inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-31 17:39:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged DEV/ROYTEST to HEAD:

Browse Source 
109931: Classification enforcement refactor
   110013: Classification enforecment refactor
       * rename veto as permission pre-processor
       * add support for permission post-processors
       * add transaction cache to classification enforcement
       * add records management permission post processor to remove code from extended permission service
   110191: Extended permission service unit test
   110301: Classification permission pre-processor unit test

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@110507 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Roy Wetherall
2015-08-20 02:51:23 +00:00
parent 33edc6feb0 2bcebc2abe
commit 95d7013517
37 changed files with 952 additions and 2107 deletions
Download Patch File Download Diff File Expand all files Collapse all files

76
rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/interceptor/processor/ArrayPostMethodInvocationProcessorUnitTest.java
View File

@@ -1,76 +0,0 @@
/*
* Copyright (C) 2005-2015 Alfresco Software Limited.
*
* This file is part of Alfresco
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
*/
package org.alfresco.module.org_alfresco_module_rm.classification.interceptor.processor;
import static org.alfresco.service.cmr.repository.StoreRef.STORE_REF_WORKSPACE_SPACESSTORE;
import static org.alfresco.util.GUID.generate;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
import static org.mockito.Matchers.isA;
import static org.mockito.Mockito.when;
import static org.mockito.MockitoAnnotations.initMocks;
import org.alfresco.service.cmr.repository.NodeRef;
import org.apache.commons.lang3.ArrayUtils;
import org.junit.Before;
import org.junit.Test;
import org.mockito.InjectMocks;
import org.mockito.Mock;
/**
* Array Post Method Invocation Processor Unit Test
*
* @author Tuna Aksoy
* @since 3.0.a
*/
public class ArrayPostMethodInvocationProcessorUnitTest
{
private static final NodeRef NODE_REF_1 = new NodeRef(STORE_REF_WORKSPACE_SPACESSTORE, generate());
private static final NodeRef NODE_REF_2 = new NodeRef(STORE_REF_WORKSPACE_SPACESSTORE, generate());
private static final NodeRef NODE_REF_3 = new NodeRef(STORE_REF_WORKSPACE_SPACESSTORE, generate());
private static final NodeRef NODE_REF_4 = new NodeRef(STORE_REF_WORKSPACE_SPACESSTORE, generate());
@InjectMocks private ArrayPostMethodInvocationProcessor arrayPostMethodInvocationProcessor;
@Mock private PostMethodInvocationProcessor mockedPostMethodInvocationProcessor;
@Mock private BasePostMethodInvocationProcessor mockedNodeRefProcessor;
@Before
public void setUp()
{
initMocks(this);
when(mockedPostMethodInvocationProcessor.getProcessor(isA(NodeRef.class))).thenReturn(mockedNodeRefProcessor);
when(mockedNodeRefProcessor.process(NODE_REF_1)).thenReturn(NODE_REF_1);
when(mockedNodeRefProcessor.process(NODE_REF_2)).thenReturn(null);
when(mockedNodeRefProcessor.process(NODE_REF_3)).thenReturn(NODE_REF_3);
when(mockedNodeRefProcessor.process(NODE_REF_4)).thenReturn(null);
}
@Test
public void testArrayPostMethodInvocationProcessor()
{
NodeRef[] nodes = new NodeRef[] { NODE_REF_1, NODE_REF_2, NODE_REF_3, NODE_REF_4 };
NodeRef[] processedNodes = arrayPostMethodInvocationProcessor.process(nodes);
assertEquals(2, processedNodes.length);
assertTrue(ArrayUtils.contains(processedNodes, NODE_REF_1));
assertTrue(ArrayUtils.contains(processedNodes, NODE_REF_3));
}
}

188
rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/interceptor/processor/CollectionPostMethodInvocationProcessorUnitTest.java
View File

