inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-14 17:58:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged HEAD-BUG-FIX (5.0/Cloud) to HEAD (5.0/Cloud)

Browse Source 
80106: Merged V4.2-BUG-FIX (4.2.4) to HEAD-BUG-FIX (5.0/Cloud)
      79276: Merged DEV to V4.2-BUG-FIX (4.2.4)
         77363: MNT-11964 : Users other than admin are unable to start discussion/link/blog.
         Added additional permission check for site container, required in case if there are no items created yet.
         79160: MNT-11964 : Users other than admin are unable to start discussion/link/blog.
         Added tests to simulate the issue.


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@82709 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Will Abson
2014-09-03 15:22:04 +00:00
parent edc8ebc3a5
commit a4b129feab
6 changed files with 174 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
config/alfresco/templates/webscripts/org/alfresco/repository/blogs/blog.lib.ftl
View File

@@ -16,7 +16,7 @@
"password": "${item.properties["blg:password"]!''}", "password": "${item.properties["blg:password"]!''}",
"permissions": "permissions":
{ {
<#if item.getParent()?? > <#if item.getParent()?? && item.getTypeShort() != "st:site" >
"create": ${(item.getParent()).hasPermission("CreateChildren")?string}, "create": ${(item.getParent()).hasPermission("CreateChildren")?string},
"edit": ${(item.getParent()).hasPermission("Write")?string}, "edit": ${(item.getParent()).hasPermission("Write")?string},
"delete": ${(item.getParent()).hasPermission("Delete")?string} "delete": ${(item.getParent()).hasPermission("Delete")?string}

2
config/alfresco/templates/webscripts/org/alfresco/repository/discussions/forum/forum-posts.get.json.ftl
View File

@@ -3,7 +3,7 @@
{ {
"forumPermissions": "forumPermissions":
{ {
<#if forum.getParent()?? > <#if forum.getParent()?? && forum.getTypeShort() != "st:site" >
"create": ${(forum.getParent()).hasPermission("CreateChildren")?string}, "create": ${(forum.getParent()).hasPermission("CreateChildren")?string},
"edit": ${(forum.getParent()).hasPermission("Write")?string}, "edit": ${(forum.getParent()).hasPermission("Write")?string},
"delete": ${(forum.getParent()).hasPermission("Delete")?string} "delete": ${(forum.getParent()).hasPermission("Delete")?string}

2
config/alfresco/templates/webscripts/org/alfresco/repository/links/links.lib.ftl
View File

@@ -57,7 +57,7 @@
{ {
"linkPermissions": "linkPermissions":
{ {
<#if links.getParent()?? > <#if links.getParent()?? && links.getTypeShort() != "st:site" >
"create": "${(links.getParent()).hasPermission("CreateChildren")?string}" "create": "${(links.getParent()).hasPermission("CreateChildren")?string}"
<#else> <#else>
"create": "${links.hasPermission("CreateChildren")?string}" "create": "${links.hasPermission("CreateChildren")?string}"

