mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-10-15 15:02:20 +00:00
Merged HEAD (5.1) to 5.1.N (5.1.1)
120082 bhorje: ACE-4845 added definition retrieval transaction enforcement and denial of unauthenticated virtualization git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/BRANCHES/DEV/5.1.N/root@120200 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Andreea Dragoi
@@ -30,6 +30,7 @@ import java.util.Map;
|
||||
import java.util.Map.Entry;
|
||||
import java.util.Set;
|
||||
|
||||
import javax.transaction.Status;
|
||||
import javax.transaction.UserTransaction;
|
||||
|
||||
import junit.framework.TestCase;
|
||||
@@ -59,10 +60,12 @@ import org.alfresco.service.namespace.QName;
|
||||
import org.alfresco.service.transaction.TransactionService;
|
||||
import org.alfresco.traitextender.SpringExtensionBundle;
|
||||
import org.alfresco.util.ApplicationContextHelper;
|
||||
import org.alfresco.util.transaction.TransactionSupportUtil;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.junit.Ignore;
|
||||
import org.springframework.context.ApplicationContext;
|
||||
import org.springframework.transaction.support.TransactionSynchronizationManager;
|
||||
|
||||
@Ignore
|
||||
public abstract class VirtualizationIntegrationTest extends TestCase implements VirtualizationTest
|
||||
@@ -149,11 +152,15 @@ public abstract class VirtualizationIntegrationTest extends TestCase implements
|
||||
|
||||
protected NodeRef rootNodeRef;
|
||||
|
||||
protected NodeRef companyHomeNodeRef;
|
||||
|
||||
protected ActualEnvironment environment;
|
||||
|
||||
protected TypeAndAspectsFormProcessor typeAndAspectsFormProcessor;
|
||||
|
||||
private UserTransaction txn;
|
||||
protected String txnTamperHint;
|
||||
|
||||
protected UserTransaction txn;
|
||||
|
||||
protected AuthenticationComponent authenticationComponent;
|
||||
|
||||
@@ -179,7 +186,7 @@ public abstract class VirtualizationIntegrationTest extends TestCase implements
|
||||
contentService = serviceRegistry.getContentService();
|
||||
fileAndFolderService = serviceRegistry.getFileFolderService();
|
||||
permissionService = serviceRegistry.getPermissionService();
|
||||
searchService=serviceRegistry.getSearchService();
|
||||
searchService = serviceRegistry.getSearchService();
|
||||
|
||||
authenticationComponent = ctx.getBean("authenticationComponent",
|
||||
AuthenticationComponent.class);
|
||||
@@ -215,8 +222,8 @@ public abstract class VirtualizationIntegrationTest extends TestCase implements
|
||||
txn.begin();
|
||||
|
||||
AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getAdminUserName());
|
||||
NodeRef root = repository.getCompanyHome();
|
||||
testRootFolder = fileAndFolderService.create(root,
|
||||
companyHomeNodeRef = repository.getCompanyHome();
|
||||
testRootFolder = fileAndFolderService.create(companyHomeNodeRef,
|
||||
TEST_ROOT_FOLDER_NAME,
|
||||
ContentModel.TYPE_FOLDER);
|
||||
|
||||
@@ -243,7 +250,17 @@ public abstract class VirtualizationIntegrationTest extends TestCase implements
|
||||
configuredTemplatesClassPath = null;
|
||||
}
|
||||
authenticationComponent.clearCurrentSecurityContext();
|
||||
txn.rollback();
|
||||
try
|
||||
{
|
||||
txn.rollback();
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
logger.error("Test tear down failed. Has the test setup transaction been tempered with ? Hint : "
|
||||
+ txnTamperHint,
|
||||
e);
|
||||
}
|
||||
|
||||
super.tearDown();
|
||||
}
|
||||
|
||||
|
||||
@@ -19,8 +19,18 @@
|
||||
|
||||
package org.alfresco.repo.virtual.store;
|
||||
|
||||
import org.alfresco.repo.virtual.VirtualizationIntegrationTest;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
|
||||
import org.alfresco.model.ContentModel;
|
||||
import org.alfresco.repo.content.MimetypeMap;
|
||||
import org.alfresco.repo.virtual.VirtualizationException;
|
||||
import org.alfresco.repo.virtual.VirtualizationIntegrationTest;
|
||||
