inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-24 17:32:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged enterprise features

Browse Source 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@2746 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Paul Holmes-Higgin
2006-05-03 18:34:13 +00:00
parent 405c00bd8e
commit c37ff8805c
83 changed files with 15809 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

98
source/java/org/alfresco/repo/security/authority/AuthorityDAO.java Normal file
View File

@@ -0,0 +1,98 @@
/*
* Copyright (C) 2005 Alfresco, Inc.
*
* Licensed under the Alfresco Network License. You may obtain a
* copy of the License at
*
* http://www.alfrescosoftware.com/legal/
*
* Please view the license relevant to your network subscription.
*
* BY CLICKING THE "I UNDERSTAND AND ACCEPT" BOX, OR INSTALLING,
* READING OR USING ALFRESCO'S Network SOFTWARE (THE "SOFTWARE"),
* YOU ARE AGREEING ON BEHALF OF THE ENTITY LICENSING THE SOFTWARE
* ("COMPANY") THAT COMPANY WILL BE BOUND BY AND IS BECOMING A PARTY TO
* THIS ALFRESCO NETWORK AGREEMENT ("AGREEMENT") AND THAT YOU HAVE THE
* AUTHORITY TO BIND COMPANY. IF COMPANY DOES NOT AGREE TO ALL OF THE
* TERMS OF THIS AGREEMENT, DO NOT SELECT THE "I UNDERSTAND AND AGREE"
* BOX AND DO NOT INSTALL THE SOFTWARE OR VIEW THE SOURCE CODE. COMPANY
* HAS NOT BECOME A LICENSEE OF, AND IS NOT AUTHORIZED TO USE THE
* SOFTWARE UNLESS AND UNTIL IT HAS AGREED TO BE BOUND BY THESE LICENSE
* TERMS. THE "EFFECTIVE DATE" FOR THIS AGREEMENT SHALL BE THE DAY YOU
* CHECK THE "I UNDERSTAND AND ACCEPT" BOX.
*/
package org.alfresco.repo.security.authority;
import java.util.Set;
import org.alfresco.service.cmr.security.AuthorityType;
public interface AuthorityDAO
{
/**
* Add an authority to another.
*
* @param parentName
* @param childName
*/
void addAuthority(String parentName, String childName);
/**
* Create an authority.
*
* @param parentName
* @param name
*/
void createAuthority(String parentName, String name);
/**
* Delete an authority.
*
* @param name
*/
void deleteAuthority(String name);
/**
* Get all root authorities.
*
* @param type
* @return
*/
Set<String> getAllRootAuthorities(AuthorityType type);
/**
* Get contained authorities.
*
* @param type
* @param name
* @param immediate
* @return
*/
Set<String> getContainedAuthorities(AuthorityType type, String name, boolean immediate);
/**
* Remove an authority.
*
* @param parentName
* @param childName
*/
void removeAuthority(String parentName, String childName);
/**
* Get the authorities that contain the one given.
*
* @param type
* @param name
* @param immediate
* @return
*/
Set<String> getContainingAuthorities(AuthorityType type, String name, boolean immediate);
/**
* Get all authorities by type
*
* @param type
* @return
*/
Set<String> getAllAuthorities(AuthorityType type);
}

488
source/java/org/alfresco/repo/security/authority/AuthorityDAOImpl.java Normal file
View File

