Build fix for breaking test case.

Bug fix invitation service was approving too many invitations! 
Implemented security rules for who is allowed to cancel a moderated invitation.
Continuing implementation of group authority scripts.

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@13815 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261

config/alfresco/authority-services-context.xml

@@ -63,5 +63,14 @@
             <ref bean="userToAuthorityCache" />
         </property>
     </bean>
+    
+    
+    <!--  Expose the Authority service to Java script API ROOT Scopeable object called "groups" -->
+    <bean id="authorityServiceScript" parent="baseJavaScriptExtension" class="org.alfresco.repo.security.authority.script.ScriptAuthorityService">
+        <property name="extensionName">
+            <value>groups</value>
+        </property>
+        <property name="authorityService" ref="AuthorityService"/>
+    </bean>
 
 </beans>

source/java/org/alfresco/repo/invitation/InvitationServiceImpl.java

@@ -307,6 +307,7 @@ public class InvitationServiceImpl implements InvitationService
 			wfModeratedTaskQuery.setTaskState(WorkflowTaskState.IN_PROGRESS);		
 			wfModeratedTaskQuery.setTaskName(WorkflowModelModeratedInvitation.WF_REVIEW_TASK);
 			wfModeratedTaskQuery.setProcessName(WorkflowModelModeratedInvitation.WF_PROCESS_INVITATION_MODERATED);
+	        wfModeratedTaskQuery.setProcessId(invitationId);
 
 			// query for invite review tasks
 			List<WorkflowTask> wf_moderated_tasks = this.workflowService
@@ -323,7 +324,7 @@ public class InvitationServiceImpl implements InvitationService
 		}
 		else
 		{
-		    throw new InvitationException("State error, cannot call approve");
+		    throw new InvitationException("State error, cannot call approve on this type of invitation" + invitation.getClass().getName());
 		}
 		return invitation;
 
@@ -368,6 +369,7 @@ public class InvitationServiceImpl implements InvitationService
 			wfModeratedTaskQuery.setTaskState(WorkflowTaskState.IN_PROGRESS);		
 			wfModeratedTaskQuery.setTaskName(WorkflowModelModeratedInvitation.WF_REVIEW_TASK);
 			wfModeratedTaskQuery.setProcessName(WorkflowModelModeratedInvitation.WF_PROCESS_INVITATION_MODERATED);
+	        wfModeratedTaskQuery.setProcessId(invitationId);
 
 			// query for invite review tasks
 			List<WorkflowTask> wf_moderated_tasks = this.workflowService
@@ -428,7 +430,13 @@ public class InvitationServiceImpl implements InvitationService
 
 		if (invitation instanceof ModeratedInvitation) 
 		{
-			// TODO Who is allowed to cancel ?
+			// Moderated invitation may be cancelled by either a site manager or the invitee.
+			String currentUserName = this.authenticationService.getCurrentUserName();
+			
+			if(!currentUserName.equals(((ModeratedInvitation) invitation).getInviteeUserName()))
+			{
+				checkManagerRole(currentUserName, invitation.getResourceType(), invitation.getResourceName());
+			}
 			workflowService.cancelWorkflow(invitationId);
 		}
 

source/java/org/alfresco/repo/invitation/InvitationServiceImplTest.java

@@ -761,19 +761,13 @@ public class InvitationServiceImplTest extends BaseAlfrescoSpringTest
 
     	
     	/**
-    	 * Negative test - search with an empty criteria
+    	 * Search with an empty criteria - should find all open invitations
     	 */
     	InvitationSearchCriteria crit2 = new InvitationSearchCriteriaImpl();
-    	try 
-    	{
-    		List<Invitation> resSix = invitationService.searchInvitation(crit2);
-    		assertTrue("exception not thrown", false);
-    	} 
-    	catch (InvitationExceptionUserError e)
-    	{
-    		// Should go here - no criteria
-    	}
     	
+    	List<Invitation> resSix = invitationService.searchInvitation(crit2);
+    	assertTrue("search everything returned 0 elements", resFive.size() > 0);
+      	
     }
     
