RM-2197 Replace "No Clearance" with "Unclassified" in list of levels.

Created a notion of clearance level distinct from (but related to)
classification level. A clearance level references the highest
classification level it has access to. A SecurityClearance now contains a
ClearanceLevel, which in turn contains a ClassificationLevel.

Created a ClearanceLevelManager and initialise it at the same time as the
ClassificationLevelManager.

+review RM

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/modules/recordsmanagement/HEAD@103929 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261

rm-server/config/alfresco/module/org_alfresco_module_rm/classification/rm-classification-levels.json

@@ -12,7 +12,7 @@
     "displayLabel" : "rm.classification.confidential"
   },
   {
-    "name" : "NoClearance",
-    "displayLabel" : "rm.classification.noClearance"
+    "name" : "Unclassified",
+    "displayLabel" : "rm.classification.unclassified"
   }
 ]

rm-server/config/alfresco/module/org_alfresco_module_rm/classified-content-context.xml

@@ -94,6 +94,7 @@
          class="org.alfresco.module.org_alfresco_module_rm.classification.ClassificationServiceBootstrap">
        <constructor-arg ref="rm.authenticationUtil"/>
        <constructor-arg ref="classificationService"/> <!-- Intentionally using the small 'c' here -->
+       <constructor-arg ref="securityClearanceService"/> <!-- Intentionally using the small 's' here -->
        <constructor-arg ref="TransactionService"/>
    </bean>
 

rm-server/config/alfresco/module/org_alfresco_module_rm/messages/classified-content.properties

@@ -2,6 +2,9 @@
 rm.classification.topSecret=Top Secret
 rm.classification.secret=Secret
 rm.classification.confidential=Confidential
+rm.classification.unclassified=Unclassified
+
+## Most classifications are also security clearance levels, but the clearance corresponding to unclassified is "No Clearance"
 rm.classification.noClearance=No Clearance
 
 ## Default classification reasons

rm-server/config/alfresco/templates/webscripts/org/alfresco/rma/classification/usersecurityclearance.lib.ftl

@@ -3,8 +3,8 @@
     <#local pi=item.personInfo>
     {
         <#escape x as jsonUtils.encodeJSONString(x)>
-        "classificationId": "${cl.id}",
-        "classificationLabel": "${cl.displayLabel}",
+        "classificationId": "${cl.highestClassificationLevel.id}",
+        "clearanceLabel": "${cl.displayLabel}",
         "userName": <#if pi.userName??>"${pi.userName}"<#else>null</#if>,
         "firstName": <#if pi.firstName??>"${pi.firstName}"<#else>null</#if>,
         "lastName": <#if pi.lastName??>"${pi.lastName}"<#else>null</#if>,

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/ClassificationLevel.java

@@ -35,7 +35,7 @@ public final class ClassificationLevel implements Serializable
 {
     /** serial version uid */
     private static final long serialVersionUID = -3375064867090476422L;
-    
+
     private final String id;
     private final String displayLabelKey;
 
@@ -50,6 +50,9 @@ public final class ClassificationLevel implements Serializable
     /** Returns the unique identifier for this classification level. */
     public String getId() { return this.id; }
 
+    /** Returns the key for the display label. */
+    public String getDisplayLabelKey() { return displayLabelKey; }
+
     /**
      * Returns the localised (current locale) display label for this classification level. If no translation is found
      * then return the key instead.

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/ClassificationServiceBootstrap.java

@@ -32,17 +32,20 @@ import org.springframework.extensions.surf.util.AbstractLifecycleBean;
  */
 public class ClassificationServiceBootstrap extends AbstractLifecycleBean
 {
-    private final AuthenticationUtil        authenticationUtil;
-    private final ClassificationServiceImpl classificationServiceImpl;
-    private final TransactionService        transactionService;
+    private final AuthenticationUtil           authenticationUtil;
+    private final ClassificationServiceImpl    classificationServiceImpl;
+    private final SecurityClearanceServiceImpl securityClearanceServiceImpl;
+    private final TransactionService           transactionService;
 
     public ClassificationServiceBootstrap(AuthenticationUtil authUtil,
                                           ClassificationServiceImpl cService,
+                                          SecurityClearanceServiceImpl securityClearanceServiceImpl,
                                           TransactionService txService)
     {
-        this.authenticationUtil    = authUtil;
-        this.classificationServiceImpl = cService;
-        this.transactionService    = txService;
+        this.authenticationUtil           = authUtil;
+        this.classificationServiceImpl    = cService;
+        this.securityClearanceServiceImpl = securityClearanceServiceImpl;
+        this.transactionService           = txService;
     }
 
