mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-08-07 17:49:17 +00:00
Merged V3.0 to HEAD
11509: ETHREEOH-394: Incorrect message in activity feed when user accepts an invitation to a site
11510: Fix to set position
11511: Fix for ETHREEOH-533: Dialogs access via ExternalAccessServlet return to blank empty container.jsp page when Close button is clicked
11512: Fix DM ACL deletion after merge forward for shared and defining ACLs.
11513: Merged V2.2 to V3.0
11501: Expose if set permissions are inherited or not and fix relatd behaviour for import/copy
11514: Fix for ETHREEOH-476 (Impossible to create Site Invite Workflow) & ETHREEOH-254 (Default value at 'Start Advanced Workflow Wizard' page)
11515: Fix for ETHREEOH-446 and ETHREEOH-447
11517: Fix for ETHREEOH-225: Web Forms with repeating elements don't work
11518: Merged V2.2 to V3.0
11343: ACL upgrades may require a COW - it now warns when this happens.
11369: Always lock against staging - ETWOTWO-763
11519: Merged V2.2 to V3.0
11467: Fixed ETWOTWO-774: CreateVersionTxnListener.afterCommit() throws NPE
11468: More defensive coding on AVM txn listeners (avoid NPEs)
11475: More defensive checks to avoid NPE
11520: Merged V2.2 to V3.0
11478: Keep creator and owner as orihinally set in AVM - Fix for ETWOTWO-604
11521: RuntimeExec: Added optional directive SPLIT: to force argument tokenization
11522: Limited tests to just check the command format not execute it for "dir . .."
11523: Undid revision 11520 (Merged V2.2 11478)
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@12449 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Kevin Roast
@@ -42,13 +42,16 @@ public class AccessPermissionImpl implements AccessPermission
|
||||
private String authority;
|
||||
|
||||
private AuthorityType authorityType;
|
||||
|
||||
private int position;
|
||||
|
||||
public AccessPermissionImpl(String permission, AccessStatus accessStatus, String authority)
|
||||
public AccessPermissionImpl(String permission, AccessStatus accessStatus, String authority, int position)
|
||||
{
|
||||
this.permission = permission;
|
||||
this.accessStatus = accessStatus;
|
||||
this.authority = authority;
|
||||
this.authorityType = AuthorityType.getAuthorityType(authority);
|
||||
this.position = position;
|
||||
}
|
||||
|
||||
public String getPermission()
|
||||
@@ -99,4 +102,19 @@ public class AccessPermissionImpl implements AccessPermission
|
||||
{
|
||||
return ((authority.hashCode() * 37) + permission.hashCode()) * 37 + accessStatus.hashCode();
|
||||
}
|
||||
|
||||
public int getPosition()
|
||||
{
|
||||
return position;
|
||||
}
|
||||
|
||||
public boolean isInherited()
|
||||
{
|
||||
return (position > 0);
|
||||
}
|
||||
|
||||
public boolean isSetDirectly()
|
||||
{
|
||||
return (position == 0);
|
||||
}
|
||||
}
|
||||
@@ -342,7 +342,7 @@ public class PermissionServiceImpl implements PermissionServiceSPI, Initializing
|
||||
NodePermissionEntry nodePremissionEntry = getSetPermissions(nodeRef);
|
||||
for (PermissionEntry pe : nodePremissionEntry.getPermissionEntries())
|
||||
{
|
||||
accessPermissions.add(new AccessPermissionImpl(getPermission(pe.getPermissionReference()), pe.getAccessStatus(), pe.getAuthority()));
|
||||
