From cff630061f1430d2db92dfd99de2917e7bf04acc Mon Sep 17 00:00:00 2001 From: Cristian Turlica Date: Mon, 30 Jan 2017 15:49:50 +0000 Subject: [PATCH] REPO-1878: Support GROUP_EVERYONE in all endpoints - initial commit git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/BRANCHES/DEV/5.2.N/root@134828 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261 --- .../alfresco/rest/api/impl/GroupsImpl.java | 54 +++++++++++++++---- .../alfresco/rest/api/tests/GroupsTest.java | 29 ++++++++++ 2 files changed, 73 insertions(+), 10 deletions(-) diff --git a/source/java/org/alfresco/rest/api/impl/GroupsImpl.java b/source/java/org/alfresco/rest/api/impl/GroupsImpl.java index 9f13ab73c2..77dd0fc57a 100644 --- a/source/java/org/alfresco/rest/api/impl/GroupsImpl.java +++ b/source/java/org/alfresco/rest/api/impl/GroupsImpl.java @@ -59,6 +59,7 @@ import org.alfresco.rest.framework.core.exceptions.ConstraintViolatedException; import org.alfresco.rest.framework.core.exceptions.EntityNotFoundException; import org.alfresco.rest.framework.core.exceptions.InvalidArgumentException; import org.alfresco.rest.framework.core.exceptions.PermissionDeniedException; +import org.alfresco.rest.framework.core.exceptions.UnsupportedResourceOperationException; import org.alfresco.rest.framework.resource.parameters.CollectionWithPagingInfo; import org.alfresco.rest.framework.resource.parameters.Paging; import org.alfresco.rest.framework.resource.parameters.Parameters; @@ -84,6 +85,7 @@ public class GroupsImpl implements Groups private static final int MAX_ZONES = 1; private static final String DISPLAY_NAME = "displayName"; private static final String AUTHORITY_NAME = "authorityName"; + private static final String ERR_MSG_MODIFY_FIXED_AUTHORITY = "Trying to modify a fixed authority"; private final static Map SORT_PARAMS_TO_NAMES; static @@ -154,7 +156,14 @@ public class GroupsImpl implements Groups validateGroupId(groupId, false); validateGroup(group, true); - authorityService.setAuthorityDisplayName(groupId, group.getDisplayName()); + try + { + authorityService.setAuthorityDisplayName(groupId, group.getDisplayName()); + } + catch (AuthorityException ae) + { + handleAuthorityException(ae); + } return getGroup(groupId, parameters); } @@ -686,14 +695,19 @@ public class GroupsImpl implements Groups } catch (AuthorityException ae) { - if (ae.getMsgId().equals("Trying to modify a fixed authority")) - { - throw new ConstraintViolatedException("Trying to modify a fixed authority"); - } - else - { - throw ae; - } + handleAuthorityException(ae); + } + } + + private void handleAuthorityException(AuthorityException ae) + { + if (ae.getMsgId().equals("Trying to modify a fixed authority")) + { + throw new ConstraintViolatedException(ERR_MSG_MODIFY_FIXED_AUTHORITY); + } + else + { + throw ae; } } @@ -701,6 +715,12 @@ public class GroupsImpl implements Groups { validateGroupId(groupId, false); + // Not allowed to list all members. + if (PermissionService.ALL_AUTHORITIES.equals(groupId)) + { + throw new UnsupportedResourceOperationException(); + } + Paging paging = parameters.getPaging(); // Retrieve sort column. This is limited for now to sort column due to @@ -748,6 +768,13 @@ public class GroupsImpl implements Groups public GroupMember createGroupMember(String groupId, GroupMember groupMember) { validateGroupId(groupId, false); + + // Not allowed to modify a GROUP_EVERYONE member. + if (PermissionService.ALL_AUTHORITIES.equals(groupId)) + { + throw new