From a9767898617b13119bb69782576c3dbe17d3be36 Mon Sep 17 00:00:00 2001 From: cagache Date: Tue, 23 Apr 2019 08:23:43 +0300 Subject: [PATCH] transform UserPermissions in enum; add helper methods to create users with rm role, permissions or clearance (cherry picked from commit a54a80f6a628e787691cb31d9eace994accaaeab) # Conflicts: # rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/requests/gscore/api/RMUserAPI.java # rm-automation/rm-automation-enterprise-rest-api/src/test/java/org/alfresco/rest/rm/enterprise/base/BaseRMEnterpriseRestTest.java # rm-automation/rm-automation-enterprise-rest-api/src/test/java/org/alfresco/rest/rm/enterprise/v0/classification/folder/RecordFolderClassificationTest.java --- .../community/model/user/UserPermissions.java | 15 ++- .../requests/gscore/api/FilesAPI.java | 6 +- .../requests/gscore/api/RMUserAPI.java | 10 +- .../alfresco/rest/v0/service/RoleService.java | 107 ++++++++++++++++-- .../rm/community/base/BaseRMRestTest.java | 39 +++++-- .../community/records/DeleteRecordTests.java | 7 +- .../community/records/UpdateRecordsTests.java | 9 +- .../rest/rm/community/utils/RMSiteUtil.java | 2 +- 8 files changed, 149 insertions(+), 46 deletions(-) diff --git a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/user/UserPermissions.java b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/user/UserPermissions.java index 1b9dfe5aba..7c237bd47c 100644 --- a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/user/UserPermissions.java +++ b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/user/UserPermissions.java @@ -32,9 +32,16 @@ package org.alfresco.rest.rm.community.model.user; * @author Kristijan Conkas * @since 2.6 */ -public class UserPermissions +public enum UserPermissions { - public static final String PERMISSION_FILING = "Filing"; - public static final String PERMISSION_READ_RECORDS = "ReadRecords"; - public static final String PERMISSION_FILE_RECORDS = "FileRecords"; + PERMISSION_FILING("Filing"), + PERMISSION_READ_RECORDS("ReadRecords"), + PERMISSION_FILE_RECORDS("FileRecords"); + + public final String permissionId; + + UserPermissions(String permissionId) + { + this.permissionId = permissionId; + } } diff --git a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/requests/gscore/api/FilesAPI.java b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/requests/gscore/api/FilesAPI.java index 10da1e0570..18b91bd2cc 100644 --- a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/requests/gscore/api/FilesAPI.java +++ b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/requests/gscore/api/FilesAPI.java @@ -57,9 +57,8 @@ public class FilesAPI extends RMModelRequest * @param fileId The Id of a file to declare as record * @param parameters Request parameters, refer to API documentation for more details * @return The {@link Record} for created record - * @throws Exception for malformed JSON responses */ - public Record declareAsRecord(String fileId, String parameters) throws Exception + public Record declareAsRecord(String fileId, String parameters) { mandatoryString("fileId", fileId); @@ -76,9 +75,8 @@ public class FilesAPI extends RMModelRequest * * @param fileId The Id of a file to declare as record * @return The {@link Record} for created record - * @throws Exception for malformed JSON responses */ - public Record declareAsRecord(String fileId) throws Exception + public Record declareAsRecord(String fileId) { mandatoryString("fileId", fileId); diff --git a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/requests/gscore/api/RMUserAPI.java b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/requests/gscore/api/RMUserAPI.java index 5eaf86dcb3..aa78902cae 100644 --- a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/requests/gscore/api/RMUserAPI.java +++ b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/requests/gscore/api/RMUserAPI.java @@ -87,7 +87,6 @@ public class RMUserAPI extends RMModelRequest * * @param userName User's username * @param userRole User's RM role, one of {@link UserRoles} roles - * @throws Exception for failed requests */ public void assignRoleToUser(String userName, String userRole) { @@ -118,12 +117,11 @@ public class RMUserAPI extends RMModelRequest /** * Helper method to add permission on a component to user - * * @param filePlanComponentId The id of the file plan component on which permission should be given - * @param user {@link UserModel} for a user to be granted permission - * @param permission {@link