accessPermissions.add(new AccessPermissionImpl(getPermission(pe.getPermissionReference()), pe.getAccessStatus(), pe.getAuthority(), pe.getPosition()));
|
||||
}
|
||||
return accessPermissions;
|
||||
}
|
||||
@@ -353,7 +353,7 @@ public class PermissionServiceImpl implements PermissionServiceSPI, Initializing
|
||||
NodePermissionEntry nodePremissionEntry = getSetPermissions(storeRef);
|
||||
for (PermissionEntry pe : nodePremissionEntry.getPermissionEntries())
|
||||
{
|
||||
accessPermissions.add(new AccessPermissionImpl(getPermission(pe.getPermissionReference()), pe.getAccessStatus(), pe.getAuthority()));
|
||||
accessPermissions.add(new AccessPermissionImpl(getPermission(pe.getPermissionReference()), pe.getAccessStatus(), pe.getAuthority(), pe.getPosition()));
|
||||
}
|
||||
return accessPermissions;
|
||||
}
|
||||
@@ -366,13 +366,13 @@ public class PermissionServiceImpl implements PermissionServiceSPI, Initializing
|
||||
{
|
||||
if (hasPermission(nodeRef, pr) == AccessStatus.ALLOWED)
|
||||
{
|
||||
accessPermissions.add(new AccessPermissionImpl(getPermission(pr), AccessStatus.ALLOWED, userName));
|
||||
accessPermissions.add(new AccessPermissionImpl(getPermission(pr), AccessStatus.ALLOWED, userName, -1));
|
||||
}
|
||||
else
|
||||
{
|
||||
if (includeFalse)
|
||||
{
|
||||
accessPermissions.add(new AccessPermissionImpl(getPermission(pr), AccessStatus.DENIED, userName));
|
||||
accessPermissions.add(new AccessPermissionImpl(getPermission(pr), AccessStatus.DENIED, userName, -1));
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -757,7 +757,7 @@ public class PermissionServiceImpl implements PermissionServiceSPI, Initializing
|
||||
auths.add(authority.getAuthority());
|
||||
}
|
||||
auths.addAll(getDynamicAuthorities(auth, nodeRef, required));
|
||||
auths.addAll(authorityService.getAuthorities());
|
||||
auths.addAll(authorityService.getAuthoritiesForUser(username));
|
||||
return auths;
|
||||
}
|
||||
|
||||
@@ -809,7 +809,7 @@ public class PermissionServiceImpl implements PermissionServiceSPI, Initializing
|
||||
{
|
||||
auths.add(authority.getAuthority());
|
||||
}
|
||||
auths.addAll(authorityService.getAuthorities());
|
||||
auths.addAll(authorityService.getAuthoritiesForUser(user.getUsername()));
|
||||
|
||||
if (context != null)
|
||||
{
|
||||
|
||||
@@ -104,41 +104,126 @@ public class PermissionServiceTest extends AbstractPermissionTest
|
||||
|
||||
assertEquals(0, permissionService.getAllSetPermissions(n1).size());
|
||||
assertEquals(0, permissionService.getAllSetPermissions(n2).size());
|
||||
|
||||
|
||||
permissionService.deletePermissions(n1);
|
||||
permissionService.deletePermissions(n2);
|
||||
|
||||
|
||||
permissionService.setPermission(new SimplePermissionEntry(n1, getPermission(PermissionService.READ), "andy", AccessStatus.ALLOWED));
|
||||
|
||||
|
||||
assertEquals(1, permissionService.getAllSetPermissions(n1).size());
|
||||
assertEquals(1, permissionService.getAllSetPermissions(n2).size());
|
||||
|
||||
|
||||
permissionService.deletePermissions(n2);
|
||||
|
||||
|
||||
assertEquals(1, permissionService.getAllSetPermissions(n1).size());
|
||||
assertEquals(1, permissionService.getAllSetPermissions(n2).size());
|
||||
|
||||
|
||||
permissionService.setPermission(new SimplePermissionEntry(n2, getPermission(PermissionService.WRITE), "andy", AccessStatus.ALLOWED));
