(clearanceLevels);
+ temp.add(temp.size(), NO_CLEARANCE);
+ this.clearanceLevels = ImmutableList.copyOf(temp);
}
/** @return An immutable list of clearance levels ordered from most to least secure. */
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceService.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceService.java
index a6752fdc8d..77bd20f9f3 100644
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceService.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceService.java
@@ -19,6 +19,7 @@
package org.alfresco.module.org_alfresco_module_rm.classification;
import org.alfresco.query.PagingResults;
+import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.security.NoSuchPersonException;
/**
@@ -29,6 +30,18 @@ import org.alfresco.service.cmr.security.NoSuchPersonException;
*/
public interface SecurityClearanceService
{
+ /**
+ * Indicates whether the currently authenticated user has clearance to see the
+ * provided node.
+ *
+ * Note that users, regardless of their clearance level, are always cleared to see a node that has no classification
+ * applied.
+ *
+ * @param nodeRef node reference
+ * @return boolean true if cleared to see node, false otherwise
+ */
+ boolean hasClearance(NodeRef nodeRef);
+
/**
* Get the currently authenticated user's security clearance.
*
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImpl.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImpl.java
index 12b12357c3..cd4317e803 100644
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImpl.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImpl.java
@@ -57,15 +57,12 @@ public class SecurityClearanceServiceImpl extends ServiceBaseImpl implements Sec
{
ArrayList clearanceLevels = new ArrayList();
List classificationLevels = classificationService.getClassificationLevels();
- ClassificationLevel unclassified = classificationLevels.get(classificationLevels.size() - 1);
for (ClassificationLevel classificationLevel : classificationLevels)
{
- String displayLabelKey = classificationLevel.getDisplayLabelKey();
- if (classificationLevel.equals(unclassified))
- {
- displayLabelKey = "rm.classification.noClearance";
- }
- clearanceLevels.add(new ClearanceLevel(classificationLevel, displayLabelKey));
+ if (!ClassificationLevelManager.UNCLASSIFIED.equals(classificationLevel))
+ {
+ clearanceLevels.add(new ClearanceLevel(classificationLevel, classificationLevel.getDisplayLabelKey()));
+ }
}
this.clearanceManager = new ClearanceLevelManager(clearanceLevels);
}
@@ -73,6 +70,46 @@ public class SecurityClearanceServiceImpl extends ServiceBaseImpl implements Sec
/** Get the clearance manager (for use in unit testing). */
protected ClearanceLevelManager getClearanceManager() { return clearanceManager; }
+ /**
+ * @see org.alfresco.module.org_alfresco_module_rm.classification.SecurityClearanceService#hasClearance(org.alfresco.service.cmr.repository.NodeRef)
+ */
+ @Override
+ public boolean hasClearance(NodeRef nodeRef)
+ {
+ boolean result = false;
+
+ // get the nodes current classification
+ ClassificationLevel currentClassification = classificationService.getCurrentClassification(nodeRef);
+ if (ClassificationLevelManager.UNCLASSIFIED.equals(currentClassification))
+ {
+ // since the node is not classified user has clearance
+ result = true;
+ }
+ else
+ {
+ // get the users security clearance
+ SecurityClearance securityClearance = getUserSecurityClearance();
+ if (!ClearanceLevelManager.NO_CLEARANCE.equals(securityClearance.getClearanceLevel()))
+ {
+ // get the users highest classification clearance
+ ClassificationLevel highestClassification = securityClearance.getClearanceLevel().getHighestClassificationLevel();
+
+ // if classification is less than or equal to highest classification then user has clearance
+ List allClassificationLevels = classificationService.getClassificationLevels();
+ int highestIndex = allClassificationLevels.indexOf(highestClassification);
+ int currentIndex = allClassificationLevels.indexOf(currentClassification);
+
+ if (highestIndex <= currentIndex)
+ {
+ // user has clearance
+ result = true;
+ }
+ }
+ }
+
+ return result;
+ }
+
@Override
public SecurityClearance getUserSecurityClearance()
{
@@ -82,6 +119,12 @@ public class SecurityClearanceServiceImpl extends ServiceBaseImpl implements Sec
return getUserSecurityClearance(currentUser);
}
+ /**
+ * Gets the users security clearnace.