     @Override protected void onBootstrap(ApplicationEvent event)
@@ -55,8 +58,8 @@ public class ClassificationServiceBootstrap extends AbstractLifecycleBean
                 {
                     public Void execute()
                     {
-                        classificationServiceImpl.initConfiguredClassificationLevels();
-                        classificationServiceImpl.initConfiguredClassificationReasons();
+                        classificationServiceImpl.initialise();
+                        securityClearanceServiceImpl.initialise();
                         return null;
                     }
                 };

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/ClassificationServiceImpl.java

@@ -74,7 +74,13 @@ public class ClassificationServiceImpl extends ServiceBaseImpl
     /** Set the object from which configuration options will be read. */
     public void setClassificationServiceDAO(ClassificationServiceDAO classificationServiceDao) { this.classificationServiceDao = classificationServiceDao; }
 
-    void initConfiguredClassificationLevels()
+    void initialise()
+    {
+        initConfiguredClassificationLevels();
+        initConfiguredClassificationReasons();
+    }
+
+    protected void initConfiguredClassificationLevels()
     {
         final List<ClassificationLevel> allPersistedLevels  = getPersistedLevels();
         final List<ClassificationLevel> configurationLevels = getConfigurationLevels();
@@ -98,7 +104,7 @@ public class ClassificationServiceImpl extends ServiceBaseImpl
         }
     }
 
-    void initConfiguredClassificationReasons()
+    protected void initConfiguredClassificationReasons()
     {
         final List<ClassificationReason> persistedReasons = getPersistedReasons();
         final List<ClassificationReason> classpathReasons = getConfigurationReasons();

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/ClearanceLevel.java

@@ -0,0 +1,87 @@
+/*
+ * Copyright (C) 2005-2015 Alfresco Software Limited.
+ *
+ * This file is part of Alfresco
+ *
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
+ */
+package org.alfresco.module.org_alfresco_module_rm.classification;
+
+import static org.apache.commons.lang.StringUtils.isNotBlank;
+
+import org.alfresco.module.org_alfresco_module_rm.util.RMParameterCheck;
+import org.alfresco.util.ParameterCheck;
+import org.springframework.extensions.surf.util.I18NUtil;
+
+/**
+ * A POJO to represent a security clearance level. This wraps a {@link ClassificationLevel} and will often have the same
+ * display text as well. The main exception is that the clearance level corresponding to "Unclassified" is "No Clearance".
+ *
+ * @author tpage
+ */
+public class ClearanceLevel
+{
+    /** The highest classification level that can be accessed by users with this clearance. */
+    private final ClassificationLevel highestClassificationLevel;
+    /** The key for the display label of this security clearance. */
+    private final String displayLabelKey;
+
+    /**
+     * Constructor.
+     *
+     * @param highestClassificationLevel The highest classification level that can be accessed by users with this clearance.
+     * @param displayLabelKey The key for the display label of this security clearance.
+     */
+    public ClearanceLevel(ClassificationLevel highestClassificationLevel, String displayLabelKey)
+    {
+        ParameterCheck.mandatory("highestClassificationLevel", highestClassificationLevel);
+        RMParameterCheck.checkNotBlank("displayLabelKey", displayLabelKey);
+        this.highestClassificationLevel = highestClassificationLevel;
+        this.displayLabelKey = displayLabelKey;
+    }
+
+    /** Return the highest classification level that can be accessed by users with this clearance. */
+    public ClassificationLevel getHighestClassificationLevel() { return this.highestClassificationLevel; }
+
+    /**
+     * Returns the localised (current locale) display label for this clearance level. If no translation is found
+     * then return the key instead.
+     */
+    public String getDisplayLabel()
+    {
+        String message = I18NUtil.getMessage(displayLabelKey);
+        return (isNotBlank(message) ? message : displayLabelKey);
+    }
+
+    @Override public String toString()
+    {
+        StringBuilder msg = new StringBuilder();
+        msg.append(ClassificationLevel.class.getSimpleName())
+           .append(":").append(highestClassificationLevel.getId());
+
+        return  msg.toString();
+    }
+
+    @Override public boolean equals(Object o)
+    {
+        if (this == o) return true;
+        if (o == null || getClass() != o.getClass()) return false;
+
+        ClearanceLevel that = (ClearanceLevel) o;
+
+        return this.highestClassificationLevel.equals(that.highestClassificationLevel);
+    }
+
+    @Override public int hashCode() { return highestClassificationLevel.hashCode(); }
+}