@@ -1,188 +0,0 @@
/*
* Copyright (C) 2005-2015 Alfresco Software Limited.
*
* This file is part of Alfresco
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
*/
package org.alfresco.module.org_alfresco_module_rm.classification.interceptor.processor;
import static com.google.common.collect.Lists.newArrayList;
import static java.util.Arrays.asList;
import static org.alfresco.util.GUID.generate;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertTrue;
import static org.mockito.Matchers.isA;
import static org.mockito.Mockito.when;
import static org.mockito.MockitoAnnotations.initMocks;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Comparator;
import java.util.Iterator;
import java.util.List;
import java.util.SortedSet;
import java.util.TreeSet;
import org.junit.Before;
import org.junit.Test;
import org.mockito.InjectMocks;
import org.mockito.Mock;
/**
* Unit tests for the {@link CollectionPostMethodInvocationProcessor}.
*
* @author Tom Page
* @since 3.0.a
*/
public class CollectionPostMethodInvocationProcessorUnitTest
{
private static final String REALLY_LONG_OUTPUT_STRING = generate() + generate();
private static final String NON_FILTERED = generate();
private static final String FILTERED = generate();
@InjectMocks private CollectionPostMethodInvocationProcessor collectionPostMethodInvocationProcessor;
@Mock private PostMethodInvocationProcessor mockPostMethodInvocationProcessor;
@Mock private BasePostMethodInvocationProcessor mockStringProcessor;
@Before
public void setUp()
{
initMocks(this);
when(mockPostMethodInvocationProcessor.getProcessor(isA(List.class))).thenReturn(collectionPostMethodInvocationProcessor);
when(mockPostMethodInvocationProcessor.getProcessor(isA(String.class))).thenReturn(mockStringProcessor);
when(mockStringProcessor.process(REALLY_LONG_OUTPUT_STRING)).thenReturn(REALLY_LONG_OUTPUT_STRING);
when(mockStringProcessor.process(NON_FILTERED)).thenReturn(NON_FILTERED);
when(mockStringProcessor.process(FILTERED)).thenReturn(null);
}
@Test
public void testProcess_copesWithNull()
{
Object result = collectionPostMethodInvocationProcessor.process(null);
assertNull("Expected null collection to be passed through.", result);
}
@Test
public void testProcess_nullMember()
{
List<String> collection = new ArrayList<>();
collection.add(null);
Object result = collectionPostMethodInvocationProcessor.process(collection);
assertEquals("Expected collection containing null to be passed through.", collection, result);
}
@Test
public void testProcess_emptyList()
{
List<String> collection = new ArrayList<>();
Collection<String> result = collectionPostMethodInvocationProcessor.process(collection);
assertEquals(collection, result);
}
@Test
public void testProcess_nonFilteredMember()
{
Object collection = asList(NON_FILTERED);
Object result = collectionPostMethodInvocationProcessor.process(collection);
assertEquals("Expected element to still be present in result.", collection, result);
}
@Test
public void testProcess_filteredMemberInModifiableList()
{
List<String> collection = newArrayList(FILTERED);
Collection<String> result = collectionPostMethodInvocationProcessor.process(collection);
assertTrue("Expected an empty list.", result.isEmpty());
}
@Test(expected = UnsupportedOperationException.class)
public void testProcess_filteredMemberInUnmodifiableList()
{
List<String> collection = asList(FILTERED, NON_FILTERED);
collectionPostMethodInvocationProcessor.process(collection);
}
@Test
public void testProcess_noProcessorDefined()
{
List<Integer> collection = asList(1, 4, 91);
Collection<Integer> result = collectionPostMethodInvocationProcessor.process(collection);
assertEquals("If no processor is defined for the members then the whole list should be returned.", collection, result);
}
@SuppressWarnings("unchecked")
@Test
public void testProcess_listOfLists()
{
List<String> innerListA = newArrayList(FILTERED, NON_FILTERED);
List<String> innerListB = newArrayList(FILTERED, NON_FILTERED);
List<List<String>> collection = newArrayList(innerListA, innerListB);
Collection<List<String>> result = collectionPostMethodInvocationProcessor.process(collection);
List<String> expectedInnerListA = asList(NON_FILTERED);
List<String> expectedInnerListB = asList(NON_FILTERED);
List<List<String>> expected = asList(expectedInnerListA, expectedInnerListB);
assertEquals(expected, result);
}
/**
* Given I have a sorted set of input strings
* When I pass it to the collection processor
* Then I expect items above my clearance to be filtered
* And I expect items below my clearance to be passed through
* And I expect the output set to be sorted using the same comparator as the input.
*/
@Test
public void testProcess_sortedSet()
{
// Create a custom comparator that sorts based on the length of the strings.
Comparator<String> comparator = new Comparator<String>()
{
public int compare(String o1, String o2)
{
return o1.length() - o2.length();
}
};
SortedSet<String> collection = new TreeSet<>(comparator);
collection.add(REALLY_LONG_OUTPUT_STRING);
collection.add(NON_FILTERED);
collection.add(FILTERED);
Collection<String> result = collectionPostMethodInvocationProcessor.process(collection);
Iterator<String> iterator = result.iterator();
assertEquals("Expected the first element to be the shortest", NON_FILTERED, iterator.next());
assertEquals("Expected the second element to be the longest", REALLY_LONG_OUTPUT_STRING, iterator.next());
assertFalse("Expected two elements in output", iterator.hasNext());
}
}