+ *
+ * @param userName user name
+ * @return {@link SecurityClearance} provides information about the user and their clearance level
+ */
private SecurityClearance getUserSecurityClearance(final String userName)
{
final NodeRef personNode = personService.getPerson(userName, false);
@@ -91,12 +134,15 @@ public class SecurityClearanceServiceImpl extends ServiceBaseImpl implements Sec
if (nodeService.hasAspect(personNode, ASPECT_SECURITY_CLEARANCE))
{
- final String clearanceLevel = (String)nodeService.getProperty(personNode, PROP_CLEARANCE_LEVEL);
+ final String clearanceLevelValue = (String)nodeService.getProperty(personNode, PROP_CLEARANCE_LEVEL);
- classificationLevel = clearanceLevel == null ? classificationService.getDefaultClassificationLevel() :
- classificationService.getClassificationLevelById(clearanceLevel);
+ classificationLevel = clearanceLevelValue == null ? classificationService.getUnclassifiedClassificationLevel() :
+ classificationService.getClassificationLevelById(clearanceLevelValue);
+ }
+ else
+ {
+ classificationLevel = classificationService.getUnclassifiedClassificationLevel();
}
- else { classificationLevel = classificationService.getDefaultClassificationLevel(); }
ClearanceLevel clearanceLevel = clearanceManager.findLevelByClassificationLevelId(classificationLevel.getId());
return new SecurityClearance(personInfo, clearanceLevel);
diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/classification/ClassificationLevelsTest.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/classification/ClassificationLevelsTest.java
index 1bbe2e95f8..4a3a13ed85 100644
--- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/classification/ClassificationLevelsTest.java
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/classification/ClassificationLevelsTest.java
@@ -22,6 +22,7 @@ import java.io.InputStream;
import java.util.List;
import org.alfresco.module.org_alfresco_module_rm.classification.ClassificationLevel;
+import org.alfresco.module.org_alfresco_module_rm.classification.ClassificationLevelManager;
import org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase;
/**
@@ -63,7 +64,7 @@ public class ClassificationLevelsTest extends BaseRMTestCase
{
List levels = classificationService.getClassificationLevels();
assertNotNull(levels);
- assertEquals(4, levels.size());
+ assertEquals(5, levels.size());
ClassificationLevel level1 = levels.get(0);
ClassificationLevel level2 = levels.get(1);
@@ -79,6 +80,8 @@ public class ClassificationLevelsTest extends BaseRMTestCase
assertEquals(level2.getId(), LEVEL2_ID);
assertEquals(level3.getId(), LEVEL3_ID);
assertEquals(level4.getId(), LEVEL4_ID);
+
+ assertEquals(ClassificationLevelManager.UNCLASSIFIED, levels.get(4));
}
});
}
diff --git a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/action/impl/UnlinkFromActionUnitTest.java b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/action/impl/UnlinkFromActionUnitTest.java
index 312bcda9f3..a25034a9ab 100644
--- a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/action/impl/UnlinkFromActionUnitTest.java
+++ b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/action/impl/UnlinkFromActionUnitTest.java
@@ -18,6 +18,7 @@
*/
package org.alfresco.module.org_alfresco_module_rm.action.impl;
+import static org.alfresco.module.org_alfresco_module_rm.test.util.AlfMock.generateText;
import static org.mockito.Matchers.any;
import static org.mockito.Mockito.doReturn;
import static org.mockito.Mockito.mock;
diff --git a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/ClassificationLevelManagerUnitTest.java b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/ClassificationLevelManagerUnitTest.java
index ed526f4ca6..f9c8f6c7fe 100644
--- a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/ClassificationLevelManagerUnitTest.java
+++ b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/ClassificationLevelManagerUnitTest.java
@@ -43,7 +43,7 @@ public class ClassificationLevelManagerUnitTest
@Before public void setup()
{
- classificationLevelManager = new ClassificationLevelManager(LEVELS);
+ classificationLevelManager = new ClassificationLevelManager(LEVELS);
}
@Test public void findClassificationById_found()
@@ -62,4 +62,14 @@ public class ClassificationLevelManagerUnitTest
ClassificationLevel actual = classificationLevelManager.getMostSecureLevel();
assertEquals(LEVEL_1, actual);
}
+
+ /**
+ * Given that I have created the classification level manager with a list of classification levels
+ * Then the unclassified level is available
+ */
+ @Test public void getUnclassifiedLevel()
+ {
+ assertEquals(LEVELS.size() + 1, classificationLevelManager.getClassificationLevels().size());
+ assertEquals(ClassificationLevelManager.UNCLASSIFIED, classificationLevelManager.findLevelById(ClassificationLevelManager.UNCLASSIFIED_ID));
+ }
}
diff --git a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/ClassificationServiceImplUnitTest.java b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/ClassificationServiceImplUnitTest.java
index a2278e13a3..460110497f 100644
--- a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/ClassificationServiceImplUnitTest.java
+++ b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/ClassificationServiceImplUnitTest.java
@@ -28,6 +28,9 @@ import static org.mockito.Mockito.doThrow;
import static org.mockito.Mockito.never;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
+import static org.mockito.Mockito.verifyNoMoreInteractions;
+import static org.alfresco.module.org_alfresco_module_rm.test.util.AlfMock.generateNodeRef;
+import static org.alfresco.module.org_alfresco_module_rm.test.util.AlfMock.generateText;
import java.io.Serializable;
import java.util.ArrayList;
@@ -84,6 +87,10 @@ public class ClassificationServiceImplUnitTest
new ClassificationReason("id2", "label2"));
private static final List ALTERNATIVE_CLASSIFICATION_REASONS = asList(new ClassificationReason("id8", "label8"),
new ClassificationReason("id9", "label9"));
+
+ private static final String CLASSIFICATION_LEVEL_ID = "classificationLevelId";
+ private static final ClassificationLevel CLASSIFICATION_LEVEL = new ClassificationLevel(CLASSIFICATION_LEVEL_ID, generateText());
+
/**
* A convenience method for turning lists of level id Strings into lists
* of {@code ClassificationLevel} objects.