@@ -0,0 +1,488 @@
/*
* Copyright (C) 2005 Alfresco, Inc.
*
* Licensed under the Alfresco Network License. You may obtain a
* copy of the License at
*
* http://www.alfrescosoftware.com/legal/
*
* Please view the license relevant to your network subscription.
*
* BY CLICKING THE "I UNDERSTAND AND ACCEPT" BOX, OR INSTALLING,
* READING OR USING ALFRESCO'S Network SOFTWARE (THE "SOFTWARE"),
* YOU ARE AGREEING ON BEHALF OF THE ENTITY LICENSING THE SOFTWARE
* ("COMPANY") THAT COMPANY WILL BE BOUND BY AND IS BECOMING A PARTY TO
* THIS ALFRESCO NETWORK AGREEMENT ("AGREEMENT") AND THAT YOU HAVE THE
* AUTHORITY TO BIND COMPANY. IF COMPANY DOES NOT AGREE TO ALL OF THE
* TERMS OF THIS AGREEMENT, DO NOT SELECT THE "I UNDERSTAND AND AGREE"
* BOX AND DO NOT INSTALL THE SOFTWARE OR VIEW THE SOURCE CODE. COMPANY
* HAS NOT BECOME A LICENSEE OF, AND IS NOT AUTHORIZED TO USE THE
* SOFTWARE UNLESS AND UNTIL IT HAS AGREED TO BE BOUND BY THESE LICENSE
* TERMS. THE "EFFECTIVE DATE" FOR THIS AGREEMENT SHALL BE THE DAY YOU
* CHECK THE "I UNDERSTAND AND ACCEPT" BOX.
*/
package org.alfresco.repo.security.authority;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.model.ContentModel;
import org.alfresco.repo.cache.SimpleCache;
import org.alfresco.repo.search.impl.lucene.QueryParser;
import org.alfresco.service.cmr.dictionary.DictionaryService;
import org.alfresco.service.cmr.repository.ChildAssociationRef;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.repository.StoreRef;
import org.alfresco.service.cmr.repository.datatype.DefaultTypeConverter;
import org.alfresco.service.cmr.search.ResultSet;
import org.alfresco.service.cmr.search.ResultSetRow;
import org.alfresco.service.cmr.search.SearchParameters;
import org.alfresco.service.cmr.search.SearchService;
import org.alfresco.service.cmr.security.AuthorityType;
import org.alfresco.service.namespace.NamespacePrefixResolver;
import org.alfresco.service.namespace.QName;
import org.alfresco.service.namespace.RegexQNamePattern;
import org.alfresco.util.ISO9075;
public class AuthorityDAOImpl implements AuthorityDAO
{
private static final StoreRef STOREREF_USERS = new StoreRef("user", "alfrescoUserStore");
private NodeService nodeService;
private NamespacePrefixResolver namespacePrefixResolver;
private QName qnameAssocSystem;
private QName qnameAssocAuthorities;
private SearchService searchService;
private DictionaryService dictionaryService;
private SimpleCache<String, ArrayList<NodeRef>> userToAuthorityCache;
public AuthorityDAOImpl()
{
super();
}
public void setDictionaryService(DictionaryService dictionaryService)
{
this.dictionaryService = dictionaryService;
}
public void setNamespacePrefixResolver(NamespacePrefixResolver namespacePrefixResolver)
{
this.namespacePrefixResolver = namespacePrefixResolver;
qnameAssocSystem = QName.createQName("sys", "system", namespacePrefixResolver);
qnameAssocAuthorities = QName.createQName("sys", "authorities", namespacePrefixResolver);
}
public void setNodeService(NodeService nodeService)
{
this.nodeService = nodeService;
}
public void setSearchService(SearchService searchService)
{
this.searchService = searchService;
}
public void setUserToAuthorityCache(SimpleCache<String, ArrayList<NodeRef>> userToAuthorityCache)
{
this.userToAuthorityCache = userToAuthorityCache;
}
public void addAuthority(String parentName, String childName)
{
NodeRef parentRef = getAuthorityOrNull(parentName);
if (parentRef == null)
{
throw new UnknownAuthorityException("An authority was not found for " + parentName);
}
if (AuthorityType.getAuthorityType(childName).equals(AuthorityType.USER))
{
Collection<String> memberCollection = DefaultTypeConverter.INSTANCE.getCollection(String.class, nodeService
.getProperty(parentRef, ContentModel.PROP_MEMBERS));
HashSet<String> members = new HashSet<String>();
members.addAll(memberCollection);
members.add(childName);
nodeService.setProperty(parentRef, ContentModel.PROP_MEMBERS, members);
userToAuthorityCache.remove(childName);
}
else
{
NodeRef childRef = getAuthorityOrNull(childName);
if (childRef == null)
{
throw new UnknownAuthorityException("An authority was not found for " + childName);
}
nodeService.addChild(
parentRef,
childRef,
ContentModel.ASSOC_MEMBER,
QName.createQName("usr", childName, namespacePrefixResolver));
}
}
public void createAuthority(String parentName, String name)
{
HashMap<QName, Serializable> props = new HashMap<QName, Serializable>();
props.put(ContentModel.PROP_AUTHORITY_NAME, name);
if (parentName != null)
{
NodeRef parentRef = getAuthorityOrNull(parentName);
if (parentRef == null)
{
throw new UnknownAuthorityException("An authority was not found for " + parentName);
}
nodeService.createNode(
parentRef,
ContentModel.ASSOC_MEMBER,
QName.createQName("usr", name, namespacePrefixResolver),
ContentModel.TYPE_AUTHORITY_CONTAINER,
props);
}
else
{
NodeRef authorityContainerRef = getAuthorityContainer();
nodeService.createNode(
authorityContainerRef,
ContentModel.ASSOC_MEMBER,
QName.createQName("usr", name, namespacePrefixResolver),
ContentModel.TYPE_AUTHORITY_CONTAINER,
props);
}
}
public void deleteAuthority(String name)
{
NodeRef nodeRef = getAuthorityOrNull(name);
if (nodeRef == null)
{
throw new UnknownAuthorityException("An authority was not found for " + name);
}
nodeService.deleteNode(nodeRef);
}
public Set<String> getAllRootAuthorities(AuthorityType type)
{
HashSet<String> authorities = new HashSet<String>();
NodeRef container = getAuthorityContainer();
if (container != null)
{
findAuthorities(type, container, authorities, false, false, false);
}
return authorities;
}
public Set<String> getAllAuthorities(AuthorityType type)
{
HashSet<String> authorities = new HashSet<String>();
NodeRef container = getAuthorityContainer();
if (container != null)
{
findAuthorities(type, container, authorities, false, true, false);
}
return authorities;
}
public Set<String> getContainedAuthorities(AuthorityType type, String name, boolean immediate)
{
if (AuthorityType.getAuthorityType(name).equals(AuthorityType.USER))
{
return Collections.<String> emptySet();
}
else
{
NodeRef nodeRef = getAuthorityOrNull(name);
if (nodeRef == null)
{
throw new UnknownAuthorityException("An authority was not found for " + name);
}
HashSet<String> authorities = new HashSet<String>();
findAuthorities(type, nodeRef, authorities, false, !immediate, false);
return authorities;
}
}
public void removeAuthority(String parentName, String childName)
{
NodeRef parentRef = getAuthorityOrNull(parentName);
if (parentRef == null)
{
throw new UnknownAuthorityException("An authority was not found for " + parentName);
}
if (AuthorityType.getAuthorityType(childName).equals(AuthorityType.USER))
{
Collection<String> memberCollection = DefaultTypeConverter.INSTANCE.getCollection(String.class, nodeService
.getProperty(parentRef, ContentModel.PROP_MEMBERS));
HashSet<String> members = new HashSet<String>();
members.addAll(memberCollection);
members.remove(childName);
nodeService.setProperty(parentRef, ContentModel.PROP_MEMBERS, members);
userToAuthorityCache.remove(childName);
}
else
{
NodeRef childRef = getAuthorityOrNull(childName);
if (childRef == null)
{
throw new UnknownAuthorityException("An authority was not found for " + childName);
}
nodeService.removeChild(parentRef, childRef);
}
}
public Set<String> getContainingAuthorities(AuthorityType type, String name, boolean immediate)
{
HashSet<String> authorities = new HashSet<String>();
findAuthorities(type, name, authorities, true, !immediate);
return authorities;
}
private void findAuthorities(AuthorityType type, String name, Set<String> authorities, boolean parents,
boolean recursive)
{
if (AuthorityType.getAuthorityType(name).equals(AuthorityType.GUEST))
{
// Nothing to do
}
else if (AuthorityType.getAuthorityType(name).equals(AuthorityType.USER))
{
for (NodeRef ref : getUserContainers(name))
{
findAuthorities(type, ref, authorities, parents, recursive, true);
}
}
else
{
NodeRef ref = getAuthorityOrNull(name);
if (ref == null)
{
throw new UnknownAuthorityException("An authority was not found for " + name);
}
findAuthorities(type, ref, authorities, parents, recursive, false);
}
}
private ArrayList<NodeRef> getUserContainers(String name)
{
ArrayList<NodeRef> containers = userToAuthorityCache.get(name);
if (containers == null)
{
containers = findUserContainers(name);
userToAuthorityCache.put(name, containers);
}
return containers;
}
private ArrayList<NodeRef> findUserContainers(String name)
{
SearchParameters sp = new SearchParameters();
sp.addStore(STOREREF_USERS);
sp.setLanguage("lucene");
sp.setQuery("+TYPE:\""
+ ContentModel.TYPE_AUTHORITY_CONTAINER
+ "\""
+ " +@"
+ QueryParser.escape("{"
+ ContentModel.PROP_MEMBERS.getNamespaceURI() + "}"
+ ISO9075.encode(ContentModel.PROP_MEMBERS.getLocalName())) + ":\"" + name + "\"");
ResultSet rs = null;
try
{
rs = searchService.query(sp);
ArrayList<NodeRef> answer = new ArrayList<NodeRef>(rs.length());
for (ResultSetRow row : rs)
{
answer.add(row.getNodeRef());
}
return answer;
}
finally
{
if (rs != null)
{
rs.close();
}
}
}
private void findAuthorities(AuthorityType type, NodeRef nodeRef, Set<String> authorities, boolean parents,
boolean recursive, boolean includeNode)
{
List<ChildAssociationRef> cars = parents ? nodeService.getParentAssocs(nodeRef) : nodeService
.getChildAssocs(nodeRef);
if (includeNode)
{
String authorityName = DefaultTypeConverter.INSTANCE.convert(String.class, nodeService.getProperty(nodeRef,
ContentModel.PROP_AUTHORITY_NAME));
if (type == null)
{
authorities.add(authorityName);
}
else
{
AuthorityType authorityType = AuthorityType.getAuthorityType(authorityName);
if (authorityType.equals(type))
{
authorities.add(authorityName);
}
}
}
// Loop over children
for (ChildAssociationRef car : cars)
{
NodeRef current = parents ? car.getParentRef() : car.getChildRef();
QName currentType = nodeService.getType(current);
if (dictionaryService.isSubClass(currentType, ContentModel.TYPE_AUTHORITY))
{
String authorityName = DefaultTypeConverter.INSTANCE.convert(String.class, nodeService.getProperty(
current, ContentModel.PROP_AUTHORITY_NAME));
if (type == null)
{
authorities.add(authorityName);
if (recursive)
{
findAuthorities(type, current, authorities, parents, recursive, false);
}
}
else
{
AuthorityType authorityType = AuthorityType.getAuthorityType(authorityName);
if (authorityType.equals(type))
{
authorities.add(authorityName);
}
if (recursive)
{
findAuthorities(type, current, authorities, parents, recursive, false);
}
}
}
}
// loop over properties
if (!parents)
{
Collection<String> members = DefaultTypeConverter.INSTANCE.getCollection(String.class, nodeService
.getProperty(nodeRef, ContentModel.PROP_MEMBERS));
if (members != null)
{
for (String user : members)
{
if (user != null)
{
if (type == null)
{
authorities.add(user);
}
else
{
AuthorityType authorityType = AuthorityType.getAuthorityType(user);
if (authorityType.equals(type))
{
authorities.add(user);
}
}
}
}
}
}
}
private NodeRef getAuthorityOrNull(String name)
{
SearchParameters sp = new SearchParameters();
sp.addStore(STOREREF_USERS);
sp.setLanguage("lucene");
sp.setQuery("+TYPE:\""
+ ContentModel.TYPE_AUTHORITY_CONTAINER
+ "\""
+ " +@"
+ QueryParser.escape("{"
+ ContentModel.PROP_AUTHORITY_NAME.getNamespaceURI() + "}"
+ ISO9075.encode(ContentModel.PROP_AUTHORITY_NAME.getLocalName())) + ":\"" + name + "\"");
ResultSet rs = null;
try
{
rs = searchService.query(sp);
if (rs.length() == 0)
{
return null;
}
else
{
for (ResultSetRow row : rs)
{
String test = DefaultTypeConverter.INSTANCE.convert(
String.class,
nodeService.getProperty(row.getNodeRef(), ContentModel.PROP_AUTHORITY_NAME));
if (test.equals(name))
{
return row.getNodeRef();
}
}
}
return null;
}
finally
{
if (rs != null)
{
rs.close();
}
}
}
/**
* @return Returns the authority container, <b>which must exist</b>
*/
private NodeRef getAuthorityContainer()
{
NodeRef rootNodeRef = nodeService.getRootNode(STOREREF_USERS);
List<ChildAssociationRef> results = nodeService.getChildAssocs(
rootNodeRef,
RegexQNamePattern.MATCH_ALL,
qnameAssocSystem);
NodeRef sysNodeRef = null;
if (results.size() == 0)
{
throw new AlfrescoRuntimeException("Required authority system path not found: " + qnameAssocSystem);
}
else
{
sysNodeRef = results.get(0).getChildRef();
}
results = nodeService.getChildAssocs(
sysNodeRef,
RegexQNamePattern.MATCH_ALL,
qnameAssocAuthorities);
NodeRef authNodeRef = null;
if (results.size() == 0)
{
throw new AlfrescoRuntimeException("Required authority path not found: " + qnameAssocAuthorities);
}
else
{
authNodeRef = results.get(0).getChildRef();
}
return authNodeRef;
}
}

