inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-14 17:58:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged HEAD-BUG-FIX (5.0/Cloud) to HEAD (5.0/Cloud)

Browse Source 
80106: Merged V4.2-BUG-FIX (4.2.4) to HEAD-BUG-FIX (5.0/Cloud)
      79276: Merged DEV to V4.2-BUG-FIX (4.2.4)
         77363: MNT-11964 : Users other than admin are unable to start discussion/link/blog.
         Added additional permission check for site container, required in case if there are no items created yet.
         79160: MNT-11964 : Users other than admin are unable to start discussion/link/blog.
         Added tests to simulate the issue.


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@82709 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Will Abson
2014-09-03 15:22:04 +00:00
parent edc8ebc3a5
commit a4b129feab
6 changed files with 174 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
source/test-java/org/alfresco/repo/web/scripts/blogs/BlogServiceTest.java
View File

@@ -1,5 +1,5 @@
/*
* Copyright (C) 2005-2011 Alfresco Software Limited.
* Copyright (C) 2005-2014 Alfresco Software Limited.
*
* This file is part of Alfresco
*
@@ -35,6 +35,7 @@ import org.alfresco.service.cmr.security.PersonService;
import org.alfresco.service.cmr.site.SiteInfo;
import org.alfresco.service.cmr.site.SiteService;
import org.alfresco.service.cmr.site.SiteVisibility;
import org.alfresco.util.GUID;
import org.alfresco.util.PropertyMap;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -107,8 +108,8 @@ public class BlogServiceTest extends BaseWebScriptTest
}
// Create users
createUser(USER_ONE, SiteModel.SITE_COLLABORATOR);
createUser(USER_TWO, SiteModel.SITE_COLLABORATOR);
createUser(USER_ONE, SiteModel.SITE_COLLABORATOR, SITE_SHORT_NAME_BLOG);
createUser(USER_TWO, SiteModel.SITE_COLLABORATOR, SITE_SHORT_NAME_BLOG);
// Blank our lists used to track things the test creates
posts = new ArrayList<String>(5);
@@ -149,7 +150,7 @@ public class BlogServiceTest extends BaseWebScriptTest
}
}
private void createUser(String userName, String role)
private void createUser(String userName, String role, String siteMembership)
{
// if user with given user name doesn't already exist then create user
if (this.authenticationService.authenticationExists(userName) == false)
@@ -171,7 +172,7 @@ public class BlogServiceTest extends BaseWebScriptTest
}
// add the user as a member with the given role
this.siteService.setMembership(SITE_SHORT_NAME_BLOG, userName, role);
this.siteService.setMembership(siteMembership, userName, role);
}
@@ -875,4 +876,54 @@ public class BlogServiceTest extends BaseWebScriptTest
assertEquals(0, item.getJSONArray("tags").length());
}
/**
* Test for <a href=https://issues.alfresco.com/jira/browse/MNT-11964>MNT-11964</a>
* @throws Exception
*/
public void testBlogPermission() throws Exception
{
this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
String siteName = SITE_SHORT_NAME_BLOG + GUID.generate();
this.siteService.createSite("BlogSitePreset", siteName, "BlogSiteTitle", "BlogSiteDescription", SiteVisibility.PUBLIC);
String userName = USER_ONE + GUID.generate();
createUser(userName, SiteModel.SITE_COLLABORATOR, siteName);
// Check permissions for admin
checkBlogPermissions(siteName);
// Check permissions for user
this.authenticationComponent.setCurrentUser(userName);
checkBlogPermissions(siteName);
// Cleanup
this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
this.siteService.deleteSite(siteName);
// Create a new site as user
this.authenticationComponent.setCurrentUser(userName);
siteName = SITE_SHORT_NAME_BLOG + GUID.generate();
this.siteService.createSite("BlogSitePreset", siteName, "BlogSiteTitle", "BlogSiteDescription", SiteVisibility.PUBLIC);
// Check permissions for user
checkBlogPermissions(siteName);
// Check permissions for admin
this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
checkBlogPermissions(siteName);
// Cleanup
this.siteService.deleteSite(siteName);
this.personService.deletePerson(userName);
}
private void checkBlogPermissions(String siteName) throws Exception
{
String url = "/api/blog/site/" + siteName + "/" + COMPONENT_BLOG;
Response response = sendRequest(new GetRequest(url), 200);
JSONObject result = new JSONObject(response.getContentAsString());
assertTrue("The user sould have permission to create a new blog.", Boolean.parseBoolean(result.getJSONObject("item").getJSONObject("permissions").getString("create")));
}
}

