mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-07-24 17:32:48 +00:00
ACS-3652 Node access validation for Rule Action Parameters, ACS-3795 Validate that action is suitable for use in rule (#1502)
* ACS-3652 Add validation for individual actions. In particular write access is required for the folder specified in the copy and move actions. * ACS-3652: Adding action validations for node permissions. * ACS-3652: Fixing failing E2E tests. * ACS-3652: Adding E2E tests. * ACS-3652: Adding E2E tests. * ACS-3652 E2E tests for script validation. * ACS-3652 Fix script validation test to use admin. * ACS-3652: Removing unnecessary code. * ACS-3652 E2Es for link to category action. * ACS-3652: Adding applicable action definition check. * ACS-3652: Adding more thorough action definition checks and fixing node permission and type checks. * ACS-3652: Adding more thorough E2E tests and some fixes. * ACS-3652: Adding more E2E tests and some fixes. * ACS-3652: Fixing some missing corner cases, adding tests. * ACS-3652: Small refactoring after code review. Co-authored-by: Tom Page <thomas.page@alfresco.com>
This commit is contained in:
Maciej Pichura
GitHub
@@ -27,6 +27,8 @@
|
||||
package org.alfresco.rest.api;
|
||||
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import org.alfresco.rest.api.model.Action;
|
||||
import org.alfresco.rest.api.model.ActionDefinition;
|
||||
import org.alfresco.rest.api.model.ActionParameterConstraint;
|
||||
@@ -53,4 +55,6 @@ public interface Actions
|
||||
|
||||
@Experimental
|
||||
ActionParameterConstraint getActionConstraint(String constraintName);
|
||||
@Experimental
|
||||
ActionDefinition getRuleActionDefinitionById(String actionDefinitionId);
|
||||
}
|
||||
|
||||
@@ -26,13 +26,35 @@
|
||||
|
||||
package org.alfresco.rest.api.actions;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import org.alfresco.rest.api.model.rules.Action;
|
||||
import org.alfresco.service.Experimental;
|
||||
|
||||
@Experimental
|
||||
public interface ActionValidator
|
||||
{
|
||||
|
||||
String ALL_ACTIONS = "all";
|
||||
|
||||
/**
|
||||
* Provides validation logic for given action.
|
||||
*/
|
||||
void validate(Action action);
|
||||
|
||||
boolean isEnabled();
|
||||
/**
|
||||
* Returns priority of validator (applied to bulk validation in @see {@link org.alfresco.rest.api.impl.mapper.rules.RestRuleActionModelMapper})
|
||||
* The lower number, the higher priority is set for the validator.
|
||||
* @return priority expressed as int
|
||||
*/
|
||||
int getPriority();
|
||||
|
||||
/**
|
||||
* By default validator is applied to all actions
|
||||
*
|
||||
* @return indicator for all defined action definition ids
|
||||
*/
|
||||
default List<String> getActionDefinitionIds() {
|
||||
return List.of(ALL_ACTIONS);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -145,21 +145,7 @@ public class ActionsImpl implements Actions
|
||||
private ActionDefinition getActionDefinition(
|
||||
org.alfresco.service.cmr.action.ActionDefinition actionDefinitionId)
|
||||
{
|
||||
List<ActionDefinition.ParameterDefinition> paramDefs =
|
||||
actionDefinitionId.
|
||||
getParameterDefinitions().
|
||||
stream().
|
||||
map(this::toModel).
|
||||
collect(Collectors.toList());
|
||||
return new ActionDefinition(
|
||||
actionDefinitionId.getName(), // ID is a synonym for name.
|
||||
actionDefinitionId.getName(),
|
||||
actionDefinitionId.getTitle(),
|
||||
actionDefinitionId.getDescription(),
|
||||
toShortQNames(actionDefinitionId.getApplicableTypes()),
|
||||
actionDefinitionId.getAdhocPropertiesAllowed(),
|
||||
actionDefinitionId.getTrackStatus(),
|
||||
paramDefs);
|
||||
return mapFromServiceModel(actionDefinitionId);
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -215,23 +201,7 @@ public class ActionsImpl implements Actions
|
||||
|
||||
List<ActionDefinition> sortedPage = actionDefinitions.
|
||||
stream().
|
||||
map(actionDefinition -> {
|
||||
List<ActionDefinition.ParameterDefinition> paramDefs =
|
||||
actionDefinition.
|
||||
getParameterDefinitions().
|
||||
stream().
|
||||
map(this::toModel).
|
||||
collect(Collectors.toList());
|
||||
return new ActionDefinition(
|
||||
actionDefinition.getName(), // ID is a synonym for name.
|
||||
actionDefinition.getName(),
|
||||
actionDefinition.getTitle(),
|
||||
actionDefinition.getDescription(),
|
||||
toShortQNames(actionDefinition.getApplicableTypes()),
|
||||
actionDefinition.getAdhocPropertiesAllowed(),
|
||||
actionDefinition.getTrackStatus(),
|
||||
paramDefs);
|
||||
}).
|
||||
map(this::mapFromServiceModel).
|
||||
sorted(comparator).
|
||||
skip(skip).
|
||||
limit(maxItems).
|
||||
@@ -246,6 +216,40 @@ public class ActionsImpl implements Actions
|
||||
actionDefinitions.size());
|
||||
}
|
||||
|
||||
@Override
|
||||
@Experimental
|
||||
public ActionDefinition getRuleActionDefinitionById(String actionDefinitionId)
|
||||
{
|
||||
if (actionDefinitionId == null)
|
||||
{
|
||||
throw new InvalidArgumentException("actionDefinitionId is null");
|
||||
}
|
||||
return actionService.getActionDefinitions().stream()
|
||||
.filter(a -> actionDefinitionId.equals(a.getName()))
|
||||
.map(this::mapFromServiceModel)
|
||||
.findFirst()
|
||||
.orElseThrow(() -> new NotFoundException(NotFoundException.DEFAULT_MESSAGE_ID, new String[] {actionDefinitionId}));
|
||||
}
|
||||
|
||||
private ActionDefinition mapFromServiceModel(org.alfresco.service.cmr.action.ActionDefinition actionDefinition)
|
||||
{
|
||||
List<ActionDefinition.ParameterDefinition> paramDefs =
|
||||
actionDefinition.
|
||||
getParameterDefinitions().
|
||||
stream().
|
||||
map(this::toModel).
|
||||
collect(Collectors.toList());
|
||||
return new ActionDefinition(
|
||||
actionDefinition.getName(), // ID is a synonym for name.
|
||||
actionDefinition.getName(),
|
||||
actionDefinition.getTitle(),
|
||||
actionDefinition.getDescription(),
|
||||
toShortQNames(actionDefinition.getApplicableTypes()),
|
||||
actionDefinition.getAdhocPropertiesAllowed(),
|
||||
actionDefinition.getTrackStatus(),
|
||||
paramDefs);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Action executeAction(Action action, Parameters parameters)
|
||||
{
|
||||
|
||||
@@ -29,10 +29,12 @@ package org.alfresco.rest.api.impl.mapper.rules;
|
||||
import static java.util.Collections.emptyMap;
|
||||
|
||||
import static org.alfresco.repo.action.access.ActionAccessRestriction.ACTION_CONTEXT_PARAM_NAME;
|
||||
import static org.alfresco.rest.api.actions.ActionValidator.ALL_ACTIONS;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.Collection;
|
||||
import java.util.HashMap;
|
||||
import java.util.Comparator;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Optional;
|
||||
@@ -116,7 +118,9 @@ public class RestRuleActionModelMapper implements RestModelMapper<Action, org.al
|
||||
}
|
||||
private void validateAction(Action action) {
|
||||
actionValidators.stream()
|
||||
.filter(ActionValidator::isEnabled)
|
||||
.forEach(v -> v.validate(action));
|
||||
.filter(v -> (v.getActionDefinitionIds().contains(action.getActionDefinitionId()) ||
|
||||
v.getActionDefinitionIds().equals(List.of(ALL_ACTIONS))))
|
||||
.sorted(Comparator.comparing(ActionValidator::getPriority))
|
||||
.forEachOrdered(v -> v.validate(action));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -0,0 +1,171 @@
|
||||
/*
|
||||
* #%L
|
||||
* Alfresco Remote API
|
||||
* %%
|
||||
* Copyright (C) 2005 - 2022 Alfresco Software Limited
|
||||
* %%
|
||||
* This file is part of the Alfresco software.