import org.alfresco.repo.virtual.ref.Protocols;
|
||||
import org.alfresco.repo.virtual.ref.Reference;
|
||||
import org.alfresco.repo.virtual.ref.VanillaProtocol;
|
||||
import org.alfresco.repo.virtual.ref.VirtualProtocol;
|
||||
import org.alfresco.repo.virtual.template.ApplyTemplateMethodTest;
|
||||
import org.alfresco.service.cmr.repository.ChildAssociationRef;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.cmr.security.AccessStatus;
|
||||
import org.alfresco.service.cmr.security.PermissionService;
|
||||
@@ -44,6 +54,69 @@ public class VirtualStoreImplTest extends VirtualizationIntegrationTest
|
||||
|
||||
}
|
||||
|
||||
public void testResolveVirtualFolderDefinition_inactiveSynchronization() throws Exception
|
||||
{
|
||||
txnTamperHint = "VirtualStoreImplTest::testResolveVirtualFolderDefinition_inactiveSynchronization";
|
||||
txn.rollback();
|
||||
NodeRef ntVirtualizedFolder = null;
|
||||
NodeRef jsonTemplateContent = null;
|
||||
try
|
||||
{
|
||||
final String templateName = "template1.json";
|
||||
jsonTemplateContent = nodeService.getChildByName(companyHomeNodeRef,
|
||||
ContentModel.ASSOC_CONTAINS,
|
||||
templateName);
|
||||
if (jsonTemplateContent == null)
|
||||
{
|
||||
ChildAssociationRef templateChild = createContent(companyHomeNodeRef,
|
||||
templateName,
|
||||
ApplyTemplateMethodTest.class
|
||||
.getResourceAsStream(TEST_TEMPLATE_1_JSON_NAME),
|
||||
MimetypeMap.MIMETYPE_JSON,
|
||||
StandardCharsets.UTF_8.name());
|
||||
jsonTemplateContent = templateChild.getChildRef();
|
||||
}
|
||||
|
||||
final String folderName = "testCanVirtualize_nonTransactional";
|
||||
ntVirtualizedFolder = nodeService.getChildByName(companyHomeNodeRef,
|
||||
ContentModel.ASSOC_CONTAINS,
|
||||
folderName);
|
||||
if (ntVirtualizedFolder == null)
|
||||
{
|
||||
ChildAssociationRef folderChild = createFolder(companyHomeNodeRef,
|
||||
folderName);
|
||||
ntVirtualizedFolder = folderChild.getChildRef();
|
||||
}
|
||||
|
||||
Reference aVanillaRef = ((VanillaProtocol) Protocols.VANILLA.protocol)
|
||||
.newReference(VANILLA_PROCESSOR_JS_CLASSPATH,
|
||||
"/1",
|
||||
ntVirtualizedFolder,
|
||||
jsonTemplateContent);
|
||||
|
||||
// We use transactional-synchronized resources for caching. In
|
||||
// non-transactional contexts they might not be available.
|
||||
virtualStore.resolveVirtualFolderDefinition(aVanillaRef);
|
||||
|
||||
}
|
||||
finally
|
||||
{
|
||||
|
||||
txn = transactionService.getUserTransaction();
|
||||
txn.begin();
|
||||
if (ntVirtualizedFolder != null)
|
||||
{
|
||||
nodeService.deleteNode(ntVirtualizedFolder);
|
||||
}
|
||||
|
||||
if (jsonTemplateContent != null)
|
||||
{
|
||||
nodeService.deleteNode(jsonTemplateContent);
|
||||
}
|
||||
txn.commit();
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testNonVirtualizable() throws Exception
|
||||
{
|
||||
@@ -71,46 +144,77 @@ public class VirtualStoreImplTest extends VirtualizationIntegrationTest
|
||||
assertEquals(false,
|
||||
canVirtualize);
|
||||
}
|
||||
|
||||
|
||||
private String asTypedPermission(String perm)
|
||||
{
|
||||
return virtualStore.getUserPermissions().getPermissionTypeQName()+"."+perm;
|
||||
return virtualStore.getUserPermissions().getPermissionTypeQName() + "." + perm;
|
||||
}
|
||||
|
||||
private void assertHasQueryNodePermission(AccessStatus accessStatus,String perm)
|
||||
|
||||
private void assertHasQueryNodePermission(AccessStatus accessStatus, String perm)
|
||||
{
|
||||
VirtualUserPermissions virtualUserPermissions = virtualStore.getUserPermissions();
|
||||
|
||||
assertEquals(AccessStatus.DENIED,virtualUserPermissions.hasQueryNodePermission(perm));
|
||||
assertEquals(AccessStatus.DENIED,virtualUserPermissions.hasQueryNodePermission(asTypedPermission(perm)));
|
||||
|
||||
assertEquals(AccessStatus.DENIED,
|
||||
virtualUserPermissions.hasQueryNodePermission(perm));
|
||||
assertEquals(AccessStatus.DENIED,
|
||||
