diff --git a/build.gradle b/build.gradle index 4faaac8596..bb38b225da 100644 --- a/build.gradle +++ b/build.gradle @@ -15,16 +15,6 @@ task wrapper(type: Wrapper) { gradleVersion = '1.0-milestone-8' } -task downloadAlfresco << { - - def address = "https://bamboo.alfresco.com/bamboo/artifact/ALF-ENTERPRISEV40/JOB1/build-891/ALL/alfresco-enterprise-4.0.1.zip?os_authType=basic&os_username=rwetherall&os_password=31vegaleg" - - def file = new FileOutputStream(file('alfresco.zip')) - def out = new BufferedOutputStream(file) - out << new URL(address).openStream() - out.close() -} - /** Subproject configuration */ subprojects { @@ -50,6 +40,7 @@ subprojects { jarFile = "${baseName}.jar" ampFile = "${baseName}.amp" tomcatRoot = System.getenv(tomcatEnv) + jarFilePath = "${buildLibDir}/${jarFile}" sourceSets { main { @@ -161,7 +152,6 @@ subprojects { task amp(dependsOn: 'jar') << { - def jarFilePath = "${buildLibDir}/${jarFile}" def jarFileObj = file(jarFilePath) def configDirObj = file(configDir) def sourceWebObj = file(sourceWebDir) @@ -197,6 +187,46 @@ subprojects { } } + task deployExploded(dependsOn: 'jar') << { + + def jarFileObj = file(jarFilePath) + def configDirObj = file(configDir) + def sourceWebObj = file(sourceWebDir) + + explodedWebAppDir = new File("${tomcatRoot}/webapps/${webAppName}") + if (explodedWebAppDir.exists() == true) { + + // copy module properties + + // copy jars + if (jarFileObj.exists()) { + copy { + from jarFilePath + into "${explodedWebAppDir}/WEB-INF/lib" + } + } + + // copy config + if (configDirObj.exists() == true) { + copy { + from(configDir) { + exclude "**/${moduleProperties}" + exclude "**/${fileMapping}" + } + into "${explodedWebAppDir}/WEB-INF/classes" + + } + } + + // copy web + if (sourceWebObj.exists() == true) { + } + } + else { + println "Exploded webapp directory ${explodedWebAppDir} does not exist." + } + } + task installAmp(dependsOn: ['amp', 'copyWar']) << { def warFileLocation = file("${buildDistDir}/${warFile}") diff --git a/rm-server/.classpath b/rm-server/.classpath index 10f3e73b1d..e2ff39fa0f 100644 --- a/rm-server/.classpath +++ b/rm-server/.classpath @@ -249,7 +249,7 @@ - + diff --git a/rm-server/build.gradle b/rm-server/build.gradle index 75520e3ae5..0008684d53 100644 --- a/rm-server/build.gradle +++ b/rm-server/build.gradle @@ -20,7 +20,4 @@ test { beforeTest { descriptor -> logger.lifecycle("Running test: " + descriptor) } - //onOutput { descriptor, event -> - // logger.lifecycle(event.message) - //} } \ No newline at end of file diff --git a/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-capabilities-context.xml b/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-capabilities-context.xml index dce641860e..29354fe42d 100644 --- a/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-capabilities-context.xml +++ b/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-capabilities-context.xml @@ -48,7 +48,6 @@ - RECORD_CATEGORY DISPOSITION_SCHEDULE - + + + + + + - - - + RECORD @@ -827,7 +830,9 @@ - + diff --git a/rm-server/config/alfresco/templates/webscripts/org/alfresco/slingshot/documentlibrary-v2/doclist.lib.js b/rm-server/config/alfresco/templates/webscripts/org/alfresco/slingshot/documentlibrary-v2/doclist.lib.js new file mode 100644 index 0000000000..947666762f --- /dev/null +++ b/rm-server/config/alfresco/templates/webscripts/org/alfresco/slingshot/documentlibrary-v2/doclist.lib.js @@ -0,0 +1,264 @@ +const REQUEST_MAX = 1000; + +/** + * Main entry point: Create collection of documents and folders in the given space + * + * @method doclist_main + */ +function doclist_main() +{ + // Use helper function to get the arguments + var parsedArgs = ParseArgs.getParsedArgs(); + if (parsedArgs === null) + { + return; + } + + var filter = args.filter, + items = []; + + // Try to find a filter query based on the passed-in arguments + var allNodes = [], + totalRecords = 0, + requestTotalCountMax = 0, + paged = false, + favourites = Common.getFavourites(), + filterParams = Filters.getFilterParams(filter, parsedArgs, + { + favourites: favourites + }), + query = filterParams.query; + + if ((filter || "path") == "path") + { + // TODO also add DB filter by "node" (in addition to "path") + var parentNode = parsedArgs.pathNode; + if (parentNode !== null) + { + var skip = -1, + max = -1; + + if (args.size != null) + { + max = args.size; + + if (args.pos > 0) + { + skip = (args.pos - 1) * max; + } + } + + var sortField = (args.sortField == null ? "cm:name" : args.sortField), + sortAsc = (((args.sortAsc == null) || (args.sortAsc == "true")) ? true : false); + + // Get paged set + requestTotalCountMax = skip + REQUEST_MAX; + var pagedResult = parentNode.childFileFolders(true, true, filterParams.ignoreTypes, skip, max, requestTotalCountMax, sortField, sortAsc, "TODO"); + + allNodes = pagedResult.page; + totalRecords = pagedResult.totalResultCountUpper; + paged = true; + } + } + else + { + // Query the nodes - passing in sort and result limit parameters + if (query !== "") + { + allNodes = search.query( + { + query: query, + language: filterParams.language, + page: + { + maxItems: (filterParams.limitResults ? parseInt(filterParams.limitResults, 10) : 0) + }, + sort: filterParams.sort, + templates: filterParams.templates, + namespace: (filterParams.namespace ? filterParams.namespace : null) + }); + + totalRecords = allNodes.length; + } + } + + // Ensure folders and folderlinks appear at the top of the list + var folderNodes = [], + documentNodes = []; + + for each (node in allNodes) + { + try + { + if (node.isContainer || node.isLinkToContainer) + { + folderNodes.push(node); + } + else + { + documentNodes.push(node); + } + } + catch (e) + { + // Possibly an old indexed node - ignore it + } + } + + // Node type counts + var folderNodesCount = folderNodes.length, + documentNodesCount = documentNodes.length, + nodes; + + if (parsedArgs.type === "documents") + { + nodes = documentNodes; + totalRecords -= folderNodesCount; + } + else + { + // TODO: Sorting with folders at end -- swap order of concat() + nodes = folderNodes.concat(documentNodes); + } + + // Pagination + var pageSize = args.size || nodes.length, + pagePos = args.pos || "1", + startIndex = (pagePos - 1) * pageSize; + + if (!paged) + { + // Trim the nodes array down to the page size + nodes = nodes.slice(startIndex, pagePos * pageSize); + } + + // Common or variable parent container? + var parent = null; + + if (!filterParams.variablePath) + { + // Parent node permissions (and Site role if applicable) + parent = Evaluator.run(parsedArgs.pathNode, true); + } + + var isThumbnailNameRegistered = thumbnailService.isThumbnailNameRegistered(THUMBNAIL_NAME), + thumbnail = null, + locationNode, + item; + + // Loop through and evaluate each node in this result set + for each (node in nodes) + { + // Get evaluated properties. + item = Evaluator.run(node); + if (item !== null) + { + item.isFavourite = (favourites[item.node.nodeRef] === true); + item.likes = Common.getLikes(node); + + // Does this collection of nodes have potentially differering paths? + if (filterParams.variablePath || item.isLink) + { + locationNode = item.isLink ? item.linkedNode : item.node; + location = Common.getLocation(locationNode, parsedArgs.libraryRoot); + // Parent node + if (node.parent != null && + (node.parent.hasPermission("Read") || node.parent.hasPermission("ReadRecords"))) + { + item.parent = Evaluator.run(node.parent, true); + } + } + else + { + location = + { + site: parsedArgs.location.site, + siteTitle: parsedArgs.location.siteTitle, + sitePreset: parsedArgs.location.sitePreset, + container: parsedArgs.location.container, + containerType: parsedArgs.location.containerType, + path: parsedArgs.location.path, + file: node.name + }; + } + + // Resolved location + item.location = location; + + // Check: thumbnail type is registered && node is a cm:content subtype && valid inputStream for content property + if (isThumbnailNameRegistered && item.node.isSubType("cm:content") && item.node.properties.content.inputStream != null) + { + // Make sure we have a thumbnail. + thumbnail = item.node.getThumbnail(THUMBNAIL_NAME); + if (thumbnail === null) + { + // No thumbnail, so queue creation + item.node.createThumbnail(THUMBNAIL_NAME, true); + } + } + + items.push(item); + } + else + { + --totalRecords; + } + } + + // Array Remove - By John Resig (MIT Licensed) + var fnArrayRemove = function fnArrayRemove(array, from, to) + { + var rest = array.slice((to || from) + 1 || array.length); + array.length = from < 0 ? array.length + from : from; + return array.push.apply(array, rest); + }; + + /** + * De-duplicate orignals for any existing working copies. + * This can't be done in evaluator.lib.js as it has no knowledge of the current filter or UI operation. + * Note: This may result in pages containing less than the configured amount of items (50 by default). + */ + for each (item in items) + { + if (item.workingCopy.isWorkingCopy) + { + var workingCopySource = String(item.workingCopy.sourceNodeRef); + for (var i = 0, ii = items.length; i < ii; i++) + { + if (String(items[i].node.nodeRef) == workingCopySource) + { + fnArrayRemove(items, i); + --totalRecords; + break; + } + } + } + } + + var paging = + { + totalRecords: totalRecords, + startIndex: startIndex + }; + + if (paged && (totalRecords == requestTotalCountMax)) + { + paging.totalRecordsUpper = requestTotalCountMax; + } + + return ( + { + luceneQuery: query, + paging: paging, + container: parsedArgs.rootNode, + parent: parent, + onlineEditing: utils.moduleInstalled("org.alfresco.module.vti"), + itemCount: + { + folders: folderNodesCount, + documents: documentNodesCount + }, + items: items, + customJSON: slingshotDocLib.getJSON() + }); +} diff --git