transform UserPermissions in enum; add helper methods to create users with rm role, permissions or clearance

(cherry picked from commit a54a80f6a6)

# Conflicts:
#	rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/requests/gscore/api/RMUserAPI.java
#	rm-automation/rm-automation-enterprise-rest-api/src/test/java/org/alfresco/rest/rm/enterprise/base/BaseRMEnterpriseRestTest.java
#	rm-automation/rm-automation-enterprise-rest-api/src/test/java/org/alfresco/rest/rm/enterprise/v0/classification/folder/RecordFolderClassificationTest.java

rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/user/UserPermissions.java

@@ -32,9 +32,16 @@ package org.alfresco.rest.rm.community.model.user;
  * @author Kristijan Conkas
  * @since 2.6
  */
-public class UserPermissions
+public enum UserPermissions
 {
-    public static final String PERMISSION_FILING = "Filing";
+    PERMISSION_FILING("Filing"),
-    public static final String PERMISSION_READ_RECORDS = "ReadRecords";
+    PERMISSION_READ_RECORDS("ReadRecords"),
-    public static final String PERMISSION_FILE_RECORDS = "FileRecords";
+    PERMISSION_FILE_RECORDS("FileRecords");
+
+    public final String permissionId;
+
+    UserPermissions(String permissionId)
+    {
+        this.permissionId = permissionId;
+    }
 }

rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/requests/gscore/api/FilesAPI.java

@@ -57,9 +57,8 @@ public class FilesAPI extends RMModelRequest
      * @param fileId The Id of a file to declare as record
      * @param parameters Request parameters, refer to API documentation for more details
      * @return The {@link Record} for created record
-     * @throws Exception for malformed JSON responses
      */
-    public Record declareAsRecord(String fileId, String parameters) throws Exception
+    public Record declareAsRecord(String fileId, String parameters)
     {
         mandatoryString("fileId", fileId);
 
@@ -76,9 +75,8 @@ public class FilesAPI extends RMModelRequest
      *
      * @param fileId The Id of a file to declare as record
      * @return The {@link Record} for created record
-     * @throws Exception for malformed JSON responses
      */
-    public Record declareAsRecord(String fileId) throws Exception
+    public Record declareAsRecord(String fileId)
     {
         mandatoryString("fileId", fileId);
 

rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/requests/gscore/api/RMUserAPI.java

@@ -87,7 +87,6 @@ public class RMUserAPI extends RMModelRequest
      *
      * @param userName User's username
      * @param userRole User's RM role, one of {@link UserRoles} roles
-     * @throws Exception for failed requests
      */
     public void assignRoleToUser(String userName, String userRole)
     {
@@ -118,12 +117,11 @@ public class RMUserAPI extends RMModelRequest
 
     /**
      * Helper method to add permission on a component to user
-     *
      * @param filePlanComponentId The id of the file plan component on which permission should be given
-     * @param user                {@link UserModel} for a user to be granted permission
+     * @param user {@link UserModel} for a user to be granted permission
-     * @param permission          {@link UserPermissions} to be granted
+     * @param permission {@link UserPermissions} to be granted
      */
-    public void addUserPermission(String filePlanComponentId, UserModel user, String permission)
+    public void addUserPermission(String filePlanComponentId, UserModel user, UserPermissions permission)
     {
         UserModel adminUser = getRmRestWrapper().getTestUser();
 
@@ -134,7 +132,7 @@ public class RMUserAPI extends RMModelRequest
                 .addArray("permissions")
                 .addObject()
                 .add("authority", (user != null ? user.getUsername() : null))
-                .add("role", permission)
+                .add("role", permission.permissionId)
                 .end()
                 .getJson();
 

rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/service/RoleService.java

@@ -26,12 +26,22 @@
  */
 package org.alfresco.rest.v0.service;
 
+import static lombok.AccessLevel.PROTECTED;
+import static org.springframework.http.HttpStatus.OK;
+
 import java.util.HashSet;
 import java.util.Set;
 