|
||||
* If the software was purchased under a paid Alfresco license, the terms of
|
||||
* the paid license agreement will prevail. Otherwise, the software is
|
||||
* provided under the following open source license terms:
|
||||
*
|
||||
* Alfresco is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Lesser General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* Alfresco is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Lesser General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Lesser General Public License
|
||||
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
||||
* #L%
|
||||
*/
|
||||
|
||||
package org.alfresco.rest.api.impl.validator.actions;
|
||||
|
||||
import static org.alfresco.model.ContentModel.TYPE_CATEGORY;
|
||||
import static org.alfresco.model.ContentModel.TYPE_FOLDER;
|
||||
import static org.alfresco.service.cmr.dictionary.DataTypeDefinition.NODE_REF;
|
||||
import static org.alfresco.service.cmr.security.AccessStatus.ALLOWED;
|
||||
import static org.alfresco.service.cmr.security.PermissionService.WRITE;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Objects;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import org.alfresco.repo.action.executer.CheckOutActionExecuter;
|
||||
import org.alfresco.repo.action.executer.CopyActionExecuter;
|
||||
import org.alfresco.repo.action.executer.ImageTransformActionExecuter;
|
||||
import org.alfresco.repo.action.executer.ImporterActionExecuter;
|
||||
import org.alfresco.repo.action.executer.LinkCategoryActionExecuter;
|
||||
import org.alfresco.repo.action.executer.MoveActionExecuter;
|
||||
import org.alfresco.repo.action.executer.SimpleWorkflowActionExecuter;
|
||||
import org.alfresco.repo.action.executer.TransformActionExecuter;
|
||||
import org.alfresco.rest.api.Actions;
|
||||
import org.alfresco.rest.api.Nodes;
|
||||
import org.alfresco.rest.api.actions.ActionValidator;
|
||||
import org.alfresco.rest.api.model.ActionDefinition;
|
||||
import org.alfresco.rest.api.model.rules.Action;
|
||||
import org.alfresco.rest.framework.core.exceptions.EntityNotFoundException;
|
||||
import org.alfresco.rest.framework.core.exceptions.InvalidArgumentException;
|
||||
import org.alfresco.rest.framework.core.exceptions.PermissionDeniedException;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.cmr.security.PermissionService;
|
||||
import org.alfresco.service.namespace.NamespaceService;
|
||||
import org.apache.commons.collections.MapUtils;
|
||||
import org.apache.logging.log4j.util.Strings;
|
||||
|
||||
/**
|
||||
* This class provides logic for validation of permissions for action parameters which reference node.
|
||||
*/
|
||||
public class ActionNodeParameterValidator implements ActionValidator
|
||||
{
|
||||
/**
|
||||
* This list holds action parameter names which require only READ permission on a referenced node
|
||||
* That means, all other parameters that reference nodes will require WRITE permission
|
||||
*/
|
||||
static final Map<String, List<String>> REQUIRE_READ_PERMISSION_PARAMS =
|
||||
Map.of(LinkCategoryActionExecuter.NAME, List.of(LinkCategoryActionExecuter.PARAM_CATEGORY_VALUE));
|
||||
|
||||
static final String NO_PROPER_PERMISSIONS_FOR_NODE = "No proper permissions for node: ";
|
||||
static final String NOT_A_CATEGORY = "Node is not a category ";
|
||||
static final String NOT_A_FOLDER = "Node is not a folder ";
|
||||
|
||||
private final Actions actions;
|
||||
private final NamespaceService namespaceService;
|
||||
private final Nodes nodes;
|
||||
private final PermissionService permissionService;
|
||||
|
||||
public ActionNodeParameterValidator(Actions actions, NamespaceService namespaceService, Nodes nodes,
|
||||
PermissionService permissionService)
|
||||
{
|
||||
this.actions = actions;
|
||||
this.namespaceService = namespaceService;
|
||||
this.nodes = nodes;
|
||||
this.permissionService = permissionService;
|
||||
}
|
||||
|
||||
/**
|
||||
* Validates action parameters that reference nodes against access permissions for executing user.
|
||||
*
|
||||
* @param action Action to be validated
|
||||
*/
|
||||
@Override
|
||||
public void validate(Action action)
|
||||
{
|
||||
final ActionDefinition actionDefinition = actions.getRuleActionDefinitionById(action.getActionDefinitionId());
|
||||
final List<ActionDefinition.ParameterDefinition> nodeRefParams = actionDefinition.getParameterDefinitions().stream()
|
||||
.filter(pd -> NODE_REF.toPrefixString(namespaceService).equals(pd.getType()))
|
||||
.collect(Collectors.toList());
|
||||
validateNodes(nodeRefParams, action);
|
||||
}
|
||||
|
||||
/**
|
||||
* @return List of action definitions applicable to this validator
|
||||
*/
|
||||
@Override
|
||||
public List<String> getActionDefinitionIds()
|
||||
{
|
||||
return List.of(CopyActionExecuter.NAME, MoveActionExecuter.NAME, CheckOutActionExecuter.NAME, ImporterActionExecuter.NAME,
|
||||
LinkCategoryActionExecuter.NAME, SimpleWorkflowActionExecuter.NAME, TransformActionExecuter.NAME,
|
||||
ImageTransformActionExecuter.NAME);
|
||||
}
|
||||
|
||||
@Override
|
||||
public int getPriority()
|
||||
{
|
||||
return Integer.MIN_VALUE + 1;
|
||||
}
|
||||
|
||||
private void validateNodes(final List<ActionDefinition.ParameterDefinition> nodeRefParamDefinitions,
|
||||
final Action action)
|
||||
{
|
||||
if (MapUtils.isNotEmpty(action.getParams()))
|
||||
{
|
||||
nodeRefParamDefinitions.stream()
|
||||
.filter(pd -> action.getParams().containsKey(pd.getName()))
|
||||
.forEach(p -> {
|
||||
final String nodeId = Objects.toString(action.getParams().get(p.getName()), Strings.EMPTY);
|
||||
final NodeRef nodeRef = nodes.validateNode(nodeId);
|
||||
validatePermission(action.getActionDefinitionId(), p.getName(), nodeRef);
|
||||
validateType(action.getActionDefinitionId(), nodeRef);
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
private void validatePermission(final String actionDefinitionId, final String paramName, final NodeRef nodeRef)
|
||||
{
|
||||
if (permissionService.hasReadPermission(nodeRef) != ALLOWED)
|
||||
{
|
||||
throw new EntityNotFoundException(nodeRef.getId());
|
||||
}
|
||||
if (!REQUIRE_READ_PERMISSION_PARAMS.containsKey(actionDefinitionId) ||
|
||||
REQUIRE_READ_PERMISSION_PARAMS.get(actionDefinitionId).stream().noneMatch(paramName::equals))
|
||||
{
|
||||
if (permissionService.hasPermission(nodeRef, WRITE) != ALLOWED)
|
||||
{
|
||||
throw new PermissionDeniedException(NO_PROPER_PERMISSIONS_FOR_NODE + nodeRef.getId());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private void validateType(final String actionDefinitionId, final NodeRef nodeRef)
|
||||
{
|
||||
if (!LinkCategoryActionExecuter.NAME.equals(actionDefinitionId))
|
||||
{
|
||||
if (!nodes.nodeMatches(nodeRef, Set.of(TYPE_FOLDER), Collections.emptySet()))
|
||||
{
|
||||
throw new InvalidArgumentException(NOT_A_FOLDER + nodeRef.getId());
|
||||
}
|
||||