a/rm-server/config/alfresco/templates/webscripts/org/alfresco/slingshot/documentlibrary-v2/node.get.js b/rm-server/config/alfresco/templates/webscripts/org/alfresco/slingshot/documentlibrary-v2/node.get.js new file mode 100644 index 0000000000..145314fb8c --- /dev/null +++ b/rm-server/config/alfresco/templates/webscripts/org/alfresco/slingshot/documentlibrary-v2/node.get.js @@ -0,0 +1,77 @@ + + + +/** + * Main entry point: Return single document or folder given it's nodeRef + * + * @method getDoclist + */ +function getDoclist() +{ + // Use helper function to get the arguments + var parsedArgs = ParseArgs.getParsedArgs(); + if (parsedArgs === null) + { + return; + } + + parsedArgs.pathNode = ParseArgs.resolveNode(parsedArgs.nodeRef); + parsedArgs.location = Common.getLocation(parsedArgs.pathNode, parsedArgs.libraryRoot); + + var favourites = Common.getFavourites(), + node = parsedArgs.pathNode; + + var isThumbnailNameRegistered = thumbnailService.isThumbnailNameRegistered(THUMBNAIL_NAME), + thumbnail = null, + item = Evaluator.run(node); + + item.isFavourite = (favourites[node.nodeRef] === true); + item.likes = Common.getLikes(node); + item.location = + { + site: parsedArgs.location.site, + siteTitle: parsedArgs.location.siteTitle, + container: parsedArgs.location.container, + containerType: parsedArgs.location.containerType, + path: parsedArgs.location.path, + file: node.name + }; + + item.parent = {}; + if (node.parent != null && (node.parent.hasPermission("Read") || node.parent.hasPermission("ReadRecords"))) + { + item.parent = Evaluator.run(node.parent, true); + } + + // Special case for container and libraryRoot nodes + if ((parsedArgs.location.containerNode && String(parsedArgs.location.containerNode.nodeRef) == String(node.nodeRef)) || + (parsedArgs.libraryRoot && String(parsedArgs.libraryRoot.nodeRef) == String(node.nodeRef))) + { + item.location.file = ""; + } + + // Check: thumbnail type is registered && node is a cm:content subtype && valid inputStream for content property + if (isThumbnailNameRegistered && item.node.isSubType("cm:content") && item.node.properties.content.inputStream != null) + { + // Make sure we have a thumbnail. + thumbnail = item.node.getThumbnail(THUMBNAIL_NAME); + if (thumbnail === null) + { + // No thumbnail, so queue creation + item.node.createThumbnail(THUMBNAIL_NAME, true); + } + } + + return ( + { + container: parsedArgs.rootNode, + onlineEditing: utils.moduleInstalled("org.alfresco.module.vti"), + item: item, + customJSON: slingshotDocLib.getJSON() + }); +} + +/** + * Document List Component: doclist + */ +model.doclist = getDoclist(); \ No newline at end of file diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/RMActionExecuterAbstractBase.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/RMActionExecuterAbstractBase.java index 92543eaf4b..9ab72d3ae2 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/RMActionExecuterAbstractBase.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/action/RMActionExecuterAbstractBase.java @@ -31,7 +31,7 @@ import java.util.Set; import org.alfresco.module.org_alfresco_module_rm.RecordsManagementAdminService; import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService; import org.alfresco.module.org_alfresco_module_rm.audit.RecordsManagementAuditService; -import org.alfresco.module.org_alfresco_module_rm.capability.impl.AbstractCapability; +import org.alfresco.module.org_alfresco_module_rm.capability.AbstractCapability; import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionAction; import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionActionDefinition; import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionSchedule; diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/AbstractCapability.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/AbstractCapability.java similarity index 91% rename from rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/AbstractCapability.java rename to rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/AbstractCapability.java index 081d5db447..5ad0a2c4fa 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/AbstractCapability.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/AbstractCapability.java @@ -16,7 +16,7 @@ * You should have received a copy of the GNU Lesser General Public License * along with Alfresco. If not, see . */ -package org.alfresco.module.org_alfresco_module_rm.capability.impl; +package org.alfresco.module.org_alfresco_module_rm.capability; import java.util.ArrayList; import java.util.List; @@ -24,11 +24,6 @@ import java.util.List; import net.sf.acegisecurity.vote.AccessDecisionVoter; import org.alfresco.module.org_alfresco_module_rm.action.RecordsManagementAction; -import org.alfresco.module.org_alfresco_module_rm.capability.Capability; -import org.alfresco.module.org_alfresco_module_rm.capability.CapabilityService; -import org.alfresco.module.org_alfresco_module_rm.capability.RMEntryVoter; -import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel; -import org.alfresco.module.org_alfresco_module_rm.capability.RMSecurityCommon; import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel; import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.cmr.security.AccessStatus; diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/declarative/DeclarativeCapability.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/declarative/DeclarativeCapability.java index 5b9927d1a5..40e1a9ac17 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/declarative/DeclarativeCapability.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/declarative/DeclarativeCapability.java @@ -26,7 +26,7 @@ import net.sf.acegisecurity.vote.AccessDecisionVoter; import org.alfresco.error.AlfrescoRuntimeException; import org.alfresco.module.org_alfresco_module_rm.FilePlanComponentKind; -import org.alfresco.module.org_alfresco_module_rm.capability.impl.AbstractCapability; +import org.alfresco.module.org_alfresco_module_rm.capability.AbstractCapability; import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.cmr.security.AccessStatus; import org.springframework.beans.BeansException; @@ -41,7 +41,7 @@ import org.springframework.context.ApplicationContextAware; public class DeclarativeCapability extends AbstractCapability implements ApplicationContextAware { /** Application Context */ - private ApplicationContext applicationContext; + protected ApplicationContext applicationContext; /** Required permissions */ private List permissions; @@ -233,7 +233,7 @@ public class DeclarativeCapability extends AbstractCapability implements Applica } /** - * @see org.alfresco.module.org_alfresco_module_rm.capability.impl.AbstractCapability#hasPermissionImpl(org.alfresco.service.cmr.repository.NodeRef) + * @see org.alfresco.module.org_alfresco_module_rm.capability.AbstractCapability#hasPermissionImpl(org.alfresco.service.cmr.repository.NodeRef) */ @Override public int evaluate(NodeRef nodeRef) diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/declarative/condition/FillingCapabilityCondition.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/declarative/condition/FillingCapabilityCondition.java index 61366a9629..f199155f3e 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/declarative/condition/FillingCapabilityCondition.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/declarative/condition/FillingCapabilityCondition.java @@ -18,14 +18,10 @@ */ package org.alfresco.module.org_alfresco_module_rm.capability.declarative.condition; -import org.alfresco.model.ContentModel; import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel; import org.alfresco.module.org_alfresco_module_rm.capability.declarative.AbstractCapabilityCondition; -import org.alfresco.service.cmr.dictionary.DictionaryService; -import org.alfresco.service.cmr.repository.ChildAssociationRef; import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.cmr.security.AccessStatus; -import org.alfresco.service.namespace.QName; /** * Filling capability condition. @@ -34,17 +30,6 @@ import org.alfresco.service.namespace.QName; */ public class FillingCapabilityCondition extends AbstractCapabilityCondition { - /** Dictionary service */ - private DictionaryService dictionaryService; - - /** - * @param dictionaryService dictionary service - */ - public void setDictionaryService(DictionaryService dictionaryService) - { - this.dictionaryService = dictionaryService; - } - /** * @see org.alfresco.module.org_alfresco_module_rm.capability.declarative.CapabilityCondition#evaluate(org.alfresco.service.cmr.repository.NodeRef) */ @@ -53,65 +38,11 @@ public class FillingCapabilityCondition extends AbstractCapabilityCondition { boolean result = false; - NodeRef filePlan = rmService.getFilePlan(nodeRef); - - if (permissionService.hasPermission(filePlan, RMPermissionModel.ROLE_ADMINISTRATOR) == AccessStatus.ALLOWED) + if (permissionService.hasPermission(nodeRef, RMPermissionModel.FILE_RECORDS) != AccessStatus.DENIED) { result = true; } - else - { - QName nodeType = nodeService.getType(nodeRef); - if (rmService.isRecord(nodeRef) == true || - dictionaryService.isSubClass(nodeType, ContentModel.TYPE_CONTENT) == true) - { - // Multifiling - if you have filing rights to any of the folders in which the record resides - // then you have filing rights. - for (ChildAssociationRef car : nodeService.getParentAssocs(nodeRef)) - { - if (car != null) - { - if (permissionService.hasPermission(car.getParentRef(), RMPermissionModel.FILE_RECORDS) == AccessStatus.ALLOWED) - { - result = true; - break; - } - } - } - } - else if (rmService.isRecordFolder(nodeRef) == true) - { - if (permissionService.hasPermission(nodeRef, RMPermissionModel.FILE_RECORDS) != AccessStatus.DENIED) - { - result = true; - } - } - else if (rmService.isRecordCategory(nodeRef) == true) - { - if (permissionService.hasPermission(nodeRef, RMPermissionModel.FILE_RECORDS) != AccessStatus.DENIED) - { - result = true; - } - else if (permissionService.hasPermission(filePlan, RMPermissionModel.CREATE_MODIFY_DESTROY_FOLDERS) != AccessStatus.DENIED) - { - result = true; - } - } - // else other file plan component - else - { - if (permissionService.hasPermission(nodeRef, RMPermissionModel.FILE_RECORDS) != AccessStatus.DENIED) - { - result = true; - } - else if (permissionService.hasPermission(filePlan, RMPermissionModel.CREATE_MODIFY_DESTROY_FILEPLAN_METADATA) != AccessStatus.DENIED) - { - result = true; - } - } - - } - return result; + return result; } } diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/group/DeclareCapability.