61
source/test-java/org/alfresco/repo/web/scripts/discussion/DiscussionRestApiTest.java
View File

@@ -1,5 +1,5 @@
/*
* Copyright (C) 2005-2011 Alfresco Software Limited.
* Copyright (C) 2005-2014 Alfresco Software Limited.
*
* This file is part of Alfresco
*
@@ -48,6 +48,7 @@ import org.alfresco.service.cmr.site.SiteVisibility;
import org.alfresco.service.namespace.QName;
import org.alfresco.service.namespace.RegexQNamePattern;
import org.alfresco.service.transaction.TransactionService;
import org.alfresco.util.GUID;
import org.alfresco.util.PropertyMap;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -147,8 +148,8 @@ public class DiscussionRestApiTest extends BaseWebScriptTest
}
// Create users
createUser(USER_ONE, SiteModel.SITE_COLLABORATOR);
createUser(USER_TWO, SiteModel.SITE_CONTRIBUTOR);
createUser(USER_ONE, SiteModel.SITE_COLLABORATOR, SITE_SHORT_NAME_DISCUSSION);
createUser(USER_TWO, SiteModel.SITE_CONTRIBUTOR, SITE_SHORT_NAME_DISCUSSION);
// Do tests as inviter user
this.authenticationComponent.setCurrentUser(USER_ONE);
@@ -199,7 +200,7 @@ public class DiscussionRestApiTest extends BaseWebScriptTest
}
}
private void createUser(String userName, String role)
private void createUser(String userName, String role, String siteName)
{
// if user with given user name doesn't already exist then create user
if (!this.authenticationService.authenticationExists(userName))
@@ -224,7 +225,7 @@ public class DiscussionRestApiTest extends BaseWebScriptTest
}
// add the user as a member with the given role
this.siteService.setMembership(SITE_SHORT_NAME_DISCUSSION, userName, role);
this.siteService.setMembership(siteName, userName, role);
// Give the test user access to the test node
// They need to be able to read it, and create children of it
@@ -1245,4 +1246,54 @@ public class DiscussionRestApiTest extends BaseWebScriptTest
}
/**
* Test for <a href=https://issues.alfresco.com/jira/browse/MNT-11964>MNT-11964</a>
* @throws Exception
*/
public void testCreateForumPermission() throws Exception
{
this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
String siteName = SITE_SHORT_NAME_DISCUSSION + GUID.generate();
this.siteService.createSite("ForumSitePreset", siteName, "SiteTitle", "SiteDescription", SiteVisibility.PUBLIC);
String userName = USER_ONE + GUID.generate();
createUser(userName, SiteModel.SITE_COLLABORATOR, siteName);
// Check permissions for admin
checkForumPermissions(siteName);
// Check permissions for user
this.authenticationComponent.setCurrentUser(userName);
checkForumPermissions(siteName);
// Cleanup
this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
this.siteService.deleteSite(siteName);
// Create a new site as user
this.authenticationComponent.setCurrentUser(userName);
siteName = SITE_SHORT_NAME_DISCUSSION + GUID.generate();
this.siteService.createSite("BlogSitePreset", siteName, "SiteTitle", "SiteDescription", SiteVisibility.PUBLIC);
// Check permissions for user
checkForumPermissions(siteName);
// Check permissions for admin
this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
checkForumPermissions(siteName);
// Cleanup
this.siteService.deleteSite(siteName);
this.personService.deletePerson(userName);
}
private void checkForumPermissions(String siteName) throws Exception
{
String url = "/api/forum/site/" + siteName + "/" + COMPONENT_DISCUSSION + "/posts";
Response response = sendRequest(new GetRequest(url), 200);
JSONObject result = new JSONObject(response.getContentAsString());
assertTrue("The user sould have permission to create a new discussion.", Boolean.parseBoolean(result.getJSONObject("forumPermissions").getString("create")));
}
}

