inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-14 17:58:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged 5.2.N (5.2.1) to HEAD (5.2)

Browse Source 
132475 cturlica: REPO-894: Disable Person
      - updated so we receive an error when trying to disable an admin authority


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@132669 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Alan Davis
2016-11-10 16:58:51 +00:00
parent bff13b6d68
commit 7cf3d8ed99
2 changed files with 27 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
source/java/org/alfresco/rest/api/impl/PeopleImpl.java
View File

@@ -453,8 +453,7 @@ public class PeopleImpl implements People
{ {
MutableAuthenticationService mutableAuthenticationService = (MutableAuthenticationService) authenticationService; MutableAuthenticationService mutableAuthenticationService = (MutableAuthenticationService) authenticationService;
boolean isAdmin = authorityService.hasAdminAuthority(); if (!isAdminAuthority())
if (!isAdmin)
{ {
throw new PermissionDeniedException(); throw new PermissionDeniedException();
} }
@@ -471,6 +470,11 @@ public class PeopleImpl implements People
if (person.isEnabled() != null) if (person.isEnabled() != null)
{ {
if (isAdminAuthority(personIdToUpdate))
{
throw new PermissionDeniedException("Admin authority cannot be disabled.");
}
mutableAuthenticationService.setAuthenticationEnabled(personIdToUpdate, person.isEnabled()); mutableAuthenticationService.setAuthenticationEnabled(personIdToUpdate, person.isEnabled());
} }
@@ -488,4 +492,14 @@ public class PeopleImpl implements People
return getPerson(personId); return getPerson(personId);
} }
private boolean isAdminAuthority()
{
return authorityService.hasAdminAuthority();
}
private boolean isAdminAuthority(String authorityName)
{
return authorityService.isAdminAuthority(authorityName);
}
} }

11
source/test-java/org/alfresco/rest/api/tests/TestPeople.java
View File

@@ -645,6 +645,17 @@ public class TestPeople extends EnterpriseTestApi
assertEquals(enabled, updatedPerson.isEnabled()); assertEquals(enabled, updatedPerson.isEnabled());
} }
@Test
public void testUpdatePersonDisableAdminNotAllowed() throws PublicApiException
{
publicApiClient.setRequestContext(new RequestContext(account3.getId(), account3Admin, "admin"));
Map<String, String> params = new HashMap<>();
params.put("fields", "enabled");
people.update("people", account3Admin, null, null, "{\n" + " \"enabled\": \"" + false + "\"\n" + "}", params, "Expected 403 response when updating " + account3Admin, 403);
}
@Test @Test
public void testUpdatePersonPasswordNonAdminNotAllowed() throws PublicApiException public void testUpdatePersonPasswordNonAdminNotAllowed() throws PublicApiException
{ {