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/ClearanceLevelManager.java

@@ -0,0 +1,70 @@
+/*
+ * Copyright (C) 2005-2015 Alfresco Software Limited.
+ *
+ * This file is part of Alfresco
+ *
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
+ */
+package org.alfresco.module.org_alfresco_module_rm.classification;
+
+import java.util.List;
+
+import com.google.common.collect.ImmutableList;
+import org.alfresco.module.org_alfresco_module_rm.classification.ClassificationServiceException.LevelIdNotFound;
+
+/**
+ * Container for the configured {@link ClearanceLevel} objects.
+ *
+ * @author tpage
+ */
+public class ClearanceLevelManager
+{
+    /** An immutable list of clearance levels ordered from most to least secure. */
+    private ImmutableList<ClearanceLevel> clearanceLevels;
+
+    /**
+     * Constructor that stores an immutable copy of the given levels.
+     *
+     * @param clearanceLevels A list of clearance levels ordered from most to least secure.
+     */
+    public ClearanceLevelManager(List<ClearanceLevel> clearanceLevels)
+    {
+        this.clearanceLevels = ImmutableList.copyOf(clearanceLevels);
+    }
+
+    /** @return An immutable list of clearance levels ordered from most to least secure. */
+    public ImmutableList<ClearanceLevel> getClearanceLevels()
+    {
+        return clearanceLevels;
+    }
+
+    /**
+     * Get a <code>ClearanceLevel</code> using its id.
+     *
+     * @param classificationLevelId The id of the highest classification level accessible by a clearance level.
+     * @return The clearance level.
+     * @throws LevelIdNotFound If the clearance level cannot be found.
+     */
+    public ClearanceLevel findLevelByClassificationLevelId(String classificationLevelId) throws LevelIdNotFound
+    {
+        for (ClearanceLevel clearanceLevel : clearanceLevels)
+        {
+            if (clearanceLevel.getHighestClassificationLevel().getId().equals(classificationLevelId))
+            {
+                return clearanceLevel;
+            }
+        }
+        throw new LevelIdNotFound(classificationLevelId);
+    }
+}

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearance.java

@@ -18,11 +18,11 @@
  */
 package org.alfresco.module.org_alfresco_module_rm.classification;
 
-import org.alfresco.service.cmr.security.PersonService.PersonInfo;
-
 import java.io.Serializable;
 import java.util.Objects;
 
+import org.alfresco.service.cmr.security.PersonService.PersonInfo;
+
 /**
  * A simple data type for a single user's security clearance.
  *
@@ -34,10 +34,10 @@ public final class SecurityClearance implements Serializable
     /** Serial version uid */
     private static final long serialVersionUID = 8410664575120817707L;
 
-    private final PersonInfo          personInfo;
-    private final ClassificationLevel clearanceLevel;
+    private final PersonInfo     personInfo;
+    private final ClearanceLevel clearanceLevel;
 
-    public SecurityClearance(final PersonInfo personInfo, final ClassificationLevel clearanceLevel)
+    public SecurityClearance(final PersonInfo personInfo, final ClearanceLevel clearanceLevel)
     {
         Objects.requireNonNull(personInfo);
         Objects.requireNonNull(clearanceLevel);
@@ -49,8 +49,8 @@ public final class SecurityClearance implements Serializable
     /** Returns the {@link PersonInfo} for this security clearance. */
     public PersonInfo getPersonInfo() { return this.personInfo; }
 