virtualUserPermissions.hasQueryNodePermission(asTypedPermission(perm)));
|
||||
}
|
||||
|
||||
private void assertHasVirtualNodePermission(AccessStatus accessStatus,String perm,boolean readonly)
|
||||
|
||||
private void assertHasVirtualNodePermission(AccessStatus accessStatus, String perm, boolean readonly)
|
||||
{
|
||||
VirtualUserPermissions virtualUserPermissions = virtualStore.getUserPermissions();
|
||||
|
||||
assertEquals(AccessStatus.DENIED,virtualUserPermissions.hasVirtualNodePermission(perm,readonly));
|
||||
assertEquals(AccessStatus.DENIED,virtualUserPermissions.hasVirtualNodePermission(asTypedPermission(perm),readonly));
|
||||
|
||||
assertEquals(AccessStatus.DENIED,
|
||||
virtualUserPermissions.hasVirtualNodePermission(perm,
|
||||
readonly));
|
||||
assertEquals(AccessStatus.DENIED,
|
||||
virtualUserPermissions.hasVirtualNodePermission(asTypedPermission(perm),
|
||||
readonly));
|
||||
}
|
||||
|
||||
|
||||
@Test
|
||||
public void testConfiguredUserPermissions() throws Exception
|
||||
{
|
||||
assertHasQueryNodePermission(AccessStatus.DENIED,PermissionService.DELETE);
|
||||
assertHasQueryNodePermission(AccessStatus.DENIED,PermissionService.DELETE_NODE);
|
||||
assertHasQueryNodePermission(AccessStatus.DENIED,PermissionService.CHANGE_PERMISSIONS);
|
||||
assertHasQueryNodePermission(AccessStatus.DENIED,
|
||||
PermissionService.DELETE);
|
||||
assertHasQueryNodePermission(AccessStatus.DENIED,
|
||||
PermissionService.DELETE_NODE);
|
||||
assertHasQueryNodePermission(AccessStatus.DENIED,
|
||||
PermissionService.CHANGE_PERMISSIONS);
|
||||
|
||||
assertHasVirtualNodePermission(AccessStatus.DENIED,PermissionService.CREATE_ASSOCIATIONS,true);
|
||||
assertHasVirtualNodePermission(AccessStatus.DENIED,PermissionService.UNLOCK,true);
|
||||
assertHasVirtualNodePermission(AccessStatus.DENIED,PermissionService.CANCEL_CHECK_OUT,true);
|
||||
assertHasVirtualNodePermission(AccessStatus.DENIED,PermissionService.DELETE,true);
|
||||
assertHasVirtualNodePermission(AccessStatus.DENIED,PermissionService.DELETE_NODE,true);
|
||||
assertHasVirtualNodePermission(AccessStatus.DENIED,PermissionService.CHANGE_PERMISSIONS,true);
|
||||
assertHasVirtualNodePermission(AccessStatus.DENIED,PermissionService.WRITE_CONTENT,true);
|
||||
assertHasVirtualNodePermission(AccessStatus.DENIED,PermissionService.WRITE,true);
|
||||
assertHasVirtualNodePermission(AccessStatus.DENIED,PermissionService.WRITE_PROPERTIES,true);
|
||||
assertHasVirtualNodePermission(AccessStatus.DENIED,PermissionService.WRITE,false);
|
||||
assertHasVirtualNodePermission(AccessStatus.DENIED,PermissionService.WRITE_PROPERTIES,false);
|
||||
assertHasVirtualNodePermission(AccessStatus.DENIED,
|
||||
PermissionService.CREATE_ASSOCIATIONS,
|
||||
true);
|
||||
assertHasVirtualNodePermission(AccessStatus.DENIED,
|
||||
PermissionService.UNLOCK,
|
||||
true);
|
||||
assertHasVirtualNodePermission(AccessStatus.DENIED,
|
||||
PermissionService.CANCEL_CHECK_OUT,
|
||||
true);
|
||||
assertHasVirtualNodePermission(AccessStatus.DENIED,
|
||||
PermissionService.DELETE,
|
||||
true);
|
||||
assertHasVirtualNodePermission(AccessStatus.DENIED,
|
||||
PermissionService.DELETE_NODE,
|
||||
true);
|
||||
assertHasVirtualNodePermission(AccessStatus.DENIED,
|
||||
PermissionService.CHANGE_PERMISSIONS,
|
||||
true);
|
||||
assertHasVirtualNodePermission(AccessStatus.DENIED,
|
||||
PermissionService.WRITE_CONTENT,
|
||||
true);
|
||||
assertHasVirtualNodePermission(AccessStatus.DENIED,
|
||||
PermissionService.WRITE,
|
||||
true);
|
||||
assertHasVirtualNodePermission(AccessStatus.DENIED,
|
||||
PermissionService.WRITE_PROPERTIES,
|
||||
true);
|
||||
assertHasVirtualNodePermission(AccessStatus.DENIED,
|
||||
PermissionService.WRITE,
|
||||
false);
|
||||
assertHasVirtualNodePermission(AccessStatus.DENIED,
|
||||
PermissionService.WRITE_PROPERTIES,
|
||||
false);
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user