(members.containsKey(USER_ONE)); + assertEquals(SiteModel.SITE_MANAGER, members.get(USER_ONE)); + + // Add user two as a consumer and user three as a collaborator + this.siteService.setMembership("testMembership", USER_TWO, SiteModel.SITE_CONSUMER); + this.siteService.setMembership("testMembership", USER_THREE, SiteModel.SITE_COLLABORATOR); + + // Get the members of the site + members = this.siteService.listMembers("testMembership", null, null); + assertNotNull(members); + assertEquals(3, members.size()); + assertTrue(members.containsKey(USER_ONE)); + assertEquals(SiteModel.SITE_MANAGER, members.get(USER_ONE)); + assertTrue(members.containsKey(USER_TWO)); + assertEquals(SiteModel.SITE_CONSUMER, members.get(USER_TWO)); + assertTrue(members.containsKey(USER_THREE)); + assertEquals(SiteModel.SITE_COLLABORATOR, members.get(USER_THREE)); + + // Change the membership of user two + this.siteService.setMembership("testMembership", USER_TWO, SiteModel.SITE_COLLABORATOR); + + // Check the members of the site + members = this.siteService.listMembers("testMembership", null, null); + assertNotNull(members); + assertEquals(3, members.size()); + assertTrue(members.containsKey(USER_ONE)); + assertEquals(SiteModel.SITE_MANAGER, members.get(USER_ONE)); + assertTrue(members.containsKey(USER_TWO)); + assertEquals(SiteModel.SITE_COLLABORATOR, members.get(USER_TWO)); + assertTrue(members.containsKey(USER_THREE)); + assertEquals(SiteModel.SITE_COLLABORATOR, members.get(USER_THREE)); + + // Remove user two's membership + this.siteService.removeMembership("testMembership", USER_TWO); + + // Check the members of the site + members = this.siteService.listMembers("testMembership", null, null); + assertNotNull(members); + assertEquals(2, members.size()); + assertTrue(members.containsKey(USER_ONE)); + assertEquals(SiteModel.SITE_MANAGER, members.get(USER_ONE)); + assertTrue(members.containsKey(USER_THREE)); + assertEquals(SiteModel.SITE_COLLABORATOR, members.get(USER_THREE)); + + // Check that a non-manager and non-member cannot edit the memberships + TestWithUserUtils.authenticateUser(USER_TWO, "PWD", this.authenticationService, this.authenticationComponent); + try + { + this.siteService.setMembership("testMembership", USER_TWO, SiteModel.SITE_COLLABORATOR); + fail("A non member shouldnt be able to set memberships"); + } + catch (AlfrescoRuntimeException e) + { + // As expected + } + try + { + this.siteService.removeMembership("testMembership", USER_THREE); + fail("A non member shouldnt be able to remove a membership"); + } + catch (AlfrescoRuntimeException e) + { + // As expected + } + TestWithUserUtils.authenticateUser(USER_THREE, "PWD", this.authenticationService, this.authenticationComponent); + try + { + this.siteService.setMembership("testMembership", USER_TWO, SiteModel.SITE_COLLABORATOR); + fail("A member who isn't a manager shouldnt be able to set memberships"); + } + catch (AlfrescoRuntimeException e) + { + // As expected + } + try + { + this.siteService.removeMembership("testMembership", USER_THREE); + fail("A member who isn't a manager shouldnt be able to remove a membership"); + } + catch (AlfrescoRuntimeException e) + { + // As expected + } + + // TODO .. try and change the permissions of the only site manager + + // TODO .. try and remove the only site manager and should get a failure + } // == Test the JavaScript API == diff --git a/source/java/org/alfresco/repo/site/script/ScriptSiteService.java b/source/java/org/alfresco/repo/site/script/ScriptSiteService.java index 285b28988a..5eb37104f6 100644 --- a/source/java/org/alfresco/repo/site/script/ScriptSiteService.java +++ b/source/java/org/alfresco/repo/site/script/ScriptSiteService.java @@ -28,6 +28,7 @@ import java.util.ArrayList; import java.util.List; import org.alfresco.repo.jscript.BaseScopableProcessorExtension; +import org.alfresco.repo.jscript.ScriptableHashMap; import org.alfresco.repo.site.SiteInfo; import org.alfresco.repo.site.SiteService; @@ -78,9 +79,9 @@ public class ScriptSiteService extends BaseScopableProcessorExtension * * @param nameFilter name filter * @param sitePresetFilter site preset filter - * @return List a list of the site filtered as appropriate + * @return Site[] a list of the site filtered as appropriate */ - public List listSites(String nameFilter, String sitePresetFilter) + public Site[] listSites(String nameFilter, String sitePresetFilter) { List siteInfos = this.siteService.listSites(nameFilter, sitePresetFilter); List sites = new ArrayList(siteInfos.size()); @@ -88,7 +89,7 @@ public class ScriptSiteService extends BaseScopableProcessorExtension { sites.add(new Site(this.siteService, siteInfo)); } - return sites; + return (Site[])sites.toArray(new Site[sites.size()]); } /** diff --git a/source/java/org/alfresco/repo/site/script/Site.java b/source/java/org/alfresco/repo/site/script/Site.java index 9e121dda97..1d9dd53247 100644 --- a/source/java/org/alfresco/repo/site/script/Site.java +++ b/source/java/org/alfresco/repo/site/script/Site.java @@ -25,15 +25,22 @@ package org.alfresco.repo.site.script; import java.io.Serializable; +import java.util.Map; +import org.alfresco.repo.jscript.ScriptableHashMap; import org.alfresco.repo.site.SiteInfo; import org.alfresco.repo.site.SiteService; +import org.jgroups.util.GetNetworkInterfaces1_4; +import org.mozilla.javascript.ScriptableObject; /** + * Site JavaScript object + * * @author Roy Wetherall */ public class Site implements Serializable { + /** Serializable serial verion UID */ private static final long serialVersionUID = 8013569574120957923L; /** Site information */ @@ -164,4 +171,53 @@ public class Site implements Serializable // Delete the site this.siteService.deleteSite(this.siteInfo.getShortName()); } + + /** + * Gets a map of members of the site with their role within the site. This list can + * be filtered by name and/or role. + *