64
source/test-java/org/alfresco/repo/web/scripts/links/LinksRestApiTest.java
View File

@@ -1,5 +1,5 @@
/*
* Copyright (C) 2005-2011 Alfresco Software Limited.
* Copyright (C) 2005-2014 Alfresco Software Limited.
*
* This file is part of Alfresco
*
@@ -39,6 +39,7 @@ import org.alfresco.service.cmr.site.SiteInfo;
import org.alfresco.service.cmr.site.SiteService;
import org.alfresco.service.cmr.site.SiteVisibility;
import org.alfresco.service.transaction.TransactionService;
import org.alfresco.util.GUID;
import org.alfresco.util.ISO8601DateFormat;
import org.alfresco.util.PropertyMap;
import org.apache.commons.logging.Log;
@@ -129,8 +130,8 @@ public class LinksRestApiTest extends BaseWebScriptTest
}
// Create users
createUser(USER_ONE, SiteModel.SITE_COLLABORATOR);
createUser(USER_TWO, SiteModel.SITE_COLLABORATOR);
createUser(USER_ONE, SiteModel.SITE_COLLABORATOR, SITE_SHORT_NAME_LINKS);
createUser(USER_TWO, SiteModel.SITE_COLLABORATOR, SITE_SHORT_NAME_LINKS);
// Do tests as inviter user
this.authenticationComponent.setCurrentUser(USER_ONE);
@@ -166,7 +167,7 @@ public class LinksRestApiTest extends BaseWebScriptTest
}
}
private void createUser(String userName, String role)
private void createUser(String userName, String role, String siteName)
{
// if user with given user name doesn't already exist then create user
if (this.authenticationService.authenticationExists(userName) == false)
@@ -188,7 +189,7 @@ public class LinksRestApiTest extends BaseWebScriptTest
}
// add the user as a member with the given role
this.siteService.setMembership(SITE_SHORT_NAME_LINKS, userName, role);
this.siteService.setMembership(siteName, userName, role);
}
@@ -664,4 +665,57 @@ public class LinksRestApiTest extends BaseWebScriptTest
sendRequest(new GetRequest(URL_LINKS_LIST), Status.STATUS_NOT_FOUND);
}
/**
* Test for <a href=https://issues.alfresco.com/jira/browse/MNT-11964>MNT-11964</a>
* @throws Exception
*/
public void testCreateLinkPermission() throws Exception
{
this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
String siteName = SITE_SHORT_NAME_LINKS + GUID.generate();
this.siteService.createSite("LinkSitePreset", siteName, "SiteTitle", "SiteDescription", SiteVisibility.PUBLIC);
String userName = USER_ONE + GUID.generate();
createUser(userName, SiteModel.SITE_COLLABORATOR, siteName);
// Check permissions for admin
checkLinkPermissions(siteName);
// Check permissions for user
this.authenticationComponent.setCurrentUser(userName);
checkLinkPermissions(siteName);
// Cleanup
this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
this.siteService.deleteSite(siteName);
// Create a new site as user
this.authenticationComponent.setCurrentUser(userName);
siteName = SITE_SHORT_NAME_LINKS + GUID.generate();
this.siteService.createSite("LinkSitePreset", siteName, "SiteTitle", "SiteDescription", SiteVisibility.PUBLIC);
// Check permissions for user
checkLinkPermissions(siteName);
// Check permissions for admin
this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
checkLinkPermissions(siteName);
// Cleanup
this.siteService.deleteSite(siteName);
this.personService.deletePerson(userName);
}
private void checkLinkPermissions(String siteName) throws Exception
{
String url = "/api/links/site/" + siteName + "/links";
url += "?filter=" + "all";
url += "&startIndex=0&page=1&pageSize=4";
Response response = sendRequest(new GetRequest(url), 200);
JSONObject result = new JSONObject(response.getContentAsString());
assertTrue("The user sould have permission to create a new link.", Boolean.parseBoolean(result.getJSONObject("metadata").getJSONObject("linkPermissions").getString("create")));
}
}