-    /** Returns the {@link ClassificationLevel} for this security clearance. */
-    public ClassificationLevel getClearanceLevel() { return this.clearanceLevel; }
+    /** Returns the {@link ClearanceLevel} for this security clearance. */
+    public ClearanceLevel getClearanceLevel() { return this.clearanceLevel; }
 
     @Override public String toString()
     {

rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImpl.java

@@ -39,11 +39,39 @@ import org.alfresco.util.ParameterCheck;
  */
 public class SecurityClearanceServiceImpl extends ServiceBaseImpl implements SecurityClearanceService
 {
+    /** The clearance levels currently configured in this server. */
+    private ClearanceLevelManager clearanceManager;
+
     private ClassificationService classificationService;
     private PersonService         personService;
 
+    public void setClearanceManager(ClearanceLevelManager clearanceManager) { this.clearanceManager = clearanceManager; }
     public void setClassificationService(ClassificationService service) { this.classificationService = service; }
-    public void setPersonService        (PersonService service)         { this.personService = service; }
+    public void setPersonService(PersonService service) { this.personService = service; }
+
+    /**
+     * Initialise and create a {@link ClearanceLevelManager}. This assumes that the {@link ClassificationService} has
+     * already been initialised.
+     */
+    void initialise()
+    {
+        ArrayList<ClearanceLevel> clearanceLevels = new ArrayList<ClearanceLevel>();
+        List<ClassificationLevel> classificationLevels = classificationService.getClassificationLevels();
+        ClassificationLevel unclassified = classificationLevels.get(classificationLevels.size() - 1);
+        for (ClassificationLevel classificationLevel : classificationLevels)
+        {
+            String displayLabelKey = classificationLevel.getDisplayLabelKey();
+            if (classificationLevel.equals(unclassified))
+            {
+                displayLabelKey = "rm.classification.noClearance";
+            }
+            clearanceLevels.add(new ClearanceLevel(classificationLevel, displayLabelKey));
+        }
+        this.clearanceManager = new ClearanceLevelManager(clearanceLevels);
+    }
+
+    /** Get the clearance manager (for use in unit testing). */
+    protected ClearanceLevelManager getClearanceManager() { return clearanceManager; }
 
     @Override
     public SecurityClearance getUserSecurityClearance()
@@ -70,7 +98,8 @@ public class SecurityClearanceServiceImpl extends ServiceBaseImpl implements Sec
         }
         else { classificationLevel = classificationService.getDefaultClassificationLevel(); }
 
-        return new SecurityClearance(personInfo, classificationLevel);
+        ClearanceLevel clearanceLevel = clearanceManager.findLevelByClassificationLevelId(classificationLevel.getId());
+        return new SecurityClearance(personInfo, clearanceLevel);
     }
 
     @Override

rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/ClearanceLevelManagerTest.java

@@ -0,0 +1,71 @@
+/*
+ * Copyright (C) 2005-2015 Alfresco Software Limited.
+ *
+ * This file is part of Alfresco
+ *
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
+ */
+package org.alfresco.module.org_alfresco_module_rm.classification;
+
+import static org.junit.Assert.assertEquals;
+
+import java.util.List;
+
+import com.google.common.collect.ImmutableList;
+import org.alfresco.module.org_alfresco_module_rm.classification.ClassificationServiceException.LevelIdNotFound;
+import org.junit.Before;
+import org.junit.Test;
+
+/**
+ * Unit tests for the {@link ClearanceLevelManager}.
+ *
+ * @author tpage
+ */
+public class ClearanceLevelManagerTest
+{
+    static final ClassificationLevel TOP_SECRET = new ClassificationLevel("TS", "Top Secret Classification");
+    static final ClassificationLevel SECRET = new ClassificationLevel("S", "Secret Classification");
+    static final ClassificationLevel UNCLASSIFIED = new ClassificationLevel("U", "Unclassified Classification");
+
+    static final ClearanceLevel TOP_SECRET_CLEARANCE = new ClearanceLevel(TOP_SECRET , "Top Secret Clearance");
+    static final ClearanceLevel SECRET_CLEARANCE = new ClearanceLevel(SECRET, "Secret Clearance");
+    static final ClearanceLevel NO_CLEARANCE = new ClearanceLevel(UNCLASSIFIED, "No Clearance");
+
+    /** The class under test. */
+    ClearanceLevelManager clearanceLevelManager;
+
+    /** Reset the {@code ClearanceLevelManager} with the three clearance levels. */
+    @Before
+    public void setup()
+    {
+        List<ClearanceLevel> clearanceLevels = ImmutableList.of(TOP_SECRET_CLEARANCE, SECRET_CLEARANCE, NO_CLEARANCE);
+        clearanceLevelManager = new ClearanceLevelManager(clearanceLevels);
+    }
+
+    /** Check that the secret clearance can be found from the classification level id "S". */
+    @Test
+    public void findLevelByClassificationLevelId_found()
+    {
+        ClearanceLevel actual = clearanceLevelManager.findLevelByClassificationLevelId("S");
+
+        assertEquals(SECRET_CLEARANCE, actual);
+    }
+
+    /** Check that an exception is thrown when the classification level id is not found. */
+    @Test(expected = LevelIdNotFound.class)
+    public void findLevelByClassificationLevelId_notFound()
+    {
+        clearanceLevelManager.findLevelByClassificationLevelId("UNKNOWN ID");
+    }
+}

rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/classification/SecurityClearanceServiceImplUnitTest.java

@@ -26,6 +26,9 @@ import static org.mockito.Matchers.eq;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
 
+import java.util.Arrays;
+import java.util.List;
+
 import org.alfresco.module.org_alfresco_module_rm.classification.ClassificationServiceException.LevelIdNotFound;
 import org.alfresco.module.org_alfresco_module_rm.test.util.MockAuthenticationUtilHelper;
 import org.alfresco.module.org_alfresco_module_rm.util.AuthenticationUtil;
@@ -56,6 +59,7 @@ public class SecurityClearanceServiceImplUnitTest
     @Mock private DictionaryService           mockDictionaryService;
     @Mock private NodeService                 mockNodeService;
     @Mock private PersonService               mockPersonService;
+    @Mock private ClearanceLevelManager       mockClearanceLevelManager;
 
     @Before public void setUp()
     {
@@ -87,12 +91,14 @@ public class SecurityClearanceServiceImplUnitTest
         final PersonInfo user1 = createMockPerson("user1", "User", "One", null);
         MockAuthenticationUtilHelper.setup(mockedAuthenticationUtil, user1.getUserName());
 
-        when(mockClassificationService.getDefaultClassificationLevel())
-                .thenReturn(new ClassificationLevel("default", "default"));
+        ClassificationLevel defaultClassificationLevel = new ClassificationLevel("default", "default");
+        when(mockClassificationService.getDefaultClassificationLevel()).thenReturn(defaultClassificationLevel);
+        ClearanceLevel defaultClearanceLevel = new ClearanceLevel(defaultClassificationLevel, "defaultClearanceMessageKey");
+        when(mockClearanceLevelManager.findLevelByClassificationLevelId("default")).thenReturn(defaultClearanceLevel);
 
         final SecurityClearance clearance = securityClearanceServiceImpl.getUserSecurityClearance();
 
-        assertEquals("default", clearance.getClearanceLevel().getId());
+        assertEquals(defaultClearanceLevel, clearance.getClearanceLevel());
     }
 
     /** Check that a user can have their clearance set. */
@@ -111,6 +117,8 @@ public class SecurityClearanceServiceImplUnitTest
         String clearanceId = "ClearanceId";
         ClassificationLevel level = new ClassificationLevel(clearanceId, "TopSecretKey");
         when(mockClassificationService.getClassificationLevelById(clearanceId)).thenReturn(level);
+        ClearanceLevel clearanceLevel = new ClearanceLevel(level, "TopSecretKey");
+        when(mockClearanceLevelManager.findLevelByClassificationLevelId(clearanceId)).thenReturn(clearanceLevel);
 
         when(mockNodeService.hasAspect(personNode, ASPECT_SECURITY_CLEARANCE)).thenReturn(true);
         when(mockNodeService.getProperty(personNode, PROP_CLEARANCE_LEVEL)).thenReturn(clearanceId);
@@ -120,7 +128,7 @@ public class SecurityClearanceServiceImplUnitTest
         SecurityClearance securityClearance = securityClearanceServiceImpl.setUserSecurityClearance(userName, clearanceId);
 