56
source/java/org/alfresco/repo/security/authority/AuthorityException.java Normal file
View File

@@ -0,0 +1,56 @@
/*
* Copyright (C) 2005 Alfresco, Inc.
*
* Licensed under the Alfresco Network License. You may obtain a
* copy of the License at
*
* http://www.alfrescosoftware.com/legal/
*
* Please view the license relevant to your network subscription.
*
* BY CLICKING THE "I UNDERSTAND AND ACCEPT" BOX, OR INSTALLING,
* READING OR USING ALFRESCO'S Network SOFTWARE (THE "SOFTWARE"),
* YOU ARE AGREEING ON BEHALF OF THE ENTITY LICENSING THE SOFTWARE
* ("COMPANY") THAT COMPANY WILL BE BOUND BY AND IS BECOMING A PARTY TO
* THIS ALFRESCO NETWORK AGREEMENT ("AGREEMENT") AND THAT YOU HAVE THE
* AUTHORITY TO BIND COMPANY. IF COMPANY DOES NOT AGREE TO ALL OF THE
* TERMS OF THIS AGREEMENT, DO NOT SELECT THE "I UNDERSTAND AND AGREE"
* BOX AND DO NOT INSTALL THE SOFTWARE OR VIEW THE SOURCE CODE. COMPANY
* HAS NOT BECOME A LICENSEE OF, AND IS NOT AUTHORIZED TO USE THE
* SOFTWARE UNLESS AND UNTIL IT HAS AGREED TO BE BOUND BY THESE LICENSE
* TERMS. THE "EFFECTIVE DATE" FOR THIS AGREEMENT SHALL BE THE DAY YOU
* CHECK THE "I UNDERSTAND AND ACCEPT" BOX.
*/
package org.alfresco.repo.security.authority;
import org.alfresco.error.AlfrescoRuntimeException;
public class AuthorityException extends AlfrescoRuntimeException
{
/**
* Comment for <code>serialVersionUID</code>
*/
private static final long serialVersionUID = -5367993045129604445L;
public AuthorityException(String msgId)
{
super(msgId);
}
public AuthorityException(String msgId, Object[] msgParams)
{
super(msgId, msgParams);
}
public AuthorityException(String msgId, Throwable cause)
{
super(msgId, cause);
}
public AuthorityException(String msgId, Object[] msgParams, Throwable cause)
{
super(msgId, msgParams, cause);
}
}

251
source/java/org/alfresco/repo/security/authority/AuthorityServiceImpl.java Normal file
View File

