mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-07-31 17:39:05 +00:00
RM-2130 (Check classification after method execution, filtering results where appropriate)
+review RM-94 git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/DEV/ENFORCE@107270 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Tuna Aksoy
@@ -105,18 +105,14 @@
|
||||
</bean>
|
||||
|
||||
<bean id="collectionPostMethodInvocationProcessor"
|
||||
abstract="true"
|
||||
parent="basePostMethodInvocationProcessor"
|
||||
class="org.alfresco.module.org_alfresco_module_rm.classification.interceptor.processor.CollectionPostMethodInvocationProcessor">
|
||||
</bean>
|
||||
|
||||
<!-- FIXME: Implementation needs to be changed -->
|
||||
<!--
|
||||
<bean id="resultSetPostMethodInvocationProcessor"
|
||||
parent="basePostMethodInvocationProcessor"
|
||||
class="org.alfresco.module.org_alfresco_module_rm.classification.interceptor.processor.ResultSetPostMethodInvocationProcessor">
|
||||
</bean>
|
||||
-->
|
||||
|
||||
<bean id="queryEngineResultsPostMethodInvocationProcessor"
|
||||
parent="basePostMethodInvocationProcessor"
|
||||
|
||||
@@ -20,6 +20,7 @@ package org.alfresco.module.org_alfresco_module_rm.classification.interceptor.pr
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.Iterator;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* Collection Post Method Invocation Processor
|
||||
@@ -35,7 +36,8 @@ public class CollectionPostMethodInvocationProcessor extends BasePostMethodInvoc
|
||||
@Override
|
||||
protected Class<?> getClassName()
|
||||
{
|
||||
return Collection.class;
|
||||
// FIXME!!!
|
||||
return List.class;
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -18,16 +18,18 @@
|
||||
*/
|
||||
package org.alfresco.module.org_alfresco_module_rm.classification.interceptor.processor;
|
||||
|
||||
import static org.alfresco.service.cmr.search.PermissionEvaluationMode.EAGER;
|
||||
|
||||
import java.util.BitSet;
|
||||
import java.util.Iterator;
|
||||
import java.util.List;
|
||||
|
||||
import org.alfresco.repo.search.SimpleResultSetMetaData;
|
||||
import org.alfresco.repo.security.permissions.impl.acegi.FilteringResultSet;
|
||||
import org.alfresco.service.cmr.repository.ChildAssociationRef;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.cmr.search.PermissionEvaluationMode;
|
||||
import org.alfresco.service.cmr.search.ResultSet;
|
||||
import org.alfresco.service.cmr.search.ResultSetMetaData;
|
||||
import org.alfresco.service.cmr.search.ResultSetRow;
|
||||
import org.alfresco.service.cmr.search.SearchParameters;
|
||||
|
||||
/**
|
||||
* ResultSet Post Method Invocation Processor
|
||||
@@ -46,7 +48,6 @@ public class ResultSetPostMethodInvocationProcessor extends BasePostMethodInvoca
|
||||
return ResultSet.class;
|
||||
}
|
||||
|
||||
// FIXME: Change implementation
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.classification.interceptor.processor.CollectionPostMethodInvocationProcessor#process(java.lang.Object)
|
||||
*/
|
||||
@@ -55,46 +56,61 @@ public class ResultSetPostMethodInvocationProcessor extends BasePostMethodInvoca
|
||||
public <T> T process(T object)
|
||||
{
|
||||
T result = object;
|
||||
ResultSet resultSet = getClassName().cast(result);
|
||||
BitSet inclusionMask = new BitSet(resultSet.length());
|
||||
FilteringResultSet filteringResultSet = new FilteringResultSet(resultSet, inclusionMask);
|
||||
|
||||
filteringResultSet.setResultSetMetaData(
|
||||
new SimpleResultSetMetaData(
|
||||
resultSet.getResultSetMetaData().getLimitedBy(),
|
||||
PermissionEvaluationMode.EAGER,
|
||||
resultSet.getResultSetMetaData().getSearchParameters()));
|
||||
|
||||
List<NodeRef> nodeRefs = resultSet.getNodeRefs();
|
||||
if (!nodeRefs.isEmpty())
|
||||
if (result != null)
|
||||
{
|
||||
Iterator<NodeRef> iterator = nodeRefs.iterator();
|
||||
BasePostMethodInvocationProcessor processor = getPostMethodInvocationProcessor().getProcessor(iterator.next());
|
||||
ResultSet returnedObject = getClassName().cast(object);
|
||||
|
||||
for (int i = 0; i < nodeRefs.size(); i++)
|
||||
BitSet inclusionMask = new BitSet(returnedObject.length());
|
||||
FilteringResultSet filteringResultSet = new FilteringResultSet(returnedObject, inclusionMask);
|
||||
|
||||
ResultSetMetaData resultSetMetaData = returnedObject.getResultSetMetaData();
|
||||
SearchParameters searchParameters = resultSetMetaData.getSearchParameters();
|
||||
|
||||
BasePostMethodInvocationProcessor nodeRefProcessor = null;
|
||||
BasePostMethodInvocationProcessor childAssociationRefProcessor = null;
|
||||
|
||||
for (int i = 0; i < returnedObject.length(); i++)
|
||||
{
|
||||
if (processor.process(nodeRefs.get(i)) == null)
|
||||
ResultSetRow row = returnedObject.getRow(i);
|
||||
NodeRef nodeRef = row.getNodeRef();
|
||||
|
||||
if (nodeRefProcessor == null)
|
||||
{
|
||||
nodeRefProcessor = getPostMethodInvocationProcessor().getProcessor(nodeRef);
|
||||
}
|
||||
|
||||
NodeRef processedNodeRef = nodeRefProcessor.process(nodeRef);
|
||||
if (processedNodeRef == null)
|
||||
{
|
||||
inclusionMask.set(i, false);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
ChildAssociationRef childAssocRef = row.getChildAssocRef();
|
||||
|
||||
if (childAssociationRefProcessor == null)
|
||||
{
|
||||
childAssociationRefProcessor = getPostMethodInvocationProcessor().getProcessor(childAssocRef);
|
||||
}
|
||||
|
||||
List<ChildAssociationRef> childAssocRefs = getClassName().cast(filteringResultSet).getChildAssocRefs();
|
||||
if (!childAssocRefs.isEmpty())
|
||||
{
|
||||
Iterator<ChildAssociationRef> iterator = childAssocRefs.iterator();
|
||||
BasePostMethodInvocationProcessor processor = getPostMethodInvocationProcessor().getProcessor(iterator.next());
|
||||
|
||||
for (int i = 0; i < childAssocRefs.size(); i++)
|
||||
{
|
||||
if (processor.process(nodeRefs.get(i)) == null)
|
||||
ChildAssociationRef childAssociationRef = childAssociationRefProcessor.process(childAssocRef);
|
||||
if (childAssociationRef == null)
|
||||
{
|
||||
inclusionMask.set(i, false);
|
||||
}
|
||||
else
|
||||
{
|
||||
inclusionMask.set(i, true);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return (T) filteringResultSet;
|
||||
SimpleResultSetMetaData simpleResultSetMetaData = new SimpleResultSetMetaData(resultSetMetaData.getLimitedBy(), EAGER, searchParameters);
|
||||
filteringResultSet.setResultSetMetaData(simpleResultSetMetaData);
|
||||
result = (T) filteringResultSet;
|
||||
}
|
||||
|
||||
return result;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -0,0 +1,63 @@
|
||||
/*
|
||||
* Copyright (C) 2005-2015 Alfresco Software Limited.
