From 55d41d5e0b3df2de02364a76747620bcb9db78e2 Mon Sep 17 00:00:00 2001 From: cagache Date: Mon, 4 Nov 2019 16:59:49 +0200 Subject: [PATCH 01/14] removed duplicate methods --- .../rm/community/base/BaseRMRestTest.java | 31 ------------------- 1 file changed, 31 deletions(-) diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/base/BaseRMRestTest.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/base/BaseRMRestTest.java index 96ddd592b2..037c6ce73d 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/base/BaseRMRestTest.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/base/BaseRMRestTest.java @@ -615,37 +615,6 @@ public class BaseRMRestTest extends RestTest recordCategoryAPI.deleteRecordCategory(recordCategoryId); } - /** - * Helper method to create a test user with rm role - * - * @param userRole the rm role - * @return the created user model - */ - protected UserModel createUserWithRMRole(String userRole) - { - UserModel rmUser = getDataUser().createRandomTestUser(); - getRestAPIFactory().getRMUserAPI().assignRoleToUser(rmUser.getUsername(), userRole); - assertStatusCode(OK); - return rmUser; - } - - /** - * Helper method to create a test user with rm role and permissions over the record category - * - * @param userRole the rm role - * @param userPermission the permissions over the record category - * @param recordCategory the category on which user has permissions - * @return the created user model - */ - protected UserModel createUserWithRMRoleAndCategoryPermission(String userRole, RecordCategory recordCategory, - UserPermissions userPermission) - { - UserModel rmUser = createUserWithRMRole(userRole); - getRestAPIFactory().getRMUserAPI().addUserPermission(recordCategory.getId(), rmUser, userPermission); - assertStatusCode(OK); - return rmUser; - } - /** * Returns search results for the given search term * From 0fc452ab3fb824e67943c8fa4e79f33ce243dc76 Mon Sep 17 00:00:00 2001 From: cagache Date: Tue, 5 Nov 2019 16:34:36 +0200 Subject: [PATCH 02/14] RM-7033 Automate tests for Audit create, delete, add to, and remove from holds --- .../rm/community/model/audit/AuditEvents.java | 6 +- .../community/audit/AuditAddToHoldTests.java | 302 ++++++++++++++++ .../community/audit/AuditCreateHoldTests.java | 195 ++++++++++ .../community/audit/AuditDeleteHoldTests.java | 169 +++++++++ .../audit/AuditRemoveFromHoldTests.java | 337 ++++++++++++++++++ .../community/audit/AuditUserEventsTests.java | 2 +- .../rm/community/hold/AddToHoldsTests.java | 6 +- 7 files changed, 1012 insertions(+), 5 deletions(-) create mode 100644 rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java create mode 100644 rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditCreateHoldTests.java create mode 100644 rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java create mode 100644 rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java diff --git a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/audit/AuditEvents.java b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/audit/AuditEvents.java index 31d05ecece..37e89ee91d 100644 --- a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/audit/AuditEvents.java +++ b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/rm/community/model/audit/AuditEvents.java @@ -41,7 +41,11 @@ public enum AuditEvents DELETE_USER_GROUP("Delete User Group", "Delete User Group"), ADD_TO_USER_GROUP("Add To User Group", "Add To User Group"), REMOVE_FROM_USER_GROUP("Remove From User Group", "Remove From User Group"), - LOGIN_UNSUCCESSFUL("Login.Failure", "Login Unsuccessful"); + LOGIN_UNSUCCESSFUL("Login.Failure", "Login Unsuccessful"), + CREATE_HOLD("Create Hold", "Create Hold"), + DELETE_HOLD("Delete Hold", "Delete Hold"), + ADD_TO_HOLD("Add To Hold", "Add To Hold"), + REMOVE_FROM_HOLD("Remove From Hold", "Remove From Hold"); /** event audited */ public final String event; diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java new file mode 100644 index 0000000000..da0c855b69 --- /dev/null +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java @@ -0,0 +1,302 @@ +/* + * #%L + * Alfresco Records Management Module + * %% + * Copyright (C) 2005 - 2019 Alfresco Software Limited + * %% + * License rights for this program may be obtained from Alfresco Software, Ltd. + * pursuant to a written agreement and any use of this program without such an + * agreement is prohibited. + * #L% + */ +package org.alfresco.rest.rm.community.audit; + +import static java.util.Arrays.asList; + +import static org.alfresco.rest.rm.community.base.TestData.HOLD_DESCRIPTION; +import static org.alfresco.rest.rm.community.base.TestData.HOLD_REASON; +import static org.alfresco.rest.rm.community.model.audit.AuditEvents.ADD_TO_HOLD; +import static org.alfresco.rest.rm.community.util.CommonTestUtils.generateTestPrefix; +import static org.alfresco.utility.data.RandomData.getRandomName; +import static org.alfresco.utility.report.log.Step.STEP; +import static org.testng.AssertJUnit.assertEquals; +import static org.testng.AssertJUnit.assertFalse; +import static org.testng.AssertJUnit.assertTrue; +import static org.testng.AssertJUnit.fail; + +import java.util.Collections; +import java.util.List; + +import org.alfresco.dataprep.CMISUtil; +import org.alfresco.rest.rm.community.base.BaseRMRestTest; +import org.alfresco.rest.rm.community.model.audit.AuditEntry; +import org.alfresco.rest.rm.community.model.record.Record; +import org.alfresco.rest.rm.community.model.recordcategory.RecordCategory; +import org.alfresco.rest.rm.community.model.recordcategory.RecordCategoryChild; +import org.alfresco.rest.rm.community.model.user.UserPermissions; +import org.alfresco.rest.rm.community.model.user.UserRoles; +import org.alfresco.rest.v0.HoldsAPI; +import org.alfresco.rest.v0.RMAuditAPI; +import org.alfresco.rest.v0.service.RoleService; +import org.alfresco.test.AlfrescoTest; +import org.alfresco.utility.constants.UserRole; +import org.alfresco.utility.model.FileModel; +import org.alfresco.utility.model.SiteModel; +import org.alfresco.utility.model.UserModel; +import org.springframework.beans.factory.annotation.Autowired; +import org.testng.annotations.AfterClass; +import org.testng.annotations.BeforeClass; +import org.testng.annotations.DataProvider; +import org.testng.annotations.Test; + +/** + * This class contains the tests that check the add to hold event is audited + * + * @author Claudia Agache + * @since 3.3 + */ +@AlfrescoTest (jira = "RM-6859") +public class AuditAddToHoldTests extends BaseRMRestTest +{ + private final String PREFIX = generateTestPrefix(AuditAddToHoldTests.class); + private final String HOLD1 = PREFIX + "hold1"; + private final String HOLD2 = PREFIX + "hold2"; + + @Autowired + private RMAuditAPI rmAuditAPI; + @Autowired + private HoldsAPI holdsAPI; + @Autowired + private RoleService roleService; + + private UserModel rmAdmin, rmManagerNoRightsOnHold, rmManagerNoRightsOnNode; + private SiteModel privateSite; + private RecordCategory recordCategory; + private RecordCategoryChild recordFolder; + private List auditEntries; + private List holdsList = asList(HOLD1, HOLD2); + private AuditEntry auditEntry; + + @BeforeClass (alwaysRun = true) + public void preconditionForAuditAddToHoldTests() throws Exception + { + STEP("Create 2 holds."); + String hold1NodeRef = holdsAPI.createHoldAndGetNodeRef(getAdminUser().getUsername(), + getAdminUser().getPassword(), HOLD1, HOLD_REASON, HOLD_DESCRIPTION); + holdsAPI.createHold(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD2, HOLD_REASON, HOLD_DESCRIPTION); + + STEP("Create a new record category with a record folder."); + recordCategory = createRootCategory(getRandomName("recordCategory")); + recordFolder = createRecordFolder(recordCategory.getId(), PREFIX + "recFolder"); + + STEP("Create an user with full rights to add content to a hold."); + rmAdmin = roleService.createUserWithRMRole(UserRoles.ROLE_RM_ADMIN.roleId); + + STEP("Create a collaboration site."); + privateSite = dataSite.usingUser(rmAdmin).createPrivateRandomSite(); + + STEP("Create users without rights to add content to a hold."); + rmManagerNoRightsOnHold = roleService.createUserWithSiteRoleRMRoleAndPermission(privateSite, + UserRole.SiteManager, recordCategory.getId(), UserRoles.ROLE_RM_MANAGER, UserPermissions.PERMISSION_FILING); + rmManagerNoRightsOnNode = roleService.createUserWithRMRoleAndRMNodePermission(UserRoles.ROLE_RM_MANAGER.roleId, + hold1NodeRef, UserPermissions.PERMISSION_FILING); + } + + /** + * Data provider with valid nodes that can be added to a hold + * + * @return the node id and the node name + * @throws Exception + */ + @DataProvider (name = "validNodesForAddToHold") + public Object[][] getValidNodesForAddToHold() throws Exception + { + FileModel contentToBeAdded = dataContent.usingAdmin().usingSite(privateSite) + .createContent(CMISUtil.DocumentType.TEXT_PLAIN); + RecordCategoryChild recordFolderToBeAdded = createRecordFolder(recordCategory.getId(), PREFIX + "recFolderToBeAdded"); + Record recordToBeAdded = createElectronicRecord(recordFolder.getId(), PREFIX + "record"); + + return new String[][] + { + // a record folder + { recordFolderToBeAdded.getId(), recordFolderToBeAdded.getName() }, + // a record + { recordToBeAdded.getId(), recordToBeAdded.getName() }, + //an active content, + { contentToBeAdded.getNodeRefWithoutVersion(), contentToBeAdded.getName() } + }; + } + + /** + * Data provider with invalid users that can not add content to a hold + * + * @return the userModel + */ + @DataProvider (name = "invalidUsersForAddToHold") + public Object[][] getInvalidUsersForAddToHold() + { + return new UserModel[][] + { + { rmManagerNoRightsOnHold }, + { rmManagerNoRightsOnNode } + }; + } + + /** + * Given a document/record/record folder is added to a hold + * When I view the audit log + * Then an entry has been created in the audit log that contains the following: + * name of the hold + * name of the document/record/record folder added + * user who added the content + * date the content was added + */ + @Test (dataProvider = "validNodesForAddToHold") + public void addToHoldEventIsAudited(String nodeId, String nodeName) + { + STEP("Clean audit logs."); + rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + + STEP("Add node to hold."); + holdsAPI.addItemToHold(rmAdmin.getUsername(), rmAdmin.getPassword(), nodeId, HOLD1); + + STEP("Get the list of audit entries for the add to hold event."); + auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, + ADD_TO_HOLD.event); + + STEP("Check the audit log contains the entry for the add to hold."); + assertFalse("The list of events should contain Add To Hold entry ", auditEntries.isEmpty()); + auditEntry = auditEntries.get(0); + assertTrue("The list of events is not filtered by Add To Hold", + auditEntry.getEvent().equals(ADD_TO_HOLD.eventDisplayName)); + assertTrue("The hold name value for the add to hold is not audited.", + auditEntry.getNodeName().equals(HOLD1)); + assertTrue("The user who added the node to the hold is not audited.", + auditEntry.getUserName().equals(rmAdmin.getUsername())); + assertFalse("The date when the add to hold occurred is not audited.", auditEntry.getTimestamp().isEmpty()); + //TODO check content name + } + + /** + * Given an unsuccessful add to hold action + * When I view the audit log + * Then the add to hold event isn't audited + */ + @Test + public void unsuccessfulAddToHoldIsNotAudited() throws Exception + { + STEP("Create a new record"); + Record recordToBeAdded = createElectronicRecord(recordFolder.getId(), PREFIX + "record"); + + STEP("Clean audit logs."); + rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + + STEP("Try to add the record to a hold by an user with no rights."); + try + { + holdsAPI.addItemToHold(rmManagerNoRightsOnHold.getUsername(), rmManagerNoRightsOnHold.getPassword(), + recordToBeAdded.getId(), HOLD1); + fail("Add to hold action was successful."); + } + catch (Exception e) + { + STEP("Get the list of audit entries for the add to hold event."); + auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, + ADD_TO_HOLD.event); + + STEP("Check the audit log doesn't contain the entry for the unsuccessful add to hold."); + assertTrue("The list of events should not contain Add to Hold entry ", auditEntries.isEmpty()); + } + } + + /** + * Given a not empty record folder is added to a hold + * When I view the audit log + * Then only an entry has been created in the audit log for the record folder added + */ + @Test + public void addToHoldIsNotAuditedForRecordFolderChildren() throws Exception + { + STEP("Create a new record folder with a record inside"); + RecordCategoryChild notEmptyRecFolder = createRecordFolder(recordCategory.getId(), PREFIX + "notEmptyRecFolder"); + createElectronicRecord(notEmptyRecFolder.getId(), PREFIX + "record"); + + STEP("Clean audit logs."); + rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + + STEP("Add record folder to hold."); + holdsAPI.addItemToHold(rmAdmin.getUsername(), rmAdmin.getPassword(), notEmptyRecFolder.getId(), HOLD1); + + STEP("Get the list of audit entries for the add to hold event."); + auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, + ADD_TO_HOLD.event); + + STEP("Check the audit log contains only an entry for add to hold."); + assertEquals("The list of events should not contain Add to Hold entry for the record", 1, auditEntries.size()); + //TODO check content name + } + + /** + * Given a document/record/record folder is added to multiple holds + * When I view the audit log + * Then multiple entries have been created in the audit log for each add to hold event + */ + @Test + public void addToHoldIsAuditedInBulkAddition() throws Exception + { + STEP("Create a new record"); + Record recordToBeAdded = createElectronicRecord(recordFolder.getId(), PREFIX + "record"); + + STEP("Clean audit logs."); + rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + + STEP("Add record to multiple holds."); + holdsAPI.addItemsToHolds(rmAdmin.getUsername(), rmAdmin.getPassword(), + Collections.singletonList(recordToBeAdded.getId()), holdsList); + + STEP("Get the list of audit entries for the add to hold event."); + auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, + ADD_TO_HOLD.event); + + STEP("Check the audit log contains entries for both additions."); + assertEquals("The list of events should contain Add to Hold entries for both holds", 2, auditEntries.size()); + assertTrue("The hold name value for the first add to hold is not audited.", + auditEntries.stream().anyMatch(entry -> entry.getNodeName().equals(HOLD1))); + assertTrue("The hold name value for the second add to hold is not audited.", + auditEntries.stream().anyMatch(entry -> entry.getNodeName().equals(HOLD2))); + } + + /** + * Given a document/record/record folder is added to a hold + * When I view the audit log as an user with no Read permissions over the hold or the node + * Then the add to hold entry isn't visible + */ + @Test (dataProvider = "invalidUsersForAddToHold") + public void addToHoldAuditEntryNotVisible(UserModel user) + { + STEP("Create a new file"); + FileModel contentToBeAdded = dataContent.usingAdmin().usingSite(privateSite) + .createContent(CMISUtil.DocumentType.TEXT_PLAIN); + + STEP("Clean audit logs."); + rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + + STEP("Add file to hold."); + holdsAPI.addItemToHold(rmAdmin.getUsername(), rmAdmin.getPassword(), contentToBeAdded.getNodeRefWithoutVersion(), HOLD1); + + STEP("Get the list of audit entries for the add to hold event as an user with no Read permissions."); + auditEntries = rmAuditAPI.getRMAuditLog(user.getUsername(), user.getPassword(), 100, ADD_TO_HOLD.event); + + STEP("Check the audit log doesn't contain the entry for the add to hold event."); + assertTrue("The list of events should not contain Add to Hold entry ", auditEntries.isEmpty()); + } + + @AfterClass (alwaysRun = true) + public void cleanUpAuditHoldTests() + { + holdsList.forEach(hold -> holdsAPI.deleteHold(getAdminUser().getUsername(), getAdminUser().getPassword(), hold)); + dataSite.usingAdmin().deleteSite(privateSite); + asList(rmAdmin, rmManagerNoRightsOnHold, rmManagerNoRightsOnNode).forEach(user -> getDataUser().usingAdmin().deleteUser(user)); + getRestAPIFactory().getRecordCategoryAPI().deleteRecordCategory(recordCategory.getId()); + } +} diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditCreateHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditCreateHoldTests.java new file mode 100644 index 0000000000..9ef62b20ee --- /dev/null +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditCreateHoldTests.java @@ -0,0 +1,195 @@ +/* + * #%L + * Alfresco Records Management Module + * %% + * Copyright (C) 2005 - 2019 Alfresco Software Limited + * %% + * License rights for this program may be obtained from Alfresco Software, Ltd. + * pursuant to a written agreement and any use of this program without such an + * agreement is prohibited. + * #L% + */ +package org.alfresco.rest.rm.community.audit; + +import static java.util.Arrays.asList; + +import static org.alfresco.rest.rm.community.base.TestData.HOLD_DESCRIPTION; +import static org.alfresco.rest.rm.community.base.TestData.HOLD_REASON; +import static org.alfresco.rest.rm.community.model.audit.AuditEvents.CREATE_HOLD; +import static org.alfresco.rest.rm.community.util.CommonTestUtils.generateTestPrefix; +import static org.alfresco.utility.report.log.Step.STEP; +import static org.testng.AssertJUnit.assertEquals; +import static org.testng.AssertJUnit.assertFalse; +import static org.testng.AssertJUnit.assertTrue; + +import java.util.List; + +import com.google.common.collect.ImmutableMap; + +import org.alfresco.rest.rm.community.base.BaseRMRestTest; +import org.alfresco.rest.rm.community.model.audit.AuditEntry; +import org.alfresco.rest.rm.community.model.user.UserRoles; +import org.alfresco.rest.v0.HoldsAPI; +import org.alfresco.rest.v0.RMAuditAPI; +import org.alfresco.rest.v0.service.RoleService; +import org.alfresco.test.AlfrescoTest; +import org.alfresco.utility.model.UserModel; +import org.springframework.beans.factory.annotation.Autowired; +import org.testng.annotations.AfterClass; +import org.testng.annotations.BeforeClass; +import org.testng.annotations.Test; + +/** + * This class contains the tests that check the create hold event is audited + * + * @author Claudia Agache + * @since 3.3 + */ +@AlfrescoTest (jira = "RM-6859") +public class AuditCreateHoldTests extends BaseRMRestTest +{ + private final String PREFIX = generateTestPrefix(AuditCreateHoldTests.class); + private final String HOLD1 = PREFIX + "createHold"; + private final String HOLD2 = PREFIX + "createHold2"; + private final String HOLD3 = PREFIX + "createHold3"; + + @Autowired + private RMAuditAPI rmAuditAPI; + @Autowired + private HoldsAPI holdsAPI; + @Autowired + private RoleService roleService; + + private UserModel rmAdmin, rmManager; + private List auditEntries; + + @BeforeClass (alwaysRun = true) + public void preconditionForAuditCreateHoldTests() + { + STEP("Create test users."); + rmAdmin = roleService.createUserWithRMRole(UserRoles.ROLE_RM_ADMIN.roleId); + rmManager = roleService.createUserWithRMRole(UserRoles.ROLE_RM_MANAGER.roleId); + } + + /** + * Given a new hold is created + * When I view the audit log + * Then an entry has been created in the audit log which contains the following: + * name of the hold + * reason for hold + * user who created the hold + * date the creation occurred + */ + @Test + public void createHoldEventIsAuditedForNewHold() + { + STEP("Clean audit logs."); + rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + + STEP("Create a new hold."); + holdsAPI.createHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD1, HOLD_REASON, HOLD_DESCRIPTION); + + STEP("Get the list of audit entries for the create hold event."); + auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, + CREATE_HOLD.event); + + STEP("Check the audit log contains the entry for the created hold with the hold