@@ -0,0 +1,251 @@
/*
* Copyright (C) 2005 Alfresco, Inc.
*
* Licensed under the Alfresco Network License. You may obtain a
* copy of the License at
*
* http://www.alfrescosoftware.com/legal/
*
* Please view the license relevant to your network subscription.
*
* BY CLICKING THE "I UNDERSTAND AND ACCEPT" BOX, OR INSTALLING,
* READING OR USING ALFRESCO'S Network SOFTWARE (THE "SOFTWARE"),
* YOU ARE AGREEING ON BEHALF OF THE ENTITY LICENSING THE SOFTWARE
* ("COMPANY") THAT COMPANY WILL BE BOUND BY AND IS BECOMING A PARTY TO
* THIS ALFRESCO NETWORK AGREEMENT ("AGREEMENT") AND THAT YOU HAVE THE
* AUTHORITY TO BIND COMPANY. IF COMPANY DOES NOT AGREE TO ALL OF THE
* TERMS OF THIS AGREEMENT, DO NOT SELECT THE "I UNDERSTAND AND AGREE"
* BOX AND DO NOT INSTALL THE SOFTWARE OR VIEW THE SOURCE CODE. COMPANY
* HAS NOT BECOME A LICENSEE OF, AND IS NOT AUTHORIZED TO USE THE
* SOFTWARE UNLESS AND UNTIL IT HAS AGREED TO BE BOUND BY THESE LICENSE
* TERMS. THE "EFFECTIVE DATE" FOR THIS AGREEMENT SHALL BE THE DAY YOU
* CHECK THE "I UNDERSTAND AND ACCEPT" BOX.
*/
package org.alfresco.repo.security.authority;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
import org.alfresco.model.ContentModel;
import org.alfresco.repo.security.authentication.AuthenticationComponent;
import org.alfresco.repo.security.permissions.PermissionServiceSPI;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.service.cmr.repository.datatype.DefaultTypeConverter;
import org.alfresco.service.cmr.security.AuthorityService;
import org.alfresco.service.cmr.security.AuthorityType;
import org.alfresco.service.cmr.security.PermissionService;
import org.alfresco.service.cmr.security.PersonService;
/**
* The default implementation of the authority service.
*
* @author Andy Hind
*/
public class AuthorityServiceImpl implements AuthorityService
{
private PersonService personService;
private NodeService nodeService;
private AuthorityDAO authorityDAO;
private PermissionServiceSPI permissionServiceSPI;
private Set<String> adminSet = Collections.singleton(PermissionService.ADMINISTRATOR_AUTHORITY);
private Set<String> guestSet = Collections.singleton(PermissionService.GUEST_AUTHORITY);
private Set<String> allSet = Collections.singleton(PermissionService.ALL_AUTHORITIES);
private Set<String> adminUsers;
private AuthenticationComponent authenticationComponent;
public AuthorityServiceImpl()
{
super();
}
public void setNodeService(NodeService nodeService)
{
this.nodeService = nodeService;
}
public void setPersonService(PersonService personService)
{
this.personService = personService;
}
public void setAuthorityDAO(AuthorityDAO authorityDAO)
{
this.authorityDAO = authorityDAO;
}
public void setPermissionServiceSPI(PermissionServiceSPI permissionServiceSPI)
{
this.permissionServiceSPI = permissionServiceSPI;
}
/**
* Currently the admin authority is granted only to the ALFRESCO_ADMIN_USER
* user.
*/
public boolean hasAdminAuthority()
{
String currentUserName = authenticationComponent.getCurrentUserName();
return ((currentUserName != null) && adminUsers.contains(currentUserName));
}
// IOC
public void setAuthenticationComponent(AuthenticationComponent authenticationComponent)
{
this.authenticationComponent = authenticationComponent;
}
public void setAdminUsers(Set<String> adminUsers)
{
this.adminUsers = adminUsers;
}
public Set<String> getAuthorities()
{
Set<String> authorities = new HashSet<String>();
String currentUserName = authenticationComponent.getCurrentUserName();
if (adminUsers.contains(currentUserName))
{
authorities.addAll(adminSet);
}
if(AuthorityType.getAuthorityType(currentUserName) != AuthorityType.GUEST)
{
authorities.addAll(allSet);
}
authorities.addAll(getContainingAuthorities(null, currentUserName, false));
return authorities;
}
public Set<String> getAllAuthorities(AuthorityType type)
{
Set<String> authorities = new HashSet<String>();
switch (type)
{
case ADMIN:
authorities.addAll(adminSet);
break;
case EVERYONE:
authorities.addAll(allSet);
break;
case GUEST:
authorities.addAll(guestSet);
break;
case GROUP:
authorities.addAll(authorityDAO.getAllAuthorities(type));
break;
case OWNER:
break;
case ROLE:
authorities.addAll(authorityDAO.getAllAuthorities(type));
break;
case USER:
for (NodeRef personRef : personService.getAllPeople())
{
authorities.add(DefaultTypeConverter.INSTANCE.convert(String.class, nodeService.getProperty(personRef,
ContentModel.PROP_USERNAME)));
}
break;
default:
break;
}
return authorities;
}
public void addAuthority(String parentName, String childName)
{
authorityDAO.addAuthority(parentName, childName);
}
private void checkTypeIsMutable(AuthorityType type)
{
if((type == AuthorityType.GROUP) || (type == AuthorityType.ROLE))
{
return;
}
else
{
throw new AuthorityException("Trying to modify a fixed authority");
}
}
public String createAuthority(AuthorityType type, String parentName, String shortName)
{
checkTypeIsMutable(type);
String name = getName(type, shortName);
authorityDAO.createAuthority(parentName, name);
return name;
}
public void deleteAuthority(String name)
{
AuthorityType type = AuthorityType.getAuthorityType(name);
checkTypeIsMutable(type);
authorityDAO.deleteAuthority(name);
permissionServiceSPI.deletePermissions(name);
}
public Set<String> getAllRootAuthorities(AuthorityType type)
{
return authorityDAO.getAllRootAuthorities(type);
}
public Set<String> getContainedAuthorities(AuthorityType type, String name, boolean immediate)
{
return authorityDAO.getContainedAuthorities(type, name, immediate);
}
public Set<String> getContainingAuthorities(AuthorityType type, String name, boolean immediate)
{
return authorityDAO.getContainingAuthorities(type, name, immediate);
}
public String getName(AuthorityType type, String shortName)
{
if (type.isFixedString())
{
return type.getFixedString();
}
else if (type.isPrefixed())
{
return type.getPrefixString() + shortName;
}
else
{
return shortName;
}
}
public String getShortName(String name)
{
AuthorityType type = AuthorityType.getAuthorityType(name);
if (type.isFixedString())
{
return "";
}
else if (type.isPrefixed())
{
return name.substring(type.getPrefixString().length());
}
else
{
return name;
}
}
public void removeAuthority(String parentName, String childName)
{
authorityDAO.removeAuthority(parentName, childName);
}
}

517
source/java/org/alfresco/repo/security/authority/AuthorityServiceTest.java Normal file
View File