94
rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/interceptor/processor/NodeRefPostMethodInvocationProcessorUnitTest.java
View File

@@ -1,94 +0,0 @@
/*
* Copyright (C) 2005-2015 Alfresco Software Limited.
*
* This file is part of Alfresco
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
*/
package org.alfresco.module.org_alfresco_module_rm.classification.interceptor.processor;
import static org.junit.Assert.assertEquals;
import static org.mockito.Mockito.when;
import static org.springframework.extensions.webscripts.GUID.generate;
import org.alfresco.module.org_alfresco_module_rm.classification.ContentClassificationService;
import org.alfresco.module.org_alfresco_module_rm.test.util.BaseUnitTest;
import org.alfresco.service.cmr.repository.NodeRef;
import org.junit.Test;
import org.mockito.InjectMocks;
import org.mockito.Mock;
/**
* NodeRef Post Method Invocation Processor Unit Test
*
* @author Tuna Aksoy
* @since 3.0.a
*/
public class NodeRefPostMethodInvocationProcessorUnitTest extends BaseUnitTest
{
@InjectMocks private NodeRefPostMethodInvocationProcessor nodeRefPostMethodInvocationProcessor;
@Mock private ContentClassificationService mockedContentClassificationService;
@Mock private PreMethodInvocationProcessor mockedPreMethodInvocationProcessor;
@Test
public void testProcessingNonExistingNode()
{
NodeRef nodeRef = new NodeRef(generate() + "://" + generate() + "/");
when(mockedDictionaryService.isSubClass(mockedNodeService.getType(nodeRef), TYPE_CONTENT)).thenReturn(true);
when(mockedContentClassificationService.hasClearance(nodeRef)).thenReturn(true);
assertEquals(nodeRef, nodeRefPostMethodInvocationProcessor.process(nodeRef));
}
@Test
public void testProcessingNonContent()
{
NodeRef nodeRef = generateNodeRef();
when(mockedDictionaryService.isSubClass(mockedNodeService.getType(nodeRef), TYPE_CONTENT)).thenReturn(false);
when(mockedContentClassificationService.hasClearance(nodeRef)).thenReturn(true);
assertEquals(nodeRef, nodeRefPostMethodInvocationProcessor.process(nodeRef));
}
@Test
public void testExistingNodeWithUserClearance()
{
NodeRef nodeRef = generateNodeRef();
when(mockedDictionaryService.isSubClass(mockedNodeService.getType(nodeRef), TYPE_CONTENT)).thenReturn(true);
when(mockedContentClassificationService.hasClearance(nodeRef)).thenReturn(true);
assertEquals(nodeRef, nodeRefPostMethodInvocationProcessor.process(nodeRef));
}
@Test
public void testExistingNodeWithNoUserClearance()
{
NodeRef nodeRef = generateNodeRef();
when(mockedDictionaryService.isSubClass(mockedNodeService.getType(nodeRef), TYPE_CONTENT)).thenReturn(true);
when(mockedContentClassificationService.hasClearance(nodeRef)).thenReturn(false);
assertEquals(null, nodeRefPostMethodInvocationProcessor.process(nodeRef));
}
@Test
public void testProcessingNull()
{
assertEquals("Expected null to be passed through without error.", null,
nodeRefPostMethodInvocationProcessor.process((NodeRef) null));
}
}

91
rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/interceptor/processor/QueryEngineResultsPostMethodInvocationProcessorUnitTest.java
View File

