mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-07-24 17:32:48 +00:00
Humongous merge. It is incomplete, however; faces-config-navigation.xml and ClientConfigElement
were both beyond me, and are just the raw conflict merge data. If Kev can't figure out how they should go together by tomorrow AM (for me) I'll dig back in. git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/BRANCHES/WCM-DEV2/root@4306 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Britt Park
@@ -118,7 +118,8 @@ public class BaseRuleTest extends BaseSpringTest
|
||||
this.transactionService = (TransactionService)this.applicationContext.getBean("transactionComponent");
|
||||
this.authenticationComponent = (AuthenticationComponent)this.applicationContext.getBean("authenticationComponent");
|
||||
|
||||
authenticationComponent.setSystemUserAsCurrentUser();
|
||||
//authenticationComponent.setSystemUserAsCurrentUser();
|
||||
authenticationComponent.setCurrentUser("admin");
|
||||
|
||||
// Get the rule type
|
||||
this.ruleType = this.ruleService.getRuleType(RULE_TYPE_NAME);
|
||||
|
||||
@@ -149,7 +149,8 @@ public class RuleServiceCoverageTest extends TestCase
|
||||
this.authenticationComponent = (AuthenticationComponent)applicationContext.getBean("authenticationComponent");
|
||||
|
||||
//authenticationComponent.setCurrentUser(authenticationComponent.getSystemUserName());
|
||||
authenticationComponent.setSystemUserAsCurrentUser();
|
||||
//authenticationComponent.setSystemUserAsCurrentUser();
|
||||
authenticationComponent.setCurrentUser("admin");
|
||||
|
||||
this.testStoreRef = this.nodeService.createStore(StoreRef.PROTOCOL_WORKSPACE, "Test_" + System.currentTimeMillis());
|
||||
this.rootNodeRef = this.nodeService.getRootNode(this.testStoreRef);
|
||||
|
||||
@@ -40,6 +40,8 @@ import org.alfresco.service.cmr.rule.Rule;
|
||||
import org.alfresco.service.cmr.rule.RuleService;
|
||||
import org.alfresco.service.cmr.rule.RuleServiceException;
|
||||
import org.alfresco.service.cmr.rule.RuleType;
|
||||
import org.alfresco.service.cmr.security.AccessStatus;
|
||||
import org.alfresco.service.cmr.security.PermissionService;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
import org.alfresco.service.namespace.RegexQNamePattern;
|
||||
import org.alfresco.util.GUID;
|
||||
@@ -92,6 +94,11 @@ public class RuleServiceImpl implements RuleService, RuntimeRuleService
|
||||
*/
|
||||
private DictionaryService dictionaryService;
|
||||
|
||||
/**
|
||||
* The permission service
|
||||
*/
|
||||
private PermissionService permissionService;
|
||||
|
||||
/**
|
||||
* The action service implementation which we need for some things.
|
||||
*/
|
||||
@@ -179,6 +186,16 @@ public class RuleServiceImpl implements RuleService, RuntimeRuleService
|
||||
this.dictionaryService = dictionaryService;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the permission service
|
||||
*
|
||||
* @param permissionService the permission service
|
||||
*/
|
||||
public void setPermissionService(PermissionService permissionService)
|
||||
{
|
||||
this.permissionService = permissionService;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the global rules disabled flag
|
||||
*
|
||||
@@ -572,49 +589,56 @@ public class RuleServiceImpl implements RuleService, RuntimeRuleService
|
||||
*/
|
||||
public void saveRule(NodeRef nodeRef, Rule rule)
|
||||
{
|
||||
disableRules();
|
||||
try
|
||||
{
|
||||
if (this.nodeService.exists(nodeRef) == false)
|
||||
{
|
||||
throw new RuleServiceException("The node does not exist.");
|
||||
}
|
||||
|