} else if (!nodes.nodeMatches(nodeRef, Set.of(TYPE_CATEGORY), Collections.emptySet()))
|
||||
{
|
||||
throw new InvalidArgumentException(NOT_A_CATEGORY + nodeRef.getId());
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -27,7 +27,11 @@
|
||||
package org.alfresco.rest.api.impl.validator.actions;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Objects;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import org.alfresco.rest.api.Actions;
|
||||
import org.alfresco.rest.api.actions.ActionValidator;
|
||||
@@ -39,6 +43,7 @@ import org.alfresco.rest.framework.core.exceptions.NotFoundException;
|
||||
import org.alfresco.service.Experimental;
|
||||
import org.apache.commons.collections.CollectionUtils;
|
||||
import org.apache.commons.collections.MapUtils;
|
||||
import org.apache.logging.log4j.util.Strings;
|
||||
|
||||
/**
|
||||
* This class will validate all action types against action parameters definitions (mandatory parameters, parameter constraints)
|
||||
@@ -46,14 +51,14 @@ import org.apache.commons.collections.MapUtils;
|
||||
@Experimental
|
||||
public class ActionParameterDefinitionValidator implements ActionValidator
|
||||
{
|
||||
private static final boolean IS_ENABLED = true;
|
||||
static final String INVALID_PARAMETER_VALUE =
|
||||
"Action parameter: %s has invalid value (%s). Look up possible values for constraint name %s";
|
||||
static final String MISSING_PARAMETER = "Missing action's mandatory parameter: %s";
|
||||
static final String MUST_NOT_CONTAIN_PARAMETER = "Action of definition id: %s must not contain parameter of name: %s";
|
||||
static final String PARAMS_SHOULD_NOT_BE_EMPTY =
|
||||
"Action parameters should not be null or empty for this action. See Action Definition for action of: %s";
|
||||
static final String INVALID_ACTION_DEFINITION = "Invalid action definition requested %s";
|
||||
static final String INVALID_ACTION_DEFINITION = "Invalid rule action definition requested %s";
|
||||
static final String EMPTY_ACTION_DEFINITION = "Empty/null rule action definition id";
|
||||
|
||||
private final Actions actions;
|
||||
|
||||
@@ -71,51 +76,81 @@ public class ActionParameterDefinitionValidator implements ActionValidator
|
||||
public void validate(Action action)
|
||||
{
|
||||
ActionDefinition actionDefinition;
|
||||
final String actionDefinitionId = action.getActionDefinitionId();
|
||||
if (Strings.isBlank(actionDefinitionId))
|
||||
{
|
||||
throw new InvalidArgumentException(EMPTY_ACTION_DEFINITION);
|
||||
}
|
||||
try
|
||||
{
|
||||
actionDefinition = actions.getActionDefinitionById(action.getActionDefinitionId());
|
||||
} catch (NotFoundException e) {
|
||||
throw new InvalidArgumentException(String.format(INVALID_ACTION_DEFINITION, action.getActionDefinitionId()));
|
||||
actionDefinition = actions.getRuleActionDefinitionById(actionDefinitionId);
|
||||
} catch (NotFoundException e)
|
||||
{
|
||||
throw new InvalidArgumentException(String.format(INVALID_ACTION_DEFINITION, actionDefinitionId));
|
||||
}
|
||||
validateParametersSize(action.getParams(), actionDefinition);
|
||||
final Map<String, Serializable> params = action.getParams();
|
||||
if (MapUtils.isNotEmpty(params))
|
||||
{
|
||||
params.forEach((key, value) -> checkParameterShouldExist(key, actionDefinition));
|
||||
actionDefinition.getParameterDefinitions().forEach(p -> validateParameterDefinitions(p, params));
|
||||
getParameterDefinitions(actionDefinition).forEach(p -> validateParameterDefinitions(p, params));
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* This validator should be applied to all actions
|
||||
*
|
||||
* @return list of all defined action definition ids
|
||||
*/
|
||||
@Override
|
||||
public boolean isEnabled()
|
||||
public List<String> getActionDefinitionIds()
|
||||
{
|
||||
return IS_ENABLED;
|
||||
return List.of(ALL_ACTIONS);
|
||||
}
|
||||
|
||||
/**
|
||||
* This validator should have highest priority and be executed first of all (thus minimal integer is returned here).
|
||||
*
|
||||
* @return minimal integer value
|
||||
*/
|
||||
@Override
|
||||
public int getPriority()
|
||||
{
|
||||
return Integer.MIN_VALUE;
|
||||
}
|
||||
|
||||
private void validateParametersSize(final Map<String, Serializable> params, final ActionDefinition actionDefinition)
|
||||
{
|
||||
if (CollectionUtils.isNotEmpty(actionDefinition.getParameterDefinitions()) && MapUtils.isEmpty(params))
|
||||
final List<ActionDefinition.ParameterDefinition> parameterDefinitions = getParameterDefinitions(actionDefinition);
|
||||
if (CollectionUtils.isNotEmpty(
|
||||
parameterDefinitions.stream().filter(ActionDefinition.ParameterDefinition::isMandatory).collect(Collectors.toList())) &&
|
||||
MapUtils.isEmpty(params))
|
||||
{
|
||||
throw new IllegalArgumentException(String.format(PARAMS_SHOULD_NOT_BE_EMPTY, actionDefinition.getName()));
|
||||
throw new InvalidArgumentException(String.format(PARAMS_SHOULD_NOT_BE_EMPTY, actionDefinition.getName()));
|
||||
}
|
||||
}
|
||||
|
||||
private List<ActionDefinition.ParameterDefinition> getParameterDefinitions(ActionDefinition actionDefinition)
|
||||
{
|
||||
return actionDefinition.getParameterDefinitions() == null ? Collections.emptyList() : actionDefinition.getParameterDefinitions();
|
||||
}
|
||||
|
||||
private void validateParameterDefinitions(final ActionDefinition.ParameterDefinition parameterDefinition,
|
||||
final Map<String, Serializable> params)
|
||||
{
|
||||
final Serializable parameterValue = params.get(parameterDefinition.getName());
|
||||
if (parameterDefinition.isMandatory() && parameterValue == null)
|
||||
{
|
||||
throw new IllegalArgumentException(String.format(MISSING_PARAMETER, parameterDefinition.getName()));
|
||||
throw new InvalidArgumentException(String.format(MISSING_PARAMETER, parameterDefinition.getName()));
|
||||
}
|
||||
if (parameterDefinition.getParameterConstraintName() != null)
|
||||
{
|
||||
final ActionParameterConstraint actionConstraint =
|
||||
actions.getActionConstraint(parameterDefinition.getParameterConstraintName());
|
||||
if (parameterValue != null && actionConstraint.getConstraintValues().stream()
|
||||
.noneMatch(constraintData -> constraintData.getValue().equals(parameterValue.toString())))
|
||||
.noneMatch(constraintData -> constraintData.getValue().equals(Objects.toString(parameterValue, null))))
|
||||
{
|
||||
throw new IllegalArgumentException(String.format(INVALID_PARAMETER_VALUE, parameterDefinition.getName(), parameterValue,
|
||||
throw new InvalidArgumentException(String.format(INVALID_PARAMETER_VALUE, parameterDefinition.getName(), parameterValue,
|
||||
actionConstraint.getConstraintName()));
|
||||
}
|
||||
}
|
||||
@@ -123,11 +158,9 @@ public class ActionParameterDefinitionValidator implements ActionValidator
|
||||
|
||||
private void checkParameterShouldExist(final String parameterName, final ActionDefinition actionDefinition)
|
||||
{
|
||||