details."); + assertFalse("The list of events should contain Create Hold entry ", auditEntries.isEmpty()); + AuditEntry auditEntry = auditEntries.get(0); + assertTrue("The list of events is not filtered by Create Hold", + auditEntry.getEvent().equals(CREATE_HOLD.eventDisplayName)); + assertTrue("The hold name value for the hold created is not audited.", auditEntry.getNodeName().equals(HOLD1)); + assertTrue("The hold reason value for the hold created is not audited.", + auditEntry.getChangedValues().contains( + ImmutableMap.of("new", HOLD_REASON, "previous", "", "name", "Hold Reason"))); + assertTrue("The user who created the hold is not audited.", + auditEntry.getUserName().equals(rmAdmin.getUsername())); + assertFalse("The date when the hold creation occurred is not audited.", auditEntry.getTimestamp().isEmpty()); + } + + /** + * Given an unsuccessful create hold action + * When I view the audit log + * Then the create hold event isn't audited + */ + @Test + public void createHoldEventIsNotAuditedForExistingHold() + { + STEP("Create a new hold."); + holdsAPI.createHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2, HOLD_REASON, HOLD_DESCRIPTION); + + STEP("Clean audit logs."); + rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + + STEP("Try to create again the same hold."); + holdsAPI.createHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2, HOLD_REASON, HOLD_DESCRIPTION); + + STEP("Get the list of audit entries for the create hold event."); + auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, + CREATE_HOLD.event); + + STEP("Check the audit log doesn't contain the entry for the second create hold event."); + assertTrue("The list of events should not contain Create Hold entry ", auditEntries.isEmpty()); + } + + /** + * Given a new hold is created and then deleted + * When I view the audit log + * Then the create hold entry still contains the initial details + */ + @Test + public void createHoldAuditEntryIsNotLost() + { + final String holdName = PREFIX + "holdToBeDeleted"; + STEP("Clean audit logs."); + rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + + STEP("Create a new hold."); + holdsAPI.createHold(rmAdmin.getUsername(), rmAdmin.getPassword(), holdName, HOLD_REASON, HOLD_DESCRIPTION); + + STEP("Get the list of audit entries for the create hold event."); + auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, + CREATE_HOLD.event); + + STEP("Delete the created hold."); + holdsAPI.deleteHold(rmAdmin.getUsername(), rmAdmin.getPassword(), holdName); + + STEP("Get again the list of audit entries for the create hold event."); + List auditEntriesAfterDelete = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), + getAdminUser().getPassword(), 100, CREATE_HOLD.event); + + STEP("Check that the audit entry for the created hold didn't change after hold deletion."); + assertEquals("The list of events is not filtered by Create Hold", + auditEntries, auditEntriesAfterDelete); + } + + /** + * Given a new hold is created + * When I view the audit log as an user with no Read permissions over the created hold + * Then the create hold entry isn't visible + */ + @Test + public void createHoldAuditEntryNotVisible() + { + STEP("Clean audit logs."); + rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + + STEP("Create a new hold."); + holdsAPI.createHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD3, HOLD_REASON, HOLD_DESCRIPTION); + + STEP("Get the list of audit entries for the create hold event as an user with no Read permissions over the hold."); + auditEntries = rmAuditAPI.getRMAuditLog(rmManager.getUsername(), rmManager.getPassword(), 100, + CREATE_HOLD.event); + + STEP("Check the audit log doesn't contain the entry for the create hold event."); + assertTrue("The list of events should not contain Create Hold entry ", auditEntries.isEmpty()); + } + + @AfterClass (alwaysRun = true) + public void cleanUpAuditHoldTests() + { + asList(HOLD1, HOLD2, HOLD3).forEach(hold -> + holdsAPI.deleteHold(getAdminUser().getUsername(), getAdminUser().getPassword(), hold)); + asList(rmAdmin, rmManager).forEach(user -> getDataUser().usingAdmin().deleteUser(user)); + } +} diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java new file mode 100644 index 0000000000..fdbada737e --- /dev/null +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java @@ -0,0 +1,169 @@ +/* + * #%L + * Alfresco Records Management Module + * %% + * Copyright (C) 2005 - 2019 Alfresco Software Limited + * %% + * License rights for this program may be obtained from Alfresco Software, Ltd. + * pursuant to a written agreement and any use of this program without such an + * agreement is prohibited. + * #L% + */ +package org.alfresco.rest.rm.community.audit; + +import static java.util.Arrays.asList; + +import static org.alfresco.rest.rm.community.base.TestData.HOLD_DESCRIPTION; +import static org.alfresco.rest.rm.community.base.TestData.HOLD_REASON; +import static org.alfresco.rest.rm.community.model.audit.AuditEvents.DELETE_HOLD; +import static org.alfresco.rest.rm.community.util.CommonTestUtils.generateTestPrefix; +import static org.alfresco.utility.report.log.Step.STEP; +import static org.testng.AssertJUnit.assertFalse; +import static org.testng.AssertJUnit.assertTrue; +import static org.testng.AssertJUnit.fail; + +import java.util.List; + +import org.alfresco.rest.rm.community.base.BaseRMRestTest; +import org.alfresco.rest.rm.community.model.audit.AuditEntry; +import org.alfresco.rest.rm.community.model.user.UserRoles; +import org.alfresco.rest.v0.HoldsAPI; +import org.alfresco.rest.v0.RMAuditAPI; +import org.alfresco.rest.v0.service.RoleService; +import org.alfresco.test.AlfrescoTest; +import org.alfresco.utility.model.UserModel; +import org.springframework.beans.factory.annotation.Autowired; +import org.testng.annotations.AfterClass; +import org.testng.annotations.BeforeClass; +import org.testng.annotations.Test; + +/** + * This class contains the tests that check the delete hold event is audited + * + * @author Claudia Agache + * @since 3.3 + */ +@AlfrescoTest (jira = "RM-6859") +public class AuditDeleteHoldTests extends BaseRMRestTest +{ + private final String PREFIX = generateTestPrefix(AuditDeleteHoldTests.class); + private final String HOLD = PREFIX + "holdToBeDeleted"; + private final String HOLD2 = PREFIX + "deleteHold"; + + @Autowired + private RMAuditAPI rmAuditAPI; + @Autowired + private HoldsAPI holdsAPI; + @Autowired + private RoleService roleService; + + private UserModel rmAdmin, rmManager; + private List auditEntries; + + @BeforeClass (alwaysRun = true) + public void preconditionForAuditDeleteHoldTests() + { + STEP("Create a new hold."); + holdsAPI.createHold(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD, HOLD_REASON, HOLD_DESCRIPTION); + + STEP("Create 2 users with different permissions for the created hold."); + rmAdmin = roleService.createUserWithRMRole(UserRoles.ROLE_RM_ADMIN.roleId); + rmManager = roleService.createUserWithRMRole(UserRoles.ROLE_RM_MANAGER.roleId); + } + + /** + * Given a hold is deleted + * When I view the audit log + * Then an entry has been created in the audit log which contains the following: + * name of the hold + * user who deleted the hold + * date the delete occurred + */ + @Test + public void deleteHoldEventIsAudited() + { + STEP("Create a new hold."); + holdsAPI.createHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2, HOLD_REASON, HOLD_DESCRIPTION); + + STEP("Clean audit logs."); + rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + + STEP("Delete the created hold."); + holdsAPI.deleteHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2); + + STEP("Get the list of audit entries for the delete hold event."); + auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, + DELETE_HOLD.event); + + STEP("Check the audit log contains the entry for the deleted hold with the hold details."); + assertFalse("The list of events should contain Delete Hold entry ", auditEntries.isEmpty()); + AuditEntry auditEntry = auditEntries.get(0); + assertTrue("The list of events is not filtered by Delete Hold", + auditEntry.getEvent().equals(DELETE_HOLD.eventDisplayName)); + assertTrue("The hold name value for the deleted hold is not audited.", + auditEntry.getNodeName().equals(HOLD2)); + assertTrue("The user who deleted the hold is not audited.", + auditEntry.getUserName().equals(rmAdmin.getUsername())); + assertFalse("The date when the hold deletion occurred is not audited.", auditEntry.getTimestamp().isEmpty()); + } + + /** + * Given an unsuccessful delete hold action + * When I view the audit log + * Then the delete hold event isn't audited + */ + @Test + public void unsuccessfulDeleteHoldIsNotAudited() + { + STEP("Clean audit logs."); + rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + + STEP("Try to delete a hold by an user with no Read permissions over the hold."); + try + { + holdsAPI.deleteHold(rmManager.getUsername(), rmManager.getPassword(), HOLD); + fail("Delete hold action was successful."); + } + catch (Exception e) + { + STEP("Get the list of audit entries for the delete hold event."); + auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, + DELETE_HOLD.event); + + STEP("Check the audit log doesn't contain the entry for the unsuccessful delete hold."); + assertTrue("The list of events should not contain Delete Hold entry ", auditEntries.isEmpty()); + } + } + + /** + * Given a hold is deleted + * When I view the audit log as an user with no Read permissions over the deleted hold + * Then the delete hold entry isn't visible + */ + @Test + public void deleteHoldAuditEntryNotVisible() + { + STEP("Create a new hold."); + holdsAPI.createHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2, HOLD_REASON, HOLD_DESCRIPTION); + + STEP("Clean audit logs."); + rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + + STEP("Delete the created hold."); + holdsAPI.deleteHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2); + + STEP("Get the list of audit entries for the delete hold event as an user with no Read permissions over the hold."); + auditEntries = rmAuditAPI.getRMAuditLog(rmManager.getUsername(), rmManager.getPassword(), 100, + DELETE_HOLD.event); + + STEP("Check the audit log doesn't contain the entry for the delete hold event."); + assertTrue("The list of events should not contain Delete Hold entry ", auditEntries.isEmpty()); + } + + @AfterClass (alwaysRun = true) + public void cleanUpAuditHoldTests() + { + holdsAPI.deleteHold(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD); + asList(rmAdmin, rmManager).forEach(user -> getDataUser().usingAdmin().deleteUser(user)); + } +} diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java new file mode 100644 index 0000000000..e7448a8471 --- /dev/null +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java @@ -0,0 +1,337 @@ +/* + * #%L + * Alfresco Records Management Module + * %% + * Copyright (C) 2005 - 2019 Alfresco Software Limited + * %% + * License rights for this program may be obtained from Alfresco Software, Ltd. + * pursuant to a written agreement and any use of this program without such an + * agreement is prohibited. + * #L% + */ +package org.alfresco.rest.rm.community.audit; + +import static java.util.Arrays.asList; + +import static org.alfresco.rest.rm.community.base.TestData.HOLD_DESCRIPTION; +import static org.alfresco.rest.rm.community.base.TestData.HOLD_REASON; +import static org.alfresco.rest.rm.community.model.audit.AuditEvents.REMOVE_FROM_HOLD; +import static org.alfresco.rest.rm.community.util.CommonTestUtils.generateTestPrefix; +import static org.alfresco.utility.data.RandomData.getRandomName; +import static org.alfresco.utility.report.log.Step.STEP; +import static org.testng.AssertJUnit.assertEquals; +import static org.testng.AssertJUnit.assertFalse; +import static org.testng.AssertJUnit.assertTrue; +import static org.testng.AssertJUnit.fail; + +import java.util.Collections; +import java.util.List; + +import org.alfresco.dataprep.CMISUtil; +import org.alfresco.rest.rm.community.base.BaseRMRestTest; +import org.alfresco.rest.rm.community.model.audit.AuditEntry; +import org.alfresco.rest.rm.community.model.record.Record; +import org.alfresco.rest.rm.community.model.recordcategory.RecordCategory; +import org.alfresco.rest.rm.community.model.recordcategory.RecordCategoryChild; +import org.alfresco.rest.rm.community.model.user.UserPermissions; +import org.alfresco.rest.rm.community.model.user.UserRoles; +import org.alfresco.rest.v0.HoldsAPI; +import org.alfresco.rest.v0.RMAuditAPI; +import org.alfresco.rest.v0.service.RoleService; +import org.alfresco.test.AlfrescoTest; +import org.alfresco.utility.constants.UserRole; +import org.alfresco.utility.model.FileModel; +import org.alfresco.utility.model.SiteModel; +import org.alfresco.utility.model.UserModel; +import org.springframework.beans.factory.annotation.Autowired; +import org.testng.annotations.AfterClass; +import org.testng.annotations.BeforeClass; +import org.testng.annotations.DataProvider; +import org.testng.annotations.Test; + +/** + * This class contains the tests that check the remove from hold event is audited + * + * @author Claudia Agache + * @since 3.3 + */ +@AlfrescoTest (jira = "RM-6859") +public class AuditRemoveFromHoldTests extends BaseRMRestTest +{ + private final String PREFIX = generateTestPrefix(AuditRemoveFromHoldTests.class); + private final String HOLD1 = PREFIX + "hold1"; + private final String HOLD2 = PREFIX + "hold2"; + private final String HOLD3 = PREFIX + "hold3"; + private final String HOLD_TO_BE_DELETED = PREFIX + "holdToBeDeleted"; + + @Autowired + private RMAuditAPI rmAuditAPI; + @Autowired + private HoldsAPI holdsAPI; + @Autowired + private RoleService roleService; + + private UserModel rmAdmin, rmManagerNoRightsOnHold, rmManagerNoRightsOnNode; + private SiteModel privateSite; + private RecordCategory recordCategory; + private RecordCategoryChild recordFolder, heldRecordFolder; + private Record heldRecord; + private List auditEntries; + private List holdsList = asList(HOLD1, HOLD2, HOLD3); + private AuditEntry auditEntry; + private FileModel heldContent; + + @BeforeClass (alwaysRun = true) + public void createAuditHoldTestsPrecondition() throws Exception + { + STEP("Create an user with full rights to remove content from a hold."); + rmAdmin = roleService.createUserWithRMRole(UserRoles.ROLE_RM_ADMIN.roleId); + + STEP("Create a collaboration site."); + privateSite = dataSite.usingUser(rmAdmin).createPrivateRandomSite(); + + STEP("Create new holds."); + String hold1NodeRef = holdsAPI.createHoldAndGetNodeRef(getAdminUser().getUsername(), getAdminUser().getPassword(), + HOLD1, HOLD_REASON, HOLD_DESCRIPTION); + holdsAPI.createHold(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD2, HOLD_REASON, HOLD_DESCRIPTION); + holdsAPI.createHold(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD3, HOLD_REASON, HOLD_DESCRIPTION); + holdsAPI.createHold(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD_TO_BE_DELETED, + HOLD_REASON, HOLD_DESCRIPTION); + + STEP("Create a new record category with a record folder."); + recordCategory = createRootCategory(getRandomName("recordCategory")); + recordFolder = createRecordFolder(recordCategory.getId(), getRandomName("recFolder")); + + STEP("Create some held items"); + heldContent = dataContent.usingAdmin().usingSite(privateSite) + .createContent(CMISUtil.DocumentType.TEXT_PLAIN); + heldRecordFolder = createRecordFolder(recordCategory.getId(), PREFIX + "heldRecFolder"); + heldRecord = createElectronicRecord(recordFolder.getId(), PREFIX + "record"); + + holdsAPI.addItemsToHolds(getAdminUser().getUsername(), getAdminUser().getPassword(), + asList(heldContent.getNodeRefWithoutVersion(), heldRecordFolder.getId(), heldRecord.getId()), + holdsList); + + STEP("Create users without rights to remove content from a hold."); + rmManagerNoRightsOnHold = roleService.createUserWithSiteRoleRMRoleAndPermission(privateSite, + UserRole.SiteManager, recordCategory.getId(), UserRoles.ROLE_RM_MANAGER, UserPermissions.PERMISSION_FILING); + rmManagerNoRightsOnNode = roleService.createUserWithRMRoleAndRMNodePermission(UserRoles.ROLE_RM_MANAGER.roleId, + hold1NodeRef, UserPermissions.PERMISSION_FILING); + } + + /** + * Data provider with valid nodes that can be removed from a hold + * + * @return the node id and the node name + * @throws Exception + */ + @DataProvider (name = "validNodesForRemoveFromHold") + public Object[][] getValidNodesForRemoveFromHold() + { + return new String[][] + { + // a record folder + { heldRecordFolder.getId(), heldRecordFolder.getName() }, + // a record + { heldRecord.getId(), heldRecord.getName() }, + //an active content, + { heldContent.getNodeRefWithoutVersion(), heldContent.getName() } + }; + } + + /** + * Data provider with invalid users that can not remove content from a hold + * + * @return the userModel + */ + @DataProvider (name = "invalidUsersForRemoveFromHold") + public Object[][] getInvalidUsersForRemoveFromHold() + { + return new UserModel[][] + { + { rmManagerNoRightsOnHold }, + { rmManagerNoRightsOnNode } + }; + } + + /** + * Given a document/record/record folder is removed from a hold + * When I view the audit log + * Then an entry has been created in the audit log that contains the following: + * name of the hold + * name of the document/record/record folder removed + * user who removed the content + * date the content was removed + */ + @Test (dataProvider = "validNodesForRemoveFromHold") + public void removeFromHoldEventIsAudited(String nodeId, String nodeName) + { + STEP("Clean audit logs."); + rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + + STEP("Remove node from hold."); + holdsAPI.removeItemFromHold(rmAdmin.getUsername(), rmAdmin.getPassword(), nodeId, HOLD3); + + STEP("Get the list of audit entries for the remove from hold event."); + auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, + REMOVE_FROM_HOLD.event); + + STEP("Check the audit log contains the entry for the remove from hold."); + assertFalse("The list of events should contain Remove From Hold entry ", auditEntries.isEmpty()); + auditEntry = auditEntries.get(0); + assertTrue("The list of events is not filtered by Remove From Hold", + auditEntry.getEvent().equals(REMOVE_FROM_HOLD.eventDisplayName)); + assertTrue("The hold name value for the remove from hold is not audited.", + auditEntry.getNodeName().equals(HOLD3)); + assertTrue("The user who removed the node from the hold is not audited.", + auditEntry.getUserName().equals(rmAdmin.getUsername())); + assertFalse("The date when the add to hold occurred is not audited.", auditEntry.getTimestamp().isEmpty()); + //TODO check content name + } + + /** + * Given a not empty hold is deleted + * When I view the audit log + * Then an entry has been created in the audit log for each item removed from that hold + */ + @Test + public void removeFromHoldAuditedWhenHoldIsDeleted() + { + STEP("Add a file to the hold that will be deleted"); + holdsAPI.addItemToHold(getAdminUser().getUsername(), getAdminUser().getPassword(), + heldContent.getNodeRefWithoutVersion(), HOLD_TO_BE_DELETED); + + STEP("Clean audit logs."); + rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + + STEP("Delete the hold."); + holdsAPI.deleteHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD_TO_BE_DELETED); + + STEP("Get the list of audit entries for the remove from hold event."); + auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, + REMOVE_FROM_HOLD.event); + + STEP("Check the audit log contains the entry for the remove from hold."); + assertFalse("The list of events should contain Remove From Hold entry ", auditEntries.isEmpty()); + assertTrue("The hold name value for the remove from hold is not audited.", + auditEntries.get(0).getNodeName().equals(HOLD_TO_BE_DELETED)); + } + + /** + * Given an unsuccessful remove from hold action + * When I view the audit log + * Then the remove from hold event isn't audited + */ + @Test + public void