diff --git a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/HoldsAPI.java b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/HoldsAPI.java index 113eb01cb5..da9949bd9e 100644 --- a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/HoldsAPI.java +++ b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/HoldsAPI.java @@ -81,18 +81,27 @@ public class HoldsAPI extends BaseAPI * @param holdName the hold name * @param reason hold reason * @param description hold description - * @return The HTTP response (or null if no POST call was needed). + * @return The HTTP response. */ - public HttpResponse createHold(String user, String password, - String holdName, String reason, String description) + public HttpResponse createHold(String user, String password, String holdName, String reason, String description) + { + return createHold(user, password, holdName, reason, description, SC_OK); + } + + /** + * Util method to create a hold + * + * @param user the user creating the hold + * @param password the user's password + * @param holdName the hold name + * @param reason hold reason + * @param description hold description + * @param expectedStatusCode The expected return status code. + * @return The HTTP response or throws AssertionError if the returned status code is not as expected. + */ + public HttpResponse createHold(String user, String password, String holdName, String reason, String description, + int expectedStatusCode) { - // if the hold already exists don't try to create it again - final String fullHoldPath = Utility.buildPath(getFilePlanPath(), HOLDS_CONTAINER) + holdName; - final CmisObject hold = getObjectByPath(user, password, fullHoldPath); - if (hold != null) - { - return null; - } // retrieve the Holds container nodeRef final String parentNodeRef = getItemNodeRef(user, password, "/" + HOLDS_CONTAINER); @@ -102,11 +111,7 @@ public class HoldsAPI extends BaseAPI requestParams.put("prop_cm_description", description); requestParams.put("prop_rma_holdReason", reason); - // Make the POST request and throw an assertion error if it fails. - final HttpResponse httpResponse = doPostJsonRequest(user, password, SC_OK, requestParams, CREATE_HOLDS_API); - assertNotNull("Expected object to have been created at " + fullHoldPath, - getObjectByPath(user, password, fullHoldPath)); - return httpResponse; + return doPostJsonRequest(user, password, expectedStatusCode, requestParams, CREATE_HOLDS_API); } /** @@ -179,7 +184,10 @@ public class HoldsAPI extends BaseAPI */ public HttpResponse addItemsToHolds(String user, String password, List itemNodeRefs, List holdNames) { - return addItemsToHolds(user, password, SC_OK, itemNodeRefs, holdNames); + final List holdNodeRefs = holdNames.stream() + .map(hold -> getItemNodeRef(user, password, String.format("/%s/%s", HOLDS_CONTAINER, hold))) + .collect(Collectors.toList()); + return addItemsToHolds(user, password, SC_OK, itemNodeRefs, holdNodeRefs); } /** @@ -188,13 +196,13 @@ public class HoldsAPI extends BaseAPI * @param user the user who adds the items to the holds * @param password the user's password * @param itemNodeRefs the list of items nodeRefs to be added to holds - * @param holdNames the list of holds + * @param holdNodeRefs the list of holds * @return The HTTP response */ public HttpResponse addItemsToHolds(String user, String password, int expectedStatus, List itemNodeRefs, - List holdNames) + List holdNodeRefs) { - final JSONObject requestParams = addOrRemoveToFromHoldJsonObject(user, password, itemNodeRefs, holdNames); + final JSONObject requestParams = addOrRemoveToFromHoldJsonObject(itemNodeRefs, holdNodeRefs); return doPostJsonRequest(user, password, expectedStatus, requestParams, RM_HOLDS_API); } @@ -204,35 +212,30 @@ public class HoldsAPI extends BaseAPI * @param user the user who adds the item to the hold * @param password the user's password * @param itemNodeRef the nodeRef of the item to be added to hold - * @param holdName the hold name + * @param holdNodeRef the hold node ref * @return The error message */ public String addToHoldAndGetMessage(String user, String password, int expectedStatus, String itemNodeRef, String - holdName) + holdNodeRef) { final HttpResponse httpResponse = addItemsToHolds(user, password, expectedStatus, Collections.singletonList(itemNodeRef), - Collections.singletonList(holdName)); + Collections.singletonList(holdNodeRef)); return APIUtils.extractErrorMessageFromHttpResponse(httpResponse); } /** * Util method to create the request body used when adding items to holds or when removing items from holds * - * @param user user to create the request body for add/remove an item to/from hold - * @param password the user's password - * @param items list of items node refs to be added to holds - * @param holdNames list of hold names for add/remove items + * @param items list of items node refs to be added to holds + * @param holdNodeRefs list of hold node refs for add/remove items * @return JSONObject fo */ - private JSONObject addOrRemoveToFromHoldJsonObject(String user, String password, List items, List holdNames) + private JSONObject addOrRemoveToFromHoldJsonObject(List items, List holdNodeRefs) { final JSONArray nodeRefs = new JSONArray(); items.forEach(itemNodeRef -> nodeRefs.put(getNodeRefSpacesStore() + itemNodeRef)); - final List holdNodeRefs = holdNames.stream().map(hold -> - getNodeRefSpacesStore() + getItemNodeRef(user, password, String.format("/%s/%s", HOLDS_CONTAINER, hold))) - .collect(Collectors.toList()); final JSONArray holds = new JSONArray(); - holdNodeRefs.forEach(holds::put); + holdNodeRefs.forEach(holdNodeRef -> holds.put(getNodeRefSpacesStore() + holdNodeRef)); final JSONObject requestParams = new JSONObject(); requestParams.put("nodeRefs", nodeRefs); requestParams.put("holds", holds); @@ -264,7 +267,10 @@ public class HoldsAPI extends BaseAPI */ public HttpResponse removeItemsFromHolds(String user, String password, List itemNodeRefs, List holdNames) { - return removeItemsFromHolds(user, password, SC_OK, itemNodeRefs, holdNames); + final List holdNodeRefs = holdNames.stream() + .map(hold -> getItemNodeRef(user, password, String.format("/%s/%s", HOLDS_CONTAINER, hold))) + .collect(Collectors.toList()); + return removeItemsFromHolds(user, password, SC_OK, itemNodeRefs, holdNodeRefs); } /** @@ -274,13 +280,13 @@ public class HoldsAPI extends BaseAPI * @param password the user's password * @param expectedStatus https status code expected * @param itemNodeRefs the list of items nodeRefs to be removed from hold - * @param holdNames the list of hold names + * @param holdNodeRefs the list of hold node refs * @return The HTTP response */ public HttpResponse removeItemsFromHolds(String user, String password, int expectedStatus, List itemNodeRefs, - List holdNames) + List holdNodeRefs) { - final JSONObject requestParams = addOrRemoveToFromHoldJsonObject(user, password, itemNodeRefs, holdNames); + final JSONObject requestParams = addOrRemoveToFromHoldJsonObject(itemNodeRefs, holdNodeRefs); return doPutJsonRequest(user, password, expectedStatus, requestParams, RM_HOLDS_API); } @@ -290,14 +296,14 @@ public class HoldsAPI extends BaseAPI * @param user the user who removes the item from hold * @param password the user's password * @param itemNodeRef the nodeRef of the item to be removed from hold - * @param holdName the hold name + * @param holdNodeRef the hold node ref * @return The error message */ public String removeFromHoldAndGetMessage(String user, String password, int expectedStatus, String itemNodeRef, String - holdName) + holdNodeRef) { final HttpResponse httpResponse = removeItemsFromHolds(user, password, expectedStatus, Collections.singletonList(itemNodeRef), - Collections.singletonList(holdName)); + Collections.singletonList(holdNodeRef)); return APIUtils.extractErrorMessageFromHttpResponse(httpResponse); } diff --git a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/service/RMAuditService.java