@@ -100,7 +107,6 @@ public class ClassificationServiceImplUnitTest
}
final List levels = new ArrayList<>(idsAndLabels.length / 2);
-
for (int i = 0; i < idsAndLabels.length; i += 2)
{
levels.add(new ClassificationLevel(idsAndLabels[i], idsAndLabels[i+1]));
@@ -363,4 +369,48 @@ public class ClassificationServiceImplUnitTest
doThrow(new ReasonIdNotFound("Id not found!")).when(mockReasonManager).findReasonById(classificationReasonId);
classificationServiceImpl.getClassificationReasonById(classificationReasonId);
}
+
+ /**
+ * Given that a node does not have the classify aspect applied
+ * When I ask for the nodes classification
+ * Then 'Unclassified' is returned
+ */
+ @Test
+ public void getCurrentClassificationWithoutAspectApplied()
+ {
+ NodeRef nodeRef = generateNodeRef(mockNodeService);
+ when(mockNodeService.hasAspect(nodeRef, ClassifiedContentModel.ASPECT_CLASSIFIED))
+ .thenReturn(false);
+
+ ClassificationLevel classificationLevel = classificationServiceImpl.getCurrentClassification(nodeRef);
+
+ assertEquals(ClassificationLevelManager.UNCLASSIFIED, classificationLevel);
+ verify(mockNodeService).hasAspect(nodeRef, ClassifiedContentModel.ASPECT_CLASSIFIED);
+ verifyNoMoreInteractions(mockNodeService);
+ }
+
+ /**
+ * Given that a node is classified
+ * When I ask for the node classification
+ * Then I get the correct classificationlevel
+ */
+ @Test
+ public void getCurrentClassification()
+ {
+ NodeRef nodeRef = generateNodeRef(mockNodeService);
+ when(mockNodeService.hasAspect(nodeRef, ClassifiedContentModel.ASPECT_CLASSIFIED))
+ .thenReturn(true);
+ when(mockNodeService.getProperty(nodeRef, ClassifiedContentModel.PROP_CURRENT_CLASSIFICATION))
+ .thenReturn(CLASSIFICATION_LEVEL_ID);
+ when(mockLevelManager.findLevelById(CLASSIFICATION_LEVEL_ID))
+ .thenReturn(CLASSIFICATION_LEVEL);
+
+ ClassificationLevel classificationLevel = classificationServiceImpl.getCurrentClassification(nodeRef);
+
+ assertEquals(CLASSIFICATION_LEVEL, classificationLevel);
+ verify(mockNodeService).hasAspect(nodeRef, ClassifiedContentModel.ASPECT_CLASSIFIED);
+ verify(mockNodeService).getProperty(nodeRef, ClassifiedContentModel.PROP_CURRENT_CLASSIFICATION);
+ verify(mockLevelManager).findLevelById(CLASSIFICATION_LEVEL_ID);
+ verifyNoMoreInteractions(mockNodeService, mockLevelManager);
+ }
}
diff --git a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/ClearanceLevelManagerUnitTest.java b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/ClearanceLevelManagerUnitTest.java
index e8f74e987c..547d771e4b 100644
--- a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/ClearanceLevelManagerUnitTest.java
+++ b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/ClearanceLevelManagerUnitTest.java
@@ -36,11 +36,9 @@ public class ClearanceLevelManagerUnitTest
{
static final ClassificationLevel TOP_SECRET = new ClassificationLevel("TS", "Top Secret Classification");
static final ClassificationLevel SECRET = new ClassificationLevel("S", "Secret Classification");
- static final ClassificationLevel UNCLASSIFIED = new ClassificationLevel("U", "Unclassified Classification");
static final ClearanceLevel TOP_SECRET_CLEARANCE = new ClearanceLevel(TOP_SECRET , "Top Secret Clearance");
static final ClearanceLevel SECRET_CLEARANCE = new ClearanceLevel(SECRET, "Secret Clearance");
- static final ClearanceLevel NO_CLEARANCE = new ClearanceLevel(UNCLASSIFIED, "No Clearance");
/** The class under test. */
ClearanceLevelManager clearanceLevelManager;
@@ -49,7 +47,7 @@ public class ClearanceLevelManagerUnitTest
@Before
public void setup()
{
- List clearanceLevels = ImmutableList.of(TOP_SECRET_CLEARANCE, SECRET_CLEARANCE, NO_CLEARANCE);
+ List clearanceLevels = ImmutableList.of(TOP_SECRET_CLEARANCE, SECRET_CLEARANCE);
clearanceLevelManager = new ClearanceLevelManager(clearanceLevels);
}