@@ -0,0 +1,517 @@
/*
* Copyright (C) 2005 Alfresco, Inc.
*
* Licensed under the Alfresco Network License. You may obtain a
* copy of the License at
*
* http://www.alfrescosoftware.com/legal/
*
* Please view the license relevant to your network subscription.
*
* BY CLICKING THE "I UNDERSTAND AND ACCEPT" BOX, OR INSTALLING,
* READING OR USING ALFRESCO'S Network SOFTWARE (THE "SOFTWARE"),
* YOU ARE AGREEING ON BEHALF OF THE ENTITY LICENSING THE SOFTWARE
* ("COMPANY") THAT COMPANY WILL BE BOUND BY AND IS BECOMING A PARTY TO
* THIS ALFRESCO NETWORK AGREEMENT ("AGREEMENT") AND THAT YOU HAVE THE
* AUTHORITY TO BIND COMPANY. IF COMPANY DOES NOT AGREE TO ALL OF THE
* TERMS OF THIS AGREEMENT, DO NOT SELECT THE "I UNDERSTAND AND AGREE"
* BOX AND DO NOT INSTALL THE SOFTWARE OR VIEW THE SOURCE CODE. COMPANY
* HAS NOT BECOME A LICENSEE OF, AND IS NOT AUTHORIZED TO USE THE
* SOFTWARE UNLESS AND UNTIL IT HAS AGREED TO BE BOUND BY THESE LICENSE
* TERMS. THE "EFFECTIVE DATE" FOR THIS AGREEMENT SHALL BE THE DAY YOU
* CHECK THE "I UNDERSTAND AND ACCEPT" BOX.
*/
package org.alfresco.repo.security.authority;
import javax.transaction.UserTransaction;
import junit.framework.TestCase;
import org.alfresco.repo.security.authentication.AuthenticationComponent;
import org.alfresco.repo.security.authentication.MutableAuthenticationDao;
import org.alfresco.service.ServiceRegistry;
import org.alfresco.service.cmr.security.AuthenticationService;
import org.alfresco.service.cmr.security.AuthorityService;
import org.alfresco.service.cmr.security.AuthorityType;
import org.alfresco.service.cmr.security.PermissionService;
import org.alfresco.service.cmr.security.PersonService;
import org.alfresco.service.transaction.TransactionService;
import org.alfresco.util.ApplicationContextHelper;
import org.springframework.context.ApplicationContext;
public class AuthorityServiceTest extends TestCase
{
private static ApplicationContext ctx = ApplicationContextHelper.getApplicationContext();
private AuthenticationComponent authenticationComponent;
private AuthenticationComponent authenticationComponentImpl;
private AuthenticationService authenticationService;
private MutableAuthenticationDao authenticationDAO;
private AuthorityService authorityService;
private AuthorityService pubAuthorityService;
private PersonService personService;
private UserTransaction tx;
public AuthorityServiceTest()
{
super();
}
public void setUp() throws Exception
{
authenticationComponent = (AuthenticationComponent) ctx.getBean("authenticationComponent");
authenticationComponentImpl = (AuthenticationComponent) ctx.getBean("authenticationComponentImpl");
authenticationService = (AuthenticationService) ctx.getBean("authenticationService");
authorityService = (AuthorityService) ctx.getBean("authorityService");
pubAuthorityService = (AuthorityService) ctx.getBean("AuthorityService");
personService = (PersonService) ctx.getBean("personService");
authenticationDAO = (MutableAuthenticationDao) ctx.getBean("authenticationDao");
authenticationComponentImpl.setSystemUserAsCurrentUser();
TransactionService transactionService = (TransactionService) ctx.getBean(ServiceRegistry.TRANSACTION_SERVICE
.getLocalName());
tx = transactionService.getUserTransaction();
tx.begin();
if (!authenticationDAO.userExists("andy"))
{
authenticationService.createAuthentication("andy", "andy".toCharArray());
}
if (!authenticationDAO.userExists("admin"))
{
authenticationService.createAuthentication("admin", "admin".toCharArray());
}
if (!authenticationDAO.userExists("administrator"))
{
authenticationService.createAuthentication("administrator", "administrator".toCharArray());
}
}
@Override
protected void tearDown() throws Exception
{
authenticationComponentImpl.clearCurrentSecurityContext();
tx.rollback();
super.tearDown();
}
public void testNonAdminUser()
{
authenticationComponent.setCurrentUser("andy");
assertFalse(authorityService.hasAdminAuthority());
assertFalse(pubAuthorityService.hasAdminAuthority());
assertEquals(1, authorityService.getAuthorities().size());
}
public void testAdminUser()
{
authenticationComponent.setCurrentUser("admin");
assertTrue(authorityService.hasAdminAuthority());
assertTrue(pubAuthorityService.hasAdminAuthority());
assertEquals(2, authorityService.getAuthorities().size());
authenticationComponent.setCurrentUser("administrator");
assertTrue(authorityService.hasAdminAuthority());
assertTrue(pubAuthorityService.hasAdminAuthority());
assertEquals(2, authorityService.getAuthorities().size());
}
public void testAuthorities()
{
assertEquals(1, pubAuthorityService.getAllAuthorities(AuthorityType.ADMIN).size());
assertTrue(pubAuthorityService.getAllAuthorities(AuthorityType.ADMIN).contains(
PermissionService.ADMINISTRATOR_AUTHORITY));
assertEquals(1, pubAuthorityService.getAllAuthorities(AuthorityType.EVERYONE).size());
assertTrue(pubAuthorityService.getAllAuthorities(AuthorityType.EVERYONE).contains(
PermissionService.ALL_AUTHORITIES));
assertEquals(0, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertFalse(pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).contains(
PermissionService.ALL_AUTHORITIES));
assertEquals(1, pubAuthorityService.getAllAuthorities(AuthorityType.GUEST).size());
assertTrue(pubAuthorityService.getAllAuthorities(AuthorityType.GUEST).contains(PermissionService.GUEST_AUTHORITY));
assertEquals(0, pubAuthorityService.getAllAuthorities(AuthorityType.OWNER).size());
assertEquals(0, pubAuthorityService.getAllAuthorities(AuthorityType.ROLE).size());
assertEquals(personService.getAllPeople().size(), pubAuthorityService.getAllAuthorities(AuthorityType.USER)
.size());
}
public void testCreateAdminAuth()
{
try
{
pubAuthorityService.createAuthority(AuthorityType.ADMIN, null, "woof");
fail("Should not be able to create an admin authority");
}
catch (AuthorityException ae)
{
}
}
public void testCreateEveryoneAuth()
{
try
{
pubAuthorityService.createAuthority(AuthorityType.EVERYONE, null, "woof");
fail("Should not be able to create an everyone authority");
}
catch (AuthorityException ae)
{
}
}
public void testCreateGuestAuth()
{
try
{
pubAuthorityService.createAuthority(AuthorityType.GUEST, null, "woof");
fail("Should not be able to create an guest authority");
}
catch (AuthorityException ae)
{
}
}
public void testCreateOwnerAuth()
{
try
{
pubAuthorityService.createAuthority(AuthorityType.OWNER, null, "woof");
fail("Should not be able to create an owner authority");
}
catch (AuthorityException ae)
{
}
}
public void testCreateUserAuth()
{
try
{
pubAuthorityService.createAuthority(AuthorityType.USER, null, "woof");
fail("Should not be able to create an user authority");
}
catch (AuthorityException ae)
{
}
}
public void testCreateRootAuth()
{
String auth;
assertEquals(0, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(0, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
auth = pubAuthorityService.createAuthority(AuthorityType.GROUP, null, "woof");
assertEquals(1, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(1, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
pubAuthorityService.deleteAuthority(auth);
assertEquals(0, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(0, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
assertEquals(0, pubAuthorityService.getAllAuthorities(AuthorityType.ROLE).size());
assertEquals(0, pubAuthorityService.getAllRootAuthorities(AuthorityType.ROLE).size());
auth = pubAuthorityService.createAuthority(AuthorityType.ROLE, null, "woof");
assertEquals(1, pubAuthorityService.getAllAuthorities(AuthorityType.ROLE).size());
assertEquals(1, pubAuthorityService.getAllRootAuthorities(AuthorityType.ROLE).size());
pubAuthorityService.deleteAuthority(auth);
assertEquals(0, pubAuthorityService.getAllAuthorities(AuthorityType.ROLE).size());
assertEquals(0, pubAuthorityService.getAllRootAuthorities(AuthorityType.ROLE).size());
}
public void testCreateAuth()
{
String auth1;
String auth2;
String auth3;
String auth4;
String auth5;
assertEquals(0, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(0, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
auth1 = pubAuthorityService.createAuthority(AuthorityType.GROUP, null, "one");
assertEquals(1, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(1, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
auth2 = pubAuthorityService.createAuthority(AuthorityType.GROUP, null, "two");
assertEquals(2, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
auth3 = pubAuthorityService.createAuthority(AuthorityType.GROUP, auth1, "three");
assertEquals(3, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
auth4 = pubAuthorityService.createAuthority(AuthorityType.GROUP, auth1, "four");
assertEquals(4, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
auth5 = pubAuthorityService.createAuthority(AuthorityType.GROUP, auth2, "five");
assertEquals(5, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
pubAuthorityService.deleteAuthority(auth5);
assertEquals(4, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
pubAuthorityService.deleteAuthority(auth4);
assertEquals(3, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
pubAuthorityService.deleteAuthority(auth3);
assertEquals(2, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
pubAuthorityService.deleteAuthority(auth2);
assertEquals(1, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(1, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
pubAuthorityService.deleteAuthority(auth1);
assertEquals(0, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(0, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
assertEquals(0, pubAuthorityService.getAllAuthorities(AuthorityType.ROLE).size());
assertEquals(0, pubAuthorityService.getAllRootAuthorities(AuthorityType.ROLE).size());
auth1 = pubAuthorityService.createAuthority(AuthorityType.ROLE, null, "one");
assertEquals(1, pubAuthorityService.getAllAuthorities(AuthorityType.ROLE).size());
assertEquals(1, pubAuthorityService.getAllRootAuthorities(AuthorityType.ROLE).size());
auth2 = pubAuthorityService.createAuthority(AuthorityType.ROLE, null, "two");
assertEquals(2, pubAuthorityService.getAllAuthorities(AuthorityType.ROLE).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.ROLE).size());
auth3 = pubAuthorityService.createAuthority(AuthorityType.ROLE, auth1, "three");
assertEquals(3, pubAuthorityService.getAllAuthorities(AuthorityType.ROLE).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.ROLE).size());
auth4 = pubAuthorityService.createAuthority(AuthorityType.ROLE, auth1, "four");
assertEquals(4, pubAuthorityService.getAllAuthorities(AuthorityType.ROLE).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.ROLE).size());
auth5 = pubAuthorityService.createAuthority(AuthorityType.ROLE, auth2, "five");
assertEquals(5, pubAuthorityService.getAllAuthorities(AuthorityType.ROLE).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.ROLE).size());
pubAuthorityService.deleteAuthority(auth5);
assertEquals(4, pubAuthorityService.getAllAuthorities(AuthorityType.ROLE).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.ROLE).size());
pubAuthorityService.deleteAuthority(auth4);
assertEquals(3, pubAuthorityService.getAllAuthorities(AuthorityType.ROLE).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.ROLE).size());
pubAuthorityService.deleteAuthority(auth3);