|
||||
|
||||
|
||||
assertEquals(1, permissionService.getAllSetPermissions(n1).size());
|
||||
assertEquals(2, permissionService.getAllSetPermissions(n2).size());
|
||||
|
||||
permissionService.deletePermissions(n2);
|
||||
|
||||
|
||||
assertEquals(1, permissionService.getAllSetPermissions(n1).size());
|
||||
assertEquals(1, permissionService.getAllSetPermissions(n2).size());
|
||||
|
||||
|
||||
permissionService.setPermission(new SimplePermissionEntry(n2, getPermission(PermissionService.WRITE), "andy", AccessStatus.ALLOWED));
|
||||
|
||||
|
||||
assertEquals(1, permissionService.getAllSetPermissions(n1).size());
|
||||
assertEquals(2, permissionService.getAllSetPermissions(n2).size());
|
||||
|
||||
|
||||
permissionService.deletePermissions(n1);
|
||||
|
||||
|
||||
assertEquals(0, permissionService.getAllSetPermissions(n1).size());
|
||||
assertEquals(1, permissionService.getAllSetPermissions(n2).size());
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* This will break when merged forward
|
||||
*/
|
||||
public void testPositionInformation()
|
||||
{
|
||||
runAs("admin");
|
||||
NodeRef one = nodeService.createNode(rootNodeRef, ContentModel.ASSOC_CHILDREN, QName.createQName("{namespace}one"), ContentModel.TYPE_FOLDER).getChildRef();
|
||||
NodeRef two = nodeService.createNode(one, ContentModel.ASSOC_CHILDREN, QName.createQName("{namespace}two"), ContentModel.TYPE_FOLDER).getChildRef();
|
||||
NodeRef three = nodeService.createNode(two, ContentModel.ASSOC_CHILDREN, QName.createQName("{namespace}three"), ContentModel.TYPE_FOLDER).getChildRef();
|
||||
NodeRef four = nodeService.createNode(three, ContentModel.ASSOC_CHILDREN, QName.createQName("{namespace}three"), ContentModel.TYPE_FOLDER).getChildRef();
|
||||
permissionService.setPermission(one, "andy", PermissionService.ALL_PERMISSIONS, true);
|
||||
permissionService.setPermission(two, "bob", PermissionService.ALL_PERMISSIONS, true);
|
||||
permissionService.setPermission(three, "carol", PermissionService.ALL_PERMISSIONS, true);
|
||||
|
||||
Set<AccessPermission> set = permissionService.getAllSetPermissions(one);
|
||||
assertEquals(1, set.size());
|
||||
for (AccessPermission ap : set)
|
||||
{
|
||||
if (ap.getAuthority().equals("andy"))
|
||||
{
|
||||
assertFalse(ap.isInherited());
|
||||
assertEquals(0, ap.getPosition());
|
||||
}
|
||||
}
|
||||
|
||||
set = permissionService.getAllSetPermissions(two);
|
||||
assertEquals(2, set.size());
|
||||
for (AccessPermission ap : set)
|
||||
{
|
||||
if (ap.getAuthority().equals("andy"))
|
||||
{
|
||||
assertTrue(ap.isInherited());
|
||||
assertEquals(2, ap.getPosition());
|
||||
}
|
||||
if (ap.getAuthority().equals("bob"))
|
||||
{
|
||||
assertFalse(ap.isInherited());
|
||||
assertEquals(0, ap.getPosition());
|
||||
}
|
||||
}
|
||||
|
||||
set = permissionService.getAllSetPermissions(three);
|
||||
assertEquals(3, set.size());
|
||||
for (AccessPermission ap : set)
|
||||
{
|
||||
if (ap.getAuthority().equals("andy"))
|
||||
{
|
||||
assertTrue(ap.isInherited());
|
||||
assertEquals(4, ap.getPosition());
|
||||
}
|
||||
if (ap.getAuthority().equals("bob"))
|
||||
{
|
||||
assertTrue(ap.isInherited());
|
||||
assertEquals(2, ap.getPosition());
|
||||
}
|