         assertEquals(personInfo, securityClearance.getPersonInfo());
-        assertEquals(level, securityClearance.getClearanceLevel());
+        assertEquals(clearanceLevel, securityClearance.getClearanceLevel());
 
         verify(mockNodeService).setProperty(personNode, PROP_CLEARANCE_LEVEL, clearanceId);
     }
@@ -141,4 +149,26 @@ public class SecurityClearanceServiceImplUnitTest
 
         securityClearanceServiceImpl.setUserSecurityClearance(userName, clearanceId);
     }
+
+    /**
+     * Check that the initialise method creates a clearance level corresponding to each classification level and that
+     * the display label for the lowest clearance level is "No Clearance" (rather than "Unclassified").
+     */
+    @Test public void initialise()
+    {
+        ClassificationLevel topSecret = new ClassificationLevel("1", "TopSecret");
+        ClassificationLevel secret = new ClassificationLevel("2", "Secret");
+        ClassificationLevel unclassified = new ClassificationLevel("3", "Unclassified");
+        List<ClassificationLevel> classificationLevels = Arrays.asList(topSecret, secret, unclassified);
+        when(mockClassificationService.getClassificationLevels()).thenReturn(classificationLevels );
+
+        // Call the method under test.
+        securityClearanceServiceImpl.initialise();
+
+        List<ClearanceLevel> clearanceLevels = securityClearanceServiceImpl.getClearanceManager().getClearanceLevels();
+        assertEquals("There should be one clearance level for each classification level.", classificationLevels.size(), clearanceLevels.size());
+        assertEquals("TopSecret", clearanceLevels.get(0).getDisplayLabel());
+        assertEquals("Secret", clearanceLevels.get(1).getDisplayLabel());
+        assertEquals("rm.classification.noClearance", clearanceLevels.get(2).getDisplayLabel());
+    }
 }

rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/script/classification/UserSecurityClearanceGetTest.java

@@ -28,7 +28,10 @@ import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
 
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import org.alfresco.module.org_alfresco_module_rm.classification.ClassificationLevel;
+import org.alfresco.module.org_alfresco_module_rm.classification.ClearanceLevel;
 import org.alfresco.module.org_alfresco_module_rm.classification.SecurityClearance;
 import org.alfresco.module.org_alfresco_module_rm.classification.SecurityClearanceService;
 import org.alfresco.module.org_alfresco_module_rm.classification.UserQueryParams;
@@ -45,9 +48,6 @@ import org.mockito.Mock;
 import org.mockito.Spy;
 import org.springframework.extensions.webscripts.DeclarativeWebScript;
 
-import com.fasterxml.jackson.databind.JsonNode;
-import com.fasterxml.jackson.databind.ObjectMapper;
-
 /**
  * Test for get user security clearance API
  *
@@ -140,7 +140,7 @@ public class UserSecurityClearanceGetTest extends BaseWebScriptUnitTest
         assertEquals(firstName, securityClearance.getString("firstName"));
         assertEquals(lastName, securityClearance.getString("lastName"));
         assertEquals(classificationLevelId, securityClearance.getString("classificationId"));
-        assertEquals(classificationLevelDisplayLabel, securityClearance.getString("classificationLabel"));
+        assertEquals(classificationLevelDisplayLabel, securityClearance.getString("clearanceLabel"));
         String fullName = firstName + " " + lastName;
         assertEquals(fullName, securityClearance.getString("fullName"));
         assertEquals(fullName + " (" + userName + ")", securityClearance.getString("completeName"));
@@ -221,7 +221,7 @@ public class UserSecurityClearanceGetTest extends BaseWebScriptUnitTest
                     "\"lastName\": \"aLastName" + fromIndex + "\"," +
                     "\"completeName\": \"aFirstName" + fromIndex + " aLastName" + fromIndex + " (aUserName" + fromIndex + ")\"," +
                     "\"fullName\": \"aFirstName" + fromIndex + " aLastName" + fromIndex + "\"," +
-                    "\"classificationLabel\": \"displayLabel" + fromIndex + "\"," +
+                    "\"clearanceLabel\": \"displayLabel" + fromIndex + "\"," +
                     "\"userName\": \"aUserName" + fromIndex + "\"," +
                     "\"classificationId\": \"id" + fromIndex + "\"" +
                 "}";
@@ -240,7 +240,8 @@ public class UserSecurityClearanceGetTest extends BaseWebScriptUnitTest
         {
             PersonInfo personInfo = new PersonInfo(new NodeRef("a://noderef/" + i), "aUserName" + i, "aFirstName" + i, "aLastName" + i);
             ClassificationLevel classificationLevel = new ClassificationLevel("id" + i, "displayLabel" + i);
-            SecurityClearance securityClearance = new SecurityClearance(personInfo, classificationLevel);
+            ClearanceLevel clearanceLevel = new ClearanceLevel(classificationLevel, "displayLabel" + i);
+            SecurityClearance securityClearance = new SecurityClearance(personInfo, clearanceLevel);
             securityClearances.add(securityClearance);
         }
         return securityClearances;