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/group/DeclareCapability.java index 9e696f855a..060b5f83c6 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/group/DeclareCapability.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/group/DeclareCapability.java @@ -20,9 +20,9 @@ package org.alfresco.module.org_alfresco_module_rm.capability.group; import net.sf.acegisecurity.vote.AccessDecisionVoter; +import org.alfresco.module.org_alfresco_module_rm.capability.AbstractCapability; import org.alfresco.module.org_alfresco_module_rm.capability.Capability; import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel; -import org.alfresco.module.org_alfresco_module_rm.capability.impl.AbstractCapability; import org.alfresco.service.cmr.repository.NodeRef; /** diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/group/DeleteCapability.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/group/DeleteCapability.java index 2af89a535a..9b7395d851 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/group/DeleteCapability.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/group/DeleteCapability.java @@ -20,9 +20,9 @@ package org.alfresco.module.org_alfresco_module_rm.capability.group; import net.sf.acegisecurity.vote.AccessDecisionVoter; +import org.alfresco.module.org_alfresco_module_rm.capability.AbstractCapability; import org.alfresco.module.org_alfresco_module_rm.capability.Capability; import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel; -import org.alfresco.module.org_alfresco_module_rm.capability.impl.AbstractCapability; import org.alfresco.service.cmr.repository.NodeRef; /** diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/group/UpdateCapability.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/group/UpdateCapability.java index 39160cd70b..671dad38a9 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/group/UpdateCapability.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/group/UpdateCapability.java @@ -23,8 +23,8 @@ import java.util.Map; import net.sf.acegisecurity.vote.AccessDecisionVoter; +import org.alfresco.module.org_alfresco_module_rm.capability.AbstractCapability; import org.alfresco.module.org_alfresco_module_rm.capability.Capability; -import org.alfresco.module.org_alfresco_module_rm.capability.impl.AbstractCapability; import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.namespace.QName; diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/group/UpdatePropertiesCapability.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/group/UpdatePropertiesCapability.java index cf36f4909a..b1423fcd29 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/group/UpdatePropertiesCapability.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/group/UpdatePropertiesCapability.java @@ -23,8 +23,8 @@ import java.util.Map; import net.sf.acegisecurity.vote.AccessDecisionVoter; +import org.alfresco.module.org_alfresco_module_rm.capability.AbstractCapability; import org.alfresco.module.org_alfresco_module_rm.capability.Capability; -import org.alfresco.module.org_alfresco_module_rm.capability.impl.AbstractCapability; import org.alfresco.service.cmr.repository.NodeRef; import org.alfresco.service.namespace.QName; diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/ChangeOrDeleteReferencesCapability.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/ChangeOrDeleteReferencesCapability.java index 121cf3b263..1d7143be12 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/ChangeOrDeleteReferencesCapability.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/ChangeOrDeleteReferencesCapability.java @@ -41,7 +41,7 @@ public class ChangeOrDeleteReferencesCapability extends DeclarativeCapability } /** - * @see org.alfresco.module.org_alfresco_module_rm.capability.impl.AbstractCapability#evaluate(org.alfresco.service.cmr.repository.NodeRef, org.alfresco.service.cmr.repository.NodeRef) + * @see org.alfresco.module.org_alfresco_module_rm.capability.AbstractCapability#evaluate(org.alfresco.service.cmr.repository.NodeRef, org.alfresco.service.cmr.repository.NodeRef) */ public int evaluate(NodeRef source, NodeRef target) { diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/DeleteLinksCapability.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/DeleteLinksCapability.java index 20273a3e43..75d7347ae2 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/DeleteLinksCapability.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/DeleteLinksCapability.java @@ -41,7 +41,7 @@ public class DeleteLinksCapability extends DeclarativeCapability } /** - * @see org.alfresco.module.org_alfresco_module_rm.capability.impl.AbstractCapability#evaluate(org.alfresco.service.cmr.repository.NodeRef, org.alfresco.service.cmr.repository.NodeRef) + * @see org.alfresco.module.org_alfresco_module_rm.capability.AbstractCapability#evaluate(org.alfresco.service.cmr.repository.NodeRef, org.alfresco.service.cmr.repository.NodeRef) */ public int evaluate(NodeRef source, NodeRef target) { diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/EditRecordMetadataCapability.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/EditRecordMetadataCapability.java index aaa806b263..e93f534173 100644 --- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/EditRecordMetadataCapability.java +++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/capability/impl/EditRecordMetadataCapability.java @@ -31,17 +31,17 @@ import org.alfresco.service.cmr.security.OwnableService; * * @author Roy Wetherall */ -public class EditRecordMetadataCapability extends DeclarativeCapability +public class EditRecordMetadataCapability extends DeclarativeCapability { - /** Ownable service */ private OwnableService ownableService; - - /** - * @param ownableService ownable service - */ - public void setOwnableService(OwnableService ownableService) + + private OwnableService getOwnableService() { - this.ownableService = ownableService; + if (ownableService == null) + { + ownableService = (OwnableService)applicationContext.getBean("OwnableService"); + } + return ownableService; } /** @@ -76,11 +76,11 @@ public class EditRecordMetadataCapability extends DeclarativeCapability // Since we know this is undeclared if you are the owner then you should be able to // edit the records meta-data (otherwise how can it be declared by the user?) - if (ownableService.hasOwner(nodeRef) == true) + if (getOwnableService().hasOwner(nodeRef) == true) { String user = AuthenticationUtil.getFullyAuthenticatedUser(); if (user != null && - ownableService.getOwner(nodeRef).equals(user) == true) + getOwnableService().getOwner(nodeRef).equals(user) == true) { result = Integer.valueOf(AccessDecisionVoter.ACCESS_GRANTED); } diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/AddModifyEventDatesCapabilityTest.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/AddModifyEventDatesCapabilityTest.java deleted file mode 100644 index 4d2dba2b8d..0000000000 --- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/AddModifyEventDatesCapabilityTest.java +++ /dev/null @@ -1,282 +0,0 @@ -/* - * Copyright (C) 2005-2011 Alfresco Software Limited. - * - * This file is part of Alfresco - * - * Alfresco is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * Alfresco is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with Alfresco. If not, see . - */ -package org.alfresco.module.org_alfresco_module_rm.test.capabilities; - -import java.io.Serializable; -import java.util.Date; -import java.util.HashMap; -import java.util.Map; - -import org.alfresco.module.org_alfresco_module_rm.action.impl.CompleteEventAction; -import org.alfresco.module.org_alfresco_module_rm.action.impl.FreezeAction; -import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel; -import org.alfresco.repo.security.authentication.AuthenticationUtil; -import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback; -import org.alfresco.service.cmr.security.AccessStatus; - -/** - * @author Roy Wetherall - */ -public class AddModifyEventDatesCapabilityTest extends BaseTestCapabilities -{ - /** - * - * @throws Exception - */ - public void testAddModifyEventDatesCapability() throws Exception - { - // Check file plan permissions - checkPermissions( - filePlan, - ADD_MODIFY_EVENT_DATES, - stdUsers, - new AccessStatus[] - { - AccessStatus.ALLOWED, - AccessStatus.ALLOWED, - AccessStatus.ALLOWED, - AccessStatus.ALLOWED, - AccessStatus.ALLOWED, - AccessStatus.DENIED - }); - - checkCapabilities( - recordFolder_1, - ADD_MODIFY_EVENT_DATES, - stdUsers, - new AccessStatus[] - { - AccessStatus.ALLOWED, - AccessStatus.ALLOWED, - AccessStatus.ALLOWED, - AccessStatus.ALLOWED, - AccessStatus.ALLOWED, - AccessStatus.DENIED - }); - - checkCapabilities( - record_1, - ADD_MODIFY_EVENT_DATES, - stdUsers, - new AccessStatus[] - { - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED - }); - - checkCapabilities( - recordFolder_2, - ADD_MODIFY_EVENT_DATES, - stdUsers, - new AccessStatus[] - { - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED - }); - - checkCapabilities( - record_2, - ADD_MODIFY_EVENT_DATES, - stdUsers, - new AccessStatus[] - { - AccessStatus.ALLOWED, - AccessStatus.ALLOWED, - AccessStatus.ALLOWED, - AccessStatus.ALLOWED, - AccessStatus.ALLOWED, - AccessStatus.DENIED - }); - - /** Test user has no capabilities */ - checkTestUserCapabilities(ADD_MODIFY_EVENT_DATES, - AccessStatus.DENIED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.DENIED); // record_2 - - /** Add filing to both record folders */ - retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback() - { - @Override - public Object execute() throws Throwable - { - AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.SYSTEM_USER_NAME); - - permissionService.setPermission(filePlan, testers, VIEW_RECORDS, true); - permissionService.setInheritParentPermissions(recordCategory_1, false); - permissionService.setInheritParentPermissions(recordCategory_2, false); - permissionService.setPermission(recordCategory_1, testers, READ_RECORDS, true); - permissionService.setPermission(recordCategory_2, testers, READ_RECORDS, true); - permissionService.setPermission(recordFolder_1, testers, FILING, true); - permissionService.setPermission(recordFolder_2, testers, FILING, true); - - return null; - } - }, false, true); - - /** Check capabilities */ - checkTestUserCapabilities(ADD_MODIFY_EVENT_DATES, - AccessStatus.DENIED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.DENIED); // record_2 - - /** Add declare record capability */ - addCapability(DECLARE_RECORDS, testers, filePlan); - checkTestUserCapabilities(ADD_MODIFY_EVENT_DATES, - AccessStatus.DENIED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.DENIED); // record_2 - - /** Add modify event date capability */ - addCapability(ADD_MODIFY_EVENT_DATES, testers, filePlan); - checkTestUserCapabilities(ADD_MODIFY_EVENT_DATES, - AccessStatus.ALLOWED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.ALLOWED); // record_2 - - /** Remove declare capability */ - removeCapability(DECLARE_RECORDS, testers, filePlan); - checkTestUserCapabilities(ADD_MODIFY_EVENT_DATES, - AccessStatus.ALLOWED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.ALLOWED); // record_2 - - /** Add declare capability */ - addCapability(DECLARE_RECORDS, testers, filePlan); - checkTestUserCapabilities(ADD_MODIFY_EVENT_DATES, - AccessStatus.ALLOWED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.ALLOWED); // record_2 - - /** Remove view records capability */ - removeCapability(VIEW_RECORDS, testers, filePlan); - checkTestUserCapabilities(ADD_MODIFY_EVENT_DATES, - AccessStatus.DENIED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.DENIED); // record_2 - - /** Add view records capability */ - addCapability(VIEW_RECORDS, testers, filePlan); - checkTestUserCapabilities(ADD_MODIFY_EVENT_DATES, - AccessStatus.ALLOWED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.ALLOWED); // record_2 - - /** Remove filing from record folders */ - removeCapability(FILING, testers, recordFolder_1, recordFolder_2); - checkTestUserCapabilities(ADD_MODIFY_EVENT_DATES, - AccessStatus.DENIED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.DENIED); // record_2 - - /** Set filing permission on records folders */ - addCapability(FILING, testers, recordFolder_1, recordFolder_2); - checkTestUserCapabilities(ADD_MODIFY_EVENT_DATES, - AccessStatus.ALLOWED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.ALLOWED); // record_2 - - /** Freeze folder 1 */ - Map params = new HashMap(1); - params.put(FreezeAction.PARAM_REASON, "one"); - executeAction("freeze", params, recordFolder_1); - checkTestUserCapabilities(ADD_MODIFY_EVENT_DATES, - AccessStatus.DENIED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.ALLOWED); // record_2 - - /** Freeze record_2 */ - params = new HashMap(1); - params.put(FreezeAction.PARAM_REASON, "Two"); - executeAction("freeze", params, record_2); - - checkTestUserCapabilities(ADD_MODIFY_EVENT_DATES, - AccessStatus.DENIED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.DENIED); // record_2 - - /** Unfreeze */ - executeAction("unfreeze", recordFolder_1, record_2); - checkTestUserCapabilities(ADD_MODIFY_EVENT_DATES, - AccessStatus.ALLOWED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.ALLOWED); // record_2 - - /** Close record folders */ - executeAction("closeRecordFolder", recordFolder_1, recordFolder_2); - checkTestUserCapabilities(ADD_MODIFY_EVENT_DATES, - AccessStatus.ALLOWED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.ALLOWED); // record_2 - - /** Open record folders */ - executeAction("openRecordFolder", recordFolder_1, recordFolder_2); - checkTestUserCapabilities(ADD_MODIFY_EVENT_DATES, - AccessStatus.ALLOWED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.ALLOWED); // record_2 - - /** Try and complete events*/ - Map eventDetails = new HashMap(3); - eventDetails.put(CompleteEventAction.PARAM_EVENT_NAME, "event"); - eventDetails.put(CompleteEventAction.PARAM_EVENT_COMPLETED_AT, new Date()); - eventDetails.put(CompleteEventAction.PARAM_EVENT_COMPLETED_BY, test_user); - executeAction("completeEvent", eventDetails, test_user, recordFolder_1); - checkExecuteActionFail("completeEvent", eventDetails, test_user, recordFolder_2); - checkExecuteActionFail("completeEvent", eventDetails, test_user, record_1); - executeAction("completeEvent", eventDetails, test_user, record_2); - - /** Check properties can not be set */ - checkSetPropertyFail(record_1, RecordsManagementModel.PROP_EVENT_EXECUTION_COMPLETE, test_user, true); - checkSetPropertyFail(record_1, RecordsManagementModel.PROP_EVENT_EXECUTION_COMPLETED_AT, test_user, new Date()); - checkSetPropertyFail(record_1, RecordsManagementModel.PROP_EVENT_EXECUTION_COMPLETED_AT, test_user, "me"); - - /** Declare and cutoff */ - declare(record_1, record_2); - cutoff(recordFolder_1, record_2); - checkTestUserCapabilities(ADD_MODIFY_EVENT_DATES, - AccessStatus.ALLOWED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.ALLOWED); // record_2 - } -} diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/ApproveRecordsScheduledForCutoffCapability.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/ApproveRecordsScheduledForCutoffCapability.java deleted file mode 100644 index 06a6b598ae..0000000000 --- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/ApproveRecordsScheduledForCutoffCapability.java +++ /dev/null @@ -1,307 +0,0 @@ -/* - * Copyright (C) 2005-2011 Alfresco Software Limited. - * - * This file is part of Alfresco - * - * Alfresco is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * Alfresco is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with Alfresco. If not, see . - */ -package org.alfresco.module.org_alfresco_module_rm.test.capabilities; - -import java.io.Serializable; -import java.util.HashMap; -import java.util.Map; - -import org.alfresco.module.org_alfresco_module_rm.action.impl.FreezeAction; -import org.alfresco.repo.security.authentication.AuthenticationUtil; -import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback; -import org.alfresco.service.cmr.security.AccessStatus; - -/** - * @author Roy Wetherall - */ -public class ApproveRecordsScheduledForCutoffCapability extends BaseTestCapabilities -{ - public void testApproveRecordsScheduledForCutoffCapability() - { - // File plan permissions - checkPermissions(filePlan, APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, stdUsers, - AccessStatus.ALLOWED, - AccessStatus.ALLOWED, - AccessStatus.ALLOWED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED); - - // Not yet eligible - checkCapabilities(recordFolder_1, APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, stdUsers, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED); - checkCapabilities(record_1, APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, stdUsers, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED); - checkCapabilities(recordFolder_2, APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, stdUsers, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED); - checkCapabilities(record_2, APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, stdUsers, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED); - - // Set appropriate state - declare records and make eligible - declare(record_1, record_2); - makeEligible(recordFolder_1, record_2); - - checkCapabilities(recordFolder_1, APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, stdUsers, - AccessStatus.ALLOWED, - AccessStatus.ALLOWED, - AccessStatus.ALLOWED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED); - checkCapabilities(record_1, APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, stdUsers, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED); - checkCapabilities(recordFolder_2, APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, stdUsers, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED); - checkCapabilities(record_2, APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, stdUsers, - AccessStatus.ALLOWED, - AccessStatus.ALLOWED, - AccessStatus.ALLOWED, - AccessStatus.DENIED, - AccessStatus.DENIED, - AccessStatus.DENIED); - - checkTestUserCapabilities(APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, - AccessStatus.DENIED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.DENIED); // record_2 - - retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback() - { - @Override - public Object execute() throws Throwable - { - AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.SYSTEM_USER_NAME); - - permissionService.setPermission(filePlan, testers, VIEW_RECORDS, true); - permissionService.setInheritParentPermissions(recordCategory_1, false); - permissionService.setInheritParentPermissions(recordCategory_2, false); - permissionService.setPermission(recordCategory_1, testers, READ_RECORDS, true); - permissionService.setPermission(recordCategory_2, testers, READ_RECORDS, true); - permissionService.setPermission(recordFolder_1, testers, FILING, true); - permissionService.setPermission(recordFolder_2, testers, FILING, true); - - return