ConstraintViolatedException(ERR_MSG_MODIFY_FIXED_AUTHORITY); + } + validateGroupMember(groupMember); AuthorityType authorityType = getAuthorityType(groupMember.getMemberType()); @@ -773,6 +800,13 @@ public class GroupsImpl implements Groups public void deleteGroupMembership(String groupId, String groupMemberId) { validateGroupId(groupId, false); + + // Not allowed to modify a GROUP_EVERYONE member. + if (PermissionService.ALL_AUTHORITIES.equals(groupId)) + { + throw new ConstraintViolatedException(ERR_MSG_MODIFY_FIXED_AUTHORITY); + } + validateGroupMemberId(groupMemberId); // TODO: Verify if groupMemberId is member of groupId authorityService.removeAuthority(groupId, groupMemberId); @@ -872,7 +906,7 @@ public class GroupsImpl implements Groups throw new InvalidArgumentException("groupId is null or empty"); } - if (!groupAuthorityExists(groupId, inferPrefix)) + if (!PermissionService.ALL_AUTHORITIES.equals(groupId) && !groupAuthorityExists(groupId, inferPrefix)) { throw new EntityNotFoundException(groupId); } diff --git a/source/test-java/org/alfresco/rest/api/tests/GroupsTest.java b/source/test-java/org/alfresco/rest/api/tests/GroupsTest.java index ba681cbb07..5cd2532585 100644 --- a/source/test-java/org/alfresco/rest/api/tests/GroupsTest.java +++ b/source/test-java/org/alfresco/rest/api/tests/GroupsTest.java @@ -1168,6 +1168,7 @@ public class GroupsTest extends AbstractSingleNetworkSiteTest getGroupMembers("", paging, null, "", HttpServletResponse.SC_BAD_REQUEST); getGroupMembers("invalidGroupId", paging, null, "", HttpServletResponse.SC_NOT_FOUND); + getGroupMembers(GROUP_EVERYONE, paging, null, "", HttpServletResponse.SC_METHOD_NOT_ALLOWED); } private void testGetGroupMembersSorting() throws Exception @@ -1346,6 +1347,14 @@ public class GroupsTest extends AbstractSingleNetworkSiteTest assertNull(group.getParentIds()); assertNotNull(group.getZones()); } + + // Support GROUP_EVERYONE + { + Group group = groupsProxy.getGroup(GROUP_EVERYONE, null, HttpServletResponse.SC_OK); + assertNotNull(group); + assertNotNull(group.getId()); + assertNotNull(group.getIsRoot()); + } } finally { @@ -1488,6 +1497,11 @@ public class GroupsTest extends AbstractSingleNetworkSiteTest groupsProxy.createGroupMember(groupB.getId(), groupMemberA, HttpServletResponse.SC_CONFLICT); } + // Not allowed to modify a GROUP_EVERYONE member. + { + groupsProxy.createGroupMember(GROUP_EVERYONE, groupMemberA, HttpServletResponse.SC_CONFLICT); + } + // Person or group with given id does not exists { GroupMember invalidIdGroupMember = new GroupMember(); @@ -1622,6 +1636,16 @@ public class GroupsTest extends AbstractSingleNetworkSiteTest groupsProxy.updateGroup("invalidId", group, null, HttpServletResponse.SC_NOT_FOUND); } + + // It isn't allowed to update GROUP_EVERYONE. + { + setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD); + + Group myGroup = new Group(); + myGroup.setDisplayName("newDisplayName"); + + groupsProxy.updateGroup(GROUP_EVERYONE, myGroup, null, HttpServletResponse.SC_CONFLICT); + } } @Test @@ -1744,6 +1768,11 @@ public class GroupsTest extends AbstractSingleNetworkSiteTest groupsProxy.deleteGroupMembership(groupA.getId(), "invalidGroupMemberId", HttpServletResponse.SC_NOT_FOUND); } + // Not allowed to delete member of GROUP_EVERYONE. + { + groupsProxy.deleteGroupMembership(GROUP_EVERYONE, groupMemberA.getId(), HttpServletResponse.SC_CONFLICT); + } + // Authentication failed { setRequestContext(networkOne.getId(), GUID.generate(), "password");