assertEquals(2, pubAuthorityService.getAllAuthorities(AuthorityType.ROLE).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.ROLE).size());
pubAuthorityService.deleteAuthority(auth2);
assertEquals(1, pubAuthorityService.getAllAuthorities(AuthorityType.ROLE).size());
assertEquals(1, pubAuthorityService.getAllRootAuthorities(AuthorityType.ROLE).size());
pubAuthorityService.deleteAuthority(auth1);
assertEquals(0, pubAuthorityService.getAllAuthorities(AuthorityType.ROLE).size());
assertEquals(0, pubAuthorityService.getAllRootAuthorities(AuthorityType.ROLE).size());
}
public void testCreateAuthTree()
{
String auth1;
String auth2;
String auth3;
String auth4;
String auth5;
assertEquals(0, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(0, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
auth1 = pubAuthorityService.createAuthority(AuthorityType.GROUP, null, "one");
assertEquals("GROUP_one", auth1);
assertEquals(1, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(1, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
auth2 = pubAuthorityService.createAuthority(AuthorityType.GROUP, null, "two");
assertEquals("GROUP_two", auth2);
assertEquals(2, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
auth3 = pubAuthorityService.createAuthority(AuthorityType.GROUP, auth1, "three");
assertEquals("GROUP_three", auth3);
assertEquals(3, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
auth4 = pubAuthorityService.createAuthority(AuthorityType.GROUP, auth1, "four");
assertEquals("GROUP_four", auth4);
assertEquals(4, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
auth5 = pubAuthorityService.createAuthority(AuthorityType.GROUP, auth2, "five");
assertEquals("GROUP_five", auth5);
assertEquals(5, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllAuthorities(AuthorityType.USER).size());
pubAuthorityService.addAuthority(auth5, "andy");
assertEquals(5, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
// The next call looks for people not users :-)
assertEquals(2, pubAuthorityService.getAllAuthorities(AuthorityType.USER).size());
assertEquals(2, pubAuthorityService.getContainingAuthorities(null, "andy", false).size());
assertTrue(pubAuthorityService.getContainingAuthorities(null, "andy", false).contains(auth5));
assertTrue(pubAuthorityService.getContainingAuthorities(null, "andy", false).contains(auth2));
assertEquals(1, pubAuthorityService.getContainingAuthorities(null, auth5, false).size());
assertTrue(pubAuthorityService.getContainingAuthorities(null, auth5, false).contains(auth2));
assertEquals(2, pubAuthorityService.getContainedAuthorities(null, auth2, false).size());
assertTrue(pubAuthorityService.getContainedAuthorities(null, auth2, false).contains(auth5));
assertTrue(pubAuthorityService.getContainedAuthorities(null, auth2, false).contains("andy"));
assertEquals(1, pubAuthorityService.getContainedAuthorities(null, auth5, false).size());
assertTrue(pubAuthorityService.getContainedAuthorities(null, auth5, false).contains("andy"));
pubAuthorityService.removeAuthority(auth5, "andy");
assertEquals(5, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
// The next call looks for people not users :-)
assertEquals(2, pubAuthorityService.getAllAuthorities(AuthorityType.USER).size());
assertEquals(0, pubAuthorityService.getContainingAuthorities(null, "andy", false).size());
assertEquals(1, pubAuthorityService.getContainingAuthorities(null, auth5, false).size());
assertTrue(pubAuthorityService.getContainingAuthorities(null, auth5, false).contains(auth2));
assertEquals(1, pubAuthorityService.getContainedAuthorities(null, auth2, false).size());
assertTrue(pubAuthorityService.getContainedAuthorities(null, auth2, false).contains(auth5));
assertEquals(0, pubAuthorityService.getContainedAuthorities(null, auth5, false).size());
}
public void testCreateAuthNet()
{
String auth1;
String auth2;
String auth3;
String auth4;
String auth5;
assertEquals(0, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(0, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
auth1 = pubAuthorityService.createAuthority(AuthorityType.GROUP, null, "one");
assertEquals(1, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(1, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
auth2 = pubAuthorityService.createAuthority(AuthorityType.GROUP, null, "two");
assertEquals(2, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
auth3 = pubAuthorityService.createAuthority(AuthorityType.GROUP, auth1, "three");
assertEquals(3, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
auth4 = pubAuthorityService.createAuthority(AuthorityType.GROUP, auth1, "four");
assertEquals(4, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
auth5 = pubAuthorityService.createAuthority(AuthorityType.GROUP, auth2, "five");
assertEquals(5, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllAuthorities(AuthorityType.USER).size());
pubAuthorityService.addAuthority(auth5, "andy");
pubAuthorityService.addAuthority(auth1, "andy");
assertEquals(5, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
// The next call looks for people not users :-)
assertEquals(2, pubAuthorityService.getAllAuthorities(AuthorityType.USER).size());
assertEquals(3, pubAuthorityService.getContainingAuthorities(null, "andy", false).size());
assertTrue(pubAuthorityService.getContainingAuthorities(null, "andy", false).contains(auth5));
assertTrue(pubAuthorityService.getContainingAuthorities(null, "andy", false).contains(auth2));
assertTrue(pubAuthorityService.getContainingAuthorities(null, "andy", false).contains(auth1));
assertEquals(2, pubAuthorityService.getContainedAuthorities(null, auth2, false).size());
assertTrue(pubAuthorityService.getContainedAuthorities(null, auth2, false).contains(auth5));
assertTrue(pubAuthorityService.getContainedAuthorities(null, auth2, false).contains("andy"));
assertEquals(3, pubAuthorityService.getContainedAuthorities(null, auth1, false).size());
assertTrue(pubAuthorityService.getContainedAuthorities(null, auth1, false).contains(auth3));
assertTrue(pubAuthorityService.getContainedAuthorities(null, auth1, false).contains(auth4));
assertTrue(pubAuthorityService.getContainedAuthorities(null, auth1, false).contains("andy"));
pubAuthorityService.removeAuthority(auth1, "andy");
assertEquals(5, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
// The next call looks for people not users :-)
assertEquals(2, pubAuthorityService.getAllAuthorities(AuthorityType.USER).size());
assertEquals(2, pubAuthorityService.getContainingAuthorities(null, "andy", false).size());
assertTrue(pubAuthorityService.getContainingAuthorities(null, "andy", false).contains(auth5));
assertTrue(pubAuthorityService.getContainingAuthorities(null, "andy", false).contains(auth2));
assertEquals(2, pubAuthorityService.getContainedAuthorities(null, auth2, false).size());
assertTrue(pubAuthorityService.getContainedAuthorities(null, auth2, false).contains(auth5));
assertTrue(pubAuthorityService.getContainedAuthorities(null, auth2, false).contains("andy"));
assertEquals(2, pubAuthorityService.getContainedAuthorities(null, auth1, false).size());
assertTrue(pubAuthorityService.getContainedAuthorities(null, auth1, false).contains(auth3));
assertTrue(pubAuthorityService.getContainedAuthorities(null, auth1, false).contains(auth4));
}
public void testCreateAuthNet2()
{
String auth1;
String auth2;
String auth3;
String auth4;
String auth5;
assertEquals(0, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(0, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
auth1 = pubAuthorityService.createAuthority(AuthorityType.GROUP, null, "one");
assertEquals(1, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(1, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
auth2 = pubAuthorityService.createAuthority(AuthorityType.GROUP, null, "two");
assertEquals(2, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
auth3 = pubAuthorityService.createAuthority(AuthorityType.GROUP, auth1, "three");
assertEquals(3, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
auth4 = pubAuthorityService.createAuthority(AuthorityType.GROUP, auth1, "four");
assertEquals(4, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
auth5 = pubAuthorityService.createAuthority(AuthorityType.GROUP, auth2, "five");
assertEquals(5, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllAuthorities(AuthorityType.USER).size());
pubAuthorityService.addAuthority(auth5, "andy");
pubAuthorityService.addAuthority(auth1, "andy");
assertEquals(5, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
// The next call looks for people not users :-)
assertEquals(2, pubAuthorityService.getAllAuthorities(AuthorityType.USER).size());
assertEquals(3, pubAuthorityService.getContainingAuthorities(null, "andy", false).size());
assertTrue(pubAuthorityService.getContainingAuthorities(null, "andy", false).contains(auth5));
assertTrue(pubAuthorityService.getContainingAuthorities(null, "andy", false).contains(auth2));
assertTrue(pubAuthorityService.getContainingAuthorities(null, "andy", false).contains(auth1));
assertEquals(2, pubAuthorityService.getContainedAuthorities(null, auth2, false).size());
assertTrue(pubAuthorityService.getContainedAuthorities(null, auth2, false).contains(auth5));
assertTrue(pubAuthorityService.getContainedAuthorities(null, auth2, false).contains("andy"));
assertEquals(3, pubAuthorityService.getContainedAuthorities(null, auth1, false).size());
assertTrue(pubAuthorityService.getContainedAuthorities(null, auth1, false).contains(auth3));
assertTrue(pubAuthorityService.getContainedAuthorities(null, auth1, false).contains(auth4));
assertTrue(pubAuthorityService.getContainedAuthorities(null, auth1, false).contains("andy"));
pubAuthorityService.addAuthority(auth3, auth2);
assertEquals(5, pubAuthorityService.getAllAuthorities(AuthorityType.GROUP).size());
assertEquals(2, pubAuthorityService.getAllRootAuthorities(AuthorityType.GROUP).size());
// The next call looks for people not users :-)
assertEquals(2, pubAuthorityService.getAllAuthorities(AuthorityType.USER).size());
assertEquals(4, pubAuthorityService.getContainingAuthorities(null, "andy", false).size());
assertTrue(pubAuthorityService.getContainingAuthorities(null, "andy", false).contains(auth5));
assertTrue(pubAuthorityService.getContainingAuthorities(null, "andy", false).contains(auth2));
assertTrue(pubAuthorityService.getContainingAuthorities(null, "andy", false).contains(auth1));
assertTrue(pubAuthorityService.getContainingAuthorities(null, "andy", false).contains(auth3));
assertEquals(2, pubAuthorityService.getContainedAuthorities(null, auth2, false).size());
assertTrue(pubAuthorityService.getContainedAuthorities(null, auth2, false).contains(auth5));
assertTrue(pubAuthorityService.getContainedAuthorities(null, auth2, false).contains("andy"));
assertEquals(5, pubAuthorityService.getContainedAuthorities(null, auth1, false).size());
assertTrue(pubAuthorityService.getContainedAuthorities(null, auth1, false).contains(auth3));
assertTrue(pubAuthorityService.getContainedAuthorities(null, auth1, false).contains(auth4));
assertTrue(pubAuthorityService.getContainedAuthorities(null, auth1, false).contains(auth2));
assertTrue(pubAuthorityService.getContainedAuthorities(null, auth1, false).contains(auth5));
assertTrue(pubAuthorityService.getContainedAuthorities(null, auth1, false).contains("andy"));
}
}