UserPermissions} to be granted + * @param user {@link UserModel} for a user to be granted permission + * @param permission {@link UserPermissions} to be granted */ - public void addUserPermission(String filePlanComponentId, UserModel user, String permission) + public void addUserPermission(String filePlanComponentId, UserModel user, UserPermissions permission) { UserModel adminUser = getRmRestWrapper().getTestUser(); @@ -134,7 +132,7 @@ public class RMUserAPI extends RMModelRequest .addArray("permissions") .addObject() .add("authority", (user != null ? user.getUsername() : null)) - .add("role", permission) + .add("role", permission.permissionId) .end() .getJson(); diff --git a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/service/RoleService.java b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/service/RoleService.java index ccf2785cd8..a5bdff72c0 100644 --- a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/service/RoleService.java +++ b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/service/RoleService.java @@ -26,12 +26,22 @@ */ package org.alfresco.rest.v0.service; +import static lombok.AccessLevel.PROTECTED; +import static org.springframework.http.HttpStatus.OK; + import java.util.HashSet; import java.util.Set; +import lombok.Getter; +import org.alfresco.rest.core.RestAPIFactory; +import org.alfresco.rest.rm.community.model.recordcategory.RecordCategory; +import org.alfresco.rest.rm.community.model.user.UserPermissions; import org.alfresco.rest.rm.community.model.user.UserRoles; import org.alfresco.rest.v0.RMRolesAndActionsAPI; +import org.alfresco.utility.constants.UserRole; import org.alfresco.utility.data.DataUser; +import org.alfresco.utility.model.SiteModel; +import org.alfresco.utility.model.UserModel; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; @@ -45,11 +55,29 @@ import org.springframework.stereotype.Service; public class RoleService { @Autowired + @Getter (value = PROTECTED) private RMRolesAndActionsAPI rmRolesAndActionsAPI; @Autowired + @Getter (value = PROTECTED) private DataUser dataUser; + @Autowired + @Getter (value = PROTECTED) + private RestAPIFactory restAPIFactory; + + /** + * Get the capabilities for a role + * + * @param roleName the role name + * @return the list of capabilities + */ + public Set getRoleCapabilities(String roleName) + { + return getRmRolesAndActionsAPI().getCapabilitiesForRole(getDataUser().getAdminUser().getUsername(), + getDataUser().getAdminUser().getPassword(), roleName); + } + /** * Add capabilities to a role * @@ -58,12 +86,10 @@ public class RoleService */ public void addCapabilitiesToRole(UserRoles role, Set capabilities) { - Set roleCapabilities = new HashSet<>(); - roleCapabilities.addAll(rmRolesAndActionsAPI.getCapabilitiesForRole(dataUser.getAdminUser().getUsername(), - dataUser.getAdminUser().getPassword(), role.roleId)); - capabilities.stream().forEach(cap -> roleCapabilities.add(cap)); + Set roleCapabilities = new HashSet<>(getRoleCapabilities(role.roleId)); + roleCapabilities.addAll(capabilities); - rmRolesAndActionsAPI.updateRole(dataUser.getAdminUser().getUsername(), dataUser.getAdminUser().getPassword(), + getRmRolesAndActionsAPI().updateRole(getDataUser().getAdminUser().getUsername(), getDataUser().getAdminUser().getPassword(), role.roleId, role.displayName, roleCapabilities); } @@ -75,10 +101,75 @@ public class RoleService */ public void removeCapabilitiesFromRole(UserRoles role, Set capabilities) { - Set roleCapabilities = rmRolesAndActionsAPI.getCapabilitiesForRole(dataUser.getAdminUser().getUsername(), - dataUser.getAdminUser().getPassword(), role.roleId); + Set roleCapabilities = getRoleCapabilities(role.roleId); roleCapabilities.removeAll(capabilities); - rmRolesAndActionsAPI.updateRole(dataUser.getAdminUser().getUsername(), dataUser.getAdminUser().getPassword(), + getRmRolesAndActionsAPI().updateRole(getDataUser().getAdminUser().getUsername(), getDataUser().getAdminUser().getPassword(), role.roleId, role.displayName, roleCapabilities); } + + /** + * Assign permission on a record category and give the user RM role + * + * @param user the user to assign rm role and permissions + * @param categoryId the id of the category to assign permissions for + * @param userPermission the permissions to be assigned to the user + * @param userRole the rm role to be assigned to the user + */ + public void assignUserPermissionsOnCategoryAndRMRole(UserModel user, String categoryId, UserPermissions userPermission, + String