inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Site Service does not allow users 'admin' or 'system user' to set site membership if they are not Site Manager of the given site

Browse Source 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@11011 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Roy Wetherall
2008-09-24 15:37:13 +00:00
parent ff01cea0c5
commit d2c08c8307
2 changed files with 126 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
source/java/org/alfresco/repo/site/SiteServiceImplTest.java
View File

@@ -134,6 +134,42 @@ public class SiteServiceImplTest extends BaseAlfrescoSpringTest
}
}
public void testETHREEOH_15() throws Exception
{
SiteInfo siteInfo = this.siteService.createSite(TEST_SITE_PRESET, "mySiteTest", TEST_TITLE, TEST_DESCRIPTION, true);
checkSiteInfo(siteInfo, TEST_SITE_PRESET, "mySiteTest", TEST_TITLE, TEST_DESCRIPTION, true);
authenticationComponent.setCurrentUser("admin");
this.siteService.setMembership(siteInfo.getShortName(), USER_TWO, SiteModel.SITE_MANAGER);
authenticationComponent.setCurrentUser(USER_TWO);
this.siteService.setMembership(siteInfo.getShortName(), USER_THREE, SiteModel.SITE_CONTRIBUTOR);
this.siteService.removeMembership(siteInfo.getShortName(), USER_THREE);
authenticationComponent.setCurrentUser("admin");
this.siteService.removeMembership(siteInfo.getShortName(), USER_TWO);
authenticationComponent.setSystemUserAsCurrentUser();
this.siteService.setMembership(siteInfo.getShortName(), USER_THREE, SiteModel.SITE_CONTRIBUTOR);
authenticationComponent.setCurrentUser(USER_THREE);
try
{
this.siteService.setMembership(siteInfo.getShortName(), USER_TWO, SiteModel.SITE_CONTRIBUTOR);
fail("Shouldn't be able to do this cos you don't have permissions");
}
catch (Exception exception) {}
try
{
this.siteService.removeMembership(siteInfo.getShortName(), USER_THREE);
fail("Shouldn't be able to do this cos you don't have permissions");
}
catch (Exception exception) {}
authenticationComponent.setSystemUserAsCurrentUser();
this.siteService.removeMembership(siteInfo.getShortName(), USER_THREE);
}
private void checkSiteInfo( SiteInfo siteInfo, String expectedSitePreset, String expectedShortName, String expectedTitle,
String expectedDescription, boolean expectedIsPublic)
{