+import lombok.Getter;
+import org.alfresco.rest.core.RestAPIFactory;
+import org.alfresco.rest.rm.community.model.recordcategory.RecordCategory;
+import org.alfresco.rest.rm.community.model.user.UserPermissions;
 import org.alfresco.rest.rm.community.model.user.UserRoles;
 import org.alfresco.rest.v0.RMRolesAndActionsAPI;
+import org.alfresco.utility.constants.UserRole;
 import org.alfresco.utility.data.DataUser;
+import org.alfresco.utility.model.SiteModel;
+import org.alfresco.utility.model.UserModel;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
@@ -45,11 +55,29 @@ import org.springframework.stereotype.Service;
 public class RoleService
 {
     @Autowired
+    @Getter (value = PROTECTED)
     private RMRolesAndActionsAPI rmRolesAndActionsAPI;
 
     @Autowired
+    @Getter (value = PROTECTED)
     private DataUser dataUser;
 
+    @Autowired
+    @Getter (value = PROTECTED)
+    private RestAPIFactory restAPIFactory;
+
+    /**
+     * Get the capabilities for a role
+     *
+     * @param roleName the role name
+     * @return the list of capabilities
+     */
+    public Set<String> getRoleCapabilities(String roleName)
+    {
+        return getRmRolesAndActionsAPI().getCapabilitiesForRole(getDataUser().getAdminUser().getUsername(),
+                getDataUser().getAdminUser().getPassword(), roleName);
+    }
+
     /**
      * Add capabilities to a role
      *
@@ -58,12 +86,10 @@ public class RoleService
      */
     public void addCapabilitiesToRole(UserRoles role, Set<String> capabilities)
     {
-        Set<String> roleCapabilities = new HashSet<>();
+        Set<String> roleCapabilities = new HashSet<>(getRoleCapabilities(role.roleId));
-        roleCapabilities.addAll(rmRolesAndActionsAPI.getCapabilitiesForRole(dataUser.getAdminUser().getUsername(),
+        roleCapabilities.addAll(capabilities);
-                dataUser.getAdminUser().getPassword(), role.roleId));
-        capabilities.stream().forEach(cap -> roleCapabilities.add(cap));
 
-        rmRolesAndActionsAPI.updateRole(dataUser.getAdminUser().getUsername(), dataUser.getAdminUser().getPassword(),
+        getRmRolesAndActionsAPI().updateRole(getDataUser().getAdminUser().getUsername(), getDataUser().getAdminUser().getPassword(),
                 role.roleId, role.displayName, roleCapabilities);
     }
 