|
||||
*
|
||||
* This file is part of Alfresco
|
||||
*
|
||||
* Alfresco is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Lesser General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* Alfresco is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Lesser General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Lesser General Public License
|
||||
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
package org.alfresco.module.org_alfresco_module_rm.test.integration.classification.interceptor;
|
||||
|
||||
import static org.alfresco.repo.security.authentication.AuthenticationUtil.getAdminUserName;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase;
|
||||
import org.alfresco.service.cmr.repository.ChildAssociationRef;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
|
||||
/**
|
||||
* Base class for classification enforcement tests for the browse action
|
||||
*
|
||||
* @author Tuna Aksoy
|
||||
* @since 3.0
|
||||
*/
|
||||
public class BrowseClassificationEnforcementTestBase extends BaseRMTestCase
|
||||
{
|
||||
protected String testUser;
|
||||
protected static final String LEVEL1 = "level1";
|
||||
protected static final String LEVEL2 = "level2";
|
||||
protected static final String REASON = "Test Reason 1";
|
||||
|
||||
protected List<ChildAssociationRef> browse(NodeRef folder, String userName)
|
||||
{
|
||||
return doTestInTransaction(new Test<List<ChildAssociationRef>>()
|
||||
{
|
||||
@Override
|
||||
public List<ChildAssociationRef> run()
|
||||
{
|
||||
return nodeService.getChildAssocs(folder);
|
||||
}
|
||||
}, userName);
|
||||
}
|
||||
|
||||
protected List<ChildAssociationRef> browseAsAdmin(NodeRef folder)
|
||||
{
|
||||
return browse(folder, getAdminUserName());
|
||||
}
|
||||
|
||||
protected List<ChildAssociationRef> browseAsTestUser(NodeRef folder)
|
||||
{
|
||||
return browse(folder, testUser);
|
||||
}
|
||||
}
|
||||
@@ -23,10 +23,8 @@ import static com.google.common.collect.Sets.newHashSet;
|
||||
import static org.alfresco.repo.site.SiteModel.SITE_MANAGER;
|
||||
import static org.alfresco.util.GUID.generate;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
import org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase;
|
||||
import org.alfresco.service.cmr.repository.ChildAssociationRef;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
|
||||
@@ -36,12 +34,8 @@ import org.alfresco.service.cmr.repository.NodeRef;
|
||||
* @author Tuna Aksoy
|
||||
* @since 3.0
|
||||
*/
|
||||
public class DocumentClassificationEnforcementTest extends BaseRMTestCase
|
||||
public class DocumentBrowseClassificationEnforcementTest extends BrowseClassificationEnforcementTestBase
|
||||
{
|
||||
private static final String LEVEL1 = "level1";
|
||||
private static final String LEVEL2 = "level2";
|
||||
private static final String REASON = "Test Reason 1";
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase#isCollaborationSiteTest()
|
||||
*/
|
||||
@@ -56,18 +50,21 @@ public class DocumentClassificationEnforcementTest extends BaseRMTestCase
|
||||
/**
|
||||
* Given that a test user without security clearance exists
|
||||
* and two documents are created in the document library
|
||||
* and one of the documents is classified with the highest security level
|
||||
*
|
||||
* When one of the documents is classified with the highest security level
|
||||
* When I browse the document library as admin
|
||||
* Then I will see both documents
|
||||
*
|
||||
* Then as the admin user I will see both documents
|
||||
* and as the test user I will only see the unclassified document
|
||||
* When I browse the document library as the test user
|
||||
* Then I will only see the unclassified document
|
||||
*/
|
||||
doBehaviourDrivenTest(new BehaviourDrivenTest()
|
||||
{
|
||||
private String myUser;
|
||||
private NodeRef folder;
|
||||
private NodeRef doc1;
|
||||
private NodeRef doc2;
|
||||
private List<ChildAssociationRef> resultsForAdmin;
|
||||
private List<ChildAssociationRef> resultsForTestUser;
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#given()
|
||||
@@ -75,13 +72,15 @@ public class DocumentClassificationEnforcementTest extends BaseRMTestCase
|
||||
@Override
|
||||
public void given() throws Exception
|
||||
{
|
||||
myUser = generate();
|
||||
createPerson(myUser);
|
||||
siteService.setMembership(collabSiteId, myUser, SITE_MANAGER);
|
||||
testUser = generate();
|
||||
createPerson(testUser);
|
||||
siteService.setMembership(collabSiteId, testUser, SITE_MANAGER);
|
||||
|
||||
folder = fileFolderService.create(documentLibrary, generate(), TYPE_FOLDER).getNodeRef();
|
||||
doc1 = fileFolderService.create(folder, generate(), TYPE_CONTENT).getNodeRef();
|
||||
doc2 = fileFolderService.create(folder, generate(), TYPE_CONTENT).getNodeRef();
|
||||
|
||||
contentClassificationService.classifyContent(LEVEL1, generate(), newHashSet(REASON), doc1);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -90,7 +89,8 @@ public class DocumentClassificationEnforcementTest extends BaseRMTestCase
|
||||
@Override
|
||||
public void when() throws Exception
|
||||
{
|
||||
contentClassificationService.classifyContent(LEVEL1, generate(), newHashSet(REASON), doc1);
|
||||
resultsForAdmin = browseAsAdmin(folder);
|
||||
resultsForTestUser = browseAsTestUser(folder);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -104,13 +104,12 @@ public class DocumentClassificationEnforcementTest extends BaseRMTestCase
|
||||
@Override
|
||||
public Void run()
|
||||
{
|
||||
List<ChildAssociationRef> childAssociationRefs = nodeService.getChildAssocs(folder);
|
||||
assertNotNull(childAssociationRefs);
|
||||
assertEquals(2, childAssociationRefs.size());
|
||||
assertNotNull(resultsForAdmin);
|
||||
assertEquals(2, resultsForAdmin.size());
|
||||
|
||||
ArrayList<NodeRef> docs = newArrayList(doc1, doc2);
|
||||
assertTrue(docs.contains(childAssociationRefs.get(0).getChildRef()));
|
||||
assertTrue(docs.contains(childAssociationRefs.get(1).getChildRef()));
|
||||
List<NodeRef> docs = newArrayList(doc1, doc2);
|
||||
assertTrue(docs.contains(resultsForAdmin.get(0).getChildRef()));
|
||||
assertTrue(docs.contains(resultsForAdmin.get(1).getChildRef()));
|
||||
|
||||
return null;
|
||||
}
|
||||
@@ -121,14 +120,13 @@ public class DocumentClassificationEnforcementTest extends BaseRMTestCase
|
||||
@Override
|
||||
public Void run()
|
||||
{
|
||||
List<ChildAssociationRef> childAssociationRefs = nodeService.getChildAssocs(folder);
|
||||
assertNotNull(childAssociationRefs);
|
||||
assertEquals(1, childAssociationRefs.size());
|
||||
assertEquals(doc2, childAssociationRefs.get(0).getChildRef());
|
||||
assertNotNull(resultsForTestUser);
|
||||
assertEquals(1, resultsForTestUser.size());
|
||||
assertEquals(doc2, resultsForTestUser.get(0).getChildRef());
|
||||
|
||||
return null;
|
||||
}
|
||||
}, myUser);
|
||||
}, testUser);
|
||||
}
|
||||
});
|
||||
}
|
||||
@@ -138,22 +136,25 @@ public class DocumentClassificationEnforcementTest extends BaseRMTestCase
|
||||
/**
|
||||
* Given that a test user with mid-level security clearance exists
|
||||
* and three documents are created in the document library
|
||||
*
|
||||
* When one of the documents is classified with the highest security level
|
||||