unsuccessfulRemoveFromHoldIsNotAudited() + { + STEP("Clean audit logs."); + rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + + STEP("Try to remove the record from a hold by an user with no rights."); + try + { + holdsAPI.removeItemFromHold(rmManagerNoRightsOnHold.getUsername(), rmManagerNoRightsOnHold.getPassword(), + heldRecord.getId(), HOLD1); + fail("Remove from hold action was successful."); + } + catch (Exception e) + { + STEP("Get the list of audit entries for the remove from hold event."); + auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, + REMOVE_FROM_HOLD.event); + + STEP("Check the audit log doesn't contain the entry for the unsuccessful remove from hold."); + assertTrue("The list of events should not contain remove from hold entry ", auditEntries.isEmpty()); + } + } + + /** + * Given a not empty record folder is removed from a hold + * When I view the audit log + * Then only an entry has been created in the audit log for the record folder removed + */ + @Test + public void removeFromHoldNotAuditedForRecordFolderChildren() throws Exception + { + STEP("Create a new record folder with a record inside"); + RecordCategoryChild notEmptyRecFolder = createRecordFolder(recordCategory.getId(), PREFIX + "notEmptyRecFolder"); + createElectronicRecord(notEmptyRecFolder.getId(), PREFIX + "record"); + + STEP("Add the record folder to a hold."); + holdsAPI.addItemToHold(rmAdmin.getUsername(), rmAdmin.getPassword(), notEmptyRecFolder.getId(), HOLD1); + + STEP("Clean audit logs."); + rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + + STEP("Remove record folder from hold."); + holdsAPI.removeItemFromHold(rmAdmin.getUsername(), rmAdmin.getPassword(), notEmptyRecFolder.getId(), HOLD1); + + STEP("Get the list of audit entries for the remove from hold event."); + auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, + REMOVE_FROM_HOLD.event); + + STEP("Check the audit log contains only an entry for remove from hold."); + assertEquals("The list of events should not contain Remove from Hold entry for the record", 1, + auditEntries.size()); + //TODO check content name + } + + /** + * Given a document/record/record folder is removed from multiple holds + * When I view the audit log + * Then multiple entries have been created in the audit log for each remove from hold event + */ + @Test + public void removeFromHoldIsAuditedInBulkRemoval() + { + STEP("Clean audit logs."); + rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + + STEP("Remove record folder from multiple holds."); + holdsAPI.removeItemsFromHolds(rmAdmin.getUsername(), rmAdmin.getPassword(), + Collections.singletonList(heldRecordFolder.getId()), asList(HOLD1, HOLD2)); + + STEP("Get the list of audit entries for the remove from hold event."); + auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, + REMOVE_FROM_HOLD.event); + + STEP("Check the audit log contains entries for both removal."); + assertEquals("The list of events should contain remove from Hold entries for both holds", 2, + auditEntries.size()); + assertTrue("The hold name value for the first remove from hold is not audited.", + auditEntries.stream().anyMatch(entry -> entry.getNodeName().equals(HOLD1))); + assertTrue("The hold name value for the second remove from hold is not audited.", + auditEntries.stream().anyMatch(entry -> entry.getNodeName().equals(HOLD2))); + } + + /** + * Given a document/record/record folder is removed from a hold + * When I view the audit log as an user with no Read permissions over the hold or the node + * Then the remove from hold entry isn't visible + */ + @Test (dataProvider = "invalidUsersForRemoveFromHold") + public void removeFromHoldAuditEntryNotVisible(UserModel user) + { + STEP("Clean audit logs."); + rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + + STEP("Remove held content from a hold."); + holdsAPI.removeItemFromHold(rmAdmin.getUsername(), rmAdmin.getPassword(), heldContent.getNodeRefWithoutVersion(), HOLD1); + + STEP("Get the list of audit entries for the remove from hold event as an user with no Read permissions."); + auditEntries = rmAuditAPI.getRMAuditLog(user.getUsername(), user.getPassword(), 100, REMOVE_FROM_HOLD.event); + + STEP("Check the audit log doesn't contain the entry for the remove from hold event."); + assertTrue("The list of events should not contain Remove from Hold entry ", auditEntries.isEmpty()); + } + + @AfterClass (alwaysRun = true) + public void cleanUpAuditHoldTests() + { + holdsList.forEach(hold -> holdsAPI.deleteHold(getAdminUser().getUsername(), getAdminUser().getPassword(), hold)); + dataSite.usingAdmin().deleteSite(privateSite); + asList(rmAdmin, rmManagerNoRightsOnHold, rmManagerNoRightsOnNode).forEach(user -> getDataUser().usingAdmin().deleteUser(user)); + getRestAPIFactory().getRecordCategoryAPI().deleteRecordCategory(recordCategory.getId()); + } +} diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditUserEventsTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditUserEventsTests.java index a71094bcd7..6f29159520 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditUserEventsTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditUserEventsTests.java @@ -66,7 +66,7 @@ public class AuditUserEventsTests extends BaseRMRestTest */ @Test @AlfrescoTest(jira = "RM-6223") - public void createUserEventIsAudited() throws Exception + public void createUserEventIsAudited() { STEP("Create a new user."); String userName = "auditCreateUser" + PREFIX; diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/hold/AddToHoldsTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/hold/AddToHoldsTests.java index 2476370482..636c453077 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/hold/AddToHoldsTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/hold/AddToHoldsTests.java @@ -108,7 +108,7 @@ public class AddToHoldsTests extends BaseRMRestTest private ContentActions contentActions; @BeforeClass (alwaysRun = true) - public void preconditionForAddContentToHold() throws Exception + public void preconditionForAddContentToHold() { STEP("Create a hold."); holdNodeRef = holdsAPI.createHoldAndGetNodeRef(getAdminUser().getUsername(), getAdminUser().getUsername(), @@ -174,7 +174,7 @@ public class AddToHoldsTests extends BaseRMRestTest * Valid nodes to be added to hold */ @DataProvider (name = "validNodesForAddToHold") - public Object[][] getValidNodesForAddToHold() throws Exception + public Object[][] getValidNodesForAddToHold() { //create electronic and nonElectronic record in record folder RecordCategoryChild recordFolder = createCategoryFolderInFilePlan(); @@ -354,7 +354,7 @@ public class AddToHoldsTests extends BaseRMRestTest } @AfterClass (alwaysRun = true) - public void cleanUpAddContentToHold() throws Exception + public void cleanUpAddContentToHold() { holdsAPI.deleteHold(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD); dataSite.usingAdmin().deleteSite(testSite); From f68505c967731ecee3330b3ac1d097f18e88ba21 Mon Sep 17 00:00:00 2001 From: cagache Date: Tue, 5 Nov 2019 16:45:26 +0200 Subject: [PATCH 03/14] update method names --- .../alfresco/rest/rm/community/audit/AuditAddToHoldTests.java | 2 +- .../rest/rm/community/audit/AuditCreateHoldTests.java | 2 +- .../rest/rm/community/audit/AuditDeleteHoldTests.java | 2 +- .../rest/rm/community/audit/AuditRemoveFromHoldTests.java | 4 ++-- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java index da0c855b69..4385381532 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java @@ -292,7 +292,7 @@ public class AuditAddToHoldTests extends BaseRMRestTest } @AfterClass (alwaysRun = true) - public void cleanUpAuditHoldTests() + public void cleanUpAuditAddToHoldTests() { holdsList.forEach(hold -> holdsAPI.deleteHold(getAdminUser().getUsername(), getAdminUser().getPassword(), hold)); dataSite.usingAdmin().deleteSite(privateSite); diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditCreateHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditCreateHoldTests.java index 9ef62b20ee..f94f746036 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditCreateHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditCreateHoldTests.java @@ -186,7 +186,7 @@ public class AuditCreateHoldTests extends BaseRMRestTest } @AfterClass (alwaysRun = true) - public void cleanUpAuditHoldTests() + public void cleanUpAuditCreateHoldTests() { asList(HOLD1, HOLD2, HOLD3).forEach(hold -> holdsAPI.deleteHold(getAdminUser().getUsername(), getAdminUser().getPassword(), hold)); diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java index fdbada737e..38744ae07e 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java @@ -161,7 +161,7 @@ public class AuditDeleteHoldTests extends BaseRMRestTest } @AfterClass (alwaysRun = true) - public void cleanUpAuditHoldTests() + public void cleanUpAuditDeleteHoldTests() { holdsAPI.deleteHold(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD); asList(rmAdmin, rmManager).forEach(user -> getDataUser().usingAdmin().deleteUser(user)); diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java index e7448a8471..6820af14a3 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java @@ -82,7 +82,7 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest private FileModel heldContent; @BeforeClass (alwaysRun = true) - public void createAuditHoldTestsPrecondition() throws Exception + public void preconditionForAuditRemoveFromHoldTests() throws Exception { STEP("Create an user with full rights to remove content from a hold."); rmAdmin = roleService.createUserWithRMRole(UserRoles.ROLE_RM_ADMIN.roleId); @@ -327,7 +327,7 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest } @AfterClass (alwaysRun = true) - public void cleanUpAuditHoldTests() + public void cleanUpAuditRemoveFromHoldTests() { holdsList.forEach(hold -> holdsAPI.deleteHold(getAdminUser().getUsername(), getAdminUser().getPassword(), hold)); dataSite.usingAdmin().deleteSite(privateSite); From b2a0e4082cace1d97fff17b294730f1d9282ff7a Mon Sep 17 00:00:00 2001 From: cagache Date: Wed, 6 Nov 2019 17:18:23 +0200 Subject: [PATCH 04/14] Refactored audit tests and holds api --- .../java/org/alfresco/rest/v0/HoldsAPI.java | 82 ++++++------ .../rest/v0/service/RMAuditService.java | 104 +++++++++++++++ .../community/audit/AuditAddToHoldTests.java | 102 ++++++--------- .../community/audit/AuditCreateHoldTests.java | 88 ++++++------- .../community/audit/AuditDeleteHoldTests.java | 89 ++++++------- .../audit/AuditGroupEventsTests.java | 79 ++++-------- .../audit/AuditLoginEventsTests.java | 17 +-- .../audit/AuditRemoveFromHoldTests.java | 121 ++++++++---------- .../community/audit/AuditUserEventsTests.java | 34 ++--- .../DeclareAndFileDocumentAsRecordTests.java | 7 +- .../rm/community/hold/AddToHoldsTests.java | 4 +- .../community/hold/RemoveFromHoldsTests.java | 6 +- 12 files changed, 363 insertions(+), 370 deletions(-) create mode 100644 rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/service/RMAuditService.java diff --git a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/HoldsAPI.java b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/HoldsAPI.java index 113eb01cb5..da9949bd9e 100644 --- a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/HoldsAPI.java +++ b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/HoldsAPI.java @@ -81,18 +81,27 @@ public class HoldsAPI extends BaseAPI * @param holdName the hold name * @param reason hold reason * @param description hold description - * @return The HTTP response (or null if no POST call was needed). + * @return The HTTP response. */ - public HttpResponse createHold(String user, String password, - String holdName, String reason, String description) + public HttpResponse createHold(String user, String password, String holdName, String reason, String description) + { + return createHold(user, password, holdName, reason, description, SC_OK); + } + + /** + * Util method to create a hold + * + * @param user the user creating the hold + * @param password the user's password + * @param holdName the hold name + * @param reason hold reason + * @param description hold description + * @param expectedStatusCode The expected return status code. + * @return The HTTP response or throws AssertionError if the returned status code is not as expected. + */ + public HttpResponse createHold(String user, String password, String holdName, String reason, String description, + int expectedStatusCode) { - // if the hold already exists don't try to create it again - final String fullHoldPath = Utility.buildPath(getFilePlanPath(), HOLDS_CONTAINER) + holdName; - final CmisObject hold = getObjectByPath(user, password, fullHoldPath); - if (hold != null) - { - return null; - } // retrieve the Holds container nodeRef final String parentNodeRef = getItemNodeRef(user, password, "/" + HOLDS_CONTAINER); @@ -102,11 +111,7 @@ public class HoldsAPI extends BaseAPI requestParams.put("prop_cm_description", description); requestParams.put("prop_rma_holdReason", reason); - // Make the POST request and throw an assertion error if it fails. - final HttpResponse httpResponse = doPostJsonRequest(user, password, SC_OK, requestParams, CREATE_HOLDS_API); - assertNotNull("Expected object to have been created at " + fullHoldPath, - getObjectByPath(user, password, fullHoldPath)); - return httpResponse; + return doPostJsonRequest(user, password, expectedStatusCode, requestParams, CREATE_HOLDS_API); } /** @@ -179,7 +184,10 @@ public class HoldsAPI extends BaseAPI */ public HttpResponse addItemsToHolds(String user, String password, List itemNodeRefs, List holdNames) { - return addItemsToHolds(user, password, SC_OK, itemNodeRefs, holdNames); + final List holdNodeRefs = holdNames.stream() + .map(hold -> getItemNodeRef(user, password, String.format("/%s/%s", HOLDS_CONTAINER, hold))) + .collect(Collectors.toList()); + return addItemsToHolds(user, password, SC_OK, itemNodeRefs, holdNodeRefs); } /** @@ -188,13 +196,13 @@ public class HoldsAPI extends BaseAPI * @param user the user who adds the items to the holds * @param password the user's password * @param itemNodeRefs the list of items nodeRefs to be added to holds - * @param holdNames the list of holds + * @param holdNodeRefs the list of holds * @return The HTTP response */ public HttpResponse addItemsToHolds(String user, String password, int expectedStatus, List itemNodeRefs, - List holdNames) + List holdNodeRefs) { - final JSONObject requestParams = addOrRemoveToFromHoldJsonObject(user, password, itemNodeRefs, holdNames); + final JSONObject requestParams = addOrRemoveToFromHoldJsonObject(itemNodeRefs, holdNodeRefs); return doPostJsonRequest(user, password, expectedStatus, requestParams, RM_HOLDS_API); } @@ -204,35 +212,30 @@ public class HoldsAPI extends BaseAPI * @param user the user who adds the item to the hold * @param password the user's password * @param itemNodeRef the nodeRef of the item to be added to hold - * @param holdName the hold name + * @param holdNodeRef the hold node ref * @return The error message */ public String addToHoldAndGetMessage(String user, String password, int expectedStatus, String itemNodeRef, String - holdName) + holdNodeRef) { final HttpResponse httpResponse = addItemsToHolds(user, password, expectedStatus, Collections.singletonList(itemNodeRef), - Collections.singletonList(holdName)); + Collections.singletonList(holdNodeRef)); return APIUtils.extractErrorMessageFromHttpResponse(httpResponse); } /** * Util method to create the request body used when adding items to holds or when removing items from holds * - * @param user user to create the request body for add/remove an item to/from hold - * @param password the user's password - * @param items list of items node refs to be added to holds - * @param holdNames list of hold names for add/remove items + * @param items list of items node refs to be added to holds + * @param holdNodeRefs list of hold node refs for add/remove items * @return JSONObject fo */ - private JSONObject addOrRemoveToFromHoldJsonObject(String user, String password, List items, List holdNames) + private JSONObject addOrRemoveToFromHoldJsonObject(List items, List holdNodeRefs) { final JSONArray nodeRefs = new JSONArray(); items.forEach(itemNodeRef -> nodeRefs.put(getNodeRefSpacesStore() + itemNodeRef)); - final List holdNodeRefs = holdNames.stream().map(hold -> - getNodeRefSpacesStore() + getItemNodeRef(user, password, String.format("/%s/%s", HOLDS_CONTAINER, hold))) - .collect(Collectors.toList()); final JSONArray holds = new JSONArray(); - holdNodeRefs.forEach(holds::put); + holdNodeRefs.forEach(holdNodeRef -> holds.put(getNodeRefSpacesStore() + holdNodeRef)); final JSONObject requestParams = new JSONObject(); requestParams.put("nodeRefs", nodeRefs); requestParams.put("holds", holds); @@ -264,7 +267,10 @@ public class HoldsAPI extends BaseAPI */ public HttpResponse removeItemsFromHolds(String user, String password, List itemNodeRefs, List holdNames) { - return removeItemsFromHolds(user, password, SC_OK, itemNodeRefs, holdNames); + final List holdNodeRefs = holdNames.stream() + .map(hold -> getItemNodeRef(user, password, String.format("/%s/%s", HOLDS_CONTAINER, hold))) + .collect(Collectors.toList()); + return removeItemsFromHolds(user, password, SC_OK, itemNodeRefs, holdNodeRefs); } /** @@ -274,13 +280,13 @@ public class HoldsAPI extends BaseAPI * @param password the user's password * @param expectedStatus https status code expected * @param itemNodeRefs the list of items nodeRefs to be removed from hold - * @param holdNames the list of hold names + * @param holdNodeRefs the list of hold node refs * @return The HTTP response */ public HttpResponse removeItemsFromHolds(String user, String password, int expectedStatus, List itemNodeRefs, - List holdNames) + List holdNodeRefs) { - final JSONObject requestParams = addOrRemoveToFromHoldJsonObject(user, password, itemNodeRefs, holdNames); + final JSONObject requestParams = addOrRemoveToFromHoldJsonObject(itemNodeRefs, holdNodeRefs); return doPutJsonRequest(user, password, expectedStatus, requestParams, RM_HOLDS_API); } @@ -290,14 +296,14 @@ public class HoldsAPI extends BaseAPI * @param user the user who removes the item from hold * @param password the user's password * @param itemNodeRef the nodeRef of the item to be removed from hold - * @param holdName the hold name + * @param holdNodeRef the hold node ref * @return The error message */ public String removeFromHoldAndGetMessage(String user, String password, int expectedStatus, String itemNodeRef, String - holdName) + holdNodeRef) { final HttpResponse httpResponse = removeItemsFromHolds(user, password, expectedStatus, Collections.singletonList(itemNodeRef), - Collections.singletonList(holdName)); + Collections.singletonList(holdNodeRef)); return APIUtils.extractErrorMessageFromHttpResponse(httpResponse); } diff --git a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/service/RMAuditService.java b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/service/RMAuditService.java new file mode 100644 index 0000000000..31a5e5a3a4 --- /dev/null +++ b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/service/RMAuditService.java @@ -0,0 +1,104 @@ +/* + * #%L + * Alfresco Records Management Module + * %% + * Copyright (C) 2005 - 2019 Alfresco Software Limited + * %% + * This file is part of the Alfresco software. + * - + * If the software was purchased under a paid Alfresco license, the terms of + * the paid license agreement will prevail. Otherwise, the software is + * provided under the following open source license terms: + * - + * Alfresco is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * - + * Alfresco is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * - + * You should have received a copy of the GNU Lesser General Public License + * along with Alfresco. If not, see . + * #L% + */ +package org.alfresco.rest.v0.service; + +import static org.alfresco.utility.report.log.Step.STEP; +import static org.testng.AssertJUnit.assertTrue; + +import java.time.Instant; +import