if (actionDefinition.getParameterDefinitions().stream().noneMatch(pd -> parameterName.equals(pd.getName())))
|
||||
if (getParameterDefinitions(actionDefinition).stream().noneMatch(pd -> parameterName.equals(pd.getName())))
|
||||
{
|
||||
throw new IllegalArgumentException(String.format(MUST_NOT_CONTAIN_PARAMETER, actionDefinition.getName(), parameterName));
|
||||
throw new InvalidArgumentException(String.format(MUST_NOT_CONTAIN_PARAMETER, actionDefinition.getName(), parameterName));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
@@ -593,6 +593,12 @@
|
||||
<bean id="actionParameterConstraintsValidator" class="org.alfresco.rest.api.impl.validator.actions.ActionParameterDefinitionValidator">
|
||||
<constructor-arg name="actions" ref="Actions"/>
|
||||
</bean>
|
||||
<bean id="actionNodeParameterValidator" class="org.alfresco.rest.api.impl.validator.actions.ActionNodeParameterValidator">
|
||||
<constructor-arg name="actions" ref="Actions"/>
|
||||
<constructor-arg name="namespaceService" ref="NamespaceService"/>
|
||||
<constructor-arg name="nodes" ref="Nodes"/>
|
||||
<constructor-arg name="permissionService" ref="PermissionService"/>
|
||||
</bean>
|
||||
|
||||
<!-- action parameter validators end here-->
|
||||
|
||||
@@ -977,6 +983,7 @@
|
||||
<constructor-arg name="actionValidators">
|
||||
<list>
|
||||
<ref bean="actionParameterConstraintsValidator"/>
|
||||
<ref bean="actionNodeParameterValidator"/>
|
||||
</list>
|
||||
</constructor-arg>
|
||||
</bean>
|
||||
|
||||
@@ -36,6 +36,8 @@ import org.alfresco.rest.api.impl.rules.NodeValidatorTest;
|
||||
import org.alfresco.rest.api.impl.rules.RuleLoaderTest;
|
||||
import org.alfresco.rest.api.impl.rules.RuleSetsImplTest;
|
||||
import org.alfresco.rest.api.impl.rules.RulesImplTest;
|
||||
import org.alfresco.rest.api.impl.validator.actions.ActionNodeParameterValidatorTest;
|
||||
import org.alfresco.rest.api.impl.validator.actions.ActionParameterDefinitionValidatorTest;
|
||||
import org.alfresco.rest.api.rules.NodeRuleSetsRelationTest;
|
||||
import org.alfresco.rest.api.rules.NodeRulesRelationTest;
|
||||
import org.alfresco.service.Experimental;
|
||||
@@ -53,6 +55,8 @@ import org.junit.runners.Suite;
|
||||
RuleLoaderTest.class,
|
||||
ActionParameterConverterTest.class,
|
||||
ActionPermissionValidatorTest.class,
|
||||
ActionParameterDefinitionValidatorTest.class,
|
||||
ActionNodeParameterValidatorTest.class,
|
||||
RestRuleSimpleConditionModelMapperTest.class,
|
||||
RestRuleCompositeConditionModelMapperTest.class,
|
||||
RestRuleActionModelMapperTest.class,
|
||||
|
||||
@@ -76,7 +76,6 @@ public class RestRuleActionModelMapperTest
|
||||
@Before
|
||||
public void setUp() {
|
||||
objectUnderTest = new RestRuleActionModelMapper(parameterConverter, List.of(sampleValidatorMock));
|
||||
given(sampleValidatorMock.isEnabled()).willReturn(true);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -0,0 +1,366 @@
|
||||
/*
|
||||
* #%L
|
||||
* Alfresco Remote API
|
||||
* %%
|
||||
* Copyright (C) 2005 - 2022 Alfresco Software Limited
|
||||
* %%
|
||||
* This file is part of the Alfresco software.
|
||||
* If the software was purchased under a paid Alfresco license, the terms of
|
||||
* the paid license agreement will prevail. Otherwise, the software is
|
||||
* provided under the following open source license terms:
|
||||
*
|
||||
* Alfresco is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Lesser General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* Alfresco is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Lesser General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Lesser General Public License
|
||||
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
||||
* #L%
|
||||
*/
|
||||
|
||||
package org.alfresco.rest.api.impl.validator.actions;
|
||||
|
||||
import static org.alfresco.model.ContentModel.TYPE_CATEGORY;
|
||||
import static org.alfresco.model.ContentModel.TYPE_FOLDER;
|
||||
import static org.alfresco.rest.api.impl.validator.actions.ActionNodeParameterValidator.NOT_A_CATEGORY;
|
||||
import static org.alfresco.rest.api.impl.validator.actions.ActionNodeParameterValidator.NOT_A_FOLDER;
|
||||
import static org.alfresco.rest.api.impl.validator.actions.ActionNodeParameterValidator.NO_PROPER_PERMISSIONS_FOR_NODE;
|
||||
import static org.alfresco.rest.api.impl.validator.actions.ActionNodeParameterValidator.REQUIRE_READ_PERMISSION_PARAMS;
|
||||
import static org.alfresco.service.cmr.dictionary.DataTypeDefinition.CATEGORY;
|
||||
import static org.alfresco.service.cmr.dictionary.DataTypeDefinition.NODE_REF;
|
||||
import static org.alfresco.service.cmr.dictionary.DataTypeDefinition.TEXT;
|
||||
import static org.alfresco.service.cmr.repository.StoreRef.STORE_REF_WORKSPACE_SPACESSTORE;
|
||||
import static org.alfresco.service.namespace.NamespaceService.DEFAULT_PREFIX;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
import static org.mockito.BDDMockito.then;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.alfresco.repo.action.executer.CheckOutActionExecuter;
|
||||
import org.alfresco.repo.action.executer.CopyActionExecuter;
|
||||
import org.alfresco.repo.action.executer.ImageTransformActionExecuter;
|
||||
import org.alfresco.repo.action.executer.ImporterActionExecuter;
|
||||
import org.alfresco.repo.action.executer.LinkCategoryActionExecuter;
|
||||
import org.alfresco.repo.action.executer.MoveActionExecuter;
|
||||
import org.alfresco.repo.action.executer.SimpleWorkflowActionExecuter;
|
||||
import org.alfresco.repo.action.executer.TransformActionExecuter;
|
||||
import org.alfresco.rest.api.Actions;
|
||||
import org.alfresco.rest.api.Nodes;
|
||||
import org.alfresco.rest.api.model.ActionDefinition;
|
||||
import org.alfresco.rest.api.model.rules.Action;
|
||||
import org.alfresco.rest.framework.core.exceptions.EntityNotFoundException;
|
||||
import org.alfresco.rest.framework.core.exceptions.InvalidArgumentException;
|
||||
import org.alfresco.rest.framework.core.exceptions.PermissionDeniedException;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.cmr.security.AccessStatus;
|
||||
import org.alfresco.service.cmr.security.PermissionService;
|
||||
import org.alfresco.service.namespace.NamespaceService;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.mockito.InjectMocks;
|
||||
import org.mockito.Mock;
|
||||
import org.mockito.junit.MockitoJUnitRunner;
|
||||
|
||||
@RunWith(MockitoJUnitRunner.class)
|
||||
public class ActionNodeParameterValidatorTest
|
||||
{
|
||||
private static final String READ_RIGHTS_REQUIRED_DEFINITION_ID = LinkCategoryActionExecuter.NAME;
|
||||
private static final String CATEGORY_NODE_REF_PARAM = REQUIRE_READ_PERMISSION_PARAMS.get(READ_RIGHTS_REQUIRED_DEFINITION_ID).get(0);
|
||||
private static final String DESTINATION_FOLDER_PARAM = "destination-folder";
|
||||
private static final String NODE_ID = "node-id";
|
||||
private static final String COPY_ACTION = CopyActionExecuter.NAME;
|
||||
|
||||
@Mock
|
||||