b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/service/RMAuditService.java new file mode 100644 index 0000000000..31a5e5a3a4 --- /dev/null +++ b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/service/RMAuditService.java @@ -0,0 +1,104 @@ +/* + * #%L + * Alfresco Records Management Module + * %% + * Copyright (C) 2005 - 2019 Alfresco Software Limited + * %% + * This file is part of the Alfresco software. + * - + * If the software was purchased under a paid Alfresco license, the terms of + * the paid license agreement will prevail. Otherwise, the software is + * provided under the following open source license terms: + * - + * Alfresco is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * - + * Alfresco is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * - + * You should have received a copy of the GNU Lesser General Public License + * along with Alfresco. If not, see . + * #L% + */ +package org.alfresco.rest.v0.service; + +import static org.alfresco.utility.report.log.Step.STEP; +import static org.testng.AssertJUnit.assertTrue; + +import java.time.Instant; +import java.util.List; + +import org.alfresco.rest.rm.community.model.audit.AuditEntry; +import org.alfresco.rest.rm.community.model.audit.AuditEvents; +import org.alfresco.rest.v0.RMAuditAPI; +import org.alfresco.utility.data.DataUser; +import org.alfresco.utility.model.UserModel; +import org.apache.commons.collections4.CollectionUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +/** + * Produces processed results from RM Audit REST API calls + * + * @author Claudia Agache + * @since 3.3 + */ +@Service +public class RMAuditService +{ + @Autowired + private RMAuditAPI rmAuditAPI; + + @Autowired + private DataUser dataUser; + + /** + * Clear the list of audit entries as admin user. + */ + public void clearAuditLog() + { + STEP("Clean audit logs."); + rmAuditAPI.clearAuditLog(dataUser.getAdminUser().getUsername(), dataUser.getAdminUser().getPassword()); + } + + /** + * Returns a list of rm audit entries filtered by given event + * + * @param user the user who requests the list of rm audit entries + * @param auditEvent the event + * @return the list of audit entries matching the event + */ + public List getAuditEntriesFilteredByEvent(UserModel user, AuditEvents auditEvent) + { + STEP("Get the list of audit entries for the " + auditEvent.eventDisplayName + " event."); + return rmAuditAPI.getRMAuditLog(user.getUsername(), user.getPassword(), 100, auditEvent.event); + } + + /** + * Checks the rm audit log contains the entry for the given event. + * + * @param user the user who checks the audit log + * @param auditEvent the audited event + * @param auditUser the user who did the audited event + * @param nodeName the audited node name if exists or empty string + * @param changedValues the values changed by event if exist or empty list + */ + public void checkAuditLogForEvent(UserModel user, AuditEvents auditEvent, UserModel auditUser, + String nodeName, List changedValues) + { + final Instant eventTimestamp = Instant.now(); + List auditEntries = getAuditEntriesFilteredByEvent(user, auditEvent); + assertTrue("The list of events is not filtered by " + auditEvent.event, + auditEntries.stream().allMatch(auditEntry -> auditEntry.getEvent().equals(auditEvent.eventDisplayName))); + assertTrue("The event details are not audited", + auditEntries.stream().anyMatch(auditEntry -> auditEntry.getNodeName().equals(nodeName) && + auditEntry.getUserName().equals(auditUser.getUsername()) && + CollectionUtils.isEqualCollection(auditEntry.getChangedValues(), changedValues) && + !auditEntry.getTimestamp().isEmpty() && + Instant.parse(auditEntry.getTimestamp()).compareTo(eventTimestamp) <= 0)); + } +} diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java index 4385381532..6bebd31ddb 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java @@ -4,9 +4,24 @@ * %% * Copyright (C) 2005 - 2019 Alfresco Software Limited * %% - * License rights for this program may be obtained from Alfresco Software, Ltd. - * pursuant to a written agreement and any use of this program without such an - * agreement is prohibited. + * This file is part of the Alfresco software. + * - + * If the software was purchased under a paid Alfresco license, the terms of + * the paid license agreement will prevail. Otherwise, the software is + * provided under the following open source license terms: + * - + * Alfresco is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * - + * Alfresco is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * - + * You should have received a copy of the GNU Lesser General Public License + * along with Alfresco. If not, see . * #L% */ package org.alfresco.rest.rm.community.audit; @@ -19,10 +34,9 @@ import static org.alfresco.rest.rm.community.model.audit.AuditEvents.ADD_TO_HOLD import static org.alfresco.rest.rm.community.util.CommonTestUtils.generateTestPrefix; import static org.alfresco.utility.data.RandomData.getRandomName; import static org.alfresco.utility.report.log.Step.STEP; +import static org.apache.commons.httpclient.HttpStatus.SC_INTERNAL_SERVER_ERROR; import static org.testng.AssertJUnit.assertEquals; -import static org.testng.AssertJUnit.assertFalse; import static org.testng.AssertJUnit.assertTrue; -import static org.testng.AssertJUnit.fail; import java.util.Collections; import java.util.List; @@ -36,7 +50,7 @@ import org.alfresco.rest.rm.community.model.recordcategory.RecordCategoryChild; import org.alfresco.rest.rm.community.model.user.UserPermissions; import org.alfresco.rest.rm.community.model.user.UserRoles; import org.alfresco.rest.v0.HoldsAPI; -import org.alfresco.rest.v0.RMAuditAPI; +import org.alfresco.rest.v0.service.RMAuditService; import org.alfresco.rest.v0.service.RoleService; import org.alfresco.test.AlfrescoTest; import org.alfresco.utility.constants.UserRole; @@ -63,7 +77,7 @@ public class AuditAddToHoldTests extends BaseRMRestTest private final String HOLD2 = PREFIX + "hold2"; @Autowired - private RMAuditAPI rmAuditAPI; + private RMAuditService rmAuditService; @Autowired private HoldsAPI holdsAPI; @Autowired @@ -75,13 +89,13 @@ public class AuditAddToHoldTests extends BaseRMRestTest private RecordCategoryChild recordFolder; private List auditEntries; private List holdsList = asList(HOLD1, HOLD2); - private AuditEntry auditEntry; + private String hold1NodeRef; @BeforeClass (alwaysRun = true) public void preconditionForAuditAddToHoldTests() throws Exception { STEP("Create 2 holds."); - String hold1NodeRef = holdsAPI.createHoldAndGetNodeRef(getAdminUser().getUsername(), + hold1NodeRef = holdsAPI.createHoldAndGetNodeRef(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD1, HOLD_REASON, HOLD_DESCRIPTION); holdsAPI.createHold(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD2, HOLD_REASON, HOLD_DESCRIPTION); @@ -154,27 +168,14 @@ public class AuditAddToHoldTests extends BaseRMRestTest @Test (dataProvider = "validNodesForAddToHold") public void addToHoldEventIsAudited(String nodeId, String nodeName) { - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Add node to hold."); holdsAPI.addItemToHold(rmAdmin.getUsername(), rmAdmin.getPassword(), nodeId, HOLD1); - STEP("Get the list of audit entries for the add to hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - ADD_TO_HOLD.event); - - STEP("Check the audit log contains the entry for the add to hold."); - assertFalse("The list of events should contain Add To Hold entry ", auditEntries.isEmpty()); - auditEntry = auditEntries.get(0); - assertTrue("The list of events is not filtered by Add To Hold", - auditEntry.getEvent().equals(ADD_TO_HOLD.eventDisplayName)); - assertTrue("The hold name value for the add to hold is not audited.", - auditEntry.getNodeName().equals(HOLD1)); - assertTrue("The user who added the node to the hold is not audited.", - auditEntry.getUserName().equals(rmAdmin.getUsername())); - assertFalse("The date when the add to hold occurred is not