* and one of the documents is classified with the highest security level
|
||||
* and another document is classified with the mid-level security level
|
||||
*
|
||||
* Then as the admin user I will see all three documents
|
||||
* and as the test user I will see the unclassified document
|
||||
* When I browse the document library as admin
|
||||
* Then I will see all three documents
|
||||
*
|
||||
* When I browse the document library as the test user
|
||||
* Then I will see the unclassified document
|
||||
* and the document with the mid-level classification
|
||||
* and I won't be able to see the document with the classification greater than my clearance level
|
||||
*/
|
||||
doBehaviourDrivenTest(new BehaviourDrivenTest()
|
||||
{
|
||||
private String myUser;
|
||||
private NodeRef folder;
|
||||
private NodeRef doc1;
|
||||
private NodeRef doc2;
|
||||
private NodeRef doc3;
|
||||
private List<ChildAssociationRef> resultsForAdmin;
|
||||
private List<ChildAssociationRef> resultsForTestUser;
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#given()
|
||||
@@ -161,15 +162,18 @@ public class DocumentClassificationEnforcementTest extends BaseRMTestCase
|
||||
@Override
|
||||
public void given() throws Exception
|
||||
{
|
||||
myUser = generate();
|
||||
createPerson(myUser);
|
||||
siteService.setMembership(collabSiteId, myUser, SITE_MANAGER);
|
||||
securityClearanceService.setUserSecurityClearance(myUser, LEVEL2);
|
||||
testUser = generate();
|
||||
createPerson(testUser);
|
||||
siteService.setMembership(collabSiteId, testUser, SITE_MANAGER);
|
||||
securityClearanceService.setUserSecurityClearance(testUser, LEVEL2);
|
||||
|
||||
folder = fileFolderService.create(documentLibrary, generate(), TYPE_FOLDER).getNodeRef();
|
||||
doc1 = fileFolderService.create(folder, generate(), TYPE_CONTENT).getNodeRef();
|
||||
doc2 = fileFolderService.create(folder, generate(), TYPE_CONTENT).getNodeRef();
|
||||
doc3 = fileFolderService.create(folder, generate(), TYPE_CONTENT).getNodeRef();
|
||||
|
||||
contentClassificationService.classifyContent(LEVEL1, generate(), newHashSet(REASON), doc1);
|
||||
contentClassificationService.classifyContent(LEVEL2, generate(), newHashSet(REASON), doc2);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -178,8 +182,8 @@ public class DocumentClassificationEnforcementTest extends BaseRMTestCase
|
||||
@Override
|
||||
public void when() throws Exception
|
||||
{
|
||||
contentClassificationService.classifyContent(LEVEL1, generate(), newHashSet(REASON), doc1);
|
||||
contentClassificationService.classifyContent(LEVEL2, generate(), newHashSet(REASON), doc2);
|
||||
resultsForAdmin = browseAsAdmin(folder);
|
||||
resultsForTestUser = browseAsTestUser(folder);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -193,14 +197,13 @@ public class DocumentClassificationEnforcementTest extends BaseRMTestCase
|
||||
@Override
|
||||
public Void run()
|
||||
{
|
||||
List<ChildAssociationRef> childAssociationRefs = nodeService.getChildAssocs(folder);
|
||||
assertNotNull(childAssociationRefs);
|
||||
assertEquals(3, childAssociationRefs.size());
|
||||
assertNotNull(resultsForAdmin);
|
||||
assertEquals(3, resultsForAdmin.size());
|
||||
|
||||
ArrayList<NodeRef> docs = newArrayList(doc1, doc2, doc3);
|
||||
assertTrue(docs.contains(childAssociationRefs.get(0).getChildRef()));
|
||||
assertTrue(docs.contains(childAssociationRefs.get(1).getChildRef()));
|
||||
assertTrue(docs.contains(childAssociationRefs.get(2).getChildRef()));
|
||||
List<NodeRef> docs = newArrayList(doc1, doc2, doc3);
|
||||
assertTrue(docs.contains(resultsForAdmin.get(0).getChildRef()));
|
||||
assertTrue(docs.contains(resultsForAdmin.get(1).getChildRef()));
|
||||
assertTrue(docs.contains(resultsForAdmin.get(2).getChildRef()));
|
||||
|
||||
return null;
|
||||
}
|
||||
@@ -211,17 +214,16 @@ public class DocumentClassificationEnforcementTest extends BaseRMTestCase
|
||||
@Override
|
||||
public Void run()
|
||||
{
|
||||
List<ChildAssociationRef> childAssociationRefs = nodeService.getChildAssocs(folder);
|
||||
assertNotNull(childAssociationRefs);
|
||||
assertEquals(2, childAssociationRefs.size());
|
||||
assertNotNull(resultsForTestUser);
|
||||
assertEquals(2, resultsForTestUser.size());
|
||||
|
||||
ArrayList<NodeRef> docs = newArrayList(doc2, doc3);
|
||||
assertTrue(docs.contains(childAssociationRefs.get(0).getChildRef()));
|
||||
assertTrue(docs.contains(childAssociationRefs.get(1).getChildRef()));
|
||||
List<NodeRef> docs = newArrayList(doc2, doc3);
|
||||
assertTrue(docs.contains(resultsForTestUser.get(0).getChildRef()));
|
||||
assertTrue(docs.contains(resultsForTestUser.get(1).getChildRef()));
|
||||
|
||||
return null;
|
||||
}
|
||||
}, myUser);
|
||||
}, testUser);
|
||||
}
|
||||
});
|
||||
}
|
||||
@@ -231,20 +233,23 @@ public class DocumentClassificationEnforcementTest extends BaseRMTestCase
|
||||
/**
|
||||
* Given that a test user with highest level security clearance exists
|
||||
* and three documents are created in the document library
|
||||
*
|
||||
* When one of the documents is classified with the highest security level
|
||||
* and one of the documents is classified with the highest security level
|
||||
* and another document is classified with the mid-level security level
|
||||
*
|
||||
* Then as the admin user I will see all three documents
|
||||
* and as the test user I will see all three documents
|
||||
* When I browse the document library as admin
|
||||
* The I will see all three documents
|
||||
*
|
||||
* When I browse the document library as the test user
|
||||
* The I will see all three documents
|
||||
*/
|
||||
doBehaviourDrivenTest(new BehaviourDrivenTest()
|
||||
{
|
||||
private String myUser;
|
||||
private NodeRef folder;
|
||||
private NodeRef doc1;
|
||||
private NodeRef doc2;
|
||||
private NodeRef doc3;
|
||||
private List<ChildAssociationRef> resultsForAdmin;
|
||||
private List<ChildAssociationRef> resultsForTestUser;
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#given()
|
||||
@@ -252,15 +257,18 @@ public class DocumentClassificationEnforcementTest extends BaseRMTestCase
|
||||
@Override
|
||||
public void given() throws Exception
|
||||
{
|
||||
myUser = generate();
|
||||
createPerson(myUser);
|
||||
siteService.setMembership(collabSiteId, myUser, SITE_MANAGER);
|
||||
securityClearanceService.setUserSecurityClearance(myUser, LEVEL1);
|
||||
testUser = generate();
|
||||
createPerson(testUser);
|
||||
siteService.setMembership(collabSiteId, testUser, SITE_MANAGER);
|
||||
securityClearanceService.setUserSecurityClearance(testUser, LEVEL1);
|
||||
|
||||
folder = fileFolderService.create(documentLibrary, generate(), TYPE_FOLDER).getNodeRef();
|
||||
doc1 = fileFolderService.create(folder, generate(), TYPE_CONTENT).getNodeRef();
|
||||
doc2 = fileFolderService.create(folder, generate(), TYPE_CONTENT).getNodeRef();
|
||||
doc3 = fileFolderService.create(folder, generate(), TYPE_CONTENT).getNodeRef();
|
||||
|
||||
contentClassificationService.classifyContent(LEVEL1, generate(), newHashSet(REASON), doc1);
|
||||
contentClassificationService.classifyContent(LEVEL2, generate(), newHashSet(REASON), doc2);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -269,8 +277,8 @@ public class DocumentClassificationEnforcementTest extends BaseRMTestCase