private Actions actionsMock;
|
||||
@Mock
|
||||
private NamespaceService namespaceServiceMock;
|
||||
@Mock
|
||||
private Nodes nodesMock;
|
||||
@Mock
|
||||
private PermissionService permissionServiceMock;
|
||||
|
||||
@InjectMocks
|
||||
private ActionNodeParameterValidator objectUnderTest;
|
||||
|
||||
@Test
|
||||
public void testProperPermissionsForReadRights()
|
||||
{
|
||||
final Action action = new Action();
|
||||
action.setActionDefinitionId(READ_RIGHTS_REQUIRED_DEFINITION_ID);
|
||||
action.setParams(Map.of(CATEGORY_NODE_REF_PARAM, NODE_ID));
|
||||
ActionDefinition.ParameterDefinition parameterDef =
|
||||
new ActionDefinition.ParameterDefinition(CATEGORY_NODE_REF_PARAM, NODE_REF.toPrefixString(), false, true, null, null);
|
||||
final ActionDefinition actionDefinition =
|
||||
new ActionDefinition(COPY_ACTION, COPY_ACTION, null, null, null, false, false,
|
||||
List.of(parameterDef));
|
||||
given(actionsMock.getRuleActionDefinitionById(READ_RIGHTS_REQUIRED_DEFINITION_ID)).willReturn(actionDefinition);
|
||||
given(namespaceServiceMock.getPrefixes(NODE_REF.getNamespaceURI())).willReturn(List.of(DEFAULT_PREFIX));
|
||||
final NodeRef nodeRef = new NodeRef(STORE_REF_WORKSPACE_SPACESSTORE, NODE_ID);
|
||||
given(nodesMock.validateNode(NODE_ID)).willReturn(nodeRef);
|
||||
given(permissionServiceMock.hasReadPermission(nodeRef)).willReturn(AccessStatus.ALLOWED);
|
||||
given(nodesMock.nodeMatches(nodeRef, Set.of(TYPE_CATEGORY), Collections.emptySet())).willReturn(true);
|
||||
|
||||
//when
|
||||
objectUnderTest.validate(action);
|
||||
|
||||
then(actionsMock).should().getRuleActionDefinitionById(READ_RIGHTS_REQUIRED_DEFINITION_ID);
|
||||
then(actionsMock).shouldHaveNoMoreInteractions();
|
||||
then(namespaceServiceMock).should().getPrefixes(NODE_REF.getNamespaceURI());
|
||||
then(namespaceServiceMock).shouldHaveNoMoreInteractions();
|
||||
then(nodesMock).should().validateNode(NODE_ID);
|
||||
then(nodesMock).should().nodeMatches(nodeRef, Set.of(TYPE_CATEGORY), Collections.emptySet());
|
||||
then(nodesMock).shouldHaveNoMoreInteractions();
|
||||
then(permissionServiceMock).should().hasReadPermission(nodeRef);
|
||||
then(permissionServiceMock).shouldHaveNoMoreInteractions();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testNotEnoughPermissionsForReadRights()
|
||||
{
|
||||
final Action action = new Action();
|
||||
action.setActionDefinitionId(COPY_ACTION);
|
||||
action.setParams(Map.of(DESTINATION_FOLDER_PARAM, NODE_ID));
|
||||
ActionDefinition.ParameterDefinition parameterDef =
|
||||
new ActionDefinition.ParameterDefinition(DESTINATION_FOLDER_PARAM, NODE_REF.toPrefixString(), false, true, null, null);
|
||||
final ActionDefinition actionDefinition =
|
||||
new ActionDefinition(COPY_ACTION, COPY_ACTION, null, null, null, false, false,
|
||||
List.of(parameterDef));
|
||||
given(actionsMock.getRuleActionDefinitionById(COPY_ACTION)).willReturn(actionDefinition);
|
||||
given(namespaceServiceMock.getPrefixes(NODE_REF.getNamespaceURI())).willReturn(List.of(DEFAULT_PREFIX));
|
||||
final NodeRef nodeRef = new NodeRef(STORE_REF_WORKSPACE_SPACESSTORE, NODE_ID);
|
||||
given(nodesMock.validateNode(NODE_ID)).willReturn(nodeRef);
|
||||
given(permissionServiceMock.hasReadPermission(nodeRef)).willReturn(AccessStatus.DENIED);
|
||||
|
||||
//when
|
||||
assertThatExceptionOfType(EntityNotFoundException.class).isThrownBy(() -> objectUnderTest.validate(action));
|
||||
|
||||
then(actionsMock).should().getRuleActionDefinitionById(COPY_ACTION);
|
||||
then(actionsMock).shouldHaveNoMoreInteractions();
|
||||
then(namespaceServiceMock).should().getPrefixes(NODE_REF.getNamespaceURI());
|
||||
then(namespaceServiceMock).shouldHaveNoMoreInteractions();
|
||||
then(nodesMock).should().validateNode(NODE_ID);
|
||||
then(nodesMock).shouldHaveNoMoreInteractions();
|
||||
then(permissionServiceMock).should().hasReadPermission(nodeRef);
|
||||
then(permissionServiceMock).shouldHaveNoMoreInteractions();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testValidateForNodeNotFound()
|
||||
{
|
||||
final Action action = new Action();
|
||||
action.setActionDefinitionId(COPY_ACTION);
|
||||
action.setParams(Map.of(DESTINATION_FOLDER_PARAM, NODE_ID));
|
||||
ActionDefinition.ParameterDefinition parameterDef =
|
||||
new ActionDefinition.ParameterDefinition(DESTINATION_FOLDER_PARAM, NODE_REF.toPrefixString(), false, true, null, null);
|
||||
final ActionDefinition actionDefinition =
|
||||
new ActionDefinition(COPY_ACTION, COPY_ACTION, null, null, null, false, false,
|
||||
List.of(parameterDef));
|
||||
given(actionsMock.getRuleActionDefinitionById(COPY_ACTION)).willReturn(actionDefinition);
|
||||
given(namespaceServiceMock.getPrefixes(NODE_REF.getNamespaceURI())).willReturn(List.of(DEFAULT_PREFIX));
|
||||
given(nodesMock.validateNode(NODE_ID)).willThrow(EntityNotFoundException.class);
|
||||
|
||||
//when
|
||||
assertThatExceptionOfType(EntityNotFoundException.class).isThrownBy(() -> objectUnderTest.validate(action));
|
||||
|
||||
then(actionsMock).should().getRuleActionDefinitionById(COPY_ACTION);
|
||||
then(actionsMock).shouldHaveNoMoreInteractions();
|
||||
then(namespaceServiceMock).should().getPrefixes(NODE_REF.getNamespaceURI());
|
||||
then(namespaceServiceMock).shouldHaveNoMoreInteractions();
|
||||
then(nodesMock).should().validateNode(NODE_ID);
|
||||
then(nodesMock).shouldHaveNoMoreInteractions();
|
||||
then(permissionServiceMock).shouldHaveNoInteractions();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testProperPermissionsForWriteRights()
|
||||
{
|
||||
final Action action = new Action();
|
||||
action.setActionDefinitionId(COPY_ACTION);
|
||||
action.setParams(Map.of(DESTINATION_FOLDER_PARAM, NODE_ID));
|
||||
ActionDefinition.ParameterDefinition parameterDef =
|
||||
new ActionDefinition.ParameterDefinition(DESTINATION_FOLDER_PARAM, NODE_REF.toPrefixString(), false, true, null, null);
|
||||
final ActionDefinition actionDefinition =
|
||||
new ActionDefinition(COPY_ACTION, COPY_ACTION, null, null, null, false, false,
|
||||
List.of(parameterDef));
|
||||
given(actionsMock.getRuleActionDefinitionById(COPY_ACTION)).willReturn(actionDefinition);
|
||||
given(namespaceServiceMock.getPrefixes(NODE_REF.getNamespaceURI())).willReturn(List.of(DEFAULT_PREFIX));
|
||||
final NodeRef nodeRef = new NodeRef(STORE_REF_WORKSPACE_SPACESSTORE, NODE_ID);
|
||||
given(nodesMock.validateNode(NODE_ID)).willReturn(nodeRef);
|
||||
given(permissionServiceMock.hasReadPermission(nodeRef)).willReturn(AccessStatus.ALLOWED);
|
||||
given(permissionServiceMock.hasPermission(nodeRef, PermissionService.WRITE)).willReturn(AccessStatus.ALLOWED);
|
||||
given(nodesMock.nodeMatches(nodeRef, Set.of(TYPE_FOLDER), Collections.emptySet())).willReturn(true);
|
||||
|
||||
//when
|
||||
objectUnderTest.validate(action);
|
||||
|
||||
then(actionsMock).should().getRuleActionDefinitionById(COPY_ACTION);
|
||||