61
source/test-java/org/alfresco/repo/web/scripts/blogs/BlogServiceTest.java
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (C) 2005-2011 Alfresco Software Limited. * Copyright (C) 2005-2014 Alfresco Software Limited.
* *
* This file is part of Alfresco * This file is part of Alfresco
* *
@@ -35,6 +35,7 @@ import org.alfresco.service.cmr.security.PersonService;
import org.alfresco.service.cmr.site.SiteInfo; import org.alfresco.service.cmr.site.SiteInfo;
import org.alfresco.service.cmr.site.SiteService; import org.alfresco.service.cmr.site.SiteService;
import org.alfresco.service.cmr.site.SiteVisibility; import org.alfresco.service.cmr.site.SiteVisibility;
import org.alfresco.util.GUID;
import org.alfresco.util.PropertyMap; import org.alfresco.util.PropertyMap;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
@@ -107,8 +108,8 @@ public class BlogServiceTest extends BaseWebScriptTest
} }
// Create users // Create users
createUser(USER_ONE, SiteModel.SITE_COLLABORATOR); createUser(USER_ONE, SiteModel.SITE_COLLABORATOR, SITE_SHORT_NAME_BLOG);
createUser(USER_TWO, SiteModel.SITE_COLLABORATOR); createUser(USER_TWO, SiteModel.SITE_COLLABORATOR, SITE_SHORT_NAME_BLOG);
// Blank our lists used to track things the test creates // Blank our lists used to track things the test creates
posts = new ArrayList<String>(5); posts = new ArrayList<String>(5);
@@ -149,7 +150,7 @@ public class BlogServiceTest extends BaseWebScriptTest
} }
} }
private void createUser(String userName, String role) private void createUser(String userName, String role, String siteMembership)
{ {
// if user with given user name doesn't already exist then create user // if user with given user name doesn't already exist then create user
if (this.authenticationService.authenticationExists(userName) == false) if (this.authenticationService.authenticationExists(userName) == false)
@@ -171,7 +172,7 @@ public class BlogServiceTest extends BaseWebScriptTest
} }
// add the user as a member with the given role // add the user as a member with the given role
this.siteService.setMembership(SITE_SHORT_NAME_BLOG, userName, role); this.siteService.setMembership(siteMembership, userName, role);
} }
@@ -875,4 +876,54 @@ public class BlogServiceTest extends BaseWebScriptTest
assertEquals(0, item.getJSONArray("tags").length()); assertEquals(0, item.getJSONArray("tags").length());
} }
/**
* Test for <a href=https://issues.alfresco.com/jira/browse/MNT-11964>MNT-11964</a>
* @throws Exception
*/
public void testBlogPermission() throws Exception
{
this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
String siteName = SITE_SHORT_NAME_BLOG + GUID.generate();
this.siteService.createSite("BlogSitePreset", siteName, "BlogSiteTitle", "BlogSiteDescription", SiteVisibility.PUBLIC);
String userName = USER_ONE + GUID.generate();
createUser(userName, SiteModel.SITE_COLLABORATOR, siteName);
// Check permissions for admin
checkBlogPermissions(siteName);
// Check permissions for user
this.authenticationComponent.setCurrentUser(userName);
checkBlogPermissions(siteName);
// Cleanup
this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
this.siteService.deleteSite(siteName);
// Create a new site as user
this.authenticationComponent.setCurrentUser(userName);
siteName = SITE_SHORT_NAME_BLOG + GUID.generate();
this.siteService.createSite("BlogSitePreset", siteName, "BlogSiteTitle", "BlogSiteDescription", SiteVisibility.PUBLIC);
// Check permissions for user
checkBlogPermissions(siteName);
// Check permissions for admin
this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
checkBlogPermissions(siteName);
// Cleanup
this.siteService.deleteSite(siteName);
this.personService.deletePerson(userName);
}
private void checkBlogPermissions(String siteName) throws Exception
{
String url = "/api/blog/site/" + siteName + "/" + COMPONENT_BLOG;
Response response = sendRequest(new GetRequest(url), 200);
JSONObject result = new JSONObject(response.getContentAsString());
assertTrue("The user sould have permission to create a new blog.", Boolean.parseBoolean(result.getJSONObject("item").getJSONObject("permissions").getString("create")));
}
} }