|
||||
@Override
|
||||
public void when() throws Exception
|
||||
{
|
||||
contentClassificationService.classifyContent(LEVEL1, generate(), newHashSet(REASON), doc1);
|
||||
contentClassificationService.classifyContent(LEVEL2, generate(), newHashSet(REASON), doc2);
|
||||
resultsForAdmin = browseAsAdmin(folder);
|
||||
resultsForTestUser = browseAsTestUser(folder);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -284,14 +292,13 @@ public class DocumentClassificationEnforcementTest extends BaseRMTestCase
|
||||
@Override
|
||||
public Void run()
|
||||
{
|
||||
List<ChildAssociationRef> childAssociationRefs = nodeService.getChildAssocs(folder);
|
||||
assertNotNull(childAssociationRefs);
|
||||
assertEquals(3, childAssociationRefs.size());
|
||||
assertNotNull(resultsForAdmin);
|
||||
assertEquals(3, resultsForAdmin.size());
|
||||
|
||||
ArrayList<NodeRef> docs = newArrayList(doc1, doc2, doc3);
|
||||
assertTrue(docs.contains(childAssociationRefs.get(0).getChildRef()));
|
||||
assertTrue(docs.contains(childAssociationRefs.get(1).getChildRef()));
|
||||
assertTrue(docs.contains(childAssociationRefs.get(2).getChildRef()));
|
||||
List<NodeRef> docs = newArrayList(doc1, doc2, doc3);
|
||||
assertTrue(docs.contains(resultsForAdmin.get(0).getChildRef()));
|
||||
assertTrue(docs.contains(resultsForAdmin.get(1).getChildRef()));
|
||||
assertTrue(docs.contains(resultsForAdmin.get(2).getChildRef()));
|
||||
|
||||
return null;
|
||||
}
|
||||
@@ -302,18 +309,17 @@ public class DocumentClassificationEnforcementTest extends BaseRMTestCase
|
||||
@Override
|
||||
public Void run()
|
||||
{
|
||||
List<ChildAssociationRef> childAssociationRefs = nodeService.getChildAssocs(folder);
|
||||
assertNotNull(childAssociationRefs);
|
||||
assertEquals(3, childAssociationRefs.size());
|
||||
assertNotNull(resultsForTestUser);
|
||||
assertEquals(3, resultsForTestUser.size());
|
||||
|
||||
ArrayList<NodeRef> docs = newArrayList(doc1, doc2, doc3);
|
||||
assertTrue(docs.contains(childAssociationRefs.get(0).getChildRef()));
|
||||
assertTrue(docs.contains(childAssociationRefs.get(1).getChildRef()));
|
||||
assertTrue(docs.contains(childAssociationRefs.get(2).getChildRef()));
|
||||
List<NodeRef> docs = newArrayList(doc1, doc2, doc3);
|
||||
assertTrue(docs.contains(resultsForTestUser.get(0).getChildRef()));
|
||||
assertTrue(docs.contains(resultsForTestUser.get(1).getChildRef()));
|
||||
assertTrue(docs.contains(resultsForTestUser.get(2).getChildRef()));
|
||||
|
||||
return null;
|
||||
}
|
||||
}, myUser);
|
||||
}, testUser);
|
||||
}
|
||||
});
|
||||
}
|
||||
@@ -0,0 +1,317 @@
|
||||
/*
|
||||
* Copyright (C) 2005-2015 Alfresco Software Limited.
|
||||
*
|
||||
* This file is part of Alfresco
|
||||
*
|
||||
* Alfresco is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Lesser General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* Alfresco is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Lesser General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Lesser General Public License
|
||||
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
package org.alfresco.module.org_alfresco_module_rm.test.integration.classification.interceptor;
|
||||
|
||||
import static com.google.common.collect.Sets.newHashSet;
|
||||
import static org.alfresco.repo.site.SiteModel.SITE_MANAGER;
|
||||
import static org.alfresco.util.GUID.generate;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
|
||||
/**
|
||||
* Tests for enforcement of classification when searching documents in the document library
|
||||
*
|
||||
* @author Tuna Aksoy
|
||||
* @since 3.0
|
||||
*/
|
||||
public class DocumentSearchClassificationEnforcementTest extends SearchClassificationEnforcementTestBase
|
||||
{
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase#isCollaborationSiteTest()
|
||||
*/
|
||||
@Override
|
||||
protected boolean isCollaborationSiteTest()
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
public void testUserWithNoSecurityClearance()
|
||||
{
|
||||
/**
|
||||
* Given that a test user without security clearance exists
|
||||
* and two documents are created in the document library
|
||||
* and one of the documents is classified with the highest security level
|
||||
*
|
||||
* When I search for the documents as admin
|
||||
* Then I will see both documents
|
||||
*
|
||||
* When I search for the documents as the test user
|
||||
* Then I will only see the unclassified document
|
||||
*/
|
||||
doBehaviourDrivenTest(new BehaviourDrivenTest()
|
||||
{
|
||||
private NodeRef folder;
|
||||
private NodeRef doc1;
|
||||
private NodeRef doc2;
|
||||
private String searchQuery = generate();
|
||||
private List<NodeRef> resultsForAdmin;
|
||||
private List<NodeRef> resultsForTestUser;
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#given()
|
||||
*/
|
||||
@Override
|
||||
public void given() throws Exception
|
||||
{
|
||||
testUser = generate();
|
||||
createPerson(testUser);
|
||||
siteService.setMembership(collabSiteId, testUser, SITE_MANAGER);
|
||||
|
||||
folder = fileFolderService.create(documentLibrary, generate(), TYPE_FOLDER).getNodeRef();
|
||||
doc1 = fileFolderService.create(folder, searchQuery + generate(), TYPE_CONTENT).getNodeRef();
|
||||
doc2 = fileFolderService.create(folder, searchQuery + generate(), TYPE_CONTENT).getNodeRef();
|
||||
|
||||
contentClassificationService.classifyContent(LEVEL1, generate(), newHashSet(REASON), doc1);
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#when()
|
||||
*/
|
||||
@Override
|
||||
public void when() throws Exception
|
||||
{
|
||||
resultsForAdmin = searchAsAdmin(searchQuery);
|
||||
resultsForTestUser = searchAsTestUser(searchQuery);
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#then()
|
||||
*/
|
||||
@Override
|
||||
public void then() throws Exception
|
||||
{
|
||||
doTestInTransaction(new Test<Void>()
|
||||
{
|
||||
@Override
|
||||
public Void run()
|
||||
{
|
||||
assertNotNull(resultsForAdmin);
|
||||
assertEquals(2, resultsForAdmin.size());
|
||||
assertTrue(resultsForAdmin.contains(doc1));
|
||||
assertTrue(resultsForAdmin.contains(doc2));
|
||||
|
||||
return null;
|
||||
}
|
||||
});
|
||||
|
||||
doTestInTransaction(new Test<Void>()
|
||||
{
|
||||
@Override
|
||||
public Void run()
|
||||
{
|
||||
assertNotNull(resultsForTestUser);
|
||||
assertEquals(1, resultsForTestUser.size());
|
||||
assertTrue(resultsForTestUser.contains(doc2));
|
||||
|
||||
return null;
|
||||
}
|
||||
}, testUser);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
public void testUserWithMidlevelSecurityClearance()
|
||||
{
|
||||
/**
|
||||
* Given that a test user with mid-level security clearance exists
|
||||
* and three documents are created in the document library
|
||||
* and one of the documents is classified with the highest security level
|
||||
* and another document is classified with the mid-level security level
|
||||
*
|
||||
* When I search for the documents as admin
|
||||
* Then I will see all three documents
|
||||
*
|
||||
* When I search for the documents as the test user
|
||||
* Then I will see the unclassified document
|
||||
* and the document with the mid-level classification
|
||||
* and I won't be able to see the document with the classification greater than my clearance level