62
source/java/org/alfresco/repo/security/authority/ExtendedPermissionServiceTest.java Normal file
View File

@@ -0,0 +1,62 @@
/*
* Copyright (C) 2005 Alfresco, Inc.
*
* Licensed under the Alfresco Network License. You may obtain a
* copy of the License at
*
* http://www.alfrescosoftware.com/legal/
*
* Please view the license relevant to your network subscription.
*
* BY CLICKING THE "I UNDERSTAND AND ACCEPT" BOX, OR INSTALLING,
* READING OR USING ALFRESCO'S Network SOFTWARE (THE "SOFTWARE"),
* YOU ARE AGREEING ON BEHALF OF THE ENTITY LICENSING THE SOFTWARE
* ("COMPANY") THAT COMPANY WILL BE BOUND BY AND IS BECOMING A PARTY TO
* THIS ALFRESCO NETWORK AGREEMENT ("AGREEMENT") AND THAT YOU HAVE THE
* AUTHORITY TO BIND COMPANY. IF COMPANY DOES NOT AGREE TO ALL OF THE
* TERMS OF THIS AGREEMENT, DO NOT SELECT THE "I UNDERSTAND AND AGREE"
* BOX AND DO NOT INSTALL THE SOFTWARE OR VIEW THE SOURCE CODE. COMPANY
* HAS NOT BECOME A LICENSEE OF, AND IS NOT AUTHORIZED TO USE THE
* SOFTWARE UNLESS AND UNTIL IT HAS AGREED TO BE BOUND BY THESE LICENSE
* TERMS. THE "EFFECTIVE DATE" FOR THIS AGREEMENT SHALL BE THE DAY YOU
* CHECK THE "I UNDERSTAND AND ACCEPT" BOX.
*/
package org.alfresco.repo.security.authority;
import org.alfresco.repo.security.permissions.impl.AbstractPermissionTest;
import org.alfresco.repo.security.permissions.impl.SimplePermissionEntry;
import org.alfresco.service.cmr.security.AccessStatus;
import org.alfresco.service.cmr.security.AuthorityType;
import org.alfresco.service.cmr.security.PermissionService;
public class ExtendedPermissionServiceTest extends AbstractPermissionTest
{
public void testGroupPermission()
{
runAs("andy");
assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED);
permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ),
"GROUP_test", AccessStatus.ALLOWED));
assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED);
authorityService.createAuthority(AuthorityType.GROUP, null, "test");
authorityService.addAuthority("GROUP_test", "andy");
assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED);
authorityService.removeAuthority("GROUP_test", "andy");
assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED);
permissionService.clearPermission(rootNodeRef, "andy");
}
public void testDeletePermissionByRecipient()
{
runAs("andy");
assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED);
permissionService.setPermission(new SimplePermissionEntry(rootNodeRef, getPermission(PermissionService.READ),
"GROUP_test", AccessStatus.ALLOWED));
assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED);
authorityService.createAuthority(AuthorityType.GROUP, null, "test");
authorityService.addAuthority("GROUP_test", "andy");
assertTrue(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED);
permissionService.deletePermissions("GROUP_test");
assertFalse(permissionService.hasPermission(rootNodeRef, getPermission(PermissionService.READ)) == AccessStatus.ALLOWED);
}
}