61
source/test-java/org/alfresco/repo/web/scripts/discussion/DiscussionRestApiTest.java
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (C) 2005-2011 Alfresco Software Limited. * Copyright (C) 2005-2014 Alfresco Software Limited.
* *
* This file is part of Alfresco * This file is part of Alfresco
* *
@@ -48,6 +48,7 @@ import org.alfresco.service.cmr.site.SiteVisibility;
import org.alfresco.service.namespace.QName; import org.alfresco.service.namespace.QName;
import org.alfresco.service.namespace.RegexQNamePattern; import org.alfresco.service.namespace.RegexQNamePattern;
import org.alfresco.service.transaction.TransactionService; import org.alfresco.service.transaction.TransactionService;
import org.alfresco.util.GUID;
import org.alfresco.util.PropertyMap; import org.alfresco.util.PropertyMap;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
@@ -147,8 +148,8 @@ public class DiscussionRestApiTest extends BaseWebScriptTest
} }
// Create users // Create users
createUser(USER_ONE, SiteModel.SITE_COLLABORATOR); createUser(USER_ONE, SiteModel.SITE_COLLABORATOR, SITE_SHORT_NAME_DISCUSSION);
createUser(USER_TWO, SiteModel.SITE_CONTRIBUTOR); createUser(USER_TWO, SiteModel.SITE_CONTRIBUTOR, SITE_SHORT_NAME_DISCUSSION);
// Do tests as inviter user // Do tests as inviter user
this.authenticationComponent.setCurrentUser(USER_ONE); this.authenticationComponent.setCurrentUser(USER_ONE);
@@ -199,7 +200,7 @@ public class DiscussionRestApiTest extends BaseWebScriptTest
} }
} }
private void createUser(String userName, String role) private void createUser(String userName, String role, String siteName)
{ {
// if user with given user name doesn't already exist then create user // if user with given user name doesn't already exist then create user
if (!this.authenticationService.authenticationExists(userName)) if (!this.authenticationService.authenticationExists(userName))
@@ -224,7 +225,7 @@ public class DiscussionRestApiTest extends BaseWebScriptTest
} }
// add the user as a member with the given role // add the user as a member with the given role
this.siteService.setMembership(SITE_SHORT_NAME_DISCUSSION, userName, role); this.siteService.setMembership(siteName, userName, role);
// Give the test user access to the test node // Give the test user access to the test node
// They need to be able to read it, and create children of it // They need to be able to read it, and create children of it
@@ -1245,4 +1246,54 @@ public class DiscussionRestApiTest extends BaseWebScriptTest
} }
/**
* Test for <a href=https://issues.alfresco.com/jira/browse/MNT-11964>MNT-11964</a>
* @throws Exception
*/
public void testCreateForumPermission() throws Exception
{
this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
String siteName = SITE_SHORT_NAME_DISCUSSION + GUID.generate();
this.siteService.createSite("ForumSitePreset", siteName, "SiteTitle", "SiteDescription", SiteVisibility.PUBLIC);
String userName = USER_ONE + GUID.generate();
createUser(userName, SiteModel.SITE_COLLABORATOR, siteName);
// Check permissions for admin
checkForumPermissions(siteName);
// Check permissions for user
this.authenticationComponent.setCurrentUser(userName);
checkForumPermissions(siteName);
// Cleanup
this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
this.siteService.deleteSite(siteName);
// Create a new site as user
this.authenticationComponent.setCurrentUser(userName);
siteName = SITE_SHORT_NAME_DISCUSSION + GUID.generate();
this.siteService.createSite("BlogSitePreset", siteName, "SiteTitle", "SiteDescription", SiteVisibility.PUBLIC);
// Check permissions for user
checkForumPermissions(siteName);
// Check permissions for admin
this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
checkForumPermissions(siteName);
// Cleanup
this.siteService.deleteSite(siteName);
this.personService.deletePerson(userName);
}
private void checkForumPermissions(String siteName) throws Exception
{
String url = "/api/forum/site/" + siteName + "/" + COMPONENT_DISCUSSION + "/posts";
Response response = sendRequest(new GetRequest(url), 200);
JSONObject result = new JSONObject(response.getContentAsString());
assertTrue("The user sould have permission to create a new discussion.", Boolean.parseBoolean(result.getJSONObject("forumPermissions").getString("create")));
}
} }