|
||||
*/
|
||||
doBehaviourDrivenTest(new BehaviourDrivenTest()
|
||||
{
|
||||
private NodeRef folder;
|
||||
private NodeRef doc1;
|
||||
private NodeRef doc2;
|
||||
private NodeRef doc3;
|
||||
private String searchQuery = generate();
|
||||
private List<NodeRef> resultsForAdmin;
|
||||
private List<NodeRef> resultsForTestUser;
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#given()
|
||||
*/
|
||||
@Override
|
||||
public void given() throws Exception
|
||||
{
|
||||
testUser = generate();
|
||||
createPerson(testUser);
|
||||
siteService.setMembership(collabSiteId, testUser, SITE_MANAGER);
|
||||
securityClearanceService.setUserSecurityClearance(testUser, LEVEL2);
|
||||
|
||||
folder = fileFolderService.create(documentLibrary, generate(), TYPE_FOLDER).getNodeRef();
|
||||
doc1 = fileFolderService.create(folder, searchQuery + generate(), TYPE_CONTENT).getNodeRef();
|
||||
doc2 = fileFolderService.create(folder, searchQuery + generate(), TYPE_CONTENT).getNodeRef();
|
||||
doc3 = fileFolderService.create(folder, searchQuery + generate(), TYPE_CONTENT).getNodeRef();
|
||||
|
||||
contentClassificationService.classifyContent(LEVEL1, generate(), newHashSet(REASON), doc1);
|
||||
contentClassificationService.classifyContent(LEVEL2, generate(), newHashSet(REASON), doc2);
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#when()
|
||||
*/
|
||||
@Override
|
||||
public void when() throws Exception
|
||||
{
|
||||
resultsForAdmin = searchAsAdmin(searchQuery);
|
||||
resultsForTestUser = searchAsTestUser(searchQuery);
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#then()
|
||||
*/
|
||||
@Override
|
||||
public void then() throws Exception
|
||||
{
|
||||
doTestInTransaction(new Test<Void>()
|
||||
{
|
||||
@Override
|
||||
public Void run()
|
||||
{
|
||||
assertNotNull(resultsForAdmin);
|
||||
assertEquals(3, resultsForAdmin.size());
|
||||
assertTrue(resultsForAdmin.contains(doc1));
|
||||
assertTrue(resultsForAdmin.contains(doc2));
|
||||
assertTrue(resultsForAdmin.contains(doc3));
|
||||
|
||||
return null;
|
||||
}
|
||||
});
|
||||
|
||||
doTestInTransaction(new Test<Void>()
|
||||
{
|
||||
@Override
|
||||
public Void run()
|
||||
{
|
||||
assertNotNull(resultsForTestUser);
|
||||
assertEquals(2, resultsForTestUser.size());
|
||||
assertTrue(resultsForTestUser.contains(doc2));
|
||||
assertTrue(resultsForTestUser.contains(doc3));
|
||||
|
||||
return null;
|
||||
}
|
||||
}, testUser);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
public void testUseWithHighestLevelSecurityClearance()
|
||||
{
|
||||
/**
|
||||
* Given that a test user with highest level security clearance exists
|
||||
* and three documents are created in the document library
|
||||
* and one of the documents is classified with the highest security level
|
||||
* and another document is classified with the mid-level security level
|
||||
*
|
||||
* When I search for the documents as admin
|
||||
* Then I will see all three documents
|
||||
*
|
||||
* When I search for the documents as the test user
|
||||
* Then I will see all three documents
|
||||
*/
|
||||
doBehaviourDrivenTest(new BehaviourDrivenTest()
|
||||
{
|
||||
private NodeRef folder;
|
||||
private NodeRef doc1;
|
||||
private NodeRef doc2;
|
||||
private NodeRef doc3;
|
||||
private String searchQuery = generate();
|
||||
private List<NodeRef> resultsForAdmin;
|
||||
private List<NodeRef> resultsForTestUser;
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#given()
|
||||
*/
|
||||
@Override
|
||||
public void given() throws Exception
|
||||
{
|
||||
testUser = generate();
|
||||
createPerson(testUser);
|
||||
siteService.setMembership(collabSiteId, testUser, SITE_MANAGER);
|
||||
securityClearanceService.setUserSecurityClearance(testUser, LEVEL1);
|
||||
|
||||
folder = fileFolderService.create(documentLibrary, generate(), TYPE_FOLDER).getNodeRef();
|
||||
doc1 = fileFolderService.create(folder, searchQuery + generate(), TYPE_CONTENT).getNodeRef();
|
||||
doc2 = fileFolderService.create(folder, searchQuery + generate(), TYPE_CONTENT).getNodeRef();
|
||||
doc3 = fileFolderService.create(folder, searchQuery + generate(), TYPE_CONTENT).getNodeRef();
|
||||
|
||||
contentClassificationService.classifyContent(LEVEL1, generate(), newHashSet(REASON), doc1);
|
||||
contentClassificationService.classifyContent(LEVEL2, generate(), newHashSet(REASON), doc2);
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#when()
|
||||
*/
|
||||
@Override
|
||||
public void when() throws Exception
|
||||
{
|
||||
resultsForAdmin = searchAsAdmin(searchQuery);
|
||||
resultsForTestUser = searchAsTestUser(searchQuery);
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#then()
|
||||
*/
|
||||
@Override
|
||||
public void then() throws Exception
|
||||
{
|
||||
doTestInTransaction(new Test<Void>()
|
||||
{
|
||||
@Override
|
||||
public Void run()
|
||||
{
|
||||
assertNotNull(resultsForAdmin);
|
||||
assertEquals(3, resultsForAdmin.size());
|
||||
assertTrue(resultsForAdmin.contains(doc1));
|
||||
assertTrue(resultsForAdmin.contains(doc2));
|
||||
assertTrue(resultsForAdmin.contains(doc3));
|
||||
|
||||
return null;
|
||||
}
|
||||
});
|
||||
|
||||
doTestInTransaction(new Test<Void>()
|
||||
{
|
||||
@Override
|
||||
public Void run()
|
||||
{
|
||||
assertNotNull(resultsForTestUser);
|
||||
assertEquals(3, resultsForTestUser.size());
|
||||
assertTrue(resultsForTestUser.contains(doc1));
|
||||
assertTrue(resultsForTestUser.contains(doc2));
|
||||
assertTrue(resultsForTestUser.contains(doc3));
|
||||
|
||||
return null;
|
||||
}
|
||||
}, testUser);
|
||||
}
|
||||
});
|
||||
}
|
||||
}
|
||||
@@ -23,10 +23,8 @@ import static com.google.common.collect.Sets.newHashSet;
|
||||
import static org.alfresco.module.org_alfresco_module_rm.role.FilePlanRoleService.ROLE_USER;
|
||||
import static org.alfresco.util.GUID.generate;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
import org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase;
|
||||
import org.alfresco.service.cmr.repository.ChildAssociationRef;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
|
||||
@@ -36,33 +34,31 @@ import org.alfresco.service.cmr.repository.NodeRef;
|
||||
* @author Tuna Aksoy
|
||||
* @since 3.0
|
||||
*/
|
||||
public class RecordClassificationEnforcementTest extends BaseRMTestCase
|
||||
public class RecordBrowseClassificationEnforcementTest extends BrowseClassificationEnforcementTestBase
|
||||
{
|
||||
private static final String LEVEL1 = "level1";
|
||||
private static final String LEVEL2 = "level2";
|
||||
private static final String REASON = "Test Reason 1";
|
||||
|
||||
public void testUserWithNoSecurityClearance()
|
||||
{
|
||||
/**
|
||||
* Given that a test user without security clearance exists
|
||||
* and the test user is added to the RM Users role
|
||||
* and a category, a folder and two records are created in the file plan
|
||||
*
|
||||
* When the test user is given read permissions on the category
|
||||
* and the test user is given read permissions on the category
|
||||
* and one of the records is classified with the highest security level
|
||||
*
|
||||
* When I browse the file plan as admin
|
||||
* Then I will see both documents
|
||||
*
|
||||
* Then as the admin user I will see both records