@@ -58,7 +56,6 @@ public class ClearanceLevelManagerUnitTest
public void findLevelByClassificationLevelId_found()
{
ClearanceLevel actual = clearanceLevelManager.findLevelByClassificationLevelId("S");
-
assertEquals(SECRET_CLEARANCE, actual);
}
@@ -68,4 +65,16 @@ public class ClearanceLevelManagerUnitTest
{
clearanceLevelManager.findLevelByClassificationLevelId("UNKNOWN ID");
}
+
+ /**
+ * Given that I have created a clearance level manager from a list of clearance levels
+ * Then the no clearance level is available
+ */
+ @Test public void noClearanceLevel()
+ {
+ assertEquals(3, clearanceLevelManager.getClearanceLevels().size());
+ ClearanceLevel noClearance = clearanceLevelManager.findLevelByClassificationLevelId(ClassificationLevelManager.UNCLASSIFIED_ID);
+ assertEquals(ClearanceLevelManager.NO_CLEARANCE, noClearance);
+ assertEquals(ClassificationLevelManager.UNCLASSIFIED, noClearance.getHighestClassificationLevel());
+ }
}
diff --git a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImplUnitTest.java b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImplUnitTest.java
index f5c12cb165..fa88848576 100644
--- a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImplUnitTest.java
+++ b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImplUnitTest.java
@@ -20,11 +20,12 @@ package org.alfresco.module.org_alfresco_module_rm.classification;
import static org.alfresco.module.org_alfresco_module_rm.classification.model.ClassifiedContentModel.ASPECT_SECURITY_CLEARANCE;
import static org.alfresco.module.org_alfresco_module_rm.classification.model.ClassifiedContentModel.PROP_CLEARANCE_LEVEL;
-import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.*;
import static org.mockito.Matchers.anyBoolean;
import static org.mockito.Matchers.eq;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
+import static org.alfresco.module.org_alfresco_module_rm.test.util.AlfMock.*;
import java.util.Arrays;
import java.util.List;
@@ -90,15 +91,16 @@ public class SecurityClearanceServiceImplUnitTest
{
final PersonInfo user1 = createMockPerson("user1", "User", "One", null);
MockAuthenticationUtilHelper.setup(mockedAuthenticationUtil, user1.getUserName());
-
- ClassificationLevel defaultClassificationLevel = new ClassificationLevel("default", "default");
- when(mockClassificationService.getDefaultClassificationLevel()).thenReturn(defaultClassificationLevel);
- ClearanceLevel defaultClearanceLevel = new ClearanceLevel(defaultClassificationLevel, "defaultClearanceMessageKey");
- when(mockClearanceLevelManager.findLevelByClassificationLevelId("default")).thenReturn(defaultClearanceLevel);
+
+ when(mockClassificationService.getUnclassifiedClassificationLevel())
+ .thenReturn(ClassificationLevelManager.UNCLASSIFIED);
+ when(mockClearanceLevelManager.findLevelByClassificationLevelId(ClassificationLevelManager.UNCLASSIFIED_ID))
+ .thenReturn(ClearanceLevelManager.NO_CLEARANCE);
final SecurityClearance clearance = securityClearanceServiceImpl.getUserSecurityClearance();
+
+ assertEquals(ClassificationLevelManager.UNCLASSIFIED, clearance.getClearanceLevel().getHighestClassificationLevel());
- assertEquals(defaultClearanceLevel, clearance.getClearanceLevel());
}
/** Check that a user can have their clearance set. */
@@ -158,8 +160,7 @@ public class SecurityClearanceServiceImplUnitTest
{
ClassificationLevel topSecret = new ClassificationLevel("1", "TopSecret");
ClassificationLevel secret = new ClassificationLevel("2", "Secret");
- ClassificationLevel unclassified = new ClassificationLevel("3", "Unclassified");
- List classificationLevels = Arrays.asList(topSecret, secret, unclassified);
+ List classificationLevels = Arrays.asList(topSecret, secret, ClassificationLevelManager.UNCLASSIFIED);
when(mockClassificationService.getClassificationLevels()).thenReturn(classificationLevels );
// Call the method under test.