+ * If no name or role filter is specified all members of the site are listed. + * + * @param nameFilter user name filter + * @param roleFilter user role filter + * @return ScriptableHashMap list of members of site with their roles + */ + public ScriptableHashMap listMembers(String nameFilter, String roleFilter) + { + Map sites = this.siteService.listMembers(getShortName(), nameFilter, roleFilter); + + ScriptableHashMap result = new ScriptableHashMap(); + result.putAll(sites); + + return result; + } + + /** + * Sets the membership details for a user. + *

+ * If the user is not already a member of the site then they are added with the role + * given. If the user is already a member of the site then their role is updated to the new role. + *

+ * Only a site manager can modify memberships and there must be at least one site manager at + * all times. + * + * @param userName user name + * @param role site role + */ + public void setMembership(String userName, String role) + { + this.siteService.setMembership(getShortName(), userName, role); + } + + /** + * Removes a users membership of the site. + *

+ * Only a site manager can remove a user's membership and the last site manager can not be removed. + * + * @param userName user name + */ + public void removeMembership(String userName) + { + this.siteService.removeMembership(getShortName(), userName); + } } diff --git a/source/java/org/alfresco/repo/site/script/test_siteService.js b/source/java/org/alfresco/repo/site/script/test_siteService.js index 5bc162dee9..9aa5499f2f 100644 --- a/source/java/org/alfresco/repo/site/script/test_siteService.js +++ b/source/java/org/alfresco/repo/site/script/test_siteService.js @@ -1,11 +1,11 @@ function checkSite(site, sitePreset, shortName, title, description, isPublic) { - test.assertNotNull(site, "Site should not be null"); - test.assertEquals(sitePreset, site.sitePreset, "Site preset incorrect for site " + shortName); - test.assertEquals(shortName, site.shortName, "Site shortname incorrect"); - test.assertEquals(title, site.title, "Site title incorrect for site " + shortName); - test.assertEquals(description, site.description, "Site description incorrect for site " + shortName); - test.assertEquals(isPublic, site.isPublic, "Site ispublic incorrect for site " + shortName); + test.assertNotNull(site); + test.assertEquals(sitePreset, site.sitePreset); + test.assertEquals(shortName, site.shortName); + test.assertEquals(title, site.title); + test.assertEquals(description, site.description); + test.assertEquals(isPublic, site.isPublic); } function testCRUD() @@ -39,9 +39,46 @@ function testCRUD() function testListSites() { - // TODO + // Create a couple of sites + siteService.createSite("sitePreset", "siteShortName", "siteTitle", "siteDescription", true); + siteService.createSite("sitePreset", "siteShortName2", "siteTitle", "siteDescription", true); + + // List all the site + var sites = siteService.listSites(null, null); + + // Check the list + test.assertNotNull(sites); + test.assertEquals(2, sites.length); + + // TODO .. check the filters +} + +function testMembership() +{ + var site = siteService.getSite("siteShortName"); + test.assertNotNull(site); + + var members = site.listMembers(null, null); + test.assertNotNull(members); + test.assertEquals(1, members.length); + test.assertEquals("SiteManager", members["UserOne"]); + + site.setMembership("UserTwo", "SiteCollaborator"); + members = site.listMembers(null, null); + test.assertNotNull(members); + test.assertEquals(2, members.length); + test.assertEquals("SiteManager", members["UserOne"]); + test.assertEquals("SiteCollaborator", members["UserTwo"]); + + site.removeMembership("UserTwo"); + members = site.listMembers(null, null); + test.assertNotNull(members); + test.assertEquals(1, members.length); + test.assertEquals("SiteManager", members["UserOne"]); + } // Execute test's testCRUD(); -testListSites(); \ No newline at end of file +testListSites(); +testMembership(); \ No newline at end of file diff --git a/source/java/org/alfresco/util/TestWithUserUtils.java b/source/java/org/alfresco/util/TestWithUserUtils.java index 430914be1f..36f8fb7bbc 100644 --- a/source/java/org/alfresco/util/TestWithUserUtils.java +++ b/source/java/org/alfresco/util/TestWithUserUtils.java @@ -40,7 +40,7 @@ import org.alfresco.service.namespace.QName; * * @author Roy Wetherall */ -public abstract class TestWithUserUtils extends BaseSpringTest +public abstract class TestWithUserUtils { /** * Create a new user, including the corresponding person node.