audited.", auditEntry.getTimestamp().isEmpty()); - //TODO check content name + STEP("Check the audit log contains the entry for the add to hold event."); + rmAuditService.checkAuditLogForEvent(getAdminUser(), ADD_TO_HOLD, rmAdmin, HOLD1, Collections.emptyList()); + //TODO replace changed values } /** @@ -188,25 +189,16 @@ public class AuditAddToHoldTests extends BaseRMRestTest STEP("Create a new record"); Record recordToBeAdded = createElectronicRecord(recordFolder.getId(), PREFIX + "record"); - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Try to add the record to a hold by an user with no rights."); - try - { - holdsAPI.addItemToHold(rmManagerNoRightsOnHold.getUsername(), rmManagerNoRightsOnHold.getPassword(), - recordToBeAdded.getId(), HOLD1); - fail("Add to hold action was successful."); - } - catch (Exception e) - { - STEP("Get the list of audit entries for the add to hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - ADD_TO_HOLD.event); + holdsAPI.addItemsToHolds(rmManagerNoRightsOnHold.getUsername(), rmManagerNoRightsOnHold.getPassword(), + SC_INTERNAL_SERVER_ERROR, Collections.singletonList(recordToBeAdded.getId()), + Collections.singletonList(hold1NodeRef)); - STEP("Check the audit log doesn't contain the entry for the unsuccessful add to hold."); - assertTrue("The list of events should not contain Add to Hold entry ", auditEntries.isEmpty()); - } + STEP("Check the audit log doesn't contain the entry for the unsuccessful add to hold."); + assertTrue("The list of events should not contain Add to Hold entry ", + rmAuditService.getAuditEntriesFilteredByEvent(getAdminUser(), ADD_TO_HOLD).isEmpty()); } /** @@ -221,15 +213,12 @@ public class AuditAddToHoldTests extends BaseRMRestTest RecordCategoryChild notEmptyRecFolder = createRecordFolder(recordCategory.getId(), PREFIX + "notEmptyRecFolder"); createElectronicRecord(notEmptyRecFolder.getId(), PREFIX + "record"); - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Add record folder to hold."); holdsAPI.addItemToHold(rmAdmin.getUsername(), rmAdmin.getPassword(), notEmptyRecFolder.getId(), HOLD1); - STEP("Get the list of audit entries for the add to hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - ADD_TO_HOLD.event); + auditEntries = rmAuditService.getAuditEntriesFilteredByEvent(getAdminUser(), ADD_TO_HOLD); STEP("Check the audit log contains only an entry for add to hold."); assertEquals("The list of events should not contain Add to Hold entry for the record", 1, auditEntries.size()); @@ -247,16 +236,13 @@ public class AuditAddToHoldTests extends BaseRMRestTest STEP("Create a new record"); Record recordToBeAdded = createElectronicRecord(recordFolder.getId(), PREFIX + "record"); - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Add record to multiple holds."); holdsAPI.addItemsToHolds(rmAdmin.getUsername(), rmAdmin.getPassword(), Collections.singletonList(recordToBeAdded.getId()), holdsList); - STEP("Get the list of audit entries for the add to hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - ADD_TO_HOLD.event); + auditEntries = rmAuditService.getAuditEntriesFilteredByEvent(getAdminUser(), ADD_TO_HOLD); STEP("Check the audit log contains entries for both additions."); assertEquals("The list of events should contain Add to Hold entries for both holds", 2, auditEntries.size()); @@ -277,18 +263,14 @@ public class AuditAddToHoldTests extends BaseRMRestTest STEP("Create a new file"); FileModel contentToBeAdded = dataContent.usingAdmin().usingSite(privateSite) .createContent(CMISUtil.DocumentType.TEXT_PLAIN); - - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Add file to hold."); holdsAPI.addItemToHold(rmAdmin.getUsername(), rmAdmin.getPassword(), contentToBeAdded.getNodeRefWithoutVersion(), HOLD1); - STEP("Get the list of audit entries for the add to hold event as an user with no Read permissions."); - auditEntries = rmAuditAPI.getRMAuditLog(user.getUsername(), user.getPassword(), 100, ADD_TO_HOLD.event); - - STEP("Check the audit log doesn't contain the entry for the add to hold event."); - assertTrue("The list of events should not contain Add to Hold entry ", auditEntries.isEmpty()); + STEP("Check that an user with no Read permissions can't see the entry for the add to hold event."); + assertTrue("The list of events should not contain Add to Hold entry ", + rmAuditService.getAuditEntriesFilteredByEvent(user, ADD_TO_HOLD).isEmpty()); } @AfterClass (alwaysRun = true) diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditCreateHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditCreateHoldTests.java index f94f746036..6789ff11ba 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditCreateHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditCreateHoldTests.java @@ -4,9 +4,24 @@ * %% * Copyright (C) 2005 - 2019 Alfresco Software Limited * %% - * License rights for this program may be obtained from Alfresco Software, Ltd. - * pursuant to a written agreement and any use of this program without such an - * agreement is prohibited. + * This file is part of the Alfresco software. + * - + * If the software was purchased under a paid Alfresco license, the terms of + * the paid license agreement will prevail. Otherwise, the software is + * provided under the following open source license terms: + * - + * Alfresco is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * - + * Alfresco is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * - + * You should have received a copy of the GNU Lesser General Public License + * along with Alfresco. If not, see . * #L% */ package org.alfresco.rest.rm.community.audit; @@ -18,8 +33,8 @@ import static org.alfresco.rest.rm.community.base.TestData.HOLD_REASON; import static org.alfresco.rest.rm.community.model.audit.AuditEvents.CREATE_HOLD; import static org.alfresco.rest.rm.community.util.CommonTestUtils.generateTestPrefix; import static org.alfresco.utility.report.log.Step.STEP; +import static org.apache.commons.httpclient.HttpStatus.SC_INTERNAL_SERVER_ERROR; import static org.testng.AssertJUnit.assertEquals; -import static org.testng.AssertJUnit.assertFalse; import static org.testng.AssertJUnit.assertTrue; import java.util.List; @@ -30,7 +45,7 @@ import org.alfresco.rest.rm.community.base.BaseRMRestTest; import org.alfresco.rest.rm.community.model.audit.AuditEntry; import org.alfresco.rest.rm.community.model.user.UserRoles; import org.alfresco.rest.v0.HoldsAPI; -import org.alfresco.rest.v0.RMAuditAPI; +import org.alfresco.rest.v0.service.RMAuditService; import org.alfresco.rest.v0.service.RoleService; import org.alfresco.test.AlfrescoTest; import org.alfresco.utility.model.UserModel; @@ -54,14 +69,13 @@ public class AuditCreateHoldTests extends BaseRMRestTest private final String HOLD3 = PREFIX + "createHold3"; @Autowired - private RMAuditAPI rmAuditAPI; + private RMAuditService rmAuditService; @Autowired private HoldsAPI holdsAPI; @Autowired private RoleService roleService; private UserModel rmAdmin, rmManager; - private List auditEntries; @BeforeClass (alwaysRun = true) public void preconditionForAuditCreateHoldTests() @@ -83,28 +97,15 @@ public class AuditCreateHoldTests extends BaseRMRestTest @Test public void createHoldEventIsAuditedForNewHold() { - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Create a new hold."); holdsAPI.createHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD1, HOLD_REASON, HOLD_DESCRIPTION); - STEP("Get the list of audit entries for the create hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - CREATE_HOLD.event); - STEP("Check the audit log contains the entry for the created hold with the hold details."); - assertFalse("The list of events should contain Create Hold entry ", auditEntries.isEmpty()); - AuditEntry auditEntry = auditEntries.get(0); - assertTrue("The list of events is not filtered by Create Hold", - auditEntry.getEvent().equals(CREATE_HOLD.eventDisplayName)); - assertTrue("The hold name value for the hold created is not