@@ -171,4 +172,163 @@ public class SecurityClearanceServiceImplUnitTest
assertEquals("Secret", clearanceLevels.get(1).getDisplayLabel());
assertEquals("rm.classification.noClearance", clearanceLevels.get(2).getDisplayLabel());
}
+
+ /**
+ * Given that the node is unclassified
+ * When I ask if the current user has clearance
+ * Then true
+ */
+ @Test public void clearedForUnclassifiedNode()
+ {
+ NodeRef nodeRef = generateNodeRef(mockNodeService);
+ when(mockClassificationService.getCurrentClassification(nodeRef))
+ .thenReturn(ClassificationLevelManager.UNCLASSIFIED);
+
+ assertTrue(securityClearanceServiceImpl.hasClearance(nodeRef));
+ }
+
+ /**
+ * Given that the node is classified
+ * And the user has no security clearance
+ * When I ask if the current user has clearance
+ * Then false
+ */
+ @Test public void userWithNoClearanceIsntClearedOnClassifiedNode()
+ {
+ // assign test classification to node
+ String classificationLevelId = generateText();
+ ClassificationLevel classificationLevel = new ClassificationLevel(classificationLevelId, generateText());
+ NodeRef nodeRef = generateNodeRef(mockNodeService);
+ when(mockClassificationService.getCurrentClassification(nodeRef))
+ .thenReturn(classificationLevel);
+ when(mockClearanceLevelManager.findLevelByClassificationLevelId(classificationLevelId))
+ .thenReturn(new ClearanceLevel(classificationLevel, generateText()));
+
+ // create user with no clearance
+ final PersonInfo user1 = createMockPerson(generateText(), generateText(), generateText(), null);
+ MockAuthenticationUtilHelper.setup(mockedAuthenticationUtil, user1.getUserName());
+ when(mockClassificationService.getUnclassifiedClassificationLevel())
+ .thenReturn(ClassificationLevelManager.UNCLASSIFIED);
+ when(mockClearanceLevelManager.findLevelByClassificationLevelId(ClassificationLevelManager.UNCLASSIFIED_ID))
+ .thenReturn(ClearanceLevelManager.NO_CLEARANCE);
+
+ assertFalse(securityClearanceServiceImpl.hasClearance(nodeRef));
+ }
+
+ /**
+ * Given that the node is classified
+ * And the user has clearance grater than the classification
+ * When I ask if the user has clearance
+ * Then true
+ */
+ @Test public void classifiedNodeUserClearanceGreater()
+ {
+ // init classification levels
+ ClassificationLevel topSecret = new ClassificationLevel("TopSecret", generateText());
+ ClassificationLevel secret = new ClassificationLevel("Secret", generateText());
+ ClassificationLevel confidential = new ClassificationLevel("Confidential", generateText());
+ List classificationLevels = Arrays.asList(topSecret, secret, confidential, ClassificationLevelManager.UNCLASSIFIED);
+ when(mockClassificationService.getClassificationLevels()).thenReturn(classificationLevels);
+
+ // init classification levels
+ when(mockClearanceLevelManager.findLevelByClassificationLevelId("TopSecret"))
+ .thenReturn(new ClearanceLevel(topSecret, generateText()));
+ when(mockClearanceLevelManager.findLevelByClassificationLevelId("Secret"))
+ .thenReturn(new ClearanceLevel(secret, generateText()));
+ when(mockClearanceLevelManager.findLevelByClassificationLevelId("Confidential"))
+ .thenReturn(new ClearanceLevel(confidential, generateText()));
+ when(mockClearanceLevelManager.findLevelByClassificationLevelId(ClassificationLevelManager.UNCLASSIFIED_ID))
+ .thenReturn(ClearanceLevelManager.NO_CLEARANCE);
+ when(mockClassificationService.getUnclassifiedClassificationLevel())
+ .thenReturn(ClassificationLevelManager.UNCLASSIFIED);
+
+ // set nodes classification
+ NodeRef nodeRef = generateNodeRef(mockNodeService);
+ when(mockClassificationService.getCurrentClassification(nodeRef))
+ .thenReturn(secret);
+
+ // set users security clearance
+ final PersonInfo user1 = createMockPerson(generateText(), generateText(), generateText(), "TopSecret");
+ MockAuthenticationUtilHelper.setup(mockedAuthenticationUtil, user1.getUserName());
+
+ assertTrue(securityClearanceServiceImpl.hasClearance(nodeRef));
+ }
+
+ /**
+ * Given that the node is classified
+ * And the user has clearance equal to the the classification
+ * When I ask if the user has clearance
+ * Then true
+ */
+ @Test public void classifiedNodeUserClearanceEqual()
+ {
+ // init classification levels
+ ClassificationLevel topSecret = new ClassificationLevel("TopSecret", generateText());
+ ClassificationLevel secret = new ClassificationLevel("Secret", generateText());
+ ClassificationLevel confidential = new ClassificationLevel("Confidential", generateText());
+ List classificationLevels = Arrays.asList(topSecret, secret, confidential, ClassificationLevelManager.UNCLASSIFIED);