||||
NodeRef ruleNodeRef = rule.getNodeRef();
|
||||
if (ruleNodeRef == null)
|
||||
{
|
||||
if (this.nodeService.hasAspect(nodeRef, RuleModel.ASPECT_RULES) == false)
|
||||
{
|
||||
// Add the actionable aspect
|
||||
this.nodeService.addAspect(nodeRef, RuleModel.ASPECT_RULES, null);
|
||||
}
|
||||
|
||||
// Create the action node
|
||||
ruleNodeRef = this.nodeService.createNode(
|
||||
getSavedRuleFolderRef(nodeRef),
|
||||
ContentModel.ASSOC_CONTAINS,
|
||||
QName.createQName(RuleModel.RULE_MODEL_URI, ASSOC_NAME_RULES_PREFIX + GUID.generate()),
|
||||
RuleModel.TYPE_RULE).getChildRef();
|
||||
|
||||
// Set the rule node reference and the owning node reference
|
||||
rule.setNodeRef(ruleNodeRef);
|
||||
}
|
||||
|
||||
// Update the properties of the rule
|
||||
this.nodeService.setProperty(ruleNodeRef, ContentModel.PROP_TITLE, rule.getTitle());
|
||||
this.nodeService.setProperty(ruleNodeRef, ContentModel.PROP_DESCRIPTION, rule.getDescription());
|
||||
this.nodeService.setProperty(ruleNodeRef, RuleModel.PROP_RULE_TYPE, (Serializable)rule.getRuleTypes());
|
||||
this.nodeService.setProperty(ruleNodeRef, RuleModel.PROP_APPLY_TO_CHILDREN, rule.isAppliedToChildren());
|
||||
this.nodeService.setProperty(ruleNodeRef, RuleModel.PROP_EXECUTE_ASYNC, rule.getExecuteAsynchronously());
|
||||
this.nodeService.setProperty(ruleNodeRef, RuleModel.PROP_DISABLED, rule.getRuleDisabled());
|
||||
|
||||
// Save the rule's action
|
||||
saveAction(ruleNodeRef, rule);
|
||||
}
|
||||
finally
|
||||
{
|
||||
enableRules();
|
||||
}
|
||||
if (this.permissionService.hasPermission(nodeRef, PermissionService.CHANGE_PERMISSIONS) == AccessStatus.ALLOWED)
|
||||
{
|
||||
disableRules();
|
||||
try
|
||||
{
|
||||
if (this.nodeService.exists(nodeRef) == false)
|
||||
{
|
||||
throw new RuleServiceException("The node does not exist.");
|
||||
}
|
||||
|
||||
NodeRef ruleNodeRef = rule.getNodeRef();
|
||||
if (ruleNodeRef == null)
|
||||
{
|
||||
if (this.nodeService.hasAspect(nodeRef, RuleModel.ASPECT_RULES) == false)
|
||||
{
|
||||
// Add the actionable aspect
|
||||
this.nodeService.addAspect(nodeRef, RuleModel.ASPECT_RULES, null);
|
||||
}
|
||||
|
||||
// Create the action node
|
||||
ruleNodeRef = this.nodeService.createNode(
|
||||
getSavedRuleFolderRef(nodeRef),
|
||||
ContentModel.ASSOC_CONTAINS,
|
||||
QName.createQName(RuleModel.RULE_MODEL_URI, ASSOC_NAME_RULES_PREFIX + GUID.generate()),
|
||||
RuleModel.TYPE_RULE).getChildRef();
|
||||
|
||||
// Set the rule node reference and the owning node reference
|
||||
rule.setNodeRef(ruleNodeRef);
|
||||
}
|
||||
|
||||
// Update the properties of the rule
|
||||
this.nodeService.setProperty(ruleNodeRef, ContentModel.PROP_TITLE, rule.getTitle());
|
||||
this.nodeService.setProperty(ruleNodeRef, ContentModel.PROP_DESCRIPTION, rule.getDescription());
|
||||
this.nodeService.setProperty(ruleNodeRef, RuleModel.PROP_RULE_TYPE, (Serializable)rule.getRuleTypes());
|
||||
this.nodeService.setProperty(ruleNodeRef, RuleModel.PROP_APPLY_TO_CHILDREN, rule.isAppliedToChildren());
|
||||
this.nodeService.setProperty(ruleNodeRef, RuleModel.PROP_EXECUTE_ASYNC, rule.getExecuteAsynchronously());
|
||||
this.nodeService.setProperty(ruleNodeRef, RuleModel.PROP_DISABLED, rule.getRuleDisabled());
|
||||
|
||||
// Save the rule's action
|
||||
saveAction(ruleNodeRef, rule);
|
||||
}
|
||||
finally
|
||||
{
|
||||
enableRules();
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
throw new RuleServiceException("Insufficient permissions to save a rule.");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -667,22 +691,29 @@ public class RuleServiceImpl implements RuleService, RuntimeRuleService