54
source/java/org/alfresco/repo/security/authority/UnknownAuthorityException.java Normal file
View File

@@ -0,0 +1,54 @@
/*
* Copyright (C) 2005 Alfresco, Inc.
*
* Licensed under the Alfresco Network License. You may obtain a
* copy of the License at
*
* http://www.alfrescosoftware.com/legal/
*
* Please view the license relevant to your network subscription.
*
* BY CLICKING THE "I UNDERSTAND AND ACCEPT" BOX, OR INSTALLING,
* READING OR USING ALFRESCO'S Network SOFTWARE (THE "SOFTWARE"),
* YOU ARE AGREEING ON BEHALF OF THE ENTITY LICENSING THE SOFTWARE
* ("COMPANY") THAT COMPANY WILL BE BOUND BY AND IS BECOMING A PARTY TO
* THIS ALFRESCO NETWORK AGREEMENT ("AGREEMENT") AND THAT YOU HAVE THE
* AUTHORITY TO BIND COMPANY. IF COMPANY DOES NOT AGREE TO ALL OF THE
* TERMS OF THIS AGREEMENT, DO NOT SELECT THE "I UNDERSTAND AND AGREE"
* BOX AND DO NOT INSTALL THE SOFTWARE OR VIEW THE SOURCE CODE. COMPANY
* HAS NOT BECOME A LICENSEE OF, AND IS NOT AUTHORIZED TO USE THE
* SOFTWARE UNLESS AND UNTIL IT HAS AGREED TO BE BOUND BY THESE LICENSE
* TERMS. THE "EFFECTIVE DATE" FOR THIS AGREEMENT SHALL BE THE DAY YOU
* CHECK THE "I UNDERSTAND AND ACCEPT" BOX.
*/
package org.alfresco.repo.security.authority;
public class UnknownAuthorityException extends AuthorityException
{
/**
* Comment for <code>serialVersionUID</code>
*/
private static final long serialVersionUID = 4639634037108317201L;
public UnknownAuthorityException(String msgId)
{
super(msgId);
}
public UnknownAuthorityException(String msgId, Object[] msgParams)
{
super(msgId, msgParams);
}
public UnknownAuthorityException(String msgId, Throwable cause)
{
super(msgId, cause);
}
public UnknownAuthorityException(String msgId, Object[] msgParams, Throwable cause)
{
super(msgId, msgParams, cause);
}
}