diff --git a/rm-server/config/alfresco/module/org_alfresco_module_rm/alfresco-global.properties b/rm-server/config/alfresco/module/org_alfresco_module_rm/alfresco-global.properties index 70676c0e4d..8864f56b1c 100644 --- a/rm-server/config/alfresco/module/org_alfresco_module_rm/alfresco-global.properties +++ b/rm-server/config/alfresco/module/org_alfresco_module_rm/alfresco-global.properties @@ -34,4 +34,7 @@ bootstrap.rmadmin.name=rmadmin # # Indicates whether RM rules will be run as RM Admin or not by default # -rm.rule.runasrmadmin=true \ No newline at end of file +rm.rule.runasrmadmin=true + +activities.feed.generator.cronExpression=0 30 3 * * ? +activities.feed.generator.maxItemsPerCycle=1 \ No newline at end of file diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/ExtendedSecurityServiceImplTest.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/ExtendedSecurityServiceImplTest.java index 1407ced003..7b399c1d09 100644 --- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/ExtendedSecurityServiceImplTest.java +++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/ExtendedSecurityServiceImplTest.java @@ -23,10 +23,16 @@ import java.util.HashSet; import java.util.Map; import java.util.Set; +import org.alfresco.model.ContentModel; import org.alfresco.module.org_alfresco_module_rm.security.ExtendedSecurityService; import org.alfresco.module.org_alfresco_module_rm.test.util.BaseRMTestCase; import org.alfresco.repo.security.authentication.AuthenticationUtil; +import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork; +import org.alfresco.repo.site.SiteModel; import org.alfresco.service.cmr.repository.NodeRef; +import org.alfresco.service.cmr.security.AccessStatus; +import org.alfresco.service.cmr.site.SiteService; +import org.alfresco.service.cmr.site.SiteVisibility; import org.alfresco.util.GUID; /** @@ -248,4 +254,115 @@ public class ExtendedSecurityServiceImplTest extends BaseRMTestCase assertNotNull(readers); assertEquals(testMap.size(), readers.size()); } + + public void testDifferentUsersDifferentPermissions() + { + final String userNone = createTestUser(); + final String userRead = createTestUser(); + final String userWrite = createTestUser(); + final String siteShortName = GUID.generate(); + + doTestInTransaction(new Test() + { + public Void run() throws Exception + { + siteService.createSite(null, siteShortName, "test", "test", SiteVisibility.PRIVATE); + return null; + } + }); + + final NodeRef documentLibrary = doTestInTransaction(new Test() + { + public NodeRef run() throws Exception + { + siteService.setMembership(siteShortName, userRead, SiteModel.SITE_CONSUMER); + siteService.setMembership(siteShortName, userWrite, SiteModel.SITE_COLLABORATOR); + return siteService.createContainer(siteShortName, SiteService.DOCUMENT_LIBRARY, null, null); + } + }); + + final NodeRef record = doTestInTransaction(new Test() + { + public NodeRef run() throws Exception + { + NodeRef record = fileFolderService.create(documentLibrary, GUID.generate(), ContentModel.TYPE_CONTENT).getNodeRef(); + recordService.createRecord(filePlan, record); + return record; + } + }); + + doTestInTransaction(new Test() + { + public Void run() throws Exception + { + AuthenticationUtil.runAs(new RunAsWork() + { + public Void doWork() throws Exception + { + // check permissions + assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, READ_RECORDS)); + assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, FILING)); + return null; + } + }, userNone); + + AuthenticationUtil.runAs(new RunAsWork() + { + public Void doWork() throws Exception + { + // check permissions + assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, READ_RECORDS)); + assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, FILING)); + return null; + } + }, userRead); + + AuthenticationUtil.runAs(new RunAsWork() + { + public Void doWork() throws Exception + { + // check permissions + assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, READ_RECORDS)); + assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, FILING)); + return null; + } + }, userWrite); + + AuthenticationUtil.runAs(new RunAsWork() + { + public Void doWork() throws Exception + { + // check permissions + assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, READ_RECORDS)); + assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, FILING)); + return null; + } + }, userNone); + + AuthenticationUtil.runAs(new RunAsWork() + { + public Void doWork() throws Exception + { + // check permissions + assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, READ_RECORDS)); + assertEquals(AccessStatus.DENIED, permissionService.hasPermission(record, FILING)); + return null; + } + }, userRead); + + AuthenticationUtil.runAs(new RunAsWork() + { + public Void doWork() throws Exception + { + // check permissions + assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, READ_RECORDS)); + assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(record, FILING)); + return null; + } + }, userWrite); + + return null; + } + }); + } }