audited.", auditEntry.getNodeName().equals(HOLD1)); - assertTrue("The hold reason value for the hold created is not audited.", - auditEntry.getChangedValues().contains( - ImmutableMap.of("new", HOLD_REASON, "previous", "", "name", "Hold Reason"))); - assertTrue("The user who created the hold is not audited.", - auditEntry.getUserName().equals(rmAdmin.getUsername())); - assertFalse("The date when the hold creation occurred is not audited.", auditEntry.getTimestamp().isEmpty()); + rmAuditService.checkAuditLogForEvent(getAdminUser(), CREATE_HOLD, rmAdmin, HOLD1, + asList(ImmutableMap.of("new", HOLD_REASON, "previous", "", "name", "Hold Reason"), + ImmutableMap.of("new", HOLD1, "previous", "", "name", "Name"))); } /** @@ -118,18 +119,15 @@ public class AuditCreateHoldTests extends BaseRMRestTest STEP("Create a new hold."); holdsAPI.createHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2, HOLD_REASON, HOLD_DESCRIPTION); - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); - STEP("Try to create again the same hold."); - holdsAPI.createHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2, HOLD_REASON, HOLD_DESCRIPTION); - - STEP("Get the list of audit entries for the create hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - CREATE_HOLD.event); + STEP("Try to create again the same hold and expect action to fail."); + holdsAPI.createHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2, HOLD_REASON, HOLD_DESCRIPTION, + SC_INTERNAL_SERVER_ERROR); STEP("Check the audit log doesn't contain the entry for the second create hold event."); - assertTrue("The list of events should not contain Create Hold entry ", auditEntries.isEmpty()); + assertTrue("The list of events should not contain Create Hold entry ", + rmAuditService.getAuditEntriesFilteredByEvent(getAdminUser(), CREATE_HOLD).isEmpty()); } /** @@ -141,26 +139,22 @@ public class AuditCreateHoldTests extends BaseRMRestTest public void createHoldAuditEntryIsNotLost() { final String holdName = PREFIX + "holdToBeDeleted"; - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Create a new hold."); holdsAPI.createHold(rmAdmin.getUsername(), rmAdmin.getPassword(), holdName, HOLD_REASON, HOLD_DESCRIPTION); STEP("Get the list of audit entries for the create hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - CREATE_HOLD.event); + List auditEntries = rmAuditService.getAuditEntriesFilteredByEvent(getAdminUser(), CREATE_HOLD); STEP("Delete the created hold."); holdsAPI.deleteHold(rmAdmin.getUsername(), rmAdmin.getPassword(), holdName); STEP("Get again the list of audit entries for the create hold event."); - List auditEntriesAfterDelete = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), - getAdminUser().getPassword(), 100, CREATE_HOLD.event); + List auditEntriesAfterDelete = rmAuditService.getAuditEntriesFilteredByEvent(getAdminUser(), CREATE_HOLD); STEP("Check that the audit entry for the created hold didn't change after hold deletion."); - assertEquals("The list of events is not filtered by Create Hold", - auditEntries, auditEntriesAfterDelete); + assertEquals("The audit entry for Create Hold has been changed", auditEntries, auditEntriesAfterDelete); } /** @@ -171,18 +165,14 @@ public class AuditCreateHoldTests extends BaseRMRestTest @Test public void createHoldAuditEntryNotVisible() { - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Create a new hold."); holdsAPI.createHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD3, HOLD_REASON, HOLD_DESCRIPTION); - STEP("Get the list of audit entries for the create hold event as an user with no Read permissions over the hold."); - auditEntries = rmAuditAPI.getRMAuditLog(rmManager.getUsername(), rmManager.getPassword(), 100, - CREATE_HOLD.event); - - STEP("Check the audit log doesn't contain the entry for the create hold event."); - assertTrue("The list of events should not contain Create Hold entry ", auditEntries.isEmpty()); + STEP("Check that an user with no Read permissions over the hold can't see the entry for the create hold event"); + assertTrue("The list of events should not contain Create Hold entry ", + rmAuditService.getAuditEntriesFilteredByEvent(rmManager, CREATE_HOLD).isEmpty()); } @AfterClass (alwaysRun = true) diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java index 38744ae07e..94cec954f7 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java @@ -4,9 +4,24 @@ * %% * Copyright (C) 2005 - 2019 Alfresco Software Limited * %% - * License rights for this program may be obtained from Alfresco Software, Ltd. - * pursuant to a written agreement and any use of this program without such an - * agreement is prohibited. + * This file is part of the Alfresco software. + * - + * If the software was purchased under a paid Alfresco license, the terms of + * the paid license agreement will prevail. Otherwise, the software is + * provided under the following open source license terms: + * - + * Alfresco is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * - + * Alfresco is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * - + * You should have received a copy of the GNU Lesser General Public License + * along with Alfresco. If not, see . * #L% */ package org.alfresco.rest.rm.community.audit; @@ -17,18 +32,17 @@ import static org.alfresco.rest.rm.community.base.TestData.HOLD_DESCRIPTION; import static org.alfresco.rest.rm.community.base.TestData.HOLD_REASON; import static org.alfresco.rest.rm.community.model.audit.AuditEvents.DELETE_HOLD; import static org.alfresco.rest.rm.community.util.CommonTestUtils.generateTestPrefix; +import static org.alfresco.rest.rm.community.utils.CoreUtil.toContentModel; import static org.alfresco.utility.report.log.Step.STEP; -import static org.testng.AssertJUnit.assertFalse; +import static org.springframework.http.HttpStatus.FORBIDDEN; import static org.testng.AssertJUnit.assertTrue; -import static org.testng.AssertJUnit.fail; -import java.util.List; +import java.util.Collections; import org.alfresco.rest.rm.community.base.BaseRMRestTest; -import org.alfresco.rest.rm.community.model.audit.AuditEntry; import org.alfresco.rest.rm.community.model.user.UserRoles; import org.alfresco.rest.v0.HoldsAPI; -import org.alfresco.rest.v0.RMAuditAPI; +import org.alfresco.rest.v0.service.RMAuditService; import org.alfresco.rest.v0.service.RoleService; import org.alfresco.test.AlfrescoTest; import org.alfresco.utility.model.UserModel; @@ -51,20 +65,21 @@ public class AuditDeleteHoldTests extends BaseRMRestTest private final String HOLD2 = PREFIX + "deleteHold"; @Autowired - private RMAuditAPI rmAuditAPI; + private RMAuditService rmAuditService; @Autowired private HoldsAPI holdsAPI; @Autowired private RoleService roleService; private UserModel rmAdmin, rmManager; - private List auditEntries; + private String holdNodeRef; @BeforeClass (alwaysRun = true) public void preconditionForAuditDeleteHoldTests() { STEP("Create a new hold."); - holdsAPI.createHold(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD, HOLD_REASON, HOLD_DESCRIPTION); + holdNodeRef = holdsAPI.createHoldAndGetNodeRef(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD, + HOLD_REASON, HOLD_DESCRIPTION); STEP("Create 2 users with different permissions for the created hold."); rmAdmin = roleService.createUserWithRMRole(UserRoles.ROLE_RM_ADMIN.roleId); @@ -85,26 +100,13 @@ public class AuditDeleteHoldTests extends BaseRMRestTest STEP("Create a new hold."); holdsAPI.createHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2, HOLD_REASON, HOLD_DESCRIPTION); - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Delete the created hold."); holdsAPI.deleteHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2); - STEP("Get the list of audit entries for the delete hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - DELETE_HOLD.event); - STEP("Check the audit log contains the entry for the deleted hold with the hold details."); - assertFalse("The list of events should contain Delete Hold entry ", auditEntries.isEmpty()); - AuditEntry auditEntry = auditEntries.get(0); - assertTrue("The list of events is not filtered by Delete Hold", - auditEntry.getEvent().equals(DELETE_HOLD.eventDisplayName)); - assertTrue("The hold name value for the deleted hold is not audited.", - auditEntry.getNodeName().equals(HOLD2)); - assertTrue("The user who deleted the hold is not audited.", - auditEntry.getUserName().equals(rmAdmin.getUsername())); - assertFalse("The date when the hold deletion occurred is not audited.", auditEntry.getTimestamp().isEmpty()); + rmAuditService.checkAuditLogForEvent(getAdminUser(), DELETE_HOLD, rmAdmin, HOLD2, Collections.emptyList()); } /** @@ -113,26 +115,17 @@ public class AuditDeleteHoldTests extends BaseRMRestTest * Then the delete hold event isn't audited */ @Test - public void unsuccessfulDeleteHoldIsNotAudited() + public void unsuccessfulDeleteHoldIsNotAudited() throws Exception { - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Try to delete a hold by an user with no Read permissions over the hold."); - try - { - holdsAPI.deleteHold(rmManager.getUsername(), rmManager.getPassword(), HOLD); - fail("Delete hold action was successful."); - } - catch (Exception e) - { - STEP("Get the list of audit entries for the delete hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - DELETE_HOLD.event); + getRestAPIFactory().getNodeAPI(rmManager, toContentModel(holdNodeRef)).deleteNode(holdNodeRef); + assertStatusCode(FORBIDDEN); - STEP("Check the audit log doesn't contain the entry for the unsuccessful delete hold."); - assertTrue("The list of events should not contain Delete Hold entry ", auditEntries.isEmpty()); - } + STEP("Check the audit log doesn't contain the entry for the unsuccessful delete hold."); + assertTrue("The list of events should not contain Delete Hold entry ", + rmAuditService.getAuditEntriesFilteredByEvent(getAdminUser(), DELETE_HOLD).isEmpty()); } /** @@ -146,18 +139,14 @@ public class AuditDeleteHoldTests extends BaseRMRestTest STEP("Create a new hold."); holdsAPI.createHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2, HOLD_REASON, HOLD_DESCRIPTION); - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Delete the created hold."); holdsAPI.deleteHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2); - STEP("Get the list of audit entries for the delete hold event as an user with no Read permissions over the hold."); - auditEntries = rmAuditAPI.getRMAuditLog(rmManager.getUsername(), rmManager.getPassword(), 100, - DELETE_HOLD.event); - - STEP("Check the audit log doesn't contain the entry for the delete hold event."); - assertTrue("The list of events should not contain Delete Hold entry ", auditEntries.isEmpty()); + STEP("Check that an user with no Read permissions over the hold can't see the entry for the delete hold event."); + assertTrue("The list of events should not contain Delete Hold entry ", + rmAuditService.getAuditEntriesFilteredByEvent(rmManager, DELETE_HOLD).isEmpty()); } @AfterClass (alwaysRun = true) diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditGroupEventsTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditGroupEventsTests.java index 3443630bb6..055f138650 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditGroupEventsTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditGroupEventsTests.java @@ -26,20 +26,20 @@ */ package org.alfresco.rest.rm.community.audit; +import static java.util.Arrays.asList; + import static org.alfresco.rest.rm.community.model.audit.AuditEvents.ADD_TO_USER_GROUP; import static org.alfresco.rest.rm.community.model.audit.AuditEvents.CREATE_USER_GROUP; import static org.alfresco.rest.rm.community.model.audit.AuditEvents.DELETE_USER_GROUP; import static org.alfresco.rest.rm.community.model.audit.AuditEvents.REMOVE_FROM_USER_GROUP; import static org.alfresco.utility.report.log.Step.STEP; -import static org.testng.AssertJUnit.assertTrue; -import java.util.List; +import java.util.Collections; import com.google.common.collect.ImmutableMap; import org.alfresco.rest.rm.community.base.BaseRMRestTest; -import org.alfresco.rest.rm.community.model.audit.AuditEntry; -import org.alfresco.rest.v0.RMAuditAPI; +import org.alfresco.rest.v0.service.RMAuditService; import org.alfresco.test.AlfrescoTest; import org.alfresco.utility.model.GroupModel; import org.alfresco.utility.model.UserModel; @@ -57,16 +57,14 @@ import org.testng.annotations.Test; public class AuditGroupEventsTests extends BaseRMRestTest { @Autowired - private RMAuditAPI rmAuditAPI; - + private RMAuditService rmAuditService; private GroupModel testGroup; private UserModel testUser; @BeforeClass (alwaysRun = true) public void cleanAuditLogs() { - //clean audit logs - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); } /** @@ -79,17 +77,10 @@ public class AuditGroupEventsTests extends BaseRMRestTest { testGroup = dataGroup.createRandomGroup(); - STEP("Get the list of audit entries for the create group event."); - List auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), - getAdminUser().getPassword(), 100, CREATE_USER_GROUP.event); - - STEP("Check the audit log contains only the entries for the created group."); - assertTrue("The list of events is not filtered by " + CREATE_USER_GROUP.event, - auditEntries.stream().allMatch(auditEntry -> auditEntry.getEvent().equals(CREATE_USER_GROUP.eventDisplayName))); - - assertTrue("The group name for the new group created is not audited.", - auditEntries.stream().filter(auditEntry -> auditEntry.getEvent().equals(CREATE_USER_GROUP.eventDisplayName)) - .anyMatch(auditEntry -> auditEntry.getNodeName().equals(testGroup.getGroupIdentifier()))); + STEP("Check the audit log contains the entry for the created group."); + rmAuditService.checkAuditLogForEvent(getAdminUser(), CREATE_USER_GROUP, getAdminUser(), testGroup.getGroupIdentifier(), + Collections.singletonList(ImmutableMap.of("new", testGroup.getGroupIdentifier(), "previous", "", + "name", "authorityDisplayName"))); } /** @@ -104,19 +95,10 @@ public class AuditGroupEventsTests extends BaseRMRestTest testUser = getDataUser().createRandomTestUser(); dataGroup.usingUser(testUser).addUserToGroup(testGroup); - STEP("Get the list of audit entries for the add user to group event."); - List auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), - getAdminUser().getPassword(), 100, ADD_TO_USER_GROUP.event); - - STEP("Check the audit log contains only the entries for the add user to group event."); - assertTrue("The list of events is not filtered by " + ADD_TO_USER_GROUP.event, - auditEntries.stream().allMatch(auditEntry -> auditEntry.getEvent().equals(ADD_TO_USER_GROUP.eventDisplayName))); - - assertTrue("The username and destination group are not audited.", - auditEntries.stream().filter(auditEntry -> auditEntry.getEvent().equals(ADD_TO_USER_GROUP.eventDisplayName)) - .anyMatch(auditEntry -> auditEntry.getNodeName().equals(testGroup.getGroupIdentifier()) - && auditEntry.getChangedValues().contains(ImmutableMap.of("new", testUser.getUsername(), "previous", "", "name", "User Name")) - && auditEntry.getChangedValues().contains(ImmutableMap.of("new", testGroup.getGroupIdentifier(), "previous", "", "name", "Parent Group")))); + STEP("Check the audit log contains the entry for the add user to group event."); + rmAuditService.checkAuditLogForEvent(getAdminUser(), ADD_TO_USER_GROUP, getAdminUser(), testGroup.getGroupIdentifier(), + asList(ImmutableMap.of("new", testUser.getUsername(), "previous", "", "name", "User Name"), + ImmutableMap.of("new", testGroup.getGroupIdentifier(), "previous", "", "name", "Parent Group"))); } /** @@ -132,19 +114,10 @@ public class AuditGroupEventsTests extends BaseRMRestTest dataGroup.usingUser(testUser).addUserToGroup(testGroup); dataGroup.removeUserFromGroup(testGroup, testUser); - STEP("Get the list of audit entries for the add user to group event."); - List auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), - getAdminUser().getPassword(), 