null; - } - }, false, true); - - checkTestUserCapabilities(APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, - AccessStatus.DENIED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.DENIED); // record_2 - - addCapability(DECLARE_RECORDS, testers, filePlan); - checkTestUserCapabilities(APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, - AccessStatus.DENIED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.DENIED); // record_2 - - addCapability(APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, testers, filePlan); - checkTestUserCapabilities(APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, - AccessStatus.ALLOWED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.ALLOWED); // record_2 - - removeCapability(DECLARE_RECORDS, testers, filePlan); - checkTestUserCapabilities(APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, - AccessStatus.ALLOWED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.ALLOWED); // record_2 - - addCapability(DECLARE_RECORDS, testers, filePlan); - checkTestUserCapabilities(APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, - AccessStatus.ALLOWED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.ALLOWED); // record_2 - - removeCapability(VIEW_RECORDS, testers, filePlan); - checkTestUserCapabilities(APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, - AccessStatus.DENIED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.DENIED); // record_2 - - addCapability(VIEW_RECORDS, testers, filePlan); - checkTestUserCapabilities(APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, - AccessStatus.ALLOWED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.ALLOWED); // record_2 - - removeCapability(FILING, testers, recordFolder_1, recordFolder_2); - checkTestUserCapabilities(APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, - AccessStatus.DENIED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.DENIED); // record_2 - - addCapability(FILING, testers, recordFolder_1, recordFolder_2); - checkTestUserCapabilities(APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, - AccessStatus.ALLOWED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.ALLOWED); // record_2 - - // Freeze record folder - Map params = new HashMap(1); - params.put(FreezeAction.PARAM_REASON, "one"); - executeAction("freeze", params, recordFolder_1); - checkTestUserCapabilities(APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, - AccessStatus.DENIED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.ALLOWED); // record_2 - - // Freeze record - executeAction("freeze", params, record_2); - checkTestUserCapabilities(APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, - AccessStatus.DENIED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.DENIED); // record_2 - - // Unfreeze - executeAction("unfreeze", recordFolder_1, record_2); - checkTestUserCapabilities(APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, - AccessStatus.ALLOWED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.ALLOWED); // record_2 - - // Close folders - executeAction("closeRecordFolder", recordFolder_1, recordFolder_2); - checkTestUserCapabilities(APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, - AccessStatus.ALLOWED, // recordFolder_1 - AccessStatus.DENIED, // record_1 - AccessStatus.DENIED, // recordFolder_2 - AccessStatus.ALLOWED); // record_2 - -// -// AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getSystemUserName()); -// recordsManagementActionService.executeRecordsManagementAction(recordFolder_1, "openRecordFolder"); -// recordsManagementActionService.executeRecordsManagementAction(recordFolder_2, "openRecordFolder"); -// -// checkCapability(test_user, recordFolder_1, RMPermissionModel.APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, AccessStatus.ALLOWED); -// checkCapability(test_user, record_1, RMPermissionModel.APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, AccessStatus.DENIED); -// checkCapability(test_user, recordFolder_2, RMPermissionModel.APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, AccessStatus.DENIED); -// checkCapability(test_user, record_2, RMPermissionModel.APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, AccessStatus.ALLOWED); -// -// // try and cut off -// -// AuthenticationUtil.setFullyAuthenticatedUser(test_user); -// recordsManagementActionService.executeRecordsManagementAction(recordFolder_1, "cutoff", null); -// try -// { -// recordsManagementActionService.executeRecordsManagementAction(recordFolder_2, "cutoff", null); -// fail(); -// } -// catch (AccessDeniedException ade) -// { -// -// } -// try -// { -// recordsManagementActionService.executeRecordsManagementAction(record_1, "cutoff", null); -// fail(); -// } -// catch (AccessDeniedException ade) -// { -// -// } -// recordsManagementActionService.executeRecordsManagementAction(record_2, "cutoff", null); -// -// // check protected properties -// -// try -// { -// publicNodeService.setProperty(record_1, RecordsManagementModel.PROP_CUT_OFF_DATE, new Date()); -// fail(); -// } -// catch (AccessDeniedException ade) -// { -// -// } - - // check cutoff again (it is already cut off) - - // try - // { - // recordsManagementActionService.executeRecordsManagementAction(recordFolder_1, "cutoff", null); - // fail(); - // } - // catch (AccessDeniedException ade) - // { - // - // } - // try - // { - // recordsManagementActionService.executeRecordsManagementAction(record_2, "cutoff", null); - // fail(); - // } - // catch (AccessDeniedException ade) - // { - // - // } - - // checkCapability(test_user, recordFolder_1, RMPermissionModel.APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, - // AccessStatus.DENIED); - // checkCapability(test_user, record_1, RMPermissionModel.APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, - // AccessStatus.DENIED); - // checkCapability(test_user, recordFolder_2, RMPermissionModel.APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, - // AccessStatus.DENIED); - // checkCapability(test_user, record_2, RMPermissionModel.APPROVE_RECORDS_SCHEDULED_FOR_CUTOFF, - // AccessStatus.DENIED); - } - -} diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/BaseTestCapabilities.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/BaseTestCapabilities.java deleted file mode 100644 index dc3a734c99..0000000000 --- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/BaseTestCapabilities.java +++ /dev/null @@ -1,903 +0,0 @@ -/* - * Copyright (C) 2005-2011 Alfresco Software Limited. - * - * This file is part of Alfresco - * - * Alfresco is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * Alfresco is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with Alfresco. If not, see . - */ -package org.alfresco.module.org_alfresco_module_rm.test.capabilities; - -import java.io.Serializable; -import java.util.ArrayList; -import java.util.Calendar; -import java.util.Date; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import javax.transaction.UserTransaction; - -import junit.framework.TestCase; - -import org.alfresco.model.ContentModel; -import org.alfresco.module.org_alfresco_module_rm.RecordsManagementService; -import org.alfresco.module.org_alfresco_module_rm.action.RecordsManagementActionService; -import org.alfresco.module.org_alfresco_module_rm.capability.Capability; -import org.alfresco.module.org_alfresco_module_rm.capability.CapabilityService; -import org.alfresco.module.org_alfresco_module_rm.capability.RMEntryVoter; -import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel; -import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionSchedule; -import org.alfresco.module.org_alfresco_module_rm.disposition.DispositionService; -import org.alfresco.module.org_alfresco_module_rm.event.RecordsManagementEventService; -import org.alfresco.module.org_alfresco_module_rm.model.RecordsManagementModel; -import org.alfresco.module.org_alfresco_module_rm.security.RecordsManagementSecurityService; -import org.alfresco.repo.content.MimetypeMap; -import org.alfresco.repo.security.authentication.AuthenticationUtil; -import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork; -import org.alfresco.repo.security.permissions.AccessDeniedException; -import org.alfresco.repo.security.permissions.impl.model.PermissionModel; -import org.alfresco.repo.transaction.RetryingTransactionHelper; -import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback; -import org.alfresco.service.cmr.repository.ContentService; -import org.alfresco.service.cmr.repository.ContentWriter; -import org.alfresco.service.cmr.repository.NodeRef; -import org.alfresco.service.cmr.repository.NodeService; -import org.alfresco.service.cmr.repository.StoreRef; -import org.alfresco.service.cmr.security.AccessStatus; -import org.alfresco.service.cmr.security.AuthorityService; -import org.alfresco.service.cmr.security.AuthorityType; -import org.alfresco.service.cmr.security.PermissionService; -import org.alfresco.service.cmr.security.PersonService; -import org.alfresco.service.namespace.NamespaceService; -import org.alfresco.service.namespace.QName; -import org.alfresco.service.namespace.RegexQNamePattern; -import org.alfresco.service.transaction.TransactionService; -import org.alfresco.util.ApplicationContextHelper; -import org.springframework.context.ApplicationContext; - -/** - * @author Roy Wetherall - */ -public abstract class BaseTestCapabilities extends TestCase - implements RMPermissionModel, RecordsManagementModel -{ - /* Application context */ - protected ApplicationContext ctx; - - /* Root node reference */ - protected StoreRef storeRef; - protected NodeRef rootNodeRef; - - /* Services */ - protected NodeService nodeService; - protected NodeService publicNodeService; - protected TransactionService transactionService; - protected PermissionService permissionService; - protected RecordsManagementService recordsManagementService; - protected RecordsManagementSecurityService recordsManagementSecurityService; - protected RecordsManagementActionService recordsManagementActionService; - protected RecordsManagementEventService recordsManagementEventService; - protected DispositionService dispositionService; - protected CapabilityService capabilityService; - protected PermissionModel permissionModel; - protected ContentService contentService; - protected AuthorityService authorityService; - protected PersonService personService; - protected ContentService publicContentService; - protected RetryingTransactionHelper retryingTransactionHelper; - - protected RMEntryVoter rmEntryVoter; - - protected UserTransaction testTX; - - protected NodeRef filePlan; - protected NodeRef recordSeries; - protected NodeRef recordCategory_1; - protected NodeRef recordCategory_2; - protected NodeRef recordFolder_1; - protected NodeRef recordFolder_2; - protected NodeRef record_1; - protected NodeRef record_2; - protected NodeRef recordCategory_3; - protected NodeRef recordFolder_3; - protected NodeRef record_3; - - // protected String rmUsers; - // protected String rmPowerUsers; - // protected String rmSecurityOfficers; - // protected String rmRecordsManagers; - // protected String rmAdministrators; - - protected String rm_user; - protected String rm_power_user; - protected String rm_security_officer; - protected String rm_records_manager; - protected String rm_administrator; - protected String test_user; - - protected String testers; - - protected String[] stdUsers; - protected NodeRef[] stdNodeRefs;; - - /** - * Test setup - * @throws Exception - */ - protected void setUp() throws Exception - { - // Get the application context - ctx = ApplicationContextHelper.getApplicationContext(); - - // Get beans - nodeService = (NodeService) ctx.getBean("dbNodeService"); - publicNodeService = (NodeService) ctx.getBean("NodeService"); - transactionService = (TransactionService) ctx.getBean("transactionComponent"); - permissionService = (PermissionService) ctx.getBean("permissionService"); - permissionModel = (PermissionModel) ctx.getBean("permissionsModelDAO"); - contentService = (ContentService) ctx.getBean("contentService"); - publicContentService = (ContentService) ctx.getBean("ContentService"); - authorityService = (AuthorityService) ctx.getBean("authorityService"); - personService = (PersonService) ctx.getBean("personService"); - capabilityService = (CapabilityService)ctx.getBean("CapabilityService"); - dispositionService = (DispositionService)ctx.getBean("DispositionService"); - recordsManagementService = (RecordsManagementService) ctx.getBean("RecordsManagementService"); - recordsManagementSecurityService = (RecordsManagementSecurityService) ctx.getBean("RecordsManagementSecurityService"); - recordsManagementActionService = (RecordsManagementActionService) ctx.getBean("RecordsManagementActionService"); - recordsManagementEventService = (RecordsManagementEventService) ctx.getBean("RecordsManagementEventService"); - rmEntryVoter = (RMEntryVoter) ctx.getBean("rmEntryVoter"); - retryingTransactionHelper = (RetryingTransactionHelper)ctx.getBean("retryingTransactionHelper"); - - retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback() - { - @Override - public Object execute() throws Throwable - { - // As system user - AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getSystemUserName()); - - // Create store and get the root node reference - storeRef = nodeService.createStore(StoreRef.PROTOCOL_WORKSPACE, "Test_" + System.currentTimeMillis()); - rootNodeRef = nodeService.getRootNode(storeRef); - - // As admin user - AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getAdminUserName()); - - // Create test events - recordsManagementEventService.getEvents(); - recordsManagementEventService.addEvent("rmEventType.simple", "event", "My Event"); - - // Create file plan node - filePlan = nodeService.createNode( - rootNodeRef, - ContentModel.ASSOC_CHILDREN, - TYPE_FILE_PLAN, - TYPE_FILE_PLAN).getChildRef(); - - return null; - } - }, false, true); - - - // Load in the plan data required for the test - loadFilePlanData(); - - retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback() - { - @Override - public Object execute() throws Throwable - { - // As system user - AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getSystemUserName()); - - // create people ... - rm_user = "rm_user_" + storeRef.getIdentifier(); - rm_power_user = "rm_power_user_" + storeRef.getIdentifier(); - rm_security_officer = "rm_security_officer_" + storeRef.getIdentifier(); - rm_records_manager = "rm_records_manager_" + storeRef.getIdentifier(); - rm_administrator = "rm_administrator_" + storeRef.getIdentifier(); - test_user = "test_user_" + storeRef.getIdentifier(); - - personService.createPerson(createDefaultProperties(rm_user)); - personService.createPerson(createDefaultProperties(rm_power_user)); - personService.createPerson(createDefaultProperties(rm_security_officer)); - personService.createPerson(createDefaultProperties(rm_records_manager)); - personService.createPerson(createDefaultProperties(rm_administrator)); - personService.createPerson(createDefaultProperties(test_user)); - - // create roles as groups -// rmUsers = authorityService.createAuthority(AuthorityType.GROUP, "RM_USER_" + storeRef.getIdentifier()); -// rmPowerUsers = authorityService.createAuthority(AuthorityType.GROUP, "RM_POWER_USER_" + storeRef.getIdentifier()); -// rmSecurityOfficers = authorityService.createAuthority(AuthorityType.GROUP, "RM_SECURITY_OFFICER_" + storeRef.getIdentifier()); -// rmRecordsManagers = authorityService.createAuthority(AuthorityType.GROUP, "RM_RECORDS_MANAGER_" + storeRef.getIdentifier()); -// rmAdministrators = authorityService.createAuthority(AuthorityType.GROUP, "RM_ADMINISTRATOR_" + storeRef.getIdentifier()); - - testers = authorityService.createAuthority(AuthorityType.GROUP, "RM_TESTOR_" + storeRef.getIdentifier()); - authorityService.addAuthority(testers, test_user); - - // rmUsers = recordsManagementSecurityService.assignRoleToAuthority(filePlan, ROLE, rm_user); - - - setPermissions(rm_user, ROLE_NAME_USER); - setPermissions(rm_power_user, ROLE_NAME_POWER_USER); - setPermissions(rm_security_officer, ROLE_NAME_SECURITY_OFFICER); - setPermissions(rm_records_manager, ROLE_NAME_RECORDS_MANAGER); - setPermissions(rm_administrator, ROLE_NAME_ADMINISTRATOR); - - stdUsers = new String[] - { - AuthenticationUtil.getSystemUserName(), - rm_administrator, - rm_records_manager, - rm_security_officer, - rm_power_user, - rm_user - }; - - stdNodeRefs = new NodeRef[] - { - recordFolder_1, - record_1, - recordFolder_2, - record_2 - }; - - return null; - } - }, false, true); - } - - /** - * Test tear down - * @throws Exception - */ - @Override - protected void tearDown() throws Exception - { - // TODO we should clean up as much as we can .... - } - - /** - * Set the permissions for a group, user and role - * @param group - * @param user - * @param role - */ - private void setPermissions(String user, String role) - { - recordsManagementSecurityService.assignRoleToAuthority(filePlan, role, user); - recordsManagementSecurityService.setPermission(filePlan, user, FILING); - } - - /** - * Loads the file plan date required for the tests - */ - protected void loadFilePlanData() - { - recordSeries = createRecordSeries(filePlan, "RS", "Record Series", "My record series"); - - recordCategory_1 = createRecordCategory(recordSeries, "Docs", "Docs", "Docs", "week|1", true, false); - recordCategory_2 = createRecordCategory(recordSeries, "More Docs", "More Docs", "More Docs", "week|1", true, true); - recordCategory_3 = createRecordSeries(recordSeries, "No Dis", "No disp schedule", "No disp schedule"); - - recordFolder_1 = createRecordFolder(recordCategory_1, "F1", "title", "description"); - recordFolder_2 = createRecordFolder(recordCategory_2, "F2", "title", "description"); - recordFolder_3 = createRecordFolder(recordCategory_3, "F3", "title", "description"); - - record_1 = createRecord(recordFolder_1); - record_2 = createRecord(recordFolder_2); - record_3 = createRecord(recordFolder_3); - } - - /** - * Set permission for authority on node reference. - * @param nodeRef - * @param authority - * @param permission - * @param allow - */ -// private void setPermission(NodeRef nodeRef, String authority, String permission, boolean allow) -// { -// permissionService.setPermission(nodeRef, authority, permission, allow); -// if (permission.equals(FILING)) -// { -// if (recordsManagementService.isRecordCategory(nodeRef) == true) -// { -// List assocs = nodeService.getChildAssocs(nodeRef, ContentModel.ASSOC_CONTAINS, RegexQNamePattern.MATCH_ALL); -// for (ChildAssociationRef assoc : assocs) -// { -// NodeRef child = assoc.getChildRef(); -// if (recordsManagementService.isRecordFolder(child) == true || -// recordsManagementService.isRecordCategory(child) == true) -// { -// setPermission(child, authority, permission, allow); -// } -// } -// } -// } -// } - - /** - * Create the default person properties - * @param userName - * @return - */ - private Map createDefaultProperties(String userName) - { - HashMap properties = new HashMap(); - properties.put(ContentModel.PROP_USERNAME, userName); - properties.put(ContentModel.PROP_HOMEFOLDER, null); - properties.put(ContentModel.PROP_FIRSTNAME, userName); - properties.put(ContentModel.PROP_LASTNAME, userName); - properties.put(ContentModel.PROP_EMAIL, userName); - properties.put(ContentModel.PROP_ORGID, ""); - return