|
||||
* and as the test user I will only see the unclassified record
|
||||
* When I browse the file plan as the test user
|
||||
* Then I will only see the unclassified record
|
||||
*/
|
||||
doBehaviourDrivenTest(new BehaviourDrivenTest()
|
||||
{
|
||||
private String myUser;
|
||||
private NodeRef category;
|
||||
private NodeRef folder;
|
||||
private NodeRef record1;
|
||||
private NodeRef record2;
|
||||
private List<ChildAssociationRef> resultsForAdmin;
|
||||
private List<ChildAssociationRef> resultsForTestUser;
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#given()
|
||||
@@ -70,14 +66,16 @@ public class RecordClassificationEnforcementTest extends BaseRMTestCase
|
||||
@Override
|
||||
public void given() throws Exception
|
||||
{
|
||||
myUser = generate();
|
||||
createPerson(myUser);
|
||||
filePlanRoleService.assignRoleToAuthority(filePlan, ROLE_USER, myUser);
|
||||
testUser = generate();
|
||||
createPerson(testUser);
|
||||
filePlanRoleService.assignRoleToAuthority(filePlan, ROLE_USER, testUser);
|
||||
|
||||
category = filePlanService.createRecordCategory(filePlan, generate());
|
||||
folder = recordFolderService.createRecordFolder(category, generate());
|
||||
record1 = utils.createRecord(folder, generate());
|
||||
record2 = utils.createRecord(folder, generate());
|
||||
|
||||
contentClassificationService.classifyContent(LEVEL1, generate(), newHashSet(REASON), record1);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -86,8 +84,10 @@ public class RecordClassificationEnforcementTest extends BaseRMTestCase
|
||||
@Override
|
||||
public void when() throws Exception
|
||||
{
|
||||
filePlanPermissionService.setPermission(category, myUser, READ_RECORDS);
|
||||
contentClassificationService.classifyContent(LEVEL1, generate(), newHashSet(REASON), record1);
|
||||
filePlanPermissionService.setPermission(category, testUser, READ_RECORDS);
|
||||
|
||||
resultsForAdmin = browseAsAdmin(folder);
|
||||
resultsForTestUser = browseAsTestUser(folder);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -101,12 +101,12 @@ public class RecordClassificationEnforcementTest extends BaseRMTestCase
|
||||
@Override
|
||||
public Void run()
|
||||
{
|
||||
List<ChildAssociationRef> childAssocs = nodeService.getChildAssocs(folder);
|
||||
assertEquals(2, childAssocs.size());
|
||||
assertNotNull(resultsForAdmin);
|
||||
assertEquals(2, resultsForAdmin.size());
|
||||
|
||||
List<NodeRef> recordList = newArrayList(record1, record2);
|
||||
assertTrue(recordList.contains(childAssocs.get(0).getChildRef()));
|
||||
assertTrue(recordList.contains(childAssocs.get(1).getChildRef()));
|
||||
List<NodeRef> records = newArrayList(record1, record2);
|
||||
assertTrue(records.contains(resultsForAdmin.get(0).getChildRef()));
|
||||
assertTrue(records.contains(resultsForAdmin.get(1).getChildRef()));
|
||||
|
||||
return null;
|
||||
}
|
||||
@@ -117,13 +117,13 @@ public class RecordClassificationEnforcementTest extends BaseRMTestCase
|
||||
@Override
|
||||
public Void run()
|
||||
{
|
||||
List<ChildAssociationRef> childAssocs = nodeService.getChildAssocs(folder);
|
||||
assertEquals(1, childAssocs.size());
|
||||
assertEquals(record2, childAssocs.get(0).getChildRef());
|
||||
assertNotNull(resultsForTestUser);
|
||||
assertEquals(1, resultsForTestUser.size());
|
||||
assertEquals(record2, resultsForTestUser.get(0).getChildRef());
|
||||
|
||||
return null;
|
||||
}
|
||||
}, myUser);
|
||||
}, testUser);
|
||||
}
|
||||
});
|
||||
}
|
||||
@@ -134,24 +134,27 @@ public class RecordClassificationEnforcementTest extends BaseRMTestCase
|
||||
* Given that a test user with mid-level security clearance exists
|
||||
* and the test user is added to the RM Users role
|
||||
* and a category, a folder and three records are created in the file plan
|
||||
*
|
||||
* When the test user is given read permissions on the category
|
||||
* and the test user is given read permissions on the category
|
||||
* and one of the records is classified with the highest security level
|
||||
* and another record is classified with the mid-level security level
|
||||
*
|
||||
* Then as the admin user I will see all three records
|
||||
* and as the test user I will see the unclassified record
|
||||
* When I browse the file plan as admin
|
||||
* Then I will see all three records
|
||||
*
|
||||
* When I browse the file plan as the test user
|
||||
* Then I will see the unclassified record
|
||||
* and the record with the mid-level classification
|
||||
* and I won't be able to see the record with the classification greater than my clearance level
|
||||
*/
|
||||
doBehaviourDrivenTest(new BehaviourDrivenTest()
|
||||
{
|
||||
private String myUser;
|
||||
private NodeRef category;
|
||||
private NodeRef folder;
|
||||
private NodeRef record1;
|
||||
private NodeRef record2;
|
||||
private NodeRef record3;
|
||||
private List<ChildAssociationRef> resultsForAdmin;
|
||||
private List<ChildAssociationRef> resultsForTestUser;
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#given()
|
||||
@@ -159,16 +162,19 @@ public class RecordClassificationEnforcementTest extends BaseRMTestCase
|
||||
@Override
|
||||
public void given() throws Exception
|
||||
{
|
||||
myUser = generate();
|
||||
createPerson(myUser);
|
||||
filePlanRoleService.assignRoleToAuthority(filePlan, ROLE_USER, myUser);
|
||||
securityClearanceService.setUserSecurityClearance(myUser, LEVEL2);
|
||||
testUser = generate();
|
||||
createPerson(testUser);
|
||||
filePlanRoleService.assignRoleToAuthority(filePlan, ROLE_USER, testUser);
|
||||
securityClearanceService.setUserSecurityClearance(testUser, LEVEL2);
|
||||
|
||||
category = filePlanService.createRecordCategory(filePlan, generate());
|
||||
folder = recordFolderService.createRecordFolder(category, generate());
|
||||
record1 = utils.createRecord(folder, generate());
|
||||
record2 = utils.createRecord(folder, generate());
|
||||
record3 = utils.createRecord(folder, generate());
|
||||
|
||||
contentClassificationService.classifyContent(LEVEL1, generate(), newHashSet(REASON), record1);
|
||||
contentClassificationService.classifyContent(LEVEL2, generate(), newHashSet(REASON), record2);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -177,9 +183,10 @@ public class RecordClassificationEnforcementTest extends BaseRMTestCase
|
||||
@Override
|
||||
public void when() throws Exception
|
||||
{
|
||||
filePlanPermissionService.setPermission(category, myUser, READ_RECORDS);
|
||||
contentClassificationService.classifyContent(LEVEL1, generate(), newHashSet(REASON), record1);
|
||||
contentClassificationService.classifyContent(LEVEL2, generate(), newHashSet(REASON), record2);
|
||||
filePlanPermissionService.setPermission(category, testUser, READ_RECORDS);
|
||||
|
||||
resultsForAdmin = browseAsAdmin(folder);
|
||||
resultsForTestUser = browseAsTestUser(folder);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -193,14 +200,13 @@ public class RecordClassificationEnforcementTest extends BaseRMTestCase
|
||||
@Override
|
||||
public Void run()
|
||||
{
|
||||
List<ChildAssociationRef> childAssociationRefs = nodeService.getChildAssocs(folder);
|
||||
assertNotNull(childAssociationRefs);
|
||||
assertEquals(3, childAssociationRefs.size());
|
||||