then(actionsMock).shouldHaveNoMoreInteractions();
|
||||
then(namespaceServiceMock).should().getPrefixes(NODE_REF.getNamespaceURI());
|
||||
then(namespaceServiceMock).shouldHaveNoMoreInteractions();
|
||||
then(nodesMock).should().validateNode(NODE_ID);
|
||||
then(nodesMock).should().nodeMatches(nodeRef, Set.of(TYPE_FOLDER), Collections.emptySet());
|
||||
then(nodesMock).shouldHaveNoMoreInteractions();
|
||||
then(permissionServiceMock).should().hasReadPermission(nodeRef);
|
||||
then(permissionServiceMock).should().hasPermission(nodeRef, PermissionService.WRITE);
|
||||
then(permissionServiceMock).shouldHaveNoMoreInteractions();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testNotEnoughPermissionsForWriteRights()
|
||||
{
|
||||
final Action action = new Action();
|
||||
action.setActionDefinitionId(COPY_ACTION);
|
||||
action.setParams(Map.of(DESTINATION_FOLDER_PARAM, NODE_ID));
|
||||
ActionDefinition.ParameterDefinition parameterDef =
|
||||
new ActionDefinition.ParameterDefinition(DESTINATION_FOLDER_PARAM, NODE_REF.toPrefixString(), false, true, null, null);
|
||||
final ActionDefinition actionDefinition =
|
||||
new ActionDefinition(COPY_ACTION, COPY_ACTION, null, null, null, false, false,
|
||||
List.of(parameterDef));
|
||||
given(actionsMock.getRuleActionDefinitionById(COPY_ACTION)).willReturn(actionDefinition);
|
||||
given(namespaceServiceMock.getPrefixes(NODE_REF.getNamespaceURI())).willReturn(List.of(DEFAULT_PREFIX));
|
||||
final NodeRef nodeRef = new NodeRef(STORE_REF_WORKSPACE_SPACESSTORE, NODE_ID);
|
||||
given(nodesMock.validateNode(NODE_ID)).willReturn(nodeRef);
|
||||
given(permissionServiceMock.hasReadPermission(nodeRef)).willReturn(AccessStatus.ALLOWED);
|
||||
given(permissionServiceMock.hasPermission(nodeRef, PermissionService.WRITE)).willReturn(AccessStatus.DENIED);
|
||||
|
||||
//when
|
||||
assertThatExceptionOfType(PermissionDeniedException.class).isThrownBy(() -> objectUnderTest.validate(action))
|
||||
.withMessageContaining(NO_PROPER_PERMISSIONS_FOR_NODE + NODE_ID);
|
||||
|
||||
then(actionsMock).should().getRuleActionDefinitionById(COPY_ACTION);
|
||||
then(actionsMock).shouldHaveNoMoreInteractions();
|
||||
then(namespaceServiceMock).should().getPrefixes(NODE_REF.getNamespaceURI());
|
||||
then(namespaceServiceMock).shouldHaveNoMoreInteractions();
|
||||
then(nodesMock).should().validateNode(NODE_ID);
|
||||
then(nodesMock).shouldHaveNoMoreInteractions();
|
||||
then(permissionServiceMock).should().hasReadPermission(nodeRef);
|
||||
then(permissionServiceMock).should().hasPermission(nodeRef, PermissionService.WRITE);
|
||||
then(permissionServiceMock).shouldHaveNoMoreInteractions();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testNoValidationExecutedForNonNodeRefParam()
|
||||
{
|
||||
final Action action = new Action();
|
||||
action.setActionDefinitionId(COPY_ACTION);
|
||||
final String dummyParam = "dummyParam";
|
||||
action.setParams(Map.of(dummyParam, "dummyValue"));
|
||||
ActionDefinition.ParameterDefinition parameterDef =
|
||||
new ActionDefinition.ParameterDefinition(dummyParam, TEXT.toPrefixString(), false, true, null, null);
|
||||
final ActionDefinition actionDefinition =
|
||||
new ActionDefinition(COPY_ACTION, COPY_ACTION, null, null, null, false, false,
|
||||
List.of(parameterDef));
|
||||
given(actionsMock.getRuleActionDefinitionById(COPY_ACTION)).willReturn(actionDefinition);
|
||||
given(namespaceServiceMock.getPrefixes(NODE_REF.getNamespaceURI())).willReturn(List.of(DEFAULT_PREFIX));
|
||||
|
||||
//when
|
||||
objectUnderTest.validate(action);
|
||||
|
||||
then(actionsMock).should().getRuleActionDefinitionById(COPY_ACTION);
|
||||
then(actionsMock).shouldHaveNoMoreInteractions();
|
||||
then(namespaceServiceMock).should().getPrefixes(NODE_REF.getNamespaceURI());
|
||||
then(namespaceServiceMock).shouldHaveNoMoreInteractions();
|
||||
then(nodesMock).shouldHaveNoInteractions();
|
||||
then(permissionServiceMock).shouldHaveNoInteractions();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testWrongTypeOfNodeWhenFolderExpected()
|
||||
{
|
||||
final Action action = new Action();
|
||||
action.setActionDefinitionId(COPY_ACTION);
|
||||
action.setParams(Map.of(DESTINATION_FOLDER_PARAM, NODE_ID));
|
||||
ActionDefinition.ParameterDefinition parameterDef =
|
||||
new ActionDefinition.ParameterDefinition(DESTINATION_FOLDER_PARAM, NODE_REF.toPrefixString(), false, true, null, null);
|
||||
final ActionDefinition actionDefinition =
|
||||
new ActionDefinition(COPY_ACTION, COPY_ACTION, null, null, null, false, false,
|
||||
List.of(parameterDef));
|
||||
given(actionsMock.getRuleActionDefinitionById(COPY_ACTION)).willReturn(actionDefinition);
|
||||
given(namespaceServiceMock.getPrefixes(NODE_REF.getNamespaceURI())).willReturn(List.of(DEFAULT_PREFIX));
|
||||
final NodeRef nodeRef = new NodeRef(STORE_REF_WORKSPACE_SPACESSTORE, NODE_ID);
|
||||
given(nodesMock.validateNode(NODE_ID)).willReturn(nodeRef);
|
||||
given(permissionServiceMock.hasReadPermission(nodeRef)).willReturn(AccessStatus.ALLOWED);
|
||||
given(permissionServiceMock.hasPermission(nodeRef, PermissionService.WRITE)).willReturn(AccessStatus.ALLOWED);
|
||||
given(nodesMock.nodeMatches(nodeRef, Set.of(TYPE_FOLDER), Collections.emptySet())).willReturn(false);
|
||||
|
||||
//when
|
||||
assertThatExceptionOfType(InvalidArgumentException.class).isThrownBy(() -> objectUnderTest.validate(action))
|
||||
.withMessageContaining(NOT_A_FOLDER + NODE_ID);
|
||||
|
||||
then(actionsMock).should().getRuleActionDefinitionById(COPY_ACTION);
|
||||
then(actionsMock).shouldHaveNoMoreInteractions();
|
||||
then(namespaceServiceMock).should().getPrefixes(NODE_REF.getNamespaceURI());
|
||||
then(namespaceServiceMock).shouldHaveNoMoreInteractions();
|
||||
then(nodesMock).should().validateNode(NODE_ID);
|
||||
then(nodesMock).should().nodeMatches(nodeRef, Set.of(TYPE_FOLDER), Collections.emptySet());
|
||||
then(nodesMock).shouldHaveNoMoreInteractions();
|
||||
then(permissionServiceMock).should().hasReadPermission(nodeRef);
|
||||
then(permissionServiceMock).should().hasPermission(nodeRef, PermissionService.WRITE);
|
||||
then(permissionServiceMock).shouldHaveNoMoreInteractions();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testWrongTypeOfNodeWhenCategoryExpected()
|
||||
{
|
||||
final Action action = new Action();
|
||||
action.setActionDefinitionId(READ_RIGHTS_REQUIRED_DEFINITION_ID);
|
||||
action.setParams(Map.of(CATEGORY_NODE_REF_PARAM, NODE_ID));
|
||||
ActionDefinition.ParameterDefinition parameterDef =
|
||||
new ActionDefinition.ParameterDefinition(CATEGORY_NODE_REF_PARAM, NODE_REF.toPrefixString(), false, true, null, null);
|
||||
final ActionDefinition actionDefinition =
|
||||
new ActionDefinition(READ_RIGHTS_REQUIRED_DEFINITION_ID, READ_RIGHTS_REQUIRED_DEFINITION_ID, null, null, null, false, false,
|
||||
List.of(parameterDef));
|
||||
given(actionsMock.getRuleActionDefinitionById(READ_RIGHTS_REQUIRED_DEFINITION_ID)).willReturn(actionDefinition);
