REPO-1878: Support GROUP_EVERYONE in all endpoints

- initial commit git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/BRANCHES/DEV/5.2.N/root@134828 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-08-14 17:58:59 +00:00 · 2017-01-30 15:49:50 +00:00
parent a234a4641b
commit cff630061f
2 changed files with 73 additions and 10 deletions
--- a/source/java/org/alfresco/rest/api/impl/GroupsImpl.java
+++ b/source/java/org/alfresco/rest/api/impl/GroupsImpl.java
@@ -59,6 +59,7 @@ import org.alfresco.rest.framework.core.exceptions.ConstraintViolatedException;
 import org.alfresco.rest.framework.core.exceptions.EntityNotFoundException;
 import org.alfresco.rest.framework.core.exceptions.InvalidArgumentException;
 import org.alfresco.rest.framework.core.exceptions.PermissionDeniedException;
+import org.alfresco.rest.framework.core.exceptions.UnsupportedResourceOperationException;
 import org.alfresco.rest.framework.resource.parameters.CollectionWithPagingInfo;
 import org.alfresco.rest.framework.resource.parameters.Paging;
 import org.alfresco.rest.framework.resource.parameters.Parameters;
@@ -84,6 +85,7 @@ public class GroupsImpl implements Groups
    private static final int MAX_ZONES = 1;
    private static final String DISPLAY_NAME = "displayName";
    private static final String AUTHORITY_NAME = "authorityName";
+    private static final String ERR_MSG_MODIFY_FIXED_AUTHORITY = "Trying to modify a fixed authority";

    private final static Map<String, String> SORT_PARAMS_TO_NAMES;
    static
@@ -154,7 +156,14 @@ public class GroupsImpl implements Groups
        validateGroupId(groupId, false);
        validateGroup(group, true);

-        authorityService.setAuthorityDisplayName(groupId, group.getDisplayName());
+        try
+        {
+            authorityService.setAuthorityDisplayName(groupId, group.getDisplayName());
+        }
+        catch (AuthorityException ae)
+        {
+            handleAuthorityException(ae);
+        }

        return getGroup(groupId, parameters);
    }
@@ -686,14 +695,19 @@ public class GroupsImpl implements Groups
        }
        catch (AuthorityException ae)
        {
-            if (ae.getMsgId().equals("Trying to modify a fixed authority"))
-            {
-                throw new ConstraintViolatedException("Trying to modify a fixed authority");
-            }
-            else
-            {
-                throw ae;
-            }
+            handleAuthorityException(ae);
+        }
+    }
+
+    private void handleAuthorityException(AuthorityException ae)
+    {
+        if (ae.getMsgId().equals("Trying to modify a fixed authority"))
+        {
+            throw new ConstraintViolatedException(ERR_MSG_MODIFY_FIXED_AUTHORITY);
+        }
+        else
+        {
+            throw ae;
        }
    }

@@ -701,6 +715,12 @@ public class GroupsImpl implements Groups
    {
        validateGroupId(groupId, false);

+        // Not allowed to list all members.
+        if (PermissionService.ALL_AUTHORITIES.equals(groupId))
+        {
+            throw new UnsupportedResourceOperationException();
+        }
+
        Paging paging = parameters.getPaging();

        // Retrieve sort column. This is limited for now to sort column due to
@@ -748,6 +768,13 @@ public class GroupsImpl implements Groups
    public GroupMember createGroupMember(String groupId, GroupMember groupMember)
    {
        validateGroupId(groupId, false);
+
+        // Not allowed to modify a GROUP_EVERYONE member.
+        if (PermissionService.ALL_AUTHORITIES.equals(groupId))
+        {
+            throw new ConstraintViolatedException(ERR_MSG_MODIFY_FIXED_AUTHORITY);
+        }
+
        validateGroupMember(groupMember);