|
||||
*/
|
||||
public void removeRule(NodeRef nodeRef, Rule rule)
|
||||
{
|
||||
if (this.nodeService.exists(nodeRef) == true &&
|
||||
this.nodeService.hasAspect(nodeRef, RuleModel.ASPECT_RULES) == true)
|
||||
if (this.permissionService.hasPermission(nodeRef, PermissionService.CHANGE_PERMISSIONS) == AccessStatus.ALLOWED)
|
||||
{
|
||||
disableRules(nodeRef);
|
||||
try
|
||||
{
|
||||
NodeRef ruleNodeRef = rule.getNodeRef();
|
||||
if (ruleNodeRef != null)
|
||||
{
|
||||
this.nodeService.removeChild(getSavedRuleFolderRef(nodeRef), ruleNodeRef);
|
||||
}
|
||||
}
|
||||
finally
|
||||
{
|
||||
enableRules(nodeRef);
|
||||
}
|
||||
if (this.nodeService.exists(nodeRef) == true &&
|
||||
this.nodeService.hasAspect(nodeRef, RuleModel.ASPECT_RULES) == true)
|
||||
{
|
||||
disableRules(nodeRef);
|
||||
try
|
||||
{
|
||||
NodeRef ruleNodeRef = rule.getNodeRef();
|
||||
if (ruleNodeRef != null)
|
||||
{
|
||||
this.nodeService.removeChild(getSavedRuleFolderRef(nodeRef), ruleNodeRef);
|
||||
}
|
||||
}
|
||||
finally
|
||||
{
|
||||
enableRules(nodeRef);
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
throw new RuleServiceException("Insufficient permissions to remove a rule.");
|
||||
}
|
||||
}
|
||||
|
||||
@@ -691,20 +722,27 @@ public class RuleServiceImpl implements RuleService, RuntimeRuleService
|
||||
*/
|
||||
public void removeAllRules(NodeRef nodeRef)
|
||||
{
|
||||
if (this.nodeService.exists(nodeRef) == true &&
|
||||
this.nodeService.hasAspect(nodeRef, RuleModel.ASPECT_RULES) == true)
|
||||
if (this.permissionService.hasPermission(nodeRef, PermissionService.CHANGE_PERMISSIONS) == AccessStatus.ALLOWED)
|
||||
{
|
||||
NodeRef folder = getSavedRuleFolderRef(nodeRef);
|
||||
if (folder != null)
|
||||
{
|
||||
List<ChildAssociationRef> ruleChildAssocs = this.nodeService.getChildAssocs(
|
||||
folder,
|
||||
RegexQNamePattern.MATCH_ALL, ASSOC_NAME_RULES_REGEX);
|
||||
for (ChildAssociationRef ruleChildAssoc : ruleChildAssocs)
|
||||
{
|
||||
this.nodeService.removeChild(folder, ruleChildAssoc.getChildRef());
|
||||
}
|
||||
}
|
||||
if (this.nodeService.exists(nodeRef) == true &&
|
||||
this.nodeService.hasAspect(nodeRef, RuleModel.ASPECT_RULES) == true)
|
||||
{
|
||||
NodeRef folder = getSavedRuleFolderRef(nodeRef);
|
||||
if (folder != null)
|
||||
{
|
||||
List<ChildAssociationRef> ruleChildAssocs = this.nodeService.getChildAssocs(
|
||||
folder,
|
||||
RegexQNamePattern.MATCH_ALL, ASSOC_NAME_RULES_REGEX);
|
||||
for (ChildAssociationRef ruleChildAssoc : ruleChildAssocs)
|
||||
{
|
||||
this.nodeService.removeChild(folder, ruleChildAssoc.getChildRef());
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
throw new RuleServiceException("Insufficient permissions to remove a rule.");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -27,6 +27,8 @@ import org.alfresco.repo.action.evaluator.ComparePropertyValueEvaluator;
|
||||
import org.alfresco.repo.action.executer.ImageTransformActionExecuter;
|
||||
import org.alfresco.repo.content.MimetypeMap;
|
||||
import org.alfresco.repo.content.transform.AbstractContentTransformerTest;
|
||||
import org.alfresco.repo.transaction.TransactionUtil;
|
||||
import org.alfresco.repo.transaction.TransactionUtil.TransactionWork;
|
||||
import org.alfresco.service.cmr.action.Action;
|
||||
import org.alfresco.service.cmr.action.ActionCondition;
|
||||
import org.alfresco.service.cmr.repository.ContentWriter;
|
||||