||||
if (ap.getAuthority().equals("carol"))
|
||||
{
|
||||
assertFalse(ap.isInherited());
|
||||
assertEquals(0, ap.getPosition());
|
||||
}
|
||||
}
|
||||
|
||||
set = permissionService.getAllSetPermissions(four);
|
||||
assertEquals(3, set.size());
|
||||
for (AccessPermission ap : set)
|
||||
{
|
||||
if (ap.getAuthority().equals("andy"))
|
||||
{
|
||||
assertTrue(ap.isInherited());
|
||||
assertEquals(5, ap.getPosition());
|
||||
}
|
||||
if (ap.getAuthority().equals("bob"))
|
||||
{
|
||||
assertTrue(ap.isInherited());
|
||||
assertEquals(3, ap.getPosition());
|
||||
}
|
||||
if (ap.getAuthority().equals("carol"))
|
||||
{
|
||||
assertTrue(ap.isInherited());
|
||||
assertEquals(1, ap.getPosition());
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
public void test_AR_2055()
|
||||
{
|
||||
runAs("admin");
|
||||
@@ -183,11 +268,63 @@ public class PermissionServiceTest extends AbstractPermissionTest
|
||||
{
|
||||
assertEquals("andy", AuthenticationUtil.getCurrentRealUserName());
|
||||
assertEquals("admin", AuthenticationUtil.getCurrentEffectiveUserName());
|
||||
|
||||
|
||||
assertTrue(permissionService.hasPermission(n1, getPermission(PermissionService.CONTRIBUTOR)) == AccessStatus.ALLOWED);
|
||||
|
||||
assertEquals("andy", AuthenticationUtil.getCurrentRealUserName());
|
||||
assertEquals("admin", AuthenticationUtil.getCurrentEffectiveUserName());
|
||||
|
||||
AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
|
||||
{
|
||||
|
||||
public Object doWork() throws Exception
|
||||
{
|
||||
assertTrue(permissionService.hasPermission(n1, getPermission(PermissionService.CONTRIBUTOR)) == AccessStatus.DENIED);
|
||||
|
||||
assertEquals("andy", AuthenticationUtil.getCurrentRealUserName());
|
||||
assertEquals("lemur", AuthenticationUtil.getCurrentEffectiveUserName());
|
||||
|
||||
AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
|
||||
{
|
||||
|
||||
public Object doWork() throws Exception
|
||||
{
|
||||
assertTrue(permissionService.hasPermission(n1, getPermission(PermissionService.CONTRIBUTOR)) == AccessStatus.ALLOWED);
|
||||
|
||||
assertEquals("andy", AuthenticationUtil.getCurrentRealUserName());
|
||||
assertEquals("admin", AuthenticationUtil.getCurrentEffectiveUserName());
|
||||
|
||||
AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
|
||||
{
|
||||
|
||||
public Object doWork() throws Exception
|
||||
{
|
||||
assertTrue(permissionService.hasPermission(n1, getPermission(PermissionService.CONTRIBUTOR)) == AccessStatus.DENIED);
|
||||
|
||||
assertEquals("andy", AuthenticationUtil.getCurrentRealUserName());
|
||||
assertEquals("andy", AuthenticationUtil.getCurrentEffectiveUserName());
|
||||
|
||||
return null;
|
||||
}
|
||||
}, "andy");
|
||||
|
||||
assertEquals("andy", AuthenticationUtil.getCurrentRealUserName());
|
||||
assertEquals("admin", AuthenticationUtil.getCurrentEffectiveUserName());
|
||||
|
||||
return null;
|
||||
}
|
||||
}, "admin");
|
||||
|
||||
assertEquals("andy", AuthenticationUtil.getCurrentRealUserName());
|
||||
assertEquals("lemur", AuthenticationUtil.getCurrentEffectiveUserName());
|
||||
|
||||
return null;
|
||||
}
|
||||
}, "lemur");
|
||||
|
||||
assertEquals("andy", AuthenticationUtil.getCurrentRealUserName());
|
||||
