diff --git a/packaging/tests/tas-restapi/src/test/java/org/alfresco/rest/rules/CreateRulesTests.java b/packaging/tests/tas-restapi/src/test/java/org/alfresco/rest/rules/CreateRulesTests.java index bf9ab1cefe..0d01ddb434 100644 --- a/packaging/tests/tas-restapi/src/test/java/org/alfresco/rest/rules/CreateRulesTests.java +++ b/packaging/tests/tas-restapi/src/test/java/org/alfresco/rest/rules/CreateRulesTests.java @@ -27,9 +27,9 @@ package org.alfresco.rest.rules; import static java.util.stream.Collectors.toList; +import static org.alfresco.rest.rules.RulesTestsUtils.createActionModel; import static org.alfresco.rest.rules.RulesTestsUtils.createRuleModel; -import static org.alfresco.utility.constants.UserRole.SiteCollaborator; -import static org.alfresco.utility.constants.UserRole.SiteConsumer; +import static org.alfresco.utility.constants.UserRole.*; import static org.alfresco.utility.model.FileModel.getRandomFileModel; import static org.alfresco.utility.model.FileType.TEXT_PLAIN; import static org.alfresco.utility.report.log.Step.STEP; @@ -45,6 +45,7 @@ import java.util.stream.IntStream; import org.alfresco.rest.RestTest; import org.alfresco.rest.model.RestRuleModel; import org.alfresco.rest.model.RestRuleModelsCollection; +import org.alfresco.utility.constants.UserRole; import org.alfresco.utility.model.FileModel; import org.alfresco.utility.model.FolderModel; import org.alfresco.utility.model.SiteModel; @@ -162,41 +163,42 @@ public class CreateRulesTests extends RestTest restClient.assertLastError().containsSummary("Insufficient permissions to manage rules"); } - /** Check that a user without write permission for the folder cannot create a rule in it. */ - public void requireWritePermissionToCreateRule() + /** Check that a Collaborator cannot create a rule in a private folder. */ + public void siteCollaboratorCannotCreateRule() { - STEP("Create a user and use them to create a private site containing a folder"); - UserModel privateUser = dataUser.createRandomTestUser(); - SiteModel privateSite = dataSite.usingUser(privateUser).createPrivateRandomSite(); - FolderModel privateFolder = dataContent.usingUser(privateUser).usingSite(privateSite).createFolder(); - - STEP("Create a collaborator and check they cannot create a rule in the private folder"); - UserModel collaborator = dataUser.createRandomTestUser(); - dataUser.addUserToSite(collaborator, privateSite, SiteCollaborator); - RestRuleModel ruleModel = new RestRuleModel(); - ruleModel.setName("ruleName"); - - restClient.authenticateUser(collaborator).withCoreAPI().usingNode(privateFolder).usingDefaultRuleSet().createSingleRule(ruleModel); + testRolePermissionsWith(SiteCollaborator); restClient.assertStatusCodeIs(FORBIDDEN); restClient.assertLastError().containsSummary("Insufficient permissions to manage rules"); } - /** Check that a user consumer permission for the folder cannot create a rule in it. */ - public void failToCreateRuleAsSiteConsumer() + /** Check that a Contributor cannot create a rule in a private folder. */ + public void siteContributorCannotCreateRule() { - STEP("Create a consumer and check they cannot create a rule in the public folder"); - UserModel consumer = dataUser.createRandomTestUser(); - dataUser.addUserToSite(consumer, site, SiteConsumer); - RestRuleModel ruleModel = new RestRuleModel(); - ruleModel.setName("ruleName"); - - restClient.authenticateUser(consumer).withCoreAPI().usingNode(ruleFolder).usingDefaultRuleSet().createSingleRule(ruleModel); + testRolePermissionsWith(SiteContributor); restClient.assertStatusCodeIs(FORBIDDEN); restClient.assertLastError().containsSummary("Insufficient permissions to manage rules"); } + /** Check that a Consumer cannot create a rule in a private folder. */ + public void siteConsumerCannotCreateRule() + { + testRolePermissionsWith(SiteConsumer); + + restClient.assertStatusCodeIs(FORBIDDEN); + restClient.assertLastError().containsSummary("Insufficient permissions to manage rules"); + } + + /** Check that a siteManager can create a rule in a private folder. */ + public void siteManagerCanCreateRule() + { + testRolePermissionsWith(SiteManager) + .assertThat().field("id").isNotNull() + .assertThat().field("name").is("testRule"); + restClient.assertStatusCodeIs(CREATED); + } + /** Check we can't create a rule under a document node. */ @Test (groups = { TestGroup.REST_API, TestGroup.RULES }) public void tryToCreateRuleUnderDocument() @@ -249,4 +251,18 @@ public class CreateRulesTests extends RestTest restClient.assertStatusCodeIs(BAD_REQUEST); restClient.assertLastError().containsSummary("Rule name is a mandatory parameter"); } + + public RestRuleModel testRolePermissionsWith(UserRole userRole) + { + STEP("Create a user and use them to create a private site containing a folder"); + SiteModel privateSite = dataSite.usingUser(user).createPrivateRandomSite(); + FolderModel privateFolder = dataContent.usingUser(user).usingSite(privateSite).createFolder(); + + STEP(String.format("Add a user with '%s' role in the private site's folder", userRole.toString())); + UserModel userWithRole = dataUser.createRandomTestUser(); + dataUser.addUserToSite(userWithRole, privateSite, userRole); + RestRuleModel ruleModel = createRuleModel("testRule", List.of(createActionModel())); + + return restClient.authenticateUser(userWithRole).withCoreAPI().usingNode(privateFolder).usingDefaultRuleSet().createSingleRule(ruleModel); + } }