assertNotNull(resultsForAdmin);
|
||||
assertEquals(3, resultsForAdmin.size());
|
||||
|
||||
ArrayList<NodeRef> docs = newArrayList(record1, record2, record3);
|
||||
assertTrue(docs.contains(childAssociationRefs.get(0).getChildRef()));
|
||||
assertTrue(docs.contains(childAssociationRefs.get(1).getChildRef()));
|
||||
assertTrue(docs.contains(childAssociationRefs.get(2).getChildRef()));
|
||||
List<NodeRef> records = newArrayList(record1, record2, record3);
|
||||
assertTrue(records.contains(resultsForAdmin.get(0).getChildRef()));
|
||||
assertTrue(records.contains(resultsForAdmin.get(1).getChildRef()));
|
||||
assertTrue(records.contains(resultsForAdmin.get(2).getChildRef()));
|
||||
|
||||
return null;
|
||||
}
|
||||
@@ -211,17 +217,16 @@ public class RecordClassificationEnforcementTest extends BaseRMTestCase
|
||||
@Override
|
||||
public Void run()
|
||||
{
|
||||
List<ChildAssociationRef> childAssociationRefs = nodeService.getChildAssocs(folder);
|
||||
assertNotNull(childAssociationRefs);
|
||||
assertEquals(2, childAssociationRefs.size());
|
||||
assertNotNull(resultsForTestUser);
|
||||
assertEquals(2, resultsForTestUser.size());
|
||||
|
||||
ArrayList<NodeRef> docs = newArrayList(record2, record3);
|
||||
assertTrue(docs.contains(childAssociationRefs.get(0).getChildRef()));
|
||||
assertTrue(docs.contains(childAssociationRefs.get(1).getChildRef()));
|
||||
List<NodeRef> records = newArrayList(record2, record3);
|
||||
assertTrue(records.contains(resultsForTestUser.get(0).getChildRef()));
|
||||
assertTrue(records.contains(resultsForTestUser.get(1).getChildRef()));
|
||||
|
||||
return null;
|
||||
}
|
||||
}, myUser);
|
||||
}, testUser);
|
||||
}
|
||||
});
|
||||
}
|
||||
@@ -232,22 +237,25 @@ public class RecordClassificationEnforcementTest extends BaseRMTestCase
|
||||
* Given that a test user with highest level security clearance exists
|
||||
* and the test user is added to the RM Users role
|
||||
* and a category, a folder and three records are created in the file plan
|
||||
*
|
||||
* When the test user is given read permissions on the category
|
||||
* and the test user is given read permissions on the category
|
||||
* and one of the records is classified with the highest security level
|
||||
* and another record is classified with the mid-level security level
|
||||
*
|
||||
* Then as the admin user I will see all three records
|
||||
* and as the test user I will see all three records
|
||||
* When I browse the file plan as admin
|
||||
* The I will see all three records
|
||||
*
|
||||
* When I browse the file plan as the test user
|
||||
* The I will see all three records
|
||||
*/
|
||||
doBehaviourDrivenTest(new BehaviourDrivenTest()
|
||||
{
|
||||
private String myUser;
|
||||
private NodeRef category;
|
||||
private NodeRef folder;
|
||||
private NodeRef record1;
|
||||
private NodeRef record2;
|
||||
private NodeRef record3;
|
||||
private List<ChildAssociationRef> resultsForAdmin;
|
||||
private List<ChildAssociationRef> resultsForTestUser;
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#given()
|
||||
@@ -255,16 +263,19 @@ public class RecordClassificationEnforcementTest extends BaseRMTestCase
|
||||
@Override
|
||||
public void given() throws Exception
|
||||
{
|
||||
myUser = generate();
|
||||
createPerson(myUser);
|
||||
filePlanRoleService.assignRoleToAuthority(filePlan, ROLE_USER, myUser);
|
||||
securityClearanceService.setUserSecurityClearance(myUser, LEVEL1);
|
||||
testUser = generate();
|
||||
createPerson(testUser);
|
||||
filePlanRoleService.assignRoleToAuthority(filePlan, ROLE_USER, testUser);
|
||||
securityClearanceService.setUserSecurityClearance(testUser, LEVEL1);
|
||||
|
||||
category = filePlanService.createRecordCategory(filePlan, generate());
|
||||
folder = recordFolderService.createRecordFolder(category, generate());
|
||||
record1 = utils.createRecord(folder, generate());
|
||||
record2 = utils.createRecord(folder, generate());
|
||||
record3 = utils.createRecord(folder, generate());
|
||||
|
||||
contentClassificationService.classifyContent(LEVEL1, generate(), newHashSet(REASON), record1);
|
||||
contentClassificationService.classifyContent(LEVEL2, generate(), newHashSet(REASON), record2);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -273,9 +284,10 @@ public class RecordClassificationEnforcementTest extends BaseRMTestCase
|
||||
@Override
|
||||
public void when() throws Exception
|
||||
{
|
||||
filePlanPermissionService.setPermission(category, myUser, READ_RECORDS);
|
||||
contentClassificationService.classifyContent(LEVEL1, generate(), newHashSet(REASON), record1);
|
||||
contentClassificationService.classifyContent(LEVEL2, generate(), newHashSet(REASON), record2);
|
||||
filePlanPermissionService.setPermission(category, testUser, READ_RECORDS);
|
||||
|
||||
resultsForAdmin = browseAsAdmin(folder);
|
||||
resultsForTestUser = browseAsTestUser(folder);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -289,14 +301,13 @@ public class RecordClassificationEnforcementTest extends BaseRMTestCase
|
||||
@Override
|
||||
public Void run()
|
||||
{
|
||||
List<ChildAssociationRef> childAssociationRefs = nodeService.getChildAssocs(folder);
|
||||
assertNotNull(childAssociationRefs);
|
||||
assertEquals(3, childAssociationRefs.size());
|
||||
assertNotNull(resultsForAdmin);
|
||||
assertEquals(3, resultsForAdmin.size());
|
||||
|
||||
ArrayList<NodeRef> docs = newArrayList(record1, record2, record3);
|
||||
assertTrue(docs.contains(childAssociationRefs.get(0).getChildRef()));
|
||||
assertTrue(docs.contains(childAssociationRefs.get(1).getChildRef()));
|
||||
assertTrue(docs.contains(childAssociationRefs.get(2).getChildRef()));
|
||||
List<NodeRef> records = newArrayList(record1, record2, record3);
|
||||
assertTrue(records.contains(resultsForAdmin.get(0).getChildRef()));
|
||||
assertTrue(records.contains(resultsForAdmin.get(1).getChildRef()));
|
||||
assertTrue(records.contains(resultsForAdmin.get(2).getChildRef()));
|
||||
|
||||
return null;
|
||||
}
|
||||
@@ -307,18 +318,17 @@ public class RecordClassificationEnforcementTest extends BaseRMTestCase
|
||||
@Override
|
||||
public Void run()
|
||||
{
|
||||
List<ChildAssociationRef> childAssociationRefs = nodeService.getChildAssocs(folder);
|
||||
assertNotNull(childAssociationRefs);
|
||||
assertEquals(3, childAssociationRefs.size());
|
||||
assertNotNull(resultsForTestUser);
|
||||
assertEquals(3, resultsForTestUser.size());
|
||||
|
||||
ArrayList<NodeRef> docs = newArrayList(record1, record2, record3);
|
||||
assertTrue(docs.contains(childAssociationRefs.get(0).getChildRef()));
|
||||
assertTrue(docs.contains(childAssociationRefs.get(1).getChildRef()));
|
||||
assertTrue(docs.contains(childAssociationRefs.get(2).getChildRef()));
|
||||
List<NodeRef> records = newArrayList(record1, record2, record3);
|
||||
assertTrue(records.contains(resultsForTestUser.get(0).getChildRef()));
|
||||
assertTrue(records.contains(resultsForTestUser.get(1).getChildRef()));
|
||||
assertTrue(records.contains(resultsForTestUser.get(2).getChildRef()));
|
||||
|
||||
return null;
|
||||
}
|
||||
}, myUser);
|
||||
}, testUser);
|
||||
}
|
||||
});
|
||||
}
|
||||
@@ -1,138 +0,0 @@
|
||||
/*
|
||||
* Copyright (C) 2005-2015 Alfresco Software Limited.