+ when(mockClassificationService.getClassificationLevels()).thenReturn(classificationLevels);
+
+ // init classification levels
+ when(mockClearanceLevelManager.findLevelByClassificationLevelId("TopSecret"))
+ .thenReturn(new ClearanceLevel(topSecret, generateText()));
+ when(mockClearanceLevelManager.findLevelByClassificationLevelId("Secret"))
+ .thenReturn(new ClearanceLevel(secret, generateText()));
+ when(mockClearanceLevelManager.findLevelByClassificationLevelId("Confidential"))
+ .thenReturn(new ClearanceLevel(confidential, generateText()));
+ when(mockClearanceLevelManager.findLevelByClassificationLevelId(ClassificationLevelManager.UNCLASSIFIED_ID))
+ .thenReturn(ClearanceLevelManager.NO_CLEARANCE);
+ when(mockClassificationService.getUnclassifiedClassificationLevel())
+ .thenReturn(ClassificationLevelManager.UNCLASSIFIED);
+
+ // set nodes classification
+ NodeRef nodeRef = generateNodeRef(mockNodeService);
+ when(mockClassificationService.getCurrentClassification(nodeRef))
+ .thenReturn(secret);
+
+ // set users security clearance
+ final PersonInfo user1 = createMockPerson(generateText(), generateText(), generateText(), "Secret");
+ MockAuthenticationUtilHelper.setup(mockedAuthenticationUtil, user1.getUserName());
+
+ assertTrue(securityClearanceServiceImpl.hasClearance(nodeRef));
+ }
+
+ /**
+ * Given that the node is classified
+ * And the user has clearance less than the classification
+ * When I ask if the user has clearance
+ * Then true
+ */
+ @Test public void classifiedNodeUserClearanceLess()
+ {
+ // init classification levels
+ ClassificationLevel topSecret = new ClassificationLevel("TopSecret", generateText());
+ ClassificationLevel secret = new ClassificationLevel("Secret", generateText());
+ ClassificationLevel confidential = new ClassificationLevel("Confidential", generateText());
+ List classificationLevels = Arrays.asList(topSecret, secret, confidential, ClassificationLevelManager.UNCLASSIFIED);
+ when(mockClassificationService.getClassificationLevels()).thenReturn(classificationLevels);
+
+ // init classification levels
+ when(mockClearanceLevelManager.findLevelByClassificationLevelId("TopSecret"))
+ .thenReturn(new ClearanceLevel(topSecret, generateText()));
+ when(mockClearanceLevelManager.findLevelByClassificationLevelId("Secret"))
+ .thenReturn(new ClearanceLevel(secret, generateText()));
+ when(mockClearanceLevelManager.findLevelByClassificationLevelId("Confidential"))
+ .thenReturn(new ClearanceLevel(confidential, generateText()));
+ when(mockClearanceLevelManager.findLevelByClassificationLevelId(ClassificationLevelManager.UNCLASSIFIED_ID))
+ .thenReturn(ClearanceLevelManager.NO_CLEARANCE);
+ when(mockClassificationService.getUnclassifiedClassificationLevel())
+ .thenReturn(ClassificationLevelManager.UNCLASSIFIED);
+
+ // set nodes classification
+ NodeRef nodeRef = generateNodeRef(mockNodeService);
+ when(mockClassificationService.getCurrentClassification(nodeRef))
+ .thenReturn(secret);
+
+ // set users security clearance
+ final PersonInfo user1 = createMockPerson(generateText(), generateText(), generateText(), "Confidential");
+ MockAuthenticationUtilHelper.setup(mockedAuthenticationUtil, user1.getUserName());
+
+ assertFalse(securityClearanceServiceImpl.hasClearance(nodeRef));
+ }
}
diff --git a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/forms/RecordsManagementTypeFormFilterUnitTest.java b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/forms/RecordsManagementTypeFormFilterUnitTest.java
index 0af4780f7e..88e2df8d01 100644
--- a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/forms/RecordsManagementTypeFormFilterUnitTest.java
+++ b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/forms/RecordsManagementTypeFormFilterUnitTest.java
@@ -18,6 +18,7 @@
*/
package org.alfresco.module.org_alfresco_module_rm.forms;
+import static org.alfresco.module.org_alfresco_module_rm.test.util.AlfMock.generateQName;
import static org.mockito.Matchers.any;
import static org.mockito.Matchers.anyListOf;
import static org.mockito.Matchers.anyString;
@@ -56,7 +57,7 @@ import org.mockito.Spy;
*/
public class RecordsManagementTypeFormFilterUnitTest extends BaseUnitTest
{
- private static final QName MY_CUSTOM_TYPE = generateQName();
+ private static final QName MY_CUSTOM_TYPE = generateQName(RM_URI);
@Mock private Form mockForm;
@Mock private TypeDefinition mockTypeDefinition;
@@ -163,7 +164,7 @@ public class RecordsManagementTypeFormFilterUnitTest extends BaseUnitTest
Map properties = new HashMap(size);
for (int i = 0; i < size; i++)
{
- QName name = generateQName();
+ QName name = generateQName(RM_URI);