@@ -1,91 +0,0 @@
/*
* Copyright (C) 2005-2015 Alfresco Software Limited.
*
* This file is part of Alfresco
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
*/
package org.alfresco.module.org_alfresco_module_rm.classification.interceptor.processor;
import static org.junit.Assert.assertEquals;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
import static org.mockito.MockitoAnnotations.initMocks;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import org.alfresco.repo.search.impl.querymodel.QueryEngineResults;
import org.alfresco.service.cmr.search.ResultSet;
import org.junit.Before;
import org.junit.Test;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.Mockito;
import com.google.common.collect.Sets;
/**
* Unit tests for {@link QueryEngineResultPostMethodInvocationProcessor}.
*
* @author Tom Page
* @since 3.0.a
*/
public class QueryEngineResultsPostMethodInvocationProcessorUnitTest
{
private static final Set<String> KEY_1 = Sets.newHashSet("KEY_1");
private static final Set<String> KEY_2 = Sets.newHashSet("KEY_2");
private static final Set<String> KEY_3 = Sets.newHashSet("KEY_3");
private static final Set<String> KEY_4 = Sets.newHashSet("KEY_4");
private static final ResultSet UNCLASSIFIED_RESULT_SET = mock(ResultSet.class);
private static final ResultSet CLASSIFIED_RESULT_SET = mock(ResultSet.class);
@InjectMocks
private QueryEngineResultsPostMethodInvocationProcessor processor = new QueryEngineResultsPostMethodInvocationProcessor();
@Mock
private PostMethodInvocationProcessor mockPostMethodInvocationProcessor;
@Mock
private ResultSetPostMethodInvocationProcessor mockResultSetPMIP;
@Before
public void setUp()
{
initMocks(this);
when(mockPostMethodInvocationProcessor.getProcessor(Mockito.any())).thenReturn(mockResultSetPMIP);
when(mockResultSetPMIP.process(UNCLASSIFIED_RESULT_SET)).thenReturn(UNCLASSIFIED_RESULT_SET);
when(mockResultSetPMIP.process(CLASSIFIED_RESULT_SET)).thenReturn(null);
}
/** Check that {@code process} filters out the classified result sets. */
@Test
public void testProcess()
{
Map<Set<String>, ResultSet> resultsMap = new HashMap<>();
resultsMap.put(KEY_1, UNCLASSIFIED_RESULT_SET);
resultsMap.put(KEY_2, CLASSIFIED_RESULT_SET);
resultsMap.put(KEY_3, UNCLASSIFIED_RESULT_SET);
resultsMap.put(KEY_4, CLASSIFIED_RESULT_SET);
QueryEngineResults queryEngineResults = new QueryEngineResults(resultsMap);
QueryEngineResults returnedQueryEngineResults = processor.process(queryEngineResults);
Map<Set<String>, ResultSet> expectedResultSet = new HashMap<>();
expectedResultSet.put(KEY_1, UNCLASSIFIED_RESULT_SET);
expectedResultSet.put(KEY_3, UNCLASSIFIED_RESULT_SET);
assertEquals("Unexpected results from query.", expectedResultSet, returnedQueryEngineResults.getResults());
}
}

193
rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/permission/ClassificationPermissionPreProcessorUnitTest.java Normal file
View File