java.util.List; + +import org.alfresco.rest.rm.community.model.audit.AuditEntry; +import org.alfresco.rest.rm.community.model.audit.AuditEvents; +import org.alfresco.rest.v0.RMAuditAPI; +import org.alfresco.utility.data.DataUser; +import org.alfresco.utility.model.UserModel; +import org.apache.commons.collections4.CollectionUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +/** + * Produces processed results from RM Audit REST API calls + * + * @author Claudia Agache + * @since 3.3 + */ +@Service +public class RMAuditService +{ + @Autowired + private RMAuditAPI rmAuditAPI; + + @Autowired + private DataUser dataUser; + + /** + * Clear the list of audit entries as admin user. + */ + public void clearAuditLog() + { + STEP("Clean audit logs."); + rmAuditAPI.clearAuditLog(dataUser.getAdminUser().getUsername(), dataUser.getAdminUser().getPassword()); + } + + /** + * Returns a list of rm audit entries filtered by given event + * + * @param user the user who requests the list of rm audit entries + * @param auditEvent the event + * @return the list of audit entries matching the event + */ + public List getAuditEntriesFilteredByEvent(UserModel user, AuditEvents auditEvent) + { + STEP("Get the list of audit entries for the " + auditEvent.eventDisplayName + " event."); + return rmAuditAPI.getRMAuditLog(user.getUsername(), user.getPassword(), 100, auditEvent.event); + } + + /** + * Checks the rm audit log contains the entry for the given event. + * + * @param user the user who checks the audit log + * @param auditEvent the audited event + * @param auditUser the user who did the audited event + * @param nodeName the audited node name if exists or empty string + * @param changedValues the values changed by event if exist or empty list + */ + public void checkAuditLogForEvent(UserModel user, AuditEvents auditEvent, UserModel auditUser, + String nodeName, List changedValues) + { + final Instant eventTimestamp = Instant.now(); + List auditEntries = getAuditEntriesFilteredByEvent(user, auditEvent); + assertTrue("The list of events is not filtered by " + auditEvent.event, + auditEntries.stream().allMatch(auditEntry -> auditEntry.getEvent().equals(auditEvent.eventDisplayName))); + assertTrue("The event details are not audited", + auditEntries.stream().anyMatch(auditEntry -> auditEntry.getNodeName().equals(nodeName) && + auditEntry.getUserName().equals(auditUser.getUsername()) && + CollectionUtils.isEqualCollection(auditEntry.getChangedValues(), changedValues) && + !auditEntry.getTimestamp().isEmpty() && + Instant.parse(auditEntry.getTimestamp()).compareTo(eventTimestamp) <= 0)); + } +} diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java index 4385381532..6bebd31ddb 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java @@ -4,9 +4,24 @@ * %% * Copyright (C) 2005 - 2019 Alfresco Software Limited * %% - * License rights for this program may be obtained from Alfresco Software, Ltd. - * pursuant to a written agreement and any use of this program without such an - * agreement is prohibited. + * This file is part of the Alfresco software. + * - + * If the software was purchased under a paid Alfresco license, the terms of + * the paid license agreement will prevail. Otherwise, the software is + * provided under the following open source license terms: + * - + * Alfresco is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * - + * Alfresco is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * - + * You should have received a copy of the GNU Lesser General Public License + * along with Alfresco. If not, see . * #L% */ package org.alfresco.rest.rm.community.audit; @@ -19,10 +34,9 @@ import static org.alfresco.rest.rm.community.model.audit.AuditEvents.ADD_TO_HOLD import static org.alfresco.rest.rm.community.util.CommonTestUtils.generateTestPrefix; import static org.alfresco.utility.data.RandomData.getRandomName; import static org.alfresco.utility.report.log.Step.STEP; +import static org.apache.commons.httpclient.HttpStatus.SC_INTERNAL_SERVER_ERROR; import static org.testng.AssertJUnit.assertEquals; -import static org.testng.AssertJUnit.assertFalse; import static org.testng.AssertJUnit.assertTrue; -import static org.testng.AssertJUnit.fail; import java.util.Collections; import java.util.List; @@ -36,7 +50,7 @@ import org.alfresco.rest.rm.community.model.recordcategory.RecordCategoryChild; import org.alfresco.rest.rm.community.model.user.UserPermissions; import org.alfresco.rest.rm.community.model.user.UserRoles; import org.alfresco.rest.v0.HoldsAPI; -import org.alfresco.rest.v0.RMAuditAPI; +import org.alfresco.rest.v0.service.RMAuditService; import org.alfresco.rest.v0.service.RoleService; import org.alfresco.test.AlfrescoTest; import org.alfresco.utility.constants.UserRole; @@ -63,7 +77,7 @@ public class AuditAddToHoldTests extends BaseRMRestTest private final String HOLD2 = PREFIX + "hold2"; @Autowired - private RMAuditAPI rmAuditAPI; + private RMAuditService rmAuditService; @Autowired private HoldsAPI holdsAPI; @Autowired @@ -75,13 +89,13 @@ public class AuditAddToHoldTests extends BaseRMRestTest private RecordCategoryChild recordFolder; private List auditEntries; private List holdsList = asList(HOLD1, HOLD2); - private AuditEntry auditEntry; + private String hold1NodeRef; @BeforeClass (alwaysRun = true) public void preconditionForAuditAddToHoldTests() throws Exception { STEP("Create 2 holds."); - String hold1NodeRef = holdsAPI.createHoldAndGetNodeRef(getAdminUser().getUsername(), + hold1NodeRef = holdsAPI.createHoldAndGetNodeRef(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD1, HOLD_REASON, HOLD_DESCRIPTION); holdsAPI.createHold(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD2, HOLD_REASON, HOLD_DESCRIPTION); @@ -154,27 +168,14 @@ public class AuditAddToHoldTests extends BaseRMRestTest @Test (dataProvider = "validNodesForAddToHold") public void addToHoldEventIsAudited(String nodeId, String nodeName) { - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Add node to hold."); holdsAPI.addItemToHold(rmAdmin.getUsername(), rmAdmin.getPassword(), nodeId, HOLD1); - STEP("Get the list of audit entries for the add to hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - ADD_TO_HOLD.event); - - STEP("Check the audit log contains the entry for the add to hold."); - assertFalse("The list of events should contain Add To Hold entry ", auditEntries.isEmpty()); - auditEntry = auditEntries.get(0); - assertTrue("The list of events is not filtered by Add To Hold", - auditEntry.getEvent().equals(ADD_TO_HOLD.eventDisplayName)); - assertTrue("The hold name value for the add to hold is not audited.", - auditEntry.getNodeName().equals(HOLD1)); - assertTrue("The user who added the node to the hold is not audited.", - auditEntry.getUserName().equals(rmAdmin.getUsername())); - assertFalse("The date when the add to hold occurred is not audited.", auditEntry.getTimestamp().isEmpty()); - //TODO check content name + STEP("Check the audit log contains the entry for the add to hold event."); + rmAuditService.checkAuditLogForEvent(getAdminUser(), ADD_TO_HOLD, rmAdmin, HOLD1, Collections.emptyList()); + //TODO replace changed values } /** @@ -188,25 +189,16 @@ public class AuditAddToHoldTests extends BaseRMRestTest STEP("Create a new record"); Record recordToBeAdded = createElectronicRecord(recordFolder.getId(), PREFIX + "record"); - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Try to add the record to a hold by an user with no rights."); - try - { - holdsAPI.addItemToHold(rmManagerNoRightsOnHold.getUsername(), rmManagerNoRightsOnHold.getPassword(), - recordToBeAdded.getId(), HOLD1); - fail("Add to hold action was successful."); - } - catch (Exception e) - { - STEP("Get the list of audit entries for the add to hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - ADD_TO_HOLD.event); + holdsAPI.addItemsToHolds(rmManagerNoRightsOnHold.getUsername(), rmManagerNoRightsOnHold.getPassword(), + SC_INTERNAL_SERVER_ERROR, Collections.singletonList(recordToBeAdded.getId()), + Collections.singletonList(hold1NodeRef)); - STEP("Check the audit log doesn't contain the entry for the unsuccessful add to hold."); - assertTrue("The list of events should not contain Add to Hold entry ", auditEntries.isEmpty()); - } + STEP("Check the audit log doesn't contain the entry for the unsuccessful add to hold."); + assertTrue("The list of events should not contain Add to Hold entry ", + rmAuditService.getAuditEntriesFilteredByEvent(getAdminUser(), ADD_TO_HOLD).isEmpty()); } /** @@ -221,15 +213,12 @@ public class AuditAddToHoldTests extends BaseRMRestTest RecordCategoryChild notEmptyRecFolder = createRecordFolder(recordCategory.getId(), PREFIX + "notEmptyRecFolder"); createElectronicRecord(notEmptyRecFolder.getId(), PREFIX + "record"); - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Add record folder to hold."); holdsAPI.addItemToHold(rmAdmin.getUsername(), rmAdmin.getPassword(), notEmptyRecFolder.getId(), HOLD1); - STEP("Get the list of audit entries for the add to hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - ADD_TO_HOLD.event); + auditEntries = rmAuditService.getAuditEntriesFilteredByEvent(getAdminUser(), ADD_TO_HOLD); STEP("Check the audit log contains only an entry for add to hold."); assertEquals("The list of events should not contain Add to Hold entry for the record", 1, auditEntries.size()); @@ -247,16 +236,13 @@ public class AuditAddToHoldTests extends BaseRMRestTest STEP("Create a new record"); Record recordToBeAdded = createElectronicRecord(recordFolder.getId(), PREFIX + "record"); - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Add record to multiple holds."); holdsAPI.addItemsToHolds(rmAdmin.getUsername(), rmAdmin.getPassword(), Collections.singletonList(recordToBeAdded.getId()), holdsList); - STEP("Get the list of audit entries for the add to hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - ADD_TO_HOLD.event); + auditEntries = rmAuditService.getAuditEntriesFilteredByEvent(getAdminUser(), ADD_TO_HOLD); STEP("Check the audit log contains entries for both additions."); assertEquals("The list of events should contain Add to Hold entries for both holds", 2, auditEntries.size()); @@ -277,18 +263,14 @@ public class AuditAddToHoldTests extends BaseRMRestTest STEP("Create a new file"); FileModel contentToBeAdded = dataContent.usingAdmin().usingSite(privateSite) .createContent(CMISUtil.DocumentType.TEXT_PLAIN); - - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Add file to hold."); holdsAPI.addItemToHold(rmAdmin.getUsername(), rmAdmin.getPassword(), contentToBeAdded.getNodeRefWithoutVersion(), HOLD1); - STEP("Get the list of audit entries for the add to hold event as an user with no Read permissions."); - auditEntries = rmAuditAPI.getRMAuditLog(user.getUsername(), user.getPassword(), 100, ADD_TO_HOLD.event); - - STEP("Check the audit log doesn't contain the entry for the add to hold event."); - assertTrue("The list of events should not contain Add to Hold entry ", auditEntries.isEmpty()); + STEP("Check that an user with no Read permissions can't see the entry for the add to hold event."); + assertTrue("The list of events should not contain Add to Hold entry ", + rmAuditService.getAuditEntriesFilteredByEvent(user, ADD_TO_HOLD).isEmpty()); } @AfterClass (alwaysRun = true) diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditCreateHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditCreateHoldTests.java index f94f746036..6789ff11ba 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditCreateHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditCreateHoldTests.java @@ -4,9 +4,24 @@ * %% * Copyright (C) 2005 - 2019 Alfresco Software Limited * %% - * License rights for this program may be obtained from Alfresco Software, Ltd. - * pursuant to a written agreement and any use of this program without such an - * agreement is prohibited. + * This file is part of the Alfresco software. + * - + * If the software was purchased under a paid Alfresco license, the terms of + * the paid license agreement will prevail. Otherwise, the software is + * provided under the following open source license terms: + * - + * Alfresco is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * - + * Alfresco is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * - + * You should have received a copy of the GNU Lesser General Public License + * along with Alfresco. If not, see . * #L% */ package org.alfresco.rest.rm.community.audit; @@ -18,8 +33,8 @@ import static org.alfresco.rest.rm.community.base.TestData.HOLD_REASON; import static org.alfresco.rest.rm.community.model.audit.AuditEvents.CREATE_HOLD; import static org.alfresco.rest.rm.community.util.CommonTestUtils.generateTestPrefix; import static org.alfresco.utility.report.log.Step.STEP; +import static org.apache.commons.httpclient.HttpStatus.SC_INTERNAL_SERVER_ERROR; import static org.testng.AssertJUnit.assertEquals; -import static org.testng.AssertJUnit.assertFalse; import static org.testng.AssertJUnit.assertTrue; import java.util.List; @@ -30,7 +45,7 @@ import org.alfresco.rest.rm.community.base.BaseRMRestTest; import org.alfresco.rest.rm.community.model.audit.AuditEntry; import org.alfresco.rest.rm.community.model.user.UserRoles; import org.alfresco.rest.v0.HoldsAPI; -import org.alfresco.rest.v0.RMAuditAPI; +import org.alfresco.rest.v0.service.RMAuditService; import org.alfresco.rest.v0.service.RoleService; import org.alfresco.test.AlfrescoTest; import org.alfresco.utility.model.UserModel; @@ -54,14 +69,13 @@ public class AuditCreateHoldTests extends BaseRMRestTest private final String HOLD3 = PREFIX + "createHold3"; @Autowired - private RMAuditAPI rmAuditAPI; + private RMAuditService rmAuditService; @Autowired private HoldsAPI holdsAPI; @Autowired private RoleService roleService; private UserModel rmAdmin, rmManager; - private List auditEntries; @BeforeClass (alwaysRun = true) public void preconditionForAuditCreateHoldTests() @@ -83,28 +97,15 @@ public class AuditCreateHoldTests extends BaseRMRestTest @Test public void createHoldEventIsAuditedForNewHold() { - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Create a new hold."); holdsAPI.createHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD1, HOLD_REASON, HOLD_DESCRIPTION); - STEP("Get the list of audit entries for the create hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - CREATE_HOLD.event); - STEP("Check the audit log contains the entry for the created hold with the hold details."); - assertFalse("The list of events should contain Create Hold entry ", auditEntries.isEmpty()); - AuditEntry auditEntry = auditEntries.get(0); - assertTrue("The list of events is not filtered by Create Hold", - auditEntry.getEvent().equals(CREATE_HOLD.eventDisplayName)); - assertTrue("The hold name value for the hold created is not audited.", auditEntry.getNodeName().equals(HOLD1)); - assertTrue("The hold reason value for the hold created is not audited.", - auditEntry.getChangedValues().contains( - ImmutableMap.of("new", HOLD_REASON, "previous", "", "name", "Hold Reason"))); - assertTrue("The user who created the hold is not audited.", - auditEntry.getUserName().equals(rmAdmin.getUsername())); - assertFalse("The date when the hold creation occurred is not audited.", auditEntry.getTimestamp().isEmpty()); + rmAuditService.checkAuditLogForEvent(getAdminUser(), CREATE_HOLD, rmAdmin, HOLD1, + asList(ImmutableMap.of("new", HOLD_REASON, "previous", "", "name", "Hold Reason"), + ImmutableMap.of("new", HOLD1, "previous", "", "name", "Name"))); } /** @@ -118,18 +119,15 @@ public class AuditCreateHoldTests extends BaseRMRestTest STEP("Create a new hold."); holdsAPI.createHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2, HOLD_REASON, HOLD_DESCRIPTION); - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); - STEP("Try to create again the same hold."); - holdsAPI.createHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2, HOLD_REASON, HOLD_DESCRIPTION); - - STEP("Get the list of audit entries for the create hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - CREATE_HOLD.event); + STEP("Try to create again the same hold and expect action to fail."); + holdsAPI.createHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2, HOLD_REASON, HOLD_DESCRIPTION, + SC_INTERNAL_SERVER_ERROR); STEP("Check the audit log doesn't contain the entry for the second create hold event."); - assertTrue("The list of events should not contain Create Hold entry ", auditEntries.isEmpty()); + assertTrue("The list of events should not contain Create Hold entry ", + rmAuditService.getAuditEntriesFilteredByEvent(getAdminUser(), CREATE_HOLD).isEmpty()); } /** @@ -141,26 +139,22 @@ public class AuditCreateHoldTests extends BaseRMRestTest public void createHoldAuditEntryIsNotLost() { final String holdName = PREFIX + "holdToBeDeleted"; - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Create a new hold."); holdsAPI.createHold(rmAdmin.getUsername(), rmAdmin.getPassword(), holdName, HOLD_REASON, HOLD_DESCRIPTION); STEP("Get the list of audit entries for the create hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - CREATE_HOLD.event); + List auditEntries = rmAuditService.getAuditEntriesFilteredByEvent(getAdminUser(), CREATE_HOLD); STEP("Delete the created hold."); holdsAPI.deleteHold(rmAdmin.getUsername(), rmAdmin.getPassword(), holdName); STEP("Get again the list of audit entries for the create hold event."); - List auditEntriesAfterDelete = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), - getAdminUser().getPassword(), 100, CREATE_HOLD.event); + List auditEntriesAfterDelete = rmAuditService.getAuditEntriesFilteredByEvent(getAdminUser(), CREATE_HOLD); STEP("Check that the audit entry for the created hold didn't change after hold deletion."); - assertEquals("The list of events is not filtered by Create Hold", - auditEntries, auditEntriesAfterDelete); + assertEquals("The audit entry for Create Hold has been changed", auditEntries, auditEntriesAfterDelete); } /** @@ -171,18 +165,14 @@ public class AuditCreateHoldTests extends BaseRMRestTest @Test public void createHoldAuditEntryNotVisible() { - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Create a new hold."); holdsAPI.createHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD3, HOLD_REASON, HOLD_DESCRIPTION); - STEP("Get the list of audit entries for the create hold event as an user with no Read permissions over the hold."); - auditEntries = rmAuditAPI.getRMAuditLog(rmManager.getUsername(), rmManager.getPassword(), 100, - CREATE_HOLD.event); - - STEP("Check the audit log doesn't contain the entry for the create hold event."); - assertTrue("The list of events should not contain Create Hold entry ", auditEntries.isEmpty()); + STEP("Check that an user with no Read permissions over the hold can't see the entry for the create hold event"); + assertTrue("The list of events should not contain Create Hold entry ", + rmAuditService.getAuditEntriesFilteredByEvent(rmManager, CREATE_HOLD).isEmpty()); } @AfterClass (alwaysRun = true) diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java index 38744ae07e..94cec954f7 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java @@ -4,9 +4,24 @@ * %% * Copyright (C) 2005 - 2019 Alfresco Software Limited * %% - * License rights for this program may be obtained from Alfresco Software, Ltd. - * pursuant to a written agreement and any use of this program without such an - * agreement is prohibited. + * This file is part of the Alfresco software. + * - + * If the software was purchased under a paid Alfresco license, the terms of + * the paid license agreement will prevail. Otherwise, the software is + * provided under the following open source license terms: + * - + * Alfresco is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * - + * Alfresco is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * - + * You should have received a copy of the GNU Lesser General Public License + * along with Alfresco. If not, see . * #L% */ package org.alfresco.rest.rm.community.audit; @@ -17,18 +32,17 @@ import static org.alfresco.rest.rm.community.base.TestData.HOLD_DESCRIPTION; import static org.alfresco.rest.rm.community.base.TestData.HOLD_REASON; import static org.alfresco.rest.rm.community.model.audit.AuditEvents.DELETE_HOLD; import static org.alfresco.rest.rm.community.util.CommonTestUtils.generateTestPrefix; +import static org.alfresco.rest.rm.community.utils.CoreUtil.toContentModel; import static org.alfresco.utility.report.log.Step.STEP; -import static org.testng.AssertJUnit.assertFalse; +import static org.springframework.http.HttpStatus.FORBIDDEN; import static org.testng.AssertJUnit.assertTrue; -import static org.testng.AssertJUnit.fail; -import java.util.List; +import java.util.Collections; import org.alfresco.rest.rm.community.base.BaseRMRestTest; -import org.alfresco.rest.rm.community.model.audit.AuditEntry; import org.alfresco.rest.rm.community.model.user.UserRoles; import org.alfresco.rest.v0.HoldsAPI; -import org.alfresco.rest.v0.RMAuditAPI; +import org.alfresco.rest.v0.service.RMAuditService; import org.alfresco.rest.v0.service.RoleService; import org.alfresco.test.AlfrescoTest; import org.alfresco.utility.model.UserModel; @@ -51,20 +65,21 @@ public class AuditDeleteHoldTests extends BaseRMRestTest private final String HOLD2 = PREFIX + "deleteHold"; @Autowired - private RMAuditAPI rmAuditAPI; + private RMAuditService rmAuditService; @Autowired private HoldsAPI holdsAPI; @Autowired private RoleService roleService; private UserModel rmAdmin, rmManager; - private List auditEntries; + private String holdNodeRef; @BeforeClass (alwaysRun = true) public void preconditionForAuditDeleteHoldTests() { STEP("Create a new hold."); - holdsAPI.createHold(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD, HOLD_REASON, HOLD_DESCRIPTION); + holdNodeRef = holdsAPI.createHoldAndGetNodeRef(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD, + HOLD_REASON, HOLD_DESCRIPTION); STEP("Create 2 users with different permissions for the created hold."); rmAdmin = roleService.createUserWithRMRole(UserRoles.ROLE_RM_ADMIN.roleId); @@ -85,26 +100,13 @@ public class AuditDeleteHoldTests extends BaseRMRestTest STEP("Create a new hold."); holdsAPI.createHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2, HOLD_REASON, HOLD_DESCRIPTION); - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Delete the created hold."); holdsAPI.deleteHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2); - STEP("Get the list of audit entries for the delete hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - DELETE_HOLD.event); - STEP("Check the audit log contains the entry for the deleted hold with the hold details."); - assertFalse("The list of events should contain Delete Hold entry ", auditEntries.isEmpty()); - AuditEntry auditEntry = auditEntries.get(0); - assertTrue("The list of events is not filtered by Delete Hold", - auditEntry.getEvent().equals(DELETE_HOLD.eventDisplayName)); - assertTrue("The hold name value for the deleted hold is not audited.", - auditEntry.getNodeName().equals(HOLD2)); - assertTrue("The user who deleted the hold is not audited.", - auditEntry.getUserName().equals(rmAdmin.getUsername())); - assertFalse("The date when the hold deletion occurred is not audited.", auditEntry.getTimestamp().isEmpty()); + rmAuditService.checkAuditLogForEvent(getAdminUser(), DELETE_HOLD, rmAdmin, HOLD2, Collections.emptyList()); } /** @@ -113,26 +115,17 @@ public class AuditDeleteHoldTests extends BaseRMRestTest * Then the delete hold event isn't audited */ @Test - public void unsuccessfulDeleteHoldIsNotAudited() + public void unsuccessfulDeleteHoldIsNotAudited() throws Exception { - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Try to delete a hold by an user with no Read permissions over the hold."); - try - { - holdsAPI.deleteHold(rmManager.getUsername(), rmManager.getPassword(), HOLD); - fail("Delete hold action was successful."); - } - catch (Exception e) - { - STEP("Get the list of audit entries for the delete hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - DELETE_HOLD.event); + getRestAPIFactory().getNodeAPI(rmManager, toContentModel(holdNodeRef)).deleteNode(holdNodeRef); + assertStatusCode(FORBIDDEN); - STEP("Check the audit log doesn't contain the entry for the unsuccessful delete hold."); - assertTrue("The list of events should not contain Delete Hold entry ", auditEntries.isEmpty()); - } + STEP("Check the audit log doesn't contain the entry for the unsuccessful delete hold."); + assertTrue("The list of events should not contain Delete Hold entry ", + rmAuditService.getAuditEntriesFilteredByEvent(getAdminUser(), DELETE_HOLD).isEmpty()); } /** @@ -146,18 +139,14 @@ public class AuditDeleteHoldTests extends BaseRMRestTest STEP("Create a new hold."); holdsAPI.createHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2, HOLD_REASON, HOLD_DESCRIPTION); - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Delete the created hold."); holdsAPI.deleteHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2); - STEP("Get the list of audit entries for the delete hold event as an user with no Read permissions over the hold."); - auditEntries = rmAuditAPI.getRMAuditLog(rmManager.getUsername(), rmManager.getPassword(), 100, - DELETE_HOLD.event); - - STEP("Check the audit log doesn't contain the entry for the delete hold event."); - assertTrue("The list of events should not contain Delete Hold entry ", auditEntries.isEmpty()); + STEP("Check that an user with no Read permissions over the hold can't see the entry for the delete hold event."); + assertTrue("The list of events should not contain Delete Hold entry ", + rmAuditService.getAuditEntriesFilteredByEvent(rmManager, DELETE_HOLD).isEmpty()); } @AfterClass (alwaysRun = true) diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditGroupEventsTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditGroupEventsTests.java index 3443630bb6..055f138650 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditGroupEventsTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditGroupEventsTests.java @@ -26,20 +26,20 @@ */ package org.alfresco.rest.rm.community.audit; +import static java.util.Arrays.asList; + import static org.alfresco.rest.rm.community.model.audit.AuditEvents.ADD_TO_USER_GROUP; import static org.alfresco.rest.rm.community.model.audit.AuditEvents.CREATE_USER_GROUP; import static org.alfresco.rest.rm.community.model.audit.AuditEvents.DELETE_USER_GROUP; import static org.alfresco.rest.rm.community.model.audit.AuditEvents.REMOVE_FROM_USER_GROUP; import static org.alfresco.utility.report.log.Step.STEP; -import static org.testng.AssertJUnit.assertTrue; -import java.util.List; +import java.util.Collections; import com.google.common.collect.ImmutableMap; import org.alfresco.rest.rm.community.base.BaseRMRestTest; -import org.alfresco.rest.rm.community.model.audit.AuditEntry; -import org.alfresco.rest.v0.RMAuditAPI; +import org.alfresco.rest.v0.service.RMAuditService; import org.alfresco.test.AlfrescoTest; import org.alfresco.utility.model.GroupModel; import org.alfresco.utility.model.UserModel; @@ -57,16 +57,14 @@ import org.testng.annotations.Test; public class AuditGroupEventsTests extends BaseRMRestTest { @Autowired - private RMAuditAPI rmAuditAPI; - + private RMAuditService rmAuditService; private GroupModel testGroup; private UserModel testUser; @BeforeClass (alwaysRun = true) public void cleanAuditLogs() { - //clean audit logs - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); } /** @@ -79,17 +77,10 @@ public class AuditGroupEventsTests extends BaseRMRestTest { testGroup = dataGroup.createRandomGroup(); - STEP("Get the list of audit entries for the create group event."); - List auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), - getAdminUser().getPassword(), 100, CREATE_USER_GROUP.event); - - STEP("Check the audit log contains only the entries for the created group."); - assertTrue("The list of events is not filtered by " + CREATE_USER_GROUP.event, - auditEntries.stream().allMatch(auditEntry -> auditEntry.getEvent().equals(CREATE_USER_GROUP.eventDisplayName))); - - assertTrue("The group name for the new group created is not audited.", - auditEntries.stream().filter(auditEntry -> auditEntry.getEvent().equals(CREATE_USER_GROUP.eventDisplayName)) - .anyMatch(auditEntry -> auditEntry.getNodeName().equals(testGroup.getGroupIdentifier()))); + STEP("Check the audit log contains the entry for the created group."); + rmAuditService.checkAuditLogForEvent(getAdminUser(), CREATE_USER_GROUP, getAdminUser(), testGroup.getGroupIdentifier(), + Collections.singletonList(ImmutableMap.of("new", testGroup.getGroupIdentifier(), "previous", "", + "name", "authorityDisplayName"))); } /** @@ -104,19 +95,10 @@ public class AuditGroupEventsTests extends BaseRMRestTest testUser = getDataUser().createRandomTestUser(); dataGroup.usingUser(testUser).addUserToGroup(testGroup); - STEP("Get the list of audit entries for the add user to group event."); - List auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), - getAdminUser().getPassword(), 100, ADD_TO_USER_GROUP.event); - - STEP("Check the audit log contains only the entries for the add user to group event."); - assertTrue("The list of events is not filtered by " + ADD_TO_USER_GROUP.event, - auditEntries.stream().allMatch(auditEntry -> auditEntry.getEvent().equals(ADD_TO_USER_GROUP.eventDisplayName))); - - assertTrue("The username and destination group are not audited.", - auditEntries.stream().filter(auditEntry -> auditEntry.getEvent().equals(ADD_TO_USER_GROUP.eventDisplayName)) - .anyMatch(auditEntry -> auditEntry.getNodeName().equals(testGroup.getGroupIdentifier()) - && auditEntry.getChangedValues().contains(ImmutableMap.of("new", testUser.getUsername(), "previous", "", "name", "User Name")) - && auditEntry.getChangedValues().contains(ImmutableMap.of("new", testGroup.getGroupIdentifier(), "previous", "", "name", "Parent Group")))); + STEP("Check the audit log contains the entry for the add user to group event."); + rmAuditService.checkAuditLogForEvent(getAdminUser(), ADD_TO_USER_GROUP, getAdminUser(), testGroup.getGroupIdentifier(), + asList(ImmutableMap.of("new", testUser.getUsername(), "previous", "", "name", "User Name"), + ImmutableMap.of("new", testGroup.getGroupIdentifier(), "previous", "", "name", "Parent Group"))); } /** @@ -132,19 +114,10 @@ public class AuditGroupEventsTests extends BaseRMRestTest dataGroup.usingUser(testUser).addUserToGroup(testGroup); dataGroup.removeUserFromGroup(testGroup, testUser); - STEP("Get the list of audit entries for the add user to group event."); - List auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), - getAdminUser().getPassword(), 100, REMOVE_FROM_USER_GROUP.event); - - STEP("Check the audit log contains only the entries for the remove user from group event."); - assertTrue("The list of events is not filtered by " + REMOVE_FROM_USER_GROUP.event, - auditEntries.stream().allMatch(auditEntry -> auditEntry.getEvent().equals(REMOVE_FROM_USER_GROUP.eventDisplayName))); - - assertTrue("The username and previous parent group are not audited.", - auditEntries.stream().filter(auditEntry -> auditEntry.getEvent().equals(REMOVE_FROM_USER_GROUP.eventDisplayName)) - .anyMatch(auditEntry -> auditEntry.getNodeName().equals(testGroup.getGroupIdentifier()) - && auditEntry.getChangedValues().contains(ImmutableMap.of("new", "", "previous", testUser.getUsername(), "name", "User Name")) - && auditEntry.getChangedValues().contains(ImmutableMap.of("new", "","previous", testGroup.getGroupIdentifier(), "name", "Parent Group")))); + STEP("Check the audit log contains the entry for the remove user from group event."); + rmAuditService.checkAuditLogForEvent(getAdminUser(), REMOVE_FROM_USER_GROUP, getAdminUser(), testGroup.getGroupIdentifier(), + asList(ImmutableMap.of("new", "", "previous", testUser.getUsername(), "name", "User Name"), + ImmutableMap.of("new", "","previous", testGroup.getGroupIdentifier(), "name", "Parent Group"))); } /** @@ -158,17 +131,9 @@ public class AuditGroupEventsTests extends BaseRMRestTest testGroup = dataGroup.createRandomGroup(); dataGroup.deleteGroup(testGroup); - STEP("Get the list of audit entries for the delete group event."); - List auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), - getAdminUser().getPassword(), 100, DELETE_USER_GROUP.event); - - STEP("Check the audit log contains only the entries for the created group."); - assertTrue("The list of events is not filtered by " + DELETE_USER_GROUP.event, - auditEntries.stream().allMatch(auditEntry -> auditEntry.getEvent().equals(DELETE_USER_GROUP.eventDisplayName))); - - assertTrue("The group name for the deleted group is not audited.", - auditEntries.stream().filter(auditEntry -> auditEntry.getEvent().equals(DELETE_USER_GROUP.eventDisplayName)) - .anyMatch(auditEntry -> auditEntry.getNodeName().equals(testGroup.getGroupIdentifier()) - && auditEntry.getChangedValues().contains(ImmutableMap.of("new", "", "previous", testGroup.getGroupIdentifier(), "name", "authorityDisplayName")))); + STEP("Check the audit log contains the entry for the delete group event."); + rmAuditService.checkAuditLogForEvent(getAdminUser(), DELETE_USER_GROUP, getAdminUser(), testGroup.getGroupIdentifier(), + Collections.singletonList(ImmutableMap.of("new", "", "previous", testGroup.getGroupIdentifier(), + "name", "authorityDisplayName"))); } } diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditLoginEventsTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditLoginEventsTests.java index 12b445b3e3..5dcffe5347 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditLoginEventsTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditLoginEventsTests.java @@ -34,11 +34,10 @@ import java.util.List; import org.alfresco.rest.rm.community.base.BaseRMRestTest; import org.alfresco.rest.rm.community.model.audit.AuditEntry; -import org.alfresco.rest.v0.RMAuditAPI; +import org.alfresco.rest.v0.service.RMAuditService; import org.alfresco.test.AlfrescoTest; import org.alfresco.utility.model.UserModel; import org.springframework.beans.factory.annotation.Autowired; -import org.testng.annotations.BeforeClass; import org.testng.annotations.Test; /** @@ -51,14 +50,7 @@ import org.testng.annotations.Test; public class AuditLoginEventsTests extends BaseRMRestTest { @Autowired - private RMAuditAPI rmAuditAPI; - - @BeforeClass (alwaysRun = true) - public void cleanAuditLogs() - { - //clean audit logs - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); - } + private RMAuditService rmAuditService; /** * Given I have tried to login using invalid credentials @@ -68,12 +60,13 @@ public class AuditLoginEventsTests extends BaseRMRestTest @Test public void filterByLoginUnsuccessful() throws Exception { + rmAuditService.clearAuditLog(); restClient.authenticateUser(new UserModel(getAdminUser().getUsername(), "InvalidPassword")); restClient.withCoreAPI().getSites(); STEP("Get the list of audit entries for the login unsuccessful event."); - List auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), - getAdminUser().getPassword(), 100, LOGIN_UNSUCCESSFUL.event); + List auditEntries = rmAuditService.getAuditEntriesFilteredByEvent(getAdminUser(), + LOGIN_UNSUCCESSFUL); STEP("Check the audit log contains only the entries for the login unsuccessful event."); assertTrue("The list of events is not filtered by " + LOGIN_UNSUCCESSFUL.event, diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java index 6820af14a3..d24da88e07 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java @@ -4,9 +4,24 @@ * %% * Copyright (C) 2005 - 2019 Alfresco Software Limited * %% - * License rights for this program may be obtained from Alfresco Software, Ltd. - * pursuant to a written agreement and any use of this program without such an - * agreement is prohibited. + * This file is part of the Alfresco software. + * - + * If the software was purchased under a paid Alfresco license, the terms of + * the paid license agreement will prevail. Otherwise, the software is + * provided under the following open source license terms: + * - + * Alfresco is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * - + * Alfresco is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * - + * You should have received a copy of the GNU Lesser General Public License + * along with Alfresco. If not, see . * #L% */ package org.alfresco.rest.rm.community.audit; @@ -19,10 +34,9 @@ import static org.alfresco.rest.rm.community.model.audit.AuditEvents.REMOVE_FROM import static org.alfresco.rest.rm.community.util.CommonTestUtils.generateTestPrefix; import static org.alfresco.utility.data.RandomData.getRandomName; import static org.alfresco.utility.report.log.Step.STEP; +import static org.apache.commons.httpclient.HttpStatus.SC_INTERNAL_SERVER_ERROR; import static org.testng.AssertJUnit.assertEquals; -import static org.testng.AssertJUnit.assertFalse; import static org.testng.AssertJUnit.assertTrue; -import static org.testng.AssertJUnit.fail; import java.util.Collections; import java.util.List; @@ -36,7 +50,7 @@ import org.alfresco.rest.rm.community.model.recordcategory.RecordCategoryChild; import org.alfresco.rest.rm.community.model.user.UserPermissions; import org.alfresco.rest.rm.community.model.user.UserRoles; import org.alfresco.rest.v0.HoldsAPI; -import org.alfresco.rest.v0.RMAuditAPI; +import org.alfresco.rest.v0.service.RMAuditService; import org.alfresco.rest.v0.service.RoleService; import org.alfresco.test.AlfrescoTest; import org.alfresco.utility.constants.UserRole; @@ -62,10 +76,10 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest private final String HOLD1 = PREFIX + "hold1"; private final String HOLD2 = PREFIX + "hold2"; private final String HOLD3 = PREFIX + "hold3"; - private final String HOLD_TO_BE_DELETED = PREFIX + "holdToBeDeleted"; + private final String DELETED_HOLD = PREFIX + "deletedHold"; @Autowired - private RMAuditAPI rmAuditAPI; + private RMAuditService rmAuditService; @Autowired private HoldsAPI holdsAPI; @Autowired @@ -78,8 +92,8 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest private Record heldRecord; private List auditEntries; private List holdsList = asList(HOLD1, HOLD2, HOLD3); - private AuditEntry auditEntry; private FileModel heldContent; + private String hold1NodeRef; @BeforeClass (alwaysRun = true) public void preconditionForAuditRemoveFromHoldTests() throws Exception @@ -91,12 +105,11 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest privateSite = dataSite.usingUser(rmAdmin).createPrivateRandomSite(); STEP("Create new holds."); - String hold1NodeRef = holdsAPI.createHoldAndGetNodeRef(getAdminUser().getUsername(), getAdminUser().getPassword(), + hold1NodeRef = holdsAPI.createHoldAndGetNodeRef(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD1, HOLD_REASON, HOLD_DESCRIPTION); holdsAPI.createHold(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD2, HOLD_REASON, HOLD_DESCRIPTION); holdsAPI.createHold(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD3, HOLD_REASON, HOLD_DESCRIPTION); - holdsAPI.createHold(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD_TO_BE_DELETED, - HOLD_REASON, HOLD_DESCRIPTION); + holdsAPI.createHold(getAdminUser().getUsername(), getAdminUser().getPassword(), DELETED_HOLD, HOLD_REASON, HOLD_DESCRIPTION); STEP("Create a new record category with a record folder."); recordCategory = createRootCategory(getRandomName("recordCategory")); @@ -166,27 +179,14 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest @Test (dataProvider = "validNodesForRemoveFromHold") public void removeFromHoldEventIsAudited(String nodeId, String nodeName) { - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Remove node from hold."); holdsAPI.removeItemFromHold(rmAdmin.getUsername(), rmAdmin.getPassword(), nodeId, HOLD3); - STEP("Get the list of audit entries for the remove from hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - REMOVE_FROM_HOLD.event); - - STEP("Check the audit log contains the