64
source/test-java/org/alfresco/repo/web/scripts/links/LinksRestApiTest.java
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (C) 2005-2011 Alfresco Software Limited. * Copyright (C) 2005-2014 Alfresco Software Limited.
* *
* This file is part of Alfresco * This file is part of Alfresco
* *
@@ -39,6 +39,7 @@ import org.alfresco.service.cmr.site.SiteInfo;
import org.alfresco.service.cmr.site.SiteService; import org.alfresco.service.cmr.site.SiteService;
import org.alfresco.service.cmr.site.SiteVisibility; import org.alfresco.service.cmr.site.SiteVisibility;
import org.alfresco.service.transaction.TransactionService; import org.alfresco.service.transaction.TransactionService;
import org.alfresco.util.GUID;
import org.alfresco.util.ISO8601DateFormat; import org.alfresco.util.ISO8601DateFormat;
import org.alfresco.util.PropertyMap; import org.alfresco.util.PropertyMap;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
@@ -129,8 +130,8 @@ public class LinksRestApiTest extends BaseWebScriptTest
} }
// Create users // Create users
createUser(USER_ONE, SiteModel.SITE_COLLABORATOR); createUser(USER_ONE, SiteModel.SITE_COLLABORATOR, SITE_SHORT_NAME_LINKS);
createUser(USER_TWO, SiteModel.SITE_COLLABORATOR); createUser(USER_TWO, SiteModel.SITE_COLLABORATOR, SITE_SHORT_NAME_LINKS);
// Do tests as inviter user // Do tests as inviter user
this.authenticationComponent.setCurrentUser(USER_ONE); this.authenticationComponent.setCurrentUser(USER_ONE);
@@ -166,7 +167,7 @@ public class LinksRestApiTest extends BaseWebScriptTest
} }
} }
private void createUser(String userName, String role) private void createUser(String userName, String role, String siteName)
{ {
// if user with given user name doesn't already exist then create user // if user with given user name doesn't already exist then create user
if (this.authenticationService.authenticationExists(userName) == false) if (this.authenticationService.authenticationExists(userName) == false)
@@ -188,7 +189,7 @@ public class LinksRestApiTest extends BaseWebScriptTest
} }
// add the user as a member with the given role // add the user as a member with the given role
this.siteService.setMembership(SITE_SHORT_NAME_LINKS, userName, role); this.siteService.setMembership(siteName, userName, role);
} }
@@ -664,4 +665,57 @@ public class LinksRestApiTest extends BaseWebScriptTest
sendRequest(new GetRequest(URL_LINKS_LIST), Status.STATUS_NOT_FOUND); sendRequest(new GetRequest(URL_LINKS_LIST), Status.STATUS_NOT_FOUND);
} }
/**
* Test for <a href=https://issues.alfresco.com/jira/browse/MNT-11964>MNT-11964</a>
* @throws Exception
*/
public void testCreateLinkPermission() throws Exception
{
this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
String siteName = SITE_SHORT_NAME_LINKS + GUID.generate();
this.siteService.createSite("LinkSitePreset", siteName, "SiteTitle", "SiteDescription", SiteVisibility.PUBLIC);
String userName = USER_ONE + GUID.generate();
createUser(userName, SiteModel.SITE_COLLABORATOR, siteName);
// Check permissions for admin
checkLinkPermissions(siteName);
// Check permissions for user
this.authenticationComponent.setCurrentUser(userName);
checkLinkPermissions(siteName);
// Cleanup
this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
this.siteService.deleteSite(siteName);
// Create a new site as user
this.authenticationComponent.setCurrentUser(userName);
siteName = SITE_SHORT_NAME_LINKS + GUID.generate();
this.siteService.createSite("LinkSitePreset", siteName, "SiteTitle", "SiteDescription", SiteVisibility.PUBLIC);
// Check permissions for user
checkLinkPermissions(siteName);
// Check permissions for admin
this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
checkLinkPermissions(siteName);
// Cleanup
this.siteService.deleteSite(siteName);
this.personService.deletePerson(userName);
}
private void checkLinkPermissions(String siteName) throws Exception
{
String url = "/api/links/site/" + siteName + "/links";
url += "?filter=" + "all";
url += "&startIndex=0&page=1&pageSize=4";
Response response = sendRequest(new GetRequest(url), 200);
JSONObject result = new JSONObject(response.getContentAsString());
assertTrue("The user sould have permission to create a new link.", Boolean.parseBoolean(result.getJSONObject("metadata").getJSONObject("linkPermissions").getString("create")));
}
} }