RM-2123 Fix comparator to be the correct way around.

Also add application context tests to cover this case. +review RM-58 git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@104700 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-07-31 17:39:05 +00:00 · 2015-05-20 15:39:46 +00:00
parent 94c65b83e8
commit 8aa3a6615c
2 changed files with 99 additions and 2 deletions
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/ClassificationLevelComparator.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/ClassificationLevelComparator.java
@@ -21,7 +21,7 @@ package org.alfresco.module.org_alfresco_module_rm.classification;
 import java.util.Comparator;

 /**
- * A class to compare classification levels.
+ * A class to compare classification levels. More secure classification levels are "higher" than less secure levels.
 *
 * @author tpage
 * @since 3.0
@@ -35,11 +35,15 @@ public class ClassificationLevelComparator implements Comparator<ClassificationL
        this.classificationLevelManager = classificationLevelManager;
    }

+    /**
+     * Return a positive number if the first classification level is more secure than the second. {@inheritDoc}
+     */
    @Override
    public int compare(ClassificationLevel oneLevel, ClassificationLevel otherLevel)
    {
        int oneIndex = classificationLevelManager.getClassificationLevels().indexOf(oneLevel);
        int otherIndex = classificationLevelManager.getClassificationLevels().indexOf(otherLevel);
-        return oneIndex - otherIndex;
+        // Smaller indexes are more secure.
+        return otherIndex - oneIndex;
    }
 }
--- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/classification/SecurityClearanceTest.java
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/integration/classification/SecurityClearanceTest.java
@@ -0,0 +1,93 @@
+/*
+ * Copyright (C) 2005-2015 Alfresco Software Limited.
+ *
+ * This file is part of Alfresco
+ *
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
+ */
+package org.alfresco.module.org_alfresco_module_rm.test.integration.classification;
+
+import org.alfresco.module.org_alfresco_module_rm.classification.ClassificationLevel;
+import org.alfresco.module.org_alfresco_module_rm.classification.ClassificationServiceException.LevelIdNotFound;
+import org.alfresco.module.org_alfresco_module_rm.classification.ClearanceLevel;
+import org.alfresco.module.org_alfresco_module_rm.classification.SecurityClearance;
+import org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase;
+
+/**
+ * Application context tests for the security clearance service.
+ *
+ * @author tpage
+ */
+public class SecurityClearanceTest extends BaseRMTestCase
+{
+    @Override
+    protected boolean isUserTest()
+    {
+        return true;
+    };
+
+    /**
+     * Given I am admin
+     * When I try to give a user maximum clearance
+     * Then I am successful.
+     */
+    public void testGiveClearance() throws Exception
+    {
+        doBehaviourDrivenTest(new BehaviourDrivenTest()
+        {
+            private SecurityClearance securityClearance;
+
+            public void when() throws Exception
+            {
+                securityClearance = securityClearanceService.setUserSecurityClearance(userName, "level1");
+            }
+
+            public void then() throws Exception
+            {
+                ClearanceLevel clearanceLevel = securityClearance.getClearanceLevel();
+                ClassificationLevel highestClassificationLevel = clearanceLevel.getHighestClassificationLevel();
+                assertEquals("level1", highestClassificationLevel.getId());
+            }
+        });
+    }
+
+    /**
+     * Given I am a user with level2 access
+     * And I try to give another user level1 access
+     * Then an exception is thrown.
+     */
+    public void testCantGiveClearance() throws Exception
+    {
+        doBehaviourDrivenTest(new BehaviourDrivenTest(LevelIdNotFound.class)
+        {
+            public void given() throws Exception
+            {
+                securityClearanceService.setUserSecurityClearance(userName, "level2");
+            }
+
+            public void when() throws Exception
+            {
+                doTestInTransaction(new Test<Void>()
+                {
+                    @Override
+                    public Void run()
+                    {
+                        securityClearanceService.setUserSecurityClearance(rmUserName, "level1");
+                        return null;
+                    }
+                }, userName);
+            }
+        });
+    }
+}