rm-server/unit-test/java/org/alfresco/module/org_alfresco_module_rm/script/classification/UserSecurityClearancePutTest.java

@@ -1,9 +1,16 @@
 package org.alfresco.module.org_alfresco_module_rm.script.classification;
 
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.mockito.Mockito.when;
+
+import java.util.Map;
+
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import org.alfresco.module.org_alfresco_module_rm.classification.ClassificationLevel;
 import org.alfresco.module.org_alfresco_module_rm.classification.ClassificationServiceException;
+import org.alfresco.module.org_alfresco_module_rm.classification.ClearanceLevel;
 import org.alfresco.module.org_alfresco_module_rm.classification.SecurityClearance;
 import org.alfresco.module.org_alfresco_module_rm.classification.SecurityClearanceService;
 import org.alfresco.module.org_alfresco_module_rm.test.util.BaseWebScriptUnitTest;
@@ -16,11 +23,6 @@ import org.mockito.Spy;
 import org.springframework.extensions.webscripts.DeclarativeWebScript;
 import org.springframework.extensions.webscripts.WebScriptException;
 
-import java.util.Map;
-
-import static org.junit.Assert.*;
-import static org.mockito.Mockito.when;
-
 public class UserSecurityClearancePutTest extends BaseWebScriptUnitTest
 {
     /**
@@ -74,7 +76,8 @@ public class UserSecurityClearancePutTest extends BaseWebScriptUnitTest
         String firstName = "Firstname";
         String lastName = "Lastname";
         PersonService.PersonInfo personInfo = new PersonService.PersonInfo(generateNodeRef(), username, firstName, lastName);
-        ClassificationLevel clearanceLevel = new ClassificationLevel(clearanceId, clearanceDisplay);
+        ClassificationLevel classificationLevel = new ClassificationLevel(clearanceId, clearanceDisplay);
+        ClearanceLevel clearanceLevel = new ClearanceLevel(classificationLevel, clearanceDisplay);
 
         SecurityClearance securityClearance = new SecurityClearance(personInfo, clearanceLevel);
 
@@ -89,7 +92,7 @@ public class UserSecurityClearancePutTest extends BaseWebScriptUnitTest
 
         // check the JSON result using Jackson to allow easy equality testing.
         ObjectMapper mapper = new ObjectMapper();
-        String expectedJSONString = "{\"data\":{\"firstName\":\"Firstname\",\"lastName\":\"Lastname\",\"completeName\":\"Firstname Lastname (user1)\",\"fullName\":\"Firstname Lastname\",\"classificationLabel\":\"Don't tell anyone\",\"userName\":\"user1\",\"classificationId\":\"Top Secret\"}}";
+        String expectedJSONString = "{\"data\":{\"firstName\":\"Firstname\",\"lastName\":\"Lastname\",\"completeName\":\"Firstname Lastname (user1)\",\"fullName\":\"Firstname Lastname\",\"clearanceLabel\":\"Don't tell anyone\",\"userName\":\"user1\",\"classificationId\":\"Top Secret\"}}";
         JsonNode expected = mapper.readTree(expectedJSONString);
         assertEquals(expected, mapper.readTree(json.toString()));
     }