PropertyDefinition propDef = mock(PropertyDefinition.class);
when(propDef.getName()).thenReturn(name);
DataTypeDefinition mockDataTypeDefinition = mock(DataTypeDefinition.class);
diff --git a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/hold/HoldServiceImplUnitTest.java b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/hold/HoldServiceImplUnitTest.java
index 4b017a54cf..655c64a0a0 100644
--- a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/hold/HoldServiceImplUnitTest.java
+++ b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/hold/HoldServiceImplUnitTest.java
@@ -18,6 +18,7 @@
*/
package org.alfresco.module.org_alfresco_module_rm.hold;
+import static org.alfresco.module.org_alfresco_module_rm.test.util.AlfMock.generateQName;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
diff --git a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/job/DispositionLifecycleJobExecuterUnitTest.java b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/job/DispositionLifecycleJobExecuterUnitTest.java
index fddc81c341..ccfd819a75 100644
--- a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/job/DispositionLifecycleJobExecuterUnitTest.java
+++ b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/job/DispositionLifecycleJobExecuterUnitTest.java
@@ -18,16 +18,17 @@
*/
package org.alfresco.module.org_alfresco_module_rm.job;
+import static org.alfresco.module.org_alfresco_module_rm.test.util.AlfMock.generateQName;
import static org.mockito.Matchers.any;
+import static org.mockito.Matchers.anyMap;
import static org.mockito.Matchers.anyString;
+import static org.mockito.Matchers.contains;
import static org.mockito.Matchers.eq;
import static org.mockito.Mockito.doReturn;
import static org.mockito.Mockito.times;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.verifyNoMoreInteractions;
import static org.mockito.Mockito.verifyZeroInteractions;
-import static org.mockito.Mockito.anyMap;
-import static org.mockito.Mockito.contains;
import java.util.Collections;
import java.util.List;
diff --git a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/jscript/app/evaluator/TransferEvaluatorUnitTest.java b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/jscript/app/evaluator/TransferEvaluatorUnitTest.java
index 2dfdd1b359..334eb41634 100644
--- a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/jscript/app/evaluator/TransferEvaluatorUnitTest.java
+++ b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/jscript/app/evaluator/TransferEvaluatorUnitTest.java
@@ -18,6 +18,7 @@
*/
package org.alfresco.module.org_alfresco_module_rm.jscript.app.evaluator;
+import static org.alfresco.module.org_alfresco_module_rm.test.util.AlfMock.generateQName;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
import static org.mockito.Mockito.doReturn;
diff --git a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/record/RecordServiceImplUnitTest.java b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/record/RecordServiceImplUnitTest.java
index 0f2ac51bfe..bc108f6d4c 100755
--- a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/record/RecordServiceImplUnitTest.java
+++ b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/record/RecordServiceImplUnitTest.java
@@ -18,6 +18,8 @@
*/
package org.alfresco.module.org_alfresco_module_rm.record;
+import static org.alfresco.module.org_alfresco_module_rm.test.util.AlfMock.generateQName;
+import static org.alfresco.module.org_alfresco_module_rm.test.util.AlfMock.generateText;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
diff --git a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/test/util/AlfMock.java b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/test/util/AlfMock.java
new file mode 100755
index 0000000000..16a7cb1eeb
--- /dev/null
+++ b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/test/util/AlfMock.java
@@ -0,0 +1,121 @@
+/*
+ * Copyright (C) 2005-2014 Alfresco Software Limited.
+ *
+ * This file is part of Alfresco
+ *
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see .
+ */
+package org.alfresco.module.org_alfresco_module_rm.test.util;
+
+import static org.mockito.Matchers.eq;
+import static org.mockito.Mockito.doReturn;
+import static org.mockito.Mockito.when;
+
+import java.util.UUID;
+
+import org.alfresco.model.ContentModel;
+import org.alfresco.service.cmr.repository.NodeRef;
+import org.alfresco.service.cmr.repository.NodeService;
+import org.alfresco.service.cmr.repository.StoreRef;
+import org.alfresco.service.namespace.QName;
+import org.alfresco.util.GUID;
+
+/**
+ * Utilities helpful when mocking Alfresco constructs.