properties; - } - - /** - * Create a new record. Executed in a new transaction. - */ - private NodeRef createRecord(final NodeRef recordFolder) - { - return retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback() - { - @Override - public NodeRef execute() throws Throwable - { - // As admin - AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getAdminUserName()); - - // Create the record - Map props = new HashMap(1); - props.put(ContentModel.PROP_NAME, "MyRecord.txt"); - NodeRef recordOne = nodeService.createNode(recordFolder, ContentModel.ASSOC_CONTAINS, QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "MyRecord.txt"), - ContentModel.TYPE_CONTENT, props).getChildRef(); - - // Set the content - ContentWriter writer = contentService.getWriter(recordOne, ContentModel.PROP_CONTENT, true); - writer.setMimetype(MimetypeMap.MIMETYPE_TEXT_PLAIN); - writer.setEncoding("UTF-8"); - writer.putContent("There is some content in this record"); - return recordOne; - } - }, false, true); - } - - /** - * Create a test record series. Executed in a new transaction. - */ - private NodeRef createRecordSeries(final NodeRef filePlan, final String name, final String title, final String description) - { - return retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback() - { - @Override - public NodeRef execute() throws Throwable - { - // As admin - AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getAdminUserName()); - - HashMap properties = new HashMap(); - properties.put(ContentModel.PROP_TITLE, title); - properties.put(ContentModel.PROP_DESCRIPTION, description); - - return recordsManagementService.createRecordCategory(filePlan, name, properties); - - } - }, false, true); - } - - /** - * Create a test record category in a new transaction. - */ - private NodeRef createRecordCategory( - final NodeRef recordSeries, - final String name, - final String title, - final String description, - final String review, - final boolean vital, - final boolean recordLevelDisposition) - { - return retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback() - { - @Override - public NodeRef execute() throws Throwable - { - // As admin - AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getAdminUserName()); - - HashMap properties = new HashMap(); - properties.put(ContentModel.PROP_TITLE, title); - properties.put(ContentModel.PROP_DESCRIPTION, description); - - if (vital == true) - { - properties.put(PROP_REVIEW_PERIOD, review); - properties.put(PROP_VITAL_RECORD_INDICATOR, vital); - } - - NodeRef rc = recordsManagementService.createRecordCategory(recordSeries, name, properties); - - properties = new HashMap(); - properties.put(PROP_DISPOSITION_AUTHORITY, "N1-218-00-4 item 023"); - properties.put(PROP_DISPOSITION_INSTRUCTIONS, "Cut off monthly, hold 1 month, then destroy."); - properties.put(PROP_RECORD_LEVEL_DISPOSITION, recordLevelDisposition); - - DispositionSchedule ds = dispositionService.createDispositionSchedule(rc, properties); - - addDispositionAction(ds, "cutoff", "monthend|1", null, "event"); - addDispositionAction(ds, "transfer", "month|1", null, null); - addDispositionAction(ds, "accession", "month|1", null, null); - addDispositionAction(ds, "destroy", "month|1", "{http://www.alfresco.org/model/recordsmanagement/1.0}cutOffDate", null); - - return rc; - } - }, false, true); - } - - /** - * Create disposition action. - * @param disposition - * @param actionName - * @param period - * @param periodProperty - * @param event - * @return - */ - private void addDispositionAction(DispositionSchedule disposition, String actionName, String period, String periodProperty, String event) - { - HashMap properties = new HashMap(); - properties.put(PROP_DISPOSITION_ACTION_NAME, actionName); - properties.put(PROP_DISPOSITION_PERIOD, period); - if (periodProperty != null) - { - properties.put(PROP_DISPOSITION_PERIOD_PROPERTY, periodProperty); - } - if (event != null) - { - properties.put(PROP_DISPOSITION_EVENT, event); - } - dispositionService.addDispositionActionDefinition(disposition, properties); - } - - /** - * Create record folder. Executed in a new transaction. - * @param recordCategory - * @param name - * @param identifier - * @param title - * @param description - * @param review - * @param vital - * @return - */ - private NodeRef createRecordFolder( - final NodeRef recordCategory, - final String name, - final String title, - final String description) - { - return retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback() - { - @Override - public NodeRef execute() throws Throwable - { - // As admin - AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getAdminUserName()); - - HashMap properties = new HashMap(); - properties.put(ContentModel.PROP_TITLE, title); - properties.put(ContentModel.PROP_DESCRIPTION, description); - - return recordsManagementService.createRecordFolder(recordCategory, name, properties); - } - }, false, true); - } - - /** - * - * @param user - * @param nodeRef - * @param capabilityName - * @param accessStstus - */ - protected void checkCapability(final String user, final NodeRef nodeRef, final String capabilityName, final AccessStatus expected) - { - AuthenticationUtil.runAs(new RunAsWork() - { - @Override - public Object doWork() throws Exception - { - Capability capability = recordsManagementSecurityService.getCapability(capabilityName); - assertNotNull(capability); - - List capabilities = new ArrayList(1); - capabilities.add(capabilityName); - Map access = capabilityService.getCapabilitiesAccessState(nodeRef, capabilities); - - AccessStatus actual = access.get(capability); - - assertEquals( - "for user: " + user, - expected, - actual); - - return null; - } - }, user); - } - - /** - * - * @param access - * @param name - * @param accessStatus - */ - protected void check(Map access, String name, AccessStatus accessStatus) - { - Capability capability = recordsManagementSecurityService.getCapability(name); - assertNotNull(capability); - assertEquals(accessStatus, access.get(capability)); - } - - /** - * - * @param user - * @param nodeRef - * @param permission - * @param accessStstus - */ - protected void checkPermission(final String user, final NodeRef nodeRef, final String permission, final AccessStatus accessStstus) - { - AuthenticationUtil.runAs(new RunAsWork() - { - @Override - public Object doWork() throws Exception - { - AccessStatus actualAccessStatus = permissionService.hasPermission(nodeRef, permission); - assertTrue(actualAccessStatus == accessStstus); - return null; - } - }, user); - } - - /** - * - * @param nodeRef - * @param permission - * @param users - * @param expectedAccessStatus - */ - protected void checkPermissions( - final NodeRef nodeRef, - final String permission, - final String[] users, - final AccessStatus ... expectedAccessStatus) - { - retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback() - { - @Override - public Object execute() throws Throwable - { - assertEquals( - "The number of users should match the number of expected access status", - users.length, - expectedAccessStatus.length); - - for (int i = 0; i < users.length; i++) - { - checkPermission(users[i], nodeRef, permission, expectedAccessStatus[i]); - } - - return null; - } - }, true, true); - } - - /** - * - * @param nodeRef - * @param capability - * @param users - * @param expectedAccessStatus - */ - protected void checkCapabilities( - final NodeRef nodeRef, - final String capability, - final String[] users, - final AccessStatus ... expectedAccessStatus) - { - retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback() - { - @Override - public Object execute() throws Throwable - { - assertEquals( - "The number of users should match the number of expected access status", - users.length, - expectedAccessStatus.length); - - for (int i = 0; i < users.length; i++) - { - checkCapability(users[i], nodeRef, capability, expectedAccessStatus[i]); - } - - return null; - } - }, true, true); - } - - /** - * - * @param user - * @param capability - * @param nodeRefs - * @param expectedAccessStatus - */ - protected void checkCapabilities( - final String user, - final String capability, - final NodeRef[] nodeRefs, - final AccessStatus ... expectedAccessStatus) - { - retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback() - { - @Override - public Object execute() throws Throwable - { - assertEquals( - "The number of node references should match the number of expected access status", - nodeRefs.length, - expectedAccessStatus.length); - - for (int i = 0; i < nodeRefs.length; i++) - { - checkCapability(user, nodeRefs[i], capability, expectedAccessStatus[i]); - } - - return null; - } - }, true, true); - } - - /** - * - * @param capability - * @param accessStatus - */ - protected void checkTestUserCapabilities(String capability, AccessStatus ... accessStatus) - { - checkCapabilities( - test_user, - capability, - stdNodeRefs, - accessStatus); - } - - /** - * Execute RM action - * @param action - * @param params - * @param nodeRefs - */ - protected void executeAction(final String action, final Map params, final String user, final NodeRef ... nodeRefs) - { - retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback() - { - @Override - public Object execute() throws Throwable - { - AuthenticationUtil.setFullyAuthenticatedUser(user); - - for (NodeRef nodeRef : nodeRefs) - { - recordsManagementActionService.executeRecordsManagementAction(nodeRef, action, params); - } - - return null; - } - }, false, true); - } - - /** - * - * @param action - * @param nodeRefs - */ - protected void executeAction(final String action, final NodeRef ... nodeRefs) - { - executeAction(action, null, AuthenticationUtil.SYSTEM_USER_NAME, nodeRefs); - } - - /** - * - * @param