From 70dadc363123f689ddb1fe771e6b281dbec8eee0 Mon Sep 17 00:00:00 2001
From: Harpritt Kalsi <harpritt.kalsi@alfresco.com>
Date: Fri, 7 Sep 2012 08:50:31 +0000
Subject: [PATCH] ALF-8574 runas not working as expected Cause: Person object
 set within repo parameters was the runAs user. Fix:
 getFullyAuthenticatedPerson() added to Repository.

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@41347 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
---
 .../repo/web/scripts/RepositoryContainer.java |  2 +-
 .../web/scripts/RepositoryContainerTest.java  | 38 ++++++++++++++++---
 .../org/alfresco/runas/runas.get.desc.xml     |  8 ++++
 .../org/alfresco/runas/runas.get.html.ftl     |  1 +
 .../org/alfresco/runas/runas.get.js           |  1 +
 .../alfresco/runas/runasadmin.get.desc.xml    |  8 ++++
 .../alfresco/runas/runasadmin.get.html.ftl    |  1 +
 .../org/alfresco/runas/runasadmin.get.js      |  1 +
 8 files changed, 54 insertions(+), 6 deletions(-)
 create mode 100644 source/test-resources/alfresco/templates/webscripts/org/alfresco/runas/runas.get.desc.xml
 create mode 100644 source/test-resources/alfresco/templates/webscripts/org/alfresco/runas/runas.get.html.ftl
 create mode 100644 source/test-resources/alfresco/templates/webscripts/org/alfresco/runas/runas.get.js
 create mode 100644 source/test-resources/alfresco/templates/webscripts/org/alfresco/runas/runasadmin.get.desc.xml
 create mode 100644 source/test-resources/alfresco/templates/webscripts/org/alfresco/runas/runasadmin.get.html.ftl
 create mode 100644 source/test-resources/alfresco/templates/webscripts/org/alfresco/runas/runasadmin.get.js

diff --git a/source/java/org/alfresco/repo/web/scripts/RepositoryContainer.java b/source/java/org/alfresco/repo/web/scripts/RepositoryContainer.java
index 65afd47e8e..55aaccc97f 100644
--- a/source/java/org/alfresco/repo/web/scripts/RepositoryContainer.java
+++ b/source/java/org/alfresco/repo/web/scripts/RepositoryContainer.java
@@ -237,7 +237,7 @@ public class RepositoryContainer extends AbstractRuntimeContainer implements Ten
             {
                 params.put("companyhome", companyHome);
             }
-            NodeRef person = repository.getPerson();
+            NodeRef person = repository.getFullyAuthenticatedPerson();
             if (person != null)
             {
                 params.put("person", person);
diff --git a/source/java/org/alfresco/repo/web/scripts/RepositoryContainerTest.java b/source/java/org/alfresco/repo/web/scripts/RepositoryContainerTest.java
index 06d98d8857..cc68ed99f3 100644
--- a/source/java/org/alfresco/repo/web/scripts/RepositoryContainerTest.java
+++ b/source/java/org/alfresco/repo/web/scripts/RepositoryContainerTest.java
@@ -19,10 +19,14 @@
 package org.alfresco.repo.web.scripts;
 
 import org.alfresco.model.ContentModel;
+import org.alfresco.repo.security.authentication.AuthenticationComponent;
 import org.alfresco.repo.security.authentication.AuthenticationUtil;
 import org.alfresco.service.cmr.security.MutableAuthenticationService;
 import org.alfresco.service.cmr.security.PersonService;
 import org.alfresco.util.PropertyMap;
+import org.springframework.extensions.webscripts.TestWebScriptServer.GetRequest;
+import org.springframework.extensions.webscripts.TestWebScriptServer.Response;
+import static org.springframework.extensions.webscripts.Status.*;
 
 /**
  * Unit test to test runas function
@@ -33,22 +37,25 @@ public class RepositoryContainerTest extends BaseWebScriptTest
 {
     private MutableAuthenticationService authenticationService;
     private PersonService personService;
-
+    private AuthenticationComponent authenticationComponent;
+    
     private static final String USER_ONE = "RunAsOne";
+    private static final String USER_TWO = "RunAsTwo";
 
     @Override
     protected void setUp() throws Exception
     {
         super.setUp();
 
-        this.authenticationService = (MutableAuthenticationService) getServer().getApplicationContext().getBean(
-                "AuthenticationService");
+        this.authenticationService = (MutableAuthenticationService) getServer().getApplicationContext().getBean("AuthenticationService");
+        this.authenticationComponent = (AuthenticationComponent)getServer().getApplicationContext().getBean("authenticationComponent");
         this.personService = (PersonService) getServer().getApplicationContext().getBean("PersonService");
 
         AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getSystemUserName());
         
         // Create users
         createUser(USER_ONE);
+        createUser(USER_TWO);
     }
 
     private void createUser(String userName)
@@ -57,7 +64,7 @@ public class RepositoryContainerTest extends BaseWebScriptTest
         {
             this.authenticationService.createAuthentication(userName, "PWD".toCharArray());
 