+ *
+ * @author Roy Wetherall
+ * @since 3.0
+ */
+public class AlfMock
+{
+ /**
+ * Helper to generate random text value suitable for a property
+ * value or node name
+ */
+ public static String generateText()
+ {
+ return UUID.randomUUID().toString();
+ }
+
+ /**
+ * Helper method to generate a qname.
+ */
+ public static QName generateQName()
+ {
+ return generateQName(GUID.generate());
+ }
+
+ /**
+ * Helper method to generate a qname.
+ */
+ public static QName generateQName(String uri)
+ {
+ return QName.createQName(uri, GUID.generate());
+ }
+
+ /**
+ * Helper method to generate a node reference.
+ *
+ * @return {@link NodeRef} node reference that behaves like a node that exists in the spaces store
+ */
+ public static NodeRef generateNodeRef(NodeService mockedNodeService)
+ {
+ return generateNodeRef(mockedNodeService, null);
+ }
+
+ /**
+ * Helper method to generate a node reference of a particular type.
+ *
+ * @param type content type qualified name
+ * @return {@link NodeRef} node reference that behaves like a node that exists in the spaces store with
+ * the content type provided
+ */
+ public static NodeRef generateNodeRef(NodeService mockedNodeService, QName type)
+ {
+ return generateNodeRef(mockedNodeService, type, true);
+ }
+
+ /**
+ * Helper method to generate a cm:content node reference with a given name.
+ *
+ * @param name content name
+ * @return NodeRef node reference
+ */
+ public static NodeRef generateCmContent(NodeService mockedNodeService, String name)
+ {
+ NodeRef nodeRef = generateNodeRef(mockedNodeService, ContentModel.TYPE_CONTENT, true);
+ doReturn(name).when(mockedNodeService).getProperty(nodeRef, ContentModel.PROP_NAME);
+ return nodeRef;
+ }
+
+ /**
+ * Helper method to generate a node reference of a particular type with a given existence characteristic.
+ *
+ * @param type content type qualified name
+ * @param exists indicates whether this node should behave like a node that exists or not
+ * @return {@link NodeRef} node reference that behaves like a node that exists (or not) in the spaces store with
+ * the content type provided
+ */
+ public static NodeRef generateNodeRef(NodeService mockedNodeService, QName type, boolean exists)
+ {
+ NodeRef nodeRef = new NodeRef(StoreRef.STORE_REF_WORKSPACE_SPACESSTORE, GUID.generate());
+ when(mockedNodeService.exists(eq(nodeRef))).thenReturn(exists);
+ if (type != null)
+ {
+ when(mockedNodeService.getType(eq(nodeRef))).thenReturn(type);
+ }
+ return nodeRef;
+ }
+
+}
diff --git a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/test/util/BaseUnitTest.java b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/test/util/BaseUnitTest.java
index b4bad96b62..173fd4781d 100644
--- a/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/test/util/BaseUnitTest.java
+++ b/rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/test/util/BaseUnitTest.java
@@ -18,6 +18,7 @@
*/
package org.alfresco.module.org_alfresco_module_rm.test.util;
+import static org.alfresco.module.org_alfresco_module_rm.test.util.AlfMock.generateQName;
import static org.mockito.Matchers.any;
import static org.mockito.Matchers.eq;
import static org.mockito.Mockito.doAnswer;
@@ -28,7 +29,6 @@ import static org.mockito.Mockito.when;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
-import java.util.UUID;
import org.alfresco.model.ContentModel;
import org.alfresco.module.org_alfresco_module_rm.action.RecordsManagementActionService;
@@ -189,32 +189,13 @@ public class BaseUnitTest implements RecordsManagementModel, ContentModel
// set record as child of record folder
List result = new ArrayList(1);
- result.add(new ChildAssociationRef(ContentModel.ASSOC_CONTAINS, recordFolder, generateQName(), record, true, 1));
+ result.add(new ChildAssociationRef(ContentModel.ASSOC_CONTAINS, recordFolder, generateQName(RM_URI), record, true, 1));
doReturn(result).when(mockedNodeService).getChildAssocs(eq(recordFolder), eq(ContentModel.ASSOC_CONTAINS), any(QNamePattern.class));
doReturn(result).when(mockedNodeService).getParentAssocs(record);
doReturn(Collections.singletonList(recordFolder)).when(mockedRecordFolderService).getRecordFolders(record);
doReturn(Collections.singletonList(record)).when(mockedRecordService).getRecords(recordFolder);
}
- /**
- * Helper to generate random text value suitable for a property
- * value or node name
- */
- protected String generateText()
- {
- return UUID.randomUUID().toString();
- }
-
- /**
- * Helper method to generate a qname.
- *
- * @return QName qualified name
- */
- protected static QName generateQName()
- {
- return QName.createQName(RM_URI, GUID.generate());
- }
-
/**
* Helper method to generate hold reference
*