userRole) + { + getRestAPIFactory().getRMUserAPI().addUserPermission(categoryId, user, userPermission); + getRmRolesAndActionsAPI().assignRoleToUser(getDataUser().getAdminUser().getUsername(), getDataUser().getAdminUser().getPassword(), + user.getUsername(), userRole); + } + + /** + * Helper method to create a test user with rm role + * + * @param userRole the rm role + * @return the created user model + */ + public UserModel createUserWithRMRole(String userRole) + { + final UserModel rmUser = getDataUser().createRandomTestUser(); + getRestAPIFactory().getRMUserAPI().assignRoleToUser(rmUser.getUsername(), userRole); + getRestAPIFactory().getRmRestWrapper().assertStatusCodeIs(OK); + return rmUser; + } + + /** + * Helper method to create a test user with rm role and permissions over the record category + * + * @param userRole the rm role + * @param userPermission the permissions over the record category + * @param recordCategory the category on which user has permissions + * @return the created user model + */ + public UserModel createUserWithRMRoleAndCategoryPermission(String userRole, RecordCategory recordCategory, + UserPermissions userPermission) + { + final UserModel rmUser = createUserWithRMRole(userRole); + getRestAPIFactory().getRMUserAPI().addUserPermission(recordCategory.getId(), rmUser, userPermission); + getRestAPIFactory().getRmRestWrapper().assertStatusCodeIs(OK); + return rmUser; + } + + /** + * Helper method to create a test user with rm role and permissions over the recordCategory and collaborator role + * in collaboration site + * + * @param siteModel collaboration site + * @param recordCategory the category on which permission should be given + * @param userRole the rm role + * @param userPermission the permissions over the recordCategory + * @return the created user model + */ + public UserModel createCollaboratorWithRMRoleAndPermission(SiteModel siteModel, RecordCategory recordCategory, + UserRoles userRole, UserPermissions userPermission) + { + final UserModel rmUser = createUserWithRMRoleAndCategoryPermission(userRole.roleId, recordCategory, + userPermission); + getDataUser().addUserToSite(rmUser, siteModel, UserRole.SiteCollaborator); + return rmUser; + } } diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/base/BaseRMRestTest.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/base/BaseRMRestTest.java index dafa0abb2f..de56972ccd 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/base/BaseRMRestTest.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/base/BaseRMRestTest.java @@ -54,6 +54,7 @@ import java.util.ArrayList; import java.util.List; import java.util.stream.Collectors; +import lombok.Getter; import org.alfresco.dataprep.ContentService; import org.alfresco.rest.RestTest; import org.alfresco.rest.core.RestAPIFactory; @@ -70,6 +71,7 @@ import org.alfresco.rest.rm.community.model.site.RMSite; import org.alfresco.rest.rm.community.model.transfercontainer.TransferContainer; import org.alfresco.rest.rm.community.model.unfiledcontainer.UnfiledContainer; import org.alfresco.rest.rm.community.model.unfiledcontainer.UnfiledContainerChild; +import org.alfresco.rest.rm.community.model.user.UserPermissions; import org.alfresco.rest.rm.community.requests.gscore.api.RMSiteAPI; import org.alfresco.rest.rm.community.requests.gscore.api.RecordCategoryAPI; import org.alfresco.rest.rm.community.requests.gscore.api.RecordFolderAPI; @@ -90,8 +92,6 @@ import org.springframework.http.HttpStatus; import org.testng.annotations.BeforeClass; import org.testng.annotations.DataProvider; -import lombok.Getter; - /** * Base class for all GS REST API Tests * @@ -617,18 +617,34 @@ public class BaseRMRestTest extends RestTest } /** - * Assign filling permission on a record category and give the user RM_USER role + * Helper method to create a test user with rm role * - * @param user the user to assign the permission to - * @param categoryId the id of the category to assign permissions for - * @throws Exception + * @param userRole the rm role + * @return the created user model */ - public void assignFillingPermissionsOnCategory(UserModel user, String categoryId, - String userPermission, String userRole) throws Exception + protected UserModel createUserWithRMRole(String userRole) { - getRestAPIFactory().getRMUserAPI().addUserPermission(categoryId, user, userPermission); - rmRolesAndActionsAPI.assignRoleToUser(getAdminUser().getUsername(), - getAdminUser().getPassword(), user.getUsername(), userRole); + UserModel