action - * @param params - * @param nodeRefs - */ - protected void executeAction(final String action, final Map params, final NodeRef ... nodeRefs) - { - executeAction(action, params, AuthenticationUtil.SYSTEM_USER_NAME, nodeRefs); - } - - /** - * - * @param action - * @param params - * @param user - * @param nodeRefs - */ - protected void checkExecuteActionFail(final String action, final Map params, final String user, final NodeRef ... nodeRefs) - { - try - { - executeAction(action, params, user, nodeRefs); - fail("Action " + action + " has succeded and was expected to fail"); - } - catch (AccessDeniedException ade) - {} - } - - /** - * - * @param nodeRef - * @param property - * @param user - */ - protected void checkSetPropertyFail(final NodeRef nodeRef, final QName property, final String user, final Serializable value) - { - retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback() - { - @Override - public Object execute() throws Throwable - { - AuthenticationUtil.setFullyAuthenticatedUser(user); - - try - { - publicNodeService.setProperty(nodeRef, property, value); - fail("Expected failure when setting property"); - } - catch (AccessDeniedException ade) - {} - - return null; - } - }, false, true); - } - - /** - * Add a capability - * @param capability - * @param authority - * @param nodeRefs - */ - protected void addCapability(final String capability, final String authority, final NodeRef ... nodeRefs) - { - retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback() - { - @Override - public Object execute() throws Throwable - { - AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.SYSTEM_USER_NAME); - for (NodeRef nodeRef : nodeRefs) - { - permissionService.setPermission(nodeRef, authority, capability, true); - } - return null; - } - }, false, true); - } - - /** - * Remove capability - * @param capability - * @param authority - * @param nodeRef - */ - protected void removeCapability(final String capability, final String authority, final NodeRef ... nodeRefs) - { - retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback() - { - @Override - public Object execute() throws Throwable - { - AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.SYSTEM_USER_NAME); - for (NodeRef nodeRef : nodeRefs) - { - permissionService.deletePermission(nodeRef, authority, capability); - } - return null; - } - }, false, true); - } - - /** - * - * @param nodeRefs - */ - protected void declare(final NodeRef ... nodeRefs) - { - retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback() - { - @Override - public Object execute() throws Throwable - { - AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.SYSTEM_USER_NAME); - - for (NodeRef nodeRef : nodeRefs) - { - nodeService.setProperty(nodeRef, RecordsManagementModel.PROP_ORIGINATOR, "origValue"); - nodeService.setProperty(nodeRef, RecordsManagementModel.PROP_ORIGINATING_ORGANIZATION, "origOrgValue"); - nodeService.setProperty(nodeRef, RecordsManagementModel.PROP_PUBLICATION_DATE, new Date()); - nodeService.setProperty(nodeRef, ContentModel.PROP_TITLE, "titleValue"); - recordsManagementActionService.executeRecordsManagementAction(nodeRef, "declareRecord"); - } - - return null; - } - }, false, true); - } - - protected void cutoff(final NodeRef ... nodeRefs) - { - retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback() - { - @Override - public Object execute() throws Throwable - { - AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.SYSTEM_USER_NAME); - - Calendar calendar = Calendar.getInstance(); - calendar.set(Calendar.HOUR, 0); - calendar.set(Calendar.MINUTE, 0); - calendar.set(Calendar.SECOND, 0); - - for (NodeRef nodeRef : nodeRefs) - { - NodeRef ndNodeRef = nodeService.getChildAssocs(nodeRef, RecordsManagementModel.ASSOC_NEXT_DISPOSITION_ACTION, RegexQNamePattern.MATCH_ALL).get(0).getChildRef(); - nodeService.setProperty(ndNodeRef, RecordsManagementModel.PROP_DISPOSITION_AS_OF, calendar.getTime()); - recordsManagementActionService.executeRecordsManagementAction(nodeRef, "cutoff", null); - } - - return null; - } - }, false, true); - } - - protected void makeEligible(final NodeRef ... nodeRefs) - { - retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback() - { - @Override - public Object execute() throws Throwable - { - AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.SYSTEM_USER_NAME); - - Calendar calendar = Calendar.getInstance(); - calendar.set(Calendar.HOUR, 0); - calendar.set(Calendar.MINUTE, 0); - calendar.set(Calendar.SECOND, 0); - - for (NodeRef nodeRef : nodeRefs) - { - NodeRef ndNodeRef = nodeService.getChildAssocs(nodeRef, RecordsManagementModel.ASSOC_NEXT_DISPOSITION_ACTION, RegexQNamePattern.MATCH_ALL).get(0).getChildRef(); - nodeService.setProperty(ndNodeRef, RecordsManagementModel.PROP_DISPOSITION_AS_OF, calendar.getTime()); - } - - return null; - } - }, false, true); - } -} diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/DeclarativeCapabilityTest.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/DeclarativeCapabilityTest.java index 2c63548ed6..f20582d61a 100644 --- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/DeclarativeCapabilityTest.java +++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/DeclarativeCapabilityTest.java @@ -237,9 +237,4 @@ public class DeclarativeCapabilityTest extends BaseRMTestCase return result; } - - public void testFrozenCondition() - { - - } } diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/GroupCapabilityTest.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/GroupCapabilityTest.java new file mode 100644 index 0000000000..10ac2abccd --- /dev/null +++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/capabilities/GroupCapabilityTest.java @@ -0,0 +1,163 @@ +/* + * Copyright (C) 2005-2011 Alfresco Software Limited. + * + * This file is part of Alfresco + * + * Alfresco is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * Alfresco is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with Alfresco. If not, see . + */ +package org.alfresco.module.org_alfresco_module_rm.test.capabilities; + +import org.alfresco.module.org_alfresco_module_rm.capability.Capability; +import org.alfresco.module.org_alfresco_module_rm.capability.RMPermissionModel; +import org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase; +import org.alfresco.repo.security.authentication.AuthenticationUtil; +import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback; +import org.alfresco.service.cmr.repository.NodeRef; +import org.alfresco.service.cmr.security.AccessStatus; + +/** + * Declarative capability unit test + * + * @author Roy Wetherall + */ +public class GroupCapabilityTest extends BaseRMTestCase +{ + private NodeRef record; + private NodeRef declaredRecord; + + @Override + protected boolean isUserTest() + { + return true; + } + + @Override + protected void setupTestDataImpl() + { + super.setupTestDataImpl(); + + // Pre-filed content + record = utils.createRecord(rmFolder, "record.txt"); + declaredRecord = utils.createRecord(rmFolder, "declaredRecord.txt"); + } + + @Override + protected void setupTestData() + { + super.setupTestData(); + + retryingTransactionHelper.doInTransaction(new RetryingTransactionCallback() + { + @Override + public Object execute() throws Throwable + { + AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getSystemUserName()); + + utils.declareRecord(declaredRecord); + + return null; + } + }); + } + + @Override + protected void tearDownImpl() + { + super.tearDownImpl(); + } + + @Override + protected void setupTestUsersImpl(NodeRef filePlan) + { + super.setupTestUsersImpl(filePlan); + + // Give all the users file permission objects + for (String user : testUsers) + { + securityService.setPermission(rmContainer, user, RMPermissionModel.FILING); + } + } + + public void testUpdate() + { + final Capability capability = capabilityService.getCapability("Update"); + assertNotNull(capability); + + doTestInTransaction(new Test() + { + @Override + public Void run() + { + assertEquals(AccessStatus.ALLOWED, capability.hasPermission(rmContainer)); + assertEquals(AccessStatus.ALLOWED, capability.hasPermission(rmFolder)); + assertEquals(AccessStatus.ALLOWED, capability.hasPermission(record)); + assertEquals(AccessStatus.ALLOWED, capability.hasPermission(declaredRecord)); + + return null; + } + }, recordsManagerName); + + doTestInTransaction(new Test() + { + @Override + public Void run() + { + assertEquals(AccessStatus.DENIED, capability.hasPermission(rmContainer)); + assertEquals(AccessStatus.DENIED, capability.hasPermission(rmFolder)); + assertEquals(AccessStatus.DENIED, capability.hasPermission(record)); + assertEquals(AccessStatus.DENIED, capability.hasPermission(declaredRecord)); + + return null; + } + }, userName); + + + } + + public void testUpdateProperties() + { + final Capability capability = capabilityService.getCapability("UpdateProperties"); + assertNotNull(capability); + + doTestInTransaction(new Test() + { + @Override + public Void run() + { + assertEquals(AccessStatus.ALLOWED, capability.hasPermission(rmContainer)); + assertEquals(AccessStatus.ALLOWED, capability.hasPermission(rmFolder)); + assertEquals(AccessStatus.ALLOWED, capability.hasPermission(record)); + assertEquals(AccessStatus.ALLOWED, capability.hasPermission(declaredRecord)); + + return null; + } + }, recordsManagerName); + + doTestInTransaction(new Test() + { + @Override + public Void run() + { + assertEquals(AccessStatus.DENIED, capability.hasPermission(rmContainer)); + assertEquals(AccessStatus.DENIED, capability.hasPermission(rmFolder)); + assertEquals(AccessStatus.DENIED, capability.hasPermission(record)); + assertEquals(AccessStatus.DENIED, capability.hasPermission(declaredRecord)); + + return null; + } + }, userName); + + + } +}