100, REMOVE_FROM_USER_GROUP.event); - - STEP("Check the audit log contains only the entries for the remove user from group event."); - assertTrue("The list of events is not filtered by " + REMOVE_FROM_USER_GROUP.event, - auditEntries.stream().allMatch(auditEntry -> auditEntry.getEvent().equals(REMOVE_FROM_USER_GROUP.eventDisplayName))); - - assertTrue("The username and previous parent group are not audited.", - auditEntries.stream().filter(auditEntry -> auditEntry.getEvent().equals(REMOVE_FROM_USER_GROUP.eventDisplayName)) - .anyMatch(auditEntry -> auditEntry.getNodeName().equals(testGroup.getGroupIdentifier()) - && auditEntry.getChangedValues().contains(ImmutableMap.of("new", "", "previous", testUser.getUsername(), "name", "User Name")) - && auditEntry.getChangedValues().contains(ImmutableMap.of("new", "","previous", testGroup.getGroupIdentifier(), "name", "Parent Group")))); + STEP("Check the audit log contains the entry for the remove user from group event."); + rmAuditService.checkAuditLogForEvent(getAdminUser(), REMOVE_FROM_USER_GROUP, getAdminUser(), testGroup.getGroupIdentifier(), + asList(ImmutableMap.of("new", "", "previous", testUser.getUsername(), "name", "User Name"), + ImmutableMap.of("new", "","previous", testGroup.getGroupIdentifier(), "name", "Parent Group"))); } /** @@ -158,17 +131,9 @@ public class AuditGroupEventsTests extends BaseRMRestTest testGroup = dataGroup.createRandomGroup(); dataGroup.deleteGroup(testGroup); - STEP("Get the list of audit entries for the delete group event."); - List auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), - getAdminUser().getPassword(), 100, DELETE_USER_GROUP.event); - - STEP("Check the audit log contains only the entries for the created group."); - assertTrue("The list of events is not filtered by " + DELETE_USER_GROUP.event, - auditEntries.stream().allMatch(auditEntry -> auditEntry.getEvent().equals(DELETE_USER_GROUP.eventDisplayName))); - - assertTrue("The group name for the deleted group is not audited.", - auditEntries.stream().filter(auditEntry -> auditEntry.getEvent().equals(DELETE_USER_GROUP.eventDisplayName)) - .anyMatch(auditEntry -> auditEntry.getNodeName().equals(testGroup.getGroupIdentifier()) - && auditEntry.getChangedValues().contains(ImmutableMap.of("new", "", "previous", testGroup.getGroupIdentifier(), "name", "authorityDisplayName")))); + STEP("Check the audit log contains the entry for the delete group event."); + rmAuditService.checkAuditLogForEvent(getAdminUser(), DELETE_USER_GROUP, getAdminUser(), testGroup.getGroupIdentifier(), + Collections.singletonList(ImmutableMap.of("new", "", "previous", testGroup.getGroupIdentifier(), + "name", "authorityDisplayName"))); } } diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditLoginEventsTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditLoginEventsTests.java index 12b445b3e3..5dcffe5347 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditLoginEventsTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditLoginEventsTests.java @@ -34,11 +34,10 @@ import java.util.List; import org.alfresco.rest.rm.community.base.BaseRMRestTest; import org.alfresco.rest.rm.community.model.audit.AuditEntry; -import org.alfresco.rest.v0.RMAuditAPI; +import org.alfresco.rest.v0.service.RMAuditService; import org.alfresco.test.AlfrescoTest; import org.alfresco.utility.model.UserModel; import org.springframework.beans.factory.annotation.Autowired; -import org.testng.annotations.BeforeClass; import org.testng.annotations.Test; /** @@ -51,14 +50,7 @@ import org.testng.annotations.Test; public class AuditLoginEventsTests extends BaseRMRestTest { @Autowired - private RMAuditAPI rmAuditAPI; - - @BeforeClass (alwaysRun = true) - public void cleanAuditLogs() - { - //clean audit logs - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); - } + private RMAuditService rmAuditService; /** * Given I have tried to login using invalid credentials @@ -68,12 +60,13 @@ public class AuditLoginEventsTests extends BaseRMRestTest @Test public void filterByLoginUnsuccessful() throws Exception { + rmAuditService.clearAuditLog(); restClient.authenticateUser(new UserModel(getAdminUser().getUsername(), "InvalidPassword")); restClient.withCoreAPI().getSites(); STEP("Get the list of audit entries for the login unsuccessful event."); - List auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), - getAdminUser().getPassword(), 100, LOGIN_UNSUCCESSFUL.event); + List auditEntries = rmAuditService.getAuditEntriesFilteredByEvent(getAdminUser(), + LOGIN_UNSUCCESSFUL); STEP("Check the audit log contains only the entries for the login unsuccessful event."); assertTrue("The list of events is not filtered by " + LOGIN_UNSUCCESSFUL.event, diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java index 6820af14a3..d24da88e07 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java @@ -4,9 +4,24 @@ * %% * Copyright (C) 2005 - 2019 Alfresco Software Limited * %% - * License rights for this program may be obtained from Alfresco Software, Ltd. - * pursuant to a written agreement and any use of this program without such an - * agreement is prohibited. + * This file is part of the Alfresco software. + * - + * If the software was purchased under a paid Alfresco license, the terms of + * the paid license agreement will prevail. Otherwise, the software is + * provided under the following open source license terms: + * - + * Alfresco is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * - + * Alfresco is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * - + * You should have received a copy of the GNU Lesser General Public License + * along with Alfresco. If not, see . * #L% */ package org.alfresco.rest.rm.community.audit; @@ -19,10 +34,9 @@ import static org.alfresco.rest.rm.community.model.audit.AuditEvents.REMOVE_FROM import static org.alfresco.rest.rm.community.util.CommonTestUtils.generateTestPrefix; import static org.alfresco.utility.data.RandomData.getRandomName; import static org.alfresco.utility.report.log.Step.STEP; +import static org.apache.commons.httpclient.HttpStatus.SC_INTERNAL_SERVER_ERROR; import static org.testng.AssertJUnit.assertEquals; -import static org.testng.AssertJUnit.assertFalse; import static org.testng.AssertJUnit.assertTrue; -import static org.testng.AssertJUnit.fail; import java.util.Collections; import java.util.List; @@ -36,7 +50,7 @@ import org.alfresco.rest.rm.community.model.recordcategory.RecordCategoryChild; import org.alfresco.rest.rm.community.model.user.UserPermissions; import org.alfresco.rest.rm.community.model.user.UserRoles; import org.alfresco.rest.v0.HoldsAPI; -import org.alfresco.rest.v0.RMAuditAPI; +import org.alfresco.rest.v0.service.RMAuditService; import org.alfresco.rest.v0.service.RoleService; import org.alfresco.test.AlfrescoTest; import org.alfresco.utility.constants.UserRole; @@ -62,10 +76,10 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest private final String HOLD1 = PREFIX + "hold1"; private final String HOLD2 = PREFIX + "hold2"; private final String HOLD3 = PREFIX + "hold3"; - private final String HOLD_TO_BE_DELETED = PREFIX + "holdToBeDeleted"; + private final String DELETED_HOLD = PREFIX + "deletedHold"; @Autowired - private RMAuditAPI rmAuditAPI; + private RMAuditService rmAuditService; @Autowired private HoldsAPI holdsAPI; @Autowired @@ -78,8 +92,8 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest private Record heldRecord; private List auditEntries; private List holdsList = asList(HOLD1, HOLD2, HOLD3); - private AuditEntry auditEntry; private FileModel heldContent; + private String hold1NodeRef; @BeforeClass (alwaysRun = true) public void preconditionForAuditRemoveFromHoldTests() throws Exception @@ -91,12 +105,11 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest privateSite = dataSite.usingUser(rmAdmin).createPrivateRandomSite(); STEP("Create new holds."); - String hold1NodeRef = holdsAPI.createHoldAndGetNodeRef(getAdminUser().getUsername(), getAdminUser().getPassword(), + hold1NodeRef = holdsAPI.createHoldAndGetNodeRef(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD1, HOLD_REASON, HOLD_DESCRIPTION); holdsAPI.createHold(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD2, HOLD_REASON, HOLD_DESCRIPTION); holdsAPI.createHold(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD3, HOLD_REASON, HOLD_DESCRIPTION); - holdsAPI.createHold(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD_TO_BE_DELETED, - HOLD_REASON, HOLD_DESCRIPTION); + holdsAPI.createHold(getAdminUser().getUsername(), getAdminUser().getPassword(), DELETED_HOLD, HOLD_REASON, HOLD_DESCRIPTION); STEP("Create a new record category with a record folder."); recordCategory = createRootCategory(getRandomName("recordCategory")); @@ -166,27 +179,14 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest @Test (dataProvider = "validNodesForRemoveFromHold") public void removeFromHoldEventIsAudited(String nodeId, String nodeName) { - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Remove node from hold."); holdsAPI.removeItemFromHold(rmAdmin.getUsername(), rmAdmin.getPassword(), nodeId, HOLD3); - STEP("Get the list of audit entries for the remove from hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - REMOVE_FROM_HOLD.event); - - STEP("Check the audit log contains the entry for the remove from hold."); - assertFalse("The list of events should contain Remove From Hold entry ", auditEntries.isEmpty()); - auditEntry = auditEntries.get(0); - assertTrue("The list of events is not filtered by Remove From Hold", - auditEntry.getEvent().equals(REMOVE_FROM_HOLD.eventDisplayName)); - assertTrue("The hold name value for the remove from hold is not audited.", - auditEntry.getNodeName().equals(HOLD3)); - assertTrue("The user who removed the node from the hold is not audited.", - auditEntry.getUserName().equals(rmAdmin.getUsername())); - assertFalse("The date when the add to hold occurred is not audited.", auditEntry.getTimestamp().isEmpty()); - //TODO check content name + STEP("Check the audit log contains the entry for the remove from hold event."); + rmAuditService.checkAuditLogForEvent(getAdminUser(), REMOVE_FROM_HOLD, rmAdmin, HOLD3, Collections.emptyList()); + //TODO replace changed values } /** @@ -199,22 +199,17 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest { STEP("Add a file to the hold that will be deleted"); holdsAPI.addItemToHold(getAdminUser().getUsername(), getAdminUser().getPassword(), - heldContent.getNodeRefWithoutVersion(), HOLD_TO_BE_DELETED); + heldContent.getNodeRefWithoutVersion(), DELETED_HOLD); - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Delete the hold."); - holdsAPI.deleteHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD_TO_BE_DELETED); - - STEP("Get the list of audit entries for the remove from hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - REMOVE_FROM_HOLD.event); + holdsAPI.deleteHold(rmAdmin.getUsername(), rmAdmin.getPassword(), DELETED_HOLD); STEP("Check the audit log contains the entry for the remove from hold."); - assertFalse("The list of events should contain Remove From Hold entry ", auditEntries.isEmpty()); - assertTrue("The hold name value for the remove from hold is not audited.", - auditEntries.get(0).getNodeName().equals(HOLD_TO_BE_DELETED)); + rmAuditService.checkAuditLogForEvent(getAdminUser(), REMOVE_FROM_HOLD, rmAdmin, DELETED_HOLD, + Collections.emptyList()); + //TODO replace changed values } /** @@ -225,25 +220,16 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest @Test public void unsuccessfulRemoveFromHoldIsNotAudited() { - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Try to remove the record from a hold by an user with no rights."); - try - { - holdsAPI.removeItemFromHold(rmManagerNoRightsOnHold.getUsername(), rmManagerNoRightsOnHold.getPassword(), - heldRecord.getId(), HOLD1); - fail("Remove from hold action was successful."); - } - catch (Exception e) - { - STEP("Get the list of audit entries for the remove from hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - REMOVE_FROM_HOLD.event); + holdsAPI.removeItemsFromHolds(rmManagerNoRightsOnHold.getUsername(), rmManagerNoRightsOnHold.getPassword(), + SC_INTERNAL_SERVER_ERROR, Collections.singletonList(heldRecord.getId()), + Collections.singletonList(hold1NodeRef)); - STEP("Check the audit log doesn't contain the entry for the unsuccessful remove from hold."); - assertTrue("The list of events should not contain remove from hold entry ", auditEntries.isEmpty()); - } + STEP("Check the audit log doesn't contain the entry for the unsuccessful remove from hold."); + assertTrue("The list of events should not contain remove from hold entry ", + rmAuditService.getAuditEntriesFilteredByEvent(getAdminUser(), REMOVE_FROM_HOLD).isEmpty()); } /** @@ -261,15 +247,13 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest STEP("Add the record folder to a hold."); holdsAPI.addItemToHold(rmAdmin.getUsername(), rmAdmin.getPassword(), notEmptyRecFolder.getId(), HOLD1); - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Remove record folder from hold."); holdsAPI.removeItemFromHold(rmAdmin.getUsername(), rmAdmin.getPassword(), notEmptyRecFolder.getId(), HOLD1); STEP("Get the list of audit entries for the remove from hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - REMOVE_FROM_HOLD.event); + auditEntries = rmAuditService.getAuditEntriesFilteredByEvent(getAdminUser(), REMOVE_FROM_HOLD); STEP("Check the audit log contains only an entry for remove from hold."); assertEquals("The list of events should not contain Remove from Hold entry for the record", 1, @@ -285,16 +269,14 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest @Test public void removeFromHoldIsAuditedInBulkRemoval() { - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Remove record folder from multiple holds."); holdsAPI.removeItemsFromHolds(rmAdmin.getUsername(), rmAdmin.getPassword(), Collections.singletonList(heldRecordFolder.getId()), asList(HOLD1, HOLD2)); STEP("Get the list of audit entries for the remove from hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - REMOVE_FROM_HOLD.event); + auditEntries = rmAuditService.getAuditEntriesFilteredByEvent(getAdminUser(), REMOVE_FROM_HOLD); STEP("Check the audit log contains entries for both removal."); assertEquals("The list of events should contain remove from Hold entries for both holds", 2, @@ -313,17 +295,14 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest @Test (dataProvider = "invalidUsersForRemoveFromHold") public void removeFromHoldAuditEntryNotVisible(UserModel user) { - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Remove held content from a hold."); holdsAPI.removeItemFromHold(rmAdmin.getUsername(), rmAdmin.getPassword(), heldContent.getNodeRefWithoutVersion(), HOLD1); - STEP("Get the list of audit entries for the remove from hold event as an user with no Read permissions."); - auditEntries = rmAuditAPI.getRMAuditLog(user.getUsername(), user.getPassword(), 100, REMOVE_FROM_HOLD.event); - - STEP("Check the audit log doesn't contain the entry for the remove from hold event."); - assertTrue("The list of events should not contain Remove from Hold entry ", auditEntries.isEmpty()); + STEP("Check that an user with no Read permissions can't see the entry for the remove from hold event."); + assertTrue("The list of events should not contain Remove from Hold entry ", + rmAuditService.getAuditEntriesFilteredByEvent(user, REMOVE_FROM_HOLD).isEmpty()); } @AfterClass (alwaysRun = true) diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditUserEventsTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditUserEventsTests.java index 6f29159520..3f7b668a9a 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditUserEventsTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditUserEventsTests.java @@ -29,18 +29,17 @@ package org.alfresco.rest.rm.community.audit; import static