@@ -0,0 +1,193 @@
/*
* Copyright (C) 2005-2015 Alfresco Software Limited.
*
* This file is part of Alfresco
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
*/
package org.alfresco.module.org_alfresco_module_rm.classification.permission;
import static org.mockito.Mockito.never;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
import static org.junit.Assert.assertEquals;
import java.util.HashMap;
import java.util.Map;
import org.alfresco.module.org_alfresco_module_rm.classification.ClassificationServiceBootstrap;
import org.alfresco.module.org_alfresco_module_rm.classification.ContentClassificationService;
import org.alfresco.module.org_alfresco_module_rm.test.util.AlfMock;
import org.alfresco.module.org_alfresco_module_rm.test.util.BaseUnitTest;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.security.AccessStatus;
import org.alfresco.util.Triple;
import org.junit.Before;
import org.junit.Test;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import com.google.common.collect.Sets;
/**
* Classification permission pre-processor unit test
*
* @author Roy Wetherall
* @since 3.0.a
*/
public class ClassificationPermissionPreProcessorUnitTest extends BaseUnitTest
{
/** test artifact */
private @InjectMocks ClassificationPermissionPreProcessor processor;
/** mocks */
private @Mock ClassificationServiceBootstrap mockedClassificationServiceBootstrap;
private @Mock ContentClassificationService mockedContentClassificationService;
/** test data */
private NodeRef nodeRef;
private String perm = AlfMock.generateText();
private String user = AlfMock.generateText();
@Before
@Override
public void before() throws Exception
{
super.before();
nodeRef = generateCmContent(AlfMock.generateText());
}
/**
* Given that the classification hierarchy hasn't been bootstraped
* When the classification permission pre processor is executed
* Then an undetermined result will be returned
*/
@Test
public void classificationServiceNotBootstraped()
{
when(mockedClassificationServiceBootstrap.isInitialised())
.thenReturn(false);
assertEquals(AccessStatus.UNDETERMINED, processor.process(nodeRef, perm));
verify(mockedContentClassificationService, never())
.hasClearance(nodeRef);
}
/**
* Given that the node being evaluated is already being processed
* When the classification permission pre processor is executed
* Then an undetermined result will be returned
*/
@Test
public void nodeBeingProcessed()
{
when(mockedClassificationServiceBootstrap.isInitialised())
.thenReturn(true);
when(mockedTransactionalResourceHelper.getSet(ClassificationPermissionPreProcessor.KEY_PROCESSING))
.thenReturn(Sets.newHashSet(nodeRef));
assertEquals(AccessStatus.UNDETERMINED, processor.process(nodeRef, perm));
verify(mockedContentClassificationService, never())
.hasClearance(nodeRef);
}
/**
* Given that the node already exists in the transaction cache
* When the classification permission pre processor is executed
* Then the result will be returned from the cache
*/
@Test
public void resultAlreadyCached()
{
when(mockedClassificationServiceBootstrap.isInitialised())
.thenReturn(true);
NodeRef notTheNodeRef = AlfMock.generateNodeRef(mockedNodeService);
when(mockedTransactionalResourceHelper.getSet(ClassificationPermissionPreProcessor.KEY_PROCESSING))
.thenReturn(Sets.newHashSet(notTheNodeRef));
when(mockedAuthenticationUtil.getRunAsUser())
.thenReturn(user);
Map<Object, Object> cache = new HashMap<Object, Object>(1);
cache.put(new Triple<NodeRef, String, String>(nodeRef, perm, user), AccessStatus.ALLOWED);
when(mockedTransactionalResourceHelper.getMap(ClassificationPermissionPreProcessor.KEY_CACHE))
.thenReturn(cache);
assertEquals(AccessStatus.ALLOWED, processor.process(nodeRef, perm));
verify(mockedContentClassificationService, never())
.hasClearance(nodeRef);
}
/**
* Given that the user does have clearance
* When the classification permission pre processor is executed
* Then an undetermined result will be returned
*/
@Test
public void userHasClearance()
{
when(mockedClassificationServiceBootstrap.isInitialised())
.thenReturn(true);
NodeRef notTheNodeRef = AlfMock.generateNodeRef(mockedNodeService);
when(mockedTransactionalResourceHelper.getSet(ClassificationPermissionPreProcessor.KEY_PROCESSING))
.thenReturn(Sets.newHashSet(notTheNodeRef));
when(mockedAuthenticationUtil.getRunAsUser())
.thenReturn(user);
Map<Object, Object> cache = new HashMap<Object, Object>(1);
cache.put(new Triple<NodeRef, String, String>(notTheNodeRef, perm, user), AccessStatus.ALLOWED);
when(mockedTransactionalResourceHelper.getMap(ClassificationPermissionPreProcessor.KEY_CACHE))
.thenReturn(cache);
when(mockedContentClassificationService.hasClearance(nodeRef))
.thenReturn(true);
assertEquals(AccessStatus.UNDETERMINED, processor.process(nodeRef, perm));
verify(mockedContentClassificationService)
.hasClearance(nodeRef);
}
/**
* Given that the user doesn't have clearance
* When the classification permission pre processor is executed
* Then an undetermined result will be returned
*/
@Test
public void userDoesNotHaveClearance()
{
when(mockedClassificationServiceBootstrap.isInitialised())
.thenReturn(true);
NodeRef notTheNodeRef = AlfMock.generateNodeRef(mockedNodeService);
when(mockedTransactionalResourceHelper.getSet(ClassificationPermissionPreProcessor.KEY_PROCESSING))
.thenReturn(Sets.newHashSet(notTheNodeRef));
when(mockedAuthenticationUtil.getRunAsUser())
.thenReturn(user);
Map<Object, Object> cache = new HashMap<Object, Object>(1);
cache.put(new Triple<NodeRef, String, String>(notTheNodeRef, perm, user), AccessStatus.ALLOWED);
when(mockedTransactionalResourceHelper.getMap(ClassificationPermissionPreProcessor.KEY_CACHE))
.thenReturn(cache);
when(mockedContentClassificationService.hasClearance(nodeRef))
.thenReturn(false);
assertEquals(AccessStatus.DENIED, processor.process(nodeRef, perm));
verify(mockedContentClassificationService)
.hasClearance(nodeRef);
}
}