|
||||
given(namespaceServiceMock.getPrefixes(NODE_REF.getNamespaceURI())).willReturn(List.of(DEFAULT_PREFIX));
|
||||
final NodeRef nodeRef = new NodeRef(STORE_REF_WORKSPACE_SPACESSTORE, NODE_ID);
|
||||
given(nodesMock.validateNode(NODE_ID)).willReturn(nodeRef);
|
||||
given(permissionServiceMock.hasReadPermission(nodeRef)).willReturn(AccessStatus.ALLOWED);
|
||||
given(nodesMock.nodeMatches(nodeRef, Set.of(TYPE_CATEGORY), Collections.emptySet())).willReturn(false);
|
||||
|
||||
//when
|
||||
assertThatExceptionOfType(InvalidArgumentException.class).isThrownBy(() -> objectUnderTest.validate(action))
|
||||
.withMessageContaining(NOT_A_CATEGORY + NODE_ID);
|
||||
|
||||
then(actionsMock).should().getRuleActionDefinitionById(READ_RIGHTS_REQUIRED_DEFINITION_ID);
|
||||
then(actionsMock).shouldHaveNoMoreInteractions();
|
||||
then(namespaceServiceMock).should().getPrefixes(NODE_REF.getNamespaceURI());
|
||||
then(namespaceServiceMock).shouldHaveNoMoreInteractions();
|
||||
then(nodesMock).should().validateNode(NODE_ID);
|
||||
then(nodesMock).should().nodeMatches(nodeRef, Set.of(TYPE_CATEGORY), Collections.emptySet());
|
||||
then(nodesMock).shouldHaveNoMoreInteractions();
|
||||
then(permissionServiceMock).should().hasReadPermission(nodeRef);
|
||||
then(permissionServiceMock).shouldHaveNoMoreInteractions();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testGetDefinitionIds()
|
||||
{
|
||||
final List<String> expectedIds =
|
||||
List.of(CopyActionExecuter.NAME, MoveActionExecuter.NAME, CheckOutActionExecuter.NAME, ImporterActionExecuter.NAME,
|
||||
LinkCategoryActionExecuter.NAME, SimpleWorkflowActionExecuter.NAME, TransformActionExecuter.NAME,
|
||||
ImageTransformActionExecuter.NAME);
|
||||
final List<String> actualIds = objectUnderTest.getActionDefinitionIds();
|
||||
|
||||
assertEquals(expectedIds, actualIds);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testHasProperPriority()
|
||||
{
|
||||
final int expectedPriority = Integer.MIN_VALUE + 1;
|
||||
final int actualPriority = objectUnderTest.getPriority();
|
||||
|
||||
assertEquals(expectedPriority, actualPriority);
|
||||
}
|
||||
}
|
||||
@@ -26,12 +26,16 @@
|
||||
|
||||
package org.alfresco.rest.api.impl.validator.actions;
|
||||
|
||||
import static org.alfresco.rest.api.impl.validator.actions.ActionParameterDefinitionValidator.EMPTY_ACTION_DEFINITION;
|
||||
import static org.alfresco.rest.api.impl.validator.actions.ActionParameterDefinitionValidator.INVALID_ACTION_DEFINITION;
|
||||
import static org.alfresco.rest.api.impl.validator.actions.ActionParameterDefinitionValidator.MISSING_PARAMETER;
|
||||
import static org.alfresco.rest.api.impl.validator.actions.ActionParameterDefinitionValidator.MUST_NOT_CONTAIN_PARAMETER;
|
||||
import static org.alfresco.rest.api.impl.validator.actions.ActionParameterDefinitionValidator.PARAMS_SHOULD_NOT_BE_EMPTY;
|
||||
import static org.alfresco.service.cmr.dictionary.DataTypeDefinition.BOOLEAN;
|
||||
import static org.alfresco.service.cmr.dictionary.DataTypeDefinition.TEXT;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
import static org.mockito.BDDMockito.then;
|
||||
|
||||
import java.util.Collections;
|
||||
@@ -42,11 +46,12 @@ import java.util.Map;
|
||||
import org.alfresco.rest.api.Actions;
|
||||
import org.alfresco.rest.api.model.ActionDefinition;
|
||||
import org.alfresco.rest.api.model.rules.Action;
|
||||
import org.alfresco.rest.framework.core.exceptions.InvalidArgumentException;
|
||||
import org.alfresco.rest.framework.core.exceptions.NotFoundException;
|
||||
import org.alfresco.service.Experimental;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.mockito.BDDMockito;
|
||||
import org.mockito.InjectMocks;
|
||||
import org.mockito.Mock;
|
||||
import org.mockito.junit.MockitoJUnitRunner;
|
||||
@@ -74,12 +79,12 @@ public class ActionParameterDefinitionValidatorTest
|
||||
final List<ActionDefinition.ParameterDefinition> parameterDefinitions =
|
||||
List.of(createParameterDefinition(MANDATORY_PARAM_KEY, TEXT, true, null));
|
||||
final ActionDefinition actionDefinition = createActionDefinition(actionDefinitionId, parameterDefinitions);
|
||||
BDDMockito.given(actionsMock.getActionDefinitionById(actionDefinitionId)).willReturn(actionDefinition);
|
||||
given(actionsMock.getRuleActionDefinitionById(actionDefinitionId)).willReturn(actionDefinition);
|
||||
|
||||
//when
|
||||
objectUnderTest.validate(action);
|
||||
|
||||
then(actionsMock).should().getActionDefinitionById(actionDefinitionId);
|
||||
then(actionsMock).should().getRuleActionDefinitionById(actionDefinitionId);
|
||||
then(actionsMock).shouldHaveNoMoreInteractions();
|
||||
}
|
||||
|
||||
@@ -90,17 +95,34 @@ public class ActionParameterDefinitionValidatorTest
|
||||
final String actionDefinitionId = "properActionDefinition";
|
||||
action.setActionDefinitionId(actionDefinitionId);
|
||||
final ActionDefinition actionDefinition = createActionDefinition(actionDefinitionId, null);
|
||||
BDDMockito.given(actionsMock.getActionDefinitionById(actionDefinitionId)).willReturn(actionDefinition);
|
||||
given(actionsMock.getRuleActionDefinitionById(actionDefinitionId)).willReturn(actionDefinition);
|
||||
|
||||
//when
|
||||
objectUnderTest.validate(action);
|
||||
|
||||
then(actionsMock).should().getActionDefinitionById(actionDefinitionId);
|
||||
then(actionsMock).should().getRuleActionDefinitionById(actionDefinitionId);
|
||||
then(actionsMock).shouldHaveNoMoreInteractions();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testValidationPassesWhenNoMandatoryParameters()
|
||||
public void testValidationPassesWhenNoMandatoryParametersNeeded()
|
||||
{
|
||||
final Action action = new Action();
|
||||
final String actionDefinitionId = "properActionDefinition";
|
||||
action.setActionDefinitionId(actionDefinitionId);
|
||||
final ActionDefinition actionDefinition =
|
||||
createActionDefinition(actionDefinitionId, List.of(createParameterDefinition(NON_MANDATORY_PARAM_KEY, TEXT, false, null)));
|
||||
given(actionsMock.getRuleActionDefinitionById(actionDefinitionId)).willReturn(actionDefinition);
|
||||
|
||||
//when
|
||||
objectUnderTest.validate(action);
|
||||
|
||||
then(actionsMock).should().getRuleActionDefinitionById(actionDefinitionId);
|
||||
then(actionsMock).shouldHaveNoMoreInteractions();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testValidationPassesWhenOptionalParametersNotProvided()
|
||||
{
|
||||
final Action action = new Action();
|
||||
final String actionDefinitionId = "properActionDefinition";
|
||||
@@ -110,12 +132,12 @@ public class ActionParameterDefinitionValidatorTest
|
||||
List.of(createParameterDefinition(MANDATORY_PARAM_KEY, TEXT, true, null),
|
||||
createParameterDefinition(NON_MANDATORY_PARAM_KEY, BOOLEAN, false, null));
|
||||
final ActionDefinition actionDefinition = createActionDefinition(actionDefinitionId, parameterDefinitions);