|
||||
*
|
||||
* This file is part of Alfresco
|
||||
*
|
||||
* Alfresco is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Lesser General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* Alfresco is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Lesser General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Lesser General Public License
|
||||
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
package org.alfresco.module.org_alfresco_module_rm.test.integration.classification.interceptor;
|
||||
|
||||
import static com.google.common.collect.Sets.newHashSet;
|
||||
import static java.lang.Integer.MAX_VALUE;
|
||||
import static org.alfresco.repo.site.SiteModel.SITE_MANAGER;
|
||||
import static org.alfresco.service.cmr.repository.StoreRef.STORE_REF_WORKSPACE_SPACESSTORE;
|
||||
import static org.alfresco.service.cmr.search.SearchService.LANGUAGE_FTS_ALFRESCO;
|
||||
import static org.alfresco.service.namespace.NamespaceService.CONTENT_MODEL_1_0_URI;
|
||||
import static org.alfresco.util.GUID.generate;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.cmr.search.ResultSet;
|
||||
import org.alfresco.service.cmr.search.SearchParameters;
|
||||
|
||||
/**
|
||||
* Integration test for ResultTest post method invocation processor
|
||||
*
|
||||
* @author Tuna Aksoy
|
||||
* @since 3.0
|
||||
*/
|
||||
public class ResultSetPostMethodInvocationProcessorTest extends BaseRMTestCase
|
||||
{
|
||||
private static final String LEVEL1 = "level1";
|
||||
private static final String REASON = "Test Reason 1";
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase#isCollaborationSiteTest()
|
||||
*/
|
||||
@Override
|
||||
protected boolean isCollaborationSiteTest()
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
public void testResultSetPostMethodInvocationProcessor()
|
||||
{
|
||||
doBehaviourDrivenTest(new BehaviourDrivenTest()
|
||||
{
|
||||
private String myUser;
|
||||
private NodeRef doc1;
|
||||
private NodeRef doc2;
|
||||
private String searchQuery = generate();
|
||||
private ResultSet result;
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#given()
|
||||
*/
|
||||
@Override
|
||||
public void given() throws Exception
|
||||
{
|
||||
myUser = generate();
|
||||
createPerson(myUser);
|
||||
siteService.setMembership(collabSiteId, myUser, SITE_MANAGER);
|
||||
|
||||
doc1 = fileFolderService.create(documentLibrary, searchQuery + generate(), TYPE_CONTENT).getNodeRef();
|
||||
doc2 = fileFolderService.create(documentLibrary, searchQuery + generate(), TYPE_CONTENT).getNodeRef();
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#when()
|
||||
*/
|
||||
@Override
|
||||
public void when() throws Exception
|
||||
{
|
||||
doTestInTransaction(new Test<Void>()
|
||||
{
|
||||
@Override
|
||||
public Void run()
|
||||
{
|
||||
contentClassificationService.classifyContent(LEVEL1, generate(), newHashSet(REASON), doc1);
|
||||
|
||||
return null;
|
||||
}
|
||||
});
|
||||
|
||||
doTestInTransaction(new Test<Void>()
|
||||
{
|
||||
@Override
|
||||
public Void run()
|
||||
{
|
||||
SearchParameters searchParameters = new SearchParameters();
|
||||
searchParameters.setQuery("@cm\\:name:" + searchQuery + "*");
|
||||
searchParameters.setLanguage(LANGUAGE_FTS_ALFRESCO);
|
||||
searchParameters.addStore(STORE_REF_WORKSPACE_SPACESSTORE);
|
||||
searchParameters.setMaxItems(MAX_VALUE);
|
||||
searchParameters.setNamespace(CONTENT_MODEL_1_0_URI);
|
||||
result = searchService.query(searchParameters);
|
||||
|
||||
return null;
|
||||
}
|
||||
}, myUser);
|
||||
}
|
||||
|
||||
/**
|
||||
* @see org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase.BehaviourDrivenTest#then()
|
||||
*/
|
||||
@Override
|
||||
public void then() throws Exception
|
||||
{
|
||||
doTestInTransaction(new Test<Void>()
|
||||
{
|
||||
@Override
|
||||
public Void run()
|
||||
{
|
||||
List<NodeRef> nodeRefs = result.getNodeRefs();
|
||||
|
||||
assertEquals(2, nodeRefs.size());
|
||||
assertTrue(nodeRefs.contains(doc1));
|
||||
assertTrue(nodeRefs.contains(doc2));
|
||||
|
||||
return null;
|
||||
}
|
||||
}, myUser);
|
||||
}
|
||||
});
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,71 @@
|
||||
/*
|
||||
* Copyright (C) 2005-2015 Alfresco Software Limited.
|
||||
*
|
||||
* This file is part of Alfresco
|
||||
*
|
||||
* Alfresco is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Lesser General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* Alfresco is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Lesser General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Lesser General Public License
|
||||
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
package org.alfresco.module.org_alfresco_module_rm.test.integration.classification.interceptor;
|
||||
|
||||
import static java.lang.Integer.MAX_VALUE;
|
||||
import static org.alfresco.repo.security.authentication.AuthenticationUtil.getAdminUserName;
|
||||
import static org.alfresco.service.cmr.repository.StoreRef.STORE_REF_WORKSPACE_SPACESSTORE;
|
||||
import static org.alfresco.service.cmr.search.SearchService.LANGUAGE_FTS_ALFRESCO;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.cmr.search.SearchParameters;
|
||||
|
||||
/**
|
||||
* Base class for classification enforcement tests for the search action
|
||||
*
|
||||
* @author Tuna Aksoy
|
||||
* @since 3.0
|
||||
*/
|
||||
public class SearchClassificationEnforcementTestBase extends BaseRMTestCase
|
||||
{
|
||||
protected String testUser;
|
||||
protected static final String LEVEL1 = "level1";
|
||||
protected static final String LEVEL2 = "level2";
|
||||
protected static final String REASON = "Test Reason 1";
|
||||
|
||||
protected List<NodeRef> search(String searchQuery, String userName)
|
||||
{
|
||||
return doTestInTransaction(new Test<List<NodeRef>>()
|
||||
{
|
||||
@Override
|
||||
public List<NodeRef> run()
|
||||
{
|
||||
SearchParameters searchParameters = new SearchParameters();
|
||||
searchParameters.setQuery("cm:name:" + searchQuery + "*");
|
||||
searchParameters.setLanguage(LANGUAGE_FTS_ALFRESCO);
|
||||
searchParameters.addStore(STORE_REF_WORKSPACE_SPACESSTORE);
|
||||
searchParameters.setMaxItems(MAX_VALUE);
|
||||
return searchService.query(searchParameters).getNodeRefs();
|
||||
}
|
||||
}, userName);
|
||||
}
|
||||
|
||||
protected List<NodeRef> searchAsAdmin(String searchQuery)
|
||||
{
|
||||
return search(searchQuery, getAdminUserName());
|
||||
}
|
||||
|
||||
protected List<NodeRef> searchAsTestUser(String searchQuery)
|
||||
{
|
||||
return search(searchQuery, testUser);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user