rmUser = getDataUser().createRandomTestUser(); + getRestAPIFactory().getRMUserAPI().assignRoleToUser(rmUser.getUsername(), userRole); + assertStatusCode(OK); + return rmUser; + } + + /** + * Helper method to create a test user with rm role and permissions over the record category + * + * @param userRole the rm role + * @param userPermission the permissions over the record category + * @param recordCategory the category on which user has permissions + * @return the created user model + */ + protected UserModel createUserWithRMRoleAndCategoryPermission(String userRole, RecordCategory recordCategory, + UserPermissions userPermission) + { + UserModel rmUser = createUserWithRMRole(userRole); + getRestAPIFactory().getRMUserAPI().addUserPermission(recordCategory.getId(), rmUser, userPermission); + assertStatusCode(OK); + return rmUser; } /** @@ -797,5 +813,4 @@ public class BaseRMRestTest extends RestTest documentLibrary.setNodeRef(nodes.get(0).onModel().getId()); return documentLibrary; } - } diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/records/DeleteRecordTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/records/DeleteRecordTests.java index ef63360a39..387e263460 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/records/DeleteRecordTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/records/DeleteRecordTests.java @@ -236,15 +236,12 @@ public class DeleteRecordTests extends BaseRMRestTest public void userWithoutDeleteRecordsCapabilityCantDeleteRecord() throws Exception { // Create test user and add it with collaboration privileges - UserModel deleteUser = getDataUser().createRandomTestUser("delnoperm"); + // Add RM role to user, RM Power User doesn't have the "Delete Record" capabilities + UserModel deleteUser = createUserWithRMRole(ROLE_RM_POWER_USER.roleId); getDataUser().addUserToSite(deleteUser, new SiteModel(getRestAPIFactory().getRMSiteAPI().getSite().getId()), SiteCollaborator); String username = deleteUser.getUsername(); logger.info("Test user: " + username); - // Add RM role to user, RM Power User doesn't have the "Delete Record" capabilities - getRestAPIFactory().getRMUserAPI().assignRoleToUser(username, ROLE_RM_POWER_USER.roleId); - assertStatusCode(OK); - // Create random folder RecordCategoryChild recordFolder = createCategoryFolderInFilePlan(); logger.info("Random folder:" + recordFolder.getName()); diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/records/UpdateRecordsTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/records/UpdateRecordsTests.java index 2f8f3af510..c433c99dc6 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/records/UpdateRecordsTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/records/UpdateRecordsTests.java @@ -234,15 +234,12 @@ public class UpdateRecordsTests extends BaseRMRestTest public void userWithEditMetadataCapsCanUpdateMetadata() throws Exception { RMUserAPI rmUserAPI = getRestAPIFactory().getRMUserAPI(); - // Create test user and add it with collab. privileges - UserModel updateUser = getDataUser().createRandomTestUser("updateuser"); + // Create test user and add it with collab. privileges. + // RM Security Officer is the lowest role with Edit Record Metadata capabilities + UserModel updateUser = createUserWithRMRole(ROLE_RM_SECURITY_OFFICER.roleId); updateUser.setUserRole(UserRole.SiteCollaborator); getDataUser().addUserToSite(updateUser, new SiteModel(getRestAPIFactory().getRMSiteAPI().getSite().getId()), UserRole.SiteCollaborator); - // RM Security Officer is the lowest role with Edit Record Metadata capabilities - rmUserAPI.assignRoleToUser(updateUser.getUsername(), ROLE_RM_SECURITY_OFFICER.roleId); - assertStatusCode(OK); - // Create random folder RecordCategoryChild recordFolder = createCategoryFolderInFilePlan(); logger.info("random folder:" + recordFolder.getName()); diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/utils/RMSiteUtil.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/utils/RMSiteUtil.java index b3574a0fcb..80062165ca 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/utils/RMSiteUtil.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/utils/RMSiteUtil.java @@ -66,7 +66,7 @@ public class RMSiteUtil /** * Creates an RM Site for the given compliance and default title and description * - * @param The RM site compliance + * @param compliance The RM site compliance * @return The {@link RMSite} with the given details */ private static RMSite createRMSiteModel(RMSiteCompliance compliance)