entry for the remove from hold."); - assertFalse("The list of events should contain Remove From Hold entry ", auditEntries.isEmpty()); - auditEntry = auditEntries.get(0); - assertTrue("The list of events is not filtered by Remove From Hold", - auditEntry.getEvent().equals(REMOVE_FROM_HOLD.eventDisplayName)); - assertTrue("The hold name value for the remove from hold is not audited.", - auditEntry.getNodeName().equals(HOLD3)); - assertTrue("The user who removed the node from the hold is not audited.", - auditEntry.getUserName().equals(rmAdmin.getUsername())); - assertFalse("The date when the add to hold occurred is not audited.", auditEntry.getTimestamp().isEmpty()); - //TODO check content name + STEP("Check the audit log contains the entry for the remove from hold event."); + rmAuditService.checkAuditLogForEvent(getAdminUser(), REMOVE_FROM_HOLD, rmAdmin, HOLD3, Collections.emptyList()); + //TODO replace changed values } /** @@ -199,22 +199,17 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest { STEP("Add a file to the hold that will be deleted"); holdsAPI.addItemToHold(getAdminUser().getUsername(), getAdminUser().getPassword(), - heldContent.getNodeRefWithoutVersion(), HOLD_TO_BE_DELETED); + heldContent.getNodeRefWithoutVersion(), DELETED_HOLD); - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Delete the hold."); - holdsAPI.deleteHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD_TO_BE_DELETED); - - STEP("Get the list of audit entries for the remove from hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - REMOVE_FROM_HOLD.event); + holdsAPI.deleteHold(rmAdmin.getUsername(), rmAdmin.getPassword(), DELETED_HOLD); STEP("Check the audit log contains the entry for the remove from hold."); - assertFalse("The list of events should contain Remove From Hold entry ", auditEntries.isEmpty()); - assertTrue("The hold name value for the remove from hold is not audited.", - auditEntries.get(0).getNodeName().equals(HOLD_TO_BE_DELETED)); + rmAuditService.checkAuditLogForEvent(getAdminUser(), REMOVE_FROM_HOLD, rmAdmin, DELETED_HOLD, + Collections.emptyList()); + //TODO replace changed values } /** @@ -225,25 +220,16 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest @Test public void unsuccessfulRemoveFromHoldIsNotAudited() { - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Try to remove the record from a hold by an user with no rights."); - try - { - holdsAPI.removeItemFromHold(rmManagerNoRightsOnHold.getUsername(), rmManagerNoRightsOnHold.getPassword(), - heldRecord.getId(), HOLD1); - fail("Remove from hold action was successful."); - } - catch (Exception e) - { - STEP("Get the list of audit entries for the remove from hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - REMOVE_FROM_HOLD.event); + holdsAPI.removeItemsFromHolds(rmManagerNoRightsOnHold.getUsername(), rmManagerNoRightsOnHold.getPassword(), + SC_INTERNAL_SERVER_ERROR, Collections.singletonList(heldRecord.getId()), + Collections.singletonList(hold1NodeRef)); - STEP("Check the audit log doesn't contain the entry for the unsuccessful remove from hold."); - assertTrue("The list of events should not contain remove from hold entry ", auditEntries.isEmpty()); - } + STEP("Check the audit log doesn't contain the entry for the unsuccessful remove from hold."); + assertTrue("The list of events should not contain remove from hold entry ", + rmAuditService.getAuditEntriesFilteredByEvent(getAdminUser(), REMOVE_FROM_HOLD).isEmpty()); } /** @@ -261,15 +247,13 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest STEP("Add the record folder to a hold."); holdsAPI.addItemToHold(rmAdmin.getUsername(), rmAdmin.getPassword(), notEmptyRecFolder.getId(), HOLD1); - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Remove record folder from hold."); holdsAPI.removeItemFromHold(rmAdmin.getUsername(), rmAdmin.getPassword(), notEmptyRecFolder.getId(), HOLD1); STEP("Get the list of audit entries for the remove from hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - REMOVE_FROM_HOLD.event); + auditEntries = rmAuditService.getAuditEntriesFilteredByEvent(getAdminUser(), REMOVE_FROM_HOLD); STEP("Check the audit log contains only an entry for remove from hold."); assertEquals("The list of events should not contain Remove from Hold entry for the record", 1, @@ -285,16 +269,14 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest @Test public void removeFromHoldIsAuditedInBulkRemoval() { - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Remove record folder from multiple holds."); holdsAPI.removeItemsFromHolds(rmAdmin.getUsername(), rmAdmin.getPassword(), Collections.singletonList(heldRecordFolder.getId()), asList(HOLD1, HOLD2)); STEP("Get the list of audit entries for the remove from hold event."); - auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword(), 100, - REMOVE_FROM_HOLD.event); + auditEntries = rmAuditService.getAuditEntriesFilteredByEvent(getAdminUser(), REMOVE_FROM_HOLD); STEP("Check the audit log contains entries for both removal."); assertEquals("The list of events should contain remove from Hold entries for both holds", 2, @@ -313,17 +295,14 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest @Test (dataProvider = "invalidUsersForRemoveFromHold") public void removeFromHoldAuditEntryNotVisible(UserModel user) { - STEP("Clean audit logs."); - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + rmAuditService.clearAuditLog(); STEP("Remove held content from a hold."); holdsAPI.removeItemFromHold(rmAdmin.getUsername(), rmAdmin.getPassword(), heldContent.getNodeRefWithoutVersion(), HOLD1); - STEP("Get the list of audit entries for the remove from hold event as an user with no Read permissions."); - auditEntries = rmAuditAPI.getRMAuditLog(user.getUsername(), user.getPassword(), 100, REMOVE_FROM_HOLD.event); - - STEP("Check the audit log doesn't contain the entry for the remove from hold event."); - assertTrue("The list of events should not contain Remove from Hold entry ", auditEntries.isEmpty()); + STEP("Check that an user with no Read permissions can't see the entry for the remove from hold event."); + assertTrue("The list of events should not contain Remove from Hold entry ", + rmAuditService.getAuditEntriesFilteredByEvent(user, REMOVE_FROM_HOLD).isEmpty()); } @AfterClass (alwaysRun = true) diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditUserEventsTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditUserEventsTests.java index 6f29159520..3f7b668a9a 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditUserEventsTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditUserEventsTests.java @@ -29,18 +29,17 @@ package org.alfresco.rest.rm.community.audit; import static org.alfresco.rest.rm.community.model.audit.AuditEvents.CREATE_PERSON; import static org.alfresco.rest.rm.community.util.CommonTestUtils.generateTestPrefix; import static org.alfresco.utility.report.log.Step.STEP; -import static org.testng.AssertJUnit.assertTrue; -import java.util.List; +import java.util.Collections; + +import com.google.common.collect.ImmutableMap; import org.alfresco.rest.rm.community.base.BaseRMRestTest; -import org.alfresco.rest.rm.community.model.audit.AuditEntry; -import org.alfresco.rest.v0.RMAuditAPI; +import org.alfresco.rest.v0.service.RMAuditService; import org.alfresco.test.AlfrescoTest; import org.alfresco.utility.model.UserModel; import org.springframework.beans.factory.annotation.Autowired; import org.testng.annotations.AfterClass; -import org.testng.annotations.BeforeClass; import org.testng.annotations.Test; /** @@ -52,10 +51,9 @@ import org.testng.annotations.Test; public class AuditUserEventsTests extends BaseRMRestTest { private final String PREFIX = generateTestPrefix(AuditUserEventsTests.class); - private UserModel createUser; @Autowired - private RMAuditAPI rmAuditAPI; + private RMAuditService rmAuditService; /** * Given I have created a new user @@ -68,28 +66,14 @@ public class AuditUserEventsTests extends BaseRMRestTest @AlfrescoTest(jira = "RM-6223") public void createUserEventIsAudited() { + rmAuditService.clearAuditLog(); STEP("Create a new user."); String userName = "auditCreateUser" + PREFIX; createUser = getDataUser().createUser(userName); - STEP("Get the list of audit entries for the create person event."); - List auditEntries = rmAuditAPI.getRMAuditLog(getAdminUser().getUsername(), - getAdminUser().getPassword(), 100, CREATE_PERSON.event); - - STEP("Check the audit log contains only the entries for the created user."); - assertTrue("The list of events is not filtered by " + CREATE_PERSON.event, - auditEntries.stream().allMatch(auditEntry -> auditEntry.getEvent().equals(CREATE_PERSON.eventDisplayName))); - - assertTrue("The username value for the user created is not audited.", - auditEntries.stream().filter(auditEntry -> auditEntry.getEvent().equals(CREATE_PERSON.eventDisplayName)) - .allMatch(auditEntry -> auditEntry.getNodeName().equals(userName))); - } - - @BeforeClass (alwaysRun = true) - public void cleanAuditLogs() - { - //clean audit logs - rmAuditAPI.clearAuditLog(getAdminUser().getUsername(), getAdminUser().getPassword()); + STEP("Check the audit log contains the entry for the created user event."); + rmAuditService.checkAuditLogForEvent(getAdminUser(), CREATE_PERSON, getAdminUser(), userName, + Collections.singletonList(ImmutableMap.of("new", userName, "previous", "", "name", "User Name"))); } @AfterClass (alwaysRun = true) diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/files/DeclareAndFileDocumentAsRecordTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/files/DeclareAndFileDocumentAsRecordTests.java index e6bee2c556..26188acb08 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/files/DeclareAndFileDocumentAsRecordTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/files/DeclareAndFileDocumentAsRecordTests.java @@ -26,6 +26,8 @@ */ package org.alfresco.rest.rm.community.files; +import static org.alfresco.rest.rm.community.base.TestData.HOLD_DESCRIPTION; +import static org.alfresco.rest.rm.community.base.TestData.HOLD_REASON; import static org.alfresco.rest.rm.community.model.fileplancomponents.FilePlanComponentAlias.FILE_PLAN_ALIAS; import static org.alfresco.rest.rm.community.model.fileplancomponents.FilePlanComponentAlias.TRANSFERS_ALIAS; import static org.alfresco.rest.rm.community.model.fileplancomponents.FilePlanComponentAlias.UNFILED_RECORDS_CONTAINER_ALIAS; @@ -87,7 +89,7 @@ public class DeclareAndFileDocumentAsRecordTests extends BaseRMRestTest private final static String INVALID_DESTINATION_PATH_EXC = "Unable to execute create-record action, because the destination path is invalid."; private final static String DESTINATION_PATH_NOT_RECORD_FOLDER_EXC = "Unable to execute create-record action, because the destination path is not a record folder."; private final static String CLOSED_RECORD_FOLDER_EXC = "You can't add new items to a closed record folder."; - private final static String HOLD_NAME = "holdName"; + private final static String HOLD_NAME = getRandomName("holdName"); private final static String RECORD_FOLDER_NAME_WITH_SPACE = "Folder With Spaces In Name"; private UserModel userFillingPermission, userReadOnlyPermission; @@ -411,8 +413,7 @@ public class DeclareAndFileDocumentAsRecordTests extends BaseRMRestTest public void declareAndFileToHeldRecordFolderUsingFilesAPI() throws Exception { RecordCategoryChild heldRecordFolder = createFolder(recordCategory.getId(), getRandomName("heldRecordFolder")); - holdsAPI.createHold(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD_NAME, "hold reason", - "hold description"); + holdsAPI.createHold(getAdminUser().getUsername(), getAdminUser().getPassword(), HOLD_NAME, HOLD_REASON, HOLD_DESCRIPTION); holdsAPI.addItemToHold(getAdminUser().getUsername(), getAdminUser().getPassword(), heldRecordFolder.getId(), HOLD_NAME); diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/hold/AddToHoldsTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/hold/AddToHoldsTests.java index 636c453077..3803749525 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/hold/AddToHoldsTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/hold/AddToHoldsTests.java @@ -287,7 +287,7 @@ public class AddToHoldsTests extends BaseRMRestTest users.add(userModel); STEP("Add the node to the hold with user without permission."); String response = holdsAPI.addToHoldAndGetMessage(userModel.getUsername(), userModel.getPassword(), - SC_INTERNAL_SERVER_ERROR, nodeToBeAddedToHold, HOLD); + SC_INTERNAL_SERVER_ERROR, nodeToBeAddedToHold, holdNodeRef); assertTrue(response.contains(ACCESS_DENIED_ERROR_MESSAGE)); STEP("Check the node is not frozen."); @@ -345,7 +345,7 @@ public class AddToHoldsTests extends BaseRMRestTest { STEP("Add the node to the hold "); String responseErrorMessage = holdsAPI.addToHoldAndGetMessage(getAdminUser().getUsername(), - getAdminUser().getPassword(), responseCode, itemNodeRef, HOLD); + getAdminUser().getPassword(), responseCode, itemNodeRef, holdNodeRef); assertTrue(responseErrorMessage.contains(errorMessage), "Actual error message " + responseErrorMessage + " expected " + errorMessage); diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/hold/RemoveFromHoldsTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/hold/RemoveFromHoldsTests.java index c23b244b7d..78146056c3 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/hold/RemoveFromHoldsTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/hold/RemoveFromHoldsTests.java @@ -95,12 +95,12 @@ public class RemoveFromHoldsTests extends BaseRMRestTest private RoleService roleService; @BeforeClass (alwaysRun = true) - public void preconditionForRemoveContentFromHold() throws Exception + public void preconditionForRemoveContentFromHold() { STEP("Create two holds."); holdNodeRefOne = holdsAPI.createHoldAndGetNodeRef(getAdminUser().getUsername(), getAdminUser().getUsername(), HOLD_ONE, HOLD_REASON, HOLD_DESCRIPTION); - String holdNodeRefTwo = holdsAPI.createHoldAndGetNodeRef(getAdminUser().getUsername(), getAdminUser() + holdsAPI.createHoldAndGetNodeRef(getAdminUser().getUsername(), getAdminUser() .getUsername(), HOLD_TWO, HOLD_REASON, HOLD_DESCRIPTION); STEP("Create test files."); @@ -265,7 +265,7 @@ public class RemoveFromHoldsTests extends BaseRMRestTest STEP("Remove node from hold with user without right permission or capability"); String responseNoHoldPermission = holdsAPI.removeFromHoldAndGetMessage(userModel.getUsername(), - userModel.getPassword(), SC_INTERNAL_SERVER_ERROR, nodeIdToBeRemoved, HOLD_ONE); + userModel.getPassword(), SC_INTERNAL_SERVER_ERROR, nodeIdToBeRemoved, holdNodeRefOne); assertTrue(responseNoHoldPermission.contains(ACCESS_DENIED_ERROR_MESSAGE)); STEP("Check node is frozen."); From 415ccf3a2e54f296eb02dbdd04c09d4b8274c2b2 Mon Sep 17 00:00:00 2001 From: cagache Date: Wed, 6 Nov 2019 17:19:41 +0200 Subject: [PATCH 05/14] removed unused imports --- .../src/main/java/org/alfresco/rest/v0/HoldsAPI.java | 3 --- 1 file changed, 3 deletions(-) diff --git a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/HoldsAPI.java b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/HoldsAPI.java index da9949bd9e..b5ef69b038 100644 --- a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/HoldsAPI.java +++ b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/HoldsAPI.java @@ -28,7 +28,6 @@ package org.alfresco.rest.v0; import static org.alfresco.rest.core.v0.APIUtils.convertHTTPResponseToJSON; import static org.apache.http.HttpStatus.SC_OK; -import static org.testng.AssertJUnit.assertNotNull; import java.text.MessageFormat; import java.util.Collections; @@ -39,8 +38,6 @@ import org.alfresco.rest.core.v0.APIUtils; import org.alfresco.rest.core.v0.BaseAPI; import org.alfresco.rest.rm.community.model.hold.HoldEntry; import org.alfresco.rest.rm.community.util.PojoUtility; -import org.alfresco.utility.Utility; -import org.apache.chemistry.opencmis.client.api.CmisObject; import org.apache.http.HttpResponse; import org.apache.http.ParseException; import org.json.JSONArray; From b78f53061c46729bcdfa0ccc389892a5657a81fa Mon Sep 17 00:00:00 2001 From: cagache Date: Thu, 7 Nov 2019 10:10:25 +0200 Subject: [PATCH 06/14] Sonar: Format specifiers should be used instead of string concatenation. Sonar: Replace the type specification in this constructor call with the diamond operator ("<>") --- .../src/main/java/org/alfresco/rest/core/v0/BaseAPI.java | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/core/v0/BaseAPI.java b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/core/v0/BaseAPI.java index 2306424f57..0785748fb5 100644 --- a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/core/v0/BaseAPI.java +++ b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/core/v0/BaseAPI.java @@ -103,7 +103,7 @@ public abstract class BaseAPI */ protected List getPropertyValues(JSONObject result, String propertyName) { - ArrayList results = new ArrayList(); + ArrayList results = new ArrayList<>(); try { JSONArray items = result.getJSONArray("items"); @@ -541,7 +541,6 @@ public abstract class BaseAPI AlfrescoHttpClient client = alfrescoHttpClientFactory.getObject(); T request = requestType.newInstance(); - HttpResponse response = null; JSONObject responseBody = null; JSONObject returnValues = null; @@ -555,7 +554,7 @@ public abstract class BaseAPI } LOGGER.info("Sending {} request to {}", requestType.getSimpleName(), requestUrl); LOGGER.info("Request body: {}", requestParams); - response = client.execute(adminUser, adminPassword, request); + HttpResponse response = client.execute(adminUser, adminPassword, request); LOGGER.info("Response: {}", response.getStatusLine()); try @@ -587,13 +586,13 @@ public abstract class BaseAPI case HttpStatus.SC_UNPROCESSABLE_ENTITY: if (responseBody != null && responseBody.has(EXCEPTION_KEY)) { - LOGGER.error("Request failed: " + responseBody.getString(EXCEPTION_KEY)); + LOGGER.error("Request failed: {}", responseBody.getString(EXCEPTION_KEY)); returnValues = responseBody; } break; default: - LOGGER.error("Request returned unexpected HTTP status " + response.getStatusLine().getStatusCode()); + LOGGER.error("Request returned unexpected HTTP status {}", response.getStatusLine().getStatusCode()); break; } } From 5f7ada28b23065f35f19f9631ae2092cb3ef6d34 Mon Sep 17 00:00:00 2001 From: cagache Date: Thu, 7 Nov 2019 12:36:52 +0200 Subject: [PATCH 07/14] replaced the todos --- .../community/audit/AuditAddToHoldTests.java | 15 +++++++++----- .../community/audit/AuditCreateHoldTests.java | 2 +- .../community/audit/AuditDeleteHoldTests.java | 5 ++++- .../audit/AuditRemoveFromHoldTests.java | 20 +++++++++++-------- 4 files changed, 27 insertions(+), 15 deletions(-) diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java index 6bebd31ddb..ed63133be4 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java @@ -41,6 +41,8 @@ import static org.testng.AssertJUnit.assertTrue; import java.util.Collections; import java.util.List; +import com.google.common.collect.ImmutableMap; + import org.alfresco.dataprep.CMISUtil; import org.alfresco.rest.rm.community.base.BaseRMRestTest; import org.alfresco.rest.rm.community.model.audit.AuditEntry; @@ -174,8 +176,9 @@ public class AuditAddToHoldTests extends BaseRMRestTest holdsAPI.addItemToHold(rmAdmin.getUsername(), rmAdmin.getPassword(), nodeId, HOLD1); STEP("Check the audit log contains the entry for the add to hold event."); - rmAuditService.checkAuditLogForEvent(getAdminUser(), ADD_TO_HOLD, rmAdmin, HOLD1, Collections.emptyList()); - //TODO replace changed values + rmAuditService.checkAuditLogForEvent(getAdminUser(), ADD_TO_HOLD, rmAdmin, HOLD1, + asList(ImmutableMap.of("new", nodeName, "previous", "", "name", "Name"), + ImmutableMap.of("new", HOLD1, "previous", "", "name", "Hold Name"))); } /** @@ -211,7 +214,7 @@ public class AuditAddToHoldTests extends BaseRMRestTest { STEP("Create a new record folder with a record inside"); RecordCategoryChild notEmptyRecFolder = createRecordFolder(recordCategory.getId(), PREFIX + "notEmptyRecFolder"); - createElectronicRecord(notEmptyRecFolder.getId(), PREFIX + "record"); + Record record = createElectronicRecord(notEmptyRecFolder.getId(), PREFIX + "record"); rmAuditService.clearAuditLog(); @@ -221,8 +224,10 @@ public class AuditAddToHoldTests extends BaseRMRestTest auditEntries = rmAuditService.getAuditEntriesFilteredByEvent(getAdminUser(), ADD_TO_HOLD); STEP("Check the audit log contains only an entry for add to hold."); - assertEquals("The list of events should not contain Add to Hold entry for the record", 1, auditEntries.size()); - //TODO check content name + assertEquals("The list of events should contain only an entry", 1, auditEntries.size()); + assertTrue("The list of events should not contain Add to Hold entry for the record", + auditEntries.stream().noneMatch(entry -> entry.getChangedValues().contains( + Collections.singletonList(ImmutableMap.of("new", record.getName(), "previous", "", "name", "Name"))))); } /** diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditCreateHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditCreateHoldTests.java index 6789ff11ba..a316ed2b7c 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditCreateHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditCreateHoldTests.java @@ -105,7 +105,7 @@ public class AuditCreateHoldTests extends BaseRMRestTest STEP("Check the audit log contains the entry for the created hold with the hold details."); rmAuditService.checkAuditLogForEvent(getAdminUser(), CREATE_HOLD, rmAdmin, HOLD1, asList(ImmutableMap.of("new", HOLD_REASON, "previous", "", "name", "Hold Reason"), - ImmutableMap.of("new", HOLD1, "previous", "", "name", "Name"))); + ImmutableMap.of("new", HOLD1, "previous", "", "name", "Hold Name"))); } /** diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java index 94cec954f7..bcc535410e 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java @@ -39,6 +39,8 @@ import static org.testng.AssertJUnit.assertTrue; import java.util.Collections; +import com.google.common.collect.ImmutableMap; + import org.alfresco.rest.rm.community.base.BaseRMRestTest; import org.alfresco.rest.rm.community.model.user.UserRoles; import org.alfresco.rest.v0.HoldsAPI; @@ -106,7 +108,8 @@ public class AuditDeleteHoldTests extends BaseRMRestTest holdsAPI.deleteHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2); STEP("Check the audit log contains the entry for the deleted hold with the hold details."); - rmAuditService.checkAuditLogForEvent(getAdminUser(), DELETE_HOLD, rmAdmin, HOLD2, Collections.emptyList()); + rmAuditService.checkAuditLogForEvent(getAdminUser(), DELETE_HOLD, rmAdmin, HOLD2, + Collections.singletonList(ImmutableMap.of("new", "", "previous", HOLD2, "name", "Hold Name"))); } /** diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java index d24da88e07..c650ea5b4b 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java @@ -41,6 +41,8 @@ import static org.testng.AssertJUnit.assertTrue; import java.util.Collections; import java.util.List; +import com.google.common.collect.ImmutableMap; + import org.alfresco.dataprep.CMISUtil; import org.alfresco.rest.rm.community.base.BaseRMRestTest; import org.alfresco.rest.rm.community.model.audit.AuditEntry; @@ -185,8 +187,9 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest holdsAPI.removeItemFromHold(rmAdmin.getUsername(), rmAdmin.getPassword(), nodeId, HOLD3); STEP("Check the audit log contains the entry for the remove from hold event."); - rmAuditService.checkAuditLogForEvent(getAdminUser(), REMOVE_FROM_HOLD, rmAdmin, HOLD3, Collections.emptyList()); - //TODO replace changed values + rmAuditService.checkAuditLogForEvent(getAdminUser(), REMOVE_FROM_HOLD, rmAdmin, HOLD3, + asList(ImmutableMap.of("new", "", "previous", nodeName, "name", "Name"), + ImmutableMap.of("new", "", "previous", HOLD3, "name", "Hold Name"))); } /** @@ -208,8 +211,8 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest STEP("Check the audit log contains the entry for the remove from hold."); rmAuditService.checkAuditLogForEvent(getAdminUser(), REMOVE_FROM_HOLD, rmAdmin, DELETED_HOLD, - Collections.emptyList()); - //TODO replace changed values + asList(ImmutableMap.of("new", "", "previous", heldContent.getName(), "name", "Name"), + ImmutableMap.of("new", "", "previous", DELETED_HOLD, "name", "Hold Name"))); } /** @@ -242,7 +245,7 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest { STEP("Create a new record folder with a record inside"); RecordCategoryChild notEmptyRecFolder = createRecordFolder(recordCategory.getId(), PREFIX + "notEmptyRecFolder"); - createElectronicRecord(notEmptyRecFolder.getId(), PREFIX + "record"); + Record record = createElectronicRecord(notEmptyRecFolder.getId(), PREFIX + "record"); STEP("Add the record folder to a hold."); holdsAPI.addItemToHold(rmAdmin.getUsername(), rmAdmin.getPassword(), notEmptyRecFolder.getId(), HOLD1); @@ -256,9 +259,10 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest auditEntries = rmAuditService.getAuditEntriesFilteredByEvent(getAdminUser(), REMOVE_FROM_HOLD); STEP("Check the audit log contains only an entry for remove from hold."); - assertEquals("The list of events should not contain Remove from Hold entry for the record", 1, - auditEntries.size()); - //TODO check content name + assertEquals("The list of events should contain only an entry", 1, auditEntries.size()); + assertTrue("The list of events should not contain Remove from Hold entry for the record", + auditEntries.stream().noneMatch(entry -> entry.getChangedValues().contains( + Collections.singletonList(ImmutableMap.of("new", "", "previous", record.getName(), "name", "Name"))))); } /** From 100944ac367838d55b55bd34762aa10f869413e7 Mon Sep 17 00:00:00 2001 From: cagache Date: Fri, 8 Nov 2019 10:20:16 +0200 Subject: [PATCH 08/14] Changed the audited node --- .../rm/community/audit/AuditAddToHoldTests.java | 17 +++++++++-------- .../audit/AuditRemoveFromHoldTests.java | 15 ++++++++------- 2 files changed, 17 insertions(+), 15 deletions(-) diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java index ed63133be4..dda74deebb 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java @@ -176,7 +176,7 @@ public class AuditAddToHoldTests extends BaseRMRestTest holdsAPI.addItemToHold(rmAdmin.getUsername(), rmAdmin.getPassword(), nodeId, HOLD1); STEP("Check the audit log contains the entry for the add to hold event."); - rmAuditService.checkAuditLogForEvent(getAdminUser(), ADD_TO_HOLD, rmAdmin, HOLD1, + rmAuditService.checkAuditLogForEvent(getAdminUser(), ADD_TO_HOLD, rmAdmin, nodeName, asList(ImmutableMap.of("new", nodeName, "previous", "", "name", "Name"), ImmutableMap.of("new", HOLD1, "previous", "", "name", "Hold Name"))); } @@ -226,12 +226,11 @@ public class AuditAddToHoldTests extends BaseRMRestTest STEP("Check the audit log contains only an entry for add to hold."); assertEquals("The list of events should contain only an entry", 1, auditEntries.size()); assertTrue("The list of events should not contain Add to Hold entry for the record", - auditEntries.stream().noneMatch(entry -> entry.getChangedValues().contains( - Collections.singletonList(ImmutableMap.of("new", record.getName(), "previous", "", "name", "Name"))))); + auditEntries.stream().noneMatch(entry -> entry.getNodeName().equals(record.getName()))); } /** - * Given a document/record/record folder is added to multiple holds + * Given a record is added to multiple holds * When I view the audit log * Then multiple entries have been created in the audit log for each add to hold event */ @@ -252,14 +251,16 @@ public class AuditAddToHoldTests extends BaseRMRestTest STEP("Check the audit log contains entries for both additions."); assertEquals("The list of events should contain Add to Hold entries for both holds", 2, auditEntries.size()); assertTrue("The hold name value for the first add to hold is not audited.", - auditEntries.stream().anyMatch(entry -> entry.getNodeName().equals(HOLD1))); + auditEntries.stream().anyMatch(entry -> entry.getChangedValues().contains( + Collections.singletonList(ImmutableMap.of("new", HOLD1, "previous", "", "name", "Hold Name"))))); assertTrue("The hold name value for the second add to hold is not audited.", - auditEntries.stream().anyMatch(entry -> entry.getNodeName().equals(HOLD2))); + auditEntries.stream().anyMatch(entry -> entry.getChangedValues().contains( + Collections.singletonList(ImmutableMap.of("new", HOLD2, "previous", "", "name", "Hold Name"))))); } /** - * Given a document/record/record folder is added to a hold - * When I view the audit log as an user with no Read permissions over the hold or the node + * Given a document is added to a hold + * When I view the audit log as an user with no Read permissions over the hold or the document * Then the add to hold entry isn't visible */ @Test (dataProvider = "invalidUsersForAddToHold") diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java index c650ea5b4b..f56f880b45 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java @@ -187,7 +187,7 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest holdsAPI.removeItemFromHold(rmAdmin.getUsername(), rmAdmin.getPassword(), nodeId, HOLD3); STEP("Check the audit log contains the entry for the remove from hold event."); - rmAuditService.checkAuditLogForEvent(getAdminUser(), REMOVE_FROM_HOLD, rmAdmin, HOLD3, + rmAuditService.checkAuditLogForEvent(getAdminUser(), REMOVE_FROM_HOLD, rmAdmin, nodeName, asList(ImmutableMap.of("new", "", "previous", nodeName, "name", "Name"), ImmutableMap.of("new", "", "previous", HOLD3, "name", "Hold Name"))); } @@ -210,7 +210,7 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest holdsAPI.deleteHold(rmAdmin.getUsername(), rmAdmin.getPassword(), DELETED_HOLD); STEP("Check the audit log contains the entry for the remove from hold."); - rmAuditService.checkAuditLogForEvent(getAdminUser(), REMOVE_FROM_HOLD, rmAdmin, DELETED_HOLD, + rmAuditService.checkAuditLogForEvent(getAdminUser(), REMOVE_FROM_HOLD, rmAdmin, heldContent.getName(), asList(ImmutableMap.of("new", "", "previous", heldContent.getName(), "name", "Name"), ImmutableMap.of("new", "", "previous", DELETED_HOLD, "name", "Hold Name"))); } @@ -261,12 +261,11 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest STEP("Check the audit log contains only an entry for remove from hold."); assertEquals("The list of events should contain only an entry", 1, auditEntries.size()); assertTrue("The list of events should not contain Remove from Hold entry for the record", - auditEntries.stream().noneMatch(entry -> entry.getChangedValues().contains( - Collections.singletonList(ImmutableMap.of("new", "", "previous", record.getName(), "name", "Name"))))); + auditEntries.stream().noneMatch(entry -> entry.getNodeName().equals(record.getName()))); } /** - * Given a document/record/record folder is removed from multiple holds + * Given a record folder is removed from multiple holds * When I view the audit log * Then multiple entries have been created in the audit log for each remove from hold event */ @@ -286,9 +285,11 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest assertEquals("The list of events should contain remove from Hold entries for both holds", 2, auditEntries.size()); assertTrue("The hold name value for the first remove from hold is not audited.", - auditEntries.stream().anyMatch(entry -> entry.getNodeName().equals(HOLD1))); + auditEntries.stream().anyMatch(entry -> entry.getChangedValues().contains( + Collections.singletonList(ImmutableMap.of("new", "", "previous", HOLD1, "name", "Hold Name"))))); assertTrue("The hold name value for the second remove from hold is not audited.", - auditEntries.stream().anyMatch(entry -> entry.getNodeName().equals(HOLD2))); + auditEntries.stream().anyMatch(entry -> entry.getChangedValues().contains( + Collections.singletonList(ImmutableMap.of("new", "", "previous", HOLD2, "name", "Hold Name"))))); } /** From eade9c9e0fec1f8df7554b1feb32d00f7002e79c Mon Sep 17 00:00:00 2001 From: cagache Date: Fri, 8 Nov 2019 16:02:16 +0200 Subject: [PATCH 09/14] Delete hold using RM Actions API --- .../java/org/alfresco/rest/v0/HoldsAPI.java | 32 ++++++++++++++++++- .../community/audit/AuditDeleteHoldTests.java | 18 +++++------ 2 files changed, 40 insertions(+), 10 deletions(-) diff --git a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/HoldsAPI.java b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/HoldsAPI.java index b5ef69b038..c16fd352c2 100644 --- a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/HoldsAPI.java +++ b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/HoldsAPI.java @@ -38,6 +38,7 @@ import org.alfresco.rest.core.v0.APIUtils; import org.alfresco.rest.core.v0.BaseAPI; import org.alfresco.rest.rm.community.model.hold.HoldEntry; import org.alfresco.rest.rm.community.util.PojoUtility; +import org.alfresco.utility.model.UserModel; import org.apache.http.HttpResponse; import org.apache.http.ParseException; import org.json.JSONArray; @@ -144,7 +145,36 @@ public class HoldsAPI extends BaseAPI } /** - * Deletes hold + * Deletes hold using RM Actions API and expect action to be successful + * + * @param user the user who does the request + * @param holdNodeRef the hold node ref + * @return The HTTP Response or throws AssertionError if the request is not successful. + */ + public HttpResponse deleteHold(UserModel user, String holdNodeRef) + { + return deleteHold(user.getUsername(), user.getPassword(), holdNodeRef, SC_OK); + } + + /** + * Deletes hold using RM Actions API and expect a specific status code + * + * @param username user's username + * @param password its password + * @param holdNodeRef the hold node ref + * @return The HTTP Response or throws AssertionError if the returned status code is not as expected. + */ + public HttpResponse deleteHold(String username, String password, String holdNodeRef, int expectedStatusCode) + { + JSONObject requestParams = new JSONObject(); + requestParams.put("name", "deleteHold"); + requestParams.put("nodeRef", getNodeRefSpacesStore() + holdNodeRef); + + return doPostJsonRequest(username, password, expectedStatusCode, requestParams, RM_ACTIONS_API); + } + + /** + * Deletes hold using cmis * * @param username user's username * @param password its password diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java index bcc535410e..b22a71b215 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java @@ -32,9 +32,8 @@ import static org.alfresco.rest.rm.community.base.TestData.HOLD_DESCRIPTION; import static org.alfresco.rest.rm.community.base.TestData.HOLD_REASON; import static org.alfresco.rest.rm.community.model.audit.AuditEvents.DELETE_HOLD; import static org.alfresco.rest.rm.community.util.CommonTestUtils.generateTestPrefix; -import static org.alfresco.rest.rm.community.utils.CoreUtil.toContentModel; import static org.alfresco.utility.report.log.Step.STEP; -import static org.springframework.http.HttpStatus.FORBIDDEN; +import static org.apache.commons.httpclient.HttpStatus.SC_INTERNAL_SERVER_ERROR; import static org.testng.AssertJUnit.assertTrue; import java.util.Collections; @@ -100,12 +99,13 @@ public class AuditDeleteHoldTests extends BaseRMRestTest public void deleteHoldEventIsAudited() { STEP("Create a new hold."); - holdsAPI.createHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2, HOLD_REASON, HOLD_DESCRIPTION); + String holdRef = holdsAPI.createHoldAndGetNodeRef(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2, + HOLD_REASON, HOLD_DESCRIPTION); rmAuditService.clearAuditLog(); STEP("Delete the created hold."); - holdsAPI.deleteHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2); + holdsAPI.deleteHold(rmAdmin, holdRef); STEP("Check the audit log contains the entry for the deleted hold with the hold details."); rmAuditService.checkAuditLogForEvent(getAdminUser(), DELETE_HOLD, rmAdmin, HOLD2, @@ -118,13 +118,12 @@ public class AuditDeleteHoldTests extends BaseRMRestTest * Then the delete hold event isn't audited */ @Test - public void unsuccessfulDeleteHoldIsNotAudited() throws Exception + public void unsuccessfulDeleteHoldIsNotAudited() { rmAuditService.clearAuditLog(); STEP("Try to delete a hold by an user with no Read permissions over the hold."); - getRestAPIFactory().getNodeAPI(rmManager, toContentModel(holdNodeRef)).deleteNode(holdNodeRef); - assertStatusCode(FORBIDDEN); + holdsAPI.deleteHold(rmManager.getUsername(), rmManager.getPassword(), holdNodeRef, SC_INTERNAL_SERVER_ERROR); STEP("Check the audit log doesn't contain the entry for the unsuccessful delete hold."); assertTrue("The list of events should not contain Delete Hold entry ", @@ -140,12 +139,13 @@ public class AuditDeleteHoldTests extends BaseRMRestTest public void deleteHoldAuditEntryNotVisible() { STEP("Create a new hold."); - holdsAPI.createHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2, HOLD_REASON, HOLD_DESCRIPTION); + String holdRef = holdsAPI.createHoldAndGetNodeRef(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2, HOLD_REASON, + HOLD_DESCRIPTION); rmAuditService.clearAuditLog(); STEP("Delete the created hold."); - holdsAPI.deleteHold(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2); + holdsAPI.deleteHold(rmAdmin, holdRef); STEP("Check that an user with no Read permissions over the hold can't see the entry for the delete hold event."); assertTrue("The list of events should not contain Delete Hold entry ", From b36b4e31cb15d4c2cbe7fd5d7c004f783553f6ca Mon Sep 17 00:00:00 2001 From: cagache Date: Mon, 11 Nov 2019 11:21:28 +0200 Subject: [PATCH 10/14] Code review comments --- .../community/audit/AuditAddToHoldTests.java | 14 ++++++------ .../community/audit/AuditDeleteHoldTests.java | 22 ------------------- .../audit/AuditRemoveFromHoldTests.java | 15 ++++++------- 3 files changed, 14 insertions(+), 37 deletions(-) diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java index dda74deebb..550e53c78a 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java @@ -85,7 +85,7 @@ public class AuditAddToHoldTests extends BaseRMRestTest @Autowired private RoleService roleService; - private UserModel rmAdmin, rmManagerNoRightsOnHold, rmManagerNoRightsOnNode; + private UserModel rmAdmin, rmManagerNoReadOnHold, rmManagerNoReadOnNode; private SiteModel privateSite; private RecordCategory recordCategory; private RecordCategoryChild recordFolder; @@ -112,9 +112,9 @@ public class AuditAddToHoldTests extends BaseRMRestTest privateSite = dataSite.usingUser(rmAdmin).createPrivateRandomSite(); STEP("Create users without rights to add content to a hold."); - rmManagerNoRightsOnHold = roleService.createUserWithSiteRoleRMRoleAndPermission(privateSite, + rmManagerNoReadOnHold = roleService.createUserWithSiteRoleRMRoleAndPermission(privateSite, UserRole.SiteManager, recordCategory.getId(), UserRoles.ROLE_RM_MANAGER, UserPermissions.PERMISSION_FILING); - rmManagerNoRightsOnNode = roleService.createUserWithRMRoleAndRMNodePermission(UserRoles.ROLE_RM_MANAGER.roleId, + rmManagerNoReadOnNode = roleService.createUserWithRMRoleAndRMNodePermission(UserRoles.ROLE_RM_MANAGER.roleId, hold1NodeRef, UserPermissions.PERMISSION_FILING); } @@ -153,8 +153,8 @@ public class AuditAddToHoldTests extends BaseRMRestTest { return new UserModel[][] { - { rmManagerNoRightsOnHold }, - { rmManagerNoRightsOnNode } + { rmManagerNoReadOnHold }, + { rmManagerNoReadOnNode } }; } @@ -195,7 +195,7 @@ public class AuditAddToHoldTests extends BaseRMRestTest rmAuditService.clearAuditLog(); STEP("Try to add the record to a hold by an user with no rights."); - holdsAPI.addItemsToHolds(rmManagerNoRightsOnHold.getUsername(), rmManagerNoRightsOnHold.getPassword(), + holdsAPI.addItemsToHolds(rmManagerNoReadOnHold.getUsername(), rmManagerNoReadOnHold.getPassword(), SC_INTERNAL_SERVER_ERROR, Collections.singletonList(recordToBeAdded.getId()), Collections.singletonList(hold1NodeRef)); @@ -284,7 +284,7 @@ public class AuditAddToHoldTests extends BaseRMRestTest { holdsList.forEach(hold -> holdsAPI.deleteHold(getAdminUser().getUsername(), getAdminUser().getPassword(), hold)); dataSite.usingAdmin().deleteSite(privateSite); - asList(rmAdmin, rmManagerNoRightsOnHold, rmManagerNoRightsOnNode).forEach(user -> getDataUser().usingAdmin().deleteUser(user)); + asList(rmAdmin, rmManagerNoReadOnHold, rmManagerNoReadOnNode).forEach(user -> getDataUser().usingAdmin().deleteUser(user)); getRestAPIFactory().getRecordCategoryAPI().deleteRecordCategory(recordCategory.getId()); } } diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java index b22a71b215..1118f66599 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditDeleteHoldTests.java @@ -130,28 +130,6 @@ public class AuditDeleteHoldTests extends BaseRMRestTest rmAuditService.getAuditEntriesFilteredByEvent(getAdminUser(), DELETE_HOLD).isEmpty()); } - /** - * Given a hold is deleted - * When I view the audit log as an user with no Read permissions over the deleted hold - * Then the delete hold entry isn't visible - */ - @Test - public void deleteHoldAuditEntryNotVisible() - { - STEP("Create a new hold."); - String holdRef = holdsAPI.createHoldAndGetNodeRef(rmAdmin.getUsername(), rmAdmin.getPassword(), HOLD2, HOLD_REASON, - HOLD_DESCRIPTION); - - rmAuditService.clearAuditLog(); - - STEP("Delete the created hold."); - holdsAPI.deleteHold(rmAdmin, holdRef); - - STEP("Check that an user with no Read permissions over the hold can't see the entry for the delete hold event."); - assertTrue("The list of events should not contain Delete Hold entry ", - rmAuditService.getAuditEntriesFilteredByEvent(rmManager, DELETE_HOLD).isEmpty()); - } - @AfterClass (alwaysRun = true) public void cleanUpAuditDeleteHoldTests() { diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java index f56f880b45..dea12fe9b0 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java @@ -87,7 +87,7 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest @Autowired private RoleService roleService; - private UserModel rmAdmin, rmManagerNoRightsOnHold, rmManagerNoRightsOnNode; + private UserModel rmAdmin, rmManagerNoReadOnHold, rmManagerNoReadOnNode; private SiteModel privateSite; private RecordCategory recordCategory; private RecordCategoryChild recordFolder, heldRecordFolder; @@ -128,9 +128,9 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest holdsList); STEP("Create users without rights to remove content from a hold."); - rmManagerNoRightsOnHold = roleService.createUserWithSiteRoleRMRoleAndPermission(privateSite, + rmManagerNoReadOnHold = roleService.createUserWithSiteRoleRMRoleAndPermission(privateSite, UserRole.SiteManager, recordCategory.getId(), UserRoles.ROLE_RM_MANAGER, UserPermissions.PERMISSION_FILING); - rmManagerNoRightsOnNode = roleService.createUserWithRMRoleAndRMNodePermission(UserRoles.ROLE_RM_MANAGER.roleId, + rmManagerNoReadOnNode = roleService.createUserWithRMRoleAndRMNodePermission(UserRoles.ROLE_RM_MANAGER.roleId, hold1NodeRef, UserPermissions.PERMISSION_FILING); } @@ -138,7 +138,6 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest * Data provider with valid nodes that can be removed from a hold * * @return the node id and the node name - * @throws Exception */ @DataProvider (name = "validNodesForRemoveFromHold") public Object[][] getValidNodesForRemoveFromHold() @@ -164,8 +163,8 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest { return new UserModel[][] { - { rmManagerNoRightsOnHold }, - { rmManagerNoRightsOnNode } + { rmManagerNoReadOnHold }, + { rmManagerNoReadOnNode } }; } @@ -226,7 +225,7 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest rmAuditService.clearAuditLog(); STEP("Try to remove the record from a hold by an user with no rights."); - holdsAPI.removeItemsFromHolds(rmManagerNoRightsOnHold.getUsername(), rmManagerNoRightsOnHold.getPassword(), + holdsAPI.removeItemsFromHolds(rmManagerNoReadOnHold.getUsername(), rmManagerNoReadOnHold.getPassword(), SC_INTERNAL_SERVER_ERROR, Collections.singletonList(heldRecord.getId()), Collections.singletonList(hold1NodeRef)); @@ -315,7 +314,7 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest { holdsList.forEach(hold -> holdsAPI.deleteHold(getAdminUser().getUsername(), getAdminUser().getPassword(), hold)); dataSite.usingAdmin().deleteSite(privateSite); - asList(rmAdmin, rmManagerNoRightsOnHold, rmManagerNoRightsOnNode).forEach(user -> getDataUser().usingAdmin().deleteUser(user)); + asList(rmAdmin, rmManagerNoReadOnHold, rmManagerNoReadOnNode).forEach(user -> getDataUser().usingAdmin().deleteUser(user)); getRestAPIFactory().getRecordCategoryAPI().deleteRecordCategory(recordCategory.getId()); } } From 368388ad67490428fa4a6ffdfefb5ce03a108fb4 Mon Sep 17 00:00:00 2001 From: cagache Date: Tue, 12 Nov 2019 11:15:45 +0200 Subject: [PATCH 11/14] Code review comments (check node path for add to hold and remove from hold audit entries) --- .../rest/v0/service/RMAuditService.java | 26 +++++++++++++++++++ .../community/audit/AuditAddToHoldTests.java | 22 +++++++++++----- .../audit/AuditRemoveFromHoldTests.java | 22 +++++++++++----- 3 files changed, 58 insertions(+), 12 deletions(-) diff --git a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/service/RMAuditService.java b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/service/RMAuditService.java index 31a5e5a3a4..3f9c303d0c 100644 --- a/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/service/RMAuditService.java +++ b/rm-automation/rm-automation-community-rest-api/src/main/java/org/alfresco/rest/v0/service/RMAuditService.java @@ -101,4 +101,30 @@ public class RMAuditService !auditEntry.getTimestamp().isEmpty() && Instant.parse(auditEntry.getTimestamp()).compareTo(eventTimestamp) <= 0)); } + + /** + * Checks the rm audit log contains the entry for the given event. + * + * @param user the user who checks the audit log + * @param auditEvent the audited event + * @param auditUser the user who did the audited event + * @param nodeName the audited node name if exists or empty string + * @param nodePath the path of the audited node if exists or empty string + * @param changedValues the values changed by event if exist or empty list + */ + public void checkAuditLogForEvent(UserModel user, AuditEvents auditEvent, UserModel auditUser, + String nodeName, String nodePath, List changedValues) + { + final Instant eventTimestamp = Instant.now(); + List auditEntries = getAuditEntriesFilteredByEvent(user, auditEvent); + assertTrue("The list of events is not filtered by " + auditEvent.event, + auditEntries.stream().allMatch(auditEntry -> auditEntry.getEvent().equals(auditEvent.eventDisplayName))); + assertTrue("The event details are not audited", + auditEntries.stream().anyMatch(auditEntry -> auditEntry.getNodeName().equals(nodeName) && + auditEntry.getUserName().equals(auditUser.getUsername()) && + auditEntry.getPath().equals(nodePath) && + CollectionUtils.isEqualCollection(auditEntry.getChangedValues(), changedValues) && + !auditEntry.getTimestamp().isEmpty() && + Instant.parse(auditEntry.getTimestamp()).compareTo(eventTimestamp) <= 0)); + } } diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java index 550e53c78a..a364524533 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java @@ -32,6 +32,8 @@ import static org.alfresco.rest.rm.community.base.TestData.HOLD_DESCRIPTION; import static org.alfresco.rest.rm.community.base.TestData.HOLD_REASON; import static org.alfresco.rest.rm.community.model.audit.AuditEvents.ADD_TO_HOLD; import static org.alfresco.rest.rm.community.util.CommonTestUtils.generateTestPrefix; +import static org.alfresco.utility.Utility.buildPath; +import static org.alfresco.utility.Utility.removeLastSlash; import static org.alfresco.utility.data.RandomData.getRandomName; import static org.alfresco.utility.report.log.Step.STEP; import static org.apache.commons.httpclient.HttpStatus.SC_INTERNAL_SERVER_ERROR; @@ -121,25 +123,32 @@ public class AuditAddToHoldTests extends BaseRMRestTest /** * Data provider with valid nodes that can be added to a hold * - * @return the node id and the node name + * @return the node id, the node name and the node path * @throws Exception */ @DataProvider (name = "validNodesForAddToHold") public Object[][] getValidNodesForAddToHold() throws Exception { + String documentLibrary = "/documentLibrary"; FileModel contentToBeAdded = dataContent.usingAdmin().usingSite(privateSite) .createContent(CMISUtil.DocumentType.TEXT_PLAIN); RecordCategoryChild recordFolderToBeAdded = createRecordFolder(recordCategory.getId(), PREFIX + "recFolderToBeAdded"); Record recordToBeAdded = createElectronicRecord(recordFolder.getId(), PREFIX + "record"); + String recordFolderPath = removeLastSlash(buildPath(documentLibrary, recordCategory.getName(), + recordFolderToBeAdded.getName())); + String recordPath = removeLastSlash(buildPath(documentLibrary, recordCategory.getName(), + recordFolder.getName(), recordToBeAdded.getName())); + String contentPath = contentToBeAdded.getCmisLocation(); + contentPath = contentPath.substring(contentPath.indexOf(documentLibrary)); return new String[][] { // a record folder - { recordFolderToBeAdded.getId(), recordFolderToBeAdded.getName() }, + { recordFolderToBeAdded.getId(), recordFolderToBeAdded.getName(), recordFolderPath }, // a record - { recordToBeAdded.getId(), recordToBeAdded.getName() }, + { recordToBeAdded.getId(), recordToBeAdded.getName(), recordPath }, //an active content, - { contentToBeAdded.getNodeRefWithoutVersion(), contentToBeAdded.getName() } + { contentToBeAdded.getNodeRefWithoutVersion(), contentToBeAdded.getName(), contentPath } }; } @@ -166,9 +175,10 @@ public class AuditAddToHoldTests extends BaseRMRestTest * name of the document/record/record folder added * user who added the content * date the content was added + * path of the node */ @Test (dataProvider = "validNodesForAddToHold") - public void addToHoldEventIsAudited(String nodeId, String nodeName) + public void addToHoldEventIsAudited(String nodeId, String nodeName, String nodePath) { rmAuditService.clearAuditLog(); @@ -176,7 +186,7 @@ public class AuditAddToHoldTests extends BaseRMRestTest holdsAPI.addItemToHold(rmAdmin.getUsername(), rmAdmin.getPassword(), nodeId, HOLD1); STEP("Check the audit log contains the entry for the add to hold event."); - rmAuditService.checkAuditLogForEvent(getAdminUser(), ADD_TO_HOLD, rmAdmin, nodeName, + rmAuditService.checkAuditLogForEvent(getAdminUser(), ADD_TO_HOLD, rmAdmin, nodeName, nodePath, asList(ImmutableMap.of("new", nodeName, "previous", "", "name", "Name"), ImmutableMap.of("new", HOLD1, "previous", "", "name", "Hold Name"))); } diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java index dea12fe9b0..25e03c2630 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java @@ -32,6 +32,8 @@ import static org.alfresco.rest.rm.community.base.TestData.HOLD_DESCRIPTION; import static org.alfresco.rest.rm.community.base.TestData.HOLD_REASON; import static org.alfresco.rest.rm.community.model.audit.AuditEvents.REMOVE_FROM_HOLD; import static org.alfresco.rest.rm.community.util.CommonTestUtils.generateTestPrefix; +import static org.alfresco.utility.Utility.buildPath; +import static org.alfresco.utility.Utility.removeLastSlash; import static org.alfresco.utility.data.RandomData.getRandomName; import static org.alfresco.utility.report.log.Step.STEP; import static org.apache.commons.httpclient.HttpStatus.SC_INTERNAL_SERVER_ERROR; @@ -137,19 +139,26 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest /** * Data provider with valid nodes that can be removed from a hold * - * @return the node id and the node name + * @return the node id, the node name and the node path */ @DataProvider (name = "validNodesForRemoveFromHold") public Object[][] getValidNodesForRemoveFromHold() { + String documentLibrary = "/documentLibrary"; + String recordFolderPath = removeLastSlash(buildPath(documentLibrary, recordCategory.getName(), + heldRecordFolder.getName())); + String recordPath = removeLastSlash(buildPath(documentLibrary, recordCategory.getName(), + recordFolder.getName(), heldRecord.getName())); + String contentPath = heldContent.getCmisLocation(); + contentPath = contentPath.substring(contentPath.indexOf(documentLibrary)); return new String[][] { // a record folder - { heldRecordFolder.getId(), heldRecordFolder.getName() }, + { heldRecordFolder.getId(), heldRecordFolder.getName(), recordFolderPath }, // a record - { heldRecord.getId(), heldRecord.getName() }, + { heldRecord.getId(), heldRecord.getName(), recordPath }, //an active content, - { heldContent.getNodeRefWithoutVersion(), heldContent.getName() } + { heldContent.getNodeRefWithoutVersion(), heldContent.getName(), contentPath } }; } @@ -176,9 +185,10 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest * name of the document/record/record folder removed * user who removed the content * date the content was removed + * path of the node */ @Test (dataProvider = "validNodesForRemoveFromHold") - public void removeFromHoldEventIsAudited(String nodeId, String nodeName) + public void removeFromHoldEventIsAudited(String nodeId, String nodeName, String nodePath) { rmAuditService.clearAuditLog(); @@ -186,7 +196,7 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest holdsAPI.removeItemFromHold(rmAdmin.getUsername(), rmAdmin.getPassword(), nodeId, HOLD3); STEP("Check the audit log contains the entry for the remove from hold event."); - rmAuditService.checkAuditLogForEvent(getAdminUser(), REMOVE_FROM_HOLD, rmAdmin, nodeName, + rmAuditService.checkAuditLogForEvent(getAdminUser(), REMOVE_FROM_HOLD, rmAdmin, nodeName, nodePath, asList(ImmutableMap.of("new", "", "previous", nodeName, "name", "Name"), ImmutableMap.of("new", "", "previous", HOLD3, "name", "Hold Name"))); } From 47e669e4e82fd5d342b76c02c216f2c2e8a60cf6 Mon Sep 17 00:00:00 2001 From: cagache Date: Wed, 20 Nov 2019 11:24:21 +0200 Subject: [PATCH 12/14] small fixes --- .../rest/rm/community/audit/AuditAddToHoldTests.java | 7 +++---- .../rest/rm/community/audit/AuditRemoveFromHoldTests.java | 8 ++++---- 2 files changed, 7 insertions(+), 8 deletions(-) diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java index a364524533..0d63ac5002 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditAddToHoldTests.java @@ -138,8 +138,7 @@ public class AuditAddToHoldTests extends BaseRMRestTest recordFolderToBeAdded.getName())); String recordPath = removeLastSlash(buildPath(documentLibrary, recordCategory.getName(), recordFolder.getName(), recordToBeAdded.getName())); - String contentPath = contentToBeAdded.getCmisLocation(); - contentPath = contentPath.substring(contentPath.indexOf(documentLibrary)); + String contentPath = "/Company Home" + contentToBeAdded.getCmisLocation(); return new String[][] { @@ -262,10 +261,10 @@ public class AuditAddToHoldTests extends BaseRMRestTest assertEquals("The list of events should contain Add to Hold entries for both holds", 2, auditEntries.size()); assertTrue("The hold name value for the first add to hold is not audited.", auditEntries.stream().anyMatch(entry -> entry.getChangedValues().contains( - Collections.singletonList(ImmutableMap.of("new", HOLD1, "previous", "", "name", "Hold Name"))))); + ImmutableMap.of("new", HOLD1, "previous", "", "name", "Hold Name")))); assertTrue("The hold name value for the second add to hold is not audited.", auditEntries.stream().anyMatch(entry -> entry.getChangedValues().contains( - Collections.singletonList(ImmutableMap.of("new", HOLD2, "previous", "", "name", "Hold Name"))))); + ImmutableMap.of("new", HOLD2, "previous", "", "name", "Hold Name")))); } /** diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java index 25e03c2630..1ae1a331f7 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java @@ -149,8 +149,8 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest heldRecordFolder.getName())); String recordPath = removeLastSlash(buildPath(documentLibrary, recordCategory.getName(), recordFolder.getName(), heldRecord.getName())); - String contentPath = heldContent.getCmisLocation(); - contentPath = contentPath.substring(contentPath.indexOf(documentLibrary)); + String contentPath = "/Company Home" + heldContent.getCmisLocation(); + return new String[][] { // a record folder @@ -295,10 +295,10 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest auditEntries.size()); assertTrue("The hold name value for the first remove from hold is not audited.", auditEntries.stream().anyMatch(entry -> entry.getChangedValues().contains( - Collections.singletonList(ImmutableMap.of("new", "", "previous", HOLD1, "name", "Hold Name"))))); + ImmutableMap.of("new", "", "previous", HOLD1, "name", "Hold Name")))); assertTrue("The hold name value for the second remove from hold is not audited.", auditEntries.stream().anyMatch(entry -> entry.getChangedValues().contains( - Collections.singletonList(ImmutableMap.of("new", "", "previous", HOLD2, "name", "Hold Name"))))); + ImmutableMap.of("new", "", "previous", HOLD2, "name", "Hold Name")))); } /** From f98a0fa037bea3066147f7dbba3420a763bd1367 Mon Sep 17 00:00:00 2001 From: cagache Date: Wed, 20 Nov 2019 12:19:11 +0200 Subject: [PATCH 13/14] removed test as per RM-7061 resolution --- .../audit/AuditRemoveFromHoldTests.java | 23 ------------------- 1 file changed, 23 deletions(-) diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java index 1ae1a331f7..480bcefb91 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java @@ -201,29 +201,6 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest ImmutableMap.of("new", "", "previous", HOLD3, "name", "Hold Name"))); } - /** - * Given a not empty hold is deleted - * When I view the audit log - * Then an entry has been created in the audit log for each item removed from that hold - */ - @Test - public void removeFromHoldAuditedWhenHoldIsDeleted() - { - STEP("Add a file to the hold that will be deleted"); - holdsAPI.addItemToHold(getAdminUser().getUsername(), getAdminUser().getPassword(), - heldContent.getNodeRefWithoutVersion(), DELETED_HOLD); - - rmAuditService.clearAuditLog(); - - STEP("Delete the hold."); - holdsAPI.deleteHold(rmAdmin.getUsername(), rmAdmin.getPassword(), DELETED_HOLD); - - STEP("Check the audit log contains the entry for the remove from hold."); - rmAuditService.checkAuditLogForEvent(getAdminUser(), REMOVE_FROM_HOLD, rmAdmin, heldContent.getName(), - asList(ImmutableMap.of("new", "", "previous", heldContent.getName(), "name", "Name"), - ImmutableMap.of("new", "", "previous", DELETED_HOLD, "name", "Hold Name"))); - } - /** * Given an unsuccessful remove from hold action * When I view the audit log From 0f656d721ea70e6f4fc3547b8fe5b5350fcb10a2 Mon Sep 17 00:00:00 2001 From: cagache Date: Wed, 20 Nov 2019 13:07:45 +0200 Subject: [PATCH 14/14] fix test --- .../rm/community/audit/AuditRemoveFromHoldTests.java | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java index 480bcefb91..7fa655f79b 100644 --- a/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java +++ b/rm-automation/rm-automation-community-rest-api/src/test/java/org/alfresco/rest/rm/community/audit/AuditRemoveFromHoldTests.java @@ -286,10 +286,15 @@ public class AuditRemoveFromHoldTests extends BaseRMRestTest @Test (dataProvider = "invalidUsersForRemoveFromHold") public void removeFromHoldAuditEntryNotVisible(UserModel user) { + STEP("Add content to a hold."); + FileModel heldFile = dataContent.usingAdmin().usingSite(privateSite) + .createContent(CMISUtil.DocumentType.TEXT_PLAIN); + holdsAPI.addItemToHold(rmAdmin.getUsername(), rmAdmin.getPassword(), heldFile.getNodeRefWithoutVersion(), HOLD1); + rmAuditService.clearAuditLog(); - STEP("Remove held content from a hold."); - holdsAPI.removeItemFromHold(rmAdmin.getUsername(), rmAdmin.getPassword(), heldContent.getNodeRefWithoutVersion(), HOLD1); + STEP("Remove held content from the hold."); + holdsAPI.removeItemFromHold(rmAdmin.getUsername(), rmAdmin.getPassword(), heldFile.getNodeRefWithoutVersion(), HOLD1); STEP("Check that an user with no Read permissions can't see the entry for the remove from hold event."); assertTrue("The list of events should not contain Remove from Hold entry ",