assertEquals("admin", AuthenticationUtil.getCurrentEffectiveUserName());
|
||||
|
||||
return null;
|
||||
}
|
||||
}, "admin");
|
||||
@@ -238,29 +375,28 @@ public class PermissionServiceTest extends AbstractPermissionTest
|
||||
|
||||
assertEquals("andy", AuthenticationUtil.getCurrentRealUserName());
|
||||
assertEquals("admin", AuthenticationUtil.getCurrentEffectiveUserName());
|
||||
|
||||
|
||||
AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
|
||||
{
|
||||
{
|
||||
|
||||
public Object doWork() throws Exception
|
||||
{
|
||||
assertTrue(permissionService.hasPermission(n1, getPermission(PermissionService.CONTRIBUTOR)) == AccessStatus.DENIED);
|
||||
public Object doWork() throws Exception
|
||||
{
|
||||
assertTrue(permissionService.hasPermission(n1, getPermission(PermissionService.CONTRIBUTOR)) == AccessStatus.DENIED);
|
||||
|
||||
assertEquals("andy", AuthenticationUtil.getCurrentRealUserName());
|
||||
assertEquals("andy", AuthenticationUtil.getCurrentEffectiveUserName());
|
||||
assertEquals("andy", AuthenticationUtil.getCurrentRealUserName());
|
||||
assertEquals("andy", AuthenticationUtil.getCurrentEffectiveUserName());
|
||||
|
||||
return null;
|
||||
}
|
||||
}, "andy");
|
||||
|
||||
return null;
|
||||
}
|
||||
}, "andy");
|
||||
|
||||
assertEquals("andy", AuthenticationUtil.getCurrentRealUserName());
|
||||
assertEquals("admin", AuthenticationUtil.getCurrentEffectiveUserName());
|
||||
|
||||
|
||||
return null;
|
||||
}
|
||||
}, "admin");
|
||||
|
||||
|
||||
assertEquals("andy", AuthenticationUtil.getCurrentRealUserName());
|
||||
assertEquals("lemur", AuthenticationUtil.getCurrentEffectiveUserName());
|
||||
|
||||
@@ -308,7 +444,6 @@ public class PermissionServiceTest extends AbstractPermissionTest
|
||||
assertNull(AuthenticationUtil.getCurrentEffectiveUserName());
|
||||
}
|
||||
|
||||
|
||||
public void testNestedRunAsRealAndEffectiveUsersWithNoPriorAuthentication()
|
||||
{
|
||||
runAs("admin");
|
||||
@@ -349,29 +484,28 @@ public class PermissionServiceTest extends AbstractPermissionTest
|
||||
|
||||
assertEquals("admin", AuthenticationUtil.getCurrentRealUserName());
|
||||
assertEquals("admin", AuthenticationUtil.getCurrentEffectiveUserName());
|
||||
|
||||
|
||||
AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Object>()
|
||||
{
|
||||
{
|
||||
|
||||
public Object doWork() throws Exception
|
||||
{
|
||||
assertTrue(permissionService.hasPermission(n1, getPermission(PermissionService.CONTRIBUTOR)) == AccessStatus.DENIED);
|
||||
public Object doWork() throws Exception
|
||||
{
|
||||
assertTrue(permissionService.hasPermission(n1, getPermission(PermissionService.CONTRIBUTOR)) == AccessStatus.DENIED);
|
||||
|
||||
assertEquals("admin", AuthenticationUtil.getCurrentRealUserName());
|
||||
assertEquals("andy", AuthenticationUtil.getCurrentEffectiveUserName());
|
||||
assertEquals("admin", AuthenticationUtil.getCurrentRealUserName());
|
||||
assertEquals("andy", AuthenticationUtil.getCurrentEffectiveUserName());
|
||||
|
||||
return null;
|
||||
}
|
||||
}, "andy");
|
||||
|
||||
return null;
|
||||
}
|
||||
}, "andy");
|
||||
|
||||
assertEquals("admin", AuthenticationUtil.getCurrentRealUserName());
|
||||
assertEquals("admin", AuthenticationUtil.getCurrentEffectiveUserName());
|
||||
|
||||
|
||||