|
||||
BDDMockito.given(actionsMock.getActionDefinitionById(actionDefinitionId)).willReturn(actionDefinition);
|
||||
given(actionsMock.getRuleActionDefinitionById(actionDefinitionId)).willReturn(actionDefinition);
|
||||
|
||||
//when
|
||||
objectUnderTest.validate(action);
|
||||
|
||||
then(actionsMock).should().getActionDefinitionById(actionDefinitionId);
|
||||
then(actionsMock).should().getRuleActionDefinitionById(actionDefinitionId);
|
||||
then(actionsMock).shouldHaveNoMoreInteractions();
|
||||
}
|
||||
|
||||
@@ -129,13 +151,13 @@ public class ActionParameterDefinitionValidatorTest
|
||||
final List<ActionDefinition.ParameterDefinition> parameterDefinitions =
|
||||
List.of(createParameterDefinition(MANDATORY_PARAM_KEY, TEXT, true, null));
|
||||
final ActionDefinition actionDefinition = createActionDefinition(actionDefinitionId, parameterDefinitions);
|
||||
BDDMockito.given(actionsMock.getActionDefinitionById(actionDefinitionId)).willReturn(actionDefinition);
|
||||
given(actionsMock.getRuleActionDefinitionById(actionDefinitionId)).willReturn(actionDefinition);
|
||||
|
||||
//when
|
||||
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> objectUnderTest.validate(action))
|
||||
assertThatExceptionOfType(InvalidArgumentException.class).isThrownBy(() -> objectUnderTest.validate(action))
|
||||
.withMessageContaining(String.format(MUST_NOT_CONTAIN_PARAMETER, actionDefinitionId, NON_MANDATORY_PARAM_KEY));
|
||||
|
||||
then(actionsMock).should().getActionDefinitionById(actionDefinitionId);
|
||||
then(actionsMock).should().getRuleActionDefinitionById(actionDefinitionId);
|
||||
then(actionsMock).shouldHaveNoMoreInteractions();
|
||||
}
|
||||
|
||||
@@ -148,13 +170,13 @@ public class ActionParameterDefinitionValidatorTest
|
||||
final List<ActionDefinition.ParameterDefinition> parameterDefinitions =
|
||||
List.of(createParameterDefinition(MANDATORY_PARAM_KEY, TEXT, true, null));
|
||||
final ActionDefinition actionDefinition = createActionDefinition(actionDefinitionId, parameterDefinitions);
|
||||
BDDMockito.given(actionsMock.getActionDefinitionById(actionDefinitionId)).willReturn(actionDefinition);
|
||||
given(actionsMock.getRuleActionDefinitionById(actionDefinitionId)).willReturn(actionDefinition);
|
||||
|
||||
//when
|
||||
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> objectUnderTest.validate(action))
|
||||
assertThatExceptionOfType(InvalidArgumentException.class).isThrownBy(() -> objectUnderTest.validate(action))
|
||||
.withMessageContaining(String.format(PARAMS_SHOULD_NOT_BE_EMPTY, actionDefinitionId));
|
||||
|
||||
then(actionsMock).should().getActionDefinitionById(actionDefinitionId);
|
||||
then(actionsMock).should().getRuleActionDefinitionById(actionDefinitionId);
|
||||
then(actionsMock).shouldHaveNoMoreInteractions();
|
||||
}
|
||||
|
||||
@@ -170,13 +192,13 @@ public class ActionParameterDefinitionValidatorTest
|
||||
final List<ActionDefinition.ParameterDefinition> parameterDefinitions =
|
||||
List.of(createParameterDefinition(MANDATORY_PARAM_KEY, TEXT, true, null));
|
||||
final ActionDefinition actionDefinition = createActionDefinition(actionDefinitionId, parameterDefinitions);
|
||||
BDDMockito.given(actionsMock.getActionDefinitionById(actionDefinitionId)).willReturn(actionDefinition);
|
||||
given(actionsMock.getRuleActionDefinitionById(actionDefinitionId)).willReturn(actionDefinition);
|
||||
|
||||
//when
|
||||
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> objectUnderTest.validate(action))
|
||||
assertThatExceptionOfType(InvalidArgumentException.class).isThrownBy(() -> objectUnderTest.validate(action))
|
||||
.withMessageContaining(String.format(MISSING_PARAMETER, MANDATORY_PARAM_KEY));
|
||||
|
||||
then(actionsMock).should().getActionDefinitionById(actionDefinitionId);
|
||||
then(actionsMock).should().getRuleActionDefinitionById(actionDefinitionId);
|
||||
then(actionsMock).shouldHaveNoMoreInteractions();
|
||||
}
|
||||
|
||||
@@ -191,16 +213,56 @@ public class ActionParameterDefinitionValidatorTest
|
||||
List.of(createParameterDefinition(MANDATORY_PARAM_KEY, TEXT, true, null),
|
||||
createParameterDefinition(NON_MANDATORY_PARAM_KEY, BOOLEAN, false, null));
|
||||
final ActionDefinition actionDefinition = createActionDefinition(actionDefinitionId, parameterDefinitions);
|
||||
BDDMockito.given(actionsMock.getActionDefinitionById(actionDefinitionId)).willReturn(actionDefinition);
|
||||
given(actionsMock.getRuleActionDefinitionById(actionDefinitionId)).willReturn(actionDefinition);
|
||||
|
||||
//when
|
||||
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(() -> objectUnderTest.validate(action))
|
||||
assertThatExceptionOfType(InvalidArgumentException.class).isThrownBy(() -> objectUnderTest.validate(action))
|
||||
.withMessageContaining(String.format(MISSING_PARAMETER, MANDATORY_PARAM_KEY));
|
||||
|
||||
then(actionsMock).should().getActionDefinitionById(actionDefinitionId);
|
||||
then(actionsMock).should().getRuleActionDefinitionById(actionDefinitionId);
|
||||
then(actionsMock).shouldHaveNoMoreInteractions();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testValidationFailsWhenActionWithNullActionDefinition()
|
||||
{
|
||||
final Action action = new Action();
|
||||
action.setActionDefinitionId(null);
|
||||
action.setParams(Map.of(MANDATORY_PARAM_KEY, "paramValue"));
|
||||
|
||||
//when
|
||||
assertThatExceptionOfType(InvalidArgumentException.class).isThrownBy(() -> objectUnderTest.validate(action))
|
||||
.withMessageContaining(EMPTY_ACTION_DEFINITION);
|
||||
|
||||
then(actionsMock).shouldHaveNoInteractions();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testValidationFailsWhenNotApplicableActionDefinition()
|
||||
{
|
||||
final Action action = new Action();
|
||||
final String actionDefinitionId = "notApplicableActionDefinition";
|
||||
action.setActionDefinitionId(actionDefinitionId);
|
||||
action.setParams(Map.of(MANDATORY_PARAM_KEY, "paramValue"));
|
||||
given(actionsMock.getRuleActionDefinitionById(actionDefinitionId)).willThrow(NotFoundException.class);
|
||||
|
||||
//when
|
||||
assertThatExceptionOfType(InvalidArgumentException.class).isThrownBy(() -> objectUnderTest.validate(action))
|
||||
.withMessageContaining(String.format(INVALID_ACTION_DEFINITION, actionDefinitionId));
|
||||
|
||||
then(actionsMock).should().getRuleActionDefinitionById(actionDefinitionId);
|
||||
then(actionsMock).shouldHaveNoMoreInteractions();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testHasProperPriority()
|
||||
{
|
||||
final int expectedPriority = Integer.MIN_VALUE;
|
||||
final int actualPriority = objectUnderTest.getPriority();
|
||||
|
||||
assertEquals(expectedPriority, actualPriority);
|
||||
}
|
||||
|
||||
private ActionDefinition createActionDefinition(final String actionDefinitionId,
|
||||
List<ActionDefinition.ParameterDefinition> parameterDefinitions)
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user