     

source/java/org/alfresco/repo/security/authority/script/Authority.java

@@ -0,0 +1,35 @@
+/*
+ * Copyright (C) 2005-2009 Alfresco Software Limited.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+ * As a special exception to the terms and conditions of version 2.0 of 
+ * the GPL, you may redistribute this Program in connection with Free/Libre 
+ * and Open Source Software ("FLOSS") applications as described in Alfresco's 
+ * FLOSS exception.  You should have recieved a copy of the text describing 
+ * the FLOSS exception, and it is also available here: 
+ * http://www.alfresco.com/legal/licensing"
+ */
+package org.alfresco.repo.security.authority.script;
+
+public interface Authority 
+{
+    public enum ScriptAuthorityType { GROUP, USER }; 
+    public ScriptAuthorityType getAuthorityType();
+    public String getShortName();
+    public String getFullName();
+    public String getDisplayName();
+
+}

source/java/org/alfresco/repo/security/authority/script/ScriptAuthorityService.java

@@ -0,0 +1,116 @@
+/*
+ * Copyright (C) 2005-2009 Alfresco Software Limited.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+ * As a special exception to the terms and conditions of version 2.0 of 
+ * the GPL, you may redistribute this Program in connection with Free/Libre 
+ * and Open Source Software ("FLOSS") applications as described in Alfresco's 
+ * FLOSS exception.  You should have recieved a copy of the text describing 
+ * the FLOSS exception, and it is also available here: 
+ * http://www.alfresco.com/legal/licensing"
+ */
+package org.alfresco.repo.security.authority.script;
+
+import java.util.List;
+import java.util.Set;
+
+import org.alfresco.repo.jscript.BaseScopableProcessorExtension;
+import org.alfresco.service.cmr.security.AuthorityService;
+import org.alfresco.service.cmr.security.AuthorityType;
+
+
+
+
+/**
+ * Script object representing the authority service.
+ * 
+ * Provides Script access to groups and may in future be extended for roles and people.
+ * 
+ * @author Mark Rogers
+ */
+public class ScriptAuthorityService extends BaseScopableProcessorExtension
+{    
+	
+    /** The  service */
+    private AuthorityService authorityService;
+
+	public void setAuthorityService(AuthorityService authorityService) {
+		this.authorityService = authorityService;
+	}
+
+	public AuthorityService getAuthorityService() {
+		return authorityService;
+	}
+	
+	/**
+	 * Search the root groups, those without a parent group.
+	 * @return The root groups (empty if there are no root groups)
+	 */
+	public ScriptGroup[] searchRootGroups(String pattern, boolean includeInternal)
+	{
+		ScriptGroup[] groups = new ScriptGroup[0];
+		Set<String> authorities = authorityService.getAllRootAuthorities(AuthorityType.GROUP);
+		return groups;
+	}
+	
+	/**
+	 * Get the root groups, those without a parent group.
+	 * @return The root groups (empty if there are no root groups)
+	 */
+	public ScriptGroup[] getAllRootGroups(boolean includeInternal)
+	{
+		ScriptGroup[] groups = new ScriptGroup[0];
+		Set<String> authorities = authorityService.getAllRootAuthorities(AuthorityType.GROUP);
+		return groups;
+	}
+    
+	/**
+	 * Get a group given its short name
+	 * @param shortName
+	 * @return
+	 */
+	public ScriptGroup getGroup(String shortName)
+	{
+		Set<String> authorities = authorityService.findAuthorities(AuthorityType.GROUP, shortName);
+		return new ScriptGroup();
+	}
+	
+	/**
+	 * Create a new root group
+	 * @return
+	 */
+	public ScriptGroup createRootGroup(String shortName, String displayName)
+	{
+		String newName = authorityService.createAuthority(AuthorityType.GROUP, null, shortName, displayName);
+		
+		return new ScriptGroup();
+	}
+	
+	/**
+	 * Search for groups
+	 * 
+	 * @param shortNameFilter partial match on shortName (* and ?) work. if empty then matches everything.
+	 * @param includeInternal
+	 * @return the groups matching the query
+	 */
+	public ScriptGroup[] listGroups(String shortNameFilter, boolean includeInternal)
+	{
+		ScriptGroup[] groups = new ScriptGroup[0];
+		Set<String> authorities = authorityService.findAuthorities(AuthorityType.GROUP, shortNameFilter);
+		return groups;
+	}
+	
+}