@@ -75,10 +101,75 @@ public class RoleService
      */
     public void removeCapabilitiesFromRole(UserRoles role, Set<String> capabilities)
     {
-        Set<String> roleCapabilities = rmRolesAndActionsAPI.getCapabilitiesForRole(dataUser.getAdminUser().getUsername(),
+        Set<String> roleCapabilities = getRoleCapabilities(role.roleId);
-                dataUser.getAdminUser().getPassword(), role.roleId);
         roleCapabilities.removeAll(capabilities);
-        rmRolesAndActionsAPI.updateRole(dataUser.getAdminUser().getUsername(), dataUser.getAdminUser().getPassword(),
+        getRmRolesAndActionsAPI().updateRole(getDataUser().getAdminUser().getUsername(), getDataUser().getAdminUser().getPassword(),
                 role.roleId, role.displayName, roleCapabilities);
     }
+
+    /**
+     * Assign permission on a record category and give the user RM role
+     *
+     * @param user           the user to assign rm role and permissions
+     * @param categoryId     the id of the category to assign permissions for
+     * @param userPermission the permissions to be assigned to the user
+     * @param userRole       the rm role to be assigned to the user
+     */
+    public void assignUserPermissionsOnCategoryAndRMRole(UserModel user, String categoryId, UserPermissions userPermission,
+                                                         String userRole)
+    {
+        getRestAPIFactory().getRMUserAPI().addUserPermission(categoryId, user, userPermission);
+        getRmRolesAndActionsAPI().assignRoleToUser(getDataUser().getAdminUser().getUsername(), getDataUser().getAdminUser().getPassword(),
+                user.getUsername(), userRole);
+    }
+
+    /**
+     * Helper method to create a test user with rm role
+     *
+     * @param userRole the rm role
+     * @return the created user model
+     */
+    public UserModel createUserWithRMRole(String userRole)
+    {
+        final UserModel rmUser = getDataUser().createRandomTestUser();
+        getRestAPIFactory().getRMUserAPI().assignRoleToUser(rmUser.getUsername(), userRole);
+        getRestAPIFactory().getRmRestWrapper().assertStatusCodeIs(OK);
+        return rmUser;
+    }
+
+    /**
+     * Helper method to create a test user with rm role and permissions over the record category
+     *
+     * @param userRole       the rm role
+     * @param userPermission the permissions over the record category
+     * @param recordCategory the category on which user has permissions
+     * @return the created user model
+     */
+    public UserModel createUserWithRMRoleAndCategoryPermission(String userRole, RecordCategory recordCategory,
+                                                                  UserPermissions userPermission)
+    {
+        final UserModel rmUser = createUserWithRMRole(userRole);
+        getRestAPIFactory().getRMUserAPI().addUserPermission(recordCategory.getId(), rmUser, userPermission);
+        getRestAPIFactory().getRmRestWrapper().assertStatusCodeIs(OK);
+        return rmUser;
+    }
+
+    /**
+     * Helper method to create a test user with rm role and permissions over the recordCategory and collaborator role
+     * in collaboration site
+     *
+     * @param siteModel collaboration site
+     * @param recordCategory  the category  on which permission should be given
+     * @param userRole       the rm role
+     * @param userPermission the permissions over the recordCategory
+     * @return the created user model
+     */
+    public UserModel createCollaboratorWithRMRoleAndPermission(SiteModel siteModel, RecordCategory recordCategory,
+                                                                UserRoles userRole, UserPermissions userPermission)
+    {
+        final UserModel rmUser = createUserWithRMRoleAndCategoryPermission(userRole.roleId, recordCategory,
+                userPermission);
+        getDataUser().addUserToSite(rmUser, siteModel, UserRole.SiteCollaborator);
+        return rmUser;
+    }
 }

rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/base/BaseRMRestTest.java

@@ -54,6 +54,7 @@ import java.util.ArrayList;
 import java.util.List;
 import java.util.stream.Collectors;
 
+import lombok.Getter;
 import org.alfresco.dataprep.ContentService;
 import org.alfresco.rest.RestTest;
 import org.alfresco.rest.core.RestAPIFactory;
@@ -70,6 +71,7 @@ import org.alfresco.rest.rm.community.model.site.RMSite;
 import org.alfresco.rest.rm.community.model.transfercontainer.TransferContainer;
 import org.alfresco.rest.rm.community.model.unfiledcontainer.UnfiledContainer;
 import org.alfresco.rest.rm.community.model.unfiledcontainer.UnfiledContainerChild;
+import org.alfresco.rest.rm.community.model.user.UserPermissions;
 import org.alfresco.rest.rm.community.requests.gscore.api.RMSiteAPI;
 import org.alfresco.rest.rm.community.requests.gscore.api.RecordCategoryAPI;
 import org.alfresco.rest.rm.community.requests.gscore.api.RecordFolderAPI;
@@ -90,8 +92,6 @@ import org.springframework.http.HttpStatus;
 import org.testng.annotations.BeforeClass;
 import org.testng.annotations.DataProvider;
 
-import lombok.Getter;
-
 /**
  * Base class for all GS REST API Tests
  *
@@ -617,18 +617,34 @@ public class BaseRMRestTest extends RestTest
     }
 