return null;
|
||||
}
|
||||
}, "admin");
|
||||
|
||||
|
||||
assertEquals("admin", AuthenticationUtil.getCurrentRealUserName());
|
||||
assertEquals("lemur", AuthenticationUtil.getCurrentEffectiveUserName());
|
||||
|
||||
@@ -389,9 +523,8 @@ public class PermissionServiceTest extends AbstractPermissionTest
|
||||
assertNull(AuthenticationUtil.getCurrentRealUserName());
|
||||
assertNull(AuthenticationUtil.getCurrentEffectiveUserName());
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
public void testDefaultModelPermissions()
|
||||
{
|
||||
runAs("admin");
|
||||
@@ -565,21 +698,21 @@ public class PermissionServiceTest extends AbstractPermissionTest
|
||||
private void printPermissions(NodeRef nodeRef, String path)
|
||||
{
|
||||
Long id = nodeDaoService.getNodePair(nodeRef).getFirst();
|
||||
System.out.println(path + " has "+id);
|
||||
for(AccessControlEntry entry : aclDaoComponent.getAccessControlList(id).getEntries())
|
||||
System.out.println(path + " has " + id);
|
||||
for (AccessControlEntry entry : aclDaoComponent.getAccessControlList(id).getEntries())
|
||||
{
|
||||
System.out.println("\t\t "+id+" "+entry);
|
||||
System.out.println("\t\t " + id + " " + entry);
|
||||
}
|
||||
List<ChildAssociationRef> children = nodeService.getChildAssocs(nodeRef);
|
||||
for(ChildAssociationRef child: children)
|
||||
for (ChildAssociationRef child : children)
|
||||
{
|
||||
String newPath = path+"/"+child.getQName();
|
||||
String newPath = path + "/" + child.getQName();
|
||||
printPermissions(child.getChildRef(), newPath);
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
public void testSetNodePermissionEntry()
|
||||
{
|
||||
runAs("andy");
|
||||
@@ -2003,14 +2136,14 @@ public class PermissionServiceTest extends AbstractPermissionTest
|
||||
assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CHILDREN)) == AccessStatus.ALLOWED);
|
||||
assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_CONTENT)) == AccessStatus.ALLOWED);
|
||||
|
||||
//printPermissions(rootNodeRef, "/");
|
||||
|
||||
// printPermissions(rootNodeRef, "/");
|
||||
|
||||
permissionService.deletePermission(new SimplePermissionEntry(n2, getPermission(PermissionService.READ_CHILDREN), "andy", AccessStatus.ALLOWED));
|
||||
permissionService.deletePermission(new SimplePermissionEntry(n2, getPermission(PermissionService.READ_PROPERTIES), "andy", AccessStatus.ALLOWED));
|
||||
permissionService.deletePermission(new SimplePermissionEntry(n2, getPermission(PermissionService.READ_CONTENT), "andy", AccessStatus.ALLOWED));
|
||||
|
||||
//printPermissions(rootNodeRef, "/");
|
||||
|
||||
// printPermissions(rootNodeRef, "/");
|
||||
|
||||
runAs("andy");
|
||||
assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED);
|
||||
assertFalse(permissionService.hasPermission(n2, getPermission(PermissionService.READ_PROPERTIES)) == AccessStatus.ALLOWED);
|
||||
|
||||
@@ -70,6 +70,7 @@ public final class SimplePermissionEntry extends AbstractPermissionEntry
|
||||
this.permissionReference = permissionReference;
|
||||
this.authority = authority;
|
||||
this.accessStatus = accessStatus;
|
||||
this.position = position;
|
||||
}
|
||||
|
||||
public PermissionReference getPermissionReference()
|
||||
|
||||
Reference in New Issue
Block a user