source/java/org/alfresco/repo/security/authority/script/ScriptGroup.java

@@ -0,0 +1,126 @@
+/*
+ * Copyright (C) 2005-2009 Alfresco Software Limited.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+ * As a special exception to the terms and conditions of version 2.0 of 
+ * the GPL, you may redistribute this Program in connection with Free/Libre 
+ * and Open Source Software ("FLOSS") applications as described in Alfresco's 
+ * FLOSS exception.  You should have recieved a copy of the text describing 
+ * the FLOSS exception, and it is also available here: 
+ * http://www.alfresco.com/legal/licensing"
+ */
+package org.alfresco.repo.security.authority.script;
+
+import java.io.Serializable;
+
+import java.util.Set;
+
+import org.alfresco.repo.security.authority.script.Authority.ScriptAuthorityType;
+import org.alfresco.service.cmr.security.AuthorityService;
+import org.alfresco.service.cmr.security.AuthorityType;
+
+/**
+ * The Script group is a GROUP authority exposed to the scripting API
+ * @author mrogers
+ */
+public class ScriptGroup implements Authority, Serializable
+{
+	private transient AuthorityService authorityService;
+    private ScriptAuthorityType authorityType = ScriptAuthorityType.GROUP;
+    private String shortName;
+    private String fullName;
+    private String displayName;
+    
+	/**
+	 * Delete this group
+	 */
+	public void deleteGroup()
+	{
+		authorityService.deleteAuthority(fullName);
+	}
+	
+	/**
+	 * Get the parents of this group.
+	 */
+	ScriptGroup[] getParents()
+	{
+		return null;
+	}
+
+	public void setAuthorityType(ScriptAuthorityType authorityType) {
+		this.authorityType = authorityType;
+	}
+
+	public ScriptAuthorityType getAuthorityType() {
+		return authorityType;
+	}
+
+	public void setShortName(String shortName) {
+		this.shortName = shortName;
+	}
+
+	public String getShortName() {
+		return shortName;
+	}
+
+	public void setFullName(String fullName) {
+		this.fullName = fullName;
+	}
+
+	public String getFullName() {
+		return fullName;
+	}
+
+	public void setDisplayName(String displayName) {
+		this.displayName = displayName;
+	}
+
+	public String getDisplayName() {
+		return displayName;
+	}
+	
+	/**
+	 * Get child groups of this group
+	 */
+	ScriptUser[] getUsers()
+	{
+		Set<String> users = authorityService.getContainedAuthorities(AuthorityType.USER, fullName, true);
+		//TODO
+		return null;
+	}
+	
+	/**
+	 * Get child groups of this group
+	 */
+	ScriptGroup[] getChildGroups()
+	{
+		Set<String> children = authorityService.getContainedAuthorities(AuthorityType.GROUP, fullName, true);
+		//TODO
+		
+		return null;
+	}
+	
+	/**
+	 * Get the parents of this this group
+	 */
+	ScriptGroup[] getParentGroups()
+	{
+		Set<String> parents = authorityService.getContainingAuthorities(AuthorityType.GROUP, fullName, true);
+		//TODO
+		return null;
+	}
+
+}

source/java/org/alfresco/repo/security/authority/script/ScriptUser.java

@@ -0,0 +1,77 @@
+/*
+ * Copyright (C) 2005-2009 Alfresco Software Limited.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+ * As a special exception to the terms and conditions of version 2.0 of 
+ * the GPL, you may redistribute this Program in connection with Free/Libre 
+ * and Open Source Software ("FLOSS") applications as described in Alfresco's 
+ * FLOSS exception.  You should have recieved a copy of the text describing 
+ * the FLOSS exception, and it is also available here: 
+ * http://www.alfresco.com/legal/licensing"
+ */
+package org.alfresco.repo.security.authority.script;
+
+import java.io.Serializable;
+
+import org.alfresco.service.cmr.security.AuthorityService;
+import org.alfresco.service.cmr.security.AuthorityType;
+
+/**
+ * The Script user is a USER authority exposed to the scripting API
+ * 
+ * @author mrogers
+ */
+public class ScriptUser implements Authority, Serializable
+{
+	private transient AuthorityService authorityService;
+    private ScriptAuthorityType authorityType = ScriptAuthorityType.USER;
+    private String shortName;
+    private String fullName;
+    private String displayName;
+    
+	public void setAuthorityType(ScriptAuthorityType authorityType) {
+		this.authorityType = authorityType;
+	}
+
+	public ScriptAuthorityType getAuthorityType() {
+		return authorityType;
+	}
+
+	public void setShortName(String shortName) {
+		this.shortName = shortName;
+	}
+
+	public String getShortName() {
+		return shortName;
+	}
+
+	public void setFullName(String fullName) {
+		this.fullName = fullName;
+	}
+
+	public String getFullName() {
+		return fullName;
+	}
+
+	public void setDisplayName(String displayName) {
+		this.displayName = displayName;
+	}
+
+	public String getDisplayName() {
+		return displayName;
+	}
+	
+}