@@ -34,7 +36,10 @@ import org.alfresco.service.cmr.repository.CyclicChildRelationshipException;
|
||||
import org.alfresco.service.cmr.repository.NodeRef;
|
||||
import org.alfresco.service.cmr.rule.Rule;
|
||||
import org.alfresco.service.cmr.rule.RuleType;
|
||||
import org.alfresco.service.cmr.security.AuthenticationService;
|
||||
import org.alfresco.service.cmr.security.PermissionService;
|
||||
import org.alfresco.service.namespace.QName;
|
||||
import org.apache.commons.digester.SetRootRule;
|
||||
|
||||
|
||||
/**
|
||||
@@ -44,7 +49,17 @@ import org.alfresco.service.namespace.QName;
|
||||
*/
|
||||
public class RuleServiceImplTest extends BaseRuleTest
|
||||
{
|
||||
|
||||
AuthenticationService authenticationService;
|
||||
PermissionService permissionService;
|
||||
|
||||
@Override
|
||||
protected void onSetUpInTransaction() throws Exception
|
||||
{
|
||||
super.onSetUpInTransaction();
|
||||
this.permissionService = (PermissionService)this.applicationContext.getBean("permissionService");
|
||||
this.authenticationService = (AuthenticationService)this.applicationContext.getBean("authenticationService");
|
||||
}
|
||||
|
||||
/**
|
||||
* Test get rule type
|
||||
*/
|
||||
@@ -296,6 +311,59 @@ public class RuleServiceImplTest extends BaseRuleTest
|
||||
ContentModel.TYPE_CONTAINER).getChildRef();
|
||||
}
|
||||
|
||||
public void testRuleServicePermissionsConsumer()
|
||||
{
|
||||
this.authenticationService.createAuthentication("conUser", "password".toCharArray());
|
||||
this.permissionService.setPermission(this.nodeRef, "conUser", PermissionService.CONSUMER, true);
|
||||
this.permissionService.setInheritParentPermissions(this.nodeRef, true);
|
||||
|
||||
this.authenticationService.authenticate("conUser", "password".toCharArray());
|
||||
Rule rule = createTestRule();
|
||||
try
|
||||
{
|
||||
this.ruleService.saveRule(this.nodeRef, rule);
|
||||
// Fail
|
||||
fail("Consumers cannot create rules.");
|
||||
}
|
||||
catch (Exception exception)
|
||||
{
|
||||
// Ok
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
public void testRuleServicePermissionsEditor()
|
||||
{
|
||||
this.authenticationService.createAuthentication("editorUser", "password".toCharArray());
|
||||
this.permissionService.setPermission(this.nodeRef, "editorUser", PermissionService.EDITOR, true);
|
||||
this.permissionService.setInheritParentPermissions(this.nodeRef, true);
|
||||
|
||||
this.authenticationService.authenticate("editorUser", "password".toCharArray());
|
||||
Rule rule = createTestRule();
|
||||
try
|
||||
{
|
||||
this.ruleService.saveRule(this.nodeRef, rule);
|
||||
// Fail
|
||||
fail("Editors cannot create rules.");
|
||||
}
|
||||
catch (Exception exception)
|
||||
{
|
||||
// Ok
|
||||
}
|
||||
}
|
||||
|
||||
public void testRuleServicePermissionsCoordinator()
|
||||
{
|
||||
this.authenticationService.createAuthentication("coordUser", "password".toCharArray());
|
||||
this.permissionService.setPermission(this.nodeRef, "coordUser", PermissionService.COORDINATOR, true);
|
||||
this.permissionService.setInheritParentPermissions(this.nodeRef, true);
|
||||
|
||||
this.authenticationService.authenticate("admin", "admin".toCharArray());
|
||||
Rule rule2 = createTestRule();
|
||||
this.ruleService.saveRule(this.nodeRef, rule2);
|
||||
this.authenticationService.clearCurrentSecurityContext();
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests the rule inheritance within the store, checking that the cache is reset correctly when
|
||||
* rules are added and removed.
|
||||
|
||||
Reference in New Issue
Block a user