org.alfresco.rest.rm.community.model.audit.AuditEvents.CREATE_PERSON; import static org.alfresco.rest.rm.community.util.CommonTestUtils.generateTestPrefix; import static org.alfresco.utility.report.log.Step.STEP; -import static org.testng.AssertJUnit.assertTrue; -import java.util.List; +import java.util.Collections; + +import com.google.common.collect.ImmutableMap; import org.alfresco.rest.rm.community.base.BaseRMRestTest; -import org.alfresco.rest.rm.community.model.audit.AuditEntry; -import org.alfresco.rest.v0.RMAuditAPI; +import org.alfresco.rest.v0.service.RMAuditService; import org.alfresco.test.AlfrescoTest; import org.alfresco.utility.model.UserModel; import org.springframework.beans.factory.annotation.Autowired; import org.testng.annotations.AfterClass; -import org.testng.annotations.BeforeClass; import org.testng.annotations.Test; /** @@ -52,10 +51,9 @@ import org.testng.annotations.Test; public class AuditUserEventsTests extends BaseRMRestTest { private final String PREFIX = generateTestPrefix(AuditUserEventsTests.class); - private UserModel createUser; @Autowired - private RMAuditAPI rmAuditAPI; + private RMAuditService rmAuditService; /** * Given I have created a new user @@ -68,28 +66,14 @@ public class AuditUserEventsTests extends BaseRMRestTest @AlfrescoTest(jira = "RM-6223") public void createUserEventIsAudited() { + rmAuditService.clearAuditLog(); STEP("Create a new user."); String userName = "auditCreateUser" + PREFIX; createUser = getDataUser().createUser(userName); - STEP("Get the list of audit entries for the create person event."); - List auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), - getAdminUser().getPassword(), 100, CREATE_PERSON.event); - - STEP("Check the audit log contains only the entries for the created user."); - assertTrue("The list of events is not filtered by " + CREATE_PERSON.event, - auditEntries.stream().allMatch(auditEntry -> auditEntry.getEvent().equals(CREATE_PERSON.eventDisplayName))); - - assertTrue("The username value for the user created is not audited.", - auditEntries.stream().filter(auditEntry -> auditEntry.getEvent().equals(CREATE_PERSON.eventDisplayName)) - .allMatch(auditEntry -> auditEntry.getNodeName().equals(userName))); - } - - @BeforeClass (alwaysRun = true) - public void cleanAuditLogs() - { - //clean audit logs - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + STEP("Check the audit log contains the entry for the created user event."); + rmAuditService.checkAuditLogForEvent(getAdminUser(), CREATE_PERSON, getAdminUser(), userName, + Collections.singletonList(ImmutableMap.of("new", userName, "previous", "", "name", "User Name"))); } @AfterClass (alwaysRun = true) diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/files/DeclareAndFileDocumentAsRecordTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/files/DeclareAndFileDocumentAsRecordTests.java index e6bee2c556..26188acb08 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/files/DeclareAndFileDocumentAsRecordTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/files/DeclareAndFileDocumentAsRecordTests.java @@ -26,6 +26,8 @@ */ package org.alfresco.rest.rm.community.files; +import static org.alfresco.rest.rm.community.base.TestData.HOLD_DESCRIPTION; +import static org.alfresco.rest.rm.community.base.TestData.HOLD_REASON; import static org.alfresco.rest.rm.community.model.fileplancomponents.FilePlanComponentAlias.FILE_PLAN_ALIAS; import static org.alfresco.rest.rm.community.model.fileplancomponents.FilePlanComponentAlias.TRANSFERS_ALIAS; import static org.alfresco.rest.rm.community.model.fileplancomponents.FilePlanComponentAlias.UNFILED_RECORDS_CONTAINER_ALIAS; @@ -87,7 +89,7 @@ public class DeclareAndFileDocumentAsRecordTests extends BaseRMRestTest private final static String INVALID_DESTINATION_PATH_EXC = "Unable to execute create-record action, because the destination path is invalid."; private final static String DESTINATION_PATH_NOT_RECORD_FOLDER_EXC = "Unable to execute create-record action, because the destination path is not a record folder."; private final static String CLOSED_RECORD_FOLDER_EXC = "You can't add new items to a closed record folder."; - private final static String HOLD_NAME = "holdName"; + private final static String HOLD_NAME = getRandomName("holdName"); private final static String RECORD_FOLDER_NAME_WITH_SPACE = "Folder With Spaces In Name"; private UserModel userFillingPermission, userReadOnlyPermission; @@ -411,8 +413,7 @@ public class DeclareAndFileDocumentAsRecordTests extends BaseRMRestTest public void declareAndFileToHeldRecordFolderUsingFilesAPI() throws Exception { RecordCategoryChild heldRecordFolder = createFolder(recordCategory.getId(), getRandomName("heldRecordFolder")); - holdsAPI.createHold(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD_NAME, "hold reason", - "hold description"); + holdsAPI.createHold(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD_NAME, HOLD_REASON, HOLD_DESCRIPTION); holdsAPI.addItemToHold(getAdminUser().getUsername(), getAdminUser().getPassword(), heldRecordFolder.getId(), HOLD_NAME); diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/hold/AddToHoldsTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/hold/AddToHoldsTests.java index 636c453077..3803749525 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/hold/AddToHoldsTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/hold/AddToHoldsTests.java @@ -287,7 +287,7 @@ public class AddToHoldsTests extends BaseRMRestTest users.add(userModel); STEP("Add the node to the hold with user without permission."); String response = holdsAPI.addToHoldAndGetMessage(userModel.getUsername(), userModel.getPassword(), - SC_INTERNAL_SERVER_ERROR, nodeToBeAddedToHold, HOLD); + SC_INTERNAL_SERVER_ERROR, nodeToBeAddedToHold, holdNodeRef); assertTrue(response.contains(ACCESS_DENIED_ERROR_MESSAGE)); STEP("Check the node is not frozen."); @@ -345,7 +345,7 @@ public class AddToHoldsTests extends BaseRMRestTest { STEP("Add the node to the hold "); String responseErrorMessage = holdsAPI.addToHoldAndGetMessage(getAdminUser().getUsername(), - getAdminUser().getPassword(), responseCode, itemNodeRef, HOLD); + getAdminUser().getPassword(), responseCode, itemNodeRef, holdNodeRef); assertTrue(responseErrorMessage.contains(errorMessage), "Actual error message " + responseErrorMessage + " expected " + errorMessage); diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/hold/RemoveFromHoldsTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/hold/RemoveFromHoldsTests.java index c23b244b7d..78146056c3 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/hold/RemoveFromHoldsTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/hold/RemoveFromHoldsTests.java @@ -95,12 +95,12 @@ public class RemoveFromHoldsTests extends BaseRMRestTest private RoleService roleService; @BeforeClass (alwaysRun = true) - public void preconditionForRemoveContentFromHold() throws Exception + public void preconditionForRemoveContentFromHold() { STEP("Create two holds."); holdNodeRefOne = holdsAPI.createHoldAndGetNodeRef(getAdminUser().getUsername(), getAdminUser().getUsername(), HOLD_ONE, HOLD_REASON, HOLD_DESCRIPTION); - String holdNodeRefTwo = holdsAPI.createHoldAndGetNodeRef(getAdminUser().getUsername(), getAdminUser() + holdsAPI.createHoldAndGetNodeRef(getAdminUser().getUsername(), getAdminUser() .getUsername(), HOLD_TWO, HOLD_REASON, HOLD_DESCRIPTION); STEP("Create test files."); @@ -265,7 +265,7 @@ public class RemoveFromHoldsTests extends BaseRMRestTest STEP("Remove node from hold with user without right permission or capability"); String responseNoHoldPermission = holdsAPI.removeFromHoldAndGetMessage(userModel.getUsername(), - userModel.getPassword(), SC_INTERNAL_SERVER_ERROR, nodeIdToBeRemoved, HOLD_ONE); + userModel.getPassword(), SC_INTERNAL_SERVER_ERROR, nodeIdToBeRemoved, holdNodeRefOne); assertTrue(responseNoHoldPermission.contains(ACCESS_DENIED_ERROR_MESSAGE)); STEP("Check node is frozen.");