125
rm-server/unit-test/java/org/alfresco/repo/security/permissions/impl/ExtendedPermissionServiceImplUnitTest.java Normal file
View File

@@ -0,0 +1,125 @@
/*
* Copyright (C) 2005-2015 Alfresco Software Limited.
*
* This file is part of Alfresco
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
*/
package org.alfresco.repo.security.permissions.impl;
import static java.util.Arrays.asList;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.never;
import static org.mockito.Mockito.when;
import static org.junit.Assert.assertEquals;
import org.alfresco.module.org_alfresco_module_rm.test.util.AlfMock;
import org.alfresco.module.org_alfresco_module_rm.test.util.BaseUnitTest;
import org.alfresco.repo.security.permissions.processor.PermissionPostProcessor;
import org.alfresco.repo.security.permissions.processor.PermissionPreProcessor;
import org.alfresco.repo.security.permissions.processor.PermissionProcessorRegistry;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.security.AccessStatus;
import org.junit.Test;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.Spy;
/**
* Extended permission service implementation unit test
*
* @author Roy Wetherall
* @since 3.0.a
*/
public class ExtendedPermissionServiceImplUnitTest extends BaseUnitTest
{
private @InjectMocks @Spy ExtendedPermissionServiceImpl extendedPermissionServiceImpl = new ExtendedPermissionServiceImpl()
{
protected AccessStatus hasPermissionImpl(NodeRef nodeRef, String perm) { return AccessStatus.UNDETERMINED; };
};
private @Mock PermissionProcessorRegistry mockedPermissionProcessorRegistry;
private @Mock PermissionPreProcessor mockedPermissionPreProcessor;
private @Mock PermissionPostProcessor mockedPermissionPostProcessor;
/**
* Given a permission pre-processor has been registered
* And does not DENY
* When hasPermission is called
* Then the pre-processor is executed
* And the ACL's are evaluated as normal
*/
@Test
public void preProcessorDoesNotDeny()
{
NodeRef nodeRef = generateCmContent("anyname");
String perm = AlfMock.generateText();
when(mockedPermissionProcessorRegistry.getPermissionPreProcessors())
.thenReturn(asList(mockedPermissionPreProcessor));
when(mockedPermissionPreProcessor.process(nodeRef, perm))
.thenReturn(AccessStatus.UNDETERMINED);
AccessStatus result = extendedPermissionServiceImpl.hasPermission(nodeRef, perm);
assertEquals(AccessStatus.UNDETERMINED, result);
verify(mockedPermissionPreProcessor).process(nodeRef, perm);
verify(extendedPermissionServiceImpl).hasPermissionImpl(nodeRef, perm);
}
/**
* Given a permission pre-processor has been registered
* And DENY's
* When hasPermission is called
* Then the pre-processor is executed
* And the remaining permission evaluations do not take place
*/
@Test
public void preProcessorDenys()
{
NodeRef nodeRef = generateCmContent("anyname");
String perm = AlfMock.generateText();
when(mockedPermissionProcessorRegistry.getPermissionPreProcessors())
.thenReturn(asList(mockedPermissionPreProcessor));
when(mockedPermissionPreProcessor.process(nodeRef, perm))
.thenReturn(AccessStatus.DENIED);
AccessStatus result = extendedPermissionServiceImpl.hasPermission(nodeRef, perm);
assertEquals(AccessStatus.DENIED, result);
verify(mockedPermissionPreProcessor).process(nodeRef, perm);
verify(extendedPermissionServiceImpl, never()).hasPermissionImpl(nodeRef, perm);
}
/**
* Given a permission post-processor has been registered
* When hasPermission is called
* Then the permission post-processor is called
*/
@Test
public void postProcessorRegistered()
{
NodeRef nodeRef = generateCmContent("anyname");
String perm = AlfMock.generateText();
when(mockedPermissionProcessorRegistry.getPermissionPostProcessors())
.thenReturn(asList(mockedPermissionPostProcessor));
when(mockedPermissionPostProcessor.process(AccessStatus.UNDETERMINED, nodeRef, perm))
.thenReturn(AccessStatus.ALLOWED);
AccessStatus result = extendedPermissionServiceImpl.hasPermission(nodeRef, perm);
assertEquals(AccessStatus.ALLOWED, result);
verify(mockedPermissionPostProcessor).process(AccessStatus.UNDETERMINED, nodeRef, perm);
verify(extendedPermissionServiceImpl).hasPermissionImpl(nodeRef, perm);
}
}