     /**
-     * Assign filling permission on a record category and give the user RM_USER role
+     * Helper method to create a test user with rm role
      *
-     * @param user the user to assign the permission to
+     * @param userRole the rm role
-     * @param categoryId the id of the category to assign permissions for
+     * @return the created user model
-     * @throws Exception
      */
-    public void assignFillingPermissionsOnCategory(UserModel user, String categoryId,
+    protected UserModel createUserWithRMRole(String userRole)
-                                                   String userPermission, String userRole) throws Exception
     {
-        getRestAPIFactory().getRMUserAPI().addUserPermission(categoryId, user, userPermission);
+        UserModel rmUser = getDataUser().createRandomTestUser();
-        rmRolesAndActionsAPI.assignRoleToUser(getAdminUser().getUsername(),
+        getRestAPIFactory().getRMUserAPI().assignRoleToUser(rmUser.getUsername(), userRole);
-                    getAdminUser().getPassword(), user.getUsername(), userRole);
+        assertStatusCode(OK);
+        return rmUser;
+    }
+
+    /**
+     * Helper method to create a test user with rm role and permissions over the record category
+     *
+     * @param userRole the rm role
+     * @param userPermission the permissions over the record category
+     * @param recordCategory the category on which user has permissions
+     * @return the created user model
+     */
+    protected UserModel createUserWithRMRoleAndCategoryPermission(String userRole, RecordCategory recordCategory,
+                                                                  UserPermissions userPermission)
+    {
+        UserModel rmUser = createUserWithRMRole(userRole);
+        getRestAPIFactory().getRMUserAPI().addUserPermission(recordCategory.getId(), rmUser, userPermission);
+        assertStatusCode(OK);
+        return rmUser;
     }
 
     /**
@@ -797,5 +813,4 @@ public class BaseRMRestTest extends RestTest
         documentLibrary.setNodeRef(nodes.get(0).onModel().getId());
         return documentLibrary;
     }
-
 }

rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/records/DeleteRecordTests.java

@@ -236,15 +236,12 @@ public class DeleteRecordTests extends BaseRMRestTest
     public void userWithoutDeleteRecordsCapabilityCantDeleteRecord() throws Exception
     {
         // Create test user and add it with collaboration privileges
-        UserModel deleteUser = getDataUser().createRandomTestUser("delnoperm");
+        // Add RM role to user, RM Power User doesn't have the "Delete Record" capabilities
+        UserModel deleteUser = createUserWithRMRole(ROLE_RM_POWER_USER.roleId);
         getDataUser().addUserToSite(deleteUser, new SiteModel(getRestAPIFactory().getRMSiteAPI().getSite().getId()), SiteCollaborator);
         String username = deleteUser.getUsername();
         logger.info("Test user: " + username);
 
-        // Add RM role to user, RM Power User doesn't have the "Delete Record" capabilities
-        getRestAPIFactory().getRMUserAPI().assignRoleToUser(username, ROLE_RM_POWER_USER.roleId);
-        assertStatusCode(OK);
-
         // Create random folder
         RecordCategoryChild recordFolder = createCategoryFolderInFilePlan();
         logger.info("Random folder:" + recordFolder.getName());

rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/records/UpdateRecordsTests.java

@@ -234,15 +234,12 @@ public class UpdateRecordsTests extends BaseRMRestTest
     public void userWithEditMetadataCapsCanUpdateMetadata() throws Exception
     {
         RMUserAPI rmUserAPI = getRestAPIFactory().getRMUserAPI();
-        // Create test user and add it with collab. privileges
+        // Create test user and add it with collab. privileges.
-        UserModel updateUser = getDataUser().createRandomTestUser("updateuser");
+        // RM Security Officer is the lowest role with Edit Record Metadata capabilities
+        UserModel updateUser = createUserWithRMRole(ROLE_RM_SECURITY_OFFICER.roleId);
         updateUser.setUserRole(UserRole.SiteCollaborator);
         getDataUser().addUserToSite(updateUser, new SiteModel(getRestAPIFactory().getRMSiteAPI().getSite().getId()), UserRole.SiteCollaborator);
 
-        // RM Security Officer is the lowest role with Edit Record Metadata capabilities
-        rmUserAPI.assignRoleToUser(updateUser.getUsername(), ROLE_RM_SECURITY_OFFICER.roleId);
-        assertStatusCode(OK);
-
         // Create random folder
         RecordCategoryChild recordFolder = createCategoryFolderInFilePlan();
         logger.info("random folder:" + recordFolder.getName());

rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/utils/RMSiteUtil.java

@@ -66,7 +66,7 @@ public class RMSiteUtil
     /**
      * Creates an RM Site for the given compliance and default title and description
      *
-     * @param The RM site compliance
+     * @param compliance The RM site compliance
      * @return The {@link RMSite} with the given details
      */
     private static RMSite createRMSiteModel(RMSiteCompliance compliance)