-            PropertyMap ppOne = new PropertyMap(4);
+            PropertyMap ppOne = new PropertyMap(5);
             ppOne.put(ContentModel.PROP_USERNAME, userName);
             ppOne.put(ContentModel.PROP_FIRSTNAME, "firstName");
             ppOne.put(ContentModel.PROP_LASTNAME, "lastName");
@@ -74,8 +81,29 @@ public class RepositoryContainerTest extends BaseWebScriptTest
         AuthenticationUtil.clearCurrentSecurityContext();
         super.tearDown();
     }
+    
+    
+    /**
+     * Person should be current user irrespective of runas user.
+     */
+	public void testRunAsAdmin() throws Exception {
+		authenticationComponent.setCurrentUser(USER_ONE);
+		
+		// No runas specified within our webscript descriptor
+		Response response = sendRequest(new GetRequest("/test/runas"), STATUS_OK);
+		assertEquals(USER_ONE, response.getContentAsString());
 
-    public void testReset() throws Exception
+		authenticationComponent.setCurrentUser(USER_TWO);
+		
+		// runas "Admin" specified within our webscript descriptor
+		response = sendRequest(new GetRequest("/test/runasadmin"), STATUS_OK);
+		assertEquals(USER_TWO, response.getContentAsString());
+		
+		authenticationComponent.setSystemUserAsCurrentUser();
+	}
+
+    
+	public void testReset() throws Exception
     {
         RepositoryContainer repoContainer = (RepositoryContainer) getServer().getApplicationContext().getBean("webscripts.container");
         repoContainer.reset();
diff --git a/source/test-resources/alfresco/templates/webscripts/org/alfresco/runas/runas.get.desc.xml b/source/test-resources/alfresco/templates/webscripts/org/alfresco/runas/runas.get.desc.xml
new file mode 100644
index 0000000000..d57ea115ac
--- /dev/null
+++ b/source/test-resources/alfresco/templates/webscripts/org/alfresco/runas/runas.get.desc.xml
@@ -0,0 +1,8 @@
+<webscript>
+  <shortname>Runas Test</shortname>
+  <description>Runas Test</description>
+  <url>/test/runas</url>
+  <format default="html">argument</format>
+  <authentication>user</authentication>
+  <transaction>required</transaction>
+</webscript>
diff --git a/source/test-resources/alfresco/templates/webscripts/org/alfresco/runas/runas.get.html.ftl b/source/test-resources/alfresco/templates/webscripts/org/alfresco/runas/runas.get.html.ftl
new file mode 100644
index 0000000000..ab4abdc8c4
--- /dev/null
+++ b/source/test-resources/alfresco/templates/webscripts/org/alfresco/runas/runas.get.html.ftl
@@ -0,0 +1 @@
+${testPerson.properties['userName']}
\ No newline at end of file
diff --git a/source/test-resources/alfresco/templates/webscripts/org/alfresco/runas/runas.get.js b/source/test-resources/alfresco/templates/webscripts/org/alfresco/runas/runas.get.js
new file mode 100644
index 0000000000..813ba7e987
--- /dev/null
+++ b/source/test-resources/alfresco/templates/webscripts/org/alfresco/runas/runas.get.js
@@ -0,0 +1 @@
+model.testPerson=person;
\ No newline at end of file
diff --git a/source/test-resources/alfresco/templates/webscripts/org/alfresco/runas/runasadmin.get.desc.xml b/source/test-resources/alfresco/templates/webscripts/org/alfresco/runas/runasadmin.get.desc.xml
new file mode 100644
index 0000000000..9c167d9b60
--- /dev/null
+++ b/source/test-resources/alfresco/templates/webscripts/org/alfresco/runas/runasadmin.get.desc.xml
@@ -0,0 +1,8 @@
+<webscript>
+  <shortname>Runas Admin Test</shortname>
+  <description>Runas Admin Test</description>
+  <url>/test/runasadmin</url>
+  <format default="html">argument</format>
+  <authentication runas="admin">user</authentication>
+  <transaction>required</transaction>
+</webscript>
diff --git a/source/test-resources/alfresco/templates/webscripts/org/alfresco/runas/runasadmin.get.html.ftl b/source/test-resources/alfresco/templates/webscripts/org/alfresco/runas/runasadmin.get.html.ftl
new file mode 100644
index 0000000000..ab4abdc8c4
--- /dev/null
+++ b/source/test-resources/alfresco/templates/webscripts/org/alfresco/runas/runasadmin.get.html.ftl
@@ -0,0 +1 @@
+${testPerson.properties['userName']}
\ No newline at end of file
diff --git a/source/test-resources/alfresco/templates/webscripts/org/alfresco/runas/runasadmin.get.js b/source/test-resources/alfresco/templates/webscripts/org/alfresco/runas/runasadmin.get.js
new file mode 100644
index 0000000000..813ba7e987
--- /dev/null
+++ b/source/test-resources/alfresco/templates/webscripts/org/alfresco/runas/runasadmin.get.js
@@ -0,0 +1 @@
+model.testPerson=person;
\ No newline at end of file