        AuthorityType authorityType = getAuthorityType(groupMember.getMemberType());
@@ -773,6 +800,13 @@ public class GroupsImpl implements Groups
    public void deleteGroupMembership(String groupId, String groupMemberId)
    {
        validateGroupId(groupId, false);
+
+        // Not allowed to modify a GROUP_EVERYONE member.
+        if (PermissionService.ALL_AUTHORITIES.equals(groupId))
+        {
+            throw new ConstraintViolatedException(ERR_MSG_MODIFY_FIXED_AUTHORITY);
+        }
+
        validateGroupMemberId(groupMemberId);
        // TODO: Verify if groupMemberId is member of groupId
        authorityService.removeAuthority(groupId, groupMemberId);
@@ -872,7 +906,7 @@ public class GroupsImpl implements Groups
            throw new InvalidArgumentException("groupId is null or empty");
        }

-        if (!groupAuthorityExists(groupId, inferPrefix))
+        if (!PermissionService.ALL_AUTHORITIES.equals(groupId) && !groupAuthorityExists(groupId, inferPrefix))
        {
            throw new EntityNotFoundException(groupId);
        }
--- a/source/test-java/org/alfresco/rest/api/tests/GroupsTest.java
+++ b/source/test-java/org/alfresco/rest/api/tests/GroupsTest.java
@@ -1168,6 +1168,7 @@ public class GroupsTest extends AbstractSingleNetworkSiteTest

        getGroupMembers("", paging, null, "", HttpServletResponse.SC_BAD_REQUEST);
        getGroupMembers("invalidGroupId", paging, null, "", HttpServletResponse.SC_NOT_FOUND);
+        getGroupMembers(GROUP_EVERYONE, paging, null, "", HttpServletResponse.SC_METHOD_NOT_ALLOWED);
    }

    private void testGetGroupMembersSorting() throws Exception
@@ -1346,6 +1347,14 @@ public class GroupsTest extends AbstractSingleNetworkSiteTest
                assertNull(group.getParentIds());
                assertNotNull(group.getZones());
            }
+
+            // Support GROUP_EVERYONE
+            {
+                Group group = groupsProxy.getGroup(GROUP_EVERYONE, null, HttpServletResponse.SC_OK);
+                assertNotNull(group);
+                assertNotNull(group.getId());
+                assertNotNull(group.getIsRoot());
+            }
        }
        finally
        {
@@ -1488,6 +1497,11 @@ public class GroupsTest extends AbstractSingleNetworkSiteTest
                groupsProxy.createGroupMember(groupB.getId(), groupMemberA, HttpServletResponse.SC_CONFLICT);
            }

+            // Not allowed to modify a GROUP_EVERYONE member.
+            {
+                groupsProxy.createGroupMember(GROUP_EVERYONE, groupMemberA, HttpServletResponse.SC_CONFLICT);
+            }
+
            // Person or group with given id does not exists
            {
                GroupMember invalidIdGroupMember = new GroupMember();
@@ -1622,6 +1636,16 @@ public class GroupsTest extends AbstractSingleNetworkSiteTest

            groupsProxy.updateGroup("invalidId", group, null, HttpServletResponse.SC_NOT_FOUND);
        }
+
+        // It isn't allowed to update GROUP_EVERYONE.
+        {
+            setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD);
+
+            Group myGroup = new Group();
+            myGroup.setDisplayName("newDisplayName");
+
+            groupsProxy.updateGroup(GROUP_EVERYONE, myGroup, null, HttpServletResponse.SC_CONFLICT);
+        }
    }

    @Test
@@ -1744,6 +1768,11 @@ public class GroupsTest extends AbstractSingleNetworkSiteTest
                groupsProxy.deleteGroupMembership(groupA.getId(), "invalidGroupMemberId", HttpServletResponse.SC_NOT_FOUND);
            }

+            // Not allowed to delete member of GROUP_EVERYONE.
+            {
+                groupsProxy.deleteGroupMembership(GROUP_EVERYONE, groupMemberA.getId(), HttpServletResponse.SC_CONFLICT);
+            }
+
            // Authentication failed
            {
                setRequestContext(networkOne.getId(), GUID.generate(), "password");